pakersi-pl.cloud
Open in
urlscan Pro
2606:4700:3032::ac43:a9f7
Malicious Activity!
Public Scan
Submission: On September 29 via api from FR — Scanned from FR
Summary
TLS certificate: Issued by E1 on September 27th 2022. Valid for: 3 months.
This is the only time pakersi-pl.cloud was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayU (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 2606:4700:303... 2606:4700:3032::ac43:a9f7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
11 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
pakersi-pl.cloud
pakersi-pl.cloud |
646 KB |
11 | 1 |
Domain | Requested by | |
---|---|---|
11 | pakersi-pl.cloud |
pakersi-pl.cloud
|
11 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.pakersi-pl.cloud E1 |
2022-09-27 - 2022-12-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://pakersi-pl.cloud/6g028iToCWgQtAbj/3du48A
Frame ID: 9A2AA06DC9DFCCDC78910486F768579A
Requests: 11 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
3du48A
pakersi-pl.cloud/6g028iToCWgQtAbj/ |
13 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cc9f2fbc90790be9445d857894d82bb3d.css
pakersi-pl.cloud/6g028iToCWgQtAbj/css/ |
38 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
pakersi-pl.cloud/6g028iToCWgQtAbj/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4dc6cfe96ae4f69255db825507b5fef7.jpg
pakersi-pl.cloud/6g028iToCWgQtAbj/css/ |
59 KB 60 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
54c2c4e86e80baad4bf0a7d5c633698c.png
pakersi-pl.cloud/6g028iToCWgQtAbj/css/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
541eb355eda7eb5711f172b4994af114.png
pakersi-pl.cloud/6g028iToCWgQtAbj/css/ |
135 KB 135 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bf51ec161cc9b23f931e7e40a03112a1.png
pakersi-pl.cloud/6g028iToCWgQtAbj/css/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
opensans-regular-webfont.woff
pakersi-pl.cloud/6g028iToCWgQtAbj/css/fonts/ |
87 KB 88 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
opensans-light-webfont.woff
pakersi-pl.cloud/6g028iToCWgQtAbj/css/fonts/ |
84 KB 85 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
opensans-semibold-webfont.woff
pakersi-pl.cloud/6g028iToCWgQtAbj/css/fonts/ |
89 KB 90 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
PFBeauSansPro-Bold.woff
pakersi-pl.cloud/6g028iToCWgQtAbj/css/fonts/ |
142 KB 136 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayU (Financial)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| t1389f6d0 function| online6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
pakersi-pl.cloud/6g028iToCWgQtAbj | Name: 39cb936121f25e52b58ea4223acdb304 Value: 665702769 |
|
pakersi-pl.cloud/6g028iToCWgQtAbj | Name: 64d8ded72c57bfb70af316a8d87a87a5 Value: 4243748422 |
|
pakersi-pl.cloud/6g028iToCWgQtAbj | Name: 9b1f392ea28f261ac3e112bf540e319d Value: 1840967297 |
|
pakersi-pl.cloud/6g028iToCWgQtAbj | Name: af50d3c9bdffefee6090f589ace935ef Value: 2520101858 |
|
pakersi-pl.cloud/6g028iToCWgQtAbj | Name: a0987ab7ab94585292a3ac20c4e20016 Value: 215084700 |
|
pakersi-pl.cloud/ | Name: PHPSESSID Value: i26brn22snkd4113ou0ejta9a0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
pakersi-pl.cloud
2606:4700:3032::ac43:a9f7
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0fe491e2047389b9deb7a06fd36de7fec03af2791ec29461be02571cbebdb4ab
1724f2b7d6a6fa48933a74a071725f4c2473c0aa67216097fd6956bb2e80a11b
431817115e31ff8604ab76a86ce6ed55d02cd5ea7332bd0ed3d15d9b5bf9aaae
473210a27e0e0c7a577eb5ad05b3b80ea6e560b1c12eed76ff9163ea4272e477
6c42fad5bfb4c495428d8ee62ddfc35b4d4e279f371006b16027ae45fd0b230a
9650a5ba277274205e90974e7fb4183289ca51653c33fc291ad064bf8dd998e1
a71398f79d517fffd3abdd7245c3ef04aa3b37f7c99c93125fc2639efea0d900
c8b380cdc92601f7195d0cd34c777bcdee7dcd285e110534a8cf48bfa7d8b2e8
df4823bd02dc9dced654fe8171a401276b4a22faa416e50bcb2ea927001e2656
e895e90170bdf1758efabbd72b6efc4d209e8859e74f6ca1a5ceba5025cb3b67