urlscan.io logo urlscan.io
SecurityTrails logo

peimex.com Open in urlscan Pro
108.179.194.74  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/details.php
Submission: On July 05 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 18 HTTP transactions. The main IP is 108.179.194.74, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is peimex.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 14th 2023. Valid for: a year.
This is the only time peimex.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NatWest (Banking)

Domain & IP information

IP Address AS Autonomous System
18 108.179.194.74 19871 (NETWORK-S...)
18 1
Apex Domain
Subdomains		 Transfer
18 peimex.com
peimex.com
132 KB
18 1
Domain Requested by
18 peimex.com peimex.com
18 1

This site contains no links.

Subject Issuer Validity Valid
peimex.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-14 -
2024-07-14		 a year crt.sh

This page contains 2 frames:

Primary Page: https://peimex.com/wp-content/ntww/natwest3/mobile/details.php
Frame ID: 99455044C4C35960A2AD4DC14D66D7CF
Requests: 3 HTTP requests in this frame

Frame: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Frame ID: 5BFEE8162C22D46AEAC912EEAA877B7F
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Confirm Your Details

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

132 kB
Transfer

304 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request details.php
peimex.com/wp-content/ntww/natwest3/mobile/ 		969 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
e5148cb68d0d3f39d343b2b20e1c02b5b1e65817dac51fe6f54dbcd9868720da
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
none
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
534
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 05 Jul 2024 01:18:22 GMT
expect-ct
max-age=7776000, enforce
expires
Thu, 19 Nov 1981 08:52:00 GMT
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
details.php
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 5BFE 		32 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
c89ecda15fd9d7e56c99ad0f94828a5ea0f22adf5740f81ea27e8ae8793edc1b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/details.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
none
content-encoding
gzip
content-length
8451
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 05 Jul 2024 01:18:22 GMT
expect-ct
max-age=7776000, enforce
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
referrer-policy
no-referrer-when-downgrade
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
jspostcode.js
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 5BFE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/jspostcode.js
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
e36e16547c0cdc9f371e9360e369b6205f72499cd05d80c723d5ee9a0db8e1b8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 01:18:22 GMT
content-encoding
gzip
content-length
1879
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:38 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
none
master.css
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 5BFE 		133 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/master.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
75b00a583c89310d12ace059629526ba7cfbb0bd4509ec5750a25fd6ffdd6e12
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:38 GMT
server
Apache
date
Fri, 05 Jul 2024 01:18:22 GMT
content-encoding
gzip
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
none
x-xss-protection
1; mode=block
datePicker.css
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 5BFE 		2 KB
861 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/datePicker.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
14714f651128eff786763144294b0e7c67529d317ac5371632bbf8fb659866ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 01:18:22 GMT
content-encoding
gzip
content-length
791
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:36 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
none
npc.css
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 5BFE 		46 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/npc.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
990f073c20457aa8ecb56a57304e16c90ec7eadb63f25e64932b2f1914054d4a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 01:18:22 GMT
content-encoding
gzip
content-length
12814
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:38 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
none
overlayPromptMaster.css
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 5BFE 		2 KB
663 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/overlayPromptMaster.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
643d4d52a1a24515822f6a30683f901bb5dd16c251d88caece27ab2713457272
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 01:18:22 GMT
content-encoding
gzip
content-length
623
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:38 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
none
overlayPrompt.css
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 5BFE 		76 B
124 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/overlayPrompt.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
ef7db794b4a6b5c42d2535919d91fb11da1e5cd1147f35196db382197b35fdee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 01:18:22 GMT
content-encoding
gzip
content-length
85
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:38 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
none
master_mobile.css
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 5BFE 		18 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/master_mobile.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
8d19ce7511c97d861471b938de9d7a3375599c0326f5ea6d72a362ebbded1bcd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 01:18:22 GMT
content-encoding
gzip
content-length
6484
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:38 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
none
logo.png
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 5BFE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/logo.png
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
917942589e5b140755ee83bb4720ca9c1bbf7705f44f51a78ba1ffa635420c50
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:38 GMT
server
Apache
date
Fri, 05 Jul 2024 01:18:22 GMT
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
content-length
3053
x-xss-protection
1; mode=block
alert-icon.png
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 5BFE 		638 B
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/alert-icon.png
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
d4901081a59d75050d215c08d6fd5370cea9aa1eaea023a176c9b9c26760f221
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:34 GMT
server
Apache
date
Fri, 05 Jul 2024 01:18:22 GMT
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
content-length
638
x-xss-protection
1; mode=block
NPC_auralstyle.css
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 5BFE 		515 B
353 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/NPC_auralstyle.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
04c45c81e1298e703f3bde9cec27446450294330ae06bd24c9f9343b264462e9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 01:18:23 GMT
content-encoding
gzip
content-length
291
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:38 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
none
master_print.css
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 5BFE 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/master_print.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
1acd7d03edc5d90866fd012355c352efbb02f38c9334cffd4a9f321b4d713491
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 01:18:23 GMT
content-encoding
gzip
content-length
2012
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:38 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
none
exit-icon-white.svg
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 5BFE 		641 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/exit-icon-white.svg
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/master.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
43a780414ddf2b15e9b47811bbaa8cbfc6cf56d4db65684ed114a1c2a13bc097
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/master.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:36 GMT
server
Apache
date
Fri, 05 Jul 2024 01:18:23 GMT
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
content-length
641
x-xss-protection
1; mode=block
RNHouseSansW03-Regular.woff
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 5BFE 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/RNHouseSansW03-Regular.woff
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/npc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
37539c1b025b1580975ce7942ff711e4e92e6f549af893e46e5a9a60e705c02c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/npc.css
Origin
https://peimex.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:40 GMT
server
Apache
date
Fri, 05 Jul 2024 01:18:23 GMT
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
font/woff
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
content-length
25612
x-xss-protection
1; mode=block
RNHouseSansW03-Bold.woff
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 5BFE 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/RNHouseSansW03-Bold.woff
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/npc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
ce87bf8a3058e5028a4b64dc0aa16e0614f7e47d87223594c6353450aadbf5ad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/npc.css
Origin
https://peimex.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:40 GMT
server
Apache
date
Fri, 05 Jul 2024 01:18:23 GMT
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
font/woff
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
content-length
26144
x-xss-protection
1; mode=block
favicon.ico
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
9bbf91204e8022d01c859c92c1d9218ac4859de521548856534b48ac2e7849a8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 01:18:23 GMT
content-length
2238
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:36 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
image/x-icon
cache-control
max-age=604800
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
expires
Fri, 12 Jul 2024 01:18:23 GMT
favicon.ico
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
9bbf91204e8022d01c859c92c1d9218ac4859de521548856534b48ac2e7849a8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
upgrade-insecure-requests
date
Fri, 05 Jul 2024 01:18:23 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:36 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
image/x-icon
cache-control
max-age=604800
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
content-length
2238
x-xss-protection
1; mode=block
expires
Fri, 12 Jul 2024 01:18:23 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NatWest (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage

1 Cookies

Domain/Path Name / Value
peimex.com/ Name: PHPSESSID
Value: 9d658a9450da1bfc7ed352c125c2494e

2 Console Messages

Source Level URL
Text
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block