urlscan.io logo urlscan.io
SecurityTrails logo

peimex.com Open in urlscan Pro
108.179.194.74  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/details.php
Submission: On July 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 18 HTTP transactions. The main IP is 108.179.194.74, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is peimex.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 11th 2024. Valid for: a year.
This is the only time peimex.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NatWest (Banking)

Domain & IP information

IP Address AS Autonomous System
18 108.179.194.74 19871 (NETWORK-S...)
18 1
Apex Domain
Subdomains		 Transfer
18 peimex.com
peimex.com
132 KB
18 1
Domain Requested by
18 peimex.com peimex.com
18 1

This site contains no links.

Subject Issuer Validity Valid
peimex.com
Sectigo RSA Domain Validation Secure Server CA		 2024-07-11 -
2025-08-11		 a year crt.sh

This page contains 2 frames:

Primary Page: https://peimex.com/wp-content/ntww/natwest3/mobile/details.php
Frame ID: C55D4B5DBCED7A14A1D0E39E9A7F9BB0
Requests: 3 HTTP requests in this frame

Frame: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Frame ID: 410FC36B190790B50D6E8B37BEF2D4E0
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Confirm Your Details

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

132 kB
Transfer

304 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request details.php
peimex.com/wp-content/ntww/natwest3/mobile/ 		969 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
e5148cb68d0d3f39d343b2b20e1c02b5b1e65817dac51fe6f54dbcd9868720da
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
534
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 26 Jul 2024 11:04:51 GMT
expect-ct
max-age=7776000, enforce
expires
Thu, 19 Nov 1981 08:52:00 GMT
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
details.php
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 410F 		32 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
2f489ab6e80c1236d65b639ab4a3f38d64c973999c25d7f9ebe96ec6f726215c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/details.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
8449
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 26 Jul 2024 11:04:51 GMT
expect-ct
max-age=7776000, enforce
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
referrer-policy
no-referrer-when-downgrade
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
jspostcode.js
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 410F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/jspostcode.js
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
e36e16547c0cdc9f371e9360e369b6205f72499cd05d80c723d5ee9a0db8e1b8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 26 Jul 2024 11:04:51 GMT
content-encoding
gzip
content-length
1879
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:38 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
master.css
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 410F 		133 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/master.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
75b00a583c89310d12ace059629526ba7cfbb0bd4509ec5750a25fd6ffdd6e12
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:38 GMT
server
Apache
date
Fri, 26 Jul 2024 11:04:51 GMT
content-encoding
gzip
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
x-xss-protection
1; mode=block
datePicker.css
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 410F 		2 KB
854 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/datePicker.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
14714f651128eff786763144294b0e7c67529d317ac5371632bbf8fb659866ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 26 Jul 2024 11:04:51 GMT
content-encoding
gzip
content-length
791
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:36 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
npc.css
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 410F 		46 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/npc.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
990f073c20457aa8ecb56a57304e16c90ec7eadb63f25e64932b2f1914054d4a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 26 Jul 2024 11:04:51 GMT
content-encoding
gzip
content-length
12814
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:38 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
overlayPromptMaster.css
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 410F 		2 KB
663 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/overlayPromptMaster.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
643d4d52a1a24515822f6a30683f901bb5dd16c251d88caece27ab2713457272
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 26 Jul 2024 11:04:51 GMT
content-encoding
gzip
content-length
623
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:38 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
overlayPrompt.css
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 410F 		76 B
159 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/overlayPrompt.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
ef7db794b4a6b5c42d2535919d91fb11da1e5cd1147f35196db382197b35fdee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 26 Jul 2024 11:04:51 GMT
content-encoding
gzip
content-length
85
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:38 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
master_mobile.css
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 410F 		18 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/master_mobile.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
8d19ce7511c97d861471b938de9d7a3375599c0326f5ea6d72a362ebbded1bcd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 26 Jul 2024 11:04:51 GMT
content-encoding
gzip
content-length
6484
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:38 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
logo.png
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 410F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/logo.png
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
917942589e5b140755ee83bb4720ca9c1bbf7705f44f51a78ba1ffa635420c50
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:38 GMT
server
Apache
date
Fri, 26 Jul 2024 11:04:51 GMT
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
content-length
3053
x-xss-protection
1; mode=block
alert-icon.png
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 410F 		638 B
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/alert-icon.png
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
d4901081a59d75050d215c08d6fd5370cea9aa1eaea023a176c9b9c26760f221
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:34 GMT
server
Apache
date
Fri, 26 Jul 2024 11:04:51 GMT
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
content-length
638
x-xss-protection
1; mode=block
NPC_auralstyle.css
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 410F 		515 B
330 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/NPC_auralstyle.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
04c45c81e1298e703f3bde9cec27446450294330ae06bd24c9f9343b264462e9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 26 Jul 2024 11:04:51 GMT
content-encoding
gzip
content-length
291
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:38 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
master_print.css
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 410F 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/master_print.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
1acd7d03edc5d90866fd012355c352efbb02f38c9334cffd4a9f321b4d713491
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/details.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 26 Jul 2024 11:04:51 GMT
content-encoding
gzip
content-length
2012
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:38 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
exit-icon-white.svg
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 410F 		641 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/exit-icon-white.svg
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/master.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
43a780414ddf2b15e9b47811bbaa8cbfc6cf56d4db65684ed114a1c2a13bc097
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/master.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:36 GMT
server
Apache
date
Fri, 26 Jul 2024 11:04:52 GMT
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
content-length
641
x-xss-protection
1; mode=block
RNHouseSansW03-Regular.woff
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 410F 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/RNHouseSansW03-Regular.woff
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/npc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
37539c1b025b1580975ce7942ff711e4e92e6f549af893e46e5a9a60e705c02c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/npc.css
Origin
https://peimex.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:40 GMT
server
Apache
date
Fri, 26 Jul 2024 11:04:52 GMT
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
font/woff
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
content-length
25612
x-xss-protection
1; mode=block
RNHouseSansW03-Bold.woff
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ Frame 410F 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/RNHouseSansW03-Bold.woff
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/npc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
ce87bf8a3058e5028a4b64dc0aa16e0614f7e47d87223594c6353450aadbf5ad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/npc.css
Origin
https://peimex.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:40 GMT
server
Apache
date
Fri, 26 Jul 2024 11:04:52 GMT
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
font/woff
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
content-length
26144
x-xss-protection
1; mode=block
favicon.ico
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
9bbf91204e8022d01c859c92c1d9218ac4859de521548856534b48ac2e7849a8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/details.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 26 Jul 2024 11:04:52 GMT
content-length
2238
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:36 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
image/x-icon
cache-control
max-age=604800
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
expires
Fri, 02 Aug 2024 11:04:52 GMT
favicon.ico
peimex.com/wp-content/ntww/natwest3/mobile/security_files/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/mobile/security_files/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
9bbf91204e8022d01c859c92c1d9218ac4859de521548856534b48ac2e7849a8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://peimex.com/wp-content/ntww/natwest3/mobile/details.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
date
Fri, 26 Jul 2024 11:04:52 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 13:16:36 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
image/x-icon
cache-control
max-age=604800
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
content-length
2238
x-xss-protection
1; mode=block
expires
Fri, 02 Aug 2024 11:04:52 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NatWest (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Domain/Path Name / Value
peimex.com/ Name: PHPSESSID
Value: 6caaedcfc0a1fe049af0f247e1f1f768

2 Console Messages

Source Level URL
Text
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block