xn--80aadkum9bf.xn--p1ai Open in urlscan Pro Puny
садикасб.рф IDN
37.131.203.187 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://xn--80aadkum9bf.xn--p1ai/Online_Services_amex.html
Submission: On April 16 via automatic, source phishtank (April 16th 2023, 5:50:48 am UTC) — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 19 HTTP transactions. The main IP is 37.131.203.187, located in Stantsionnyy-Polevskoy, Russian Federation and belongs to INTERRA-AS at Pervouralsk Bilimbay, Severka, Sredneuralsk, Revda Degtyarsk, Kachkanar, Lesnoy N.Tura, Polevskoy, Krasnoufimsk, Asbest cities of Sverdlovsk reg, RU. The main domain is xn--80aadkum9bf.xn--p1ai.

This is the only time xn--80aadkum9bf.xn--p1ai was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: American Express (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1	37.131.203.187 37.131.203.187	48524 (INTERRA-A...) (INTERRA-AS at Pervouralsk Bilimbay)
3	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2 3	2a01:7c8:ec:0... 2a01:7c8:ec:0:149:210:196:91	20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1 11	23.36.235.165 23.36.235.165	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.37.63.18 23.37.63.18	16625 (AKAMAI-AS) (AKAMAI-AS)
1	64.185.227.155 64.185.227.155	18450 (WEBNX) (WEBNX)
19	7

1 37.131.203.187 (Stantsionnyy-Polevskoy, Russian Federation)

ASN48524 (INTERRA-AS at Pervouralsk Bilimbay, Severka, Sredneuralsk, Revda Degtyarsk, Kachkanar, Lesnoy N.Tura, Polevskoy, Krasnoufimsk, Asbest cities of Sverdlovsk reg, RU)
PTR: 187.203.131.37.kch.ru

xn--80aadkum9bf.xn--p1ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebasestorage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a01:7c8:ec:0:149:210:196:91 (Netherlands) 2 redirects

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)

www.s2.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s2.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.36.235.165 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-235-165.deploy.static.akamaitechnologies.com

www.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icm.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.63.18 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-63-18.deploy.static.akamaitechnologies.com

online.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.185.227.155 (United States)

ASN18450 (WEBNX, US)
PTR: 64-185-227-155.static.webnx.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	aexp-static.com 1 redirects www.aexp-static.com — Cisco Umbrella Rank: 12803 icm.aexp-static.com — Cisco Umbrella Rank: 18728	158 KB
4	googleapis.com firebasestorage.googleapis.com — Cisco Umbrella Rank: 6225 ajax.googleapis.com — Cisco Umbrella Rank: 323	744 KB
3	s2.be 2 redirects www.s2.be s2.be	2 KB
2	americanexpress.com online.americanexpress.com — Cisco Umbrella Rank: 16770	28 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2588	118 B
1	function sub() { [native code] }.	7 KB
19	6

	Domain	Requested by
6	icm.aexp-static.com	xn--80aadkum9bf.xn--p1ai icm.aexp-static.com
5	www.aexp-static.com	1 redirects xn--80aadkum9bf.xn--p1ai firebasestorage.googleapis.com
3	firebasestorage.googleapis.com	xn--80aadkum9bf.xn--p1ai
2	online.americanexpress.com	xn--80aadkum9bf.xn--p1ai
2	www.s2.be	2 redirects
1	api.ipify.org	ajax.googleapis.com
1	ajax.googleapis.com	xn--80aadkum9bf.xn--p1ai
1	s2.be	xn--80aadkum9bf.xn--p1ai
1	xn--80aadkum9bf.xn--p1ai
19	9

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
online.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2022-09-15` - `2023-09-14`	a year	crt.sh
m.americanexpress.com DigiCert EV RSA CA G2	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://xn--80aadkum9bf.xn--p1ai/Online_Services_amex.html
Frame ID: 13D710CAA29A740D307318398B03152A
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

American Express

Detected technologies

Amex Express Checkout (Payment processors) Expand

Overall confidence: 100%
Detected patterns

aexp-static\.com

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

84 %
HTTPS

43 %
IPv6

6
Domains

9
Subdomains

7
IPs

4
Countries

909 kB
Transfer

1072 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://www.s2.be/aexp-static/spacer.png HTTP 301
https://www.s2.be/aexp-static/spacer.png HTTP 301
https://s2.be/aexp-static/spacer.png

Request Chain 5

https://www.aexp-static.com/nav/ngn/css/inav_responsive.css HTTP 301
https://icm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_responsive.css

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Online_Services_amex.html Show response
xn--80aadkum9bf.xn--p1ai/ 34 KB
7 KB 501ms
78ms Document
text/html 37.131.203.187
INTERRA-AS at Per...

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--80aadkum9bf.xn--p1ai/Online_Services_amex.html
Protocol: HTTP/1.1
Server: 37.131.203.187 Stantsionnyy-Polevskoy, Russian Federation, ASN48524 (INTERRA-AS at Pervouralsk Bilimbay, Severka, Sredneuralsk, Revda Degtyarsk, Kachkanar, Lesnoy N.Tura, Polevskoy, Krasnoufimsk, Asbest cities of Sverdlovsk reg, RU),
Reverse DNS: 187.203.131.37.kch.ru
Software: nginx/1.22.1 /
Resource Hash: 06588365bcd2c31823ec8542d69cd334e05f5a947b1ef6434307cb827c030655

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 6884
Content-Type: text/html; charset=UTF-8
Date: Sun, 16 Apr 2023 05:50:42 GMT
ETag: "87df-5f94ce6805511-gzip"
Last-Modified: Fri, 14 Apr 2023 14:46:03 GMT
Server: nginx/1.22.1
Vary: Accept-Encoding

GET
H2 200 dls_dcv5up.css
firebasestorage.googleapis.com/v0/b/steady-voltage-369613.appspot.com/o/ 395 KB
396 KB 670ms
620ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://firebasestorage.googleapis.com/v0/b/steady-voltage-369613.appspot.com/o/dls_dcv5up.css?alt=media&token=af2862ab-5669-4858-af3b-ee8cecb6e6b6
Requested by: Host: xn--80aadkum9bf.xn--p1ai
URL: http://xn--80aadkum9bf.xn--p1ai/Online_Services_amex.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b73e78d39762572c05c0f4fea00f57d703dba65f6744514ef7a8e029318684ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://xn--80aadkum9bf.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:50:42 GMT
x-guploader-uploadid: ADPycdteIpyjWgCO3Hgs1Gu--AAxwXrlZKUSSdyKKEzX2z4OQz88WOubehJZQc_j4cuyxSCPrnV9xhllchWH3P646hwNPg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''dls_dcv5up.css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 404810
last-modified: Thu, 24 Nov 2022 13:21:26 GMT
server: UploadServer
etag: "3277c98bd56b2229a7bedbca692319f6"
x-goog-generation: 1669296086508725
content-type: text/css
x-goog-hash: crc32c=NFlBow==, md5=MnfJi9VrIimnvtvKaSMZ9g==
cache-control: private, max-age=0
x-goog-stored-content-length: 404810
x-goog-meta-firebasestoragedownloadtokens: af2862ab-5669-4858-af3b-ee8cecb6e6b6
accept-ranges: bytes
expires: Sun, 16 Apr 2023 05:50:42 GMT

GET
H2 200 font_cwhs2t.css
firebasestorage.googleapis.com/v0/b/steady-voltage-369613.appspot.com/o/ 212 KB
213 KB 687ms
638ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://firebasestorage.googleapis.com/v0/b/steady-voltage-369613.appspot.com/o/font_cwhs2t.css?alt=media&token=aa11aa3d-330e-4711-8e89-14f10e5713d1
Requested by: Host: xn--80aadkum9bf.xn--p1ai
URL: http://xn--80aadkum9bf.xn--p1ai/Online_Services_amex.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 996e3f0f97560275527906b77b77ea592f06b410225d40ae7880a3caef3466ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://xn--80aadkum9bf.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:50:42 GMT
x-guploader-uploadid: ADPycdv1VdMs-L6FswL6QyLNx_3G3FfVRfMso4NB0Mi2XE1osKkHTmvoIjesIvJxA7sudO1FAGCxk8ozqdKEcyXTEwaAEQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''font_cwhs2t.css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 217388
last-modified: Thu, 24 Nov 2022 13:21:25 GMT
server: UploadServer
etag: "f69de86bfa9309d89f121c432bf6d7d8"
x-goog-generation: 1669296085307344
content-type: text/css
x-goog-hash: crc32c=f7A+EA==, md5=9p3oa/qTCdifEhxDK/bX2A==
cache-control: private, max-age=0
x-goog-stored-content-length: 217388
x-goog-meta-firebasestoragedownloadtokens: aa11aa3d-330e-4711-8e89-14f10e5713d1
accept-ranges: bytes
expires: Sun, 16 Apr 2023 05:50:42 GMT

GET
H2 200 fonts_n74ldn.css
firebasestorage.googleapis.com/v0/b/steady-voltage-369613.appspot.com/o/ 104 KB
105 KB 654ms
605ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://firebasestorage.googleapis.com/v0/b/steady-voltage-369613.appspot.com/o/fonts_n74ldn.css?alt=media&token=d479aadb-8d2a-4ba3-a354-4857c85d91ca
Requested by: Host: xn--80aadkum9bf.xn--p1ai
URL: http://xn--80aadkum9bf.xn--p1ai/Online_Services_amex.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 08ed7823c2cdb7b89093fa8c4fd9eee8c66da6a72be66d31fac37e690f2531a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://xn--80aadkum9bf.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:50:42 GMT
x-guploader-uploadid: ADPycdtgt9jos5la3fxdW1c1_rpFyTwsrbiQT8rmis3IMR_JBQ1vfWwpL9MoReGEVeNWktf_2ORhWDCG7UniZJkHw7bb0Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename*=utf-8''fonts_n74ldn.css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106973
last-modified: Thu, 24 Nov 2022 13:21:25 GMT
server: UploadServer
etag: "f7dc03eeb24e17a07d46e5dc9311475e"
x-goog-generation: 1669296085045677
content-type: text/css
x-goog-hash: crc32c=uLh5mA==, md5=99wD7rJOF6B9RuXckxFHXg==
cache-control: private, max-age=0
x-goog-stored-content-length: 106973
x-goog-meta-firebasestoragedownloadtokens: d479aadb-8d2a-4ba3-a354-4857c85d91ca
accept-ranges: bytes
expires: Sun, 16 Apr 2023 05:50:42 GMT

GET
H/1.1

404
Not Found

spacer.png
s2.be/aexp-static/
Redirect Chain

http://www.s2.be/aexp-static/spacer.png
https://www.s2.be/aexp-static/spacer.png
https://s2.be/aexp-static/spacer.png

0
0

373ms
337ms

Image
text/html

2a01:7c8:ec:0:149:210:196:91
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.be/aexp-static/spacer.png
Requested by: Host: xn--80aadkum9bf.xn--p1ai
URL: http://xn--80aadkum9bf.xn--p1ai/Online_Services_amex.html
Protocol: HTTP/1.1
Server: 2a01:7c8:ec:0:149:210:196:91 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://xn--80aadkum9bf.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Redirect headers

Expires: Sun, 16 Apr 2023 06:50:43 GMT
Date: Sun, 16 Apr 2023 05:50:42 GMT
X-TransIP-Balancer: balancer1
X-TransIP-Backend: web246
Server: Apache
X-Redirect-By: WordPress
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://s2.be/aexp-static/spacer.png
Cache-Control: max-age=3600
X-UA-Compatible: IE=edge

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 42ms
7ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: xn--80aadkum9bf.xn--p1ai
URL: http://xn--80aadkum9bf.xn--p1ai/Online_Services_amex.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://xn--80aadkum9bf.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sat, 15 Apr 2023 01:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Apr 2024 01:39:32 GMT

GET
H2

200

inav_responsive.css
icm.aexp-static.com/content/dam/Navigation/nav/ngn/css/
Redirect Chain

https://www.aexp-static.com/nav/ngn/css/inav_responsive.css
https://icm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_responsive.css

93 KB
10 KB

61ms
19ms

Stylesheet
text/css

23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_responsive.css

Requested by

Host: xn--80aadkum9bf.xn--p1ai
URL: http://xn--80aadkum9bf.xn--p1ai/Online_Services_amex.html

Protocol

Server

23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-235-165.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

7f1b85f13e643de7a8dd568b6073849d777a677a7d699229b8eb2fdb787ff2b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://xn--80aadkum9bf.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sun, 16 Apr 2023 05:50:42 GMT
last-modified: Mon, 10 Apr 2023 19:09:50 GMT
server: Akamai Resource Optimizer
etag: "175ef-59d27fa2a9e16-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=2897
accept-ranges: bytes
content-length: 9708

Redirect headers

location: https://icm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_responsive.css
date: Sun, 16 Apr 2023 05:50:42 GMT
server: AkamaiGHost
content-length: 0

GET
H2 404 OCA_body-background.gif
online.americanexpress.com/myca/oce/us/oce/images/actreg/ 14 B
14 B 323ms
192ms Image
text/plain 23.37.63.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.americanexpress.com/myca/oce/us/oce/images/actreg/OCA_body-background.gif

Requested by

Host: xn--80aadkum9bf.xn--p1ai
URL: http://xn--80aadkum9bf.xn--p1ai/Online_Services_amex.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.63.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-63-18.deploy.static.akamaitechnologies.com

Software

BigIP /

Resource Hash

cb2f00d1e554baf96001ddb5e22ee63a8053fd3f8b6cad8acd74504af0dadb52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://xn--80aadkum9bf.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:50:43 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
server: BigIP
content-length: 14

GET
H2 200 clear.gif
www.aexp-static.com/nav/ngn/img/ 43 B
218 B 26ms
25ms Image
image/gif 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/nav/ngn/img/clear.gif
Requested by: Host: xn--80aadkum9bf.xn--p1ai
URL: http://xn--80aadkum9bf.xn--p1ai/Online_Services_amex.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://xn--80aadkum9bf.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:50:42 GMT
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
etag: "5b749111-2b"
content-type: image/gif
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 01 Mar 2021 05:56:56 GMT

GET
H2 200 logo_bluebox_1x.gif
www.aexp-static.com/nav/ngn/img/ 4 KB
5 KB 26ms
25ms Image
image/gif 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/nav/ngn/img/logo_bluebox_1x.gif
Requested by: Host: xn--80aadkum9bf.xn--p1ai
URL: http://xn--80aadkum9bf.xn--p1ai/Online_Services_amex.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b754eb74fa8f416b4803252f7994d7aa22d697a5eb77f0b4df8e3839f9621c9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://xn--80aadkum9bf.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:50:42 GMT
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
etag: "5b749111-1148"
content-type: image/gif
cache-control: max-age=15552000
accept-ranges: bytes
timing-allow-origin: *
content-length: 4424
expires: Mon, 11 Jan 2021 05:05:40 GMT

GET
H2 404 spacer.png
online.americanexpress.com/myca/fuidfyp/us/resources/images/ 14 B
14 B 195ms
195ms Image
text/plain 23.37.63.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.americanexpress.com/myca/fuidfyp/us/resources/images/spacer.png

Requested by

Host: xn--80aadkum9bf.xn--p1ai
URL: http://xn--80aadkum9bf.xn--p1ai/Online_Services_amex.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.63.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-63-18.deploy.static.akamaitechnologies.com

Software

BigIP /

Resource Hash

cb2f00d1e554baf96001ddb5e22ee63a8053fd3f8b6cad8acd74504af0dadb52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://xn--80aadkum9bf.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:50:43 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
server: BigIP
content-length: 14

GET
H2 200 iNav_ngi_sprite_new.gif
icm.aexp-static.com/content/dam/Navigation/nav/ngn/img/ 23 KB
23 KB 38ms
38ms Image
image/gif 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icm.aexp-static.com/content/dam/Navigation/nav/ngn/img/iNav_ngi_sprite_new.gif?ver=0916_01

Requested by

Host: icm.aexp-static.com
URL: https://icm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_responsive.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-235-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

0d4e7d13d424c4569af233a3188ac42edaa093a12bced0dba6095c00047006e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_responsive.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 31 Jan 2020 17:44:58 GMT
etag: "5b47-59d7321df859c-gzip"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=5264
accept-ranges: bytes
content-length: 23358

GET
H2 200 img_shdw_mainNav.png
www.aexp-static.com/nav/ngn/img/ 143 B
405 B 167ms
167ms Image
image/png 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aexp-static.com/nav/ngn/img/img_shdw_mainNav.png
Requested by: Host: xn--80aadkum9bf.xn--p1ai
URL: http://xn--80aadkum9bf.xn--p1ai/Online_Services_amex.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d3c6dbfeb63c1155df3a80a04d72d9c0c95ed561d54c9694019c28eac1920c1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://xn--80aadkum9bf.xn--p1ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:50:43 GMT
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
etag: "5b749111-8f"
vary: Origin
content-type: image/png
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 143

GET
H2 200 3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
icm.aexp-static.com/content/dam/Navigation/nav/ngn/fonts/ 36 KB
36 KB 48ms
27ms Font
application/x-font-woff 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/content/dam/Navigation/nav/ngn/fonts/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff

Requested by

Host: icm.aexp-static.com
URL: https://icm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_responsive.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-235-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://icm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_responsive.css
Origin: http://xn--80aadkum9bf.xn--p1ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:50:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Mar 2020 15:40:18 GMT
etag: "9121-5a136fc64e80b-gzip"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/x-font-woff
cache-control: public, must-revalidate, max-age=3659
accept-ranges: bytes
content-length: 36069

GET
H2 200 iNav_sprite_footer.gif
icm.aexp-static.com/content/dam/Navigation/nav/ngn/img/ 5 KB
5 KB 36ms
35ms Image
image/gif 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icm.aexp-static.com/content/dam/Navigation/nav/ngn/img/iNav_sprite_footer.gif?ver=0916_02

Requested by

Host: icm.aexp-static.com
URL: https://icm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_responsive.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-235-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

fd959c1552b95596319a7cb998061162bc3fd7a45f059caf8c9ec7c38fac35bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_responsive.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:50:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 31 Jan 2020 17:44:59 GMT
etag: "12b4-59d7321ea1338-gzip"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=6530
accept-ranges: bytes
content-length: 4809

GET
H2 200 iNav_sprite_footer1.gif
icm.aexp-static.com/content/dam/Navigation/nav/ngn/img/ 5 KB
5 KB 41ms
41ms Image
image/gif 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icm.aexp-static.com/content/dam/Navigation/nav/ngn/img/iNav_sprite_footer1.gif?ver=0917_11

Requested by

Host: icm.aexp-static.com
URL: https://icm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_responsive.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-235-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

b3be0c1dca2d9a00d8da591e1c209fced4d3ee588efb495eed4191aa2558e658

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_responsive.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:50:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 31 Jan 2020 17:48:29 GMT
etag: "15e3-59d732e75799c-gzip"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, must-revalidate, max-age=7290
accept-ranges: bytes
content-length: 5380

GET
H2 200 0fababca-4914-46dd-9b0f-efbd51f67ae8-3.woff
www.aexp-static.com/nav/ngn/fonts/ 37 KB
38 KB 37ms
18ms Font
font/woff 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/nav/ngn/fonts/0fababca-4914-46dd-9b0f-efbd51f67ae8-3.woff
Requested by: Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/steady-voltage-369613.appspot.com/o/dls_dcv5up.css?alt=media&token=af2862ab-5669-4858-af3b-ee8cecb6e6b6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-235-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 568d1bad8ef5d3ee9e14e5bdc304985d4d9a8d791bfe4fdb689fc2bef638466c

Request headers

Referer: https://firebasestorage.googleapis.com/
Origin: http://xn--80aadkum9bf.xn--p1ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:50:43 GMT
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
etag: "5b749111-943d"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=15552000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 37949
expires: Fri, 27 Nov 2020 03:31:12 GMT

GET
H2 200 0fababca-4914-46dd-9b0f-efbd51f67ae8-3.woff
icm.aexp-static.com/content/dam/Navigation/nav/ngn/fonts/ 37 KB
36 KB 53ms
41ms Font
application/x-font-woff 23.36.235.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://icm.aexp-static.com/content/dam/Navigation/nav/ngn/fonts/0fababca-4914-46dd-9b0f-efbd51f67ae8-3.woff

Requested by

Host: icm.aexp-static.com
URL: https://icm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_responsive.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-235-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

568d1bad8ef5d3ee9e14e5bdc304985d4d9a8d791bfe4fdb689fc2bef638466c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://icm.aexp-static.com/content/dam/Navigation/nav/ngn/css/inav_responsive.css
Origin: http://xn--80aadkum9bf.xn--p1ai
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 05:50:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Mar 2020 15:40:17 GMT
etag: "943d-5a136fc57c4d2-gzip"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/x-font-woff
cache-control: public, must-revalidate, max-age=7987
accept-ranges: bytes
content-length: 36909

GET
H2 200 / Show response
api.ipify.org/ 23 B
118 B 480ms
147ms XHR
application/json 64.185.227.155
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.185.227.155 , United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-227-155.static.webnx.com
Software: /
Resource Hash: c453292c480e35cc8cf3414d77f566de79f3445ecad7b05305c28de824afd1de

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://xn--80aadkum9bf.xn--p1ai/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-origin: http://xn--80aadkum9bf.xn--p1ai
date: Sun, 16 Apr 2023 05:50:43 GMT
content-length: 23
vary: Origin
content-type: application/json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: American Express (Financial)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| validate function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://online.americanexpress.com/myca/oce/us/oce/images/actreg/OCA_body-background.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://online.americanexpress.com/myca/fuidfyp/us/resources/images/spacer.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://s2.be/aexp-static/spacer.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.ipify.org
firebasestorage.googleapis.com
icm.aexp-static.com
online.americanexpress.com
s2.be
www.aexp-static.com
www.s2.be
xn--80aadkum9bf.xn--p1ai
23.36.235.165
23.37.63.18
2a00:1450:4001:802::200a
2a00:1450:4001:80b::200a
2a01:7c8:ec:0:149:210:196:91
37.131.203.187
64.185.227.155
06588365bcd2c31823ec8542d69cd334e05f5a947b1ef6434307cb827c030655
08ed7823c2cdb7b89093fa8c4fd9eee8c66da6a72be66d31fac37e690f2531a9
0d4e7d13d424c4569af233a3188ac42edaa093a12bced0dba6095c00047006e3
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad
568d1bad8ef5d3ee9e14e5bdc304985d4d9a8d791bfe4fdb689fc2bef638466c
7f1b85f13e643de7a8dd568b6073849d777a677a7d699229b8eb2fdb787ff2b9
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
996e3f0f97560275527906b77b77ea592f06b410225d40ae7880a3caef3466ff
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3be0c1dca2d9a00d8da591e1c209fced4d3ee588efb495eed4191aa2558e658
b73e78d39762572c05c0f4fea00f57d703dba65f6744514ef7a8e029318684ef
b754eb74fa8f416b4803252f7994d7aa22d697a5eb77f0b4df8e3839f9621c9e
c453292c480e35cc8cf3414d77f566de79f3445ecad7b05305c28de824afd1de
cb2f00d1e554baf96001ddb5e22ee63a8053fd3f8b6cad8acd74504af0dadb52
d3c6dbfeb63c1155df3a80a04d72d9c0c95ed561d54c9694019c28eac1920c1b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd959c1552b95596319a7cb998061162bc3fd7a45f059caf8c9ec7c38fac35bb

xn--80aadkum9bf.xn--p1ai Open in urlscan Pro Puny садикасб.рф IDN 37.131.203.187 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

84 %HTTPS

43 %IPv6

6 Domains

9 Subdomains

7 IPs

4 Countries

909 kBTransfer

1072 kBSize

0 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

xn--80aadkum9bf.xn--p1ai Open in urlscan Pro Puny
садикасб.рф IDN
37.131.203.187 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

84 %
HTTPS

43 %
IPv6

6
Domains

9
Subdomains

7
IPs

4
Countries

909 kB
Transfer

1072 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!