urlscan.io logo urlscan.io
SecurityTrails logo

zajil.kesug.com Open in urlscan Pro
185.27.134.176  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://zajill.psee.io/zajelksa
Effective URL: https://zajil.kesug.com/?i=1
Submission Tags: @phish_report
Submission: On April 16 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 20 HTTP transactions. The main IP is 185.27.134.176, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is zajil.kesug.com.
TLS certificate: Issued by GTS CA 1P5 on April 12th 2024. Valid for: 3 months.
This is the only time zajil.kesug.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious1 votes Show Verdicts

Domain & IP information

IP Address AS Autonomous System
1 34.234.14.152 14618 (AMAZON-AES)
1 172.67.131.103 13335 (CLOUDFLAR...)
14 185.27.134.176 34119 (WILDCARD-...)
2 142.250.185.234 15169 (GOOGLE)
2 216.58.206.35 15169 (GOOGLE)
20 5
1    34.234.14.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-14-152.compute-1.amazonaws.com
zajill.psee.io
1    172.67.131.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.psee.io
14    185.27.134.176 (United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
zajil.kesug.com
2    142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
fonts.googleapis.com
2    216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
14 kesug.com
zajil.kesug.com
1 MB
2 gstatic.com
fonts.gstatic.com
63 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
2 psee.io
zajill.psee.io
cdn.psee.io
547 KB
20 4
Domain Requested by
14 zajil.kesug.com zajill.psee.io
zajil.kesug.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com zajil.kesug.com
1 cdn.psee.io zajill.psee.io
1 zajill.psee.io
20 5

This site contains no links.

Subject Issuer Validity Valid
psee.io
Amazon RSA 2048 M02		 2024-04-05 -
2025-05-03		 a year crt.sh
zajil.kesug.com
GTS CA 1P5		 2024-04-12 -
2024-07-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://zajil.kesug.com/?i=1
Frame ID: 4C26036ABE18949EA52A929D69E6CE41
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

زاجل

Page URL History Show full URLs

  1. https://zajill.psee.io/zajelksa Page URL
  2. https://zajil.kesug.com/ Page URL
  3. https://zajil.kesug.com/?i=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

1994 kB
Transfer

2008 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://zajill.psee.io/zajelksa Page URL
  2. https://zajil.kesug.com/ Page URL
  3. https://zajil.kesug.com/?i=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
zajelksa
zajill.psee.io/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zajill.psee.io/zajelksa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.234.14.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-14-152.compute-1.amazonaws.com
Software
Apache/2.4.56 (Debian) / PHP/7.4.33
Resource Hash

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-length
1489
content-type
text/html; charset=UTF-8
date
Tue, 16 Apr 2024 23:33:26 GMT
server
Apache/2.4.56 (Debian)
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
587a03bc-cda0-4a02-8307-100b27d34a16.png
cdn.psee.io/ 		544 KB
545 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.psee.io/587a03bc-cda0-4a02-8307-100b27d34a16.png
Requested by
Host: zajill.psee.io
URL: https://zajill.psee.io/zajelksa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.131.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://zajill.psee.io/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:33:27 GMT
via
1.1 648da69bb4c2221c403be08a06311d98.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
ARN56-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
557097
last-modified
Sun, 14 Apr 2024 16:14:47 GMT
server
cloudflare
etag
"c2bbb6116fc9c72adcfe637822a065cb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jJUe0A8MXE3qeKuTWPVclsxnepDtOjO1s0hefKEa2veQqTD2JUxqr3JA%2BvV4OlLpf14BV6WkhENYRjDmucT0uFvWAGRJbjJ%2BpwRn8QKqdUAMrhDLgvkPYTin0BTpOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8757fafd2c881d12-CPH
x-amz-cf-id
TYhkOqU045PyKdhl5i6ySQusRGbX9tFgWQAHOZP-8T2OIwk7JJnVjg==
/
zajil.kesug.com/ 		827 B
690 B 		Document
General
Check archive.org
Download Go to
Full URL
https://zajil.kesug.com/
Requested by
Host: zajill.psee.io
URL: https://zajill.psee.io/zajelksa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
8531db53b16c29c08f0e5d877dc1ef3ebab54856a15918fd7905b2345ebd134f

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://zajill.psee.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html
Date
Tue, 16 Apr 2024 23:33:26 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Server
nginx
Transfer-Encoding
chunked
aes.js
zajil.kesug.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zajil.kesug.com/aes.js
Requested by
Host: zajil.kesug.com
URL: https://zajil.kesug.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://zajil.kesug.com/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 16 Apr 2024 23:33:26 GMT
Content-Encoding
br
Last-Modified
Sun, 15 Oct 2023 16:50:53 GMT
Server
nginx
ETag
W/"652c186d-35a5"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
Primary Request /
zajil.kesug.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zajil.kesug.com/?i=1
Requested by
Host: zajil.kesug.com
URL: https://zajil.kesug.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
c2969fbbf04235d882d55093da8c516e4e410c99005d51908a7b6d8ac6b2f636

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://zajil.kesug.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
max-age=2592000, public, proxy-revalidate
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html; charset=UTF-8
Date
Tue, 16 Apr 2024 23:33:27 GMT
ETag
W/"10e8-615fbe0c14100"
Expires
Thu, 16 May 2024 23:33:27 GMT
Last-Modified
Sat, 13 Apr 2024 15:16:52 GMT
Server
nginx
Transfer-Encoding
chunked
style.css
zajil.kesug.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zajil.kesug.com/style.css
Requested by
Host: zajil.kesug.com
URL: https://zajil.kesug.com/?i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
bb21c6578a42ff2db66af03b8ee21a2955eb0f723c5608666b9a01f44b906809

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://zajil.kesug.com/?i=1
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 16 Apr 2024 23:33:27 GMT
Content-Encoding
br
Last-Modified
Sat, 13 Apr 2024 15:16:52 GMT
Server
nginx
ETag
W/"162a-615fbe0c14100"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=2592000, public, proxy-revalidate, must-revalidate
Connection
keep-alive
Expires
Thu, 16 May 2024 23:33:27 GMT
css2
fonts.googleapis.com/ 		2 KB
710 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Cairo:wght@200..1000&display=swap
Requested by
Host: zajil.kesug.com
URL: https://zajil.kesug.com/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
eda9393467b5a6d060218645968e7c998ce2923ab1b4594a3422d7bc286da49e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://zajil.kesug.com/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 Apr 2024 23:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 16 Apr 2024 23:33:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Apr 2024 23:33:29 GMT
logo.png
zajil.kesug.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zajil.kesug.com/logo.png
Requested by
Host: zajil.kesug.com
URL: https://zajil.kesug.com/?i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
2e09bb43baf2e270c6863992c7096e7c305331f46e9b91746595f06c55e7bbe9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://zajil.kesug.com/?i=1
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 16 Apr 2024 23:33:27 GMT
Last-Modified
Sat, 13 Apr 2024 15:16:52 GMT
Server
nginx
ETag
"1ae8-615fbe0c14100"
Content-Type
image/png
Cache-Control
max-age=2592000, public, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6888
Expires
Thu, 16 May 2024 23:33:27 GMT
photo.jpg
zajil.kesug.com/ 		214 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zajil.kesug.com/photo.jpg
Requested by
Host: zajil.kesug.com
URL: https://zajil.kesug.com/?i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
3d71bb545160ea0702c13c2521f65e8e110de0fb0d0d0f2f3bdc24e43acca4ae

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://zajil.kesug.com/?i=1
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 16 Apr 2024 23:33:27 GMT
Last-Modified
Sat, 13 Apr 2024 15:16:52 GMT
Server
nginx
ETag
"35775-615fbe0c14100"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
218997
Expires
Thu, 16 May 2024 23:33:27 GMT
screen.jpg
zajil.kesug.com/ 		200 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zajil.kesug.com/screen.jpg
Requested by
Host: zajil.kesug.com
URL: https://zajil.kesug.com/?i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
581652d0873935168f145eee8d7f9c8966038812df9e44297b969893c1323709

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://zajil.kesug.com/?i=1
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 16 Apr 2024 23:33:27 GMT
Last-Modified
Sat, 13 Apr 2024 15:16:52 GMT
Server
nginx
ETag
"31ffc-615fbe0c14100"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
204796
Expires
Thu, 16 May 2024 23:33:27 GMT
logo3.jpg
zajil.kesug.com/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zajil.kesug.com/logo3.jpg
Requested by
Host: zajil.kesug.com
URL: https://zajil.kesug.com/?i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
79f3ff92a5832b6734fcefa629678cb587e1e285030dcdb1080e6159ac9f63c3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://zajil.kesug.com/?i=1
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 16 Apr 2024 23:33:27 GMT
Last-Modified
Sat, 13 Apr 2024 15:16:52 GMT
Server
nginx
ETag
"303b-615fbe0c14100"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12347
Expires
Thu, 16 May 2024 23:33:27 GMT
map.jpg
zajil.kesug.com/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zajil.kesug.com/map.jpg
Requested by
Host: zajil.kesug.com
URL: https://zajil.kesug.com/?i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
fd54233cae4fef65a46496ecefe457ae70d00cd377f84028a200b486700268cc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://zajil.kesug.com/?i=1
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 16 Apr 2024 23:33:27 GMT
Last-Modified
Sat, 13 Apr 2024 15:16:52 GMT
Server
nginx
ETag
"584c-615fbe0c14100"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22604
Expires
Thu, 16 May 2024 23:33:27 GMT
puctures.jpg
zajil.kesug.com/ 		215 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zajil.kesug.com/puctures.jpg
Requested by
Host: zajil.kesug.com
URL: https://zajil.kesug.com/?i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
fc0d3f0ac0d55775009491eb916de06dd5016d998f1b65cc942e7c0654c15adb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://zajil.kesug.com/?i=1
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 16 Apr 2024 23:33:27 GMT
Last-Modified
Sat, 13 Apr 2024 15:16:52 GMT
Server
nginx
ETag
"35a84-615fbe0c14100"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
219780
Expires
Thu, 16 May 2024 23:33:27 GMT
puctures2.jpg
zajil.kesug.com/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zajil.kesug.com/puctures2.jpg
Requested by
Host: zajil.kesug.com
URL: https://zajil.kesug.com/?i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
88a0b91429b1dd09bfdd441b0a34b48d7abb2e4df4d45cc3733dc4fd9242d759

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://zajil.kesug.com/?i=1
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 16 Apr 2024 23:33:27 GMT
Last-Modified
Sat, 13 Apr 2024 15:16:52 GMT
Server
nginx
ETag
"1806a-615fbe0c14100"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
98410
Expires
Thu, 16 May 2024 23:33:27 GMT
main.js
zajil.kesug.com/ 		1 KB
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zajil.kesug.com/main.js
Requested by
Host: zajil.kesug.com
URL: https://zajil.kesug.com/?i=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
e00698daa51fa0b8e4a4a599cfde8cc32913b5141dbffa1bdf79eabf5fcfbc27

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://zajil.kesug.com/?i=1
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 16 Apr 2024 23:33:27 GMT
Content-Encoding
br
Last-Modified
Sat, 13 Apr 2024 15:16:52 GMT
Server
nginx
ETag
W/"543-615fbe0c14100"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=2592000, public, proxy-revalidate, must-revalidate
Connection
keep-alive
Expires
Thu, 16 May 2024 23:33:27 GMT
css2
fonts.googleapis.com/ 		2 KB
854 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500&display=swap
Requested by
Host: zajil.kesug.com
URL: https://zajil.kesug.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
5708e8cf5da02ce0851a6becfeafd728af44a6c8e77beba7393c509223b63967
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://zajil.kesug.com/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 Apr 2024 23:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 16 Apr 2024 22:30:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Apr 2024 23:33:29 GMT
sasaaaa.png
zajil.kesug.com/ 		389 KB
389 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zajil.kesug.com/sasaaaa.png
Requested by
Host: zajil.kesug.com
URL: https://zajil.kesug.com/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
6812a4a2e773969e63c666871313ffbeb7362eda4ad672f52ae82bcd7177a8da

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://zajil.kesug.com/style.css
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 16 Apr 2024 23:33:28 GMT
Last-Modified
Sat, 13 Apr 2024 15:16:52 GMT
Server
nginx
ETag
"61492-615fbe0c14100"
Content-Type
image/png
Cache-Control
max-age=2592000, public, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
398482
Expires
Thu, 16 May 2024 23:33:28 GMT
SLXVc1nY6HkvangtZmpQdkhzfH5lkSscRiyS.woff2
fonts.gstatic.com/s/cairo/v28/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cairo/v28/SLXVc1nY6HkvangtZmpQdkhzfH5lkSscRiyS.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cairo:wght@200..1000&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
sffe /
Resource Hash
1355605c748ba06b91514ca27feaa9c0c97ac33eb32fed979fc9fabb623d9023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://zajil.kesug.com
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 01:09:16 GMT
x-content-type-options
nosniff
age
339853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33588
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:52:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 01:09:16 GMT
SLXVc1nY6HkvangtZmpQdkhzfH5lkSscQyyS4J0.woff2
fonts.gstatic.com/s/cairo/v28/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cairo/v28/SLXVc1nY6HkvangtZmpQdkhzfH5lkSscQyyS4J0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cairo:wght@200..1000&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
sffe /
Resource Hash
60d51fea6669a866e3dce8a8583978127ef1808feb14c073b2f5c2a05a45908c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://zajil.kesug.com
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 01:29:27 GMT
x-content-type-options
nosniff
age
79442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30596
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:51:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 01:29:27 GMT
favicon.jpg
zajil.kesug.com/images/ 		214 KB
214 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://zajil.kesug.com/images/favicon.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
3d71bb545160ea0702c13c2521f65e8e110de0fb0d0d0f2f3bdc24e43acca4ae

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://zajil.kesug.com/?i=1
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 16 Apr 2024 23:33:29 GMT
Last-Modified
Sat, 13 Apr 2024 15:16:54 GMT
Server
nginx
ETag
"35775-615fbe0dfc580"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
218997
Expires
Thu, 16 May 2024 23:33:29 GMT

Verdicts & Comments Add Verdict or Comment

Malicious task.domain
Submitted on April 16th 2024, 11:37:46 pm UTC — From Saudi Arabia

Threats: Phishing Scam
Comment: this website https://zajill.psee.io/zajelksa claiming to be zaji shipping company in Saudi Arabia and this is fake and phishing and not true at all the Website asks for private information such as credit card number and password all of this Is to steal the victim money see this picture on this link https://i.ibb.co/93H144h/Screenshot-Samsung-Internet.jpg the real website for zajl shipping company in Saudi Arabia is https://zajil-express.com/

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| page1 function| sendPaymentInfo

5 Cookies

Domain/Path Name / Value
.zajill.psee.io/zajelksa Name: /zajelksa
Value: 1
zajill.psee.io/ Name: browser_uuid
Value: 1369477C-CBEA-FDA6-3D1A-DBA12DC612E4
zajill.psee.io/ Name: v_258226
Value: 0
zajill.psee.io/ Name: lang
Value: fi-fi
zajil.kesug.com/ Name: __test
Value: f0efd8c5d8a2243cb9e5a53a4640129f