urlscan.io logo urlscan.io
SecurityTrails logo

peimex.com Open in urlscan Pro
108.179.194.74  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://peimex.com/wp-content/ntww/natwest3/details.php
Submission: On July 05 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 19 HTTP transactions. The main IP is 108.179.194.74, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is peimex.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 14th 2023. Valid for: a year.
This is the only time peimex.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NatWest (Banking)

Domain & IP information

IP Address AS Autonomous System
19 108.179.194.74 19871 (NETWORK-S...)
19 1
Apex Domain
Subdomains		 Transfer
19 peimex.com
peimex.com
190 KB
19 1
Domain Requested by
19 peimex.com peimex.com
19 1

This site contains no links.

Subject Issuer Validity Valid
peimex.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-14 -
2024-07-14		 a year crt.sh

This page contains 2 frames:

Primary Page: https://peimex.com/wp-content/ntww/natwest3/details.php
Frame ID: 148A9A858606FB1A6C7AB59E0C81326D
Requests: 3 HTTP requests in this frame

Frame: https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Frame ID: 65C9F1F0D68F8A4750A4487EF399C0CF
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Confirm Your Details

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

190 kB
Transfer

349 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request details.php
peimex.com/wp-content/ntww/natwest3/ 		955 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
4a30e0e808472532909d1fccf26f6034144a153b65e7df8329bfe50aa8f78458
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
none
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
529
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 05 Jul 2024 01:18:17 GMT
expect-ct
max-age=7776000, enforce
expires
Thu, 19 Nov 1981 08:52:00 GMT
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
details.php
peimex.com/wp-content/ntww/natwest3/security_files/ Frame 65C9 		32 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
0cca269c9111569c68bc30e7955bb8fe95413d42e97255a7983c9c07bb359fb8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://peimex.com/wp-content/ntww/natwest3/details.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
none
content-encoding
gzip
content-length
8417
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 05 Jul 2024 01:18:17 GMT
expect-ct
max-age=7776000, enforce
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
referrer-policy
no-referrer-when-downgrade
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
jspostcode.js
peimex.com/wp-content/ntww/natwest3/security_files/ Frame 65C9 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/security_files/jspostcode.js
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
e36e16547c0cdc9f371e9360e369b6205f72499cd05d80c723d5ee9a0db8e1b8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 01:18:18 GMT
content-encoding
gzip
content-length
1879
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 04:46:44 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
none
master.css
peimex.com/wp-content/ntww/natwest3/security_files/ Frame 65C9 		133 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/security_files/master.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
75b00a583c89310d12ace059629526ba7cfbb0bd4509ec5750a25fd6ffdd6e12
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 04:46:44 GMT
server
Apache
date
Fri, 05 Jul 2024 01:18:18 GMT
content-encoding
gzip
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
none
x-xss-protection
1; mode=block
datePicker.css
peimex.com/wp-content/ntww/natwest3/security_files/ Frame 65C9 		2 KB
884 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/security_files/datePicker.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
14714f651128eff786763144294b0e7c67529d317ac5371632bbf8fb659866ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 01:18:18 GMT
content-encoding
gzip
content-length
791
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 04:46:42 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
none
npc.css
peimex.com/wp-content/ntww/natwest3/security_files/ Frame 65C9 		46 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/security_files/npc.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
990f073c20457aa8ecb56a57304e16c90ec7eadb63f25e64932b2f1914054d4a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 01:18:18 GMT
content-encoding
gzip
content-length
12814
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 04:46:44 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
none
overlayPromptMaster.css
peimex.com/wp-content/ntww/natwest3/security_files/ Frame 65C9 		2 KB
686 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/security_files/overlayPromptMaster.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
643d4d52a1a24515822f6a30683f901bb5dd16c251d88caece27ab2713457272
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 01:18:18 GMT
content-encoding
gzip
content-length
623
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 04:46:46 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
none
overlayPrompt.css
peimex.com/wp-content/ntww/natwest3/security_files/ Frame 65C9 		76 B
124 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/security_files/overlayPrompt.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
ef7db794b4a6b5c42d2535919d91fb11da1e5cd1147f35196db382197b35fdee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 01:18:18 GMT
content-encoding
gzip
content-length
85
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 04:46:44 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
none
logo.png
peimex.com/wp-content/ntww/natwest3/security_files/ Frame 65C9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://peimex.com/wp-content/ntww/natwest3/security_files/logo.png
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
917942589e5b140755ee83bb4720ca9c1bbf7705f44f51a78ba1ffa635420c50
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 04:46:44 GMT
server
Apache
date
Fri, 05 Jul 2024 01:18:18 GMT
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
content-length
3053
x-xss-protection
1; mode=block
alert-icon.png
peimex.com/wp-content/ntww/natwest3/security_files/ Frame 65C9 		638 B
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://peimex.com/wp-content/ntww/natwest3/security_files/alert-icon.png
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
d4901081a59d75050d215c08d6fd5370cea9aa1eaea023a176c9b9c26760f221
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 04:46:40 GMT
server
Apache
date
Fri, 05 Jul 2024 01:18:18 GMT
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
content-length
638
x-xss-protection
1; mode=block
NPC_auralstyle.css
peimex.com/wp-content/ntww/natwest3/security_files/ Frame 65C9 		515 B
330 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/security_files/NPC_auralstyle.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
04c45c81e1298e703f3bde9cec27446450294330ae06bd24c9f9343b264462e9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 01:18:18 GMT
content-encoding
gzip
content-length
291
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 04:46:44 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
none
master_print.css
peimex.com/wp-content/ntww/natwest3/security_files/ Frame 65C9 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/security_files/master_print.css
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
1acd7d03edc5d90866fd012355c352efbb02f38c9334cffd4a9f321b4d713491
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/security_files/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 01:18:18 GMT
content-encoding
gzip
content-length
2012
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 04:46:44 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
none
white-lock.png
peimex.com/wp-content/ntww/natwest3/security_files/ Frame 65C9 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://peimex.com/wp-content/ntww/natwest3/security_files/white-lock.png
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/security_files/npc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
ed9614bce603c554be689bf21fd90e046685d80f88c4294442fff33a7ddd9050
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/security_files/npc.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 01:18:18 GMT
content-encoding
gzip
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
link
<https://peimex.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
down_chevron_purple_transparent.gif
peimex.com/wp-content/ntww/natwest3/security_files/ Frame 65C9 		843 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://peimex.com/wp-content/ntww/natwest3/security_files/down_chevron_purple_transparent.gif
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/security_files/npc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
58ac97186d61e424878863f9cb1258c1f04eb1016f6ab11359f97994b758955c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/security_files/npc.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 04:46:42 GMT
server
Apache
date
Fri, 05 Jul 2024 01:18:18 GMT
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
image/gif
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
content-length
843
x-xss-protection
1; mode=block
RNHouseSansW03-Regular.woff
peimex.com/wp-content/ntww/natwest3/security_files/ Frame 65C9 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/security_files/RNHouseSansW03-Regular.woff
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/security_files/npc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
37539c1b025b1580975ce7942ff711e4e92e6f549af893e46e5a9a60e705c02c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/security_files/npc.css
Origin
https://peimex.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 04:46:46 GMT
server
Apache
date
Fri, 05 Jul 2024 01:18:18 GMT
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
font/woff
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
content-length
25612
x-xss-protection
1; mode=block
RNHouseSansW03-Bold.woff
peimex.com/wp-content/ntww/natwest3/security_files/ Frame 65C9 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/security_files/RNHouseSansW03-Bold.woff
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/security_files/npc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
ce87bf8a3058e5028a4b64dc0aa16e0614f7e47d87223594c6353450aadbf5ad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/security_files/npc.css
Origin
https://peimex.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 04:46:46 GMT
server
Apache
date
Fri, 05 Jul 2024 01:18:18 GMT
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
font/woff
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
content-length
26144
x-xss-protection
1; mode=block
exit-icon-white.svg
peimex.com/wp-content/ntww/natwest3/security_files/ Frame 65C9 		641 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://peimex.com/wp-content/ntww/natwest3/security_files/exit-icon-white.svg
Requested by
Host: peimex.com
URL: https://peimex.com/wp-content/ntww/natwest3/security_files/master.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
43a780414ddf2b15e9b47811bbaa8cbfc6cf56d4db65684ed114a1c2a13bc097
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/security_files/master.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 04:46:42 GMT
server
Apache
date
Fri, 05 Jul 2024 01:18:18 GMT
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
content-length
641
x-xss-protection
1; mode=block
favicon.ico
peimex.com/wp-content/ntww/natwest3/security_files/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/security_files/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
9bbf91204e8022d01c859c92c1d9218ac4859de521548856534b48ac2e7849a8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 01:18:20 GMT
content-length
2238
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 04:46:42 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
image/x-icon
cache-control
max-age=604800
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
expires
Fri, 12 Jul 2024 01:18:20 GMT
favicon.ico
peimex.com/wp-content/ntww/natwest3/security_files/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://peimex.com/wp-content/ntww/natwest3/security_files/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.194.74 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
108-179-194-74.unifiedlayer.com
Software
Apache /
Resource Hash
9bbf91204e8022d01c859c92c1d9218ac4859de521548856534b48ac2e7849a8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://peimex.com/wp-content/ntww/natwest3/details.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
upgrade-insecure-requests
date
Fri, 05 Jul 2024 01:18:20 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Jul 2018 04:46:42 GMT
server
Apache
expect-ct
max-age=7776000, enforce
x-frame-options
SAMEORIGIN
content-type
image/x-icon
cache-control
max-age=604800
permissions-policy
geolocation=(); midi=();notifications=();push=();sync-xhr=();accelerometer=(); gyroscope=(); magnetometer=(); payment=(); camera=(); microphone=();usb=(); xr=();speaker=(self);vibrate=();fullscreen=(self);
accept-ranges
bytes
content-length
2238
x-xss-protection
1; mode=block
expires
Fri, 12 Jul 2024 01:18:20 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NatWest (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage

1 Cookies

Domain/Path Name / Value
peimex.com/ Name: PHPSESSID
Value: 3260b43f7f3203be80e6140c0da50e0f

3 Console Messages

Source Level URL
Text
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
network error URL: https://peimex.com/wp-content/ntww/natwest3/security_files/white-lock.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block