silvernuts.sn.am Open in urlscan Pro
2a05:d018:ac8:b920:ab57:9da5:37d4:1293  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request la6yPVnUqWq Show response silvernuts.sn.am/	28 KB 4 KB	125ms 46ms	Document text/html	2a05:d018:ac8:b920:ab57:9da5:37d4:1293 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://silvernuts.sn.am/la6yPVnUqWq Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:ac8:b920:ab57:9da5:37d4:1293 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 9e4b1ed186a9fd50c01f8ddd8cbdcc4390e52a3be8b849533aba431e64cc801e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 1; mode=block Request headers :method GET :authority silvernuts.sn.am :scheme https :path /la6yPVnUqWq pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 20 Feb 2021 12:49:43 GMT content-type text/html;charset=utf-8 server nginx vary Accept-Encoding referer http://esputnik.com strict-transport-security max-age=31536000; includeSubDomains x-xss-protection 1; mode=block content-encoding gzip
GET H/1.1	200	1607452617924.png pics.esputnik.com/repository/home/72869/images/msg/2418914/	48 KB 48 KB	286ms 152ms	Image image/x-png	163.172.69.196 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://pics.esputnik.com/repository/home/72869/images/msg/2418914/1607452617924.png Requested by Host: silvernuts.sn.am URL: https://silvernuts.sn.am/la6yPVnUqWq Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 163.172.69.196 , France, ASN12876 (Online SAS, FR), Reverse DNS pics8.esputnik.com Software nginx / Resource Hash 035ffda1f12b59c12b3e8e702cf98d555634e088dacc3d4d6f836290ffe92cfc Request headers Referer https://silvernuts.sn.am/la6yPVnUqWq User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma Date Sat, 20 Feb 2021 12:49:44 GMT Server nginx Transfer-Encoding chunked Content-Type image/x-png Expires Tue, 02 Mar 2021 12:49:44 GMT Cache-Control max-age=864000 Connection keep-alive X-Proxy-Cache MISS, MISS
GET H/1.1	200 OK	facebook-circle-colored.png esputnik.com/content/stripostatic/assets/img/social-icons/circle-colored/	851 B 1 KB	98ms 31ms	Image image/png	2a05:d018:ac8:b900:241f:31d8:38bb:9480 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esputnik.com/content/stripostatic/assets/img/social-icons/circle-colored/facebook-circle-colored.png Requested by Host: silvernuts.sn.am URL: https://silvernuts.sn.am/la6yPVnUqWq Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:ac8:b900:241f:31d8:38bb:9480 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 5289b265dc75fc30e47ea5c631e201b97c193719a4f86110c1b9b164df47a39d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://silvernuts.sn.am/la6yPVnUqWq User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 20 Feb 2021 12:49:44 GMT X-Content-Type-Options nosniff Last-Modified Mon, 11 Jan 2021 14:26:44 GMT Server nginx ETag "5ffc6024-353" X-Frame-Options SAMEORIGIN Content-Type image/png Access-Control-Allow-Origin * Connection keep-alive Strict-Transport-Security max-age=31536000; includeSubDomains Accept-Ranges bytes Content-Length 851 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	twitter-circle-colored.png esputnik.com/content/stripostatic/assets/img/social-icons/circle-colored/	821 B 1 KB	96ms 31ms	Image image/png	2a05:d018:ac8:b900:241f:31d8:38bb:9480 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esputnik.com/content/stripostatic/assets/img/social-icons/circle-colored/twitter-circle-colored.png Requested by Host: silvernuts.sn.am URL: https://silvernuts.sn.am/la6yPVnUqWq Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:ac8:b900:241f:31d8:38bb:9480 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 32955363e4bc94fce23c8efd09f9b5376f9beaa4e1f167bba8ea67d406a77e48 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://silvernuts.sn.am/la6yPVnUqWq User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 20 Feb 2021 12:49:44 GMT X-Content-Type-Options nosniff Last-Modified Mon, 11 Jan 2021 14:26:44 GMT Server nginx ETag "5ffc6024-335" X-Frame-Options SAMEORIGIN Content-Type image/png Access-Control-Allow-Origin * Connection keep-alive Strict-Transport-Security max-age=31536000; includeSubDomains Accept-Ranges bytes Content-Length 821 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	instagram-circle-colored.png esputnik.com/content/stripostatic/assets/img/social-icons/circle-colored/	3 KB 3 KB	97ms 32ms	Image image/png	2a05:d018:ac8:b900:241f:31d8:38bb:9480 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esputnik.com/content/stripostatic/assets/img/social-icons/circle-colored/instagram-circle-colored.png Requested by Host: silvernuts.sn.am URL: https://silvernuts.sn.am/la6yPVnUqWq Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:ac8:b900:241f:31d8:38bb:9480 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash cf015ca390ce944fc364fa077318088672d9d09e9b423d2288880a506207434c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://silvernuts.sn.am/la6yPVnUqWq User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 20 Feb 2021 12:49:44 GMT X-Content-Type-Options nosniff Last-Modified Mon, 11 Jan 2021 14:26:44 GMT Server nginx ETag "5ffc6024-a19" X-Frame-Options SAMEORIGIN Content-Type image/png Access-Control-Allow-Origin * Connection keep-alive Strict-Transport-Security max-age=31536000; includeSubDomains Accept-Ranges bytes Content-Length 2585 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	youtube-circle-colored.png esputnik.com/content/stripostatic/assets/img/social-icons/circle-colored/	771 B 1 KB	100ms 33ms	Image image/png	2a05:d018:ac8:b900:241f:31d8:38bb:9480 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://esputnik.com/content/stripostatic/assets/img/social-icons/circle-colored/youtube-circle-colored.png Requested by Host: silvernuts.sn.am URL: https://silvernuts.sn.am/la6yPVnUqWq Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:ac8:b900:241f:31d8:38bb:9480 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 6ef1cba15a8ec87dcb209fea6883ce0ee0714d383ed133a9655aca9080335d16 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://silvernuts.sn.am/la6yPVnUqWq User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 20 Feb 2021 12:49:44 GMT X-Content-Type-Options nosniff Last-Modified Mon, 11 Jan 2021 14:26:44 GMT Server nginx ETag "5ffc6024-303" X-Frame-Options SAMEORIGIN Content-Type image/png Access-Control-Allow-Origin * Connection keep-alive Strict-Transport-Security max-age=31536000; includeSubDomains Accept-Ranges bytes Content-Length 771 X-XSS-Protection 1; mode=block

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Office 365 (Online)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

esputnik.com
pics.esputnik.com
silvernuts.sn.am
163.172.69.196
2a05:d018:ac8:b900:241f:31d8:38bb:9480
2a05:d018:ac8:b920:ab57:9da5:37d4:1293
035ffda1f12b59c12b3e8e702cf98d555634e088dacc3d4d6f836290ffe92cfc
32955363e4bc94fce23c8efd09f9b5376f9beaa4e1f167bba8ea67d406a77e48
5289b265dc75fc30e47ea5c631e201b97c193719a4f86110c1b9b164df47a39d
6ef1cba15a8ec87dcb209fea6883ce0ee0714d383ed133a9655aca9080335d16
9e4b1ed186a9fd50c01f8ddd8cbdcc4390e52a3be8b849533aba431e64cc801e
cf015ca390ce944fc364fa077318088672d9d09e9b423d2288880a506207434c