game.adimail.cc
Open in
urlscan Pro
2606:4700:3033::6815:3465
Malicious Activity!
Public Scan
Effective URL: https://game.adimail.cc/payment/payment.php
Submission: On March 02 via api from US — Scanned from US
Summary
TLS certificate: Issued by E1 on February 20th 2024. Valid for: 3 months.
This is the only time game.adimail.cc was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bank Mellat (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3034::ac43:c611 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
18 | 2606:4700:303... 2606:4700:3033::6815:3465 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 176.56.157.159 176.56.157.159 | 43415 (SITSCO-AS) (SITSCO-AS) | |
19 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
adimail.cc
1 redirects
game.adimail.cc |
231 KB |
1 |
shaparak.ir
bpm.shaparak.ir — Cisco Umbrella Rank: 553270 |
2 KB |
19 | 2 |
Domain | Requested by | |
---|---|---|
19 | game.adimail.cc |
1 redirects
game.adimail.cc
|
1 | bpm.shaparak.ir |
game.adimail.cc
|
19 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
s3.amazonaws.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
adimail.cc E1 |
2024-02-20 - 2024-05-20 |
3 months | crt.sh |
bpm.shaparak.ir Certum Extended Validation CA SHA2 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://game.adimail.cc/payment/payment.php
Frame ID: DE575881D1A4671AC959EE154D55379C
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
پرداخت اینترنتی به پرداخت ملتPage URL History Show full URLs
-
http://game.adimail.cc/payment/payment.php
HTTP 301
https://game.adimail.cc/payment/payment.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: bpm.shaparak.ir
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://game.adimail.cc/payment/payment.php
HTTP 301
https://game.adimail.cc/payment/payment.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
payment.php
game.adimail.cc/payment/ Redirect Chain
|
21 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
esprit_fa.min.css
game.adimail.cc/payment/css/ |
159 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
game.adimail.cc/payment/js/ |
86 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
messages_fa.min.js
game.adimail.cc/payment/msg/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
payment.min.js
game.adimail.cc/payment/js/ |
22 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shaparak_logo.svg
game.adimail.cc/payment/img/ |
30 KB 9 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
behpardakht_logo.svg
game.adimail.cc/payment/img/ |
19 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
captchaimg.jpg
bpm.shaparak.ir/pgwchannel/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ipg-defaltlogo.png
game.adimail.cc/payment/img/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mellat_arc.svg
game.adimail.cc/payment/img/ |
349 B 750 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ipg-card_list.svg
game.adimail.cc/payment/img/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ipg-keypad.svg
game.adimail.cc/payment/img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ipg-capcha-refresh.svg
game.adimail.cc/payment/img/ |
739 B 873 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ipg_sms.svg
game.adimail.cc/payment/img/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mellat_arc_footer.svg
game.adimail.cc/payment/img/ |
592 B 872 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
IRANSansWeb_Medium.woff2
game.adimail.cc/payment/css/fonts/woff2/ |
28 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
IRANSansWeb.woff2
game.adimail.cc/payment/css/fonts/woff2/ |
31 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
IRANSansWeb_Medium.woff
game.adimail.cc/payment/css/fonts/woff/ |
35 KB 36 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
IRANSansWeb.woff
game.adimail.cc/payment/css/fonts/woff/ |
38 KB 38 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bank Mellat (Financial)110 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| $jscomp number| globalRemainingSeconds undefined| terminalDiscountStatus number| otpRequestWaitMillis boolean| ctrlDown number| ctrlKey number| cmdKey object| panDtoList string| encRefId undefined| focusedField undefined| shuffledArray boolean| disableCountDown boolean| successfullyDone number| cursorPosition number| selectedPanIndex number| previousSelectedPanIndex undefined| previousPan undefined| keyPadInputId undefined| previousOTPRequestMillis undefined| otpRemainingSeconds object| availableBankLogos function| validatePaymentInputs function| removeInvalidClassFromPan function| addInvalidClassToPan function| validatePan function| doPayment function| processSaleResponse function| refreshCaptcha function| showMessage function| hideMessage function| handleUnknownError function| validateAndDoPayment function| removeInvalidClassFromInput function| validateInput function| addInvalidClassToInput function| validateDate function| focusNextField function| focusField function| hideKeypadOnTab function| checkPattern function| setPanCursorPosition function| formatPanOnKeyDown function| shouldIgnore function| formatPanOnKeyUp function| getFormattedPan function| concatNumericChars function| extractNumbers function| preventInvalidKeys function| isNumericKeyDownOrUp function| getEventKeyCode function| cancelPay function| countDownRemainingTime function| stopCountDown function| fillField function| keypadTab function| keyPadBackspace function| setFocusedField function| shuffleKeypad function| showKeypadJustInMobile function| showKeypad function| hideKeypad function| hideOthersKeypad function| shuffle function| waitAndSendSuccessResult function| sendSuccessResult function| enableReturnButton function| hideKeypadOnOutsideClick function| hideCardSuggestionListOnOutSideClick function| showSubmitSpinner function| hideSubmitSpinner function| showBankLogoSpinner function| hideBankLogoSpinner function| checkPanDiscount function| handlePanChange function| prepare4DiscountServiceCall function| processDiscountResponse function| openDiscountDialog function| setPan function| hideDiscountDialog function| showDiscountDialog function| showDynamicPinDialog function| removeDynamicPinDialog function| setAmount function| setCardSuggestionListHeight function| filterAndShowCardSuggestionList function| toggleAllPans function| showCardSuggestionList function| setBankLogo function| hideCardSuggestionList function| selectPan function| maskExpireDate function| unmaskExpireDate function| isBankLogoAvailable function| resetSelectedPan function| getBankLogoSrc function| isNewPan function| validateAndRequestOTP function| requestOTP function| processOtpResponse function| disableOtpButton function| enableOtpButton function| disableCaptcha function| enableCaptcha function| countDownDynamicPinRemainingTime function| doPayment2 function| validateandDoPayment2 function| harim function| transfer0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bpm.shaparak.ir
game.adimail.cc
176.56.157.159
2606:4700:3033::6815:3465
2606:4700:3034::ac43:c611
011310002d771ac6a136964ee17f8c265a06bc385ab51dd1a21ec4b5a3d8ab5b
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
2d6512cc92038c293224096d3f3e59a9b96d9e6544b06446435dea0d4fde3c1d
323c337a54245bcf87b88e1d5bab21bec50d623945d4a26a9b920fa99849815f
3afa58c071c47a13672d595d0272bd053a2aeee10358b8d9d21a43bd6e480482
44d2d63cf374747af338372aad7d778483a8e791d674742f34fe6f24cf726fb1
44ebdf42ece6b1725f03139581a7200db5255bf40a3b5c5476d056e4646f1722
4a115a8df8b9efb84dd63d391f2c11e33eb8e12c147c35c9750f1af21b567845
4a45e958f70902b38c5ab14bb0d2fd1f39a12f6372c7533d2ee8a02275395cec
5e0e1726c314681e1fee564da05c92e5a9820db86ff56e939032f7e6c421a2f7
60cfa122fc2ef0d3a16def27419770746cbdec414998fd2b42e04cb2d28f2fb4
67e70e1d5d489482630b186aee63e56361bdc93ac01e8e3a09fcabce5782f7ef
73179cb89e7abf3013d8485fbaa3c33ec38cc65541f64517fe37b5fc90751f59
7a8c25d623a30a6efea41f0cedb208df683b8bc734780e6f38dff2d7c6b59d8e
9019fb40193423b787b752dfc130ce05ad4c5863f1002302a315ec57a0f36cc9
989499a9ddba2a305b3990adfdafd39e448704fdf02f689ae485d1d94e920e38
a8f29f97bdd79c13a83136b0d0ae6f7daeaefbf5e36e88c9cb473092d6b7485d
d1e7151a7b6e0e0a0be950a03eebdd6307bdeb5696735e828421046b1010ba56