game.adimail.cc Open in urlscan Pro
2606:4700:3033::6815:3465  Malicious Activity! Public Scan

Submitted URL: http://game.adimail.cc/payment/payment.php
Effective URL: https://game.adimail.cc/payment/payment.php
Submission: On March 02 via api from US — Scanned from US

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3033::6815:3465, located in United States and belongs to CLOUDFLARENET, US. The main domain is game.adimail.cc.
TLS certificate: Issued by E1 on February 20th 2024. Valid for: 3 months.
This is the only time game.adimail.cc was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank Mellat (Financial)

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
18 2606:4700:303... 13335 (CLOUDFLAR...)
1 176.56.157.159 43415 (SITSCO-AS)
19 2
Apex Domain
Subdomains
Transfer
19 adimail.cc
game.adimail.cc
231 KB
1 shaparak.ir
bpm.shaparak.ir — Cisco Umbrella Rank: 553270
2 KB
19 2
Domain Requested by
19 game.adimail.cc 1 redirects game.adimail.cc
1 bpm.shaparak.ir game.adimail.cc
19 2

This site contains links to these domains. Also see Links.

Domain
s3.amazonaws.com
Subject Issuer Validity Valid
adimail.cc
E1
2024-02-20 -
2024-05-20
3 months crt.sh
bpm.shaparak.ir
Certum Extended Validation CA SHA2
2023-05-02 -
2024-05-01
a year crt.sh

This page contains 1 frames:

Primary Page: https://game.adimail.cc/payment/payment.php
Frame ID: DE575881D1A4671AC959EE154D55379C
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

پرداخت اینترنتی به پرداخت ملت

Page URL History Show full URLs

  1. http://game.adimail.cc/payment/payment.php HTTP 301
    https://game.adimail.cc/payment/payment.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

232 kB
Transfer

483 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://game.adimail.cc/payment/payment.php HTTP 301
    https://game.adimail.cc/payment/payment.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request payment.php
game.adimail.cc/payment/
Redirect Chain
  • http://game.adimail.cc/payment/payment.php
  • https://game.adimail.cc/payment/payment.php
21 KB
6 KB
Document
General
Full URL
https://game.adimail.cc/payment/payment.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
323c337a54245bcf87b88e1d5bab21bec50d623945d4a26a9b920fa99849815f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85e47fed3e538dc4-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 02 Mar 2024 21:32:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1I3jVJHpltF6u%2FagOjBltnyPI2Z0p%2BG3Mp6fx06Gvp6EJroyVAb9uyVGMTY%2F79ugDRXjb44%2F6cDQT8e8ePSOHgXVnx9xgkvbm82TD6fBGUaCUGQf9PvJmD2lPnjr64wgFUkq3HSA29nBrLufTgg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

CF-RAY
85e47febcd6d9add-MIA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 02 Mar 2024 21:32:29 GMT
Expires
Sat, 02 Mar 2024 22:32:29 GMT
Location
https://game.adimail.cc/payment/payment.php
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Koshktd4D80w9snH5VA1%2BnZejFpi6%2F%2BpskkFBmtilHyGXWVofXSQhjDpBL%2BV2WYYWxv%2Bv0Zb%2BP%2FgKIpaui0vlXOn8Ah%2FvTRVqROwz971j9eejJjisNiScHDIULeoE8y562U%2FWeEXysvjIVjGyGc%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
esprit_fa.min.css
game.adimail.cc/payment/css/
159 KB
26 KB
Stylesheet
General
Full URL
https://game.adimail.cc/payment/css/esprit_fa.min.css
Requested by
Host: game.adimail.cc
URL: https://game.adimail.cc/payment/payment.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3afa58c071c47a13672d595d0272bd053a2aeee10358b8d9d21a43bd6e480482

Request headers

accept-language
en-US,en;q=0.9
Referer
https://game.adimail.cc/payment/payment.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 21:32:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 21 Dec 2023 06:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VC%2BrF9Fx8VpkwEaLjRpJTJ%2BXbULdUnGqGODfRhrEMpkytazIL8fSw5jeRAqqpeOLIz8q0R3V1W3RaJI8LtkeoLMCEmJbRrPQcmUzAv1yKzeiYD2jtokBVRLNi5GsLY7%2Fh5OO98ZrXG36o%2BLKQuQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
85e47ff0cc438dc4-MIA
alt-svc
h3=":443"; ma=86400
expires
Sat, 09 Mar 2024 21:32:30 GMT
jquery.min.js
game.adimail.cc/payment/js/
86 KB
31 KB
Script
General
Full URL
https://game.adimail.cc/payment/js/jquery.min.js
Requested by
Host: game.adimail.cc
URL: https://game.adimail.cc/payment/payment.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://game.adimail.cc/payment/payment.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 21:32:30 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 21 Dec 2023 06:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iHJioQVG1zYMOvxlp%2BmgbEThpN0ZeksIHkzcnfFfLiIlODodWZg6DVYP8jLN4jkHLZgN4JRXBezfnLQn3VVHOE8pkSzhM18ZzBCpdjsrriBEd%2BosXGZmhauit7ugoSDlzk%2BruJ76tFVBZDDghcY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
85e47ff0cc488dc4-MIA
alt-svc
h3=":443"; ma=86400
messages_fa.min.js
game.adimail.cc/payment/msg/
0
0
Script
General
Full URL
https://game.adimail.cc/payment/msg/messages_fa.min.js
Requested by
Host: game.adimail.cc
URL: https://game.adimail.cc/payment/payment.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://game.adimail.cc/payment/payment.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Mar 2024 21:32:30 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlBQUdP3mvlU19jKikpZew8lmvjwMvXUc1h7kJRzlgtPhT7sslsjOVIDd%2Fbcx%2BW71UpUf2C3Wq0pB8KZgPjrihvxrmJE4vr8yhwrGobQt9Vs3QrYRJneCN0nOQPVcPxAevWCunFPz%2FrJkiFwaGs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
85e47ff0cc498dc4-MIA
alt-svc
h3=":443"; ma=86400
payment.min.js
game.adimail.cc/payment/js/
22 KB
7 KB
Script
General
Full URL
https://game.adimail.cc/payment/js/payment.min.js
Requested by
Host: game.adimail.cc
URL: https://game.adimail.cc/payment/payment.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a115a8df8b9efb84dd63d391f2c11e33eb8e12c147c35c9750f1af21b567845

Request headers

accept-language
en-US,en;q=0.9
Referer
https://game.adimail.cc/payment/payment.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 21:32:30 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 21 Dec 2023 06:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FKGidf%2FB7q9fDQffHaXo%2Bf1rzKdg2A1kzJNk0mHiyVVtt4SeknIRUSIdCx%2Bxc0nIjV85aR7vW5U7T%2F6Q814wEfkTOtcYH1hk8kewVyDGduS484rIqfqU8O4d1poXF%2BOna%2BPvfzdxlbQ2wgVzbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
85e47ff0cc4a8dc4-MIA
alt-svc
h3=":443"; ma=86400
shaparak_logo.svg
game.adimail.cc/payment/img/
30 KB
9 KB
Image
General
Full URL
https://game.adimail.cc/payment/img/shaparak_logo.svg
Requested by
Host: game.adimail.cc
URL: https://game.adimail.cc/payment/payment.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1e7151a7b6e0e0a0be950a03eebdd6307bdeb5696735e828421046b1010ba56

Request headers

accept-language
en-US,en;q=0.9
Referer
https://game.adimail.cc/payment/payment.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 21:32:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 06:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
99529
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmXnufZhyqxNqZFpRDNbYg2L%2Bm%2FsIz0H2YY4Aw9Z4INJ%2FLXG3TCdL%2BMLbtInSapbNdGUzv3HjUZaZLHoPZsb%2FFmkaZD2A0csI0CyGZO5iU%2FDzVIQlwE2QGq2aW9l%2Beumv4uA6fkeZxRLrzlwknM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
cf-ray
85e47ff0cc4b8dc4-MIA
alt-svc
h3=":443"; ma=86400
expires
Fri, 08 Mar 2024 17:53:40 GMT
behpardakht_logo.svg
game.adimail.cc/payment/img/
19 KB
7 KB
Image
General
Full URL
https://game.adimail.cc/payment/img/behpardakht_logo.svg
Requested by
Host: game.adimail.cc
URL: https://game.adimail.cc/payment/payment.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
011310002d771ac6a136964ee17f8c265a06bc385ab51dd1a21ec4b5a3d8ab5b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://game.adimail.cc/payment/payment.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 21:32:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 06:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
99529
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPcI4WgzEHnIw8lkobW6KkfT0j471xDxbaSF%2B1OUh3p6nQG0iggrmZWMconu5Y9JH7k5xcds96rIkRw2Ng%2BfsqXD2UYvo3JtuZ8uK1oPoiEdv%2BrctaazMBqZpPLx%2FX1qiuESb5sZiil1JoCf1rE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
cf-ray
85e47ff0cc4e8dc4-MIA
alt-svc
h3=":443"; ma=86400
expires
Fri, 08 Mar 2024 17:53:40 GMT
captchaimg.jpg
bpm.shaparak.ir/pgwchannel/
1 KB
2 KB
Image
General
Full URL
https://bpm.shaparak.ir/pgwchannel/captchaimg.jpg?RefId=193A7D3535AED3AB
Requested by
Host: game.adimail.cc
URL: https://game.adimail.cc/payment/payment.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.56.157.159 , Iran, Islamic Republic Of, ASN43415 (SITSCO-AS, IR),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
2d6512cc92038c293224096d3f3e59a9b96d9e6544b06446435dea0d4fde3c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://game.adimail.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Mar 2024 21:32:30 GMT
X-Content-Type-Options
nosniff
Max-Age
Thu, 01 Jan 1970 00:00:00 GMT
Server
Microsoft-HTTPAPI/2.0
X-Frame-Options
DENY
Content-Type
image/jpeg
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=60
content-length
1481
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ipg-defaltlogo.png
game.adimail.cc/payment/img/
6 KB
6 KB
Image
General
Full URL
https://game.adimail.cc/payment/img/ipg-defaltlogo.png
Requested by
Host: game.adimail.cc
URL: https://game.adimail.cc/payment/payment.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
989499a9ddba2a305b3990adfdafd39e448704fdf02f689ae485d1d94e920e38

Request headers

accept-language
en-US,en;q=0.9
Referer
https://game.adimail.cc/payment/payment.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 21:32:30 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 06:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
99529
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXQYmDBRuDBFZT%2FP6ZPJrZUoL3OpS8nA%2BpE33sZ4LJttW2VTRnuGzb1UQouc%2B6Hnat5hqrRUpUe2JfVxCNyZHE9NVnw6Hru2t7l4M6ZSx4qzXBzcTCqZMITxl%2Bz7S3DM8ac%2FKvPkoVZj8uhKqFE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85e47ff11cd78dc4-MIA
alt-svc
h3=":443"; ma=86400
content-length
5849
expires
Fri, 08 Mar 2024 17:53:40 GMT
mellat_arc.svg
game.adimail.cc/payment/img/
349 B
750 B
Image
General
Full URL
https://game.adimail.cc/payment/img/mellat_arc.svg
Requested by
Host: game.adimail.cc
URL: https://game.adimail.cc/payment/css/esprit_fa.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67e70e1d5d489482630b186aee63e56361bdc93ac01e8e3a09fcabce5782f7ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://game.adimail.cc/payment/css/esprit_fa.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 21:32:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 06:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
99529
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uC%2FSgxKE1y4FOq8X1jtqLPjOFDfI%2BKwHo3%2BNO%2FcLYfb7xfu4kzooI2ivApEuPmI1U5bd95TKSPdmYDSqlzjR2jywd9IslIRUKxaGZmIC9L5hHqC4SoYqdbP4YxkGYUI%2BRE08cqqN4mKmfQPfOHM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
cf-ray
85e47ff4bb992203-MIA
alt-svc
h3=":443"; ma=86400
expires
Fri, 08 Mar 2024 17:53:40 GMT
ipg-card_list.svg
game.adimail.cc/payment/img/
2 KB
1 KB
Image
General
Full URL
https://game.adimail.cc/payment/img/ipg-card_list.svg
Requested by
Host: game.adimail.cc
URL: https://game.adimail.cc/payment/css/esprit_fa.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a45e958f70902b38c5ab14bb0d2fd1f39a12f6372c7533d2ee8a02275395cec

Request headers

accept-language
en-US,en;q=0.9
Referer
https://game.adimail.cc/payment/css/esprit_fa.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 21:32:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 06:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
99528
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0YQChIAB3fFgKh99qtwjAEDrxTKG5VJtY%2FF%2F9WZ37sWXqMFSxrJzeIbbpIGN6aFiaFVN%2Fa1HCPFal4rQ7U7JiEtaAaL44%2FWC2dy2bevtrKRtpJC%2Bg8yVJ%2BkZPe039b4D14OvO%2FLZWPJ0S2fq1A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
cf-ray
85e47ff4cb9f2203-MIA
alt-svc
h3=":443"; ma=86400
expires
Fri, 08 Mar 2024 17:53:40 GMT
ipg-keypad.svg
game.adimail.cc/payment/img/
1 KB
1 KB
Image
General
Full URL
https://game.adimail.cc/payment/img/ipg-keypad.svg
Requested by
Host: game.adimail.cc
URL: https://game.adimail.cc/payment/css/esprit_fa.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73179cb89e7abf3013d8485fbaa3c33ec38cc65541f64517fe37b5fc90751f59

Request headers

accept-language
en-US,en;q=0.9
Referer
https://game.adimail.cc/payment/css/esprit_fa.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 21:32:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 06:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
99529
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gO1q%2BCHRaMJdRZLmzIUyqj6gPHCemRIpporTnaNbO8QdF0pdQA0mOxtUv7F8il2Lz1AOuMrkH4G4cG9%2FQ%2FqrS%2BTU0lJJXx0zb8oCfLEkc06bcW6miIhTBPDfLKGu68LZ8Rz4A49c0z%2FXKspzxjE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
cf-ray
85e47ff4cba12203-MIA
alt-svc
h3=":443"; ma=86400
expires
Fri, 08 Mar 2024 17:53:40 GMT
ipg-capcha-refresh.svg
game.adimail.cc/payment/img/
739 B
873 B
Image
General
Full URL
https://game.adimail.cc/payment/img/ipg-capcha-refresh.svg
Requested by
Host: game.adimail.cc
URL: https://game.adimail.cc/payment/css/esprit_fa.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44ebdf42ece6b1725f03139581a7200db5255bf40a3b5c5476d056e4646f1722

Request headers

accept-language
en-US,en;q=0.9
Referer
https://game.adimail.cc/payment/css/esprit_fa.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 21:32:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 06:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
99529
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRskZaDs1dnbxYy15Jnf3OhU0tuUYUHfctA7HZCIkqoCxyGJQjckC4%2F0SLKPNs6O%2Bl9TOjy%2FsgY2z5%2F3150v1C1hylJCU9lYSZpXN4%2F1iZZ6x1Cl%2FQQoVomzje7%2BCWgXIX747oLq8gcR0Extf%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
cf-ray
85e47ff4cba42203-MIA
alt-svc
h3=":443"; ma=86400
expires
Fri, 08 Mar 2024 17:53:40 GMT
ipg_sms.svg
game.adimail.cc/payment/img/
2 KB
1 KB
Image
General
Full URL
https://game.adimail.cc/payment/img/ipg_sms.svg
Requested by
Host: game.adimail.cc
URL: https://game.adimail.cc/payment/css/esprit_fa.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60cfa122fc2ef0d3a16def27419770746cbdec414998fd2b42e04cb2d28f2fb4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://game.adimail.cc/payment/css/esprit_fa.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 21:32:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 06:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
99529
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uG2u62HV4tDlSSqdRHSc6EcySIT5zru2XirCccH%2BQcGHDx6g55HOd5ZDNehcO6F7WNs%2BUdMcg5lhF0ORSkDnzTl8S6ZJYU5il6Ny8wjufr4LDLrr8p4ktB5oqgNi%2FWGWcSX9XkcB%2Fjh%2BJ4A2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
cf-ray
85e47ff4cba72203-MIA
alt-svc
h3=":443"; ma=86400
expires
Fri, 08 Mar 2024 17:53:40 GMT
mellat_arc_footer.svg
game.adimail.cc/payment/img/
592 B
872 B
Image
General
Full URL
https://game.adimail.cc/payment/img/mellat_arc_footer.svg
Requested by
Host: game.adimail.cc
URL: https://game.adimail.cc/payment/css/esprit_fa.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9019fb40193423b787b752dfc130ce05ad4c5863f1002302a315ec57a0f36cc9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://game.adimail.cc/payment/css/esprit_fa.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 21:32:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 06:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
99529
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDujWxjFvbrukUqDmHsmkA3qSpr5Mlo9J7UmPL6JY28u75puCRr7axLbSyP%2FHZ37%2FVGfSHUXYYs7WQXDM6L42aJS03a21jXVlAsQkAASxtMJRilKFWA3Do4rwercsQraG0Yfv1c9I64fFR3PAnk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
cf-ray
85e47ff4cba92203-MIA
alt-svc
h3=":443"; ma=86400
expires
Fri, 08 Mar 2024 17:53:40 GMT
IRANSansWeb_Medium.woff2
game.adimail.cc/payment/css/fonts/woff2/
28 KB
29 KB
Font
General
Full URL
https://game.adimail.cc/payment/css/fonts/woff2/IRANSansWeb_Medium.woff2
Requested by
Host: game.adimail.cc
URL: https://game.adimail.cc/payment/css/esprit_fa.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44d2d63cf374747af338372aad7d778483a8e791d674742f34fe6f24cf726fb1

Request headers

Referer
https://game.adimail.cc/payment/css/esprit_fa.min.css
Origin
https://game.adimail.cc
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 21:32:30 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 06:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
99529
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQBFux8AKRnxo3utLHynAIoeOl3Li7stnmROaqUlmQusgNA1QZlH1EIigGy%2BPrhqWSJCUN5XTK%2BVk6LjGpCNn9ycgP4NdM9MJpuLyJUxtX%2FYEIxFqqzYXSPFvyDczq4XAV680z5yvYHIqU%2Bmz9k%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85e47ff4cbab2203-MIA
alt-svc
h3=":443"; ma=86400
content-length
28916
expires
Fri, 08 Mar 2024 17:53:40 GMT
IRANSansWeb.woff2
game.adimail.cc/payment/css/fonts/woff2/
31 KB
31 KB
Font
General
Full URL
https://game.adimail.cc/payment/css/fonts/woff2/IRANSansWeb.woff2
Requested by
Host: game.adimail.cc
URL: https://game.adimail.cc/payment/css/esprit_fa.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a8c25d623a30a6efea41f0cedb208df683b8bc734780e6f38dff2d7c6b59d8e

Request headers

Referer
https://game.adimail.cc/payment/css/esprit_fa.min.css
Origin
https://game.adimail.cc
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 21:32:30 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 06:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
99529
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQvVNR1RYeqTA6TzWoLrGfgKIKRY5H8RG1WBPhBYrAW5xVEeyzhgehPHWKOpI53U4LCsUXNSNCCzPIBQ5rQShq5Xfv2ezL%2BU9pwmAVKBq6VxEgeTSEGfOQKT1NJkGeU1mzn%2B35AbrYoelkhXYTk%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85e47ff4cbac2203-MIA
alt-svc
h3=":443"; ma=86400
content-length
31320
expires
Fri, 08 Mar 2024 17:53:40 GMT
IRANSansWeb_Medium.woff
game.adimail.cc/payment/css/fonts/woff/
35 KB
36 KB
Font
General
Full URL
https://game.adimail.cc/payment/css/fonts/woff/IRANSansWeb_Medium.woff
Requested by
Host: game.adimail.cc
URL: https://game.adimail.cc/payment/css/esprit_fa.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e0e1726c314681e1fee564da05c92e5a9820db86ff56e939032f7e6c421a2f7

Request headers

Referer
https://game.adimail.cc/payment/css/esprit_fa.min.css
Origin
https://game.adimail.cc
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 21:32:30 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 06:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
99528
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2BhvYTdbOXVpyIPLghwyVtQK8nCslEjP704IT2mrECZi3kgl4qwpiur1jhmcusouL20jgOQTGTVHN0E9wq0atQ0LTh%2F7WJJUPG15801GT%2BFzWvOQzCIc3RqIF3tOXhJrTmoeLYdIIVlOtDO%2F%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85e47ff57ca32203-MIA
alt-svc
h3=":443"; ma=86400
content-length
36141
expires
Fri, 08 Mar 2024 17:53:41 GMT
IRANSansWeb.woff
game.adimail.cc/payment/css/fonts/woff/
38 KB
38 KB
Font
General
Full URL
https://game.adimail.cc/payment/css/fonts/woff/IRANSansWeb.woff
Requested by
Host: game.adimail.cc
URL: https://game.adimail.cc/payment/css/esprit_fa.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3465 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8f29f97bdd79c13a83136b0d0ae6f7daeaefbf5e36e88c9cb473092d6b7485d

Request headers

Referer
https://game.adimail.cc/payment/css/esprit_fa.min.css
Origin
https://game.adimail.cc
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 21:32:30 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 06:20:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
99528
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yziaUdJOX3M3fcUanutq7ZiinkTkaWZJl6mMwQj4inmwrUf0DArWXf81ZjSerx9Mib2UxRQN2EQE91CnacDWSJt2mby04tETjyRviXHhVCnn71JmY0g1qH54VIYufbGQiMXyBG0DjAs%2FG8abLcw%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85e47ff57cb02203-MIA
alt-svc
h3=":443"; ma=86400
content-length
38473
expires
Fri, 08 Mar 2024 17:53:41 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank Mellat (Financial)

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| $jscomp number| globalRemainingSeconds undefined| terminalDiscountStatus number| otpRequestWaitMillis boolean| ctrlDown number| ctrlKey number| cmdKey object| panDtoList string| encRefId undefined| focusedField undefined| shuffledArray boolean| disableCountDown boolean| successfullyDone number| cursorPosition number| selectedPanIndex number| previousSelectedPanIndex undefined| previousPan undefined| keyPadInputId undefined| previousOTPRequestMillis undefined| otpRemainingSeconds object| availableBankLogos function| validatePaymentInputs function| removeInvalidClassFromPan function| addInvalidClassToPan function| validatePan function| doPayment function| processSaleResponse function| refreshCaptcha function| showMessage function| hideMessage function| handleUnknownError function| validateAndDoPayment function| removeInvalidClassFromInput function| validateInput function| addInvalidClassToInput function| validateDate function| focusNextField function| focusField function| hideKeypadOnTab function| checkPattern function| setPanCursorPosition function| formatPanOnKeyDown function| shouldIgnore function| formatPanOnKeyUp function| getFormattedPan function| concatNumericChars function| extractNumbers function| preventInvalidKeys function| isNumericKeyDownOrUp function| getEventKeyCode function| cancelPay function| countDownRemainingTime function| stopCountDown function| fillField function| keypadTab function| keyPadBackspace function| setFocusedField function| shuffleKeypad function| showKeypadJustInMobile function| showKeypad function| hideKeypad function| hideOthersKeypad function| shuffle function| waitAndSendSuccessResult function| sendSuccessResult function| enableReturnButton function| hideKeypadOnOutsideClick function| hideCardSuggestionListOnOutSideClick function| showSubmitSpinner function| hideSubmitSpinner function| showBankLogoSpinner function| hideBankLogoSpinner function| checkPanDiscount function| handlePanChange function| prepare4DiscountServiceCall function| processDiscountResponse function| openDiscountDialog function| setPan function| hideDiscountDialog function| showDiscountDialog function| showDynamicPinDialog function| removeDynamicPinDialog function| setAmount function| setCardSuggestionListHeight function| filterAndShowCardSuggestionList function| toggleAllPans function| showCardSuggestionList function| setBankLogo function| hideCardSuggestionList function| selectPan function| maskExpireDate function| unmaskExpireDate function| isBankLogoAvailable function| resetSelectedPan function| getBankLogoSrc function| isNewPan function| validateAndRequestOTP function| requestOTP function| processOtpResponse function| disableOtpButton function| enableOtpButton function| disableCaptcha function| enableCaptcha function| countDownDynamicPinRemainingTime function| doPayment2 function| validateandDoPayment2 function| harim function| transfer

0 Cookies

5 Console Messages

Source Level URL
Text
network error URL: https://game.adimail.cc/payment/msg/messages_fa.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://game.adimail.cc/payment/payment.php
Message:
Failed to decode downloaded font: https://game.adimail.cc/payment/css/fonts/woff2/IRANSansWeb_Medium.woff2
other warning URL: https://game.adimail.cc/payment/payment.php
Message:
OTS parsing error: Size of decompressed WOFF 2.0 font exceeds 300MB
other warning URL: https://game.adimail.cc/payment/payment.php
Message:
Failed to decode downloaded font: https://game.adimail.cc/payment/css/fonts/woff2/IRANSansWeb.woff2
other warning URL: https://game.adimail.cc/payment/payment.php
Message:
OTS parsing error: Size of decompressed WOFF 2.0 font exceeds 300MB