palmluck.buzz Open in urlscan Pro
190.115.18.246 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://9tl.ru/K1JI7
Effective URL:
https://palmluck.buzz/banking/
Submission: On September 15 via api (September 15th 2020, 8:42:26 am UTC) from US

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 5 countries across 5 domains to perform 25 HTTP transactions. The main IP is 190.115.18.246, located in Belize and belongs to DDOS-GUARD CORP., BZ. The main domain is palmluck.buzz.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 14th 2020. Valid for: 3 months.

This is the only time palmluck.buzz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Banking (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::681b:bca6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	195.13.215.59 195.13.215.59	12578 (APOLLO-AS...) (APOLLO-AS Latvia)
1 1	2a05:d014:286... 2a05:d014:286:3502:280f:5c03:88aa:6d81	16509 (AMAZON-02) (AMAZON-02)
1 1	176.119.30.22 176.119.30.22	30860 (YURTEH-AS) (YURTEH-AS)
1 26	190.115.18.246 190.115.18.246	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
25	1

1 2606:4700:3035::681b:bca6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

9tl.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.13.215.59 (Riga, Latvia) 1 redirects

ASN12578 (APOLLO-AS Latvia, LV)
PTR: trk.emlbest.com

trk.emlbest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d014:286:3502:280f:5c03:88aa:6d81 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

7176w.bemobtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.119.30.22 (Ukraine) 1 redirects

ASN30860 (YURTEH-AS, UA)
PTR: dedicated.vsys.host

paymentcassa.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 190.115.18.246 (Belize) 1 redirects

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: owner.bityoung.net

palmluck.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	palmluck.buzz 1 redirects palmluck.buzz	345 KB
1	paymentcassa.xyz 1 redirects paymentcassa.xyz	569 B
1	bemobtrk.com 1 redirects 7176w.bemobtrk.com	784 B
1	emlbest.com 1 redirects trk.emlbest.com	569 B
1	9tl.ru 1 redirects 9tl.ru	785 B
25	5

	Domain	Requested by
26	palmluck.buzz	1 redirects palmluck.buzz
1	paymentcassa.xyz	1 redirects
1	7176w.bemobtrk.com	1 redirects
1	trk.emlbest.com	1 redirects
1	9tl.ru	1 redirects
25	5

This site contains no links.

Subject Issuer	Validity	Valid
palmluck.buzz Let's Encrypt Authority X3	`2020-09-14` - `2020-12-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://palmluck.buzz/banking/
Frame ID: 7F8E347D3F886D91CC97D673DD2BEBE8
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://9tl.ru/K1JI7 HTTP 301
http://trk.emlbest.com/ru/subscribe_confirm?hash=68rd4wouqyzy85o6zppe6ujs9aqmn9ftdhgk5yanthny4f9yqc... HTTP 302
https://7176w.bemobtrk.com/go/f5d2cd24-8021-428f-83a0-11ae9701c394 HTTP 302
https://paymentcassa.xyz/catalog?userId=15965342869363902&productId=15954098002106839 HTTP 301
https://palmluck.buzz/banking HTTP 301
http://palmluck.buzz/banking/ HTTP 307
https://palmluck.buzz/banking/ Page URL

Page Statistics

25
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

1
IPs

5
Countries

345 kB
Transfer

444 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://9tl.ru/K1JI7 HTTP 301
http://trk.emlbest.com/ru/subscribe_confirm?hash=68rd4wouqyzy85o6zppe6ujs9aqmn9ftdhgk5yanthny4f9yqchrnhhxhu9q65a4gqotttoucygwar&hash2=444 HTTP 302
https://7176w.bemobtrk.com/go/f5d2cd24-8021-428f-83a0-11ae9701c394 HTTP 302
https://paymentcassa.xyz/catalog?userId=15965342869363902&productId=15954098002106839 HTTP 301
https://palmluck.buzz/banking HTTP 301
http://palmluck.buzz/banking/ HTTP 307
https://palmluck.buzz/banking/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
palmluck.buzz/banking/
Redirect Chain

https://9tl.ru/K1JI7
http://trk.emlbest.com/ru/subscribe_confirm?hash=68rd4wouqyzy85o6zppe6ujs9aqmn9ftdhgk5yanthny4f9yqchrnhhxhu9q65a4gqotttoucygwar&hash2=444
https://7176w.bemobtrk.com/go/f5d2cd24-8021-428f-83a0-11ae9701c394
https://paymentcassa.xyz/catalog?userId=15965342869363902&productId=15954098002106839
https://palmluck.buzz/banking
http://palmluck.buzz/banking/
https://palmluck.buzz/banking/

8 KB
3 KB

59ms
58ms

Document
text/html

190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://palmluck.buzz/banking/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

e6cf9247eb9d4d2ca34a5b22a8011f740ba6d582d55f603bca1c4da45cbceee8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

:method: GET
:authority: palmluck.buzz
:scheme: https
:path: /banking/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __ddg1=JpHBzNVFnWhnfLX6y4Xa
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Tue, 15 Sep 2020 08:42:08 GMT
last-modified: Sun, 09 Aug 2020 00:09:36 GMT
etag: W/"1ebe-5ac66a73e4b52"
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding

Redirect headers

Location: https://palmluck.buzz/banking/
Non-Authoritative-Reason: HSTS

GET
H2 200 trustuniEPbnk.css
palmluck.buzz/banking/ 4 KB
774 B 59ms
58ms Stylesheet
text/css 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://palmluck.buzz/banking/trustuniEPbnk.css

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

f175f0beee2c45e190e07d8171e5bca9f96d14ea154440b3da82d4ba2a64fd91

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://palmluck.buzz/banking/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
content-encoding: br
last-modified: Sun, 09 Aug 2020 00:09:36 GMT
server: ddos-guard
etag: W/"e4f-5ac66a73e89d2"
vary: Accept-Encoding
content-type: text/css
status: 200
date: Tue, 15 Sep 2020 08:42:08 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes

GET
H2 200 index.css
palmluck.buzz/banking/ 91 KB
8 KB 681ms
680ms Stylesheet
text/css 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://palmluck.buzz/banking/index.css

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

0ff0448cc3005328fd2365cf91c03b10f451e15f5718bebdae34c48174261bd3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://palmluck.buzz/banking/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
content-encoding: br
last-modified: Sun, 09 Aug 2020 00:09:36 GMT
server: ddos-guard
etag: W/"16c37-5ac66a73dda0a"
vary: Accept-Encoding
content-type: text/css
status: 200
date: Tue, 15 Sep 2020 08:42:08 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes

GET
H2 200 11.png
palmluck.buzz/banking/images/ 33 KB
34 KB 1351ms
1346ms Image
image/png 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://palmluck.buzz/banking/images/11.png

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

0075174bdf083d22b69003025b3f6caeb9b3efe2526767c21d2ffb789bf48109

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://palmluck.buzz/banking/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
last-modified: Sun, 09 Aug 2020 00:09:35 GMT
server: ddos-guard
etag: "85a2-5ac66a73b3643"
content-type: image/png
status: 200
date: Tue, 15 Sep 2020 08:42:09 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 34210

GET
H2 200 n1.png
palmluck.buzz/banking/images/ 867 B
948 B 116ms
112ms Image
image/png 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://palmluck.buzz/banking/images/n1.png

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

7743b93bfe418d7c0daaf0911fb442de1e50ae11d8048864fa25db7a147edf6b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://palmluck.buzz/banking/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
last-modified: Sun, 09 Aug 2020 00:09:35 GMT
server: ddos-guard
etag: "363-5ac66a73ab943"
content-type: image/png
status: 200
date: Tue, 15 Sep 2020 08:42:08 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 867

GET
H2 200 ftr8899.png
palmluck.buzz/banking/images/ 9 KB
10 KB 120ms
116ms Image
image/png 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://palmluck.buzz/banking/images/ftr8899.png

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

41d82061b87b8339aaf1aef9dd32c3dbb8c1994bcaaf0716fdb8451b47b20a1f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://palmluck.buzz/banking/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
last-modified: Sun, 09 Aug 2020 00:09:35 GMT
server: ddos-guard
etag: "25db-5ac66a73d2272"
content-type: image/png
status: 200
date: Tue, 15 Sep 2020 08:42:08 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 9691

GET
H2 200 1291-201904181109032.gif
palmluck.buzz/banking/images/ 88 KB
88 KB 136ms
132ms Image
image/gif 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://palmluck.buzz/banking/images/1291-201904181109032.gif

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

01334268dcf9acf9cf06d013256802ac5ae71c8c8dd3102eb39bc1e89a307d29

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://palmluck.buzz/banking/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
last-modified: Sun, 09 Aug 2020 00:09:35 GMT
server: ddos-guard
etag: "160d2-5ac66a73a961b"
content-type: image/gif
status: 200
date: Tue, 15 Sep 2020 08:42:08 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 90322

GET
H2 200 verified-by-visa-logo.svg
palmluck.buzz/banking/ 3 KB
2 KB 138ms
134ms Image
image/svg+xml 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://palmluck.buzz/banking/verified-by-visa-logo.svg

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

9212a8bed1938a6109be0258dfbcb60931d60b0259d399e249b6a34c13696bdd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://palmluck.buzz/banking/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
content-encoding: br
last-modified: Sun, 09 Aug 2020 00:09:36 GMT
server: ddos-guard
etag: W/"dc6-5ac66a73ed7f2"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
date: Tue, 15 Sep 2020 08:42:08 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes

GET
H2 200 mastercard-secure-code-2016.svg
palmluck.buzz/banking/ 13 KB
5 KB 1351ms
1348ms Image
image/svg+xml 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://palmluck.buzz/banking/mastercard-secure-code-2016.svg

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

2ce089b517a8559f8ed0aa90caea5e1707650add0f73f6a8154daa842d5d7ed6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://palmluck.buzz/banking/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
content-encoding: br
last-modified: Sun, 09 Aug 2020 00:09:36 GMT
server: ddos-guard
etag: W/"3586-5ac66a73dbeb2"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
date: Tue, 15 Sep 2020 08:42:09 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes

GET
H2 200 fca-regulated.png
palmluck.buzz/banking/images/ 3 KB
3 KB 1799ms
1795ms Image
image/png 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://palmluck.buzz/banking/images/fca-regulated.png

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

ea0b1c5dc1558c5461a8ea624ec765aeaaa940a9ab993511764482113046b517

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://palmluck.buzz/banking/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
last-modified: Sun, 09 Aug 2020 00:09:35 GMT
server: ddos-guard
etag: "db5-5ac66a73b45e3"
content-type: image/png
status: 200
date: Tue, 15 Sep 2020 08:42:09 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 3509

GET
H2 200 bltick.png
palmluck.buzz/banking/images/ 2 KB
2 KB 135ms
132ms Image
image/png 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://palmluck.buzz/banking/images/bltick.png

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

c5ebdf18386412cab54216d97a4b908d467b0710dccc137661030c5488795f04

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://palmluck.buzz/banking/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
last-modified: Sun, 09 Aug 2020 00:09:35 GMT
server: ddos-guard
etag: "6af-5ac66a73ca572"
content-type: image/png
status: 200
date: Tue, 15 Sep 2020 08:42:08 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 1711

GET
H2 200 img0009.png
palmluck.buzz/banking/images/ 282 B
330 B 136ms
132ms Image
image/png 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://palmluck.buzz/banking/images/img0009.png

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

5d436540aa29aff5d390c9835d4b567f2fb1592b6d6fe7617c773fa9932846e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://palmluck.buzz/banking/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
last-modified: Sun, 09 Aug 2020 00:09:35 GMT
server: ddos-guard
etag: "11a-5ac66a73ccc82"
content-type: image/png
status: 200
date: Tue, 15 Sep 2020 08:42:08 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 282

GET
H2 200 113.png
palmluck.buzz/banking/images/ 5 KB
5 KB 137ms
134ms Image
image/png 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://palmluck.buzz/banking/images/113.png

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

4835f303e137faa6cabdfec2ce6528d277f5978e5a8928fac4630ecb909e59a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://palmluck.buzz/banking/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
last-modified: Sun, 09 Aug 2020 00:09:35 GMT
server: ddos-guard
etag: "13e0-5ac66a73bf992"
content-type: image/png
status: 200
date: Tue, 15 Sep 2020 08:42:08 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 5088

GET
H2 200 img0014.png
palmluck.buzz/banking/images/ 2 KB
2 KB 136ms
133ms Image
image/png 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://palmluck.buzz/banking/images/img0014.png

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

d3fb4bc8dc0f390a225e831b13eb87f1269cc6bc8a75f6faa488d629255a1701

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://palmluck.buzz/banking/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
last-modified: Sun, 09 Aug 2020 00:09:35 GMT
server: ddos-guard
etag: "6f7-5ac66a73ca18a"
content-type: image/png
status: 200
date: Tue, 15 Sep 2020 08:42:08 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 1783

GET
H2 200 logo_blue.png
palmluck.buzz/banking/images/ 605 B
655 B 342ms
340ms Image
image/png 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://palmluck.buzz/banking/images/logo_blue.png

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

c0620157eaca321164b33c0879a350c4fb38ed05f6857677a21f9fb4d28b202f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://palmluck.buzz/banking/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
last-modified: Sun, 09 Aug 2020 00:09:35 GMT
server: ddos-guard
etag: "25d-5ac66a73a4413"
content-type: image/png
status: 200
date: Tue, 15 Sep 2020 08:42:08 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 605

GET
H2 200 img0006.png
palmluck.buzz/banking/images/ 233 B
282 B 609ms
606ms Image
image/png 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://palmluck.buzz/banking/images/img0006.png

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

2b37a9cfae3aec838fd20b03d76ed964cd6690d7e2b07ea6e3c15ed042231b39

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://palmluck.buzz/banking/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
last-modified: Sun, 09 Aug 2020 00:09:35 GMT
server: ddos-guard
etag: "e9-5ac66a73bedda"
content-type: image/png
status: 200
date: Tue, 15 Sep 2020 08:42:08 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 233

GET
H2 200 img0001.png
palmluck.buzz/banking/images/ 2 KB
2 KB 2360ms
2358ms Image
image/png 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://palmluck.buzz/banking/images/img0001.png

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

7e32f5c5c2eac447529192b5eb32029283b2cb45f1f3ad6f54d2ea8342935b5a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://palmluck.buzz/banking/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
last-modified: Sun, 09 Aug 2020 00:09:35 GMT
server: ddos-guard
etag: "8d7-5ac66a73b1703"
content-type: image/png
status: 200
date: Tue, 15 Sep 2020 08:42:10 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 2263

GET
H2 200 img0013.png
palmluck.buzz/banking/images/ 3 KB
3 KB 2365ms
2362ms Image
image/png 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://palmluck.buzz/banking/images/img0013.png

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

4b3809a80be876bdefd4eb66252e55e193499c5c77aae1a4dd8e9c687448f1e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://palmluck.buzz/banking/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
last-modified: Sun, 09 Aug 2020 00:09:35 GMT
server: ddos-guard
etag: "a96-5ac66a73b4db3"
content-type: image/png
status: 200
date: Tue, 15 Sep 2020 08:42:10 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 2710

GET
H2 200 B7Qh_OGIgAMzeE9.png%20large.png
palmluck.buzz/banking/images/ 44 KB
44 KB 367ms
365ms Image
image/png 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://palmluck.buzz/banking/images/B7Qh_OGIgAMzeE9.png%20large.png

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

1a51271a2e4ed6f1022f323e14d7d254c6580485db901f26a30f3cfefbcdea9b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://palmluck.buzz/banking/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
last-modified: Sun, 09 Aug 2020 00:09:35 GMT
server: ddos-guard
etag: "afa6-5ac66a73a7ac3"
content-type: image/png
status: 200
date: Tue, 15 Sep 2020 08:42:08 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 44966

GET
H2 200 MSR-1110231784.png
palmluck.buzz/banking/images/ 39 KB
39 KB 2365ms
2363ms Image
image/png 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://palmluck.buzz/banking/images/MSR-1110231784.png

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

6d94ffea9556956578b07c893020c98cd5fc9d134c14f7f072c461eb94149f22

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://palmluck.buzz/banking/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
last-modified: Sun, 09 Aug 2020 00:09:35 GMT
server: ddos-guard
etag: "9a4a-5ac66a73d0332"
content-type: image/png
status: 200
date: Tue, 15 Sep 2020 08:42:10 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 39498

GET
H2 200 img0010.png
palmluck.buzz/banking/images/ 233 B
282 B 2365ms
2363ms Image
image/png 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://palmluck.buzz/banking/images/img0010.png

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

2b37a9cfae3aec838fd20b03d76ed964cd6690d7e2b07ea6e3c15ed042231b39

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://palmluck.buzz/banking/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
last-modified: Sun, 09 Aug 2020 00:09:35 GMT
server: ddos-guard
etag: "e9-5ac66a73c3bfa"
content-type: image/png
status: 200
date: Tue, 15 Sep 2020 08:42:10 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
content-length: 233

GET
H2 200 GothamPro-Light.html
palmluck.buzz/banking/ 14 KB
14 KB 59ms
58ms Font
text/html 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://palmluck.buzz/banking/GothamPro-Light.html

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/trustuniEPbnk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

995567caefcbbc6d9a447e9246e59da7863eb844836d048073c4e5099cb7d005

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Origin: https://palmluck.buzz
Referer: https://palmluck.buzz/banking/trustuniEPbnk.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
content-encoding: br
last-modified: Sun, 09 Aug 2020 00:09:36 GMT
server: ddos-guard
etag: W/"387c-5ac66a740898a"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
date: Tue, 15 Sep 2020 08:42:08 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes

GET
H2 200 MicraDi.html
palmluck.buzz/banking/ 10 KB
10 KB 60ms
59ms Font
text/html 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://palmluck.buzz/banking/MicraDi.html

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/trustuniEPbnk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

e7ac2871db7d8a7d1f925d66bed0d09ac0ec43103c827b8f51ca24afb71dd1c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Origin: https://palmluck.buzz
Referer: https://palmluck.buzz/banking/trustuniEPbnk.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
content-encoding: br
last-modified: Sun, 09 Aug 2020 00:09:35 GMT
server: ddos-guard
etag: W/"2758-5ac66a7396953"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
date: Tue, 15 Sep 2020 08:42:08 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes

GET
H2 200 DroidSans.html
palmluck.buzz/banking/ 49 KB
49 KB 61ms
60ms Font
text/html 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://palmluck.buzz/banking/DroidSans.html

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/trustuniEPbnk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

7346fa2af89b79704bbe3fb05d211b3150c9b67fa8ce8ac625cd4e68c12abc01

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Origin: https://palmluck.buzz
Referer: https://palmluck.buzz/banking/trustuniEPbnk.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
content-encoding: br
last-modified: Sun, 09 Aug 2020 00:09:35 GMT
server: ddos-guard
etag: W/"c378-5ac66a7394dfb"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
date: Tue, 15 Sep 2020 08:42:08 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes

GET
H2 200 GothamPro-Light-2.html
palmluck.buzz/banking/ 20 KB
20 KB 58ms
58ms Font
text/html 190.115.18.246
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to

Full URL

https://palmluck.buzz/banking/GothamPro-Light-2.html

Requested by

Host: palmluck.buzz
URL: https://palmluck.buzz/banking/trustuniEPbnk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.18.246 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),

Reverse DNS

owner.bityoung.net

Software

ddos-guard /

Resource Hash

7c06e26b61d2b90b2665e12ab9bbcb1b2cf1563bea5cca21792981a8ce5206ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Request headers

Origin: https://palmluck.buzz
Referer: https://palmluck.buzz/banking/trustuniEPbnk.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=2628000
content-encoding: br
last-modified: Sun, 09 Aug 2020 00:09:36 GMT
server: ddos-guard
etag: W/"4ff0-5ac66a73d9b8a"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
date: Tue, 15 Sep 2020 08:42:09 GMT
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Banking (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| get_cookie undefined| url function| noselect

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.palmluck.buzz/	1970-01-19 21:14:55	Name: __ddg1 Value: JpHBzNVFnWhnfLX6y4Xa

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7176w.bemobtrk.com
9tl.ru
palmluck.buzz
paymentcassa.xyz
trk.emlbest.com
176.119.30.22
190.115.18.246
195.13.215.59
2606:4700:3035::681b:bca6
2a05:d014:286:3502:280f:5c03:88aa:6d81
0075174bdf083d22b69003025b3f6caeb9b3efe2526767c21d2ffb789bf48109
01334268dcf9acf9cf06d013256802ac5ae71c8c8dd3102eb39bc1e89a307d29
0ff0448cc3005328fd2365cf91c03b10f451e15f5718bebdae34c48174261bd3
1a51271a2e4ed6f1022f323e14d7d254c6580485db901f26a30f3cfefbcdea9b
2b37a9cfae3aec838fd20b03d76ed964cd6690d7e2b07ea6e3c15ed042231b39
2ce089b517a8559f8ed0aa90caea5e1707650add0f73f6a8154daa842d5d7ed6
41d82061b87b8339aaf1aef9dd32c3dbb8c1994bcaaf0716fdb8451b47b20a1f
4835f303e137faa6cabdfec2ce6528d277f5978e5a8928fac4630ecb909e59a2
4b3809a80be876bdefd4eb66252e55e193499c5c77aae1a4dd8e9c687448f1e8
5d436540aa29aff5d390c9835d4b567f2fb1592b6d6fe7617c773fa9932846e1
6d94ffea9556956578b07c893020c98cd5fc9d134c14f7f072c461eb94149f22
7346fa2af89b79704bbe3fb05d211b3150c9b67fa8ce8ac625cd4e68c12abc01
7743b93bfe418d7c0daaf0911fb442de1e50ae11d8048864fa25db7a147edf6b
7c06e26b61d2b90b2665e12ab9bbcb1b2cf1563bea5cca21792981a8ce5206ad
7e32f5c5c2eac447529192b5eb32029283b2cb45f1f3ad6f54d2ea8342935b5a
9212a8bed1938a6109be0258dfbcb60931d60b0259d399e249b6a34c13696bdd
995567caefcbbc6d9a447e9246e59da7863eb844836d048073c4e5099cb7d005
c0620157eaca321164b33c0879a350c4fb38ed05f6857677a21f9fb4d28b202f
c5ebdf18386412cab54216d97a4b908d467b0710dccc137661030c5488795f04
d3fb4bc8dc0f390a225e831b13eb87f1269cc6bc8a75f6faa488d629255a1701
e6cf9247eb9d4d2ca34a5b22a8011f740ba6d582d55f603bca1c4da45cbceee8
e7ac2871db7d8a7d1f925d66bed0d09ac0ec43103c827b8f51ca24afb71dd1c0
ea0b1c5dc1558c5461a8ea624ec765aeaaa940a9ab993511764482113046b517
f175f0beee2c45e190e07d8171e5bca9f96d14ea154440b3da82d4ba2a64fd91

palmluck.buzz Open in urlscan Pro 190.115.18.246 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

25 Requests

100 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

1 IPs

5 Countries

345 kBTransfer

444 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

palmluck.buzz Open in urlscan Pro
190.115.18.246 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

1
IPs

5
Countries

345 kB
Transfer

444 kB
Size

1
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!