security-ser1.tk
Open in
urlscan Pro
108.178.42.114
Malicious Activity!
Public Scan
Effective URL: http://security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/
Submission: On November 30 via api from CA
Summary
This is the only time security-ser1.tk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: American Express (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 23 | 108.178.42.114 108.178.42.114 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop) | |
21 | 1 |
ASN32475 (SINGLEHOP-LLC - SingleHop, Inc., US)
PTR: lotus.superdnssite.com
security-ser1.tk |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
security-ser1.tk
2 redirects
security-ser1.tk |
79 KB |
21 | 1 |
Domain | Requested by | |
---|---|---|
23 | security-ser1.tk |
2 redirects
security-ser1.tk
|
21 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/
Frame ID: 3236.1
Requests: 21 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://security-ser1.tk/xklck/
HTTP 302
http://security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba HTTP 301
http://security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/ Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://security-ser1.tk/xklck/
HTTP 302
http://security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba HTTP 301
http://security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/ Redirect Chain
|
13 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flag.png
security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/pics/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_button.png
security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/pics/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logotop.gif
security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/pics/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
myaccount.png
security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/pics/topbutton/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cards.png
security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/pics/topbutton/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
travel.png
security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/pics/topbutton/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rewards.png
security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/pics/topbutton/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
business.png
security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/pics/topbutton/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gears.png
security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/pics/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb.png
security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/pics/social_icons/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f.png
security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/pics/social_icons/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
twit.png
security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/pics/social_icons/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yt.png
security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/pics/social_icons/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
in.png
security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/pics/social_icons/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
g.png
security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/pics/social_icons/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg.png
security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/pics/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
searchbar.png
security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/pics/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
select_arrow.png
security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/pics/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_button_big.png
security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/pics/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bottom_bg.png
security-ser1.tk/xklck/633d04383bb21a9447279b44db3ff4ba/pics/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: American Express (Financial)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
security-ser1.tk
108.178.42.114
0b3797f13538a6a8a7937c556b1b4eb7b239f54204c7a17fd5595a0506887f5d
0ebfac7083ef17a310d73d5b04fb6cf05ebc57ee1b48b5257ca17e6bd9cd5875
128f465ce476ddda9cb9fa6da55982a8c6e7e132659cada4944b21038685eb94
242b5965ed076fd51b335ec3da1c36f0ca1cd50dd6ca8b152ab19ab73310235a
2fa6f8640ad91cc46e1abbe6e631771f213ac9362c0ac100aa2c2ac1f58be8bd
39fad5815e0fa74f1494a8f276cd3a02625d5b21fb03fc85806d46cd115145bc
3e0f412b397a5ea51acda05cdaa9e4f6505bc2b025e590ce6db633dcd37ae1ee
3eb53b831a002b1c5554dcbf9e45c896d43feed83332d01e69a2e556c01b3c8c
46a5a5b5b21eb40e900ef30a427cade09fa2ea00730e21fdcf7cb60ffd4fb773
4d0f320c1c5a060c3bb55bd2a749eae13a02174a0e171cfa2973a97f6bb3c715
64a23d14eac39b6b8ecaecf2ba46a08434c10adbc750a96584d1634720cbac72
8552877db6dd5a0432d9e844098ac54f877e7117c55d59ee4bdfde707fb892e6
8d21a8e24e3285a43446a1ec5e9718110b6891616bae6f82e08c406f6719593c
90d2fcfe95acc3fc1b0a378ed5c8800ad23950a4b6caef825a20e8121f77341b
a72dd5bd0375e964d72bcfcc77e4b9a653c12b4f98aab5d078fc6bed54dfc91a
b8f6c3e0958b3543143cc0b512e7a9ad87d22580a30f7ce5071171ffddfeffc3
c72b33b33debcfbdad1988a061373bb9042b45234b4b198e174d5723bda7c5fb
c8ad183c802adcee370805b5108f385db3b7506f6a50410156b0a74009e607e3
e8bd6617a03209b4548272162e76c88161fae4210c716a90f8886f8f402f55b9
fd710334e8e9ea09c46bf37ad1167ccc073c1ab215c3d9ae7047b0448451a9c3
fd83df9f28a502aa8f31e2abe51abb573166de3fada0f55d53d8a0679662d21b