mt5-deriv-server-02.netlify.app Open in urlscan Pro
3.75.10.80 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mt5-deriv-server-02.netlify.app/
Effective URL:
https://mt5-deriv-server-02.netlify.app/
Submission Tags: @phish_report
Submission: On November 06 via api (November 6th 2024, 7:36:46 am UTC) from FI — Scanned from FI

Summary HTTP 6 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 3.75.10.80, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is mt5-deriv-server-02.netlify.app.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on January 15th 2024. Valid for: a year.

This is the only time mt5-deriv-server-02.netlify.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Deriv (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1	3.75.10.80 3.75.10.80	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
2	172.217.18.106 172.217.18.106	15169 (GOOGLE) (GOOGLE)
2	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
6	5

1 3.75.10.80 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-10-80.eu-central-1.compute.amazonaws.com

mt5-deriv-server-02.netlify.app	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 172.217.18.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f10.1e100.net

firebasestorage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 firebasestorage.googleapis.com — Cisco Umbrella Rank: 7245	15 KB
2	gstatic.com fonts.gstatic.com	40 KB
1	netlify.app mt5-deriv-server-02.netlify.app	10 KB
6	3

	Domain	Requested by
2	fonts.gstatic.com	mt5-deriv-server-02.netlify.app
2	firebasestorage.googleapis.com	mt5-deriv-server-02.netlify.app
1	fonts.googleapis.com	mt5-deriv-server-02.netlify.app
1	mt5-deriv-server-02.netlify.app
6	4

This site contains links to these domains. Also see Links.

Domain
accounts.google.com
facebook.com
appleid.apple.com
deriv.com

Subject Issuer	Validity	Valid
*.netlify.app DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-15` - `2025-02-14`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mt5-deriv-server-02.netlify.app/
Frame ID: 8D694951FF09B7C1A6848DD15D2216B4
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in | Deriv.com

Page URL History Show full URLs

http://mt5-deriv-server-02.netlify.app/ HTTP 307
https://mt5-deriv-server-02.netlify.app/ Page URL

Detected technologies

Netlify (PaaS) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.netlify\.(?:com|app)/

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

65 kB
Transfer

103 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://accounts.google.com/o/oauth2/v2/auth?client_id=946366519426-7b697p8590q1a53pmc727iigp1gmbgit.apps.googleusercontent.com&scope=openid%20email&response_type=code&redirect_uri=https%3A%2F%2Foauth.deriv.com%2Foauth2%2Fsocial-login%2Fcallback%2Fgoogle&code_challenge=9lpXFEX82DyntU6PagwoeJrQbyL7xOSDf5LjpitRkCo&code_challenge_method=S256&nonce=01l1hjC%2BPQE1sr7gEQfudICx39XRkcPaf5sppjRy%2BeY%3D&state=nuDgAuvDFW%2FvNppieW4ACl0NEBGUTxBTQF%2F02wcL%2Fz8%3D
Title: Google

Search URL Search Domain Scan URL

URL: https://facebook.com/dialog/oauth?client_id=464524112160643&scope=openid%20email&response_type=code&redirect_uri=https%3A%2F%2Foauth.deriv.com%2Foauth2%2Fsocial-login%2Fcallback%2Ffacebook&code_challenge=OxkE7Z2atW3rMI_iVj1uLNyU1ic9vxrDGEmRG-m_8tI&code_challenge_method=S256&nonce=av9vDxXRwO%2ByX4SeUMSnINNUnvvsJjkFaxZDXYpfiwA%3D&state=PshrvLMLPJ9IemQfYtSHALLLjZuVURCPhLRrEsLPpJc%3D
Title: Facebook

Search URL Search Domain Scan URL

URL: https://appleid.apple.com/auth/authorize?client_id=com.deriv.svc.social-login&scope=openid%20email&response_type=code&redirect_uri=https%3A%2F%2Foauth.deriv.com%2Foauth2%2Fsocial-login%2Fcallback%2Fapple&code_challenge=3d6_E5cT0VoIfaj3IQ7PBKZmPdxE74wuTswTz31Tsq8&code_challenge_method=S256&nonce=qMd9I7w9Qc%2F29216mnlCyr5Wv%2FGhoG2cEWSxuJxgCNs%3D&state=5zj6a9DplziU7DVKWMkB6DBOgiq%2FUOKP3fpKpjKspJ8%3D&response_mode=form_post
Title: Apple

Search URL Search Domain Scan URL

URL: https://deriv.com/signup/
Title: Create a new account

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mt5-deriv-server-02.netlify.app/ HTTP 307
https://mt5-deriv-server-02.netlify.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mt5-deriv-server-02.netlify.app/
Redirect Chain

http://mt5-deriv-server-02.netlify.app/
https://mt5-deriv-server-02.netlify.app/

42 KB
10 KB

1024ms
128ms

Document
text/html

3.75.10.80
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://mt5-deriv-server-02.netlify.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.75.10.80 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-10-80.eu-central-1.compute.amazonaws.com

Software

Netlify /

Resource Hash

e4cddf99b0dd97a149d92ec74bc2cffc761ff7eecde09bed88a9761b01e9d4e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 4357
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-length: 9486
content-type: text/html; charset=UTF-8
date: Wed, 06 Nov 2024 07:36:47 GMT
etag: "f2a30f6524de9173502e0006f5e87493-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01JC06F486QJWA0BA52NJ85CPP

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://mt5-deriv-server-02.netlify.app/
Non-Authoritative-Reason: HSTS

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 991ms
198ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans:300,600&display=swap

Requested by

Host: mt5-deriv-server-02.netlify.app
URL: https://mt5-deriv-server-02.netlify.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

4348441e29f101dc491628fdecea3d66dc02fba94aa892b88965ee6ea56dd782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mt5-deriv-server-02.netlify.app/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 07:36:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 07:36:48 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 06 Nov 2024 07:36:48 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 image-removebg-preview%20(1).png
firebasestorage.googleapis.com/v0/b/bnc-images.appspot.com/o/ 11 KB
12 KB 2514ms
1658ms Image
image/png 172.217.18.106
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://firebasestorage.googleapis.com/v0/b/bnc-images.appspot.com/o/image-removebg-preview%20(1).png?alt=media&token=b161747e-43d9-4134-af54-fff65cdb4dda
Requested by: Host: mt5-deriv-server-02.netlify.app
URL: https://mt5-deriv-server-02.netlify.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f10.1e100.net
Software: UploadServer /
Resource Hash: 7d020b05f6eaa00756667dd6ab0a0fba6409515b254891f97fe353bbce124a1e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mt5-deriv-server-02.netlify.app/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=9sv3XA==, md5=wFCJ8UrCHjyaQTCX9AG/kw==
etag: "c05089f14ac21e3c9a413097f401bf93"
x-goog-stored-content-encoding: identity
expires: Wed, 06 Nov 2024 07:36:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 11766
date: Wed, 06 Nov 2024 07:36:50 GMT
last-modified: Sat, 27 Jul 2024 09:49:29 GMT
content-type: image/png
content-disposition: inline; filename*=utf-8''image-removebg-preview%20%281%29.png
x-guploader-uploadid: AHmUCY1K64yToKqE5d4YZrUT5IluLM9fXDTodMV6zvjyb35sPftojqAlSvCRPMdoQfSRKUqcIf70IHKtlw
cache-control: private, max-age=0
x-goog-storage-class: STANDARD
x-goog-meta-firebasestoragedownloadtokens: b161747e-43d9-4134-af54-fff65cdb4dda
accept-ranges: bytes
x-goog-generation: 1722073769690839
content-length: 11766
server: UploadServer

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 20 KB
20 KB 978ms
271ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdA.woff2

Requested by

Host: mt5-deriv-server-02.netlify.app
URL: https://mt5-deriv-server-02.netlify.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

bd8cf80ac0e7f7fa126a0cbe0f16d568325a156ca744e8f1e6aef14a9f23e2b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://mt5-deriv-server-02.netlify.app
Referer: https://mt5-deriv-server-02.netlify.app/

Response headers

age: 114114
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 23:54:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 23:54:54 GMT
last-modified: Tue, 02 May 2023 16:04:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20352
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 933 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecb2029f09f5a419b3066acc84b648d6cc737134f3b46b551bcaf950189507da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cadcdef88dde0ced17d2b26f1829f481f8fb87c7e88cb89c1b5bee38e681a8cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 537 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d207fd2aa4294b1c36ea244e135686c2906cbdcb4e462f7ae8dbfdd27260381a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e6f6ea9b018e5f54b3b1bd00abb1ab2f1368fd91ee9f7b8cce95ffbad567e88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 20 KB
20 KB 952ms
245ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2

Requested by

Host: mt5-deriv-server-02.netlify.app
URL: https://mt5-deriv-server-02.netlify.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

31535a91ce3f6b8ed3ddedadab1e49957e2220263a640df1a3f14f6fdfe15eb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://mt5-deriv-server-02.netlify.app
Referer: https://mt5-deriv-server-02.netlify.app/

Response headers

age: 576250
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:32:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:32:38 GMT
last-modified: Tue, 02 May 2023 16:19:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20356
x-xss-protection: 0
server: sffe

GET
H2 200 favicon.webp
firebasestorage.googleapis.com/v0/b/app-deriv.appspot.com/o/ 1 KB
2 KB 612ms
611ms Other
image/webp 172.217.18.106
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://firebasestorage.googleapis.com/v0/b/app-deriv.appspot.com/o/favicon.webp?alt=media&token=3bd14e55-5e85-4ab4-84a9-0ca96599413f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f10.1e100.net
Software: UploadServer /
Resource Hash: f83d10277c189a2b291399466259183aa6427555ccd2252d09542cc0b8fbcac5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://mt5-deriv-server-02.netlify.app/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=cTl+uQ==, md5=6VZ7qrBJ/vaqAEeZ/Ic6BQ==
etag: "e9567baab049fef6aa004799fc873a05"
x-goog-stored-content-encoding: identity
expires: Wed, 06 Nov 2024 07:36:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1256
date: Wed, 06 Nov 2024 07:36:51 GMT
last-modified: Sat, 24 Jun 2023 11:28:15 GMT
content-type: image/webp
content-disposition: inline; filename*=utf-8''favicon.webp
x-guploader-uploadid: AHmUCY22FIZoKmrq7GIalpIyXACqaFr32j6sxZoCvqHpZKxNN7hw3gpULpSnwCaUQknLBDodFzU3afJGvg
cache-control: private, max-age=0
x-goog-storage-class: STANDARD
x-goog-meta-firebasestoragedownloadtokens: 3bd14e55-5e85-4ab4-84a9-0ca96599413f
accept-ranges: bytes
x-goog-generation: 1687606095675620
content-length: 1256
server: UploadServer

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Deriv (Financial)

12 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

firebasestorage.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
mt5-deriv-server-02.netlify.app
142.250.185.227
142.250.186.42
172.217.18.106
3.75.10.80
31535a91ce3f6b8ed3ddedadab1e49957e2220263a640df1a3f14f6fdfe15eb6
4348441e29f101dc491628fdecea3d66dc02fba94aa892b88965ee6ea56dd782
4e6f6ea9b018e5f54b3b1bd00abb1ab2f1368fd91ee9f7b8cce95ffbad567e88
7d020b05f6eaa00756667dd6ab0a0fba6409515b254891f97fe353bbce124a1e
bd8cf80ac0e7f7fa126a0cbe0f16d568325a156ca744e8f1e6aef14a9f23e2b2
cadcdef88dde0ced17d2b26f1829f481f8fb87c7e88cb89c1b5bee38e681a8cb
d207fd2aa4294b1c36ea244e135686c2906cbdcb4e462f7ae8dbfdd27260381a
e4cddf99b0dd97a149d92ec74bc2cffc761ff7eecde09bed88a9761b01e9d4e4
ecb2029f09f5a419b3066acc84b648d6cc737134f3b46b551bcaf950189507da
f83d10277c189a2b291399466259183aa6427555ccd2252d09542cc0b8fbcac5

mt5-deriv-server-02.netlify.app Open in urlscan Pro 3.75.10.80 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

100 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

5 IPs

2 Countries

65 kBTransfer

103 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Window variables

0 Cookies

Security Headers

Indicators

mt5-deriv-server-02.netlify.app Open in urlscan Pro
3.75.10.80 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

65 kB
Transfer

103 kB
Size

0
Cookies

6 HTTP transactions
4 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!