aggregatedpayment.com Open in urlscan Pro
193.143.1.14 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://aggregatedpayment.com/aml/
Submission Tags: @ecarlesi possiblethreat phishing opendir Search All
Submission: On June 25 via api (June 25th 2024, 8:19:51 pm UTC) from IT — Scanned from IT

Summary HTTP 81 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 81 HTTP transactions. The main IP is 193.143.1.14, located in Moscow, Russian Federation and belongs to PROTON66, RU. The main domain is aggregatedpayment.com.
TLS certificate: Issued by R10 on June 24th 2024. Valid for: 3 months.

This is the only time aggregatedpayment.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
63	193.143.1.14 193.143.1.14	198953 (PROTON66) (PROTON66)
2	104.22.7.217 104.22.7.217	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
2	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
1	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
4	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
1	20.4.130.154 20.4.130.154	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.181.234 142.250.181.234	15169 (GOOGLE) (GOOGLE)
4	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
81	11

63 193.143.1.14 (Moscow, Russian Federation)

ASN198953 (PROTON66, RU)

aggregatedpayment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.7.217 (None, )

ASN13335 (CLOUDFLARENET, US)

web.amlbot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.132 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f3.1e100.net

www.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.4.130.154 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

min-api.cryptocompare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

zxcbaby.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	aggregatedpayment.com aggregatedpayment.com	2 MB
5	gstatic.com www.gstatic.com fonts.gstatic.com	89 KB
4	zxcbaby.ru zxcbaby.ru	16 KB
2	google.it www.google.it — Cisco Umbrella Rank: 20474	563 B
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 5	88 B
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 70	1 KB
2	amlbot.com web.amlbot.com	138 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	1 KB
1	cryptocompare.com min-api.cryptocompare.com — Cisco Umbrella Rank: 52664	730 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 133	2 KB
81	10

	Domain	Requested by
63	aggregatedpayment.com	aggregatedpayment.com
4	zxcbaby.ru	aggregatedpayment.com
4	fonts.gstatic.com	aggregatedpayment.com fonts.googleapis.com
2	www.google.it	aggregatedpayment.com
2	www.google.com	1 redirects aggregatedpayment.com
2	googleads.g.doubleclick.net	1 redirects aggregatedpayment.com
2	web.amlbot.com	aggregatedpayment.com
1	fonts.googleapis.com	client
1	min-api.cryptocompare.com	aggregatedpayment.com
1	www.gstatic.com	aggregatedpayment.com
1	www.googleadservices.com	aggregatedpayment.com
81	11

This site contains no links.

Subject Issuer	Validity	Valid
*.aggregatedpayment.com R10	`2024-06-24` - `2024-09-22`	3 months	crt.sh
amlbot.com GTS CA 1P5	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.googleadservices.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.it WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.cryptocompare.com Go Daddy Secure Certificate Authority - G2	`2024-04-24` - `2025-05-26`	a year	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
zxcbaby.ru WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://aggregatedpayment.com/aml/
Frame ID: 7347AB8FCD2D37FCE057B3F139D4C083
Requests: 58 HTTP requests in this frame

Frame: https://aggregatedpayment.com/aml/index_files/anchor.html
Frame ID: E8E5655FC6B3C10BA78AA1C8030B34A0
Requests: 8 HTTP requests in this frame

Frame: https://aggregatedpayment.com/aml/index_files/saved_resource(1).html
Frame ID: 78D346F2823B56EE9F3CDBB5C18B55B8
Requests: 1 HTTP requests in this frame

Frame: https://aggregatedpayment.com/aml/index_files/saved_resource(2).html
Frame ID: EA4C829CEF62A588421688145A51E0EB
Requests: 1 HTTP requests in this frame

Frame: https://aggregatedpayment.com/aml/index_files/bc-v4.min.html
Frame ID: 7089DE621F75B1011E92AE13D19F2A62
Requests: 1 HTTP requests in this frame

Frame: https://aggregatedpayment.com/aml/index_files/460079918.html
Frame ID: ED1EBFEB0BB0642222C8069FDCE80A95
Requests: 1 HTTP requests in this frame

Frame: https://aggregatedpayment.com/aml/index_files/16525223156.html
Frame ID: C7FDA31CF1F9791D794B5A7C2263E06E
Requests: 1 HTTP requests in this frame

Frame: https://aggregatedpayment.com/aml/index_files/saved_resource(3).html
Frame ID: 9F6C143A8B196EDAADDC9D0A8486C977
Requests: 1 HTTP requests in this frame

Frame: https://aggregatedpayment.com/aml/index_files/controller-with-preconnect-c30b62c5d05dbd57fc0205019570fc2d.html
Frame ID: DF854A68ABBFC30538FF97AA8CD34C0B
Requests: 3 HTTP requests in this frame

Frame: https://aggregatedpayment.com/aml/index_files/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: F239F118FF8A319E44A2F9755FEA0C39
Requests: 2 HTTP requests in this frame

Frame: https://aggregatedpayment.com/aml/index_files/inner.html
Frame ID: E0DADB5707E0E661DB20303B0F0A0B62
Requests: 3 HTTP requests in this frame

Frame: https://aggregatedpayment.com/aml/index_files/saved_resource.html
Frame ID: CAAD714351D93C39550CB34D1CEEC02F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AMLBot

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

81
Requests

99 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

11
IPs

4
Countries

2565 kB
Transfer

7666 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/460079918/?random=509095947&cv=11&fst=1719154520218&bg=ffffff&guid=ON&async=1&gtm=45be46j0v895870961z8837878660za201zb837878660&gcs=G111&gcd=13v3v3v3v5&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Fweb.amlbot.com%2F&ref=https%3A%2F%2Fweb.amlbot.com%2F&label=A78fCNH154wCEK6GsdsB&hn=www.googleadservices.com&frm=0&tiba=AMLBot&value=0&npa=0&us_privacy=1---&pscdl=noapi&auid=1507149238.1718699910&uaa=x86&uab=64&uafvl=Not%2520A(Brand%3B99.0.0.0%7CGoogle%2520Chrome%3B121.0.6167.140%7CChromium%3B121.0.6167.140&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&capi=1&data=ads_data_redaction%3Dtrue&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSid0cmlnZ2VyLCBldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&eitems=ChEI8NXpswYQxufU48Xxrs-1ARIdADtYj1WvItIpIG1dAHLfKhkxFh2X6HfZh9edwz4&pscrd=IhMIxv_D88n3hgMVGmceAh2t8xIrMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Hmh0dHBzOi8vYWdncmVnYXRlZHBheW1lbnQuY29tLw HTTP 302
https://www.google.com/pagead/1p-conversion/460079918/?random=509095947&cv=11&fst=1719154520218&bg=ffffff&guid=ON&async=1&gtm=45be46j0v895870961z8837878660za201zb837878660&gcs=G111&gcd=13v3v3v3v5&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Fweb.amlbot.com%2F&ref=https%3A%2F%2Fweb.amlbot.com%2F&label=A78fCNH154wCEK6GsdsB&hn=www.googleadservices.com&frm=0&tiba=AMLBot&value=0&npa=0&us_privacy=1---&pscdl=noapi&auid=1507149238.1718699910&uaa=x86&uab=64&uafvl=Not%2520A(Brand%3B99.0.0.0%7CGoogle%2520Chrome%3B121.0.6167.140%7CChromium%3B121.0.6167.140&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&capi=1&data=ads_data_redaction%3Dtrue&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSid0cmlnZ2VyLCBldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIxv_D88n3hgMVGmceAh2t8xIrMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Hmh0dHBzOi8vYWdncmVnYXRlZHBheW1lbnQuY29tLw&is_vtc=1&cid=CAQSGwDaQooLGMJCYuzdmueV4NWJTb6RRIuCjZJaAA&eitems=ChEI8NXpswYQxufU48Xxrs-1ARIdADtYj1UJ7wzeDXZAddZqBMkfDfsI6LIcEuKsZt4&random=2009287590 HTTP 302
https://www.google.it/pagead/1p-conversion/460079918/?random=509095947&cv=11&fst=1719154520218&bg=ffffff&guid=ON&async=1&gtm=45be46j0v895870961z8837878660za201zb837878660&gcs=G111&gcd=13v3v3v3v5&dma=0&tag_exp=0&u_w=1536&u_h=864&url=https%3A%2F%2Fweb.amlbot.com%2F&ref=https%3A%2F%2Fweb.amlbot.com%2F&label=A78fCNH154wCEK6GsdsB&hn=www.googleadservices.com&frm=0&tiba=AMLBot&value=0&npa=0&us_privacy=1---&pscdl=noapi&auid=1507149238.1718699910&uaa=x86&uab=64&uafvl=Not%2520A(Brand%3B99.0.0.0%7CGoogle%2520Chrome%3B121.0.6167.140%7CChromium%3B121.0.6167.140&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&capi=1&data=ads_data_redaction%3Dtrue&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSid0cmlnZ2VyLCBldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIxv_D88n3hgMVGmceAh2t8xIrMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Hmh0dHBzOi8vYWdncmVnYXRlZHBheW1lbnQuY29tLw&is_vtc=1&cid=CAQSGwDaQooLGMJCYuzdmueV4NWJTb6RRIuCjZJaAA&eitems=ChEI8NXpswYQxufU48Xxrs-1ARIdADtYj1UJ7wzeDXZAddZqBMkfDfsI6LIcEuKsZt4&random=2009287590&ipr=y

81 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
aggregatedpayment.com/aml/ 116 KB
31 KB 328ms
105ms Document
text/html 193.143.1.14
PROTON66

General

Source	Level	URL Text
network	error	URL: https://aggregatedpayment.com/aml/index_files/css2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aggregatedpayment.com/aml/index_files/main.1906fbd3.jshyi.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aggregatedpayment.com/aml/index_files/v3 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://aggregatedpayment.com/aml/(Line 1436) Message: Origin trial controlled feature not enabled: 'join-ad-interest-group'.
security	warning	URL: https://aggregatedpayment.com/aml/index_files/anchor.html Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://aggregatedpayment.com/aml/index_files/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aggregatedpayment.com/aml/index_files/recaptcha__ru.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aggregatedpayment.com/aml/index_files/client Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aggregatedpayment.com/aml/index_files/A9Ros6vZskafObX9UNcvkGPMSfRN176OOPR3DhkVE0M.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aggregatedpayment.com/aml/index_files/shared-36ac3d0f4776334271b60c776c16ac16.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aggregatedpayment.com/aml/index_files/controller-22b251ab34d5499c6bde44c9e4d6756c.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aggregatedpayment.com/aml/index_files/out-4.5.43.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aggregatedpayment.com/aml/index_files/out-4.5.43.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aggregatedpayment.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

aggregatedpayment.com Open in urlscan Pro 193.143.1.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

81 Requests

99 %HTTPS

0 %IPv6

10 Domains

11 Subdomains

11 IPs

4 Countries

2565 kBTransfer

7666 kBSize

1 Cookies

0 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

aggregatedpayment.com Open in urlscan Pro
193.143.1.14 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

99 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

11
IPs

4
Countries

2565 kB
Transfer

7666 kB
Size

1
Cookies

81 HTTP transactions
0 data transactions