exp-domein.com
Open in
urlscan Pro
153.120.87.180
Public Scan
Effective URL: https://exp-domein.com/
Submission Tags: phishtake
Submission: On January 26 via api from JP
Summary
TLS certificate: Issued by R3 on January 16th 2021. Valid for: 3 months.
This is the only time exp-domein.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 153.120.87.180 153.120.87.180 | 7684 (SAKURA-A ...) (SAKURA-A SAKURA Internet Inc.) | |
1 | 2a04:4e42:3::720 2a04:4e42:3::720 | 54113 (FASTLY) (FASTLY) | |
5 | 2 |
ASN7684 (SAKURA-A SAKURA Internet Inc., JP)
PTR: ex-pa.jp
exp-domein.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
exp-domein.com
1 redirects
exp-domein.com |
335 KB |
1 |
imgix.net
expt-web-img.imgix.net |
7 KB |
5 | 2 |
Domain | Requested by | |
---|---|---|
5 | exp-domein.com |
1 redirects
exp-domein.com
|
1 | expt-web-img.imgix.net |
exp-domein.com
|
5 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
exp-domein.com R3 |
2021-01-16 - 2021-04-16 |
3 months | crt.sh |
imgix.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-08-06 - 2021-08-07 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://exp-domein.com/
Frame ID: D546AF8F82209F920524FE448FE94605
Requests: 5 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://exp-domein.com/signin.php
HTTP 302
https://exp-domein.com/ Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://exp-domein.com/signin.php
HTTP 302
https://exp-domein.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
exp-domein.com/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
exp-domein.com/c2/css/ |
143 KB 143 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.css
exp-domein.com/c2/css/ |
37 KB 37 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
exp-domein.com/c2/css/ |
153 KB 153 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pay_event_apologize.jpg
expt-web-img.imgix.net/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
exp-domein.com
expt-web-img.imgix.net
153.120.87.180
2a04:4e42:3::720
67386dfc89f862a18f531a68507a146192ca44ba24fc0cb56bd35c0475831e9b
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a
a630132304ed10d5aa320d8f043ba963ffac4770aeb554986a1f34aa6a55f543
e4747ceac8d4778a467c0298a46919c841c5135019f8c49706ff5cdc92351d36
f24f6983004773f94af2acd753385f033aecd026c77823669dce22ebc8f8c66a