financenews24.top
Open in
urlscan Pro
2606:4700:3031::ac43:8619
Malicious Activity!
Public Scan
Submission: On October 18 via api from US — Scanned from US
Summary
TLS certificate: Issued by E1 on August 23rd 2023. Valid for: 3 months.
This is the only time financenews24.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Investment Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
24 | 2606:4700:303... 2606:4700:3031::ac43:8619 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 18.208.62.125 18.208.62.125 | 14618 (AMAZON-AES) (AMAZON-AES) | |
25 | 2 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-62-125.compute-1.amazonaws.com
re.redirectfor.money |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
financenews24.top
financenews24.top |
1 MB |
1 |
redirectfor.money
re.redirectfor.money |
|
25 | 2 |
Domain | Requested by | |
---|---|---|
24 | financenews24.top |
financenews24.top
|
1 | re.redirectfor.money |
financenews24.top
|
25 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
intscross-floans.icu |
Subject Issuer | Validity | Valid | |
---|---|---|---|
financenews24.top E1 |
2023-08-23 - 2023-11-21 |
3 months | crt.sh |
re.redirectfor.money R3 |
2023-09-12 - 2023-12-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://financenews24.top/de/finanz/?on=Bitcoin%20360%20AI&cep=rQ58_S-zL2CtZCF2HGivPdwvrUK35TigE-G_roF7RX0v0Cnw9xDonW1nHHyU7sshdK5TnPCl_ZAMDjsPsmNuOTpHcya4CX1ucvWOgZ_To3AudCIIN-CG7DlCCPDqL4sM2yg4TnqB3jGkCFtsVuHqx2ZVdyXyHeKY_b5h8kpjv_qvgJkJT2zwuafAZrmnqlkn9bxaUhFOUQqIsYOg5KqB-jx7pdoJfxU4Jy0rAUAMGISc_JrqpmUEi1ZKDNL0DlWmILLycmt3maIWdM0poB7Lf45MO76jnORwOdgSfv80YnBeD4xmkrZ_0TD9zCOAs
Frame ID: 651B861489058AACC7160C00052156B7
Requests: 25 HTTP requests in this frame
Screenshot
Page Title
Das neue große Start-Up nach Google und Facebook, das Sie in 7 Tagen reich macht! (Und es funktioniert tatsächlich)Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: document.write(offername);Bitcoin 360 AI
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
financenews24.top/de/finanz/ |
34 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
financenews24.top/de/finanz/ |
152 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
normalize.css
financenews24.top/de/finanz/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
financenews24.top/de/finanz/ |
20 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
financenews24.top/includes/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
viewer.js
financenews24.top/includes/ |
838 B 749 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header-logos-mobile.png
financenews24.top/de/finanz/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header-logos-desktop.png
financenews24.top/de/finanz/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
photo-1.jpg
financenews24.top/de/finanz/ |
425 KB 426 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social-media-logos-mobile.png
financenews24.top/de/finanz/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
photo-2.png
financenews24.top/de/finanz/ |
128 KB 128 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
photo-3.png
financenews24.top/de/finanz/ |
173 KB 174 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
step-1.png
financenews24.top/de/finanz/ |
291 KB 291 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
step-2.png
financenews24.top/de/finanz/ |
109 KB 110 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
step-3.png
financenews24.top/de/finanz/ |
84 KB 84 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us1.jpg
financenews24.top/de/finanz/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
likes.png
financenews24.top/de/finanz/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us7.jpg
financenews24.top/de/finanz/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us2.jpg
financenews24.top/de/finanz/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us3.jpg
financenews24.top/de/finanz/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us4.jpg
financenews24.top/de/finanz/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us5.jpg
financenews24.top/de/finanz/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us6.jpg
financenews24.top/de/finanz/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
view.php
financenews24.top/includes/ |
0 490 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
.js
re.redirectfor.money/d/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Investment Scam (Online)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| getUrlParameter string| offername undefined| pvar undefined| tvar undefined| dvar undefined| ivar undefined| ptvar undefined| geovar function| dtpCallback0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
financenews24.top
re.redirectfor.money
18.208.62.125
2606:4700:3031::ac43:8619
0773fdbe6089556e9d0d60eef0116dbf389d3e5b46260c038ec529f24242c28a
09adb6e12237a6a2b4ad1d0f7ee9dcde98020012a388323244b6384795afbc5f
161e8031194497a35e2ad2f65e5de23444bb0cbc118ea88620f1ff8174560d69
16d583bc7d07555792d96fd52a15aa495177b765c6634448f4f16366645c666b
2774fb20380ed3a017437443fe8fe6fbd3d380b665a26ac3fb05fd3afd42f857
2a8d537115d9fc3454ef0c7f7a295e080ee2e144cbf432c744e1f9998d8c6144
381b0b56f2697551469c90012fc56f53249b1ffb1b4092b7ee6b5a1617b0415f
3d9d701064394957a3f05675ac5f3f44034efcd1943af19d22615dd651921bbc
3e03ddffbc08ffaca73c2e955040f1eded42fef98954d9f385d4b32c2ce614c9
5a772412417d5581a72b069bce236017bc4984989f8b24211a43177da5bf7c5d
5bfb2e71c69fc2a5dfad3e38be6d0031338f0b12949fdbf0e51a3fca1cbd28ce
5ee2d8af2f5bb096f1278005375a1fef4d7ea6c3b15b016a854f2bdfde218fe5
63324b5e3bccac5d057a89f63faa01e0bceb52d2db77b21a21563829ad9e96a4
7aec74640ff30a859f7ab793d380fb533f2de5d7d588603a2b5231b6fa5d3c64
8bb531477dc85dec8fb6eca6104a5b5781d0931056efd641526e4d5de596e578
bd3f310b01b212766b50f4ab9cc25006ab04c42e43c748e7bf13b04c0b8b9766
c858d7f8128b57cfc1f6682efb7819d1f907334e610ffb755d39bee9c1c614e8
d060284b9f341185c2573615dadf065b40e9fb9bf455d7c70ee771290bde9bc5
db35192a37effc5dfe0c92172f2a75b847f836769549ca6f3880adafb0b75e04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec602d0d0efdc1310e8e104a7fbd2e0501bb039cb26fef2b8a0bb4edab575836
f71d00281eca278509f81bb484b87eb53b8be57e13ee434d1b7c69aada264bc8
f74f1e5a65f0a7ca0f98314faeb1b436cc24919ed7df238f9312a8efc30ebe1a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d