infoaboutcarsten.org
Open in
urlscan Pro
172.67.196.99
Malicious Activity!
Public Scan
Effective URL: https://infoaboutcarsten.org/land/
Submission: On July 19 via api from LU — Scanned from CA
Summary
TLS certificate: Issued by GTS CA 1P5 on May 22nd 2024. Valid for: 3 months.
This is the only time infoaboutcarsten.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Lion's Den Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 172.67.196.99 172.67.196.99 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
infoaboutcarsten.org
infoaboutcarsten.org |
1 MB |
7 | 1 |
Domain | Requested by | |
---|---|---|
7 | infoaboutcarsten.org |
infoaboutcarsten.org
|
7 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
ringtrackz.io |
Subject Issuer | Validity | Valid | |
---|---|---|---|
infoaboutcarsten.org GTS CA 1P5 |
2024-05-22 - 2024-08-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://infoaboutcarsten.org/land/
Frame ID: 2526BBFC3C928F20F5AB0D3B8C1DF311
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
Die Deutsche Bundesbank verklagt Carsten Mashmeyer wegen seiner Äußerungen im Live-TV. Jeder in Deutschland sollte die Wahrheit kennen!Page URL History Show full URLs
-
http://infoaboutcarsten.org/land/
HTTP 307
https://infoaboutcarsten.org/land/ Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Navigation
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://infoaboutcarsten.org/land/
HTTP 307
https://infoaboutcarsten.org/land/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
infoaboutcarsten.org/land/ Redirect Chain
|
651 KB 433 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t1.jpg
infoaboutcarsten.org/land/ |
15 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t2.jpg
infoaboutcarsten.org/land/ |
107 KB 107 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t3.jpg
infoaboutcarsten.org/land/ |
75 KB 76 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t4.jpg
infoaboutcarsten.org/land/ |
76 KB 77 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t5.jpg
infoaboutcarsten.org/land/ |
275 KB 276 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t6.jpg
infoaboutcarsten.org/land/ |
86 KB 86 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
18 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
90 KB 90 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
94 KB 94 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
90 KB 90 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Lion's Den Scam (Online)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| getURLParameter0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
infoaboutcarsten.org
172.67.196.99
1707346b93ea4f91be70ba1d144c800813af2ef6d7bf2a9785665d2e9764b4c8
35a930950a6e1f5d23a961d3bcacc816765906da7d811bccf88744f1c4e28156
4321aaa0b7ff06b546cbbce19b73ef2cd792feafcf396a05b76feaa38c85725a
4a6d8231f1c78ea947a304c1a1bf84cbc0dca7fb15c25fc976244e2f83f03055
5e4a39e9f9298e25b326bd92f08b9cca6b15f0d617677c8ef2a6a3c037a8a0a1
66936b9633d7644dd41f5e7f1cfb6b41083ee1ee671e51fc3a4ae640b5b63bb7
76d5655f1666798fdea6db0e438de0108ae6d31044b752b288a2038eb6ceee0d
7ad8a3923844b448bc657c343991c26f2d1791c3a6f25d6eee626ccfd4b6f5c0
93c30685dd05eae58878048e6f7eae7eaf746c2115ae8a9c1f6b028716f0f832
b4ab8cc0c2b31a7176025451c898c0f228228c4db2a4392cef152050254713e2
b4ef2e070902406829c554fd308b47325883ed35e62034823fd1b72f873fee98
ddcd80bbb6036874adf6332407be38b877daa34f500524ed61e57e1acf6c13ef
df99f7229bbfb0bdf5ed771fca5acc2fcbe96e41429bc2b2451f238c42d3f948
f5653349d4d9eade79c3484fc521672332ffba22afbf1022e80ecb56973814c4
f6894acedc5915b51c9f1857f0da8ea062475edaff3b391b7cd7ffdf7115ad91
fc1f7450891a296586ab423a7bb208a17c3befa5495d1fbbb71285324e5546c2