extorting.art
Open in
urlscan Pro
185.113.141.250
Public Scan
URL:
https://extorting.art/
Submission Tags: falconsandbox
Submission: On December 21 via api from US — Scanned from PT
Submission Tags: falconsandbox
Submission: On December 21 via api from US — Scanned from PT
Summary
This website contacted 3 IPs
in 2 countries
across 2 domains to perform 15 HTTP transactions.
The main IP is 185.113.141.250, located in
Lisbon, Portugal and
belongs to I4W I4W - Web Solutions, Lda, PT.
The main domain is extorting.art.
TLS certificate: Issued by R10 on November 15th 2024. Valid for: 3 months.
This is the only time extorting.art was scanned on urlscan.io!
TLS certificate: Issued by R10 on November 15th 2024. Valid for: 3 months.
This is the only time extorting.art was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 12 | 185.113.141.250 185.113.141.250 | 204094 (I4W I4W) (I4W I4W - Web Solutions) | |
| 1 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 15 | 3 |
12
185.113.141.250
(Lisbon, Portugal)
ASN204094 (I4W I4W - Web Solutions, Lda, PT)
PTR: cp4.maskcloud.net
ASN204094 (I4W I4W - Web Solutions, Lda, PT)
PTR: cp4.maskcloud.net
| extorting.art |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 12 |
extorting.art
extorting.art |
3 MB |
| 1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225 |
15 KB |
| 15 | 2 |
| Domain | Requested by | |
|---|---|---|
| 12 | extorting.art |
extorting.art
|
| 1 | cdnjs.cloudflare.com |
extorting.art
|
| 15 | 2 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| nicknames.pro |
| civilized.me |
| povx.xyz |
| stored.pro |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.extorting.art R10 |
2024-11-15 - 2025-02-13 |
3 months | crt.sh |
| cdnjs.cloudflare.com WE1 |
2024-11-26 - 2025-02-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://extorting.art/
Frame ID: DEBC0EA85EA5402AE0A43430ADF3B602
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
@horrorized OSDetected technologies
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://nicknames.pro/
Title: Start
Title: Start
Search URL Search Domain Scan URL
URL: https://civilized.me/
Title: Civilized.me - BioLink Service
Title: Civilized.me - BioLink Service
Search URL Search Domain Scan URL
URL: https://povx.xyz/
Title: Povx.xyz - IMGUpload Service
Title: Povx.xyz - IMGUpload Service
Search URL Search Domain Scan URL
URL: https://stored.pro/
Title: Stored.pro - File Upload Service
Title: Stored.pro - File Upload Service
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
extorting.art/ |
9 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
styles.css
extorting.art/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/ |
82 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.gif
extorting.art/ |
567 KB 568 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pc.png
extorting.art/ |
553 B 666 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
TXT.png
extorting.art/ |
93 KB 93 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
XML.png
extorting.art/ |
227 KB 227 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
LNG.png
extorting.art/ |
692 KB 693 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Calculator.png
extorting.art/ |
199 KB 199 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cmd.png
extorting.art/ |
92 KB 92 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
music.png
extorting.art/ |
75 KB 75 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mc.png
extorting.art/ |
664 KB 664 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
script.js
extorting.art/ |
8 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
favicon.ico
extorting.art/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
desktop-background.gif
extorting.art/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- extorting.art
- URL
- https://extorting.art/favicon.ico
- Domain
- extorting.art
- URL
- https://extorting.art/desktop-background.gif
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| openWindow function| closeWindow function| startDrag function| updateClock function| appendToDisplay function| clearDisplay function| calculateResult function| processCommand function| ipconfigCommand function| detectBrowser function| loadTrackList function| playTrack function| updateTrackList0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
extorting.art
extorting.art
104.17.25.14
185.113.141.250
0930228bd952508525fde835aaf32fe227b2e7903007f35ac0ff88950dabf1f4
2d04068132c98cc77a13bc64fc9d6a865426617602a393c259a4c6b288669753
464f97c4efb20d8594b1f0cb3c710d12f2e1763d3e7c0af4b529568e461a796e
515d89aba2f0763547fb3f28843278a7bbe286ed88b0676fefbe26d6b82d85b1
7a3cc14aca11c5775e087a880886a41af271fb33fa2e42270a20e35196799c13
91c63508c496d92d7a1e7f8bec66b6fe3522579bf712142194525709bc5f3c6b
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
ac378555113e6858570a543af11fa6455dc84ddbeff8d81396a5a79995c787d3
d1c1ccb43899abdb1163ba9be37b13b9786bd6f8886baed990b70b5ae1f89ec3
ec8898fa7a294a4c40de6678d5dcb2b0ec2df72cadbca39c9e6e36cf6ee205e0
edaf66c87b014cb47db30c67a55bf46c28b1f2188fb31c29de1733df7500d5ba
f281a5cc6feb7a92653dd619a02e4cba8047c69bef6e789b86b023c68469bcfe
f8ea19390898f4e70086092efe6854585980f999a8a865a2ee57af55bc97b087