stellargrove.org
Open in
urlscan Pro
2606:4700:3030::6815:c68
Malicious Activity!
Public Scan
Effective URL: https://stellargrove.org/land/?offer=Wealthy%20Digital%20AI&cep=E-KwoyEPPqcsOJ2B_ZLHxqFwB9DUx1BkXA2VxpGgcoXaHfmcwOCyhifkf...
Submission: On July 04 via api from LU — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on June 4th 2024. Valid for: 3 months.
This is the only time stellargrove.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Lion's Den Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 18.159.13.173 18.159.13.173 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 2606:4700:303... 2606:4700:3030::6815:c68 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 172.67.132.16 172.67.132.16 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 3 |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-13-173.eu-central-1.compute.amazonaws.com
ringtrackz.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
stellargrove.org
1 redirects
stellargrove.org |
2 MB |
1 |
ringtrackz.io
1 redirects
ringtrackz.io |
1 KB |
7 | 2 |
Domain | Requested by | |
---|---|---|
8 | stellargrove.org |
1 redirects
stellargrove.org
|
1 | ringtrackz.io | 1 redirects |
7 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
ringtrackz.io |
Subject Issuer | Validity | Valid | |
---|---|---|---|
stellargrove.org GTS CA 1P5 |
2024-06-04 - 2024-09-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://stellargrove.org/land/?offer=Wealthy%20Digital%20AI&cep=E-KwoyEPPqcsOJ2B_ZLHxqFwB9DUx1BkXA2VxpGgcoXaHfmcwOCyhifkfDGHMIZ4Z0TQAxOmBz2oBcLHIUz5vF6cIm906_K2BMjtZbho72CzH7-O4g41xck0eNYAN9BOcK2odiLDAdJMybxOAovrc13_J5lnG1aHMNHgYHdmjTkq05TsD00TddkyVHc88JdAwj611GYJAKeA2ZWM6_U3aWbV2gqKh17WXAKqQEwD_df-bgBFcaQNChKrFBuRHGnssnZEjDGqo56LRR59bpvoXF2STS_0LpvjW0ge-7VeBjuztBamdS9o_awcti-zy8b_VmUhZzACi7BOGGPyKHeYlLvPsB0YaSTXxSgiz4FHicE&lptoken=171a202912af55fd901d
Frame ID: 069110F62064E30F81EC54926B1DA57F
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
Die Deutsche Bundesbank verklagt Tim Mälzer wegen seiner Äußerungen im Live-TV. Jeder in Deutschland sollte die Wahrheit kennen!Page URL History Show full URLs
-
http://ringtrackz.io/1b4c5d91-b01d-40b3-bf23-7bce924c3d37
HTTP 307
https://ringtrackz.io/1b4c5d91-b01d-40b3-bf23-7bce924c3d37 HTTP 302
https://stellargrove.org/land?offer=Wealthy%20Digital%20AI&cep=E-KwoyEPPqcsOJ2B_ZLHxqFwB9DUx1BkXA2Vxp... HTTP 301
http://stellargrove.org/land/?offer=Wealthy%20Digital%20AI&cep=E-KwoyEPPqcsOJ2B_ZLHxqFwB9DUx1BkXA2Vx... HTTP 307
https://stellargrove.org/land/?offer=Wealthy%20Digital%20AI&cep=E-KwoyEPPqcsOJ2B_ZLHxqFwB9DUx1BkXA2Vx... Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Navigation
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ringtrackz.io/1b4c5d91-b01d-40b3-bf23-7bce924c3d37
HTTP 307
https://ringtrackz.io/1b4c5d91-b01d-40b3-bf23-7bce924c3d37 HTTP 302
https://stellargrove.org/land?offer=Wealthy%20Digital%20AI&cep=E-KwoyEPPqcsOJ2B_ZLHxqFwB9DUx1BkXA2VxpGgcoXaHfmcwOCyhifkfDGHMIZ4Z0TQAxOmBz2oBcLHIUz5vF6cIm906_K2BMjtZbho72CzH7-O4g41xck0eNYAN9BOcK2odiLDAdJMybxOAovrc13_J5lnG1aHMNHgYHdmjTkq05TsD00TddkyVHc88JdAwj611GYJAKeA2ZWM6_U3aWbV2gqKh17WXAKqQEwD_df-bgBFcaQNChKrFBuRHGnssnZEjDGqo56LRR59bpvoXF2STS_0LpvjW0ge-7VeBjuztBamdS9o_awcti-zy8b_VmUhZzACi7BOGGPyKHeYlLvPsB0YaSTXxSgiz4FHicE&lptoken=171a202912af55fd901d HTTP 301
http://stellargrove.org/land/?offer=Wealthy%20Digital%20AI&cep=E-KwoyEPPqcsOJ2B_ZLHxqFwB9DUx1BkXA2VxpGgcoXaHfmcwOCyhifkfDGHMIZ4Z0TQAxOmBz2oBcLHIUz5vF6cIm906_K2BMjtZbho72CzH7-O4g41xck0eNYAN9BOcK2odiLDAdJMybxOAovrc13_J5lnG1aHMNHgYHdmjTkq05TsD00TddkyVHc88JdAwj611GYJAKeA2ZWM6_U3aWbV2gqKh17WXAKqQEwD_df-bgBFcaQNChKrFBuRHGnssnZEjDGqo56LRR59bpvoXF2STS_0LpvjW0ge-7VeBjuztBamdS9o_awcti-zy8b_VmUhZzACi7BOGGPyKHeYlLvPsB0YaSTXxSgiz4FHicE&lptoken=171a202912af55fd901d HTTP 307
https://stellargrove.org/land/?offer=Wealthy%20Digital%20AI&cep=E-KwoyEPPqcsOJ2B_ZLHxqFwB9DUx1BkXA2VxpGgcoXaHfmcwOCyhifkfDGHMIZ4Z0TQAxOmBz2oBcLHIUz5vF6cIm906_K2BMjtZbho72CzH7-O4g41xck0eNYAN9BOcK2odiLDAdJMybxOAovrc13_J5lnG1aHMNHgYHdmjTkq05TsD00TddkyVHc88JdAwj611GYJAKeA2ZWM6_U3aWbV2gqKh17WXAKqQEwD_df-bgBFcaQNChKrFBuRHGnssnZEjDGqo56LRR59bpvoXF2STS_0LpvjW0ge-7VeBjuztBamdS9o_awcti-zy8b_VmUhZzACi7BOGGPyKHeYlLvPsB0YaSTXxSgiz4FHicE&lptoken=171a202912af55fd901d Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
stellargrove.org/land/ Redirect Chain
|
649 KB 434 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
t1b.jpg
stellargrove.org/land/ |
219 KB 220 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
t2.jpg
stellargrove.org/land/ |
373 KB 374 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
t3.jpg
stellargrove.org/land/ |
303 KB 303 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
t4.jpg
stellargrove.org/land/ |
314 KB 315 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
t5.jpg
stellargrove.org/land/ |
275 KB 276 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
t6.jpg
stellargrove.org/land/ |
279 KB 280 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
18 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
90 KB 90 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
94 KB 94 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
90 KB 90 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Lion's Den Scam (Online)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| getURLParameter2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ringtrackz.io/ | Name: 1b4c5d91-b01d-40b3-bf23-7bce924c3d37-v4 Value: ZOzIuOr1ptCuhhJr_F6V0mTmtlbboqjJEt-aMs7YzeA |
|
.ringtrackz.io/ | Name: cep-v4 Value: xSAQXyWoCS8WNvDQZmHAhjZRbb8C50dhsxhw9xlHhNpMh0To5P79EI-6DUf0-3XzWpbmkvKKKBejYO_3QDWDH2aKdz4sZeSdYqtt6JLmqfo-0HsTqtjMplJ_sQ2ldyXr-h-8zaAsg3H7BS3ChIGDOs0XdnxdFZDMYnMMfR2Q4oqCF2ACZxEXQFoMXxBbdqJTDBfSqPG7no8T9bLsZ-hxMm5gwCcDFtHjuRFXCgfX6s9UoaUVjzZSIAIvKWH-W2Qk5IuyL0j6FBLWC1msrfSegnwNFVRaKH8aPEoWq8XqjB4krZ5oSV3LZnD9jNW35iCfcoaVNOa2Y0oiYb38_1krIIEQ7W3M-IxXvpTeNwJN9Wc |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ringtrackz.io
stellargrove.org
172.67.132.16
18.159.13.173
2606:4700:3030::6815:c68
1707346b93ea4f91be70ba1d144c800813af2ef6d7bf2a9785665d2e9764b4c8
20905e8a25448c3e71ba551d7e4b8a45bde8f3f7cd00cefb879631e0865a0bd7
4321aaa0b7ff06b546cbbce19b73ef2cd792feafcf396a05b76feaa38c85725a
48d0daea4cab472015daaf52b83caf4a47763f83cdaf1357973282fcd72c9318
4ada1dee2339e329580a20375c7e334fe9f9097ba090206cf079d1df9d403479
5e4a39e9f9298e25b326bd92f08b9cca6b15f0d617677c8ef2a6a3c037a8a0a1
68dcd7926195fef108e8debeee26356323d245057d0db098581d2c56313ac9da
7ad8a3923844b448bc657c343991c26f2d1791c3a6f25d6eee626ccfd4b6f5c0
878ef0d02f28b6f21a4adf34f7600041b93a33549df2f964407bde6c35c4c841
b4ab8cc0c2b31a7176025451c898c0f228228c4db2a4392cef152050254713e2
b6e50a903f20a22452d9acc3df2bee3402cdadff98d1ef5ab1d0758a3999132e
bf11168c41ae299d3efccf1674649f284228e39050b587d3431a12af0e87b972
ddcd80bbb6036874adf6332407be38b877daa34f500524ed61e57e1acf6c13ef
df99f7229bbfb0bdf5ed771fca5acc2fcbe96e41429bc2b2451f238c42d3f948
f5653349d4d9eade79c3484fc521672332ffba22afbf1022e80ecb56973814c4
fa03ffe28ab28f31bf6a93d9f047dc5a51f8ca0c33f77f6c0086cd9ca8c22b3a