money99.icu Open in urlscan Pro
158.69.101.16 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://money99.icu/
Submission: On July 25 via automatic, source certstream-suspicious (July 25th 2024, 6:31:22 am UTC) — Scanned from CA

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 158.69.101.16, located in Montreal, Canada and belongs to OVH, FR. The main domain is money99.icu.
TLS certificate: Issued by R10 on July 14th 2024. Valid for: 3 months.

This is the only time money99.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	158.69.101.16 158.69.101.16	16276 (OVH) (OVH)
1	64.233.180.94 64.233.180.94	15169 (GOOGLE) (GOOGLE)
3	142.251.111.132 142.251.111.132	15169 (GOOGLE) (GOOGLE)
7	4

3 158.69.101.16 (Montreal, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ip16.ip-158-69-101.net

money99.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.180.94 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.111.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f132.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	90 KB
3	money99.icu 1 redirects money99.icu	12 KB
1	gstatic.com fonts.gstatic.com	21 KB
7	3

	Domain	Requested by
3	cdn.ampproject.org	money99.icu cdn.ampproject.org
3	money99.icu	1 redirects
1	fonts.gstatic.com	money99.icu
7	3

This site contains no links.

Subject Issuer	Validity	Valid
money99.icu R10	`2024-07-14` - `2024-10-12`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
misc-sni.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://money99.icu/
Frame ID: CDDB7D73FA908CE7EB7F4CC18F8D09C7
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

money99.icu

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

7
Requests

71 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

122 kB
Transfer

412 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://money99.icu/favicon.ico HTTP 302
https://money99.icu/wp-includes/images/w-logo-blue-white-bg.png

7 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
money99.icu/ 34 KB
8 KB 832ms
739ms Document
text/html 158.69.101.16
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://money99.icu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.69.101.16 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip16.ip-158-69-101.net
Software: Apache / PHP/7.4.30
Resource Hash: 04a2a2d3007d6e861537a36da8b8ee05239c0a150b4dcf2cbfebbc41d17be256

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-length: 7579
content-type: text/html; charset=UTF-8
date: Thu, 25 Jul 2024 06:31:17 GMT
link: <https://money99.icu/wp-json/>; rel="https://api.w.org/"
server: Apache
vary: Accept-Encoding
x-powered-by: PHP/7.4.30
x-ua-compatible: IE=edge

GET
H2 200 FwZY7-Qmy14u9lezJ-6H6MmBp0u-.woff2
fonts.gstatic.com/s/pacifico/v12/ 20 KB
21 KB 130ms
44ms Font
font/woff2 64.233.180.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/pacifico/v12/FwZY7-Qmy14u9lezJ-6H6MmBp0u-.woff2

Requested by

Host: money99.icu
URL: https://money99.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.180.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

on-in-f94.1e100.net

Software

sffe /

Resource Hash

c1721c33f415eafcd5e16ce70ce81d3e2f12d36f5d833946966da5f8983f2499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://money99.icu/
Origin: https://money99.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 20 Jul 2024 09:10:46 GMT
x-content-type-options: nosniff
age: 422432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20684
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:25:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Jul 2025 09:10:46 GMT

GET
H2 200 v0.mjs Show response
cdn.ampproject.org/ 223 KB
63 KB 134ms
43ms Script
text/javascript 142.251.111.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.mjs

Requested by

Host: money99.icu
URL: https://money99.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f132.1e100.net

Software

sffe /

Resource Hash

82a83d371708d9df49f213ebc3e87992f59f2011870ac8323b6ec67764da1abf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://money99.icu/
Origin: https://money99.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 25 Jul 2024 06:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63636
x-xss-protection: 0
server: sffe
etag: "8ad91926f1c8071b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 25 Jul 2024 06:31:18 GMT

GET
H2 200 amp-bind-0.1.mjs Show response
cdn.ampproject.org/v0/ 41 KB
14 KB 198ms
107ms Script
text/javascript 142.251.111.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-bind-0.1.mjs

Requested by

Host: money99.icu
URL: https://money99.icu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f132.1e100.net

Software

sffe /

Resource Hash

1292921832ecb2db3a0c0c03efa9f94fbe2da68a4500cae85bb30c6e0417f195

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://money99.icu/
Origin: https://money99.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 25 Jul 2024 06:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13912
x-xss-protection: 0
server: sffe
etag: "66641cbf3d0adfe2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 25 Jul 2024 06:31:18 GMT

GET
DATA 200
OK truncated
/ 83 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5594f580a6f41db1993540ec658aaf5687d01e9dfc7acff4f25992a49ab4aa40

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff7b85464bae197e2001162da8e1371e5fefd6c56b8bd023fb924d4f7b145cea

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 ww.mjs Show response
cdn.ampproject.org/rtv/012406131415000/ 45 KB
13 KB 43ms
42ms Fetch
text/javascript 142.251.111.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406131415000/ww.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f132.1e100.net

Software

sffe /

Resource Hash

7faae1d46e67def25839822e87c30318a07701ecf04d46bc3bcce57b587c7915

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: text/plain
Referer: https://money99.icu/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 20 Jul 2024 12:38:19 GMT
age: 409979
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13075
x-xss-protection: 0
server: sffe
etag: "c2a845353178ab31"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 20 Jul 2025 12:38:19 GMT

GET
H2

200

w-logo-blue-white-bg.png
money99.icu/wp-includes/images/
Redirect Chain

https://money99.icu/favicon.ico
https://money99.icu/wp-includes/images/w-logo-blue-white-bg.png

4 KB
4 KB

82ms
82ms

Other
image/png

158.69.101.16
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://money99.icu/wp-includes/images/w-logo-blue-white-bg.png
Protocol: H2
Server: 158.69.101.16 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip16.ip-158-69-101.net
Software: Apache / PHP/7.4.30
Resource Hash: 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

Referer: https://money99.icu/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 06:31:19 GMT
last-modified: Tue, 16 Nov 2021 00:04:01 GMT
server: Apache
accept-ranges: bytes
x-powered-by: PHP/7.4.30
content-length: 4119
content-type: image/png

Redirect headers

date: Thu, 25 Jul 2024 06:31:18 GMT
server: Apache
x-redirect-by: WordPress
x-powered-by: PHP/7.4.30
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://money99.icu/wp-includes/images/w-logo-blue-white-bg.png
link: <https://money99.icu/wp-json/>; rel="https://api.w.org/"
content-length: 0
x-ua-compatible: IE=edge

GET
BLOB 200
OK b8740a2c-da97-4510-97a4-70859c120d91
https://money99.icu/ 45 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://money99.icu/b8740a2c-da97-4510-97a4-70859c120d91
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab2b646bb398631c3832882076d31df647f0525009de3851d0068ffb0486edde

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 46338
Content-Type: text/javascript

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
fonts.gstatic.com
money99.icu
142.251.111.132
158.69.101.16
64.233.180.94
04a2a2d3007d6e861537a36da8b8ee05239c0a150b4dcf2cbfebbc41d17be256
1292921832ecb2db3a0c0c03efa9f94fbe2da68a4500cae85bb30c6e0417f195
5594f580a6f41db1993540ec658aaf5687d01e9dfc7acff4f25992a49ab4aa40
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
7faae1d46e67def25839822e87c30318a07701ecf04d46bc3bcce57b587c7915
82a83d371708d9df49f213ebc3e87992f59f2011870ac8323b6ec67764da1abf
ab2b646bb398631c3832882076d31df647f0525009de3851d0068ffb0486edde
c1721c33f415eafcd5e16ce70ce81d3e2f12d36f5d833946966da5f8983f2499
ff7b85464bae197e2001162da8e1371e5fefd6c56b8bd023fb924d4f7b145cea

money99.icu Open in urlscan Pro 158.69.101.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

7 Requests

71 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

122 kBTransfer

412 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

Indicators

money99.icu Open in urlscan Pro
158.69.101.16 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

71 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

122 kB
Transfer

412 kB
Size

0
Cookies

7 HTTP transactions
2 data transactions