financenews24.top Open in urlscan Pro
2606:4700:3031::ac43:8619 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgM...
Submission: On October 18 via api (October 18th 2023, 4:43:57 pm UTC) from US — Scanned from US

Summary HTTP 16 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3031::ac43:8619, located in United States and belongs to CLOUDFLARENET, US. The main domain is financenews24.top.
TLS certificate: Issued by E1 on August 23rd 2023. Valid for: 3 months.

This is the only time financenews24.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lion's Den Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700:303... 2606:4700:3031::ac43:8619	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.208.62.125 18.208.62.125	14618 (AMAZON-AES) (AMAZON-AES)
16	3

15 2606:4700:3031::ac43:8619 (United States)

ASN13335 (CLOUDFLARENET, US)

financenews24.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.208.62.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-62-125.compute-1.amazonaws.com

re.redirectfor.money	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	financenews24.top financenews24.top	1 MB
1	redirectfor.money re.redirectfor.money
16	2

	Domain	Requested by
15	financenews24.top	financenews24.top
1	re.redirectfor.money	financenews24.top
16	2

This site contains links to these domains. Also see Links.

Domain
re.redirectfor.money
www.sportschau.de
www.ardmediathek.de
www.ardaudiothek.de
www.kika.de

Subject Issuer	Validity	Valid
financenews24.top E1	`2023-08-23` - `2023-11-21`	3 months	crt.sh
re.redirectfor.money R3	`2023-09-12` - `2023-12-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0
Frame ID: 6CE64F21FD8D64FA83B1C10A1B8445E0
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tagesschau LogoTagesschauZurückPfeil runterPfeil runterPfeil runterPfeil runterLogo ARD

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

1308 kB
Transfer

1852 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://re.redirectfor.money/clicknavigation
Title: Navigation

Search URL Search Domain Scan URL

URL: https://re.redirectfor.money/clickcontent
Title: Inhalt

Search URL Search Domain Scan URL

URL: https://re.redirectfor.money/clickfooter
Title: Fußzeile

Search URL Search Domain Scan URL

URL: https://re.redirectfor.money/click
Title: Tagesschau Logo

Search URL Search Domain Scan URL

URL: https://www.sportschau.de/
Title: Sportschau

Search URL Search Domain Scan URL

URL: https://www.ardmediathek.de/
Title: Mediathek

Search URL Search Domain Scan URL

URL: https://www.ardaudiothek.de/
Title: Audiothek

Search URL Search Domain Scan URL

URL: https://www.kika.de/
Title: KiKA

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response financenews24.top/de/lichter/	926 KB 540 KB	921ms 854ms	Document text/html	2606:4700:3031::ac43:8619 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:8619 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `f1e355a95418ce40814269bdf0d9ed23016c16fc51c63e5b9dd2b636692e6b64` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 81823e13ea080362-MIA content-encoding br content-type text/html date Wed, 18 Oct 2023 16:43:50 GMT last-modified Mon, 18 Sep 2023 06:14:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qT4UPWxRxt2wykAp29dwvwTbkNDkwSK%2FibCITDqaeX8vWv7q2T508lc6CQ4UcKAYJurEf%2BpzbF0X5MjUmKGI0lg1VJgH4AduAw%2FHAaihSWhCwcmUlqpITHlHz1005cGjukUtcIBlvMzh7op8a454cg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PleskLin
GET H2	200	jquery-3.5.1.min.js Show response financenews24.top/includes/	87 KB 32 KB	43ms 42ms	Script application/javascript	2606:4700:3031::ac43:8619 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://financenews24.top/includes/jquery-3.5.1.min.js Requested by Host: financenews24.top URL: https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:8619 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d` Request headers accept-language en-US,en;q=0.9 Referer https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 18 Oct 2023 16:43:50 GMT content-encoding br cf-cache-status HIT last-modified Sun, 29 May 2022 14:34:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4 etag W/"62938474-15d84" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3FeZIDwRYqQfhvQ9iDvPhQpIJxzxPsXCa5pTSqEUv%2BK4gEgUwHu3W9nnvHN4pY480c2TNH0xDqtDItkjikA%2BoKgCcAJ0YR9LhjGcxGttnyCjevSPwXETNlgzXcqNkbewnw9avYRq7aTe%2BcwPwjrEg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 81823e1b0d430362-MIA alt-svc h3=":443"; ma=86400
GET H2	200	viewer.js Show response financenews24.top/includes/	838 B 761 B	159ms 158ms	Script application/javascript	2606:4700:3031::ac43:8619 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://financenews24.top/includes/viewer.js?r=4 Requested by Host: financenews24.top URL: https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:8619 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `0773fdbe6089556e9d0d60eef0116dbf389d3e5b46260c038ec529f24242c28a` Request headers accept-language en-US,en;q=0.9 Referer https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 18 Oct 2023 16:43:51 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 23 Aug 2023 14:12:58 GMT x-accel-version 0.01 server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} etag W/"346-60397b55d4e80-gzip" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BnBNWQcjlisPPNazuDl0SKndRjAZ%2BP7EhzyoOk9tJU6h5aieH9uvmIkgVSjqCok9dwkFd839f3wY2mNqa%2FRC21zqZR32vYZJyUeu%2FveTP8ZlRDMG7ZgMI6SVMZF3aTbN5mXGiVRFaAfEFA2rFKgUQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 81823e1b0d4c0362-MIA alt-svc h3=":443"; ma=86400
GET H2	200	styles12.css financenews24.top/de/lichter/assets/	8 KB 2 KB	391ms 390ms	Stylesheet text/css	2606:4700:3031::ac43:8619 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://financenews24.top/de/lichter/assets/styles12.css Requested by Host: financenews24.top URL: https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:8619 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `1cedfc915d949dd071d4ba84767cf09ad470a8d212c7225ac2c5694554454cf0` Request headers accept-language en-US,en;q=0.9 Referer https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 18 Oct 2023 16:43:51 GMT content-encoding br cf-cache-status MISS last-modified Wed, 23 Aug 2023 20:57:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64e672cc-1f60" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9JYAFsSnFF44b1KWYw7oNkYUk8stflsJ13dvyZxrNDxAIBQs5MDV45TUMVa1xdmOSPpEQ40ZidaVAsQTauRjn1c0GhgqdM580ssobLCufEAmfapKYITtlvXohUVqw3YIY0GywNLdXDfkkPUs0NNnQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 81823e1b0d490362-MIA alt-svc h3=":443"; ma=86400
GET H2	200	hdl-new-horst-2.jpg financenews24.top/de/lichter/assets/	90 KB 91 KB	620ms 619ms	Image image/jpeg	2606:4700:3031::ac43:8619 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://financenews24.top/de/lichter/assets/hdl-new-horst-2.jpg Requested by Host: financenews24.top URL: https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:8619 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `07246191e11b61d7e938f7a58ab04746905e29f937a5ab1edc2699e69c3c4cf1` Request headers accept-language en-US,en;q=0.9 Referer https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 18 Oct 2023 16:43:51 GMT cf-cache-status MISS last-modified Wed, 23 Aug 2023 20:57:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64e672cc-1688b" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiLyNVzu9DRJmdu%2FEuYyhgSEMnhGuuRfcORu6AzQYm%2FU%2B7qsJelBQKi41ADYQ0sbbeQba%2FCK9adtSnmpKRyyJWnWU%2BGEn%2FHp%2FHgkO2kMaEtSRrVQJa8NJMZdHvJRwOabEbAHE3SL37EI4A3J7Zkk8g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 81823e1b0d4f0362-MIA alt-svc h3=":443"; ma=86400 content-length 92299
GET H2	200	bitprojects-20210323-dhdl.jpg financenews24.top/de/lichter/assets/	78 KB 79 KB	617ms 617ms	Image image/jpeg	2606:4700:3031::ac43:8619 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://financenews24.top/de/lichter/assets/bitprojects-20210323-dhdl.jpg Requested by Host: financenews24.top URL: https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:8619 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `094aa79cd5cd3d2127afd6f406f86a31a72ae8ffcc12edf6f05eb8239d2532b5` Request headers accept-language en-US,en;q=0.9 Referer https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 18 Oct 2023 16:43:51 GMT cf-cache-status MISS last-modified Wed, 23 Aug 2023 20:57:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64e672cc-1393b" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWMCZju5LaYX6e%2B1oA5uF%2FRUYAeKUTtyLj0IF74wYtP%2FX3KmuqnRm2M10sdLh7%2FBETVsgm6EYcb%2FH%2BbeLkgcduGKajK1br3TzAq8o7zEzTxk0Y0vFgERnju%2Fjbjixv6U9FiritDgTMRTRrtBPvTlpQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 81823e1b0d520362-MIA alt-svc h3=":443"; ma=86400 content-length 80187
GET H3	200	29093406_ea27c533b28aae434.jpg financenews24.top/de/lichter/assets/	118 KB 119 KB	620ms 619ms	Image image/jpeg	2606:4700:3031::ac43:8619 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://financenews24.top/de/lichter/assets/29093406_ea27c533b28aae434.jpg Requested by Host: financenews24.top URL: https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:8619 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `ccf9e97a2b08bc8bae2df934bcc574bd544902809a8cef1e8132ed6bcc31666c` Request headers accept-language en-US,en;q=0.9 Referer https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 18 Oct 2023 16:43:51 GMT cf-cache-status MISS last-modified Wed, 23 Aug 2023 20:57:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64e672cc-1d976" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5HCsNcJ0FlGyXWP%2FaGxxyQ6gEOarNBfKLWuSG383j5ealVyOEtrHFxvy1dkeiWBTFS10mtr%2BgY12X5vf2CSwMcQ0wQytz%2FAxhdv6Tg9%2BGp%2BN%2F5UYsGOT%2FgvW4L%2F8Lklr4nYVy8nHSM2xHE%2Fg5JMfgg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 81823e1c3fb0336e-MIA alt-svc h3=":443"; ma=86400 content-length 121206
GET H3	200	horst2.jpg financenews24.top/de/lichter/assets/	95 KB 96 KB	653ms 651ms	Image image/jpeg	2606:4700:3031::ac43:8619 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://financenews24.top/de/lichter/assets/horst2.jpg Requested by Host: financenews24.top URL: https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:8619 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `f1eb7b250471bc3fc9010ee3c7ddbaf9aa37ce16d0823ebfdf867b504bcb242f` Request headers accept-language en-US,en;q=0.9 Referer https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 18 Oct 2023 16:43:51 GMT cf-cache-status MISS last-modified Wed, 23 Aug 2023 20:57:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64e672cc-17da9" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WisZtZDZ8iFM9kqvQgh1WTSles0YjIEPe%2F8lfYcn3A5YnxsNexu%2BIGX8BDDjx9m6z2I2efPf%2BctvAnoSi6ceDhEhYzkI1hIf3yj82JmYWQhgWsz1wrsGomYnrTf5wBQd6b8YyoXtF9QomW8ZwdlttA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 81823e1c3fb2336e-MIA alt-svc h3=":443"; ma=86400 content-length 97705
GET H3	200	prof1.jpg financenews24.top/de/lichter/assets/	2 KB 3 KB	411ms 409ms	Image image/jpeg	2606:4700:3031::ac43:8619 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://financenews24.top/de/lichter/assets/prof1.jpg Requested by Host: financenews24.top URL: https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:8619 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `f6894acedc5915b51c9f1857f0da8ea062475edaff3b391b7cd7ffdf7115ad91` Request headers accept-language en-US,en;q=0.9 Referer https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 18 Oct 2023 16:43:51 GMT cf-cache-status MISS last-modified Wed, 23 Aug 2023 20:57:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64e672cc-895" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcbAkYITNAZddZfBkoi73exhEZqahE5DSD3o6yJ43U0aMNnPHmAYai1yET9TudtRpJazqePHAGpygQhQFeaRApRgACdr14TyYx3ljQaJZXKF3MBzgxSAN2WNYBi3T10zezwzGacrlYsbbTymUsgt%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 81823e1c3fb6336e-MIA alt-svc h3=":443"; ma=86400 content-length 2197
GET H3	200	prof2.jpg financenews24.top/de/lichter/assets/	3 KB 3 KB	414ms 412ms	Image image/jpeg	2606:4700:3031::ac43:8619 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://financenews24.top/de/lichter/assets/prof2.jpg Requested by Host: financenews24.top URL: https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:8619 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `1707346b93ea4f91be70ba1d144c800813af2ef6d7bf2a9785665d2e9764b4c8` Request headers accept-language en-US,en;q=0.9 Referer https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 18 Oct 2023 16:43:51 GMT cf-cache-status MISS last-modified Wed, 23 Aug 2023 20:57:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64e672cc-b11" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Szdj2SdUyFKZmD9hUFBfxa9LZ67jM4%2FGHLZyNjW%2BJH4Lz10v56aAmluUrAdd8cwtngzedWZL%2FBKJ3xmqgkCB38vqwbuzpQeydY4zZMj2xDHdNwfzp%2FzHcQg%2BP7us%2BTVFagw5W5ifjVYMiAyN9PtbVg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 81823e1c3fb9336e-MIA alt-svc h3=":443"; ma=86400 content-length 2833
GET H3	200	prof3.jpg financenews24.top/de/lichter/assets/	2 KB 2 KB	412ms 410ms	Image image/jpeg	2606:4700:3031::ac43:8619 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://financenews24.top/de/lichter/assets/prof3.jpg Requested by Host: financenews24.top URL: https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:8619 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `df99f7229bbfb0bdf5ed771fca5acc2fcbe96e41429bc2b2451f238c42d3f948` Request headers accept-language en-US,en;q=0.9 Referer https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 18 Oct 2023 16:43:51 GMT cf-cache-status MISS last-modified Wed, 23 Aug 2023 20:57:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64e672cc-7b9" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTXbBGhIo%2FzoJvFp4VAdISBPDTcgy3FgsFBKUsBjgJc9JukOeqNc2P7KAoCvjcZ9%2Fe%2F4xkD%2B7h8KaraMdrUpXyDQ%2FfK91WdgDhQmHEmoWhHnlIhz6eHRHIrIgbt%2FwYAvjc1HRqCYpSHeE8ewXfx7pA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 81823e1c3fbb336e-MIA alt-svc h3=":443"; ma=86400 content-length 1977
GET H3	200	prof4.jpg financenews24.top/de/lichter/assets/	2 KB 3 KB	402ms 400ms	Image image/jpeg	2606:4700:3031::ac43:8619 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://financenews24.top/de/lichter/assets/prof4.jpg Requested by Host: financenews24.top URL: https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:8619 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `f5653349d4d9eade79c3484fc521672332ffba22afbf1022e80ecb56973814c4` Request headers accept-language en-US,en;q=0.9 Referer https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 18 Oct 2023 16:43:51 GMT cf-cache-status MISS last-modified Wed, 23 Aug 2023 20:57:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64e672cc-8a0" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ht%2BcuSLxc9UqlFIQdS%2B5raroojX7oZnwV7meSLJr1Vu82ZHsjsd7CsB0y6ul%2BYGeG%2BWwjJJgbSeyNBaoc4fjF63AmPog4eR5nEkbd9wpHiurBj9I3l9tjzxL86zci%2BCxSPhHcNqT5BvP6DZFWpIWPg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 81823e1c3fbd336e-MIA alt-svc h3=":443"; ma=86400 content-length 2208
GET H3	200	prof5.jpg financenews24.top/de/lichter/assets/	2 KB 2 KB	405ms 403ms	Image image/jpeg	2606:4700:3031::ac43:8619 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://financenews24.top/de/lichter/assets/prof5.jpg Requested by Host: financenews24.top URL: https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:8619 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `5e4a39e9f9298e25b326bd92f08b9cca6b15f0d617677c8ef2a6a3c037a8a0a1` Request headers accept-language en-US,en;q=0.9 Referer https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 18 Oct 2023 16:43:51 GMT cf-cache-status MISS last-modified Wed, 23 Aug 2023 20:57:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64e672cc-63d" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HSXJFNOL8eyIbKfddoiNlnjCbIbBcrfbWY%2FxJlQsRd2dEBmRaw4nTCHitb3TSNUB0BVGm1tRPeyR6uys8w%2BeTc7r6VJfGjF5leA96Jw63tUowtDHRpV7Z3EOb%2B%2BGDECZcyYqDYczMou4x3EOTvOfvQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 81823e1c3fbe336e-MIA alt-svc h3=":443"; ma=86400 content-length 1597
GET H3	200	184dc9ab-6565-4fbf-a6a5-27.jpg financenews24.top/de/lichter/assets/	62 KB 62 KB	700ms 698ms	Image image/jpeg	2606:4700:3031::ac43:8619 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://financenews24.top/de/lichter/assets/184dc9ab-6565-4fbf-a6a5-27.jpg Requested by Host: financenews24.top URL: https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:8619 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PleskLin Resource Hash `70d81524ff46cf40ab5b8dafa8597489819bed792aeffde58837e55b99013464` Request headers accept-language en-US,en;q=0.9 Referer https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 18 Oct 2023 16:43:51 GMT cf-cache-status MISS last-modified Wed, 23 Aug 2023 20:57:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64e672cc-f69b" x-powered-by PleskLin vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7WMgxTlgqUf3pigUsTLyDDtHhB9DKl2dn6GKpKnyoMTRHJftAg%2F0ESbYKePdBIMwViBWdwuUFc476mvIa5wucoPBFAIhcSwJPIZfLMIsE8qFCgzYRLwYz8tjMqb%2BkNsq9cir%2BeYfn%2BNF7hMqYgr0g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 81823e1c3fc1336e-MIA alt-svc h3=":443"; ma=86400 content-length 63131
POST H3	200	view.php Show response financenews24.top/includes/	0 488 B	411ms 403ms	XHR text/html	2606:4700:3031::ac43:8619 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://financenews24.top/includes/view.php Requested by Host: financenews24.top URL: https://financenews24.top/includes/jquery-3.5.1.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:8619 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.0.30, PleskLin Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers date Wed, 18 Oct 2023 16:43:51 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.0.30, PleskLin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z985bzu5oRAynQufXo2E8cvqiZRLsWQdWoLMyaJPJEyqqS1PuwYmsH6EOL0ufzx2u8726kSRnOCm50gRaUmXR6Bq6zemf27Jb6MddMogMI%2F3jC9vMPJBuWwQXf3jkc02YHIrQzQdBjQTFoi9IiEJgQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 81823e1c2f88336e-MIA alt-svc h3=":443"; ma=86400
GET H2	400	.js re.redirectfor.money/d/	0 0	349ms 53ms	Script text/html	18.208.62.125 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://re.redirectfor.money/d/.js?lpref=&lpurl=https%3A%2F%2Ffinancenews24.top%2Fde%2Flichter%2F%3Fon%3DImmediate%2520Edge%26cep%3DrGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0&lpt=&vtm=1697647431062 Requested by Host: financenews24.top URL: https://financenews24.top/de/lichter/?on=Immediate%20Edge&cep=rGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.208.62.125 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-208-62-125.compute-1.amazonaws.com Software / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://financenews24.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers
GET DATA	200 OK	truncated /	83 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `66d0cae83a87e541eaf134f1144a1f9977d1aaf98491b9bbcf05a64f469876b7` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	18 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `7ad8a3923844b448bc657c343991c26f2d1791c3a6f25d6eee626ccfd4b6f5c0` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	90 KB 90 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `b4ab8cc0c2b31a7176025451c898c0f228228c4db2a4392cef152050254713e2` Request headers Referer Origin https://financenews24.top accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	94 KB 94 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4321aaa0b7ff06b546cbbce19b73ef2cd792feafcf396a05b76feaa38c85725a` Request headers Referer Origin https://financenews24.top accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	90 KB 90 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `35a930950a6e1f5d23a961d3bcacc816765906da7d811bccf88744f1c4e28156` Request headers Referer Origin https://financenews24.top accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36 Response headers Content-Type font/woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lion's Den Scam (Online)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://re.redirectfor.money/d/.js?lpref=&lpurl=https%3A%2F%2Ffinancenews24.top%2Fde%2Flichter%2F%3Fon%3DImmediate%2520Edge%26cep%3DrGqphTx0oWNWBg6pSfIEzehbRgv4CzT3RcEChrD8o1XgrsUHtSis8xW-fvgMr_vZ9fLbOGdAKEb_DhMl2eVbsQGWU5vz2slKxojjIl39UT6d9n3nO0i3XNzxi3RtzlsITBO0GpVlkLqCsDj3fVkKaQT4sbjwqdDusMK2OrqiasOYPF0Jjrxvwsl3jbjXKwLO84xD5Pr7KUAjm_P5OD9ulhchaCCaMHxLpb06oHijn2KT42Bh4S9dFT-Ino2rcylSQDEDPp6HjlIteh0CoHD2NAN-zAfXNdwr5kxVWwloVji75cLFfvtKewfrmdlTZ0&lpt=&vtm=1697647431062 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

financenews24.top
re.redirectfor.money
18.208.62.125
2606:4700:3031::ac43:8619
07246191e11b61d7e938f7a58ab04746905e29f937a5ab1edc2699e69c3c4cf1
0773fdbe6089556e9d0d60eef0116dbf389d3e5b46260c038ec529f24242c28a
094aa79cd5cd3d2127afd6f406f86a31a72ae8ffcc12edf6f05eb8239d2532b5
1707346b93ea4f91be70ba1d144c800813af2ef6d7bf2a9785665d2e9764b4c8
1cedfc915d949dd071d4ba84767cf09ad470a8d212c7225ac2c5694554454cf0
35a930950a6e1f5d23a961d3bcacc816765906da7d811bccf88744f1c4e28156
4321aaa0b7ff06b546cbbce19b73ef2cd792feafcf396a05b76feaa38c85725a
5e4a39e9f9298e25b326bd92f08b9cca6b15f0d617677c8ef2a6a3c037a8a0a1
66d0cae83a87e541eaf134f1144a1f9977d1aaf98491b9bbcf05a64f469876b7
70d81524ff46cf40ab5b8dafa8597489819bed792aeffde58837e55b99013464
7ad8a3923844b448bc657c343991c26f2d1791c3a6f25d6eee626ccfd4b6f5c0
b4ab8cc0c2b31a7176025451c898c0f228228c4db2a4392cef152050254713e2
ccf9e97a2b08bc8bae2df934bcc574bd544902809a8cef1e8132ed6bcc31666c
df99f7229bbfb0bdf5ed771fca5acc2fcbe96e41429bc2b2451f238c42d3f948
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1e355a95418ce40814269bdf0d9ed23016c16fc51c63e5b9dd2b636692e6b64
f1eb7b250471bc3fc9010ee3c7ddbaf9aa37ce16d0823ebfdf867b504bcb242f
f5653349d4d9eade79c3484fc521672332ffba22afbf1022e80ecb56973814c4
f6894acedc5915b51c9f1857f0da8ea062475edaff3b391b7cd7ffdf7115ad91
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

financenews24.top Open in urlscan Pro 2606:4700:3031::ac43:8619 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

1308 kBTransfer

1852 kBSize

0 Cookies

8 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

financenews24.top Open in urlscan Pro
2606:4700:3031::ac43:8619 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

1308 kB
Transfer

1852 kB
Size

0
Cookies

16 HTTP transactions
5 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!