itrustcapital-logi.com Open in urlscan Pro
162.241.123.30 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://itrustcapital-logi.com/
Submission: On February 17 via api (February 17th 2024, 11:38:50 am UTC) from BE — Scanned from DE

Summary HTTP 8 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 162.241.123.30, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is itrustcapital-logi.com.

This is the only time itrustcapital-logi.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: iTrustCapital (Crypto)

Domain & IP information

	IP Address		AS Autonomous System
7	162.241.123.30 162.241.123.30		46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
8	2

7 162.241.123.30 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-123-30.unifiedlayer.com

itrustcapital-logi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	itrustcapital-logi.com itrustcapital-logi.com	270 KB
8	1

	Domain	Requested by
7	itrustcapital-logi.com	itrustcapital-logi.com
8	1

This site contains links to these domains. Also see Links.

Domain
www.itrustcapital.com
itrustcapital.com

Subject Issuer	Validity	Valid
itrustcapital-logi.com R3	`2024-02-01` - `2024-05-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://itrustcapital-logi.com/
Frame ID: 67F551817E9972F6B34BD38CC42B663A
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in | iTrustCapital

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Page Statistics

8
Requests

75 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

270 kB
Transfer

533 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.itrustcapital.com/

Search URL Search Domain Scan URL

URL: https://itrustcapital.com/
Title: iTrustCapital

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response itrustcapital-logi.com/	31 KB 10 KB	917ms 221ms	Document text/html	162.241.123.30 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://itrustcapital-logi.com/ Protocol HTTP/1.1 Server 162.241.123.30 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-123-30.unifiedlayer.com Software nginx/1.21.6 / Resource Hash `c56aa21de460fed04556bb4b3f9f9a2695daf7d4dd3a603ee07540a1f5c27e75` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Cache-Control max-age=7200 Content-Encoding gzip Content-Length 10343 Content-Type text/html Date Sat, 17 Feb 2024 11:38:44 GMT Expires Sat, 17 Feb 2024 13:38:44 GMT Last-Modified Thu, 15 Feb 2024 21:43:51 GMT Server nginx/1.21.6 Vary Accept-Encoding X-Endurance-Cache-Level 2 X-Server-Cache false X-nginx-cache WordPress
GET H2	200	style.min.css itrustcapital-logi.com/wp-includes/css/dist/block-library/	108 KB 20 KB	1236ms 883ms	Stylesheet text/css	162.241.123.30 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://itrustcapital-logi.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3 Requested by Host: itrustcapital-logi.com URL: http://itrustcapital-logi.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.123.30 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-123-30.unifiedlayer.com Software Apache / Resource Hash `0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180` Request headers accept-language de-DE,de;q=0.9 Referer http://itrustcapital-logi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Sat, 17 Feb 2024 11:38:44 GMT content-encoding gzip x-nginx-cache WordPress last-modified Wed, 24 Jan 2024 19:02:28 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css cache-control max-age=2592000 accept-ranges bytes expires Mon, 18 Mar 2024 11:38:44 GMT
GET H2	200	style.min.css itrustcapital-logi.com/wp-content/themes/sinatra/assets/css/	159 KB 42 KB	1235ms 882ms	Stylesheet text/css	162.241.123.30 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://itrustcapital-logi.com/wp-content/themes/sinatra/assets/css/style.min.css?ver=1.3 Requested by Host: itrustcapital-logi.com URL: http://itrustcapital-logi.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.123.30 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-123-30.unifiedlayer.com Software Apache / Resource Hash `d7aae334c863edad07157e091c20c0d421f136ed04871107ad02d1b9aae51866` Request headers accept-language de-DE,de;q=0.9 Referer http://itrustcapital-logi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Sat, 17 Feb 2024 11:38:44 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 01 Feb 2024 17:56:33 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css cache-control max-age=2592000 accept-ranges bytes expires Mon, 18 Mar 2024 11:38:44 GMT
GET H2	200	dynamic-styles.css itrustcapital-logi.com/wp-content/uploads/sinatra/	19 KB 6 KB	1235ms 882ms	Stylesheet text/css	162.241.123.30 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://itrustcapital-logi.com/wp-content/uploads/sinatra/dynamic-styles.css?ver=1707741229 Requested by Host: itrustcapital-logi.com URL: http://itrustcapital-logi.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.123.30 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-123-30.unifiedlayer.com Software Apache / Resource Hash `43a15a98ac65a60a19c3e02566fd8d6ebbdc51350e358b6d8855c51cd695aaaa` Request headers accept-language de-DE,de;q=0.9 Referer http://itrustcapital-logi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Sat, 17 Feb 2024 11:38:44 GMT content-encoding gzip x-nginx-cache WordPress last-modified Mon, 12 Feb 2024 12:33:49 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css cache-control max-age=2592000 accept-ranges bytes content-length 5550 expires Mon, 18 Mar 2024 11:38:44 GMT
GET H2	200	itrustcapital-1-2048x1261.jpg itrustcapital-logi.com/wp-content/uploads/2024/02/	181 KB 181 KB	711ms 358ms	Image image/jpeg	162.241.123.30 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://itrustcapital-logi.com/wp-content/uploads/2024/02/itrustcapital-1-2048x1261.jpg Requested by Host: itrustcapital-logi.com URL: http://itrustcapital-logi.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.123.30 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-123-30.unifiedlayer.com Software Apache / Resource Hash `e1cddd22dda97cff80644b2b38609aa1875d89d8f14a98771c6387f5ccb462f3` Request headers accept-language de-DE,de;q=0.9 Referer http://itrustcapital-logi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Sat, 17 Feb 2024 11:38:44 GMT x-nginx-cache WordPress last-modified Thu, 01 Feb 2024 19:31:14 GMT server Apache x-endurance-cache-level 2 content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes content-length 185261 expires Sun, 16 Feb 2025 11:38:44 GMT
GET H2	200	sinatra.min.js Show response itrustcapital-logi.com/wp-content/themes/sinatra/assets/js/	16 KB 5 KB	1234ms 882ms	Script application/javascript	162.241.123.30 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://itrustcapital-logi.com/wp-content/themes/sinatra/assets/js/sinatra.min.js?ver=1.3 Requested by Host: itrustcapital-logi.com URL: http://itrustcapital-logi.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.123.30 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-123-30.unifiedlayer.com Software Apache / Resource Hash `186a291d5c2154ae7a2ef5e4ebbabfe09a46a279b0e8411df525cc048dc964c9` Request headers accept-language de-DE,de;q=0.9 Referer http://itrustcapital-logi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Sat, 17 Feb 2024 11:38:44 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 01 Feb 2024 17:56:33 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type application/javascript cache-control max-age=21600 accept-ranges bytes content-length 5195 expires Sat, 17 Feb 2024 17:38:44 GMT
GET BLOB	200 OK	733f883a-bf3b-444f-a59c-508bc2c306d2 http://itrustcapital-logi.com/	1 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:http://itrustcapital-logi.com/733f883a-bf3b-444f-a59c-508bc2c306d2 Requested by Host: itrustcapital-logi.com URL: http://itrustcapital-logi.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22` Request headers accept-language de-DE,de;q=0.9 Referer http://itrustcapital-logi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Content-Length 1245 Content-Type text/javascript
GET H2	200	wp-emoji-release.min.js Show response itrustcapital-logi.com/wp-includes/js/	18 KB 5 KB	189ms 189ms	Script application/javascript	162.241.123.30 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://itrustcapital-logi.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3 Requested by Host: itrustcapital-logi.com URL: http://itrustcapital-logi.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.123.30 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-241-123-30.unifiedlayer.com Software Apache / Resource Hash `4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230` Request headers accept-language de-DE,de;q=0.9 Referer http://itrustcapital-logi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Sat, 17 Feb 2024 11:38:45 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 02 Feb 2023 00:53:26 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type application/javascript cache-control max-age=21600 accept-ranges bytes content-length 5344 expires Sat, 17 Feb 2024 17:38:45 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: iTrustCapital (Crypto)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

itrustcapital-logi.com
162.241.123.30
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
186a291d5c2154ae7a2ef5e4ebbabfe09a46a279b0e8411df525cc048dc964c9
43a15a98ac65a60a19c3e02566fd8d6ebbdc51350e358b6d8855c51cd695aaaa
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
c56aa21de460fed04556bb4b3f9f9a2695daf7d4dd3a603ee07540a1f5c27e75
d7aae334c863edad07157e091c20c0d421f136ed04871107ad02d1b9aae51866
e1cddd22dda97cff80644b2b38609aa1875d89d8f14a98771c6387f5ccb462f3

itrustcapital-logi.com Open in urlscan Pro 162.241.123.30 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

75 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

270 kBTransfer

533 kBSize

0 Cookies

2 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

0 Cookies

Indicators

itrustcapital-logi.com Open in urlscan Pro
162.241.123.30 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

75 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

270 kB
Transfer

533 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!