newlogaps.com
Open in
urlscan Pro
185.234.69.113
Malicious Activity!
Public Scan
Submitted URL: https://conectagrid.com/conenct.php
Effective URL: https://newlogaps.com/giLrV7HwJZ/
Submission: On April 21 via manual from US — Scanned from DE
Effective URL: https://newlogaps.com/giLrV7HwJZ/
Submission: On April 21 via manual from US — Scanned from DE
Summary
This website contacted 2 IPs
in 2 countries
across 2 domains to perform 6 HTTP transactions.
The main IP is 185.234.69.113, located in
Düsseldorf, Germany and
belongs to CONTABO, DE.
The main domain is newlogaps.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 16th 2022. Valid for: 3 months.
This is the only time newlogaps.com was scanned on urlscan.io!
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 16th 2022. Valid for: 3 months.
This is the only time newlogaps.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Wise (Online)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 34.239.69.208 34.239.69.208 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 2 8 | 185.234.69.113 185.234.69.113 | 51167 (CONTABO) (CONTABO) | |
| 6 | 2 |
1
34.239.69.208
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: server28.registrocom.com.br
ASN14618 (AMAZON-AES, US)
PTR: server28.registrocom.com.br
| conectagrid.com |
8
185.234.69.113
(Düsseldorf, Germany)
ASN51167 (CONTABO, DE)
PTR: vmi845417.contaboserver.net
ASN51167 (CONTABO, DE)
PTR: vmi845417.contaboserver.net
| newlogaps.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 8 |
newlogaps.com
2 redirects
newlogaps.com |
1 MB |
| 1 |
conectagrid.com
1 redirects
conectagrid.com |
245 B |
| 6 | 2 |
| Domain | Requested by | |
|---|---|---|
| 8 | newlogaps.com |
2 redirects
newlogaps.com
|
| 1 | conectagrid.com | 1 redirects |
| 6 | 2 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| newlogaps.com cPanel, Inc. Certification Authority |
2022-04-16 - 2022-07-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://newlogaps.com/giLrV7HwJZ/
Frame ID: 030BBF432666D628A8FCAAD299C82E23
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
Wise Resolution CenterPage URL History Show full URLs
-
https://conectagrid.com/conenct.php
HTTP 302
https://newlogaps.com/ HTTP 302
https://newlogaps.com/giLrV7HwJZ HTTP 301
https://newlogaps.com/giLrV7HwJZ/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://conectagrid.com/conenct.php
HTTP 302
https://newlogaps.com/ HTTP 302
https://newlogaps.com/giLrV7HwJZ HTTP 301
https://newlogaps.com/giLrV7HwJZ/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
newlogaps.com/giLrV7HwJZ/ Redirect Chain
|
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
runtime.19a31cbacf0e120fd7bc.js
newlogaps.com/giLrV7HwJZ/ |
888 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
polyfills.d300740e1cadafa57be0.js
newlogaps.com/giLrV7HwJZ/ |
37 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.3900f36c602d6359591f.js
newlogaps.com/giLrV7HwJZ/ |
904 KB 904 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
styles.3df905d6632db97cc950.css
newlogaps.com/giLrV7HwJZ/ |
164 KB 164 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
985 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
947 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
417 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
newlogaps.com/static/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Wise (Online)142 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| webpackChunkwise2022 function| $localize function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
conectagrid.com
newlogaps.com
185.234.69.113
34.239.69.208
042e08ce5a48b76e3e639d8b507d1f24cdf850981e303978e518f676e55ccde3
06ca8a388b888e3b7e6a0e3c6c848ab50301622d0cd361ececfadc4040e5f1fe
16dda0331d978757e75dfca7d9d091c053139ebffd0e3f3af9322bff8ef10cdd
3654c9cf52fe535d9318210918ad766fae532fe390c9524c27166952109622c5
4491f6d690133cdde8eb66ee4178715504cb8c86aa0121f8e39292b0d5efa580
680a10a826a660a1a144d8b5c8122277afc92e46f88f8ded6578e96e34571106
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
c32b6681302c9688e8c7597a688a9908c3dbbcf3880adcaf33b3e236153169a6
dde10743ba5a710e5c0098851d2b97f3667551af61b196b82d0c183f2bf0b596
fb11ee735727a950825b25d406cd77e6ccff129ddb4ba3b28c1799bd02973987