www.test.magento.ipts-money.online
Open in
urlscan Pro
185.178.208.190
Malicious Activity!
Public Scan
Submission: On October 20 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on October 20th 2021. Valid for: 3 months.
This is the only time www.test.magento.ipts-money.online was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 185.178.208.190 185.178.208.190 | 57724 (DDOS-GUARD) (DDOS-GUARD) | |
1 | 172.217.16.138 172.217.16.138 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.185.234 142.250.185.234 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.16.18.94 104.16.18.94 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 142.250.186.35 142.250.186.35 | 15169 (GOOGLE) (GOOGLE) | |
21 | 5 |
ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net
www.test.magento.ipts-money.online |
ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
chart.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
ipts-money.online
www.test.magento.ipts-money.online |
617 KB |
5 |
gstatic.com
fonts.gstatic.com |
98 KB |
2 |
googleapis.com
fonts.googleapis.com chart.googleapis.com |
4 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com |
28 KB |
21 | 4 |
Domain | Requested by | |
---|---|---|
13 | www.test.magento.ipts-money.online |
www.test.magento.ipts-money.online
|
5 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | cdnjs.cloudflare.com |
www.test.magento.ipts-money.online
|
1 | chart.googleapis.com |
www.test.magento.ipts-money.online
|
1 | fonts.googleapis.com |
www.test.magento.ipts-money.online
|
21 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
test.magento.ipts-money.online R3 |
2021-10-20 - 2022-01-18 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-10-04 - 2021-12-27 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.test.magento.ipts-money.online/
Frame ID: F3C3A16C6E46FB1EC047EC974D248555
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
Cardano GiveawayDetected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.test.magento.ipts-money.online/ |
14 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
13 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css%3Fv=2.css
www.test.magento.ipts-money.online/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logoada.png
www.test.magento.ipts-money.online/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
creator.png
www.test.magento.ipts-money.online/img/ |
355 KB 356 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qr.png
www.test.magento.ipts-money.online/img/ |
778 B 831 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow.png
www.test.magento.ipts-money.online/img/ |
589 B 642 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
time.png
www.test.magento.ipts-money.online/img/ |
891 B 944 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ada.png
www.test.magento.ipts-money.online/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
verified.png
www.test.magento.ipts-money.online/img/ |
779 B 832 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chart
chart.googleapis.com/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apply.png
www.test.magento.ipts-money.online/img/ |
321 B 373 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ |
87 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scriptada.js
www.test.magento.ipts-money.online/js/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background.png%3Fv
www.test.magento.ipts-money.online/img/ |
245 KB 245 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ |
19 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ |
20 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ |
19 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ |
19 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.png
www.test.magento.ipts-money.online/img/ |
297 B 297 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| copy3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ipts-money.online/ | Name: __ddg1 Value: dBHGzKyOzHgUJjl18fC9 |
|
.www.test.magento.ipts-money.online/ | Name: __ddgid Value: ePDe3P54GpFMcAlY |
|
.www.test.magento.ipts-money.online/ | Name: __ddgmark Value: QfscNwnieINzy4gS |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
chart.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
www.test.magento.ipts-money.online
104.16.18.94
142.250.185.234
142.250.186.35
172.217.16.138
185.178.208.190
06c3ac4fb5946b1ffcf9b97cdf6aae0caeb2917d3d2e382badcd96c2b9395b0c
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
1b459e2d0b5717c9e36d5bab562589de03f7ae8797afd33c0fadbf79955c3793
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
3d0f2e0f3eb92613ecfaacae814439a3aef221d9ee8eaba8670520cd4f04169d
540ff4d859480b903bb3a173c63ba49a326b8671498e2f1ba8cfd316be43d542
57b9df63533a8b01e18728d0d1d8e840e631693b29df789536ca335ab71ff470
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
654ddaf164daed6286e55a2b7e82b43629f0bd52b66d7fe10dbc798330f7defd
65fd5a274a14af55380d5ed17cdb26cc2f4e8a5925457a9a1135083a4e3e4ff7
7ce2f8643f80018e1c4f5dae8adadbd552256fbab5e4409672cb2e060aada574
8507abe1a3e4c7517d5d1304e68dd77d773980c6579debe0468316efe1171fbe
89f6a49cbbb8d77545072c3c708c3ad1c08bd6b2018d8176d5c0a938e2df182e
8ddd17fb43c526096e7fbe382a18f10184cfcb72da28766251583f76dac6090f
996e148b7cb06329622484c65a0e134a75b578e264074975cb4d3980630a125c
c60ab4d3b8d48409e529867856c36c3049e7601b97019e628c3775e027ae25b3
db9847b1c74aec4cafbf64b22a38b9b25a90ad048a0c40665517c8ab9dd7c4cf
dde2e8e2d6fa0bb720d7ec5225068c656b7ee9415b2e8f0b4d3c672b4fc6cb8d
e4f5786beb3354da4bb72c08b6a90785b9a8b179a026a5ae17ddb9e97ffe85fe
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e