![](/screenshots/305c5f56-d6e1-4b52-8910-69cfc5dc50a3.png)
risky.biz
Open in
urlscan Pro
104.236.162.111
Public Scan
Submission: On March 20 via manual from NL — Scanned from NL
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 26th 2023. Valid for: a year.
This is the only time risky.biz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 104.236.162.111 104.236.162.111 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
3 | 2606:4700::68... 2606:4700::6812:acf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:829::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a00:1450:400... 2a00:1450:4001:80f::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
22 | 9 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
risky.biz
risky.biz — Cisco Umbrella Rank: 866522 |
1 MB |
3 |
gstatic.com
fonts.gstatic.com |
130 KB |
3 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1828 |
49 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110 ajax.googleapis.com — Cisco Umbrella Rank: 716 |
35 KB |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1728 |
241 B |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 387 |
2 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114 |
79 KB |
22 | 7 |
Domain | Requested by | |
---|---|---|
11 | risky.biz |
risky.biz
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | maxcdn.bootstrapcdn.com |
risky.biz
maxcdn.bootstrapcdn.com |
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | cdnjs.cloudflare.com |
risky.biz
|
1 | ajax.googleapis.com |
risky.biz
|
1 | www.googletagmanager.com |
risky.biz
|
1 | fonts.googleapis.com |
risky.biz
|
22 | 8 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
risky.biz Sectigo RSA Domain Validation Secure Server CA |
2023-11-26 - 2024-11-25 |
a year | crt.sh |
bootstrapcdn.com GTS CA 1P5 |
2024-01-28 - 2024-04-27 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://risky.biz/RB735/
Frame ID: F8C109CC350FFB0385E541573CCF18F8
Requests: 26 HTTP requests in this frame
Screenshot
![](/screenshots/305c5f56-d6e1-4b52-8910-69cfc5dc50a3.png)
Page Title
Risky Business #735 -- AnyDesk fails the transparency test - Risky BusinessDetected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
33 Outgoing links
These are links going to different origins than the main page.
Title: This episode sponsored by Trail of Bits.
Search URL Search Domain Scan URL
Title: Download mp3
Search URL Search Domain Scan URL
Title: AnyDesk initiates extensive credentials reset following cyberattack | Cybersecurity Dive
Search URL Search Domain Scan URL
Title: AnyDesk says software ‘safe to use’ after cyberattack
Search URL Search Domain Scan URL
Title: Former CIA officer who gave WikiLeaks state secrets gets 40-year sentence
Search URL Search Domain Scan URL
Title: Arrests in $400M SIM-Swap Tied to Heist at FTX? – Krebs on Security
Search URL Search Domain Scan URL
Title: Microsoft Breach — What Happened? What Should Azure Admins Do? | by Andy Robbins | Feb, 2024 | Posts By SpecterOps Team Members
Search URL Search Domain Scan URL
Title: Cloudflare hit by follow-on attack from previous Okta breach | Cybersecurity Dive
Search URL Search Domain Scan URL
Title: Thanksgiving 2023 security incident
Search URL Search Domain Scan URL
Title: US announces visa restriction policy targeting spyware abuses
Search URL Search Domain Scan URL
Title: Announcement of a Visa Restriction Policy to Promote Accountability for the Misuse of Commercial Spyware - United States Department of State
Search URL Search Domain Scan URL
Title: Deputy Prime Minister hosts first global conference targeting ‘hackers for hire’ and malicious use of commercial cyber tools - GOV.UK
Search URL Search Domain Scan URL
Title: New Google TAG report: How Commercial Surveillance Vendors work
Search URL Search Domain Scan URL
Title: A Startup Allegedly ‘Hacked the World.’ Then Came the Censorship—and Now the Backlash | WIRED
Search URL Search Domain Scan URL
Title: American businessman settles hacking case in UK against law firm
Search URL Search Domain Scan URL
Title: Crime bosses behind Myanmar cyber ‘fraud dens’ handed over to Chinese government
Search URL Search Domain Scan URL
Title: Another Chicago hospital announces cyberattack
Search URL Search Domain Scan URL
Title: Deepfake scammer walks off with $25 million in first-of-its-kind AI heist | Ars Technica
Search URL Search Domain Scan URL
Title: As if 2 Ivanti vulnerabilities under exploit weren’t bad enough, now there are 3 | Ars Technica
Search URL Search Domain Scan URL
Title: Two new Ivanti bugs discovered as CISA warns of hackers bypassing mitigations
Search URL Search Domain Scan URL
Title: Agencies using vulnerable Ivanti products have until Saturday to disconnect them | Ars Technica
Search URL Search Domain Scan URL
Title: The far right is scaring away Washington's private hacker army - POLITICO
Search URL Search Domain Scan URL
Title: Our thoughts on AIxCC’s competition format | Trail of Bits Blog
Search URL Search Domain Scan URL
Title: How CISA can improve OSS security | Trail of Bits Blog
Search URL Search Domain Scan URL
Title: Securing open-source infrastructure with OSTIF | Trail of Bits Blog
Search URL Search Domain Scan URL
Title: Announcing the Trail of Bits Testing Handbook | Trail of Bits Blog
Search URL Search Domain Scan URL
Title: 30 new Semgrep rules: Ansible, Java, Kotlin, shell scripts, and more | Trail of Bits Blog
Search URL Search Domain Scan URL
Title: Publishing Trail of Bits’ CodeQL queries | Trail of Bits Blog
Search URL Search Domain Scan URL
Title: The Unguarded Moment (2002 Digital Remaster) - YouTube
Search URL Search Domain Scan URL
Title: Boy Swallows Universe | Official Trailer | Netflix - YouTube
Search URL Search Domain Scan URL
Title: Newsletters
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
risky.biz/RB735/ |
97 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
syntax.css
risky.biz/static/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
17 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
super-search.css
risky.biz/static/css/ |
769 B 828 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
risky.biz/static/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
risky-biz.css
risky.biz/static/css/ |
1016 B 892 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
215 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tob.jpeg
risky.biz/static/img/sponsors/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ |
94 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.lazyload.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
super-search.js
risky.biz/static/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
socialite.min.js
risky.biz/static/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
382 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ |
50 KB 50 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/fonts/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2
fonts.gstatic.com/s/robotocondensed/v27/ |
56 KB 56 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
180 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
354 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 241 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sitemap.xml
risky.biz/ |
5 MB 1 MB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
120 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rblogo-280.png
risky.biz/static/img/logos/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
subscribe-280.png
risky.biz/static/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| gtag object| dataLayer function| $ function| jQuery object| jQuery111307582312120273713 object| google_tag_manager object| google_tag_data object| gaGlobal function| toggleSearch object| Socialite2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.risky.biz/ | Name: _ga_5ZMW0SZRCS Value: GS1.1.1710944326.1.0.1710944326.0.0.0 |
|
.risky.biz/ | Name: _ga Value: GA1.1.964028183.1710944327 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; |
X-Content-Type-Options | nosniff |
X-Frame-Options | sameorigin |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
region1.google-analytics.com
risky.biz
www.googletagmanager.com
104.236.162.111
2001:4860:4802:34::36
2606:4700::6811:190e
2606:4700::6812:acf
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:829::200a
2a00:1450:4001:830::200a
0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54
0333af292419876b92e53376731f625bf90232eab8608bcc3960b1e35cec8142
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
3627329bf4271e95fae36b1864344664bbbeb547fcb1230f03f510ac4f54063a
3fe3e7565d55f74b7857fd6b179f76d5aa133b7d7224e8feaccfbd6aa3406f04
40d11d3fcb9c466ebdffa00ac3fdffb47c55499dd55f5b789eb63e1f1adebc77
4e0d02c04fe3bb456ed7318a162a6248bd481b6f8e955fecda064d7c0ad3d792
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5505c7a3895f59ad38246b2c7f0673c1d3fe1ee114a8a09ed0524df4da61b122
5b27344b10b8d05fcc1bba8dde99c972c3b7bf98eb33203301c3965f0ed3c6b5
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
89c8d3135990bc1c8c776d84cad377e24d4263a498304c8f00da311c4b12a0c4
8fad87bc3cc3301472e2d66f663f4d6385fd5fcad259f8d2cd33de313cbc66a4
9593a05ff7822cae1bf5d3ac944e818534b9b29e31ed2d7131799e134800a47d
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
bf677e1b3c3924c89a2a12d84891ae72ec6aa09633ce926e02c3d52bb9d890a0
cf9db44a408bb7ca51314cfd8c2b279579d13b0fb9c138b4bd8b62645f03f1fc
dce03b0f322370ade2a23f50b013c39b9901c400ba7b2829ee926363ae4f399b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb47fc61244be390493c261f170451b1290a77c269a86f76ed370ac6ce40676f
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c