reward.lat Open in urlscan Pro
45.131.111.21 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://reward.lat/4yPnNd608IEiR42jabmvlyomf23ALZOKXJODNPPOBE184/61510M12
Effective URL:
http://reward.lat/news?q=This%20link%20is%20locked!
Submission Tags: https://phish.report @phish_report Search All
Submission: On July 07 via api (July 7th 2023, 1:23:21 am UTC) from FI — Scanned from NL

Summary HTTP 3 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 2 IPs in 3 countries across 2 domains to perform 3 HTTP transactions. The main IP is 45.131.111.21, located in Eygelshoven, Netherlands and belongs to FERDINANDZINK, DE. The main domain is reward.lat.

This is the only time reward.lat was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 12 votes Show Verdicts

Domain & IP information

	IP Address	AS Autonomous System
2	45.131.111.21 45.131.111.21	49581 (FERDINAND...) (FERDINANDZINK)
1 1	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
1	2a02:26f0:170... 2a02:26f0:1700:793::2313	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2

2 45.131.111.21 (Eygelshoven, Netherlands)

ASN49581 (FERDINANDZINK, DE)
PTR: tube-hosting.com

reward.lat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

feeds.foxnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:793::2313 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

moxie.foxnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	foxnews.com 1 redirects feeds.foxnews.com — Cisco Umbrella Rank: 198489 moxie.foxnews.com — Cisco Umbrella Rank: 60760	36 KB
2	reward.lat reward.lat	4 KB
3	2

	Domain	Requested by
2	reward.lat	reward.lat
1	moxie.foxnews.com
1	feeds.foxnews.com	1 redirects
3	3

This site contains links to these domains. Also see Links.

Domain
www.foxnews.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://reward.lat/news?q=This%20link%20is%20locked!
Frame ID: B25670889727DD0C5A5802B7E90757E8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fox News World RSS Feed - jomaliff.live

Page URL History Show full URLs

http://reward.lat/4yPnNd608IEiR42jabmvlyomf23ALZOKXJODNPPOBE184/61510M12 Page URL
http://reward.lat/news?q=This%20link%20is%20locked! Page URL

Page Statistics

3
Requests

0 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

2
IPs

3
Countries

40 kB
Transfer

123 kB
Size

0
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.foxnews.com/world/australian-man-charged-murder-toddler-babysat-june
Title: Australian man charged with murder of toddler he babysat in June

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/ex-us-officials-held-secrets-talks-russians-ukraine-war-report
Title: Ex-US officials held secrets talks with Russians on Ukraine War: report

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/romania-eyes-f-16-training-facility-nato-allies-ukraine
Title: Romania eyes F-16 training facility for NATO allies, Ukraine

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/un-chief-strongly-criticizes-israels-excessive-force-recent-military-operation
Title: UN chief strongly criticizes Israel's excessive use of force in recent military operation

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/spanish-migrant-rights-group-reports-951-died-attempting-reach-spain-sea-first-half-2023
Title: Spanish migrant rights group reports 951 died attempting to reach Spain by sea in first half of 2023

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/death-toll-rises-55-pakistan-monsoon-rains-trigger-flash-flood-fears
Title: Death toll rises to 55 in Pakistan as monsoon rains trigger flash flood fears

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/uk-lawmaker-faces-likely-ejection-london-nightclub-groping-incident
Title: UK lawmaker faces likely ejection after London nightclub groping incident

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/french-president-macron-urges-order-calm-amid-unrest-following-police-killing-17-year-old-boy
Title: French President Macron urges order and calm amid unrest following police killing of 17-year-old boy

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/french-government-recommends-tiktok-restrctionsr-macron-blamed-chinese-app-fueling-youth-rioters
Title: French government recommends TikTok restrictions after Macron blamed Chinese app for fueling youth rioters

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/hamas-militant-attacks-israeli-settlement-west-bank-prompting-questions-israeli-raids-effectiveness
Title: Hamas militant attacks Israeli settlement in West Bank, prompting questions on Israeli raid's effectiveness

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/un-mission-chief-south-sudan-unprepared-first-election-coming-year
Title: UN mission chief: South Sudan unprepared for first election in coming year

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/eu-sees-critical-areas-concern-use-herbicide-slammed-environmentalists
Title: EU sees no 'critical areas of concern' in use of herbicide slammed by environmentalists

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/german-lawmakers-fail-agree-assisted-suicide-regulations
Title: German lawmakers fail to agree on assisted suicide regulations

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/bulgarias-support-ukraines-nato-membership-grows-stronger-zelenskyys-visit
Title: Bulgaria's support for Ukraine's NATO membership grows stronger during Zelenskyy's visit

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/tragic-crash-private-school-wimbledon-kills-8-year-old-girl
Title: Tragic crash at private school in Wimbledon kills 8-year-old girl

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/former-el-salvador-president-mauricio-funes-sentenced-6-years-prison-tax-evasion
Title: Former El Salvador President Mauricio Funes sentenced to 6 years in prison for tax evasion

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/body-parts-strewn-around-mexican-city-believed-linked-drug-cartel
Title: Body parts strewn around Mexican city, believed to be linked to drug cartel

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/death-toll-south-african-gas-leak-blamed-illegal-gold-processing-risen-17
Title: Death toll from South African gas leak blamed on illegal gold processing has risen to 17

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/trudeau-blasted-for-fan-girling-in-twitter-reply-to-taylor-swift-put-out-the-fires-justin
Title: Trudeau blasted for 'fan girling' in Twitter reply to Taylor Swift: 'Put out the fires Justin'

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/mass-expulsions-mistreatment-migrants-reported-tunisia-tensions-spike-port-city
Title: Mass expulsions and mistreatment of migrants reported in Tunisia as tensions spike in port city

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/mexican-cartel-suspected-case-severed-body-parts-found-outside-state-capital
Title: Mexican cartel suspected in case of severed body parts found outside state capital

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/chinas-top-diplomat-criticized-comments-calling-race-based-alliance-beijing-pushes-back
Title: China's top diplomat criticized for comments calling for race-based alliance, Beijing pushes back

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/russian-missile-strike-kills-4-civilians-lviv-zelenskyy-vows-response
Title: Russian missile strike kills 4 civilians in Lviv as Zelenskyy vows response

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/exiled-wagner-mercenary-chief-yevgeny-prigozhin-russia-president-belarus
Title: Exiled Wagner mercenary chief Yevgeny Prigozhin in Russia, president of Belarus says

Search URL Search Domain Scan URL

URL: https://www.foxnews.com/world/new-video-shows-russian-fighter-jets-harassing-american-drones-syria-us-air-force-says
Title: New video shows Russian fighter jets harassing American drones over Syria, US Air Force says

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://reward.lat/4yPnNd608IEiR42jabmvlyomf23ALZOKXJODNPPOBE184/61510M12 Page URL
http://reward.lat/news?q=This%20link%20is%20locked! Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://feeds.foxnews.com/foxnews/world HTTP 301
https://moxie.foxnews.com/google-publisher/world.xml

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	61510M12 Show response reward.lat/4yPnNd608IEiR42jabmvlyomf23ALZOKXJODNPPOBE184/	182 B 436 B	124ms 62ms	Document text/html	45.131.111.21 FERDINANDZINK
General Check archive.org Show headers Download Go to Full URL http://reward.lat/4yPnNd608IEiR42jabmvlyomf23ALZOKXJODNPPOBE184/61510M12 Protocol HTTP/1.1 Server 45.131.111.21 Eygelshoven, Netherlands, ASN49581 (FERDINANDZINK, DE), Reverse DNS tube-hosting.com Software / Resource Hash `b3b13b0f84ac00011263aa2764ff4754b18a6bc422a63c45e8d22580fe253b4a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Content-Length 182 Content-Type text/html; charset=utf-8 Date Fri, 07 Jul 2023 01:23:17 GMT X-Address gin_throttle_mw_7200000000_31.204.150.115 X-Ratelimit-Limit 500 X-Ratelimit-Remaining 499 X-Ratelimit-Reset 1688696597
GET H/1.1	200 OK	Primary Request news Show response reward.lat/	3 KB 3 KB	32ms 32ms	Document text/html	45.131.111.21 FERDINANDZINK
General Check archive.org Show headers Download Go to Full URL http://reward.lat/news?q=This%20link%20is%20locked! Requested by Host: reward.lat URL: http://reward.lat/4yPnNd608IEiR42jabmvlyomf23ALZOKXJODNPPOBE184/61510M12 Protocol HTTP/1.1 Server 45.131.111.21 Eygelshoven, Netherlands, ASN49581 (FERDINANDZINK, DE), Reverse DNS tube-hosting.com Software / Resource Hash `238d2fe62bbfd2b7066cde2fe75a83215b85b075ac0f2b3f3077bcd0a64c7bfe` Request headers Referer http://reward.lat/4yPnNd608IEiR42jabmvlyomf23ALZOKXJODNPPOBE184/61510M12 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Content-Type text/html; charset=utf-8 Date Fri, 07 Jul 2023 01:23:18 GMT Transfer-Encoding chunked X-Address gin_throttle_mw_7200000000_31.204.150.115 X-Ratelimit-Limit 500 X-Ratelimit-Remaining 498 X-Ratelimit-Reset 1688696597
GET H2	200	world.xml Show response moxie.foxnews.com/google-publisher/ Redirect Chain https://feeds.foxnews.com/foxnews/world https://moxie.foxnews.com/google-publisher/world.xml	120 KB 36 KB	171ms 45ms	Fetch text/xml	2a02:26f0:1700:793::2313 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://moxie.foxnews.com/google-publisher/world.xml Protocol H2 Server 2a02:26f0:1700:793::2313 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Express Resource Hash `9895c4558424a18544e17fbe0d1fa773b665fdf4d67a3a6e86497e87e9bff990` Request headers accept-language nl-NL,nl;q=0.9 Referer http://reward.lat/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-cache-hits 1039, 1 date Fri, 07 Jul 2023 01:23:18 GMT content-encoding gzip x-amzn-remapped-content-length 122943 x-moxiev2-version 1.0.0 x-origin prod_moxie x-powered-by Express x-amzn-requestid 8c36b4e6-2c03-4a15-8d05-5ee2e65af547 x-amz-apigw-id HqyYuFDJoAMFjNw= content-length 36040 x-served-by cache-iad-kiad7000170-IAD, cache-fra-etou8220066-FRA x-forwarded-host moxie.foxnews.com x-timer S1688692999.683890,VS0,VE1 x-amzn-trace-id Root=1-64a76437-04bb813b7120f438571fc334;Sampled=0;lineage=5b3254cd:0 etag W/"1e03f-hhUh8Gm7Pi4iMSh0gFotY2KLTjA" vary Accept-Encoding access-control-allow-methods GET,POST,OPTIONS content-type text/xml; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0 access-control-allow-credentials false access-control-max-age 86400 accept-ranges bytes x-debug-path /prod/fn/google-publisher/world.xml access-control-allow-headers * expires Fri, 07 Jul 2023 01:23:18 GMT Redirect headers date Fri, 07 Jul 2023 01:23:18 GMT via 1.1 varnish x-cache HIT content-length 0 x-served-by cache-bru1480042-BRU x-timer S1688692999.519921,VS0,VE0 access-control-max-age 86400 access-control-allow-methods GET,HEAD,POST,OPTIONS location https://moxie.foxnews.com/google-publisher/world.xml access-control-allow-origin * access-control-expose-headers etag access-control-allow-credentials false accept-ranges bytes access-control-allow-headers * retry-after 0 x-cache-hits 0

Verdicts & Comments Add Verdict or Comment

Malicious page.domain
Submitted on October 24th 2023, 10:09:28 pm UTC — From United States

Threats: Malware Unwanted Software Potentially Harmful Application
Comment: RUSSIAN SPYWARE: https://reward.lat/4RXKZi2340mQTV224rqnrhcxzod38LXMKRLOUALIRIBO30/189569p12 sent by RUSSIAN MALNET using harvested emails and MALICIOUS websites: https://reward.lat https://www.greywish.com https://www.po2n8trk.com https://tryocuprime.com https://jomaliff.live https://makeyoumine.co https://tupitea.co https://t.co https://firebasestorage.googleapis.com https://noisygrip.com https://deals.getthephotostickomni.io https://shop.getthephotostickomni.io

Malicious page.domain
Submitted on October 24th 2023, 9:54:13 pm UTC — From United States

Threats: Malware Unwanted Software Potentially Harmful Application
Comment: RUSSIAN SPYWARE: https://reward.lat/4GSfxY2341ylFz224refhjuloom38HOYNOUTNUJQOYRT30/189569T12 sent by RUSSIAN MALNET using harvested emails and MALICIOUS websites: https://reward.lat https://www.greywish.com https://www.po2n8trk.com https://tryocuprime.com https://t.co https://firebasestorage.googleapis.com https://noisygrip.com https://deals.getthephotostickomni.io https://shop.getthephotostickomni.io https://getthephotostickomni.io https://deals.getaudienatom.io https://getaudienatom.io

Malicious page.domain
Submitted on October 6th 2023, 1:23:17 am UTC — From United States

Threats: Malware Unwanted Software Potentially Harmful Application
Comment: RUSSIAN SPYWARE: https://reward.lat/4JhFCd704qDos33bxymytdpdc38DTBLUSNXTGOCILJ30/133522I14 sent by RUSSIAN MALNET using harvested emails and MALICIOUS websites: https://reward.lat https://www.greywish.com https://hop.clickbank.net https://getprostadine.com https://jomaliff.live https://www.br2ghatrk.com https://trfusera1.com https://testamazingshop.com http://fenders.makeup https://t.co https://firebasestorage.googleapis.com https://untestedpaper.com https://bit.ly https://secret-flingers.ru

Malicious page.url
Submitted on October 4th 2023, 1:50:22 am UTC — From United States

Threats: Malware Unwanted Software Potentially Harmful Application
Comment: RUSSIAN SPYWARE: https://reward.lat/4Wpoim609byQz90iznyyowomo38LEBMYUZTLYCHWLM30/8332y14 sent by RUSSIAN MALNET using harvested emails and MALICIOUS websites: https://reward.lat https://www.br2ghatrk.com https://trkendo.com https://thehiddenorgan.com http://fenders.makeup https://storage.googleapis.com http://paullewis.college https://bocxepnhanh247.com https://coin-2-fa-base.com https://zupimages.net https://s-1696109755.yourdailies.co.uk https://clk-1696109755.newoneli.live

Malicious page.url
Submitted on September 30th 2023, 5:16:24 pm UTC — From United States

Threats: Malware Unwanted Software Potentially Harmful Application
Comment: RUSSIAN SPYWARE: https://reward.lat/4NtrOu510QoxI64qzoovumudl38JFYNZQEZCIHGQRC30/66446E13 sent by RUSSIAN MALNET using harvested emails and MALICIOUS websites: https://reward.lat https://www.greywish.com https://hop.clickbank.net https://emperorsvigortonic.com

Malicious page.url
Submitted on September 24th 2023, 4:33:54 pm UTC — From United States

Threats: Malware Unwanted Software Potentially Harmful Application
Comment: RUSSIAN SPYWARE: https://reward.lat/4gMeaa49rmzl3zvrgztouax38KLGOVOWJLNZWZEU30/8220s13 sent by RUSSIAN MALNET using harvested emails and MALICIOUS websites: https://reward.lat https://www.br2ghatrk.com https://trfusera1.com https://testamazingshop.com http://fenders.makeup http://xenicalorlistat.online http://kaori.jusana.net http://www.medence.info http://binkmail.com https://eternalflutterecho.ru https://datewave.ru https://soulmateway.ru https://blissfulharmonyjourney.ru

Malicious page.url
Submitted on July 27th 2023, 12:55:16 pm UTC — From United States

Threats: Malware Unwanted Software Potentially Harmful Application
Comment: http://reward.lat/4yPnNd608IEiR42jabmvlyomf23ALZOKXJODNPPOBE184/61510M12

Malicious page.url
Submitted on July 24th 2023, 3:16:46 am UTC — From United States

Threats: Malware Unwanted Software Potentially Harmful Application
Comment: RUSSIAN MALWARE sent by large botnet targeting email addresses obtained from DATA BREACH using malicious websites: https://reward.lat/4gKoJq1823OHzi157iavtbkyazx23CDBAFTXEAVPDIIJ184/96197G14 https://www.greywish.com https://tinyurl.com/2b79u269 https://s-1690121050.picotur.live https://clk.picotur.live https://festivalgrain.com https://tinyurl.com/2b79u269

Malicious page.url
Submitted on July 19th 2023, 1:07:52 pm UTC — From United States

Threats: Malware Unwanted Software Potentially Harmful Application
Comment: RUSSIAN MALWARE sent by large botnet targeting email addresses obtained from DATA BREACH using malicious websites: https://reward.lat/4LoMVH1586JcfA42pzdbjmpoif23GDQAPSQYFIPGUDD184/133508U14 https://tinyurl.com/ https://clk.picotur.live https://www.greywish.com https://planebale.com https://universalslimer.com http://mrk2023.com/ https://www.br2ghatrk.com/ http://yrk2023.com/

Malicious page.url
Submitted on July 17th 2023, 12:09:38 pm UTC — From United States

Threats: Malware Social Engineering Spearphishing
Comment: RUSSIAN MALWARE sent by large botnet targeting email addresses obtained from DATA BREACH: https://reward.lat/4VovHJ1498yASH88bqmxgszegt23OULSCPDXQLVLKVG184/117063v12 using obfuscated malicious networks: https://comercio.click http://h-eshop.store http://reward.lat https://www.br2ghatrk.com https://www.greywish.com https://planebale.com https://universalslimer.com https://pushingraids.com/

Malicious page.url
Submitted on July 16th 2023, 10:48:25 pm UTC — From United States

Threats: Malware Social Engineering Spearphishing
Comment: http://reward.lat/4yPnNd608IEiR42jabmvlyomf23ALZOKXJODNPPOBE184/61510M12

Malicious page.url
Submitted on July 16th 2023, 12:20:13 am UTC — From United States

Threats: Malware Social Engineering Spearphishing
Comment: RUSSIAN MALWARE sent by large botnet targeting email addresses obtained from DATA BREACH: https://reward.lat/4IMiru1181QIMy42xgyrhodvnu23YEPTPKOZVEBJXGN184/34251q14 using obfuscated MALNETS with disposable URLs owned by: https://www.greywish.com https://h-eshop.store/ https://planebale.com https://universalslimer.com https://www.br2ghatrk.com/

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

feeds.foxnews.com
moxie.foxnews.com
reward.lat
151.101.66.132
2a02:26f0:1700:793::2313
45.131.111.21
238d2fe62bbfd2b7066cde2fe75a83215b85b075ac0f2b3f3077bcd0a64c7bfe
9895c4558424a18544e17fbe0d1fa773b665fdf4d67a3a6e86497e87e9bff990
b3b13b0f84ac00011263aa2764ff4754b18a6bc422a63c45e8d22580fe253b4a

reward.lat Open in urlscan Pro 45.131.111.21 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 12 votes Show Verdicts

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

3 Requests

0 %HTTPS

33 %IPv6

2 Domains

3 Subdomains

2 IPs

3 Countries

40 kBTransfer

123 kBSize

0 Cookies

25 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Malicious page.domain Submitted on October 24th 2023, 10:09:28 pm UTC — From United States

Malicious page.domain Submitted on October 24th 2023, 9:54:13 pm UTC — From United States

Malicious page.domain Submitted on October 6th 2023, 1:23:17 am UTC — From United States

Malicious page.url Submitted on October 4th 2023, 1:50:22 am UTC — From United States

Malicious page.url Submitted on September 30th 2023, 5:16:24 pm UTC — From United States

Malicious page.url Submitted on September 24th 2023, 4:33:54 pm UTC — From United States

Malicious page.url Submitted on July 27th 2023, 12:55:16 pm UTC — From United States

Malicious page.url Submitted on July 24th 2023, 3:16:46 am UTC — From United States

Malicious page.url Submitted on July 19th 2023, 1:07:52 pm UTC — From United States

Malicious page.url Submitted on July 17th 2023, 12:09:38 pm UTC — From United States

Malicious page.url Submitted on July 16th 2023, 10:48:25 pm UTC — From United States

Malicious page.url Submitted on July 16th 2023, 12:20:13 am UTC — From United States

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

3 JavaScript Global Variables

0 Cookies

Indicators

reward.lat Open in urlscan Pro
45.131.111.21 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

0 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

2
IPs

3
Countries

40 kB
Transfer

123 kB
Size

0
Cookies

3 HTTP transactions
0 data transactions

Malicious page.domain
Submitted on October 24th 2023, 10:09:28 pm UTC — From United States

Malicious page.domain
Submitted on October 24th 2023, 9:54:13 pm UTC — From United States

Malicious page.domain
Submitted on October 6th 2023, 1:23:17 am UTC — From United States

Malicious page.url
Submitted on October 4th 2023, 1:50:22 am UTC — From United States

Malicious page.url
Submitted on September 30th 2023, 5:16:24 pm UTC — From United States

Malicious page.url
Submitted on September 24th 2023, 4:33:54 pm UTC — From United States

Malicious page.url
Submitted on July 27th 2023, 12:55:16 pm UTC — From United States

Malicious page.url
Submitted on July 24th 2023, 3:16:46 am UTC — From United States

Malicious page.url
Submitted on July 19th 2023, 1:07:52 pm UTC — From United States

Malicious page.url
Submitted on July 17th 2023, 12:09:38 pm UTC — From United States

Malicious page.url
Submitted on July 16th 2023, 10:48:25 pm UTC — From United States

Malicious page.url
Submitted on July 16th 2023, 12:20:13 am UTC — From United States

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!