freelancersworldwide.top Open in urlscan Pro
2606:4700:3033::681b:96cd Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://freelancersworldwide.top/y.php
Submission: On October 23 via manual (October 23rd 2020, 7:35:58 am UTC) from ES

Summary HTTP 14 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3033::681b:96cd, located in United States and belongs to CLOUDFLARENET, US. The main domain is freelancersworldwide.top.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 22nd 2020. Valid for: a year.

This is the only time freelancersworldwide.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: TBC Bank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
14	2606:4700:303... 2606:4700:3033::681b:96cd		13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2

14 2606:4700:3033::681b:96cd (United States)

ASN13335 (CLOUDFLARENET, US)

freelancersworldwide.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	freelancersworldwide.top freelancersworldwide.top	418 KB
14	1

	Domain	Requested by
14	freelancersworldwide.top	freelancersworldwide.top
14	1

This site contains links to these domains. Also see Links.

Domain
www.google.com
windows.microsoft.com
www.mozilla.org
www.opera.com
www.apple.com
www.tbcbank.ge
tbconline.ge

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-22` - `2021-10-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://freelancersworldwide.top/y.php
Frame ID: 26FDCA8F0170B4150FF67D79E07B3831
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

14
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

418 kB
Transfer

1509 kB
Size

1
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/chrome

Search URL Search Domain Scan URL

URL: http://windows.microsoft.com/en-US/internet-explorer/products/ie/home

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/en-US/firefox/new/

Search URL Search Domain Scan URL

URL: https://www.opera.com/cs/computer

Search URL Search Domain Scan URL

URL: https://www.apple.com/safari/download/

Search URL Search Domain Scan URL

URL: http://www.tbcbank.ge/web/ka
Title: tbcbank.ge

Search URL Search Domain Scan URL

URL: http://www.tbcbank.ge/web/ka/web/guest/internet-banking
Title: უსაფრთხოება და კონფიდენციალურობა

Search URL Search Domain Scan URL

URL: http://www.tbcbank.ge/web/ka/web/guest/contact-us
Title: დაგვიკავშირდი

Search URL Search Domain Scan URL

URL: https://tbconline.ge/business/login
Title: ბიზნესი

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request y.php Show response freelancersworldwide.top/	1 MB 414 KB	464ms 338ms	Document text/html	2606:4700:3033::681b:96cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freelancersworldwide.top/y.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:96cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `14814f9500523d51d6994aa13399585cace8c160830693b68e6378458dcbd4cf` Request headers :method GET :authority freelancersworldwide.top :scheme https :path /y.php pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 23 Oct 2020 07:35:39 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d73131363d875dec1c99a13d5bddea3321603438539; expires=Sun, 22-Nov-20 07:35:39 GMT; path=/; domain=.freelancersworldwide.top; HttpOnly; SameSite=Lax cf-cache-status DYNAMIC cf-request-id 05f5fb89bf00001f391e018000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603438540"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 5e69c855fbd81f39-FRA content-encoding br
GET H2	200	Logo-ka.svg freelancersworldwide.top/img/	7 KB 3 KB	16ms 16ms	Image image/svg+xml	2606:4700:3033::681b:96cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://freelancersworldwide.top/img/Logo-ka.svg Requested by Host: freelancersworldwide.top URL: https://freelancersworldwide.top/y.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:96cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ba19da183de5cf0d12a3dc13723d1a3bc3a8bd3cfebc2f93c7050db7ec47a575` Request headers Referer https://freelancersworldwide.top/y.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 23 Oct 2020 07:35:40 GMT content-encoding br cf-cache-status HIT last-modified Fri, 09 Oct 2020 17:56:30 GMT server cloudflare age 2335 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603438540"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5e69c85d4e191f39-FRA cf-request-id 05f5fb8e4a00001f3992bd2000000001
GET H2	404	TBCDinNusxuri-Medium.0993d096f021c31fff6214b31535e65b.woff2 freelancersworldwide.top/img/	0 0	294ms 294ms	Font text/html	2606:4700:3033::681b:96cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freelancersworldwide.top/img/TBCDinNusxuri-Medium.0993d096f021c31fff6214b31535e65b.woff2 Requested by Host: freelancersworldwide.top URL: https://freelancersworldwide.top/y.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:96cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://freelancersworldwide.top Referer https://freelancersworldwide.top/y.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 23 Oct 2020 07:35:40 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603438541"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 5e69c85d5e561f39-FRA cf-request-id 05f5fb8e5500001f399489f000000001
GET H2	200	flag-geo.68bac5b5d82e2d65a89bc907d80d020b.svg freelancersworldwide.top/img/	958 B 494 B	319ms 318ms	Image image/svg+xml	2606:4700:3033::681b:96cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://freelancersworldwide.top/img/flag-geo.68bac5b5d82e2d65a89bc907d80d020b.svg Requested by Host: freelancersworldwide.top URL: https://freelancersworldwide.top/y.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:96cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `52eea8e7561f0493a0ef69eb98bab023df2570a3fba4b111d9c3d8b2cf25888c` Request headers Referer https://freelancersworldwide.top/y.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 23 Oct 2020 07:35:40 GMT content-encoding br cf-cache-status MISS last-modified Fri, 09 Oct 2020 17:59:10 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603438541"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5e69c85d8ef61f39-FRA cf-request-id 05f5fb8e7600001f3978111000000001
GET H2	200	flag-switch2.98021754eb93859098c11d8bb08c5800.svg freelancersworldwide.top/img/	338 B 326 B	315ms 314ms	Image image/svg+xml	2606:4700:3033::681b:96cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://freelancersworldwide.top/img/flag-switch2.98021754eb93859098c11d8bb08c5800.svg Requested by Host: freelancersworldwide.top URL: https://freelancersworldwide.top/y.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:96cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6eb677fe0b15e23bab16696610d7b41c7889f7d272093e2887aef96f7ced388a` Request headers Referer https://freelancersworldwide.top/y.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 23 Oct 2020 07:35:40 GMT content-encoding br cf-cache-status MISS last-modified Fri, 09 Oct 2020 17:58:26 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603438541"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5e69c85d8efa1f39-FRA cf-request-id 05f5fb8e7800001f39959fb000000001
GET H2	200	flag-gb.2e9c71c7514c4036f0122b1bdc202c17.svg freelancersworldwide.top/img/	522 B 343 B	314ms 314ms	Image image/svg+xml	2606:4700:3033::681b:96cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://freelancersworldwide.top/img/flag-gb.2e9c71c7514c4036f0122b1bdc202c17.svg Requested by Host: freelancersworldwide.top URL: https://freelancersworldwide.top/y.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:96cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d9b86c8de4422e66eeb0d0ab9074f51434eca690fd0caf96e7eade4ea726e32f` Request headers Referer https://freelancersworldwide.top/y.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 23 Oct 2020 07:35:40 GMT content-encoding br cf-cache-status MISS last-modified Fri, 09 Oct 2020 17:59:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603438541"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 5e69c85d8f021f39-FRA cf-request-id 05f5fb8e7800001f39601b1000000001
GET H2	200	tbc-icon-corporate.eb182cdb593d01705b20d83a1a6e5905.png freelancersworldwide.top/img/	252 B 374 B	314ms 313ms	Image image/png	2606:4700:3033::681b:96cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://freelancersworldwide.top/img/tbc-icon-corporate.eb182cdb593d01705b20d83a1a6e5905.png Requested by Host: freelancersworldwide.top URL: https://freelancersworldwide.top/y.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:96cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `11c7369c6ae33231923bbf556f733e1b7fd71cc208b45090da6c967b6c9f14aa` Request headers Referer https://freelancersworldwide.top/y.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 23 Oct 2020 07:35:40 GMT cf-cache-status MISS last-modified Fri, 09 Oct 2020 17:59:52 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603438541"}],"group":"cf-nel","max_age":604800} content-type image/png status 200 cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 5e69c85d8f051f39-FRA content-length 252 cf-request-id 05f5fb8e7800001f3920065000000001
GET DATA	200 OK	truncated /	296 KB 0		Image image/jpg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `028dbe842bbe9829d449b66701b5e1d198d171271eeb6a8662fd9df8322c1411` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/jpg
GET H2	404	TBCDinMtavruli-Regular.4ee04717676a109a81f2980c59a7a419.ttf freelancersworldwide.top/img/	0 0	292ms 292ms	Font text/html	2606:4700:3033::681b:96cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freelancersworldwide.top/img/TBCDinMtavruli-Regular.4ee04717676a109a81f2980c59a7a419.ttf Requested by Host: freelancersworldwide.top URL: https://freelancersworldwide.top/y.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:96cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://freelancersworldwide.top Referer https://freelancersworldwide.top/y.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 23 Oct 2020 07:35:40 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603438541"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 5e69c85d8f0d1f39-FRA cf-request-id 05f5fb8e7a00001f39a22e4000000001
GET H2	404	TBCDinNusxuri-Medium.c890f6bb8e737e4696e4436dfad6c5d5.woff freelancersworldwide.top/img/	0 0	293ms 293ms	Font text/html	2606:4700:3033::681b:96cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freelancersworldwide.top/img/TBCDinNusxuri-Medium.c890f6bb8e737e4696e4436dfad6c5d5.woff Requested by Host: freelancersworldwide.top URL: https://freelancersworldwide.top/y.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:96cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://freelancersworldwide.top Referer https://freelancersworldwide.top/y.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 23 Oct 2020 07:35:40 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603438541"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 5e69c85f2b371f39-FRA cf-request-id 05f5fb8f7c00001f3992bf4000000001
GET H2	404	TBCDinMtavruli-Regular.fa867e0aecba53af22b43b91fd7f31d8.woff freelancersworldwide.top/img/	0 0	347ms 345ms	Font text/html	2606:4700:3033::681b:96cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freelancersworldwide.top/img/TBCDinMtavruli-Regular.fa867e0aecba53af22b43b91fd7f31d8.woff Requested by Host: freelancersworldwide.top URL: https://freelancersworldwide.top/y.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:96cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://freelancersworldwide.top Referer https://freelancersworldwide.top/y.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 23 Oct 2020 07:35:41 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603438541"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 5e69c85f6bb61f39-FRA cf-request-id 05f5fb8fa000001f3961af6000000001
GET H2	404	TBCDinNusxuri-Medium.7cf23745d0e3d668243dfc1f1dabe386.ttf freelancersworldwide.top/img/	0 0	294ms 294ms	Font text/html	2606:4700:3033::681b:96cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freelancersworldwide.top/img/TBCDinNusxuri-Medium.7cf23745d0e3d668243dfc1f1dabe386.ttf Requested by Host: freelancersworldwide.top URL: https://freelancersworldwide.top/y.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:96cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://freelancersworldwide.top Referer https://freelancersworldwide.top/y.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 23 Oct 2020 07:35:41 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603438541"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 5e69c8610fc91f39-FRA cf-request-id 05f5fb90a200001f396c060000000001
GET H2	404	TBCDinMtavruli-Medium.088027233239548b1fb0cb29a0b515d4.woff2 freelancersworldwide.top/img/	0 0	370ms 370ms	Font text/html	2606:4700:3033::681b:96cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freelancersworldwide.top/img/TBCDinMtavruli-Medium.088027233239548b1fb0cb29a0b515d4.woff2 Requested by Host: freelancersworldwide.top URL: https://freelancersworldwide.top/y.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:96cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://freelancersworldwide.top Referer https://freelancersworldwide.top/y.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 23 Oct 2020 07:35:41 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603438542"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 5e69c862dccd1f39-FRA cf-request-id 05f5fb91ca00001f3926251000000001
GET H2	404	TBCDinMtavruli-Medium.99b11df3aaace8fd5aeaa43d8ebdffaf.woff freelancersworldwide.top/img/	0 0	1000ms 1000ms	Font text/html	2606:4700:3033::681b:96cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freelancersworldwide.top/img/TBCDinMtavruli-Medium.99b11df3aaace8fd5aeaa43d8ebdffaf.woff Requested by Host: freelancersworldwide.top URL: https://freelancersworldwide.top/y.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:96cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://freelancersworldwide.top Referer https://freelancersworldwide.top/y.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 23 Oct 2020 07:35:42 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603438543"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 5e69c8652a231f39-FRA cf-request-id 05f5fb933d00001f398b15a000000001
GET H2	404	TBCDinMtavruli-Medium.eb1b2e93681b29044d5a5da10670e911.ttf freelancersworldwide.top/img/	0 0	301ms 300ms	Font text/html	2606:4700:3033::681b:96cd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freelancersworldwide.top/img/TBCDinMtavruli-Medium.eb1b2e93681b29044d5a5da10670e911.ttf Requested by Host: freelancersworldwide.top URL: https://freelancersworldwide.top/y.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681b:96cd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Origin https://freelancersworldwide.top Referer https://freelancersworldwide.top/y.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 23 Oct 2020 07:35:42 GMT content-encoding br cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603438543"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 status 404 cache-control max-age=14400 cf-ray 5e69c86b7adf1f39-FRA cf-request-id 05f5fb972b00001f396029c000000001

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: TBC Bank (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.freelancersworldwide.top/	1970-01-19 14:07:10	Name: __cfduid Value: d73131363d875dec1c99a13d5bddea3321603438539

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

freelancersworldwide.top
2606:4700:3033::681b:96cd
028dbe842bbe9829d449b66701b5e1d198d171271eeb6a8662fd9df8322c1411
11c7369c6ae33231923bbf556f733e1b7fd71cc208b45090da6c967b6c9f14aa
14814f9500523d51d6994aa13399585cace8c160830693b68e6378458dcbd4cf
52eea8e7561f0493a0ef69eb98bab023df2570a3fba4b111d9c3d8b2cf25888c
6eb677fe0b15e23bab16696610d7b41c7889f7d272093e2887aef96f7ced388a
ba19da183de5cf0d12a3dc13723d1a3bc3a8bd3cfebc2f93c7050db7ec47a575
d9b86c8de4422e66eeb0d0ab9074f51434eca690fd0caf96e7eade4ea726e32f

freelancersworldwide.top Open in urlscan Pro 2606:4700:3033::681b:96cd Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

418 kBTransfer

1509 kBSize

1 Cookies

9 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

Indicators

freelancersworldwide.top Open in urlscan Pro
2606:4700:3033::681b:96cd Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

418 kB
Transfer

1509 kB
Size

1
Cookies

14 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!