www.stonys.ru
Open in
urlscan Pro
172.67.166.245
Malicious Activity!
Public Scan
Effective URL: https://www.stonys.ru/2DF_FC__oIiIn/?offer_id=521&aff_id=1057&aff_sub=5475565c39ac4787bf80188e2528922c&aff_sub5=670454...
Submission: On April 10 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on February 16th 2024. Valid for: 3 months.
This is the only time www.stonys.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Investment Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 192.0.78.26 192.0.78.26 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
1 1 | 34.96.118.183 34.96.118.183 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
24 | 172.67.166.245 172.67.166.245 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
27 | 3 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 183.118.96.34.bc.googleusercontent.com
www.indicatomi.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
stonys.ru
www.stonys.ru |
920 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 381 |
46 KB |
1 |
indicatomi.com
1 redirects
www.indicatomi.com |
538 B |
1 |
href.li
href.li — Cisco Umbrella Rank: 140724 |
407 B |
27 | 4 |
Domain | Requested by | |
---|---|---|
24 | www.stonys.ru |
href.li
www.stonys.ru |
2 | cdnjs.cloudflare.com |
www.stonys.ru
|
1 | www.indicatomi.com | 1 redirects |
1 | href.li | |
27 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
tls.automattic.com R3 |
2024-03-05 - 2024-06-03 |
3 months | crt.sh |
stonys.ru GTS CA 1P5 |
2024-02-16 - 2024-05-16 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.stonys.ru/2DF_FC__oIiIn/?offer_id=521&aff_id=1057&aff_sub=5475565c39ac4787bf80188e2528922c&aff_sub5=670454&aff_sub3=&aff_sub4=&aff_sub2=2DFbankbreak&aff_click_id=
Frame ID: 5D9088B2E7574A97989D69800C3CCCF0
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
ZDFmediathek - Die jüngste Investition von Lena hat Experten beunruhigt und große Banken zittern lassenPage URL History Show full URLs
- https://href.li/?https://www.indicatomi.com/2CS3CW66X/9W8K3ZH/ Page URL
-
https://www.indicatomi.com/2CS3CW66X/9W8K3ZH/
HTTP 302
https://www.stonys.ru/2DF_FC__oIiIn/?offer_id=521&aff_id=1057&aff_sub=5475565c39ac4787bf80188e2528... Page URL
Detected technologies
Moment.js (JavaScript Libraries) ExpandDetected patterns
- moment(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://href.li/?https://www.indicatomi.com/2CS3CW66X/9W8K3ZH/ Page URL
-
https://www.indicatomi.com/2CS3CW66X/9W8K3ZH/
HTTP 302
https://www.stonys.ru/2DF_FC__oIiIn/?offer_id=521&aff_id=1057&aff_sub=5475565c39ac4787bf80188e2528922c&aff_sub5=670454&aff_sub3=&aff_sub4=&aff_sub2=2DFbankbreak&aff_click_id= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
href.li/ |
523 B 407 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
/
www.stonys.ru/2DF_FC__oIiIn/ Redirect Chain
|
73 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
www.stonys.ru/2DF_FC__oIiIn/assets/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ |
95 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/ |
50 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
www.stonys.ru/2DF_FC__oIiIn/assets/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cegrc1o7f3llvodpyray.jpg
www.stonys.ru/2DF_FC__oIiIn/assets/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jgc2qdsl7f0wbpyk9nap.jpg
www.stonys.ru/2DF_FC__oIiIn/assets/ |
62 KB 62 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jwccfgscfkwc894gdtcg.jpg
www.stonys.ru/2DF_FC__oIiIn/assets/ |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dyxpm6j17qfnmnhj9rdc.jpg
www.stonys.ru/2DF_FC__oIiIn/assets/ |
37 KB 38 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
xjfu04hzwv1fubhhu6l7.jpg
www.stonys.ru/2DF_FC__oIiIn/assets/ |
82 KB 82 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ulprhvedsgozq6r6gy8t.jpg
www.stonys.ru/2DF_FC__oIiIn/assets/ |
91 KB 92 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
l4tebgz5cuohroqtccyi.jpg
www.stonys.ru/2DF_FC__oIiIn/assets/ |
96 KB 97 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
step1.jpg
www.stonys.ru/2DF_FC__oIiIn/assets/ |
92 KB 93 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
step.jpg
www.stonys.ru/2DF_FC__oIiIn/assets/ |
28 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
step3.jpg
www.stonys.ru/2DF_FC__oIiIn/assets/ |
34 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
l7kp6sagzvgjamrhi0w8.jpg
www.stonys.ru/2DF_FC__oIiIn/assets/ |
14 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ainicniusbw2nyx3hlfi.jpg
www.stonys.ru/2DF_FC__oIiIn/assets/ |
110 KB 110 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
xo0rgoorgbynpgw4kyqp.jpg
www.stonys.ru/2DF_FC__oIiIn/assets/ |
33 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ooo3goob2pv5nlmdwwas.jpg
www.stonys.ru/2DF_FC__oIiIn/assets/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jfn5vt9dszilcurtwjlo.jpg
www.stonys.ru/2DF_FC__oIiIn/assets/ |
37 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wy3fkittrrlvgut3odp2.jpg
www.stonys.ru/2DF_FC__oIiIn/assets/ |
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
kdsy10yyahownwemccbo.jpg
www.stonys.ru/2DF_FC__oIiIn/assets/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
checkmark.png
www.stonys.ru/2DF_FC__oIiIn/assets/ |
341 B 795 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
n4donflljypzf0jwaysp.jpg
www.stonys.ru/2DF_FC__oIiIn/assets/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hiqtte24snwgkglyozuw.jpg
www.stonys.ru/2DF_FC__oIiIn/assets/ |
26 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6873676603fdbeb1856b284b4072d12e.png
www.stonys.ru/2DF_FC__oIiIn/assets/ |
2 KB 3 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Investment Scam (Online)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| moment object| dayNames object| monthNames object| now2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.indicatomi.com/ | Name: uniqueClick_9W8K3ZH Value: 2609bfff-a407-4d3e-810e-cb4ccbaad79e:1712721841 |
|
www.indicatomi.com/ | Name: transaction_id Value: 5475565c39ac4787bf80188e2528922c |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
href.li
www.indicatomi.com
www.stonys.ru
104.17.24.14
172.67.166.245
192.0.78.26
34.96.118.183
12a07516a9f031c17efe69cc7af142fa2ee0e3f598fa2ccf3355e5c4d016801e
12b99c7e0e1276cfb628a3262addb666b328c2b2103a61a65276f5397b8e6355
34e9721b7dd959abbcf2550c0e7466b1b4b574b6a192e7104dc61fd151e9778a
366ad4833759e25882be6e4bda26ff2c41d2b4e7abf5407ea116db7cffadd3a4
41df49a648ccd2386a5e32c674dc5979c069ec87359fb60aaec80eabec26c614
62a8860ba398e1cf4ad7bfe6c4fb757d3a35e672133ec0f04974afaeed954e9f
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
7080960827e86452ae31d6c3f46184c38114ab3e2c620b1548b368faec027faa
7a1521dd1aa24a81cd8d81de20b0cf93ac00256a93d3229fe842e4bc97ff1f50
83294d9755b784dcdd40202480359f828eacac3a0edd11647c26761ab56575a2
83d701bcb601f5363e1fe9da6a2ed3111d4fdc42c784d14c3c1d954abafd4082
8a45f19b688a0004e406f8d2d2b6333ea0ed2aca5e2d8f0e230356932ebcf124
947ee8a835a4779fb640bb613f233594e535a253cadb0c253e4bfe1405636446
960dd53b6f1e87e621300a289985b2a40b4b0b2ab59a5ea15a46619b7c75f298
9c6d97f1438bf8a9b440a190d26505b91c0848becdcf86f348757b72602baeb9
a9a358600e10e31bd5f090672d59da5e569b14d79e1014e6861a68b534fc513c
abfcb1683ba86df7a394fa39d6691eb207910eba690609687009a06e671c720e
ac7551b4605eaa98e14e210a1095d759f31443c3558313ffb7830843201cb1ff
ad7ac574660d64cfe9ae8b3f42ff972e2fcf949923887f5cbb50b118be31321b
bce535ef3c40a99c5e9bc7e701ac62332e089c1205f18e95a6ef0f88a149f921
bf5189504db2989e3793ea49c8896d16257f1c7c4e3ae1764e6b25e946c33ea2
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
e9d04e4fbd1f7c6a052cccf0588ed2c6ea41af104c59c70baaa10d8e0f5715a8
f23ac6edba4f2f195f4729054aab90e20c1324f2e82e49d6630e455d90b3bb12
f462d3a1e8980262d49048bba0c93026ddb913f5d6aaf143ccc24eca599a8bb9
f6bd6a6b49896da68970bd62dc8c05c2de2e82b70862894950ffc937fa80793e