oil.money-now.pro
Open in
urlscan Pro
51.255.45.107
Malicious Activity!
Public Scan
Submission: On October 25 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on October 25th 2021. Valid for: 3 months.
This is the only time oil.money-now.pro was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Shell (Extraction)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
22 | 51.255.45.107 51.255.45.107 | 16276 (OVH) (OVH) | |
23 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
money-now.pro
oil.money-now.pro |
553 KB |
0 |
trade-academy.pro
Failed
cdn.trade-academy.pro Failed |
|
23 | 2 |
Domain | Requested by | |
---|---|---|
22 | oil.money-now.pro |
oil.money-now.pro
|
0 | cdn.trade-academy.pro Failed |
oil.money-now.pro
|
23 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.facebook.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
oil.money-now.pro R3 |
2021-10-25 - 2022-01-23 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://oil.money-now.pro/
Frame ID: 0537C612D8CA0C464B9F38E6DC5D2776
Requests: 30 HTTP requests in this frame
Screenshot
Page Title
ShellDetected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Facebook.com
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
oil.money-now.pro/ |
171 KB 67 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
oil.money-now.pro/css/ |
124 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css2.css
oil.money-now.pro/css/ |
512 B 843 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
oil.money-now.pro/css/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
intlTelInput.css
oil.money-now.pro/reg-form/ |
27 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
form-style.css
oil.money-now.pro/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.6.0.min.js
oil.money-now.pro/js/ |
87 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.webp
oil.money-now.pro/images/ |
39 KB 40 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
punkt-1.png
oil.money-now.pro/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
punkt-2.png
oil.money-now.pro/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
punkt-3.png
oil.money-now.pro/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
director1.webp
oil.money-now.pro/images/ |
20 KB 20 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
niz1.webp
oil.money-now.pro/images/ |
21 KB 21 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
niz2.webp
oil.money-now.pro/images/ |
42 KB 42 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
niz3.webp
oil.money-now.pro/images/ |
40 KB 40 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pr.png
oil.money-now.pro/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reg.min.v2.js
oil.money-now.pro/reg-form/ |
69 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geo.js
oil.money-now.pro/ |
79 B 383 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel.js
oil.money-now.pro/ |
1 B 244 B |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
715 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
380 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
video.mp4
cdn.trade-academy.pro/video/be-successful.world/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
547 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
552 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
177 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
515 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
242 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
KFOmCnqEu92Fr1Me5Q.ttf
oil.money-now.pro/fonts/ |
127 KB 73 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flags.png
oil.money-now.pro/reg-form/ |
64 KB 65 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
intl-tel-input-utils.js
oil.money-now.pro/reg-form/ |
216 KB 65 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cdn.trade-academy.pro
- URL
- https://cdn.trade-academy.pro/video/be-successful.world/video.mp4
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Shell (Extraction)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| FRModalWindow object| FRSender object| _regDefaultFormParams object| _regFormCountryList object| _geo_info object| regFormParams object| intlTelInputUtils1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.oil.money-now.pro/ | Name: tr_uuid Value: bcc57331-04e4-43ff-9020-679ba5f5c1d6 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.trade-academy.pro
oil.money-now.pro
cdn.trade-academy.pro
51.255.45.107
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
04474b3ce99ce23d11be847793c020dffd2334bd43cb4ed54a66b8a4c29a044e
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
1df8a93270ab9afc5f4a195ac3b32426874c95e8f0f52b3ba0f4b1f29206cc72
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
38025784bedeb5e4cae496b131c85cabbd95ae0b1c0a3c9d9cb474d7262db04b
3ce20fac5992d62d99bb2e5440a409f6feabd34e029b8f229880da83b2cef561
455833710fec302f0de3a73ed5529932269ace8a11d15edf793e921ffb7d9121
4bcf3bc519960f582329f3db8067015bae6dcdb888febddf60b6d3133bcd9898
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5fd4cc369a074feab95cfe8e11ec109671de168cf3f6e52bede9776ce0af754e
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6a0a24d36a6e23a1211809f6de9f3261d865b8d29d94311b538802f0dfead852
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7cb34a8ede3d116ed625beb515e3cd8133e0dc23b6887554691e708d5d39690d
82081484d0e64ba5e5bd67a258866cc916340a8252569d8d11ea601f2707b6a4
824b50d59070be3eef81e9c15b926efd7ff5ae9802993886d49c0b729c8137f9
82c026124ab5da8e4196fa245980d45aac08d03acc6f67697677f68be0248c68
9047ee80be57e6fda46d70dddabe7e30c51a652de251a91d51ecabba829cbf42
b5828bf6d97045a1787eed9ed3afa50b755b7bb66c12d39de6b0bb6e4504a6d9
c0efcb40cae313f7595519329bf2cca0ae63fc8cfcdc83fc0f736cb9773db28c
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d69498534d4045a31fab1ec1d9fe9b4abbf15462df2cd25697d16db7b62bebce
dc137185bbc63f8e2a19242d6f336256274e5113a503474a4de435b6625fd80d
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ed6496e63eede063bdae3424e2672f2de0bdb50aecafaa9c32dcaae3563ab429
f1d6dbe937bf9cacc00287346c6658240c4c672be7ef64cda734057e90e9b9e7
f6a06db6051ba42a430855f6e8310f96ff74c3d85251bfa1f4b99c4c4ce8a11e
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e