auth-connect.live Open in urlscan Pro
206.189.52.23  Malicious Activity! Public Scan

Submitted URL: http://auth-connect.live/connect/
Effective URL: https://auth-connect.live/connect/
Submission: On June 30 via manual from ES — Scanned from ES

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 206.189.52.23, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is auth-connect.live.
TLS certificate: Issued by R3 on June 27th 2022. Valid for: 3 months.
This is the only time auth-connect.live was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
1 13 206.189.52.23 14061 (DIGITALOC...)
12 2
Apex Domain
Subdomains
Transfer
13 auth-connect.live
auth-connect.live
1 MB
12 1
Domain Requested by
13 auth-connect.live 1 redirects auth-connect.live
12 1

This site contains no links.

Subject Issuer Validity Valid
*.auth-connect.live
R3
2022-06-27 -
2022-09-25
3 months crt.sh

This page contains 1 frames:

Primary Page: https://auth-connect.live/connect/
Frame ID: 95E93B855188BAC176FC04D21C2A7EFC
Requests: 15 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://auth-connect.live/connect/ HTTP 301
    https://auth-connect.live/connect/ Page URL

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1048 kB
Transfer

1794 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://auth-connect.live/connect/ HTTP 301
    https://auth-connect.live/connect/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
auth-connect.live/connect/
Redirect Chain
  • http://auth-connect.live/connect/
  • https://auth-connect.live/connect/
3 KB
1 KB
Document
General
Full URL
https://auth-connect.live/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.52.23 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
6bf8adc0f5815fa6e3c9e64fff4fb268fdbdb6f624750660fb7f80e3e2d981f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

age
0
cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 30 Jun 2022 11:15:44 GMT
etag
"904cb3c1838994230d1bb388f9f0724d-ssl-df"
server
Netlify
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-nf-request-id
01G6T55WRAQJR86TBFNQ80P084

Redirect headers

Age
1
Cache-Control
public, max-age=0, must-revalidate
Content-Length
49
Content-Type
text/plain
Date
Thu, 30 Jun 2022 11:15:43 GMT
Location
https://auth-connect.live/connect/
Server
Netlify
X-Nf-Request-Id
01G6T55VAJS07TW6QY1ZJS7846
2.fca70a1b.chunk.css
auth-connect.live/static/css/
383 KB
49 KB
Stylesheet
General
Full URL
https://auth-connect.live/static/css/2.fca70a1b.chunk.css
Requested by
Host: auth-connect.live
URL: https://auth-connect.live/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.52.23 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
4857444ed08cfd29e5282e5b7012e047b777998c0375a4ff53454163dcf90aa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://auth-connect.live/connect/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6T55X7XJYJTC9YWQS0HHM1R
date
Thu, 30 Jun 2022 11:15:44 GMT
content-encoding
br
server
Netlify
age
0
etag
"e14963bf3891be337f192bb14a83d22c-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
main.8959c43d.chunk.css
auth-connect.live/static/css/
2 KB
905 B
Stylesheet
General
Full URL
https://auth-connect.live/static/css/main.8959c43d.chunk.css
Requested by
Host: auth-connect.live
URL: https://auth-connect.live/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.52.23 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
9c3f44ce4f71e590aa788b15ede361051d5483581dc8731bb2faf5439ca5c362
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://auth-connect.live/connect/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6T55X7XPFXQ547135S4S8J4
date
Thu, 30 Jun 2022 11:15:44 GMT
content-encoding
br
server
Netlify
age
0
etag
"de3003d10ed0cd2eabf0592306132261-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
798
2.27d28d70.chunk.js
auth-connect.live/static/js/
371 KB
114 KB
Script
General
Full URL
https://auth-connect.live/static/js/2.27d28d70.chunk.js
Requested by
Host: auth-connect.live
URL: https://auth-connect.live/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.52.23 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
bd788a344b730f166983ebd68bd690a8b697c04ead53ce4f10c20ba3a0fa8136
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://auth-connect.live/connect/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6T55X7XTSPJN9C3S6GZ1Y8W
date
Thu, 30 Jun 2022 11:15:44 GMT
content-encoding
br
server
Netlify
age
0
etag
"b26e30ede46a2f85cc5fb0afd36b1124-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
main.8e9b296d.chunk.js
auth-connect.live/static/js/
407 KB
270 KB
Script
General
Full URL
https://auth-connect.live/static/js/main.8e9b296d.chunk.js
Requested by
Host: auth-connect.live
URL: https://auth-connect.live/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.52.23 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
f433caf85f383751af30f5e44f7004096a116cef69cb43db587a526e2cb4ce4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://auth-connect.live/connect/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6T55X7XHFHMZYSRQY3AT6K5
date
Thu, 30 Jun 2022 11:15:44 GMT
content-encoding
br
server
Netlify
age
0
etag
"3f19c911980dc08da3f9651f9090a62a-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
metamask.69ce6b56.png
auth-connect.live/static/media/
42 KB
42 KB
Image
General
Full URL
https://auth-connect.live/static/media/metamask.69ce6b56.png
Requested by
Host: auth-connect.live
URL: https://auth-connect.live/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.52.23 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
905e608a2f4aeaa6aad215988f7e3426a935986b0adb556cf2e1e548748f0a7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://auth-connect.live/connect/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6T55XYX8C65P0P65CZ3XZWP
date
Thu, 30 Jun 2022 11:15:45 GMT
server
Netlify
age
0
etag
"77a34f9e9ae298fe68a3a6708c2a9b52-ssl"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
43308
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40348a3efc349ddfa486bcf4061f0a11b9bafa95354e81414ba3520b8726d83a

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
crypto.500937c7.png
auth-connect.live/static/media/
27 KB
27 KB
Image
General
Full URL
https://auth-connect.live/static/media/crypto.500937c7.png
Requested by
Host: auth-connect.live
URL: https://auth-connect.live/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.52.23 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
663d35a3d897c47e87516ff63f3913ef3025c3b13b01ad056d00ba856172d8b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://auth-connect.live/connect/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6T55XYRTKRB08RW7826PYB4
date
Thu, 30 Jun 2022 11:15:45 GMT
server
Netlify
age
0
etag
"a8d977e7f680bea797cd172166cea307-ssl"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
27261
trustwallet.66f87775.png
auth-connect.live/static/media/
26 KB
26 KB
Image
General
Full URL
https://auth-connect.live/static/media/trustwallet.66f87775.png
Requested by
Host: auth-connect.live
URL: https://auth-connect.live/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.52.23 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
a58785e444b7cbbbfa612aa6b0c9e090cfd4334960ffcc797f295fa2f0b7e32d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://auth-connect.live/connect/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6T55XYS203JQTJBW6AKF693
date
Thu, 30 Jun 2022 11:15:45 GMT
server
Netlify
age
0
etag
"232c72ebe82ad165dc36cf556a04f2d7-ssl"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
26907
safemoon.604f76f6.jpg
auth-connect.live/static/media/
45 KB
45 KB
Image
General
Full URL
https://auth-connect.live/static/media/safemoon.604f76f6.jpg
Requested by
Host: auth-connect.live
URL: https://auth-connect.live/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.52.23 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
7476a21b74902db49c1f35727a02d20fa78acc4dc0662daee1ec6d29da2b4273
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://auth-connect.live/connect/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6T55XZ2Q5H6D1X7BHE0JFM7
date
Thu, 30 Jun 2022 11:15:45 GMT
server
Netlify
age
0
etag
"f2409dbaffa44bae9139321a26691b85-ssl"
strict-transport-security
max-age=31536000
content-type
image/jpeg
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
46319
atomic.4c02d2b3.png
auth-connect.live/static/media/
432 KB
432 KB
Image
General
Full URL
https://auth-connect.live/static/media/atomic.4c02d2b3.png
Requested by
Host: auth-connect.live
URL: https://auth-connect.live/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.52.23 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
8aeda38ebc65bdf0f1510a228d3110a69c66147cd0e1523d932df039499a3091
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://auth-connect.live/connect/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6T55XZY9XQXZB3B1WAJC3RZ
date
Thu, 30 Jun 2022 11:15:45 GMT
server
Netlify
age
0
etag
"406893dbe1aff62d957b6d42724d7e67-ssl"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
442212
phantom.28da7a1d.jpg
auth-connect.live/static/media/
29 KB
29 KB
Image
General
Full URL
https://auth-connect.live/static/media/phantom.28da7a1d.jpg
Requested by
Host: auth-connect.live
URL: https://auth-connect.live/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.52.23 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
007d181222c464fe26ce56dccd6793d9288d9dfc11ecae68fad29db72c2c782f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://auth-connect.live/connect/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6T55Y066BP9W08ZNEYB9X04
date
Thu, 30 Jun 2022 11:15:45 GMT
server
Netlify
age
0
etag
"ce60a1ac183b716a5ba1e1b7039a8061-ssl"
strict-transport-security
max-age=31536000
content-type
image/jpeg
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
29386
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
986c650b40370229a537901f4a71b2d0d6622e9ba05457dcc1cbaf7cf0da70f8

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
9 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da601b8945da849200eb3defcca77e1adbb8b4740a96bbc19965924d8fb6a63b

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
blockchain.335e0da6.png
auth-connect.live/static/media/
12 KB
12 KB
Image
General
Full URL
https://auth-connect.live/static/media/blockchain.335e0da6.png
Requested by
Host: auth-connect.live
URL: https://auth-connect.live/connect/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
206.189.52.23 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
7f8ca27957b9c11eb5258bc322ccfe39c1fd540886f003650c228b20613a4574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://auth-connect.live/connect/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nf-request-id
01G6T55Y07M871NCC3DF9DWE4V
date
Thu, 30 Jun 2022 11:15:45 GMT
server
Netlify
age
0
etag
"29ba1fafcbe1555b6368384c54c5896d-ssl"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
11781

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| webpackJsonpconnectwallet object| scCGSHMRCache object| regeneratorRuntime

1 Cookies

Domain/Path Name / Value
auth-connect.live/ Name: walletName
Value: "others"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000