crypto-farmer.com Open in urlscan Pro
52.29.96.42 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://news.travelermaster.eu/T2?95mt2PeSVeAf9l8ew8R30V3ctQ8t2PfQFp3FfwVL-999
Effective URL:
http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1
Submission: On June 22 via manual (June 22nd 2020, 7:34:32 am UTC) from FR

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 52.29.96.42, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is crypto-farmer.com.

This is the only time crypto-farmer.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lion's Den Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	116.203.118.191 116.203.118.191	24940 (HETZNER-AS) (HETZNER-AS)
1	52.29.96.42 52.29.96.42	16509 (AMAZON-02) (AMAZON-02)
13	2.16.107.112 2.16.107.112	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	18.185.217.16 18.185.217.16	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.8 151.139.128.8	20446 (HIGHWINDS3) (HIGHWINDS3)
20	4

1 116.203.118.191 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: lb04.brm24.de

news.travelermaster.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.96.42 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-96-42.eu-central-1.compute.amazonaws.com

crypto-farmer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2.16.107.112 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-107-112.deploy.static.akamaitechnologies.com

cdn-atn.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.185.217.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-217-16.eu-central-1.compute.amazonaws.com

uf.noclef.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.8 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	akamaized.net cdn-atn.akamaized.net	354 KB
5	noclef.com uf.noclef.com	5 KB
1	fontawesome.com pro.fontawesome.com	149 KB
1	crypto-farmer.com crypto-farmer.com	25 KB
1	travelermaster.eu 1 redirects news.travelermaster.eu	255 B
20	5

	Domain	Requested by
13	cdn-atn.akamaized.net	crypto-farmer.com
5	uf.noclef.com	crypto-farmer.com uf.noclef.com
1	pro.fontawesome.com	cdn-atn.akamaized.net
1	crypto-farmer.com
1	news.travelermaster.eu	1 redirects
20	5

This site contains no links.

Subject Issuer	Validity	Valid
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2019-08-13` - `2020-08-12`	a year	crt.sh
uf.noclef.com Amazon	`2020-01-16` - `2021-02-16`	a year	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1
Frame ID: D3C2FD0DCCCED0FC6C5A96C2A00938EC
Requests: 18 HTTP requests in this frame

Frame: https://uf.noclef.com/c_js/rtSlot/init?event=externalJumpVisit
Frame ID: F5DFC6DCEBA080B74961ED2C3DED4144
Requests: 1 HTTP requests in this frame

Frame: https://uf.noclef.com/c_js/rtSlot/init?event=externalJumpVisit10sec
Frame ID: 5C42E733139304BF5ADC44CB4311C1EF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://news.travelermaster.eu/T2?95mt2PeSVeAf9l8ew8R30V3ctQ8t2PfQFp3FfwVL-999 HTTP 302
http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

20
Requests

95 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

533 kB
Transfer

698 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://news.travelermaster.eu/T2?95mt2PeSVeAf9l8ew8R30V3ctQ8t2PfQFp3FfwVL-999 HTTP 302
http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set 3f1b96fdf6dfaace Show response crypto-farmer.com/c/ Redirect Chain https://news.travelermaster.eu/T2?95mt2PeSVeAf9l8ew8R30V3ctQ8t2PfQFp3FfwVL-999 http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1	24 KB 25 KB	363ms 218ms	Document text/html	52.29.96.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 Protocol HTTP/1.1 Server 52.29.96.42 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-29-96-42.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash `b6067f94d359ada500dabdc3540b675b204659b075426d0ee70c58818b8f44da` Request headers Host crypto-farmer.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 22 Jun 2020 07:34:13 GMT Content-Type text/html; charset=UTF-8 Content-Length 25022 Connection keep-alive Server nginx Set-Cookie unique_2963796=unique_2963796; expires=Tue, 23-Jun-2020 07:34:13 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5ef05ef58571f625627186; expires=Tue, 23-Jun-2020 07:34:13 GMT; Max-Age=86400; path=/; HttpOnly unique_2963796=unique_2963796; expires=Tue, 23-Jun-2020 07:34:13 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5ef05ef58571f625627186; expires=Tue, 23-Jun-2020 07:34:13 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=525046; expires=Wed, 22-Jul-2020 07:34:13 GMT; Max-Age=2592000; path=/; HttpOnly unique_2963796=unique_2963796; expires=Tue, 23-Jun-2020 07:34:13 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5ef05ef58571f625627186; expires=Tue, 23-Jun-2020 07:34:13 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=525046; expires=Wed, 22-Jul-2020 07:34:13 GMT; Max-Age=2592000; path=/; HttpOnly Redirect headers Server nginx/1.16.1 Date Mon, 22 Jun 2020 07:34:13 GMT Content-Type text/html; charset=UTF-8 Content-Length 0 Connection keep-alive Location http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1
GET H/1.1	200 OK	all.css cdn-atn.akamaized.net/landings/190166/1588840459/css/	72 KB 12 KB	161ms 34ms	Stylesheet text/css	2.16.107.112 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-atn.akamaized.net/landings/190166/1588840459/css/all.css?1588840459 Requested by Host: crypto-farmer.com URL: http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.107.112 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-107-112.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash `c901d7db4f74689680e8dabacdc371e2c8e4615882c61a307089cb93c1987a18` Request headers Referer http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 22 Jun 2020 07:34:13 GMT Content-Encoding gzip Last-Modified Fri, 08 May 2020 07:30:58 GMT Server AmazonS3 x-amz-request-id 4ED15AEBC5910380 ETag "4a2fc2d189e90f83349b5954b8d07c1b" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 12146 x-amz-id-2 GCU5BuniEbh+8Ks004z7pG/G8rWL4YbKLCVR1u62W70Gt/333y/NGCxokOrjldcQ17yiztnqwlk=
GET H/1.1	200 OK	styles.main.css cdn-atn.akamaized.net/landings/190166/1588840459/css/	13 KB 3 KB	159ms 32ms	Stylesheet text/css	2.16.107.112 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-atn.akamaized.net/landings/190166/1588840459/css/styles.main.css?1588840459 Requested by Host: crypto-farmer.com URL: http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.107.112 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-107-112.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash `2e330e84f6c6a27b1a44645dcdc03989b78af0979f0dc0726d989c12b85c1151` Request headers Referer http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 22 Jun 2020 07:34:13 GMT Content-Encoding gzip Last-Modified Fri, 08 May 2020 07:30:59 GMT Server AmazonS3 x-amz-request-id B20F2048A5F230FE ETag "beaf64f8a5d0c5ffb02ba3a8e6b67c1c" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 2837 x-amz-id-2 FY4M4ryeVsQc5VTKvtQcLQ0pqsIFx78Go9sJVbAQhjUMDwFpEf1ChiseMoDWZ8TKWKj30niBp/g=
GET H/1.1	200 OK	fontawesome-all.css cdn-atn.akamaized.net/landings/190166/1588840459/css/	41 KB 8 KB	160ms 33ms	Stylesheet text/css	2.16.107.112 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-atn.akamaized.net/landings/190166/1588840459/css/fontawesome-all.css?1588840459 Requested by Host: crypto-farmer.com URL: http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.107.112 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-107-112.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash `7636cdba38cb7563e0738aaf3db96700cc90fe56ed749f02f8fbe6d899a368db` Request headers Referer http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 22 Jun 2020 07:34:13 GMT Content-Encoding gzip Last-Modified Fri, 08 May 2020 07:30:59 GMT Server AmazonS3 x-amz-request-id 07824972EB19CCC4 ETag "6bc7e76cb352cae875aeebd890677a11" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 7818 x-amz-id-2 8+xsbv/vPzQoJp7CAcdREuOW39NsYcthqIK8OpstNs4/b60+PxHjBDdHGnIIbJzmjoK11yhGsu0=
GET H/1.1	200 OK	jquery.min.js Show response cdn-atn.akamaized.net/landings/190166/1588840459/js/	95 KB 33 KB	182ms 56ms	Script text/javascript	2.16.107.112 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-atn.akamaized.net/landings/190166/1588840459/js/jquery.min.js?1588840459 Requested by Host: crypto-farmer.com URL: http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.107.112 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-107-112.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash `8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18` Request headers Referer http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 22 Jun 2020 07:34:13 GMT Content-Encoding gzip Last-Modified Fri, 08 May 2020 07:30:59 GMT Server AmazonS3 x-amz-request-id 765BDBCFAECA6716 ETag "0fca26b5a37a66d68d0f4406976be4b5" Vary Accept-Encoding Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Content-Length 33792 x-amz-id-2 wg/YqLE5yOSvUt8Ok8FQtC0fnPSkzPUbk9SEDlpusFLzwfFO+Q6xS5cPTxPqpJugCmKtx7WIlJs=
GET H/1.1	200 OK	common.js Show response cdn-atn.akamaized.net/landings/190166/1588840459/js/	529 B 915 B	159ms 33ms	Script text/javascript	2.16.107.112 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-atn.akamaized.net/landings/190166/1588840459/js/common.js?1588840459 Requested by Host: crypto-farmer.com URL: http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.107.112 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-107-112.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash `911e92c8dd0048eab8ba93447f3f68b592f805d1456b7150b762914e29ac44eb` Request headers Referer http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 22 Jun 2020 07:34:13 GMT Last-Modified Fri, 08 May 2020 07:30:59 GMT Server AmazonS3 x-amz-request-id 57BE66C96F441531 ETag "0d62d6f65d3ec939956ed87870003407" Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Content-Length 529 x-amz-id-2 HTbJkrWkX8+7lDu/eph3oCRHM7K5T6MTVSH3sthh0ZCMqVRcz+b+jmDsUmZbJY7wHv20wiSxk1k=
GET H/1.1	200 OK	2018-03-28_12.06.25.jpg cdn-atn.akamaized.net/landings/190166/1588840459/images/	160 KB 160 KB	40ms 40ms	Image image/jpeg	2.16.107.112 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-atn.akamaized.net/landings/190166/1588840459/images/2018-03-28_12.06.25.jpg Requested by Host: crypto-farmer.com URL: http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.107.112 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-107-112.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash `0664cdc70dda191fed239f50a7f8cf6f8f940e14884838fd74752a2bfe6f979e` Request headers Referer http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 22 Jun 2020 07:34:13 GMT Last-Modified Fri, 08 May 2020 07:30:58 GMT Server AmazonS3 x-amz-request-id 7893D9FBC2FC64B9 ETag "8ca6fc3a05d454e5f5398a14b3b3e900" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 163808 x-amz-id-2 uLTDQjtqOuMAx0ppFfYnvcwUp9mfvYV94dLDd7RFpPEzgrqsfsUzpNllXEx83xxwoJseUja8Mps=
GET H2	200	main.js Show response uf.noclef.com/c_js/	8 KB 3 KB	102ms 35ms	Script text/html	18.185.217.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uf.noclef.com/c_js/main.js?dp=ce18020f12d0853676d054070c16dfd5&owner_id=4384&jump_id=190166&country=Austria&traffic_type=web&connection_type=Desktop&isp=datapeer%20s.r.o.&carrier=Desktop&token1=444_web_deu_m500_BC&token2=creative1&token3=&token4=&token5=&token6= Requested by Host: crypto-farmer.com URL: http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.185.217.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-185-217-16.eu-central-1.compute.amazonaws.com Software / Express Resource Hash `96931b9799d97ef2d4f6b62f77dc79a64dde152892a6aedcf9981b393d29a592` Request headers Referer http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 22 Jun 2020 07:34:13 GMT content-encoding gzip etag W/"1e71-Hs+Fo4E+tyUd4ZLykZRl5KqDlKc" status 200 x-powered-by Express vary Accept-Encoding content-type text/html; charset=utf-8 access-control-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H/1.1	200 OK	2018-03-28_12.06.48.jpg cdn-atn.akamaized.net/landings/190166/1588840459/images/	62 KB 62 KB	38ms 36ms	Image image/jpeg	2.16.107.112 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-atn.akamaized.net/landings/190166/1588840459/images/2018-03-28_12.06.48.jpg Requested by Host: crypto-farmer.com URL: http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.107.112 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-107-112.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash `1bbbaaadf122a866033bb06c80500e3057ba0514cf7178ce3ef52b9470650b71` Request headers Referer http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 22 Jun 2020 07:34:13 GMT Last-Modified Fri, 08 May 2020 07:30:58 GMT Server AmazonS3 x-amz-request-id 48EBEA664505BF9B ETag "8570582118bd1abbee8429f413fef299" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 63435 x-amz-id-2 7/QMfpY9nZoZE5wbx/t0ZEwjl0t2kApnttnjvLn7N2VXN9s4dAGhU2zsiVjKREyZUly++fjpOWU=
GET H/1.1	200 OK	klaus.jpg cdn-atn.akamaized.net/landings/190166/1588840459/images/	61 KB 61 KB	41ms 40ms	Image image/jpeg	2.16.107.112 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-atn.akamaized.net/landings/190166/1588840459/images/klaus.jpg Requested by Host: crypto-farmer.com URL: http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.107.112 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-107-112.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash `7c13bb43672e287bce7315deaec1e49fe4a80310d58269155298c98b2b15c7de` Request headers Referer http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 22 Jun 2020 07:34:13 GMT Last-Modified Fri, 08 May 2020 07:30:58 GMT Server AmazonS3 x-amz-request-id A69DDBED3A892522 ETag "630657f79b220770ec2a1411b694294a" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 62185 x-amz-id-2 HTa5+RiHEQNb8ewnUY8pkX/GMl0yqErtuwKQDZ96aBnUC+A7kQlkG/tWNPPAFOmKO1XDI7LN3tI=
GET H/1.1	200 OK	prof1.jpg cdn-atn.akamaized.net/landings/190166/1588840459/images/	2 KB 3 KB	34ms 32ms	Image image/jpeg	2.16.107.112 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-atn.akamaized.net/landings/190166/1588840459/images/prof1.jpg Requested by Host: crypto-farmer.com URL: http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.107.112 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-107-112.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash `f6894acedc5915b51c9f1857f0da8ea062475edaff3b391b7cd7ffdf7115ad91` Request headers Referer http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 22 Jun 2020 07:34:13 GMT Last-Modified Fri, 08 May 2020 07:30:58 GMT Server AmazonS3 x-amz-request-id 4A1CC68A065AAADF ETag "908fd06c9e5ff9d959017f65f2306a1b" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 2197 x-amz-id-2 GDPG1QG4D8z+3MjsYvSE8tBOj5Ee9fWnr2Ev5+4j+yASUfJHauCC4mEpF2DAwXCaLG9fmJD/hc8=
GET H/1.1	200 OK	prof2.jpg cdn-atn.akamaized.net/landings/190166/1588840459/images/	3 KB 3 KB	33ms 32ms	Image image/jpeg	2.16.107.112 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-atn.akamaized.net/landings/190166/1588840459/images/prof2.jpg Requested by Host: crypto-farmer.com URL: http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.107.112 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-107-112.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash `9e751907fa606b0bfec985d56e498228958bb1951801a0519926beac9784e6fa` Request headers Referer http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 22 Jun 2020 07:34:13 GMT Last-Modified Fri, 08 May 2020 07:30:58 GMT Server AmazonS3 x-amz-request-id F82087B5832D0264 ETag "6d9542e9707c1b77e9280b39f998076e" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 2825 x-amz-id-2 egn7yqNNAl+Qyjqf03bW9Tk0a+ISlzZopCQ4gt2c8Iv7RFARHXAf7zJDvS9572+6cXjN5h+A9t0=
GET H/1.1	200 OK	prof3.jpg cdn-atn.akamaized.net/landings/190166/1588840459/images/	2 KB 2 KB	66ms 32ms	Image image/jpeg	2.16.107.112 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-atn.akamaized.net/landings/190166/1588840459/images/prof3.jpg Requested by Host: crypto-farmer.com URL: http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.107.112 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-107-112.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash `2160d5828b228bc75e991295714c8ce2bab863031156ecca4ea847f61b62a262` Request headers Referer http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 22 Jun 2020 07:34:13 GMT Last-Modified Fri, 08 May 2020 07:30:58 GMT Server AmazonS3 x-amz-request-id 2C258549891FED5F ETag "b0fe4296a01a037ea0a07c92703c1714" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 1974 x-amz-id-2 YWZAm4Cz+sfyyQ+fCRv2xFmSBB744FD2oGrP/LQDtNmaQvZXBFk9fw+9HeBzlkoQqNX1yMxZrq0=
GET H/1.1	200 OK	prof4.jpg cdn-atn.akamaized.net/landings/190166/1588840459/images/	2 KB 3 KB	33ms 32ms	Image image/jpeg	2.16.107.112 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-atn.akamaized.net/landings/190166/1588840459/images/prof4.jpg Requested by Host: crypto-farmer.com URL: http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.107.112 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-107-112.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash `f5653349d4d9eade79c3484fc521672332ffba22afbf1022e80ecb56973814c4` Request headers Referer http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 22 Jun 2020 07:34:13 GMT Last-Modified Fri, 08 May 2020 07:30:58 GMT Server AmazonS3 x-amz-request-id 23CC3138862B1589 ETag "7d64b255efbe00f690b90feef2ebb3bc" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 2208 x-amz-id-2 dpFyMrP6GqHUj09E/6t7DLFXTzX7jIS5mHslgvybFMxqhTMsHha+BwHia3zBPXTUorDgeyDCMoo=
GET H/1.1	200 OK	prof5.jpg cdn-atn.akamaized.net/landings/190166/1588840459/images/	2 KB 2 KB	49ms 32ms	Image image/jpeg	2.16.107.112 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-atn.akamaized.net/landings/190166/1588840459/images/prof5.jpg Requested by Host: crypto-farmer.com URL: http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.107.112 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a2-16-107-112.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash `5e4a39e9f9298e25b326bd92f08b9cca6b15f0d617677c8ef2a6a3c037a8a0a1` Request headers Referer http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 22 Jun 2020 07:34:13 GMT Last-Modified Fri, 08 May 2020 07:30:58 GMT Server AmazonS3 x-amz-request-id 47867E4EFF890AFD ETag "aa75a32e3840fa985578daa579450106" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 1597 x-amz-id-2 v1y7cI//2ia1JbIL5ru4W6ZPf4hbKwoDGOojYVtxai0mquffhHa+TqDt2FbY0MBGm6q4G4jsyig=
GET H2	200	fa-regular-400.woff2 pro.fontawesome.com/releases/v5.10.0/webfonts/	149 KB 149 KB	115ms 39ms	Font font/woff2	151.139.128.8 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://pro.fontawesome.com/releases/v5.10.0/webfonts/fa-regular-400.woff2 Requested by Host: cdn-atn.akamaized.net URL: https://cdn-atn.akamaized.net/landings/190166/1588840459/js/jquery.min.js?1588840459 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash `e2df22a9c52c1db62b42d30787248f0d66b6f0c4fdcf7eb3b8783d990d85b867` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://cdn-atn.akamaized.net/landings/190166/1588840459/css/all.css?1588840459 Origin http://crypto-farmer.com Response headers date Mon, 22 Jun 2020 07:34:13 GMT last-modified Mon, 29 Jul 2019 15:23:08 GMT status 200 etag "d4e531cbdfed1cd2094595d8779f28a4" vary Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * access-control-max-age 3000 cache-control max-age=31556926 accept-ranges bytes content-length 152164 x-hw 1592811253.cds009.fr8.hn,1592811253.cds121.fr8.c
GET H2	200	webpush.js Show response uf.noclef.com/c_js/	112 B 427 B	45ms 44ms	Script text/html	18.185.217.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uf.noclef.com/c_js/webpush.js?placement=com_bridge&referer=&doc_location=http%253A%252F%252Fcrypto-farmer.com%252Fc%252F3f1b96fdf6dfaace%253Fs1%253D444_web_deu_m500_BC%2526s2%253Dcreative1&dp=ce18020f12d0853676d054070c16dfd5&owner_id=4384&jump_id=190166&country=Austria&traffic_type=web&connection_type=Desktop&isp=datapeer%20s.r.o.&carrier=Desktop&token1=444_web_deu_m500_BC&token2=creative1&token3=&token4=&token5=&token6= Requested by Host: uf.noclef.com URL: https://uf.noclef.com/c_js/main.js?dp=ce18020f12d0853676d054070c16dfd5&owner_id=4384&jump_id=190166&country=Austria&traffic_type=web&connection_type=Desktop&isp=datapeer%20s.r.o.&carrier=Desktop&token1=444_web_deu_m500_BC&token2=creative1&token3=&token4=&token5=&token6= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.185.217.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-185-217-16.eu-central-1.compute.amazonaws.com Software / Express Resource Hash `1af72e02c47cc5053139c9887bcd4b40845be437064fc6afcd948d377c7df1b6` Request headers Referer http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 22 Jun 2020 07:34:13 GMT etag W/"70-AKHs3Vk0HLMDvTTtayUgbdb9b3I" status 200 x-powered-by Express vary Accept-Encoding content-type text/html; charset=utf-8 access-control-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 112
GET H2	200	custom_jump.js Show response uf.noclef.com/c_js/	3 KB 1 KB	35ms 34ms	Script text/html	18.185.217.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uf.noclef.com/c_js/custom_jump.js?placement=com_bridge&referer=&doc_location=http%253A%252F%252Fcrypto-farmer.com%252Fc%252F3f1b96fdf6dfaace%253Fs1%253D444_web_deu_m500_BC%2526s2%253Dcreative1&dp=ce18020f12d0853676d054070c16dfd5&owner_id=4384&jump_id=190166&country=Austria&traffic_type=web&connection_type=Desktop&isp=datapeer%20s.r.o.&carrier=Desktop&token1=444_web_deu_m500_BC&token2=creative1&token3=&token4=&token5=&token6= Requested by Host: uf.noclef.com URL: https://uf.noclef.com/c_js/main.js?dp=ce18020f12d0853676d054070c16dfd5&owner_id=4384&jump_id=190166&country=Austria&traffic_type=web&connection_type=Desktop&isp=datapeer%20s.r.o.&carrier=Desktop&token1=444_web_deu_m500_BC&token2=creative1&token3=&token4=&token5=&token6= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.185.217.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-185-217-16.eu-central-1.compute.amazonaws.com Software / Express Resource Hash `d2682a9a2ec4ec4ea3cf120fbcd8962d1437fdb1fafdd56b2b0d5345992f17f3` Request headers Referer http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 22 Jun 2020 07:34:13 GMT content-encoding gzip etag W/"b52-nICkmT9TQbfe71K3qKOYjHgpHQA" status 200 x-powered-by Express vary Accept-Encoding content-type text/html; charset=utf-8 access-control-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H2	200	init uf.noclef.com/c_js/rtSlot/ Frame F5DF	0 0	773ms 773ms	Document text/html	18.185.217.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uf.noclef.com/c_js/rtSlot/init?event=externalJumpVisit Requested by Host: uf.noclef.com URL: https://uf.noclef.com/c_js/custom_jump.js?placement=com_bridge&referer=&doc_location=http%253A%252F%252Fcrypto-farmer.com%252Fc%252F3f1b96fdf6dfaace%253Fs1%253D444_web_deu_m500_BC%2526s2%253Dcreative1&dp=ce18020f12d0853676d054070c16dfd5&owner_id=4384&jump_id=190166&country=Austria&traffic_type=web&connection_type=Desktop&isp=datapeer%20s.r.o.&carrier=Desktop&token1=444_web_deu_m500_BC&token2=creative1&token3=&token4=&token5=&token6= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.185.217.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-185-217-16.eu-central-1.compute.amazonaws.com Software / Express Resource Hash Request headers :method GET :authority uf.noclef.com :scheme https :path /c_js/rtSlot/init?event=externalJumpVisit pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 accept-encoding gzip, deflate, br accept-language en-US cookie visitor_id=5ef05ef5c201ae002d52bd9d Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 Response headers status 200 date Mon, 22 Jun 2020 07:34:14 GMT content-type text/html; charset=utf-8 content-length 284 x-powered-by Express access-control-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept etag W/"11c-sPIX56igdBXK2Z2NOBw203hr7Do" vary Accept-Encoding
GET H2	200	init uf.noclef.com/c_js/rtSlot/ Frame 5C42	0 0	770ms 769ms	Document text/html	18.185.217.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uf.noclef.com/c_js/rtSlot/init?event=externalJumpVisit10sec Requested by Host: uf.noclef.com URL: https://uf.noclef.com/c_js/custom_jump.js?placement=com_bridge&referer=&doc_location=http%253A%252F%252Fcrypto-farmer.com%252Fc%252F3f1b96fdf6dfaace%253Fs1%253D444_web_deu_m500_BC%2526s2%253Dcreative1&dp=ce18020f12d0853676d054070c16dfd5&owner_id=4384&jump_id=190166&country=Austria&traffic_type=web&connection_type=Desktop&isp=datapeer%20s.r.o.&carrier=Desktop&token1=444_web_deu_m500_BC&token2=creative1&token3=&token4=&token5=&token6= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.185.217.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-185-217-16.eu-central-1.compute.amazonaws.com Software / Express Resource Hash Request headers :method GET :authority uf.noclef.com :scheme https :path /c_js/rtSlot/init?event=externalJumpVisit10sec pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://crypto-farmer.com/c/3f1b96fdf6dfaace?s1=444_web_deu_m500_BC&s2=creative1 Response headers status 200 date Mon, 22 Jun 2020 07:34:24 GMT content-type text/html; charset=utf-8 content-length 284 x-powered-by Express access-control-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept etag W/"11c-W57fyYaj6qfsCUndgkYCt7kwb9c" vary Accept-Encoding

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lion's Den Scam (Online)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
crypto-farmer.com/	1970-01-19 11:10:03	Name: scriptHash Value: 525046
uf.noclef.com/	1970-01-19 10:26:52	Name: visitor_id Value: 5ef05ef5c201ae002d52bd9d
crypto-farmer.com/	1970-01-19 10:28:17	Name: unique_id Value: 5ef05ef58571f625627186
crypto-farmer.com/	1970-01-19 10:28:17	Name: unique_2963796 Value: unique_2963796

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-atn.akamaized.net
crypto-farmer.com
news.travelermaster.eu
pro.fontawesome.com
uf.noclef.com
116.203.118.191
151.139.128.8
18.185.217.16
2.16.107.112
52.29.96.42
0664cdc70dda191fed239f50a7f8cf6f8f940e14884838fd74752a2bfe6f979e
1af72e02c47cc5053139c9887bcd4b40845be437064fc6afcd948d377c7df1b6
1bbbaaadf122a866033bb06c80500e3057ba0514cf7178ce3ef52b9470650b71
2160d5828b228bc75e991295714c8ce2bab863031156ecca4ea847f61b62a262
2e330e84f6c6a27b1a44645dcdc03989b78af0979f0dc0726d989c12b85c1151
5e4a39e9f9298e25b326bd92f08b9cca6b15f0d617677c8ef2a6a3c037a8a0a1
7636cdba38cb7563e0738aaf3db96700cc90fe56ed749f02f8fbe6d899a368db
7c13bb43672e287bce7315deaec1e49fe4a80310d58269155298c98b2b15c7de
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
911e92c8dd0048eab8ba93447f3f68b592f805d1456b7150b762914e29ac44eb
96931b9799d97ef2d4f6b62f77dc79a64dde152892a6aedcf9981b393d29a592
9e751907fa606b0bfec985d56e498228958bb1951801a0519926beac9784e6fa
b6067f94d359ada500dabdc3540b675b204659b075426d0ee70c58818b8f44da
c901d7db4f74689680e8dabacdc371e2c8e4615882c61a307089cb93c1987a18
d2682a9a2ec4ec4ea3cf120fbcd8962d1437fdb1fafdd56b2b0d5345992f17f3
e2df22a9c52c1db62b42d30787248f0d66b6f0c4fdcf7eb3b8783d990d85b867
f5653349d4d9eade79c3484fc521672332ffba22afbf1022e80ecb56973814c4
f6894acedc5915b51c9f1857f0da8ea062475edaff3b391b7cd7ffdf7115ad91

crypto-farmer.com Open in urlscan Pro 52.29.96.42 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

95 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

4 IPs

3 Countries

533 kBTransfer

698 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

4 Cookies

Indicators

crypto-farmer.com Open in urlscan Pro
52.29.96.42 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

95 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

533 kB
Transfer

698 kB
Size

4
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!