connect-collab.netlify.app
Open in
urlscan Pro
2a05:d014:275:cb01:1f85:932b:b797:22f9
Malicious Activity!
Public Scan
Submission: On November 13 via manual from IL — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS Hybrid ECC SHA384 2020 CA1 on February 15th 2022. Valid for: a year.
This is the only time connect-collab.netlify.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Metamask (Crypto)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 2a05:d014:275... 2a05:d014:275:cb01:1f85:932b:b797:22f9 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2a00:1450:400... 2a00:1450:4001:82b::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:20:... 2606:4700:20::ac43:46d6 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
23 | 6 |
ASN16509 (AMAZON-02, US)
connect-collab.netlify.app |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
netlify.app
connect-collab.netlify.app |
2 MB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43 |
2 KB |
1 |
crashlytics.ru
api.crashlytics.ru — Cisco Umbrella Rank: 595414 |
769 B |
1 |
walletconnect.com
registry.walletconnect.com — Cisco Umbrella Rank: 991180 |
42 KB |
1 |
gstatic.com
fonts.gstatic.com |
36 KB |
23 | 5 |
Domain | Requested by | |
---|---|---|
17 | connect-collab.netlify.app |
connect-collab.netlify.app
|
3 | fonts.googleapis.com |
connect-collab.netlify.app
|
1 | api.crashlytics.ru |
connect-collab.netlify.app
|
1 | registry.walletconnect.com |
connect-collab.netlify.app
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
23 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.netlify.app DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-02-15 - 2023-03-02 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-10-25 - 2023-01-17 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-10-25 - 2023-01-17 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-03-13 - 2023-03-13 |
a year | crt.sh |
*.crashlytics.ru E1 |
2022-10-19 - 2023-01-17 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://connect-collab.netlify.app/
Frame ID: 54C5A472463FB84F50CA8BF15D708FB7
Requests: 24 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
connect-collab.netlify.app/ |
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
connect-collab.netlify.app/css/ |
16 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tailwind.css
connect-collab.netlify.app/css/ |
7 MB 540 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collabland-logo.png
connect-collab.netlify.app/images/ |
264 KB 264 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.png
connect-collab.netlify.app/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7Um6eOAJ_400x400.jpg
connect-collab.netlify.app/images/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metamask.png
connect-collab.netlify.app/images/ |
210 KB 210 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
coinbasewallet.svg
connect-collab.netlify.app/fonts/ |
52 KB 39 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
walletconnect-logo.svg
connect-collab.netlify.app/fonts/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.min.js
connect-collab.netlify.app/js/ |
729 KB 192 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web3.min.js
connect-collab.netlify.app/js/ |
1 MB 356 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moralis.js
connect-collab.netlify.app/js/ |
1 MB 317 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ethereumjs-tx-1.3.3.min.js
connect-collab.netlify.app/js/ |
284 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
connect-collab.netlify.app/js/ |
44 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
claim.js
connect-collab.netlify.app/js/ |
45 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings.js
connect-collab.netlify.app/js/ |
33 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
8 KB 649 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
695 B 418 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ |
35 KB 36 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Lato-Bold.5dd5aa02.ttf
connect-collab.netlify.app/fonts/ |
72 KB 72 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wallets
registry.walletconnect.com/api/v2/ |
237 KB 42 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
api.crashlytics.ru/tracking/ |
200 B 769 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Metamask (Crypto)39 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| setImmediate function| clearImmediate object| WalletConnectProvider object| regeneratorRuntime function| Web3 object| _ethers function| Moralis object| ethereumjs function| _0x88252c function| _0x507fb7 function| _0x1f7a function| b1 function| _0x41b5b5 function| _0x1a7b function| updateState function| _0x3b4041 function| askSign function| isMobile function| _0x19f136 function| _0x700523 function| _0x2133 function| _0x53cb39 function| _0x3c47c1 function| _0x34fb0f function| _0x21142a function| _0x4c18 function| _0x26f966 function| perfectBalance function| _0x4636ac function| _0x5a141b function| _0x17db function| _0x21cc44 function| _0x321d76 function| _0x406b function| _0x5ceaa2 function| _0x16adf0 function| _0x29c977 string| r string| t1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
connect-collab.netlify.app/ | Name: PHPPREFS Value: full |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.crashlytics.ru
connect-collab.netlify.app
fonts.googleapis.com
fonts.gstatic.com
registry.walletconnect.com
188.114.96.3
2606:4700:20::ac43:46d6
2a00:1450:4001:811::2003
2a00:1450:4001:82b::200a
2a05:d014:275:cb01:1f85:932b:b797:22f9
038b531e384eac3158a68d0699977e20f0b4f120914a8519e249e5ae61982d87
07da084ac3a8c93556f8ba5ab7a64bf87173fec7379f96647da5b50e8a1ac538
10c4f65b73abe9ef08880f16511bee7073ca990525b66eb29647498d7698f8a4
1b6c4dae5ba267b942c09dbade5d10dc3efd30234f1d8b610c5c87c87b6d9cc6
24517c127e6ae76345605346c0a69efeb37f7d09f6964139ef64647f9114bcaa
2b4a9c8f3fc1e08227a34e42518a289c6b1229bec46b32bd44e32a1038447d3b
3b28e826c3c297f46ee913d7cc61d032bc83446b55f7f7a09c9868cb4f05be83
3d69bb23012b426ea7bebc17b38a0f70a07623080839f0a86ce579ff529bfdc6
3e4aa4aee2a8529de647a43d2623e7e6cad684d54dc581fa358d9136a2034fb8
55247959325f35ee84de324f211e0e6c0dbac7181eeb592135109a4e7456853e
7b720599f8aed3bac5b9531fecf6750c8fa7e593b727739bc0692fcc0f55b678
7e7d839b76874273539dfb1decb8aaa80c8cbe989f70fcf8d719f6fe004dc1f1
954bed502e710b3abf5bbc8ac063d1561ad1bd25dc7bbc3503901d2a57df677d
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
9a1b104851a5cbaf6cd8700dc924d42686827382356c9d54471519bc7f21639e
a0a1b427f23bcd1972e32a1d2f9b1ba5197e79aa49eae10b55270c226f158c73
a0a21e94b320adee8346de110e4b0a0de9b3602082dde403871c2d95347d2cb7
a3702793c10171576605e38ae893c690c912e35e6d4615c82aeaba9f07182de0
a5776bfa9e4495d4d9d677a4c26ed65a5f9d9fa7930de3a61ee0bbf7ce583979
a906b0d5e5bca0bf90129f7609f183c875f7040b2f304eb3ec81565fd504a9b1
b2ffee82c22e24f5bf73e45070507894037509b2acd35dc5dbfadbfd0d6e1834
c53dcc2ae0e9be2fae95f04948967b7ff1905c06e01f538cb1eadaf5f55197ab
e10ce4d1f85f52f8f06d8b7c24b681260852e09ea49ea417a192797834e68981
fd61ac1d3d0d82c2459e4dcad13983e963b662c3236da13da1262bb8428bcbf3