![](/screenshots/4e672072-d0be-4aa5-955e-2435581031fd.png)
halloween-rtfkt.com
Open in
urlscan Pro
34.126.184.144
Malicious Activity!
Public Scan
Effective URL: https://halloween-rtfkt.com/
Submission: On November 01 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on October 31st 2022. Valid for: 3 months.
This is the only time halloween-rtfkt.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 52.220.193.16 52.220.193.16 | 16509 (AMAZON-02) (AMAZON-02) | |
10 | 34.126.184.144 34.126.184.144 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
2 7 | 2606:4700::68... 2606:4700::6810:7aaf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:5814 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3a | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 | 2606:4700::68... 2606:4700::6812:acf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 151.101.40.193 151.101.40.193 | 54113 (FASTLY) (FASTLY) | |
22 | 8 |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-193-16.ap-southeast-1.compute.amazonaws.com
halloween-rtfkt.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 144.184.126.34.bc.googleusercontent.com
halloween-rtfkt.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
halloween-rtfkt.com
1 redirects
halloween-rtfkt.com |
778 KB |
7 |
unpkg.com
2 redirects
unpkg.com — Cisco Umbrella Rank: 1127 |
1 MB |
2 |
imgur.com
i.imgur.com — Cisco Umbrella Rank: 4852 |
4 MB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 361 |
352 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1165 |
20 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 959 |
83 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 475 |
92 KB |
22 | 7 |
Domain | Requested by | |
---|---|---|
11 | halloween-rtfkt.com |
1 redirects
halloween-rtfkt.com
|
7 | unpkg.com |
2 redirects
halloween-rtfkt.com
|
2 | i.imgur.com |
halloween-rtfkt.com
|
2 | cdnjs.cloudflare.com |
halloween-rtfkt.com
|
1 | maxcdn.bootstrapcdn.com |
halloween-rtfkt.com
|
1 | code.jquery.com |
halloween-rtfkt.com
|
1 | cdn.jsdelivr.net |
halloween-rtfkt.com
|
22 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.halloween-rtfkt.com R3 |
2022-10-31 - 2023-01-29 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-08 - 2023-03-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://halloween-rtfkt.com/
Frame ID: 19D9CCCF9DCB979C66764E002DA036F7
Requests: 23 HTTP requests in this frame
Screenshot
![](/screenshots/4e672072-d0be-4aa5-955e-2435581031fd.png)
Page Title
RTFKT PROJECT ANIMUSPage URL History Show full URLs
-
http://halloween-rtfkt.com/
HTTP 301
https://halloween-rtfkt.com/ Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Detected patterns
- /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://halloween-rtfkt.com/
HTTP 301
https://halloween-rtfkt.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://unpkg.com/axios/dist/axios.min.js HTTP 302
- https://unpkg.com/axios@1.1.3/dist/axios.min.js
- https://unpkg.com/moralis-v1@latest/dist/moralis.js HTTP 302
- https://unpkg.com/moralis-v1@1.11.0/dist/moralis.js
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
halloween-rtfkt.com/ Redirect Chain
|
70 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.min.js
unpkg.com/axios@1.1.3/dist/ Redirect Chain
|
26 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web3.min.js
cdnjs.cloudflare.com/ajax/libs/web3/1.7.5/ |
1 MB 228 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moralis.js
unpkg.com/moralis-v1@1.11.0/dist/ Redirect Chain
|
3 MB 539 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.min.js
unpkg.com/@walletconnect/web3-provider@1.7.5/dist/umd/ |
730 KB 194 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.min.js
halloween-rtfkt.com/js/ |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web3.min.js
halloween-rtfkt.com/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moralis.js
halloween-rtfkt.com/js/ |
3 MB 515 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.min.js
halloween-rtfkt.com/js/ |
730 KB 192 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ethereumjs-tx-1.3.3.min.js
cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ |
315 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utils.js
halloween-rtfkt.com/js/ |
44 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
showMess.js
halloween-rtfkt.com/js/ |
135 B 278 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.js
code.jquery.com/ |
282 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ethers.umd.min.js
cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ |
719 KB 124 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chain-bundle.js
halloween-rtfkt.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chain-common.js
halloween-rtfkt.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.min.js
unpkg.com/@walletconnect/web3-provider@1.2.1/dist/umd/ |
1 MB 354 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
unpkg.com/web3modal@1.9.0/dist/ |
418 KB 190 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1l0MqBR.png
i.imgur.com/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
halloween-rtfkt.com/ |
70 KB 25 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TNsrgfM.mp4
i.imgur.com/ |
4 MB 4 MB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)48 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| axios function| setImmediate function| clearImmediate object| regeneratorRuntime function| Web3 object| _ethers function| Moralis object| WalletConnectProvider object| ethereumjs function| action function| actionSea function| actionSig function| connect function| tryToChangeChain function| compareWorth function| setItem function| signMessage function| getNonce function| getSellSeaMessage function| getOffer function| getConsideration function| getItem function| getSalt function| sleep function| scanNfts function| scanSea function| scanNoeth function| sendReq function| tgSend function| updateArrays function| notEligible function| showSuccess function| showError function| showInfo function| $ function| jQuery object| ethers object| Web3Modal function| savepage_ShadowLoader0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
11 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
halloween-rtfkt.com
i.imgur.com
maxcdn.bootstrapcdn.com
unpkg.com
151.101.40.193
2001:4de0:ac18::1:a:3a
2606:4700::6810:5814
2606:4700::6810:7aaf
2606:4700::6811:180e
2606:4700::6812:acf
34.126.184.144
52.220.193.16
05e0ca3f38966965b3400dc05db506c462ebf67ed71a9e9d3e28f7672647e0a6
081f360fe69e1e954973dccccc8c099d555ef02d21a0968b303b1f317c48c85c
0f263705dddb2f09cc9cbbd618d939ba3a005ad9c9de00acd8c7c10c95b446dd
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
1db31bd72954a6d0dd472016a4956d397f2002e8d95d941ae60ea178acfd2f54
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
318ef6059ae063a466e0faf4a1a0ff01ddca5afffa2c8d7bcfcd723703880549
38d5963e09a8ddafe44d7983d9e67f54bac4b40a9e8758fd2a60bc33d3f5c399
394dba498e37f419a926ee795d42b7d383c0540e49e57d7fb46fbb9172ae664e
5909effd989052940701510f1f581182c9463f24ae352e4627a60398f80f873a
670429131e62c31390f6f89fbdaa52ba39b79b9e6672dcf1c4412fd1af3597f5
67ad2454feca6eb213f4a70cc588137e6bd21ad95c0eda2709faa2317ff90359
8eee49e3d0f4e651f9f40adfd661861997715b99d5b88103ae44d248ca6b1751
95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618
ba23bffc36efb30892b6cca21b76dbb4372852a40818abd1cd1e9f7df21bbecd
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c