coin-gainers.net
Open in
urlscan Pro
2606:4700:3031::ac43:c5d2
Malicious Activity!
Public Scan
Submission: On February 08 via manual from ES — Scanned from ES
Summary
TLS certificate: Issued by GTS CA 1P5 on January 9th 2023. Valid for: 3 months.
This is the only time coin-gainers.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BBVA (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 2606:4700:303... 2606:4700:3031::ac43:c5d2 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a00:1450:400... 2a00:1450:400d:802::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 80.87.206.180 80.87.206.180 | 49981 (WORLDSTREAM) (WORLDSTREAM) | |
2 | 2a00:1450:400... 2a00:1450:400d:808::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:303... 2606:4700:3034::6815:2768 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
29 | 6 |
ASN49981 (WORLDSTREAM, NL)
PTR: 80-87-206-180.hosted-by-worldstream.net
kryptrks.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
coin-gainers.net
coin-gainers.net |
100 KB |
6 |
kryptrks.com
kryptrks.com |
62 KB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32 ajax.googleapis.com — Cisco Umbrella Rank: 298 |
33 KB |
2 |
gstatic.com
fonts.gstatic.com |
31 KB |
1 |
flagcdn.com
flagcdn.com — Cisco Umbrella Rank: 43302 |
768 B |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 196 |
6 KB |
29 | 6 |
Domain | Requested by | |
---|---|---|
16 | coin-gainers.net |
coin-gainers.net
ajax.googleapis.com |
6 | kryptrks.com |
coin-gainers.net
kryptrks.com |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | fonts.googleapis.com |
coin-gainers.net
|
1 | flagcdn.com |
coin-gainers.net
|
1 | ajax.googleapis.com |
coin-gainers.net
|
1 | cdnjs.cloudflare.com |
coin-gainers.net
|
29 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.coin-gainers.net GTS CA 1P5 |
2023-01-09 - 2023-04-09 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
kryptrks.com R3 |
2022-12-13 - 2023-03-13 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://coin-gainers.net/lp/bbva/
Frame ID: 8463057156DC15E87C46C1E6E5A4FC8F
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
CoingainersDetected technologies
animate.css (Web Frameworks) ExpandDetected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
coin-gainers.net/lp/bbva/ |
19 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
14 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
11 KB 851 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/ |
28 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.min.css
coin-gainers.net/lp/bbva/css/ |
70 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box.css
coin-gainers.net/lp/bbva/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
coin-gainers.net/lp/bbva/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_bbva_blanco.svg
coin-gainers.net/lp/bbva/img/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
3_051_newclient.svg
coin-gainers.net/lp/bbva/img/ |
486 B 851 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
18.png
coin-gainers.net/lp/bbva/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loading.svg
coin-gainers.net/lp/bbva/img/ |
639 B 929 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
social.png
coin-gainers.net/lp/bbva/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
scripts.js
coin-gainers.net/lp/bbva/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sdk.js
kryptrks.com/api/v1/integration/ |
442 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
BentonSansBBVA-Medium-Lite.woff2
coin-gainers.net/lp/bbva/fonts/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
btc-hack.mp4
coin-gainers.net/lp/bbva/media/ |
94 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
coin-gainers.net/lp/bbva/ |
13 KB 13 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
countryCode
coin-gainers.net/api/location/ |
2 B 534 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
btc-hack.mp4
coin-gainers.net/lp/bbva/media/ |
44 KB 45 KB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
es.png
flagcdn.com/w20/ |
190 B 768 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
details.php
kryptrks.com/api/v1/projects/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
details.php
kryptrks.com/api/v1/projects/ |
44 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sdk.css
kryptrks.com/api/v1/integration/ |
80 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
btc-hack.mp4
coin-gainers.net/lp/bbva/media/ |
17 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
add.php
kryptrks.com/api/v1/events/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
add.php
kryptrks.com/api/v1/events/ |
172 B 675 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BBVA (Financial)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery function| intgrtnInit string| today string| dd string| mm number| yyyy function| getFlag function| animateValue string| date object| intgrtn3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
coin-gainers.net/lp/ | Name: intgrtn_locale Value: en-US |
|
coin-gainers.net/lp/ | Name: intgrtn_intgrtn.options.server.endpoint Value: https://kryptrks.com |
|
coin-gainers.net/lp/ | Name: intgrtn_intgrtn.options.server.host Value: kryptrks.com |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdnjs.cloudflare.com
coin-gainers.net
flagcdn.com
fonts.googleapis.com
fonts.gstatic.com
kryptrks.com
2606:4700:3031::ac43:c5d2
2606:4700:3034::6815:2768
2606:4700::6811:190e
2a00:1450:400d:802::200a
2a00:1450:400d:808::2003
80.87.206.180
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
1a8b0cefedd87dd20c72d73cfe9834c17df93a49a7d95ea508659b58e61a23f9
25038265e790e4ee17e16018c71e3a315baa5975b36afefe5249f8310f6aa749
2ed31f9e853cfd4a002456426c3a346b30831901891e22aaf2ce834d011705fa
4110bfbebf5162bd8ce32b34a411c8c4ec827b0d65947993c25379646e5db120
492a9bf42b4c32e43c96600dd75e20b8b6244e9069326513ce8c03fe0ef8010e
5cdaeb4e22e816c72c387c8ee4f7134a5f18d53054fbb403f5670221cdf3b1cc
5e49265cbb79892053201830e22acdb1401c5698a2cea2ca10ea931c72cac8f7
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
907d725ceb01661091aa9df85163b93fbee6c5456ff4b94c4889f70c06f9b398
9cdca42dbad054a779e1f6c48deb97d0ec009c1e0d900d5f8e720a9d38b30c37
9ff9bd29689534d15c6ce78428c91610fbda43b8e7414ad9c8b81629d2eb057d
a4c4b98ec0edd5e82244778b29f73d125607e9995fa6c15a0ad3e805c9174d47
a6d4700236771cb82871860309b2c8a68f7d29f85b053a69a809c4277d1c72c5
aa32fb5d31639d2009333b56f03f7e37bbdac5616a65061ea42b6675dd742d38
aa43888d20f6d8bbe6d11ae8db26eca226c8e3578ad960f97b92f3bb86ad59d6
b083ae80a937bb9277b693b9db0fa97be8165bd9571010843cfa403695024be5
cae92e656dc10a9eb6c4729c9464db31125867536b5ef93eb92cd236e5e01b36
ce344a418127968f2bd07ada86c8cf3808eea524c399a02c0c2c0ebbe0f5467c
da81ab7a0714eb727dec38ed703bbda7c1025dabdc385b93365180c6d84d62ec
dc67dcaf23cb0a609512140f99b7897baf8df6492f0577950c07bb123c3a1924
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d