stake.givesback.co
Open in
urlscan Pro
3.125.252.47
Malicious Activity!
Public Scan
Effective URL: https://stake.givesback.co/
Submission: On November 09 via manual from PT — Scanned from DE
Summary
TLS certificate: Issued by R3 on November 9th 2022. Valid for: 3 months.
This is the only time stake.givesback.co was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 34.159.58.69 34.159.58.69 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
5 | 3.125.252.47 3.125.252.47 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 76.76.21.21 76.76.21.21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a04:4e42:1b:... 2a04:4e42:1b::720 | 54113 (FASTLY) (FASTLY) | |
2 | 159.69.246.187 159.69.246.187 | 24940 (HETZNER-AS) (HETZNER-AS) | |
9 | 5 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 69.58.159.34.bc.googleusercontent.com
stake.givesback.co |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-252-47.eu-central-1.compute.amazonaws.com
stake.givesback.co |
ASN24940 (HETZNER-AS, DE)
PTR: static.187.246.69.159.clients.your-server.de
api.qrserver.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
givesback.co
1 redirects
stake.givesback.co |
180 KB |
2 |
qrserver.com
api.qrserver.com — Cisco Umbrella Rank: 71375 |
1 KB |
1 |
imgix.net
mediumrare.imgix.net — Cisco Umbrella Rank: 417178 |
7 KB |
1 |
playstake.io
playstake.io |
1 KB |
9 | 4 |
Domain | Requested by | |
---|---|---|
6 | stake.givesback.co |
1 redirects
stake.givesback.co
|
2 | api.qrserver.com |
stake.givesback.co
|
1 | mediumrare.imgix.net |
stake.givesback.co
|
1 | playstake.io |
stake.givesback.co
|
9 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.givesback.co R3 |
2022-11-09 - 2023-02-07 |
3 months | crt.sh |
playstake.io R3 |
2022-11-06 - 2023-02-04 |
3 months | crt.sh |
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2022 Q2 |
2022-06-01 - 2023-07-03 |
a year | crt.sh |
*.qrserver.com R3 |
2022-10-20 - 2023-01-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://stake.givesback.co/
Frame ID: 5EA8B836736C3E2D242A506824B3CAD7
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
Official Stake GiveawayPage URL History Show full URLs
-
http://stake.givesback.co/
HTTP 301
https://stake.givesback.co/ Page URL
Detected technologies
Moment.js (JavaScript Libraries) ExpandDetected patterns
- moment(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://stake.givesback.co/
HTTP 301
https://stake.givesback.co/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
stake.givesback.co/ Redirect Chain
|
493 KB 127 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image
playstake.io/_next/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
37 KB 37 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
29 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
28 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
drake-banner.png
mediumrare.imgix.net/ |
6 KB 7 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
93 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
537 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
386 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
738 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.qrserver.com/v1/create-qr-code/ |
456 B 721 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
93 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.qrserver.com/v1/create-qr-code/ |
451 B 715 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apply.png
stake.givesback.co/Official%20giveaway%20of%20Bitcoin%20and%20Stake_files/ |
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js.download
stake.givesback.co/Official%20giveaway%20of%20Bitcoin%20and%20Stake_files/ |
87 KB 30 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moment.min.js.download
stake.givesback.co/Official%20giveaway%20of%20Bitcoin%20and%20Stake_files/ |
57 KB 18 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
632 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
238 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apply.png
stake.givesback.co/assets/ |
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| moment function| d function| copy0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.qrserver.com
mediumrare.imgix.net
playstake.io
stake.givesback.co
159.69.246.187
2a04:4e42:1b::720
3.125.252.47
34.159.58.69
76.76.21.21
2ec389ce705d8078830398111a14a3b394760f854ac5d4d9b1f8346da65e7499
34b9950889c058672e158fb8419ee244013a4b5a61eb54dc2abcd57a6823dd95
39c2a24e3b44d69ec92e322d981dd33850b1bdcfe5bdf53b474372ca02a4b5dc
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
48253c572d73cbde0d70203493fe4104e5e3e25e3add6490ae9c6a572bc31083
5313f8c6a92f2cbaefb9ca6b3503fb5c832e245e44040d53e35fb48f66784037
69e48d9db7c27991e0dce1a56f246fec93363cc286c71e6160282a31bf05e867
6bda7850d3c9540b4f23b349b72e306ea3f074311b1edb5cd5b982094bd039ce
73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7
8233a3f5402bfb8f9945efb43eef36bea04a3313002c73f6c55f284b730b2d47
85bbe008af59bb11b29d473d2aaaf31a5afec5b895508a3f27a6fe80853bf854
9ca59a67e9bdfe1e93dd7dd3d0e80be9a7e4a5e09d610cd72ba185fdb8c82516
bec00fa6d1d3259d22269c995d3b4f30a64053fb540b90de437e72a20423ed94
c2e15f968d52eabee80b141994dff0c6f288b8ae201cfac1491ad56840d130c7
df41bc69e94d5318f5841ae11d65d8bd6f6e51ae8f97134dbf6efe52f1b3de7f
f02dc6dac448e0ea10513730e9d1d3114da36cdbcab343066c84c73d7f3fd001
f5ae0e83f759449f98c0b200b87872c5b62f1c60c6943a19b077feaf8f64a5e0
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffdd300789c136fd4ed6fcbde37b6a4858e7b1c187118ab59670034c11c40113