mediumz.top
Open in
urlscan Pro
2606:4700:30::681b:9db4
Malicious Activity!
Public Scan
Submission: On December 03 via manual from GB
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 24th 2018. Valid for: a year.
This is the only time mediumz.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
27 | 2606:4700:30:... 2606:4700:30::681b:9db4 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
2 | 104.20.3.47 104.20.3.47 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 46.105.201.240 46.105.201.240 | 16276 (OVH) (OVH) | |
1 | 198.27.74.174 198.27.74.174 | 16276 (OVH) (OVH) | |
32 | 5 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
mediumz.top |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.statcounter.com | |
c.statcounter.com |
ASN16276 (OVH, FR)
PTR: ns508944.ip-198-27-74.net
s4.histats.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
mediumz.top
mediumz.top |
270 KB |
2 |
histats.com
s10.histats.com s4.histats.com |
5 KB |
2 |
statcounter.com
www.statcounter.com c.statcounter.com |
11 KB |
0 |
gathereth.com
Failed
gathereth.com Failed |
|
32 | 4 |
Domain | Requested by | |
---|---|---|
27 | mediumz.top |
mediumz.top
|
1 | s4.histats.com |
s10.histats.com
|
1 | c.statcounter.com |
mediumz.top
|
1 | s10.histats.com |
mediumz.top
|
1 | www.statcounter.com |
mediumz.top
|
0 | gathereth.com Failed |
mediumz.top
|
32 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2018-10-24 - 2019-10-24 |
a year | crt.sh |
*.statcounter.com Go Daddy Secure Certificate Authority - G2 |
2018-01-16 - 2019-01-17 |
a year | crt.sh |
histats.com Let's Encrypt Authority X3 |
2018-10-25 - 2019-01-23 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://mediumz.top/story/eth.html
Frame ID: 1B2B712710E41900C703D109D313DCC5
Requests: 32 HTTP requests in this frame
Screenshot
Detected technologies
Clipboard.js (Miscellaneous) ExpandDetected patterns
- script /clipboard(?:\.min)?\.js/i
- env /^Clipboard$/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /cloudflare/i
HeadJS (JavaScript Libraries) Expand
Detected patterns
- env /^head$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js/i
- env /^jQuery$/i
Piwik () Expand
Detected patterns
- script /piwik\.js|piwik\.php/i
- env /^_paq$/i
StatCounter () Expand
Detected patterns
- script /statcounter\.com\/counter\/counter/i
Twitter Bootstrap () Expand
Detected patterns
- script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
eth.html
mediumz.top/story/ |
30 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
counter.js
www.statcounter.com/counter/ |
28 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clipboard.min.js.download
mediumz.top/story/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js.download
mediumz.top/story/ |
82 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js.download
mediumz.top/story/ |
27 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
overrides.css
mediumz.top/story/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
mediumz.top/story/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.js
mediumz.top/story/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared.js
mediumz.top/story/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.htm
mediumz.top/story/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navbar-analytics.htm
mediumz.top/story/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blockchain.css
mediumz.top/story/ |
203 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clipboard.htm
mediumz.top/story/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.htm
mediumz.top/story/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bitcoin-payment-request.htm
mediumz.top/story/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
payment-request.css
mediumz.top/story/ |
568 B 490 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-overrides.css
mediumz.top/story/ |
1 KB 661 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.png
mediumz.top/story/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new.png
mediumz.top/story/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
T1X5ZPT.gif
mediumz.top/story/ |
126 KB 126 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js15_as.js
s10.histats.com/ |
10 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
t.php
c.statcounter.com/ |
49 B 493 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.php
s4.histats.com/stats/ |
49 B 320 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.htm
mediumz.top/story/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navbar-analytics.htm
mediumz.top/story/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clipboard.htm
mediumz.top/story/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.htm
mediumz.top/story/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bitcoin-payment-request.htm
mediumz.top/story/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Montserrat-Light.ttf
mediumz.top/fonts/montserrat/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Montserrat-Medium.ttf
mediumz.top/fonts/montserrat/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Montserrat-Bold.ttf
mediumz.top/fonts/montserrat/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
piwik.js
gathereth.com/mtm/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- gathereth.com
- URL
- http://gathereth.com/mtm/piwik.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)185 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
number| sc_project number| sc_invisible string| sc_security number| sc_https object| _Hasync number| sc_width number| sc_height string| sc_referer number| sc_unique number| sc_returning number| sc_returns number| sc_error number| sc_remove number| sc_cls number| sc_inv string| sc_os string| sc_title string| sc_url string| sc_base_dir string| sc_click_dir string| sc_link_back_start string| sc_link_back_end string| sc_security_code string| sc_http_url string| sc_host string| sc_dc string| sc_alt_text string| sc_counter_size number| sc_prerendering string| sc_uuid string| sc_uuid_q string| sc_unique_returning string| sc_sp function| _sc_strip_tags function| _sc_sanitiseTags function| _sc_validateTags function| getTagString function| isValidEventName undefined| _statcounter_pending object| _statcounter number| sc_script_num object| _sc_imgs string| sc_pageview_tag_string number| _sc_project_int boolean| _sc_apply_mar_2017_fixes number| clickstat_done number| clickstat_project string| clickstat_security string| dlext string| ltype string| second object| dl object| lnk object| domsec string| host_name object| host_splitted string| domain string| host_split string| lnklocal_mask object| lnklocal object| anchors undefined| anchor undefined| original_click undefined| s undefined| bs undefined| head undefined| ps undefined| pe undefined| params undefined| plist undefined| body undefined| insert undefined| final_body undefined| ev_head undefined| ev_params undefined| ev_sep undefined| sc_i undefined| ev_foot undefined| ev_final string| sc_gsyn_pattern string| sc_gsyn_pattern2 undefined| sc_px undefined| sc_py undefined| sc_existing function| sc_none function| sc_delay function| sc_clickstat_call function| sc_adsense_click function| sc_adsense_init function| sc_getmouse function| sc_findy function| sc_findx function| sc_exitpage string| sc_doc_loc object| myRE object| sc_date number| sc_time number| sc_time_difference string| cookie_value object| expiration number| sc_call function| chfh function| chfh2 string| _HST_cntval object| Histats function| $ function| jQuery string| ADDRESS object| jQuery111101733506792564432 number| satoshi string| show_adv object| adv_rule object| symbol_btc object| symbol_local object| symbol string| root string| resource undefined| war_checksum boolean| min boolean| isExtension string| APP_VERSION string| APP_NAME string| IMPORTED_APP_NAME string| IMPORTED_APP_VERSION function| stripHTML function| setLocalSymbol function| setBTCSymbol undefined| names undefined| ws undefined| reconnectInterval function| webSocketConnect function| BlockFromJSON function| TransactionFromJSON function| padStr function| dateToString function| parseURLQuery function| generateURL function| formatSatoshi function| convert function| formatBTC function| sShift function| formatSymbol function| formatMoney function| formatOutput function| toggleAdv function| setAdv function| calcMoney function| setupSymbolToggle function| toggleSymbol object| _sounds function| playSound function| setupToggle function| updateQueryString function| loadScript function| SetCookie function| getCookie object| MyStore object| _HistatsCounterGraphics_0_setValues function| setTooltip object| intervalId function| hideTooltip object| clipboard function| wait function| random function| uuidv4 function| bet function| removeArr function| addLink function| sub function| newtr function| insertAfter function| updateTrans object| times function| setProgress number| ctd object| _paq number| c_start object| tr string| INT string| OUT string| TXID string| TXID2 string| INCIN string| INOUT number| trans0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c.statcounter.com
gathereth.com
mediumz.top
s10.histats.com
s4.histats.com
www.statcounter.com
gathereth.com
104.20.3.47
198.27.74.174
2606:4700:30::681b:9db4
46.105.201.240
03da92f035c699a414e7379fc4e431b20d29e4901ed6b1172eb30f2d7308c2ca
0eaae585ad089e3e6505f03510f301a280a5994c8af603f5248fee807f51b842
1b2e13e883b7c5b0236eb927a1aca3d1456f844599fcf5b0325d10de5e0772f3
2a172e1eadb251c8c0662f3c9e707a19fbea965bf8f3dc6c7ffaaba94a86df01
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
325a73dfc63f08c3deed0f2d8d7a3bdb32965653dd66b7fa44fb1e91ec933755
33158c6da5969dc254037dd573a8a290cb12197b03d03a7c9446f6cea18f783c
3c810b75b48698b89e5f538b25390a60c6cbb09f82e8cd6d5517b0c6bdce4d24
51db6c4f053f0649837ec06f4890fb346b0c62df43990e2c0f6ddd784468ce8d
54d21b0676784d0c983bbd4093898770adefa932d89b72c8afd88183a19172a7
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8aa56ead17ccaf54a9d8d5800ab2ff4749e5adc388ef56fc67e5baed73480276
93672d844823e58d3859dfd90fc409fb867e7e5fc177d6ac8446b579096cc8df
ab0dc9bdb2ade6e0f72cdfcf80864f5da7377889dd05a72c2714dccf125514b5
b15452215292be6e06c2055e5f85a4d82fe5778480b6e0ce3c70ebba2dd6a28b
c8cd3dd1643473d92f60b97813dd828c0ab13eb9e011739103a2aa6255ca1aa4
cba2dd9d00ef6c95d4cb86a6c42e8f86d0935e0276348138f47e8f787107d560
e58cc6807b07398b4dc914a13b41479f8228c081e7b170fa3adcda1153148d88