![](/screenshots/74587072-3a50-496a-92fc-8905de636c38.png)
airdrop-muitibit.com
Open in
urlscan Pro
188.114.97.3
Malicious Activity!
Public Scan
Effective URL: https://airdrop-muitibit.com/
Submission: On June 21 via api from BE — Scanned from DE
Summary
TLS certificate: Issued by WE1 on June 10th 2024. Valid for: 3 months.
This is the only time airdrop-muitibit.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 6 | 172.67.168.104 172.67.168.104 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 172.67.75.34 172.67.75.34 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
21 | 5 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
airdrop-muitibit.com
airdrop-muitibit.com |
2 MB |
6 |
allocation-multibit.com
2 redirects
allocation-multibit.com |
10 KB |
4 |
multibit.exchange
multibit.exchange Failed |
29 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268 |
20 KB |
0 |
checker-api.su
Failed
checker-api.su Failed |
|
21 | 5 |
Domain | Requested by | |
---|---|---|
7 | airdrop-muitibit.com |
airdrop-muitibit.com
|
6 | allocation-multibit.com |
2 redirects
allocation-multibit.com
|
4 | multibit.exchange |
airdrop-muitibit.com
|
1 | cdnjs.cloudflare.com |
airdrop-muitibit.com
|
0 | checker-api.su Failed |
airdrop-muitibit.com
|
21 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
allocation-multibit.com GTS CA 1P5 |
2024-05-20 - 2024-08-18 |
3 months | crt.sh |
airdrop-muitibit.com WE1 |
2024-06-10 - 2024-09-08 |
3 months | crt.sh |
multibit.exchange E1 |
2024-05-17 - 2024-08-15 |
3 months | crt.sh |
cdnjs.cloudflare.com E1 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://airdrop-muitibit.com/
Frame ID: 81529902A2CFDEE4F1C8CFE95671F378
Requests: 26 HTTP requests in this frame
Screenshot
![](/screenshots/74587072-3a50-496a-92fc-8905de636c38.png)
Page Title
MultiBitPage URL History Show full URLs
- https://allocation-multibit.com/ Page URL
-
https://allocation-multibit.com/cdn-cgi/phish-bypass?atok=PlMDoF4fZhRA4d0O8WxtVbtfU8xjUtlqEr1iExuSX.w-171895...
HTTP 301
https://allocation-multibit.com/ HTTP 301
https://airdrop-muitibit.com/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://allocation-multibit.com/ Page URL
-
https://allocation-multibit.com/cdn-cgi/phish-bypass?atok=PlMDoF4fZhRA4d0O8WxtVbtfU8xjUtlqEr1iExuSX.w-1718950545-0.0.1.1-%2F
HTTP 301
https://allocation-multibit.com/ HTTP 301
https://airdrop-muitibit.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
/
allocation-multibit.com/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cf.errors.css
allocation-multibit.com/cdn-cgi/styles/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-exclamation.png
allocation-multibit.com/cdn-cgi/images/ |
452 B 635 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
allocation-multibit.com/ |
5 KB 2 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
/
airdrop-muitibit.com/ Redirect Chain
|
1 MB 68 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
contracts.js
airdrop-muitibit.com/scripts/ |
0 452 B |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
airdrop-muitibit.com/scripts/ |
1 MB 1 MB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
entry.js
airdrop-muitibit.com/scripts/ |
0 457 B |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
88c9fa54c5f37659-s.p.ttf
multibit.exchange/_next/static/media/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
afb5a11a315b1354-s.p.ttf
multibit.exchange/_next/static/media/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7289266ca9468941.css
multibit.exchange/_next/static/css/ |
385 B 914 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
c48d9796a5fbd74e.css
multibit.exchange/_next/static/css/ |
377 B 945 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
email-decode.min.js
airdrop-muitibit.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/ |
59 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
48 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
37 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
afb5a11a315b1354-s.p.ttf
multibit.exchange/_next/static/media/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
config
checker-api.su/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
config
checker-api.su/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
afb5a11a315b1354-s.p.ttf
airdrop-muitibit.com/ |
27 KB 7 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
image
multibit.exchange/_next/ |
26 KB 26 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
88c9fa54c5f37659-s.p.ttf
airdrop-muitibit.com/ |
106 KB 52 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.svg
multibit.exchange/ |
1 KB 1 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- multibit.exchange
- URL
- https://multibit.exchange/_next/static/media/88c9fa54c5f37659-s.p.ttf
- Domain
- multibit.exchange
- URL
- https://multibit.exchange/_next/static/media/afb5a11a315b1354-s.p.ttf
- Domain
- multibit.exchange
- URL
- https://multibit.exchange/_next/static/media/afb5a11a315b1354-s.p.ttf
- Domain
- checker-api.su
- URL
- https://checker-api.su/config
- Domain
- checker-api.su
- URL
- https://checker-api.su/config
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage string| UNIQUE_IDENTITY object| popups object| __p_3109784987 number| __p_0903745097 object| __p_4905033131 function| __getGlobal object| __globalObject function| __TextDecoder function| __Uint8Array undefined| __Buffer function| __String function| __Array function| utf8ArrayToStr function| __p_0592233305 string| __p_9742150973 string| __p_2966709287 object| __p_0954506818 string| __p_3513569766 object| __p_0714595928 function| __p_3121322347_calc function| __p_3572591734 number| __p_9501651043 function| _0x4668 function| _0x5e51 function| _0x24bffd function| __p_8119053143 function| __p_5081019489 object| CryptoJS1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.allocation-multibit.com/ | Name: __cf_mw_byp Value: PlMDoF4fZhRA4d0O8WxtVbtfU8xjUtlqEr1iExuSX.w-1718950545-0.0.1.1-/ |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
airdrop-muitibit.com
allocation-multibit.com
cdnjs.cloudflare.com
checker-api.su
multibit.exchange
checker-api.su
multibit.exchange
104.17.24.14
172.67.168.104
172.67.75.34
188.114.97.3
0ab4572c9ac1354bd12c96829f55f0cbcd1364dcfce17de4dff4354789cc506e
143f3b1e7d30eac63ced736e598c6e4d122cee4921c8cb4fff904a50fc60d0be
21c20918f702509dc1bf8af8bebac369bcb5a9a0258433f441e9f425fb910415
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
46cf6387d4cae9d64a259028aca61fc1930fb881abd08943780a6408b6b0bdb3
516fbae29f8985a613158f8d3fc6e0144560aadef641e1a8a9f03d62ab5fe32b
769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc
782df3a9f60a888c3c87751ecf058105f8d13d9c3072f6a0f9a0347d9903a221
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
86ddf161c9b7b0dd5b659a7cc37bf5077f3161f651b8033f62c1f7ea14ecd82a
86e225aed7509a977fd9cb6367a8da137f092271953c843795b086870f1cd900
b402d66dc61fcd96bf509058451a2c21b6fadc8a81c32519a95935588be0c124
bc9dfa6972e8017c1080d76eb028d75ddc68c23d6e56654b445160efa3ef575e
d3781447e67292e8c2959554afab5818b3dfb3131a8af144e17be0b597091271
d5d16cd792f4d5982bad9ee22505ff18bb5dc07a2f2cdc6fc82d83b7e9c9e8f3
db053e36ffe02b26642c973e97816e3baccf2b9c8ef696e50c1e3f4fffe137f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f1788bc5278d17501887a7650f1c6ba22325d6d398e7a2c39df2d5e168b3a378