hokkairdrop.hokkfi.com
Open in
urlscan Pro
76.76.21.9
Malicious Activity!
Public Scan
Effective URL: https://hokkairdrop.hokkfi.com/
Submission: On March 19 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on February 17th 2024. Valid for: 3 months.
This is the only time hokkairdrop.hokkfi.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Uniswap (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 10 | 76.76.21.9 76.76.21.9 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 52.0.242.21 52.0.242.21 | 14618 (AMAZON-AES) (AMAZON-AES) | |
11 | 3 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-242-21.compute-1.amazonaws.com
mainnet.infura.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
hokkfi.com
1 redirects
hokkairdrop.hokkfi.com |
5 MB |
2 |
infura.io
mainnet.infura.io — Cisco Umbrella Rank: 24722 |
190 B |
11 | 2 |
Domain | Requested by | |
---|---|---|
10 | hokkairdrop.hokkfi.com |
1 redirects
hokkairdrop.hokkfi.com
|
2 | mainnet.infura.io |
hokkairdrop.hokkfi.com
|
11 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
hokk.finance |
hokkfi.com |
etherscan.io |
Subject Issuer | Validity | Valid | |
---|---|---|---|
hokkairdrop.hokkfi.com R3 |
2024-02-17 - 2024-05-17 |
3 months | crt.sh |
*.infura.io Amazon RSA 2048 M02 |
2023-11-29 - 2024-12-27 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://hokkairdrop.hokkfi.com/
Frame ID: 744CD01287F3BCE5591CC53475B3A096
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
HOKKFiPage URL History Show full URLs
-
http://hokkairdrop.hokkfi.com/
HTTP 308
https://hokkairdrop.hokkfi.com/ Page URL
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Home
Search URL Search Domain Scan URL
Title: HOKKFi
Search URL Search Domain Scan URL
Title: 19468653
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://hokkairdrop.hokkfi.com/
HTTP 308
https://hokkairdrop.hokkfi.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
hokkairdrop.hokkfi.com/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.f04942fe.chunk.css
hokkairdrop.hokkfi.com/static/css/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.c08d73c8.chunk.js
hokkairdrop.hokkfi.com/static/js/ |
1 MB 431 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.6b8be883.chunk.js
hokkairdrop.hokkfi.com/static/js/ |
11 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
hokkairdrop.hokkfi.com/locales/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Light-Paws.052ff9ad.png
hokkairdrop.hokkfi.com/static/media/ |
2 MB 2 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-US.json
hokkairdrop.hokkfi.com/locales/ |
3 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Inter-roman.var.90e8f61d.woff2
hokkairdrop.hokkfi.com/static/media/ |
221 KB 221 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logomain.15b9705c.png
hokkairdrop.hokkfi.com/static/media/ |
29 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
26a606c941a549419b0a372f8f863a56
mainnet.infura.io/v3/ |
47 B 190 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
26a606c941a549419b0a372f8f863a56
mainnet.infura.io/v3/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Uniswap (Crypto Exchange)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackJsonp@uniswap/interface object| regeneratorRuntime function| setImmediate function| clearImmediate object| scCGSHMRCache number| 2f1acc6c3a606b082e5eef5e54414ffb0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
hokkairdrop.hokkfi.com
mainnet.infura.io
52.0.242.21
76.76.21.9
0ada3fcb6d23286f44d3d25bfaefe446158ba659d875033a03600a3f0a6ae661
10189a360e60e6798dda76761d81ea05f0cb8143ef0d4f7e9fb07bda1c2453ab
283dc901b8217b6c148ce8f5ae959c6371e50ac3a62c5e77bbdf18e4de31f976
2a99bb90ac781897f922a0e87f0c5fd8dc6d31e18d372bed8ba11640d1628387
7324d6640c3e5b2f314258fe6113ebbe974e458035ce82436eb5889d1335f430
a9bf3d6e07343ec2bd0eed9c8c31230d6878e0446a21eaf57e699279415c6b5d
b8e5fc78cc13c39d7b6040a18239c1e50352520f8a205b179afaa48ff31e8549
c992bb882d7eaa930bd94c9aa9afc44515fb9221e3b6b2eec1f374217009b72a
cc1944a3d800b5cbede23e8acdf984598757033c891d54fbfdaab6f0644b4e32
ff3e2f01b1c6984a0ef9b80cc22864dc09151641114cca7a08484ba1a7c32cff