app.airdrop-hunter.site
Open in
urlscan Pro
2606:4700:3032::ac43:dcf3
Malicious Activity!
Public Scan
Effective URL: https://app.airdrop-hunter.site/
Submission: On April 23 via api from GB — Scanned from GB
Summary
TLS certificate: Issued by GTS CA 1P5 on March 26th 2023. Valid for: 3 months.
This is the only time app.airdrop-hunter.site was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 34 | 2606:4700:303... 2606:4700:3032::ac43:dcf3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
33 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
34 |
airdrop-hunter.site
1 redirects
app.airdrop-hunter.site |
1 MB |
33 | 1 |
Domain | Requested by | |
---|---|---|
34 | app.airdrop-hunter.site |
1 redirects
app.airdrop-hunter.site
|
33 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
airdrop-hunter.site |
twitter.com |
t.me |
rnbwapp.com |
metamask.app.link |
argent.link |
link.trustwallet.com |
safe.gnosis.io |
www.mathwallet.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.airdrop-hunter.site GTS CA 1P5 |
2023-03-26 - 2023-06-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://app.airdrop-hunter.site/
Frame ID: E26AFEB8D6B131C4D8C7C6ABC9E753C3
Requests: 43 HTTP requests in this frame
Screenshot
Page Title
AIRDROP HANTERPage URL History Show full URLs
-
https://app.airdrop-hunter.site/ref/?0x732aBf5
HTTP 302
https://app.airdrop-hunter.site/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Telegram
Search URL Search Domain Scan URL
Title: Rainbow
Search URL Search Domain Scan URL
Title: MetaMask
Search URL Search Domain Scan URL
Title: Argent
Search URL Search Domain Scan URL
Title: Trust
Search URL Search Domain Scan URL
Title: Safe
Search URL Search Domain Scan URL
Title: Math
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://app.airdrop-hunter.site/ref/?0x732aBf5
HTTP 302
https://app.airdrop-hunter.site/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
app.airdrop-hunter.site/ Redirect Chain
|
93 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fonts.css
app.airdrop-hunter.site/css/ |
476 B 713 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.css
app.airdrop-hunter.site/css/ |
160 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
app.airdrop-hunter.site/css/ |
75 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-Regular.woff2
app.airdrop-hunter.site/fonts/ |
98 KB 98 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-SemiBold.woff2
app.airdrop-hunter.site/fonts/ |
104 KB 104 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.3.5.1.min.js
app.airdrop-hunter.site/js/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.4.5.2.min.js
app.airdrop-hunter.site/js/ |
59 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
popper.1.16.0.min.js
app.airdrop-hunter.site/js/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
html2canvas.min.js
app.airdrop-hunter.site/js/ |
194 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hotkeys.min.js
app.airdrop-hunter.site/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
spinner.svg
app.airdrop-hunter.site/images/ |
3 KB 971 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zksync_arrow2.png
app.airdrop-hunter.site/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
scroll.png
app.airdrop-hunter.site/images/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lock7.png
app.airdrop-hunter.site/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
copy.svg
app.airdrop-hunter.site/images/ |
1 KB 954 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
copied.svg
app.airdrop-hunter.site/images/ |
547 B 771 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bsc.svg
app.airdrop-hunter.site/images/ |
650 B 844 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
poligon.svg
app.airdrop-hunter.site/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ethereum.svg
app.airdrop-hunter.site/images/ |
6 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
usdc.svg
app.airdrop-hunter.site/images/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
usdt.svg
app.airdrop-hunter.site/images/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dai.svg
app.airdrop-hunter.site/images/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.bundle.min.js
app.airdrop-hunter.site/js/ |
76 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
web3.js
app.airdrop-hunter.site/js-web3/ |
1 MB 294 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
web3modal.js
app.airdrop-hunter.site/js-web3/ |
418 KB 190 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
evm-chains.js
app.airdrop-hunter.site/js-web3/ |
22 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wallet-connect.js
app.airdrop-hunter.site/js-web3/ |
1 MB 354 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ethers-5.0.umd.min.js
app.airdrop-hunter.site/js-web3/ |
698 KB 189 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bignumber.min.js
app.airdrop-hunter.site/js-web3/ |
18 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
script.js
app.airdrop-hunter.site/js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
app.airdrop-hunter.site/js2/abi/ |
161 KB 4 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
app.airdrop-hunter.site/js2/ |
58 KB 12 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
20 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
39 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
23 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)107 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless function| $ function| jQuery object| bootstrap function| Popper function| html2canvas function| hotkeys number| uidEvent function| setImmediate function| clearImmediate object| regeneratorRuntime function| Web3 object| Web3Modal object| evmChains object| WalletConnectProvider object| _ethers object| ethers function| BigNumber object| glob object| eth_abi function| log string| chain_name number| chainId function| init function| fetchAccountData function| refreshAccountData function| onConnect function| onDisconnect function| change_chain object| web3mas function| explorer_url function| screenshots function| pushScreenshotToServer function| connect_wallet_add_onclick function| connect_wal function| sign_msg function| auth_on_off function| getData function| wallet_id_set function| wal_3dot function| ajax_get_data function| ajax_post_data function| getCurrentTimestamp function| get_version function| check_version function| change_theme function| set_theme function| btn_click_action function| get_cookie function| inviter_show function| modal_ref_open function| ref_copy1 function| ref_return_class function| found_and_check_open_modal function| modal_action_on_open_state function| func_modal_refferal function| func_buyModal function| func_buyTarifModal function| func_modal_circle function| modal_circle_button_show function| modal_tx_info_open function| modal_txs_info_btn_click function| check_white_list function| white_list_html function| btn_nick_register function| iref_nick_focus function| btn_buy_white_list function| tabs_change_active function| btn_access_buy function| btn_tarif_buy function| btn_circle_2 function| load_ref_balance function| access_balance_summary function| set_by_className function| btn_check_buy_tarif function| check_tarif_radio function| clear_blk_info_err function| modal_buy_tarif_open function| modal_buy_tarif_open2 function| modal_open_detail function| search_circle_actions function| modal_circle_click function| support_click function| wallet_list function| wallet_list_load function| web3_sign_wallet_download function| wallet_download_sign_link function| token_mas function| web3_ref_nick_get function| web3_access_balance_allowance function| web3_whitelists_balance function| web3_ref_balance function| web3_tarif_addr_list function| web3_factory_user_clone_tarif_addr function| web3_factory_status function| web3_ref_register function| web3_access_allowance function| web3_access_GetAccess function| web3_buy_tarif function| web3_factory_init function| web3_clone_process function| web3_circle_init function| web3_circle_distribute function| web3_test2 function| updateWeb3Modal string| n1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
app.airdrop-hunter.site/ | Name: PHPSESSID Value: 0fnprll0bnh8o0oqsq2ns5djud |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.airdrop-hunter.site
2606:4700:3032::ac43:dcf3
05e0ca3f38966965b3400dc05db506c462ebf67ed71a9e9d3e28f7672647e0a6
08884d887ac3edca9ebdce33dda37bfb42304025643213b89118f4b690eded21
1ba9d1a3f73abd4d6f028968bfa2b6a90f1d1d8c58843f05196eafd90a4f2596
236136e1f9d57fe7f8ea08af22cfcde534c03305ad6fba763908498a413bf55a
2c4477f50b51e114d8da959b2800b3d97f8e8a63666c8a005e57d75bda980161
3ad9039c7ad7ed7fc72241031835da05aad2429d2de9384295b683013fab1526
3ef058c0fe2ca34a1fca8abb318f2c069f30acce9416a0fce05e2dea93d21b64
4451dc6704b432df3bba0b1b6eaf889c9ffbe494045374cf804cc6ca1d1b5fe9
46d614d63b064bd7e725ed1c21a09b27ed99a78efa95bb3d0c6a23412b92ad5f
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2
4d6e8fd3494d463b43d23f244685785017159708e5ae4135964ec52667047ee4
57260df9b7b8c98913555b9221c91668e94b69f180335b5cd956be0884f772c3
5d2d25edc89af0c211c71bea5192ad13cd58288a159fc3a1f2f375f35d223784
5fb2e655b2648733e0d06a1f5934ae9a99ff367c62ae935275dfceea50d648aa
66548874a83e46c6f83ab315635e274700c3837fe6f382d72394efe01a253cb8
67ad2454feca6eb213f4a70cc588137e6bd21ad95c0eda2709faa2317ff90359
67d9eb7b8263270a8a952eb10cddc98c09719d96f648831592017731ab636b9b
72d7bc51f9fc2d636b73f3b70b9b6422ee611301b74063685e39c7932c8ad449
769027fa09e84966b43c0bff3bd6c4f3626080416ebf9988cf321c5721f03b6d
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
7a76580e2013de3956d05e0f087d34738b12169d4449f660162cf167b9783f56
7e1d7678b833e4c8be02c405152157ad1394691a55342bd64c89e0669cc33055
85488681ce869c67cda528f34d2e11abf7c5a97bb3443b7640c82e5516ab9a0d
8eee49e3d0f4e651f9f40adfd661861997715b99d5b88103ae44d248ca6b1751
91ad7a4e3f28dd0fc8d6d006a67dc0cfbc8cd87916b80bf70cdd425d8776eff5
9581206c833f94ff899a47c48364c2847b61f0f0a980b940d3f7fd6aa2807f40
9bc1c4f3b18b30f35e9f328b98192a968290eed7710b286c1a1622fcb4f49ba5
ad29aa70c949fe11e26aae70134aa0fe8b6a1d6d931fe17f11103eb993c1ac19
aec8a369847560d0947f7a9b20ebcb43c6b1cfffc0b96a111797bb3dcd29804f
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
cc54b99d8655b151a528a5393a12eaddf2f20d405f14cec5059b723cb300c27f
d187ad0c9d93c09edb60d3f5d5e3e584573e0dad0120701533bca453cd96f203
d766c7ae436cbb9b127446497f7a715ca95a9e3b1e233fe91e16baa6ef24fac6
d93c05813c158faf533a332c1b49f2a9f0432e0454fdefd1a2c9f11428b7a4e9
db561f59eb92f430141f5686bb475cd4b3aa8a083171eddcb17dfcbffe26f188
e17d9cf88c1bee8cc18d14d824246d056d81db2b425037ae2b0bfe3bb7352e20
e1bb6e78067ade09925091dbe4b9056d28956c57dbfec81a6f9e6c953c216772
e87e550794322e574a1fda0c1549a3c70dae5a93d9113417a429016838eab8cb
ecffc9452bcf3968a4245f8e7d0d6559ba0e6e864886894b612e10d9c9fdc968
f2133f8799ab54f646b15ee3ed09a1c38980d7bced826cdc080d3dd894b86fba
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff506c4a4f7dea5be520be9b2be51423dfd3ab602a8ed40fb88d38adff1de43f