bnbgiveaway.com
Open in
urlscan Pro
2606:4700:3037::6818:6d54
Malicious Activity!
Public Scan
Submission: On April 07 via manual from GB
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 1st 2020. Valid for: 6 months.
This is the only time bnbgiveaway.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 2606:4700:303... 2606:4700:3037::6818:6d54 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:81f::2001 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:818::200a | 15169 (GOOGLE) (GOOGLE) | |
17 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
bnbgiveaway.com
bnbgiveaway.com |
230 KB |
1 |
googleapis.com
chart.googleapis.com |
1 KB |
1 |
blogspot.com
3.bp.blogspot.com |
60 KB |
0 |
kissr.com
Failed
eth.kissr.com Failed |
|
17 | 4 |
Domain | Requested by | |
---|---|---|
12 | bnbgiveaway.com |
bnbgiveaway.com
|
1 | chart.googleapis.com |
bnbgiveaway.com
|
1 | 3.bp.blogspot.com |
bnbgiveaway.com
|
0 | eth.kissr.com Failed |
bnbgiveaway.com
|
17 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
binance.com |
binanceeth.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-04-01 - 2020-10-09 |
6 months | crt.sh |
*.googleusercontent.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://bnbgiveaway.com/payment.php?l=en
Frame ID: D079E3C76B16C5857B0BD0541E81A650
Requests: 17 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Bootstrap (Web Frameworks) Expand
Detected patterns
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Clipboard.js (Miscellaneous) Expand
Detected patterns
- script /clipboard(?:-([\d.]+))?(?:\.min)?\.js/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: 0xe8c88fc7927dba4a...
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
payment.php
bnbgiveaway.com/ |
58 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clipboard.min.js.download
bnbgiveaway.com/right_files/ |
15 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js.download
bnbgiveaway.com/right_files/ |
122 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js.download
bnbgiveaway.com/right_files/ |
35 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
overrides.css
bnbgiveaway.com/right_files/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blockchain.css
bnbgiveaway.com/right_files/ |
257 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
payment-request.css
bnbgiveaway.com/right_files/ |
787 B 338 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-overrides.css
bnbgiveaway.com/right_files/ |
2 KB 636 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20.jpg
bnbgiveaway.com/right_files/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
31fe9204973c.png
bnbgiveaway.com/right_files/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chart
bnbgiveaway.com/right_files/ |
937 B 994 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
T1X5ZPT.gif
bnbgiveaway.com/right_files/ |
126 KB 126 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
glyphicons-halflings-regular.woff2
eth.kissr.com/fonts/bootstrap/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
glyphicons-halflings-regular.woff
eth.kissr.com/fonts/bootstrap/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
glyphicons-halflings-regular.ttf
eth.kissr.com/fonts/bootstrap/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
connected-lights-abstract-hd-wallpaper-1920x1080-5492-rapiton.jpg
3.bp.blogspot.com/-JCpace2lnbo/XGMVeKRelqI/AAAAAAAAGek/DZ8e_xV4Sw8w0lgUgpbOl7LXTndu1YcUwCHMYCw/s1600/ |
59 KB 60 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chart
chart.googleapis.com/ |
936 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- eth.kissr.com
- URL
- http://eth.kissr.com/fonts/bootstrap/glyphicons-halflings-regular.woff2
- Domain
- eth.kissr.com
- URL
- http://eth.kissr.com/fonts/bootstrap/glyphicons-halflings-regular.woff
- Domain
- eth.kissr.com
- URL
- http://eth.kissr.com/fonts/bootstrap/glyphicons-halflings-regular.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| ad1 string| hostnamesx string| ADDRESS function| setTooltip object| intervalId function| hideTooltip object| clipboard function| wait function| random function| uuidv4 function| bet function| removeArr function| addLink function| sub function| newtr function| insertAfter function| updateTrans object| times function| setProgress number| ctd object| tr string| INT string| OUT string| TXID string| TXID2 string| INCIN string| INOUT number| trans1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bnbgiveaway.com/ | Name: __cfduid Value: d0f12f7e7a941b3fb72634cfad084962c1586258677 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
3.bp.blogspot.com
bnbgiveaway.com
chart.googleapis.com
eth.kissr.com
eth.kissr.com
2606:4700:3037::6818:6d54
2a00:1450:4001:818::200a
2a00:1450:4001:81f::2001
2646b8773d07f026a240015ede6e877cc8b6d80792bcf25010ad1d046d590fe7
325a73dfc63f08c3deed0f2d8d7a3bdb32965653dd66b7fa44fb1e91ec933755
51db6c4f053f0649837ec06f4890fb346b0c62df43990e2c0f6ddd784468ce8d
6867bc8aeb05559992da009c5f15dd84748088e747801280b7c0658fbb1f27a0
8b069e0b66db3a29a63b6ca6879f00a053c895b64c91e8f091f2478c10d0a1ad
940bb43b6a389cd67a63dfd988af34b49e6e84df4394fad1529bd835ac51160b
a1ac4d5e9b96e2a61a7df76553b60d789290cce1eb6512f0cd1f414a91cdce46
a36869278d202c34530f39034943cf5d5ff404332507636e76f6d6307c75fa22
bde31ac364435886e7caacd5ab8ad4ace6035a1a7d3fb5d746b5b0aff2f790f6
d09b66ebedb0e623542f2271469861bfa747d3340a795540335abc6d7da42a16
d9e38bd37d63d7427a222112f5999fe1cc7c0d9a3a14ac9edccc951e1a887263
f07c8a65882a155f1bd70aaf5c2e8ccb532812f28220c27e175c172a0025645f
f09ed1631b11493b35a5c2a8f9a353db20be4eb2f6beb89baa6f9f2e9bdd64bd
ffd851d72ad061d563d43c76a6ae03862d8370b20703be324d2da141cfcce663