eth-giveaway.info
Open in
urlscan Pro
31.31.196.92
Malicious Activity!
Public Scan
Effective URL: https://eth-giveaway.info/
Submission: On March 11 via manual from CH
Summary
TLS certificate: Issued by GlobalSign Domain Validation CA - SHA... on March 7th 2018. Valid for: a year.
This is the only time eth-giveaway.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 31.31.196.92 31.31.196.92 | 197695 (AS-REG) (AS-REG) | |
2 | 104.16.54.3 104.16.54.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 151.101.112.193 151.101.112.193 | 54113 (FASTLY) (FASTLY - Fastly) | |
10 | 4 |
ASN197695 (AS-REG, RU)
PTR: vip37.hosting.reg.ru
eth-giveaway.info |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
blockchain.info |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
eth-giveaway.info
eth-giveaway.info |
11 KB |
2 |
blockchain.info
blockchain.info |
41 KB |
1 |
imgur.com
i.imgur.com |
126 KB |
10 | 3 |
Domain | Requested by | |
---|---|---|
4 | eth-giveaway.info |
eth-giveaway.info
|
2 | blockchain.info |
eth-giveaway.info
|
1 | i.imgur.com |
eth-giveaway.info
|
10 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.eth-giveaway.info GlobalSign Domain Validation CA - SHA256 - G2 |
2018-03-07 - 2019-03-08 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://eth-giveaway.info/
Frame ID: (48569A8611488001A88D6AF5428BF197)
Requests: 10 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
eth-giveaway.info/ |
23 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dummy.js
eth-giveaway.info/js/lib/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
result-light.css
eth-giveaway.info/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
blockchain.css
blockchain.info/Resources/css/ |
253 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
payment-request.css
blockchain.info/Resources/ |
734 B 988 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qr.png
eth-giveaway.info/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
T1X5ZPT.gif
i.imgur.com/ |
126 KB 126 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Montserrat-Light.ttf
blockchain.info/Resources/fonts/montserrat/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Montserrat-Bold.ttf
blockchain.info/Resources/fonts/montserrat/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Montserrat-Medium.ttf
blockchain.info/Resources/fonts/montserrat/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- blockchain.info
- URL
- https://blockchain.info/Resources/fonts/montserrat/Montserrat-Light.ttf
- Domain
- blockchain.info
- URL
- https://blockchain.info/Resources/fonts/montserrat/Montserrat-Bold.ttf
- Domain
- blockchain.info
- URL
- https://blockchain.info/Resources/fonts/montserrat/Montserrat-Medium.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| ADDRESS function| random function| uuidv4 function| bet function| removeArr function| addLink function| sub function| newtr function| insertAfter function| updateTrans object| times object| tr string| INT string| OUT string| TXID string| TXID2 number| INCIN number| INOUT number| trans0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
blockchain.info
eth-giveaway.info
i.imgur.com
blockchain.info
104.16.54.3
151.101.112.193
31.31.196.92
23b9ea508375b36da61e7dc615485544d5a1562d104038bd935ea904abb7dbed
460383e2067d0c8ac748d0d33a2edc0dbdae3a69de9044cfe89373045c8a598f
4b48256d68db443e925a5b0b142b7f324f72f05b333a14fd0794319eb062d757
51db6c4f053f0649837ec06f4890fb346b0c62df43990e2c0f6ddd784468ce8d
7ddea8fc192c6f6771aa78f3986ee3b111dddee900d236675a4ec0c26e15bca9