eth-giveaway.info Open in urlscan Pro
31.31.196.92  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response eth-giveaway.info/	23 KB 5 KB	279ms 75ms	Document text/html	31.31.196.92 AS-REG
General Check archive.org Show headers Download Go to Full URL https://eth-giveaway.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.31.196.92 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS vip37.hosting.reg.ru Software nginx / Resource Hash 4b48256d68db443e925a5b0b142b7f324f72f05b333a14fd0794319eb062d757 Request headers Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Connection keep-alive Accept-Encoding gzip, deflate Host eth-giveaway.info Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sun, 11 Mar 2018 10:46:00 GMT Content-Encoding gzip Transfer-Encoding chunked Server nginx Connection keep-alive Vary Accept-Encoding Content-Type text/html
GET H/1.1	404 Not Found	dummy.js eth-giveaway.info/js/lib/	0 0	76ms 76ms	Script text/html	31.31.196.92 AS-REG
General Check archive.org Show headers Download Go to Full URL https://eth-giveaway.info/js/lib/dummy.js Requested by Host: eth-giveaway.info URL: https://eth-giveaway.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.31.196.92 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS vip37.hosting.reg.ru Software nginx / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host eth-giveaway.info User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept */* Referer https://eth-giveaway.info/ Connection keep-alive Cache-Control no-cache Referer https://eth-giveaway.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sun, 11 Mar 2018 10:46:00 GMT Content-Encoding gzip Transfer-Encoding chunked Server nginx Connection keep-alive Vary Accept-Encoding Content-Type text/html; charset=utf-8
GET H/1.1	404 Not Found	result-light.css eth-giveaway.info/css/	0 0	152ms 76ms	Stylesheet text/html	31.31.196.92 AS-REG
General Check archive.org Show headers Download Go to Full URL https://eth-giveaway.info/css/result-light.css Requested by Host: eth-giveaway.info URL: https://eth-giveaway.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.31.196.92 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS vip37.hosting.reg.ru Software nginx / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host eth-giveaway.info User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/css,*/*;q=0.1 Referer https://eth-giveaway.info/ Connection keep-alive Cache-Control no-cache Referer https://eth-giveaway.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sun, 11 Mar 2018 10:46:00 GMT Content-Encoding gzip Transfer-Encoding chunked Server nginx Connection keep-alive Vary Accept-Encoding Content-Type text/html; charset=utf-8
GET S	200	blockchain.css blockchain.info/Resources/css/	253 KB 40 KB	66ms 46ms	Stylesheet text/css	104.16.54.3 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://blockchain.info/Resources/css/blockchain.css?18005c9c8eb43636 Requested by Host: eth-giveaway.info URL: https://eth-giveaway.info/ Protocol SPDY Server 104.16.54.3 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 23b9ea508375b36da61e7dc615485544d5a1562d104038bd935ea904abb7dbed Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://eth-giveaway.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Sun, 11 Mar 2018 10:46:00 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT x-blockchain-cp-f z9p6 0.111 status 200 x-cache-status MISS alt-svc clear x-xss-protection 1; mode=block last-modified Tue, 13 Feb 2018 17:14:40 GMT server cloudflare x-blockchain-server BlockchainFE/1.0 etag W/"259266-1518542080000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css via 1.1 google vary Accept-Encoding cache-control public, max-age=31536000 cf-ray 3f9d6f4d28786499-FRA expires Mon, 11 Mar 2019 10:46:00 GMT
GET S	200	payment-request.css blockchain.info/Resources/	734 B 988 B	31ms 11ms	Stylesheet text/css	104.16.54.3 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://blockchain.info/Resources/payment-request.css?18005c9c8eb43636 Requested by Host: eth-giveaway.info URL: https://eth-giveaway.info/ Protocol SPDY Server 104.16.54.3 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 460383e2067d0c8ac748d0d33a2edc0dbdae3a69de9044cfe89373045c8a598f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://eth-giveaway.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Sun, 11 Mar 2018 10:46:00 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT x-blockchain-cp-f z69x 0.004 status 200 x-cache-status MISS alt-svc clear x-xss-protection 1; mode=block last-modified Tue, 13 Feb 2018 17:14:40 GMT server cloudflare x-blockchain-server BlockchainFE/1.0 etag W/"734-1518542080000" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css via 1.1 google vary Accept-Encoding cache-control public, max-age=31536000 cf-ray 3f9d6f4d28796499-FRA expires Mon, 11 Mar 2019 10:46:00 GMT
GET H/1.1	200 OK	qr.png eth-giveaway.info/	6 KB 6 KB	103ms 59ms	Image image/png	31.31.196.92 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://eth-giveaway.info/qr.png Requested by Host: eth-giveaway.info URL: https://eth-giveaway.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.31.196.92 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS vip37.hosting.reg.ru Software nginx / Resource Hash 7ddea8fc192c6f6771aa78f3986ee3b111dddee900d236675a4ec0c26e15bca9 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host eth-giveaway.info User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer https://eth-giveaway.info/ Connection keep-alive Cache-Control no-cache Referer https://eth-giveaway.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Sun, 11 Mar 2018 10:46:00 GMT Last-Modified Wed, 07 Mar 2018 22:40:47 GMT Server nginx ETag "5aa06a6f-1650" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 5712
GET S	200	T1X5ZPT.gif i.imgur.com/	126 KB 126 KB	26ms 9ms	Image image/gif	151.101.112.193 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/T1X5ZPT.gif Requested by Host: eth-giveaway.info URL: https://eth-giveaway.info/ Protocol SPDY Server 151.101.112.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software cat factory 1.0 / Resource Hash 51db6c4f053f0649837ec06f4890fb346b0c62df43990e2c0f6ddd784468ce8d Request headers Referer https://eth-giveaway.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Sun, 11 Mar 2018 10:46:00 GMT age 1682294 x-cache HIT, HIT status 200 content-length 128768 x-served-by cache-iad2141-IAD, cache-hhn1529-HHN last-modified Mon, 19 Feb 2018 23:27:31 GMT server cat factory 1.0 x-timer S1520765161.656296,VS0,VE1 etag "fba7462ec7c9fd5d740d834bf646e2c2" access-control-allow-methods GET, OPTIONS content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 1
GET		Montserrat-Light.ttf blockchain.info/Resources/fonts/montserrat/	0 0
GET		Montserrat-Bold.ttf blockchain.info/Resources/fonts/montserrat/	0 0
GET		Montserrat-Medium.ttf blockchain.info/Resources/fonts/montserrat/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

blockchain.info

URL

https://blockchain.info/Resources/fonts/montserrat/Montserrat-Light.ttf

Domain

blockchain.info

URL

https://blockchain.info/Resources/fonts/montserrat/Montserrat-Bold.ttf

Domain

blockchain.info

URL

https://blockchain.info/Resources/fonts/montserrat/Montserrat-Medium.ttf

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| ADDRESS function| random function| uuidv4 function| bet function| removeArr function| addLink function| sub function| newtr function| insertAfter function| updateTrans object| times object| tr string| INT string| OUT string| TXID string| TXID2 number| INCIN number| INOUT number| trans

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blockchain.info
eth-giveaway.info
i.imgur.com
blockchain.info
104.16.54.3
151.101.112.193
31.31.196.92
23b9ea508375b36da61e7dc615485544d5a1562d104038bd935ea904abb7dbed
460383e2067d0c8ac748d0d33a2edc0dbdae3a69de9044cfe89373045c8a598f
4b48256d68db443e925a5b0b142b7f324f72f05b333a14fd0794319eb062d757
51db6c4f053f0649837ec06f4890fb346b0c62df43990e2c0f6ddd784468ce8d
7ddea8fc192c6f6771aa78f3986ee3b111dddee900d236675a4ec0c26e15bca9