collector-steal.ga
Open in
urlscan Pro
2606:4700:3033::6815:33a8
Public Scan
Submission Tags: c2 malware data-collector Search All
Submission: On April 24 via api from US
Summary
This is the only time collector-steal.ga was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 2606:4700:303... 2606:4700:3033::6815:33a8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
2 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:827::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:82a::2003 | 15169 (GOOGLE) (GOOGLE) | |
20 | 5 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
collector-steal.ga
collector-steal.ga |
230 KB |
2 |
gstatic.com
fonts.gstatic.com |
50 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com |
10 KB |
1 |
googleapis.com
fonts.googleapis.com |
688 B |
1 |
jquery.com
code.jquery.com |
30 KB |
20 | 5 |
Domain | Requested by | |
---|---|---|
14 | collector-steal.ga |
collector-steal.ga
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | cdnjs.cloudflare.com |
collector-steal.ga
|
1 | fonts.googleapis.com |
collector-steal.ga
|
1 | code.jquery.com |
collector-steal.ga
|
20 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
jquery.org Sectigo RSA Domain Validation Secure Server CA |
2020-10-06 - 2021-10-16 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://collector-steal.ga/?page=login
Frame ID: 4F45539D7318B41DD13E62C83D682976
Requests: 20 HTTP requests in this frame
Screenshot
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
animate.css (Web Frameworks) Expand
Detected patterns
- html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
collector-steal.ga/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
collector-steal.ga/design/bootstrap/dist/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
animate.css
collector-steal.ga/design/css/ |
55 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
collector-steal.ga/design/css/ |
264 KB 48 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.css
collector-steal.ga/design/css/colors/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
toastr.css
collector-steal.ga/design/css/ |
7 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.min.js
code.jquery.com/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-confirm.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/ |
22 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-confirm.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.2/ |
27 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
toastr.min.js
collector-steal.ga/design/js/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.redirect.js
collector-steal.ga/design/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
collector-steal.ga/design/bootstrap/dist/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
commonLogin.css
collector-steal.ga/design/css/ |
816 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 688 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spinners.css
collector-steal.ga/design/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
materialdesignicons.min.css
collector-steal.ga/design/css/icons/material-design-iconic-font/css/ |
76 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blurred_background.jpg
collector-steal.ga/design/images/ |
17 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
materialdesignicons-webfont.woff2
collector-steal.ga/design/css/icons/material-design-iconic-font/fonts/ |
97 KB 98 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iJWKBXyIfDnIV7nFrXyi0A.woff2
fonts.gstatic.com/s/rubik/v12/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v12/ |
36 KB 36 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| jconfirm function| Jconfirm object| toastr2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
collector-steal.ga/ | Name: client_token Value: 2GdknYmZnyvBF3r64xkMbpWtiVjp6nELkjPSbUALvyl95SdL2Td3RvLKyTiG7eJqHrQiiOCKRkNgPPlzEjL6VKwA1wcxDzR6xK7CfBQoplzstj1e2zj1PqfybKBqmWtpD1DDVxYMn7tSqOHx1PdmiQ |
|
.collector-steal.ga/ | Name: __cfduid Value: d0067080d08cc745e07e93e4dd23772c21619306753 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
code.jquery.com
collector-steal.ga
fonts.googleapis.com
fonts.gstatic.com
2001:4de0:ac18::1:a:3b
2606:4700:3033::6815:33a8
2606:4700::6810:125e
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2003
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
27ea5174aab7fa5921d2e6269e1a18cc53535e6acc0ca55a5949f975b97b2155
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
3c86e67f79bbbcdc6cd7db0046edf38fa094ef4e4887fdea0e0316574cb05a9d
4a624c3c616d2fbd2543d257871c9611f33a2b828603c3bc9a8fd32b57db733e
4ce10e24ee02c9e4e08f79885f0c5f955a266cf41eee5fa11c0404101d19feae
599d64dcbdee3b843b8458bac76110795024a7230b71899e729b7b1fd08f518d
731ee193764491bf7f8415c1c9c487c07bde16e20acc561450bd410a25fb2e32
79df6d61a1739ae424818977dc4c5db6f4eb02e302feea62913ea02632f6eaad
9809a9d6fe844649e678fda81d91b9dd6d4bfb339d495b0cdb95af999e14f9f5
b681cb222d94d45c5e843fbc67d0e3f1a9182dc03936cd0ae90628c8a9b9d8a5
d14cf552496ba4036ec2a27b334679e2388e13f199c25a76101482eac970ea3f
da0015b1627061e579e1b298c74d1c41404ec3b8e01fc260907a36c5f55895f3
da377e6703eab4d3cd66df3e3949f6e9111773ca74a72788384289681c8fa6b9
db642a4ac548850071452cdf935509aa2fba5f37bfa584d3009c2053899e922a
e0356569bd0d9cd4e8d5e2aef53e6e1c73ace1222846cdf45d319c60c594766f
e37fa230f1477bfc84273188f074d67ec635544e7123a52da92997f8c7c7a98e
ed456dcfbe45616cf7b809b7554608a8413f1dc0658fb0d52286edb57b828d1d
ee74bbdb99c1cd83dfe17594bdeba68832d5c38144be889d3d041bdcbd8765f7
efecc760b3240297e3a71bc142fe173b15c275b33c47f2a74936536c21bbfc02