giveawayether.net
Open in
urlscan Pro
67.225.140.198
Malicious Activity!
Public Scan
Submission: On December 02 via manual from GB
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on November 27th 2018. Valid for: 3 months.
This is the only time giveawayether.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 67.225.140.198 67.225.140.198 | 32244 (LIQUIDWEB) (LIQUIDWEB - Liquid Web) | |
13 | 2 |
ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US)
PTR: twenty.qservers.net
giveawayether.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
giveawayether.net
giveawayether.net |
250 KB |
0 |
kissr.com
Failed
eth.kissr.com Failed |
|
13 | 2 |
Domain | Requested by | |
---|---|---|
10 | giveawayether.net |
giveawayether.net
|
0 | eth.kissr.com Failed |
giveawayether.net
|
13 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
giveawayether.net Let's Encrypt Authority X3 |
2018-11-27 - 2019-02-25 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://giveawayether.net/left/index.html
Frame ID: A50DF2D43B3427465124C94367BC8001
Requests: 13 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Clipboard.js (Miscellaneous) Expand
Detected patterns
- script /clipboard(?:\.min)?\.js/i
- env /^Clipboard$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js/i
- env /^jQuery$/i
Twitter Bootstrap () Expand
Detected patterns
- script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.html
giveawayether.net/left/ |
52 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clipboard.min.js
giveawayether.net/left/ |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
giveawayether.net/left/ |
122 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
giveawayether.net/left/ |
35 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
overrides.css
giveawayether.net/left/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blockchain.css
giveawayether.net/left/ |
257 KB 39 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
payment-request.css
giveawayether.net/left/ |
787 B 447 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-overrides.css
giveawayether.net/left/ |
2 KB 669 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qqr.jpg
giveawayether.net/left/ |
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
T1X5ZPT.gif
giveawayether.net/left/ |
126 KB 127 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
glyphicons-halflings-regular.woff2
eth.kissr.com/fonts/bootstrap/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
glyphicons-halflings-regular.woff
eth.kissr.com/fonts/bootstrap/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
glyphicons-halflings-regular.ttf
eth.kissr.com/fonts/bootstrap/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- eth.kissr.com
- URL
- http://eth.kissr.com/fonts/bootstrap/glyphicons-halflings-regular.woff2
- Domain
- eth.kissr.com
- URL
- http://eth.kissr.com/fonts/bootstrap/glyphicons-halflings-regular.woff
- Domain
- eth.kissr.com
- URL
- http://eth.kissr.com/fonts/bootstrap/glyphicons-halflings-regular.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| setTooltip object| intervalId function| hideTooltip object| clipboard function| wait0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
eth.kissr.com
giveawayether.net
eth.kissr.com
67.225.140.198
2646b8773d07f026a240015ede6e877cc8b6d80792bcf25010ad1d046d590fe7
3b973694ee90b6c006926fbddd706583bd2976eacac0a98e0bbef383d93db668
51db6c4f053f0649837ec06f4890fb346b0c62df43990e2c0f6ddd784468ce8d
57d7f4a49cce3b061d82bdc6a520a2882297e8d4b9959374f05545980289ce0e
6867bc8aeb05559992da009c5f15dd84748088e747801280b7c0658fbb1f27a0
742e275a2746b800cca7c82aa2a44376897d5d7740056114ddf3ace7084a2cbd
8b069e0b66db3a29a63b6ca6879f00a053c895b64c91e8f091f2478c10d0a1ad
a36869278d202c34530f39034943cf5d5ff404332507636e76f6d6307c75fa22
ad83e768010678a1ca7b1708ec2ae0c54d836a8f15d276f12a0c49bfde3cd6f6
cbdb987dea7ebf2d99f7cd75536125f7f54350ff3c8eea09d106b9003eb775a0