giveawayether.net Open in urlscan Pro
67.225.140.198 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://giveawayether.net/left/index.html
Submission: On December 02 via manual (December 2nd 2018, 3:29:39 pm UTC) from GB

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 67.225.140.198, located in Lansing, United States and belongs to LIQUIDWEB - Liquid Web, L.L.C, US. The main domain is giveawayether.net.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 27th 2018. Valid for: 3 months.

This is the only time giveawayether.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address		AS Autonomous System
10	67.225.140.198 67.225.140.198		32244 (LIQUIDWEB) (LIQUIDWEB - Liquid Web)
13	2

10 67.225.140.198 (Lansing, United States)

ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US)
PTR: twenty.qservers.net

giveawayether.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	giveawayether.net giveawayether.net	250 KB
0	kissr.com Failed eth.kissr.com Failed
13	2

	Domain	Requested by
10	giveawayether.net	giveawayether.net
0	eth.kissr.com Failed	giveawayether.net
13	2

This site contains no links.

Subject Issuer	Validity	Valid
giveawayether.net Let's Encrypt Authority X3	`2018-11-27` - `2019-02-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://giveawayether.net/left/index.html
Frame ID: A50DF2D43B3427465124C94367BC8001
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

script /clipboard(?:\.min)?\.js/i
env /^Clipboard$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

13
Requests

77 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

250 kB
Transfer

643 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.html Show response giveawayether.net/left/	52 KB 8 KB	349ms 115ms	Document text/html	67.225.140.198 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://giveawayether.net/left/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.225.140.198 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS twenty.qservers.net Software Apache / Resource Hash `742e275a2746b800cca7c82aa2a44376897d5d7740056114ddf3ace7084a2cbd` Request headers :method GET :authority giveawayether.net :scheme https :path /left/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 200 date Sun, 02 Dec 2018 15:29:23 GMT server Apache last-modified Tue, 27 Nov 2018 10:14:30 GMT accept-ranges bytes cache-control max-age=600 expires Sun, 02 Dec 2018 15:39:23 GMT vary Accept-Encoding,User-Agent content-encoding gzip content-length 8253 content-type text/html
GET H2	200	clipboard.min.js Show response giveawayether.net/left/	15 KB 4 KB	117ms 116ms	Script application/javascript	67.225.140.198 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://giveawayether.net/left/clipboard.min.js Requested by Host: giveawayether.net URL: https://giveawayether.net/left/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.225.140.198 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS twenty.qservers.net Software Apache / Resource Hash `2646b8773d07f026a240015ede6e877cc8b6d80792bcf25010ad1d046d590fe7` Request headers :path /left/clipboard.min.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept / cache-control no-cache :authority giveawayether.net referer https://giveawayether.net/left/index.html :scheme https :method GET Referer https://giveawayether.net/left/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 02 Dec 2018 15:29:24 GMT content-encoding gzip last-modified Tue, 27 Nov 2018 10:14:30 GMT server Apache vary Accept-Encoding,User-Agent content-type application/javascript status 200 cache-control max-age=2592000 accept-ranges bytes content-length 3701 expires Tue, 01 Jan 2019 15:29:24 GMT
GET H2	200	jquery.min.js Show response giveawayether.net/left/	122 KB 33 KB	344ms 343ms	Script application/javascript	67.225.140.198 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://giveawayether.net/left/jquery.min.js Requested by Host: giveawayether.net URL: https://giveawayether.net/left/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.225.140.198 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS twenty.qservers.net Software Apache / Resource Hash `a36869278d202c34530f39034943cf5d5ff404332507636e76f6d6307c75fa22` Request headers :path /left/jquery.min.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept / cache-control no-cache :authority giveawayether.net referer https://giveawayether.net/left/index.html :scheme https :method GET Referer https://giveawayether.net/left/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 02 Dec 2018 15:29:24 GMT content-encoding gzip last-modified Tue, 27 Nov 2018 10:14:30 GMT server Apache vary Accept-Encoding,User-Agent content-type application/javascript status 200 cache-control max-age=2592000 accept-ranges bytes content-length 33787 expires Tue, 01 Jan 2019 15:29:24 GMT
GET H2	200	bootstrap.min.js Show response giveawayether.net/left/	35 KB 8 KB	344ms 343ms	Script application/javascript	67.225.140.198 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://giveawayether.net/left/bootstrap.min.js Requested by Host: giveawayether.net URL: https://giveawayether.net/left/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.225.140.198 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS twenty.qservers.net Software Apache / Resource Hash `8b069e0b66db3a29a63b6ca6879f00a053c895b64c91e8f091f2478c10d0a1ad` Request headers :path /left/bootstrap.min.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept / cache-control no-cache :authority giveawayether.net referer https://giveawayether.net/left/index.html :scheme https :method GET Referer https://giveawayether.net/left/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 02 Dec 2018 15:29:24 GMT content-encoding gzip last-modified Tue, 27 Nov 2018 10:14:30 GMT server Apache vary Accept-Encoding,User-Agent content-type application/javascript status 200 cache-control max-age=2592000 accept-ranges bytes content-length 7897 expires Tue, 01 Jan 2019 15:29:24 GMT
GET H2	200	overrides.css giveawayether.net/left/	6 KB 2 KB	116ms 116ms	Stylesheet text/css	67.225.140.198 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://giveawayether.net/left/overrides.css Requested by Host: giveawayether.net URL: https://giveawayether.net/left/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.225.140.198 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS twenty.qservers.net Software Apache / Resource Hash `cbdb987dea7ebf2d99f7cd75536125f7f54350ff3c8eea09d106b9003eb775a0` Request headers :path /left/overrides.css pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority giveawayether.net referer https://giveawayether.net/left/index.html :scheme https :method GET Referer https://giveawayether.net/left/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 02 Dec 2018 15:29:24 GMT content-encoding gzip last-modified Tue, 27 Nov 2018 10:14:30 GMT server Apache vary Accept-Encoding,User-Agent content-type text/css status 200 cache-control max-age=2592000 accept-ranges bytes content-length 1613 expires Tue, 01 Jan 2019 15:29:24 GMT
GET H2	200	blockchain.css giveawayether.net/left/	257 KB 39 KB	344ms 343ms	Stylesheet text/css	67.225.140.198 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://giveawayether.net/left/blockchain.css Requested by Host: giveawayether.net URL: https://giveawayether.net/left/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.225.140.198 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS twenty.qservers.net Software Apache / Resource Hash `3b973694ee90b6c006926fbddd706583bd2976eacac0a98e0bbef383d93db668` Request headers :path /left/blockchain.css pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority giveawayether.net referer https://giveawayether.net/left/index.html :scheme https :method GET Referer https://giveawayether.net/left/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 02 Dec 2018 15:29:24 GMT content-encoding gzip last-modified Tue, 27 Nov 2018 10:14:30 GMT server Apache vary Accept-Encoding,User-Agent content-type text/css status 200 cache-control max-age=2592000 accept-ranges bytes content-length 39331 expires Tue, 01 Jan 2019 15:29:24 GMT
GET H2	200	payment-request.css giveawayether.net/left/	787 B 447 B	116ms 115ms	Stylesheet text/css	67.225.140.198 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://giveawayether.net/left/payment-request.css Requested by Host: giveawayether.net URL: https://giveawayether.net/left/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.225.140.198 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS twenty.qservers.net Software Apache / Resource Hash `6867bc8aeb05559992da009c5f15dd84748088e747801280b7c0658fbb1f27a0` Request headers :path /left/payment-request.css pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority giveawayether.net referer https://giveawayether.net/left/index.html :scheme https :method GET Referer https://giveawayether.net/left/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 02 Dec 2018 15:29:24 GMT content-encoding gzip last-modified Tue, 27 Nov 2018 10:14:30 GMT server Apache vary Accept-Encoding,User-Agent content-type text/css status 200 cache-control max-age=2592000 accept-ranges bytes content-length 348 expires Tue, 01 Jan 2019 15:29:24 GMT
GET H2	200	app-overrides.css giveawayether.net/left/	2 KB 669 B	117ms 116ms	Stylesheet text/css	67.225.140.198 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://giveawayether.net/left/app-overrides.css Requested by Host: giveawayether.net URL: https://giveawayether.net/left/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.225.140.198 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS twenty.qservers.net Software Apache / Resource Hash `57d7f4a49cce3b061d82bdc6a520a2882297e8d4b9959374f05545980289ce0e` Request headers :path /left/app-overrides.css pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority giveawayether.net referer https://giveawayether.net/left/index.html :scheme https :method GET Referer https://giveawayether.net/left/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 02 Dec 2018 15:29:24 GMT content-encoding gzip last-modified Tue, 27 Nov 2018 10:14:30 GMT server Apache vary Accept-Encoding,User-Agent content-type text/css status 200 cache-control max-age=2592000 accept-ranges bytes content-length 635 expires Tue, 01 Jan 2019 15:29:24 GMT
GET H2	200	qqr.jpg giveawayether.net/left/	29 KB 29 KB	344ms 343ms	Image image/jpeg	67.225.140.198 Liquid Web
General Check archive.org Show headers Download Go to Show image Full URL https://giveawayether.net/left/qqr.jpg Requested by Host: giveawayether.net URL: https://giveawayether.net/left/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.225.140.198 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS twenty.qservers.net Software Apache / Resource Hash `ad83e768010678a1ca7b1708ec2ae0c54d836a8f15d276f12a0c49bfde3cd6f6` Request headers :path /left/qqr.jpg pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority giveawayether.net referer https://giveawayether.net/left/index.html :scheme https :method GET Referer https://giveawayether.net/left/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 02 Dec 2018 15:29:24 GMT last-modified Tue, 27 Nov 2018 10:14:30 GMT server Apache content-type image/jpeg status 200 cache-control max-age=2592000 accept-ranges bytes content-length 29404 expires Tue, 01 Jan 2019 15:29:24 GMT
GET H2	200	T1X5ZPT.gif giveawayether.net/left/	126 KB 127 KB	117ms 117ms	Image image/gif	67.225.140.198 Liquid Web
General Check archive.org Show headers Download Go to Show image Full URL https://giveawayether.net/left/T1X5ZPT.gif Requested by Host: giveawayether.net URL: https://giveawayether.net/left/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.225.140.198 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS twenty.qservers.net Software Apache / Resource Hash `51db6c4f053f0649837ec06f4890fb346b0c62df43990e2c0f6ddd784468ce8d` Request headers :path /left/T1X5ZPT.gif pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority giveawayether.net referer https://giveawayether.net/left/index.html :scheme https :method GET Referer https://giveawayether.net/left/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 02 Dec 2018 15:29:24 GMT last-modified Tue, 27 Nov 2018 10:14:30 GMT server Apache content-type image/gif status 200 cache-control max-age=2592000 accept-ranges bytes content-length 128768 expires Tue, 01 Jan 2019 15:29:24 GMT
GET		glyphicons-halflings-regular.woff2 eth.kissr.com/fonts/bootstrap/	0 0

GET		glyphicons-halflings-regular.woff eth.kissr.com/fonts/bootstrap/	0 0

GET		glyphicons-halflings-regular.ttf eth.kissr.com/fonts/bootstrap/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: eth.kissr.com
URL: http://eth.kissr.com/fonts/bootstrap/glyphicons-halflings-regular.woff2

Domain: eth.kissr.com
URL: http://eth.kissr.com/fonts/bootstrap/glyphicons-halflings-regular.woff

Domain: eth.kissr.com
URL: http://eth.kissr.com/fonts/bootstrap/glyphicons-halflings-regular.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eth.kissr.com
giveawayether.net
eth.kissr.com
67.225.140.198
2646b8773d07f026a240015ede6e877cc8b6d80792bcf25010ad1d046d590fe7
3b973694ee90b6c006926fbddd706583bd2976eacac0a98e0bbef383d93db668
51db6c4f053f0649837ec06f4890fb346b0c62df43990e2c0f6ddd784468ce8d
57d7f4a49cce3b061d82bdc6a520a2882297e8d4b9959374f05545980289ce0e
6867bc8aeb05559992da009c5f15dd84748088e747801280b7c0658fbb1f27a0
742e275a2746b800cca7c82aa2a44376897d5d7740056114ddf3ace7084a2cbd
8b069e0b66db3a29a63b6ca6879f00a053c895b64c91e8f091f2478c10d0a1ad
a36869278d202c34530f39034943cf5d5ff404332507636e76f6d6307c75fa22
ad83e768010678a1ca7b1708ec2ae0c54d836a8f15d276f12a0c49bfde3cd6f6
cbdb987dea7ebf2d99f7cd75536125f7f54350ff3c8eea09d106b9003eb775a0

giveawayether.net Open in urlscan Pro 67.225.140.198 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

13 Requests

77 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

250 kBTransfer

643 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

0 Cookies

Indicators

giveawayether.net Open in urlscan Pro
67.225.140.198 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

77 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

250 kB
Transfer

643 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!