urlscan.io logo urlscan.io
SecurityTrails logo

etha.cc Open in urlscan Pro
2606:4700:3030::ac43:daa4  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://etha.cc/
Effective URL: https://etha.cc/
Submission: On December 30 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3030::ac43:daa4, located in United States and belongs to CLOUDFLARENET, US. The main domain is etha.cc.
TLS certificate: Issued by GTS CA 1P5 on November 30th 2022. Valid for: 3 months.
This is the only time etha.cc was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
10 2606:4700:303... 13335 (CLOUDFLAR...)
10 1
Apex Domain
Subdomains		 Transfer
11 etha.cc
etha.cc
853 KB
10 1
Domain Requested by
11 etha.cc 1 redirects etha.cc
10 1

This site contains no links.

Subject Issuer Validity Valid
*.etha.cc
GTS CA 1P5		 2022-11-30 -
2023-02-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://etha.cc/
Frame ID: 79B80FA09D175B3050A48AE71CB754B8
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ETH

Page URL History Show full URLs

  1. http://etha.cc/ HTTP 301
    https://etha.cc/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

10
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

853 kB
Transfer

1622 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://etha.cc/ HTTP 301
    https://etha.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
etha.cc/
Redirect Chain
  • http://etha.cc/
  • https://etha.cc/
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://etha.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:daa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ecaec125880bf80edd56c21965ef2722341ea33cd806f1c73f12cc5bfe42ab6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
781a8fc918c11287-MIA
content-encoding
br
content-type
text/html
date
Fri, 30 Dec 2022 11:51:06 GMT
last-modified
Fri, 05 Aug 2022 05:36:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOFOmA8pF0UjFsHhxQBHPO8Lkvi7LGYqxIEhsxmicHr36qBl%2BfaSmp%2Foi2%2BxBIJSCDWrS52KQc3XpKbaV1rxCATtBQIfiupkcQzgIkaPpwtxX0pbTzj2kE6nUqVI1aa5ttQbXeRs"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
781a8fc84b300335-MIA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 30 Dec 2022 11:51:06 GMT
Expires
Fri, 30 Dec 2022 12:51:06 GMT
Location
https://etha.cc/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PG%2BCkDQytM3Er1Z7W3kbv9229mS5TcMWqRQjUKQHan1qG0Vtws3Vds%2BX99sKVk0qznB7JCfYfJH0I%2Bxe4z6l4VhCe9PltYviUDW5PMskLAZjcWJWvWBTlveHdcG3HRWY%2BCrVSkR9"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
app.a7beb36c.css
etha.cc/static/css/ 		1 KB
879 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://etha.cc/static/css/app.a7beb36c.css
Requested by
Host: etha.cc
URL: https://etha.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:daa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30b0ff29841e60400f9c7e0e28fd3ea1ed60b2d7991f5cd296dd6793fb9c2328

Request headers

accept-language
en-US,en;q=0.9
Referer
https://etha.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:51:07 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 16 Oct 2021 15:11:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"616aeb94-411"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GNHESeS12uel%2Bw3iHLi8gWNvEoS7OI9aNdjzCWxIR2B5ORr7sU1oZd%2BAcdasC1q0ZKVa1o04jDxLKPDZ6H3VXSOmFUIRpqdZ7srQXEXU7gg7Y7Y0VyKoIoclT93HACWkAZ4Vq8c"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
781a8fcc3a951287-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 30 Dec 2022 23:51:07 GMT
app.c9e0c714.js
etha.cc/static/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://etha.cc/static/js/app.c9e0c714.js
Requested by
Host: etha.cc
URL: https://etha.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:daa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddfb86bc1c834999be29c04a22d355bdd1d71d7d92dd79375e951ce81db82553

Request headers

accept-language
en-US,en;q=0.9
Referer
https://etha.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:51:07 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 16 Oct 2021 15:11:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"616aeb94-1faa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2BDGQQEBWEpPW8zbpSiNdN5a98AuCiGGz0RY0Ljree8xmCruRaf7%2Bn1veaoSmdW%2BjHes4ANCwxhFHhXJU0vOS3Ks7Zz9nVjRrZRKSmCupbOcgngmHXg5U7NmeXdH8KNzJSipjjFF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
781a8fcc3a971287-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 30 Dec 2022 23:51:07 GMT
chunk-vendors.b759d142.js
etha.cc/static/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://etha.cc/static/js/chunk-vendors.b759d142.js
Requested by
Host: etha.cc
URL: https://etha.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:daa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad628b286ac73dde534464dd92dd99bc10e6d24965f0443a7f23c5886e78f49c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://etha.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:51:07 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 16 Oct 2021 15:11:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"616aeb94-241b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwO12FS5r8XpfjEXUbh0QgjpgASIQHPsZKuOLcK%2B5Ivp5WyvhdzOqZo0fKyBd5ltn1enF9TdLGy7OmzPoaxAmU7%2FoEPF%2BgcN8AaC%2BlLQ2Gb93j9ihasGVSpxPns%2Fmxpdk060R2Sn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
781a8fcc3a981287-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 30 Dec 2022 23:51:07 GMT
chunk-e9a6ac50.1472b242.css
etha.cc/static/css/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://etha.cc/static/css/chunk-e9a6ac50.1472b242.css
Requested by
Host: etha.cc
URL: https://etha.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:daa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://etha.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:51:07 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 16 Oct 2021 15:11:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"616aeb94-58e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNy8DPaYgGiaiMUrp23LOUn34Tqt4B1iiQlSnHa6VMXkW9Su1ywH%2FUljCV%2BebgkXb9faWclzeVxna5Uxz5tlyt7NydU7I0EVS0%2FsctHRoxUpGiZO78rwUCcTA%2B3foEY6JOsx7DCJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
781a8fcf391b8d9a-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 30 Dec 2022 23:51:07 GMT
chunk-e9a6ac50.907fc783.js
etha.cc/static/js/ 		0
353 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://etha.cc/static/js/chunk-e9a6ac50.907fc783.js
Requested by
Host: etha.cc
URL: https://etha.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:daa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://etha.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:51:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 16 Oct 2021 15:11:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"616aeb95-153dce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1P%2Bf%2Br3W49U3sjZ29Vhq0nGYaUU0kOQOOIX15wr7O0MsnzFhWm8e%2FMsv7bMK9c7AqU1HAQJh5Dy3iu4ko2YxoZY70mbxo8Kfa2vZ2M%2BJKaT%2BinjuMADWINSTyXaPL%2Fm9CeHtOVe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
781a8fcf391d8d9a-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 30 Dec 2022 23:51:07 GMT
chunk-e9a6ac50.1472b242.css
etha.cc/static/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://etha.cc/static/css/chunk-e9a6ac50.1472b242.css
Requested by
Host: etha.cc
URL: https://etha.cc/static/js/app.c9e0c714.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:daa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6321b68824f1782877366d82e6534cd528fb670f64f051d6c37270644f12cef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://etha.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:51:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 16 Oct 2021 15:11:16 GMT
server
cloudflare
etag
W/"616aeb94-58e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CDwN4dSENeMhFaek9aFMIPt19nVUmMqRWm3UrUdJLbqBHdRqYZKYtGpMVjUZI3seytSf2mVQTc3qEqynAHZRxAgr9E%2FLXlApGL2ZeB1nob0u%2BJNVsNi5z8GYT%2FU4LuMsfg6a9Dj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
781a8fd26b578d9a-MIA
expires
Fri, 30 Dec 2022 23:51:07 GMT
chunk-e9a6ac50.907fc783.js
etha.cc/static/js/ 		1 MB
353 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://etha.cc/static/js/chunk-e9a6ac50.907fc783.js
Requested by
Host: etha.cc
URL: https://etha.cc/static/js/app.c9e0c714.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:daa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67ace2228c83783c154569a9db793a94d9387d86c8e29021e4e4952d7e134c7a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://etha.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:51:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Oct 2021 15:11:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
etag
W/"616aeb95-153dce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RzwqcdJAM7XsWXjU5Qs%2BwBS%2BuX3SIuVhYSOk3AcupPIFO08p1hCGAxiuM7c2abf8vN0AJcOzaM%2FBV%2B4fNoUaRtvTQi7oTXOHMfjon1aWKwj%2F5tD7lCP1YRri2kBDYwh1VpIrBkD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
781a8fd26b598d9a-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 30 Dec 2022 23:51:07 GMT
img_no_link.99b7dfe9.png
etha.cc/static/img/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://etha.cc/static/img/img_no_link.99b7dfe9.png
Requested by
Host: etha.cc
URL: https://etha.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:daa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b1573fd00988108053ce261c28e18c73bcb1d371cc1c390c78c268671bf4a3a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://etha.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 11:51:10 GMT
cf-cache-status
MISS
last-modified
Sat, 16 Oct 2021 15:11:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"616aeb95-139e1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73MkTv8ArdRD5DjCfOXZ4cC6GI6ztg2OLx1MIbYt%2By765v8tRnJxwMNjZt6NwBnHWXAhsNj8s5Je7czm5n8A9WrfyT3%2F%2FJJbDbA%2BL4CXmPSFSe1zRn9COUOdm0YGWLQz%2Fd0X2L12"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
781a8fdb49ef8d9a-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80353
expires
Sun, 29 Jan 2023 11:51:09 GMT
getIndexData
etha.cc/api/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://etha.cc/api/getIndexData?language=english
Requested by
Host: etha.cc
URL: https://etha.cc/static/js/chunk-e9a6ac50.907fc783.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:daa4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e19458b53ea1824f6a406022a38d30c2e935157d4c6be5d90b2bd749e3be092
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://etha.cc/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Dec 2022 11:51:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMa6oX3zD0uV%2FvsDV8AVsfr%2BI6Ey3q9232bUstAOL17PaRltTR3ss05EZATn2QxTPCG03%2F3PKoJIhBsOBG0MbcDTL4xcVvTiq9wgL%2B%2FUXMolm3%2Bz5OBD%2FCw2pSjygA1EL2h8IIWt"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-ray
781a8fdb59fc8d9a-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
expires
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange string| BASE_URL string| TITLE string| KF_TOKEN function| setKefu function| getFontSize object| webpackJsonp

0 Cookies