phantoms.lu Open in urlscan Pro
213.171.6.244 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://phantom-wallet.at/
Effective URL:
https://phantoms.lu/wallet/
Submission Tags: @phish_report
Submission: On October 23 via api (October 23rd 2024, 7:24:41 pm UTC) from FI — Scanned from AT

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 213.171.6.244, located in St Petersburg, Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is phantoms.lu.
TLS certificate: Issued by R10 on August 28th 2024. Valid for: 3 months.

This is the only time phantoms.lu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 14	213.171.6.244 213.171.6.244		9123 (TIMEWEB-AS) (TIMEWEB-AS)
12	1

14 213.171.6.244 (St Petersburg, Russian Federation) 2 redirects

ASN9123 (TIMEWEB-AS, RU)

phantom-wallet.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
phantoms.lu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	phantoms.lu 1 redirects phantoms.lu	2 MB
1	phantom-wallet.at 1 redirects phantom-wallet.at	204 B
12	2

	Domain	Requested by
13	phantoms.lu	1 redirects phantoms.lu
1	phantom-wallet.at	1 redirects
12	2

This site contains no links.

Subject Issuer	Validity	Valid
phantoms.lu R10	`2024-08-28` - `2024-11-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://phantoms.lu/wallet/
Frame ID: 4CBEE2B977E429BD36BD56764AF154E8
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Phantom Wallet

Page URL History Show full URLs

http://phantom-wallet.at/ HTTP 307
https://phantom-wallet.at/ HTTP 302
https://phantoms.lu/wallet HTTP 301
https://phantoms.lu/wallet/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

2419 kB
Transfer

2418 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://phantom-wallet.at/ HTTP 307
https://phantom-wallet.at/ HTTP 302
https://phantoms.lu/wallet HTTP 301
https://phantoms.lu/wallet/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response phantoms.lu/wallet/ Redirect Chain http://phantom-wallet.at/ https://phantom-wallet.at/ https://phantoms.lu/wallet https://phantoms.lu/wallet/	403 B 499 B	141ms 141ms	Document text/html	213.171.6.244 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://phantoms.lu/wallet/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 213.171.6.244 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx / Resource Hash `e52f4b3d22113755bc48754cbd5f7417dbe8d8c03a982918f388a49e66fac289` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Wed, 23 Oct 2024 19:24:10 GMT Server nginx Transfer-Encoding chunked Redirect headers Connection keep-alive Content-Length 178 Content-Type text/html Date Wed, 23 Oct 2024 19:24:10 GMT Location https://phantoms.lu/wallet/ Server nginx
GET H/1.1	200 OK	home.php Show response phantoms.lu/wallet/	3 KB 2 KB	142ms 141ms	Fetch text/html	213.171.6.244 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://phantoms.lu/wallet/home.php Requested by Host: phantoms.lu URL: https://phantoms.lu/wallet/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 213.171.6.244 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx / Resource Hash `7597c8bc99f31ba7b5e00970ec8cd5476da7f7e50843408a88dfd0285d2c738c` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://phantoms.lu/wallet/ Response headers Transfer-Encoding chunked Content-Encoding gzip Date Wed, 23 Oct 2024 19:24:10 GMT Content-Type text/html; charset=UTF-8 Server nginx Connection keep-alive
GET H/1.1	200 OK	favicon.ico phantoms.lu/icons/	168 KB 168 KB	345ms 204ms	Other image/x-icon	213.171.6.244 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://phantoms.lu/icons/favicon.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 213.171.6.244 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx / Resource Hash `93604f60db032e35441b8aa38a46081ba2c60d676c7f0ddcafc2c6739e0060e2` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://phantoms.lu/wallet/ Response headers ETag "67114be6-29eca" Connection keep-alive Accept-Ranges bytes Content-Length 171722 Date Wed, 23 Oct 2024 19:24:11 GMT Content-Type image/x-icon Last-Modified Thu, 17 Oct 2024 17:39:50 GMT Server nginx
GET H/1.1	200 OK	style.css phantoms.lu/wallet/	720 KB 721 KB	291ms 180ms	Stylesheet text/css	213.171.6.244 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://phantoms.lu/wallet/style.css Requested by Host: phantoms.lu URL: https://phantoms.lu/wallet/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 213.171.6.244 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx / Resource Hash `743c63a5acd1aa7d416d21b780989d5302b8a9688fa562c816ac0aa6b8492fa3` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://phantoms.lu/wallet/ Response headers ETag "670a6713-b4125" Connection keep-alive Accept-Ranges bytes Content-Length 737573 Date Wed, 23 Oct 2024 19:24:11 GMT Content-Type text/css Last-Modified Sat, 12 Oct 2024 12:09:55 GMT Server nginx
GET H/1.1	200 OK	popup.5cbd182e.css phantoms.lu/wallet/	277 KB 277 KB	432ms 181ms	Stylesheet text/css	213.171.6.244 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://phantoms.lu/wallet/popup.5cbd182e.css Requested by Host: phantoms.lu URL: https://phantoms.lu/wallet/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 213.171.6.244 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx / Resource Hash `d48f095841d6a8bc96aa232c4d62cf12a0f3558a4e6e21e9af85e947b3d96397` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://phantoms.lu/wallet/ Response headers ETag "670a6711-45209" Connection keep-alive Accept-Ranges bytes Content-Length 283145 Date Wed, 23 Oct 2024 19:24:11 GMT Content-Type text/css Last-Modified Sat, 12 Oct 2024 12:09:53 GMT Server nginx
GET H/1.1	200 OK	popup.c34c79ff.css phantoms.lu/wallet/	971 B 1 KB	388ms 129ms	Stylesheet text/css	213.171.6.244 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://phantoms.lu/wallet/popup.c34c79ff.css Requested by Host: phantoms.lu URL: https://phantoms.lu/wallet/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 213.171.6.244 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx / Resource Hash `fc4fc69adeaa80c65698af1ef46fe9992f232dc769928409f18afa8b6db9225a` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://phantoms.lu/wallet/ Response headers ETag "670a670d-3cb" Connection keep-alive Accept-Ranges bytes Content-Length 971 Date Wed, 23 Oct 2024 19:24:11 GMT Content-Type text/css Last-Modified Sat, 12 Oct 2024 12:09:49 GMT Server nginx
GET H/1.1	200 OK	jquery-3.6.1.min.js Show response phantoms.lu/js/	88 KB 88 KB	449ms 191ms	Script application/javascript	213.171.6.244 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://phantoms.lu/js/jquery-3.6.1.min.js Requested by Host: phantoms.lu URL: https://phantoms.lu/wallet/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 213.171.6.244 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx / Resource Hash `a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://phantoms.lu/wallet/ Response headers ETag "670a6872-15e40" Connection keep-alive Accept-Ranges bytes Content-Length 89664 Date Wed, 23 Oct 2024 19:24:11 GMT Content-Type application/javascript Last-Modified Sat, 12 Oct 2024 12:15:46 GMT Server nginx
GET H/1.1	200 OK	ethers-5.2.umd.min.js Show response phantoms.lu/js/	716 KB 716 KB	485ms 206ms	Script application/javascript	213.171.6.244 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://phantoms.lu/js/ethers-5.2.umd.min.js Requested by Host: phantoms.lu URL: https://phantoms.lu/wallet/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 213.171.6.244 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx / Resource Hash `c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://phantoms.lu/wallet/ Response headers ETag "670a6873-b2f8e" Connection keep-alive Accept-Ranges bytes Content-Length 733070 Date Wed, 23 Oct 2024 19:24:11 GMT Content-Type application/javascript Last-Modified Sat, 12 Oct 2024 12:15:47 GMT Server nginx
GET H/1.1	200 OK	script.js Show response phantoms.lu/wallet/	36 KB 36 KB	530ms 142ms	Script application/javascript	213.171.6.244 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://phantoms.lu/wallet/script.js Requested by Host: phantoms.lu URL: https://phantoms.lu/wallet/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 213.171.6.244 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx / Resource Hash `11b587ecdbed0cad878b797dfd34f9897231c1dbfbde499768a54fb05cb2f9af` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Referer https://phantoms.lu/wallet/ Response headers ETag "670a6711-9003" Connection keep-alive Accept-Ranges bytes Content-Length 36867 Date Wed, 23 Oct 2024 19:24:11 GMT Content-Type application/javascript Last-Modified Sat, 12 Oct 2024 12:09:53 GMT Server nginx
GET H/1.1	200 OK	Inter-Medium.42fabd1d.woff phantoms.lu/wallet/	139 KB 139 KB	128ms 128ms	Font application/font-woff	213.171.6.244 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://phantoms.lu/wallet/Inter-Medium.42fabd1d.woff Requested by Host: phantoms.lu URL: https://phantoms.lu/wallet/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 213.171.6.244 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx / Resource Hash `68d52e74e8171ddb2c94ca60a2596dc8a46407320449881fd09369dbc317624c` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://phantoms.lu Referer https://phantoms.lu/wallet/style.css Response headers ETag "670a670e-22c04" Connection keep-alive Accept-Ranges bytes Content-Length 142340 Date Wed, 23 Oct 2024 19:24:11 GMT Content-Type application/font-woff Last-Modified Sat, 12 Oct 2024 12:09:50 GMT Server nginx
GET H/1.1	200 OK	Inter-Regular.3b5c1ea8.woff phantoms.lu/wallet/	131 KB 131 KB	142ms 142ms	Font application/font-woff	213.171.6.244 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://phantoms.lu/wallet/Inter-Regular.3b5c1ea8.woff Requested by Host: phantoms.lu URL: https://phantoms.lu/wallet/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 213.171.6.244 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx / Resource Hash `3710e2ce073ec0eb39274decc63768b52091a27e35f5c28d6abb7a5fcef0b7fc` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://phantoms.lu Referer https://phantoms.lu/wallet/style.css Response headers ETag "670a6713-20ae0" Connection keep-alive Accept-Ranges bytes Content-Length 133856 Date Wed, 23 Oct 2024 19:24:12 GMT Content-Type application/font-woff Last-Modified Sat, 12 Oct 2024 12:09:55 GMT Server nginx
GET H/1.1	200 OK	Inter-SemiBold.02b70154.woff phantoms.lu/wallet/	139 KB 140 KB	127ms 127ms	Font application/font-woff	213.171.6.244 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://phantoms.lu/wallet/Inter-SemiBold.02b70154.woff Requested by Host: phantoms.lu URL: https://phantoms.lu/wallet/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 213.171.6.244 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx / Resource Hash `807d56b95fcc04cd1c26fca043ddf19e300c8ae156747458bd025a2b21cf54b4` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Origin https://phantoms.lu Referer https://phantoms.lu/wallet/style.css Response headers ETag "670a670f-22da8" Connection keep-alive Accept-Ranges bytes Content-Length 142760 Date Wed, 23 Oct 2024 19:24:12 GMT Content-Type application/font-woff Last-Modified Sat, 12 Oct 2024 12:09:51 GMT Server nginx

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

phantom-wallet.at
phantoms.lu
213.171.6.244
11b587ecdbed0cad878b797dfd34f9897231c1dbfbde499768a54fb05cb2f9af
3710e2ce073ec0eb39274decc63768b52091a27e35f5c28d6abb7a5fcef0b7fc
68d52e74e8171ddb2c94ca60a2596dc8a46407320449881fd09369dbc317624c
743c63a5acd1aa7d416d21b780989d5302b8a9688fa562c816ac0aa6b8492fa3
7597c8bc99f31ba7b5e00970ec8cd5476da7f7e50843408a88dfd0285d2c738c
807d56b95fcc04cd1c26fca043ddf19e300c8ae156747458bd025a2b21cf54b4
93604f60db032e35441b8aa38a46081ba2c60d676c7f0ddcafc2c6739e0060e2
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff
d48f095841d6a8bc96aa232c4d62cf12a0f3558a4e6e21e9af85e947b3d96397
e52f4b3d22113755bc48754cbd5f7417dbe8d8c03a982918f388a49e66fac289
fc4fc69adeaa80c65698af1ef46fe9992f232dc769928409f18afa8b6db9225a

phantoms.lu Open in urlscan Pro 213.171.6.244 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

2419 kBTransfer

2418 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

Indicators

phantoms.lu Open in urlscan Pro
213.171.6.244 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

2419 kB
Transfer

2418 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions