otherworldwriter.com
Open in
urlscan Pro
209.133.203.146
Malicious Activity!
Public Scan
Submission: On July 01 via manual from NO — Scanned from NO
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 9th 2022. Valid for: 3 months.
This is the only time otherworldwriter.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
19 | 209.133.203.146 209.133.203.146 | 29802 (HVC-AS) (HVC-AS) | |
1 | 142.250.185.234 142.250.185.234 | 15169 (GOOGLE) (GOOGLE) | |
3 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 159.69.246.187 159.69.246.187 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 142.250.185.227 142.250.185.227 | 15169 (GOOGLE) (GOOGLE) | |
25 | 5 |
ASN29802 (HVC-AS, US)
PTR: srv22.easyhost.pk
otherworldwriter.com |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
fonts.googleapis.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.187.246.69.159.clients.your-server.de
api.qrserver.com |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
otherworldwriter.com
otherworldwriter.com |
241 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231 |
40 KB |
1 |
gstatic.com
fonts.gstatic.com |
31 KB |
1 |
qrserver.com
api.qrserver.com — Cisco Umbrella Rank: 66677 |
675 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71 |
1 KB |
25 | 5 |
Domain | Requested by | |
---|---|---|
19 | otherworldwriter.com |
otherworldwriter.com
|
3 | cdnjs.cloudflare.com |
otherworldwriter.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | api.qrserver.com |
otherworldwriter.com
|
1 | fonts.googleapis.com |
otherworldwriter.com
|
25 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
otherworldwriter.com cPanel, Inc. Certification Authority |
2022-05-09 - 2022-08-07 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
*.qrserver.com R3 |
2022-06-22 - 2022-09-20 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
This page contains 7 frames:
Primary Page:
https://otherworldwriter.com/
Frame ID: 61B7B7696977FC3F2A73A888F9574E28
Requests: 19 HTTP requests in this frame
Frame:
https://otherworldwriter.com/images/copy.svg
Frame ID: 718EFA89ED12321CDFF4355A9A23685B
Requests: 1 HTTP requests in this frame
Frame:
https://otherworldwriter.com/images/bitcoin.svg
Frame ID: EC9135C7BD68BF60BDBC82A0A463A03C
Requests: 1 HTTP requests in this frame
Frame:
https://otherworldwriter.com/images/gems.svg
Frame ID: BD2AE6D33BB3F1B9A9462A87DBB358ED
Requests: 1 HTTP requests in this frame
Frame:
https://otherworldwriter.com/images/logotype.svg
Frame ID: 0345936BE2E2F8C2C81C3B71A6F40F8D
Requests: 1 HTTP requests in this frame
Frame:
https://otherworldwriter.com/images/logotype.svg
Frame ID: C895339798222184528E98DEB5E2AA88
Requests: 1 HTTP requests in this frame
Frame:
https://otherworldwriter.com/images/user.svg
Frame ID: 719D7976065A26992987B00C4BD6BBB8
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Bitcoin GiveawayDetected technologies
animate.css (Web Frameworks) ExpandDetected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
otherworldwriter.com/ |
12 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
15 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
otherworldwriter.com/css/ |
24 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.css
otherworldwriter.com/css/ |
58 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
toast.min.css
otherworldwriter.com/css/ |
1 KB 510 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ |
58 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avatar.jpg
otherworldwriter.com/images/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.qrserver.com/v1/create-qr-code/ |
410 B 675 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ |
87 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ |
1 KB 918 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
toast.min.js
otherworldwriter.com/js/ |
2 KB 875 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wow.min.js
otherworldwriter.com/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
otherworldwriter.com/js/ |
19 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
bg.png
otherworldwriter.com/images/ |
208 KB 208 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
checked.svg
otherworldwriter.com/images/ |
548 B 378 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
loading.svg
otherworldwriter.com/images/ |
2 KB 748 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
arrow.svg
otherworldwriter.com/images/ |
675 B 412 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ |
30 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
copy.svg
otherworldwriter.com/images/ Frame 718E |
824 B 436 B |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
bitcoin.svg
otherworldwriter.com/images/ Frame EC91 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
gems.svg
otherworldwriter.com/images/ Frame BD2A |
523 B 271 B |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
logotype.svg
otherworldwriter.com/images/ Frame 0345 |
5 KB 2 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
logotype.svg
otherworldwriter.com/images/ Frame C895 |
5 KB 2 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
user.svg
otherworldwriter.com/images/ Frame 719D |
1 KB 655 B |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
Vector.svg
otherworldwriter.com/images/ |
559 B 396 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)44 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| Toast function| WOW function| copyToClipboards function| randomString function| randomStringHashBTC number| divCounter function| randomInteger function| randomIntegerBTC function| getRandomArbitrary function| getRundomMnogitel function| GenerateAddress function| GenerateHash function| genDiv function| getTimeRemaining object| storageTime string| defaultVal function| initializeClock object| deadline function| separateNumber function| line_progress number| time_progress function| init function| SmoothScroll function| updateDonut function| updateSlider number| one_line_w number| num_line number| rand2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
otherworldwriter.com/ | Name: num_line Value: 2981 |
|
otherworldwriter.com/ | Name: one_line_w Value: 59.62 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.qrserver.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
otherworldwriter.com
104.17.25.14
142.250.185.227
142.250.185.234
159.69.246.187
209.133.203.146
015d956d77187f14afb0234ac47ecfc50f2b3b983cd969938f8457eb753a82e0
02d71c1929b9520bd235917d4bd0e409cf237d3d619b29f62d0173406903fbf9
0685445640707c7a163ef8259bf5654df85a121927cd955fae7ac64685286f33
1effde87135073aae65ee1ccb16a14be41dc322ddfca9ee8a3775099e0c7419d
28227840f49e4924e77e590750ca747a8349fe609f5b607002fb33fbd1e8313d
3c71a68337aede5111b98548503100b299db83c920fdbd0c89aea4b0bc071c20
44fdd9d7928c21de655a2b69377e5a28eaff5fe7de3adec1ba48bde58753ce29
458582a5795280ec4f78b99e94f62ad0a583b69b73058275f393e2bd3fa79e46
475461dbaecdabf79083b4374920d5cbf7f9d2334c1e2b991416db0bb3227006
6cf83df18d8304701480143f5941e50efca2caaad6eaaee245c75f21f5499c9b
77b82df8af85e5bcffdc668d1401930e56328bd7dd574248ffe388d756b6ece5
79c73adef820f3f984c9d7cc131b62c133a4ddd721b0b7fb7cd3c37518f2ba47
81cdaee2dedfc313ccf35708edb03491d4c79b5c7fb97563cd2400778fd04ee9
90869b2c7ae4f2698529c3111609dfb7f593dba20ee0fb00e9b7010e3b0d1bf7
9126b3b8f8a83e09b07f7728f8b9a39eaa172c6edcf3ae28d6e9e9a45a346818
c5bb57b53a8e5cf8bacf806063c4ad4040a35387dcad9423b62ac36460905df6
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
dbaa95439b1e53841e39a73f2283b44f2fd08222370eea2ebad71e99088b175f
e7afb1ec53bb0dae78a2b46644188aa9e99ad5a415f461c17fa07efddff7dff5
ee39a75769469822681067f43d7d9d6384172e250691d5c6159de9ea8057c8bf
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d