crmoon.net Open in urlscan Pro
162.241.125.230 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://crmoon.net/main
Effective URL:
https://crmoon.net/main/
Submission: On January 17 via api (January 17th 2022, 12:17:44 pm UTC) from US — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 162.241.125.230, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is crmoon.net.
TLS certificate: Issued by R3 on January 5th 2022. Valid for: 3 months.

This is the only time crmoon.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
2 18	162.241.125.230 162.241.125.230	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
21	4

18 162.241.125.230 (United States) 2 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: norton-setup.info

crmoon.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

chart.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	crmoon.net 2 redirects crmoon.net	2 MB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 chart.googleapis.com — Cisco Umbrella Rank: 19594	4 KB
1	gstatic.com fonts.gstatic.com	27 KB
21	3

	Domain	Requested by
18	crmoon.net	2 redirects crmoon.net
3	chart.googleapis.com	crmoon.net
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	crmoon.net
21	4

This site contains no links.

Subject Issuer	Validity	Valid
www.crmoon.net R3	`2022-01-05` - `2022-04-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://crmoon.net/main/
Frame ID: 6DC84308B81D50EC3FB10EE8415DC5F6
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Biggest giveaway CRYPTO of $100 000 000

Page URL History Show full URLs

http://crmoon.net/main HTTP 301
https://crmoon.net/main HTTP 301
https://crmoon.net/main/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

1750 kB
Transfer

1752 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://crmoon.net/main HTTP 301
https://crmoon.net/main HTTP 301
https://crmoon.net/main/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
crmoon.net/main/
Redirect Chain

http://crmoon.net/main
https://crmoon.net/main
https://crmoon.net/main/

29 KB
29 KB

130ms
130ms

Document
text/html

162.241.125.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://crmoon.net/main/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.125.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: norton-setup.info
Software: Apache /
Resource Hash: 1794a0f22b368f984405bb746b12fc67915c45558c84e59efaac648998154da5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 17 Jan 2022 12:17:37 GMT
Server: Apache
Last-Modified: Sun, 16 Jan 2022 23:38:29 GMT
Accept-Ranges: bytes
Content-Length: 29658
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html

Redirect headers

Date: Mon, 17 Jan 2022 12:17:37 GMT
Server: Apache
Location: https://crmoon.net/main/
Content-Length: 232
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 133ms
48ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Mulish:wght@400;500;600;700;800&display=swap

Requested by

Host: crmoon.net
URL: https://crmoon.net/main/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0724f18c03513f32d7ddef2b28ad3564f10498b62478e3791c48bbee9b9f2e99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crmoon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 12:17:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 17 Jan 2022 12:17:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Jan 2022 12:17:38 GMT

GET
H/1.1 200
OK style.css
crmoon.net/css/ 13 KB
14 KB 239ms
130ms Stylesheet
text/css 162.241.125.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://crmoon.net/css/style.css
Requested by: Host: crmoon.net
URL: https://crmoon.net/main/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.125.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: norton-setup.info
Software: Apache /
Resource Hash: be8a54956317bdfc1482dc2c2e703d5bdee0d2c53ef77ea497d81ff471343981

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crmoon.net/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 12:17:37 GMT
Last-Modified: Fri, 14 Jan 2022 13:54:05 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 13786

GET
H/1.1 200
OK bage.png
crmoon.net/img/ 2 KB
2 KB 383ms
127ms Image
image/png 162.241.125.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crmoon.net/img/bage.png
Requested by: Host: crmoon.net
URL: https://crmoon.net/main/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.125.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: norton-setup.info
Software: Apache /
Resource Hash: 3e10e5f97bbb1d687243e66388019911f4dc0d9b0e41ddd3ea4af1fd5c931000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crmoon.net/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 12:17:37 GMT
Last-Modified: Fri, 14 Jan 2022 13:54:05 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1877

GET
H/1.1 200
OK qr.png
crmoon.net/img/ 2 KB
2 KB 851ms
128ms Image
image/png 162.241.125.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crmoon.net/img/qr.png
Requested by: Host: crmoon.net
URL: https://crmoon.net/main/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.125.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: norton-setup.info
Software: Apache /
Resource Hash: f24c04309fdde3619118e259ca5033c31dc80444ca7d1916420583f4fa7550b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crmoon.net/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 12:17:38 GMT
Last-Modified: Fri, 14 Jan 2022 13:54:05 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1904

GET
H/1.1 200
OK creator.png
crmoon.net/img/ 148 KB
148 KB 885ms
129ms Image
image/png 162.241.125.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crmoon.net/img/creator.png
Requested by: Host: crmoon.net
URL: https://crmoon.net/main/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.125.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: norton-setup.info
Software: Apache /
Resource Hash: 1ad315d602b185d7045e299650b32ebfecdd3d206b5d3265c26f318397de6f00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crmoon.net/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 12:17:38 GMT
Last-Modified: Fri, 14 Jan 2022 13:54:05 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 151148

GET
H/1.1 200
OK wallet.png
crmoon.net/img/ 2 KB
2 KB 1107ms
128ms Image
image/png 162.241.125.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crmoon.net/img/wallet.png
Requested by: Host: crmoon.net
URL: https://crmoon.net/main/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.125.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: norton-setup.info
Software: Apache /
Resource Hash: a62f288a2a21421b90f16c33a3a4cca278f847cc0984fcd9b49b3e8d0dd0e1e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crmoon.net/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 12:17:38 GMT
Last-Modified: Fri, 14 Jan 2022 13:54:05 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2219

GET
H/1.1 200
OK transfer.png
crmoon.net/img/ 2 KB
2 KB 1144ms
129ms Image
image/png 162.241.125.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crmoon.net/img/transfer.png
Requested by: Host: crmoon.net
URL: https://crmoon.net/main/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.125.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: norton-setup.info
Software: Apache /
Resource Hash: 1dd85973c2edea6651fa93328a58483ac584baa08a76c30769843c87c2f413e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crmoon.net/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 12:17:38 GMT
Last-Modified: Fri, 14 Jan 2022 13:54:05 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 2242

GET
H/1.1 200
OK checkmark.png
crmoon.net/img/ 2 KB
2 KB 458ms
128ms Image
image/png 162.241.125.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crmoon.net/img/checkmark.png
Requested by: Host: crmoon.net
URL: https://crmoon.net/main/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.125.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: norton-setup.info
Software: Apache /
Resource Hash: d51a321bf502685c9374fe33fe4bbee89aa58928f86423101a2a9c4866a55ced

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crmoon.net/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 12:17:38 GMT
Last-Modified: Fri, 14 Jan 2022 13:54:05 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2197

GET
H/1.1 200
OK bonus.png
crmoon.net/img/ 2 KB
2 KB 361ms
130ms Image
image/png 162.241.125.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crmoon.net/img/bonus.png
Requested by: Host: crmoon.net
URL: https://crmoon.net/main/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.125.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: norton-setup.info
Software: Apache /
Resource Hash: 9f5f531ba9cbb62f977a08fa8fb8f05ae13c503fb68a536a2528439390ba36db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crmoon.net/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 12:17:38 GMT
Last-Modified: Fri, 14 Jan 2022 13:54:05 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1976

GET
H2 200 chart
chart.googleapis.com/ 843 B
1 KB 137ms
38ms Image
image/png 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.googleapis.com/chart?chs=130x130&cht=qr&chl=19dV18MGowuSJtXzb3KnKj8yTjXBCg57u3&chld=L|1&choe=UTF-8

Requested by

Host: crmoon.net
URL: https://crmoon.net/main/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GoogleChartAPI/1.0 /

Resource Hash

a81d8c62c63b1e6c62763e5f96ae618ca0862d80903573db4f46ceaa3004306e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crmoon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 23:15:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 May 2018 18:35:04 GMT
server: GoogleChartAPI/1.0
age: 46942
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 843
x-xss-protection: 1; mode=block
expires: Wed, 12 Jan 2022 16:21:31 GMT

GET
H2 200 chart
chart.googleapis.com/ 866 B
951 B 455ms
357ms Image
image/png 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.googleapis.com/chart?chs=130x130&cht=qr&chl=D5ppYkHKHBHyGVxyagyqnbku3FmYp54bzS&chld=L|1&choe=UTF-8

Requested by

Host: crmoon.net
URL: https://crmoon.net/main/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GoogleChartAPI/1.0 /

Resource Hash

47db577b1b6d5c50413da47b8625b3e516084e85fe261a2ca8004a2dd5734c4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crmoon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 12:17:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 May 2018 18:35:04 GMT
server: GoogleChartAPI/1.0
age: 0
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 866
x-xss-protection: 1; mode=block
expires: Sat, 15 Jan 2022 06:36:06 GMT

GET
H2 200 chart
chart.googleapis.com/ 871 B
931 B 137ms
39ms Image
image/png 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.googleapis.com/chart?chs=130x130&cht=qr&chl=0x9e7869CFbe3e778B1a7C684bf61538537413f1dc&chld=L|1&choe=UTF-8

Requested by

Host: crmoon.net
URL: https://crmoon.net/main/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GoogleChartAPI/1.0 /

Resource Hash

87acaaabd86e02f473c010b968e8b0eab332ea942f9e5f2fcb1bb566ba8e129c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crmoon.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 23:15:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 May 2018 18:35:04 GMT
server: GoogleChartAPI/1.0
age: 46942
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 871
x-xss-protection: 1; mode=block
expires: Wed, 12 Jan 2022 16:21:31 GMT

GET
H/1.1 200
OK jquery.min.js Show response
crmoon.net/js/ 87 KB
88 KB 257ms
129ms Script
application/javascript 162.241.125.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://crmoon.net/js/jquery.min.js
Requested by: Host: crmoon.net
URL: https://crmoon.net/main/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.125.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: norton-setup.info
Software: Apache /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crmoon.net/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 12:17:37 GMT
Last-Modified: Fri, 14 Jan 2022 13:54:05 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 89501

GET
H/1.1 200
OK script.js Show response
crmoon.net/js/ 6 KB
6 KB 247ms
129ms Script
application/javascript 162.241.125.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://crmoon.net/js/script.js
Requested by: Host: crmoon.net
URL: https://crmoon.net/main/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.125.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: norton-setup.info
Software: Apache /
Resource Hash: b9e585b2961590cd7a7b49672ce2314d5940f57c80e1f0bdb63344ef0308ee06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crmoon.net/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 12:17:38 GMT
Last-Modified: Fri, 14 Jan 2022 13:54:05 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 5663

GET
H/1.1 200
OK console-ban.min.js Show response
crmoon.net/js/ 2 KB
2 KB 223ms
128ms Script
application/javascript 162.241.125.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://crmoon.net/js/console-ban.min.js
Requested by: Host: crmoon.net
URL: https://crmoon.net/main/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.125.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: norton-setup.info
Software: Apache /
Resource Hash: c3172f40c0b891c351a8844aa979038ea8c00e3f755cb7521617095e2758c165

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crmoon.net/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 12:17:38 GMT
Last-Modified: Fri, 14 Jan 2022 13:54:05 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2254

GET
H/1.1 200
OK background.png
crmoon.net/img/ 717 KB
717 KB 247ms
128ms Image
image/png 162.241.125.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crmoon.net/img/background.png
Requested by: Host: crmoon.net
URL: https://crmoon.net/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.125.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: norton-setup.info
Software: Apache /
Resource Hash: d4ae63f16af3074de620bf6ce843abe5c47e396c79a203f9f894b4e625ec0318

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crmoon.net/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 12:17:38 GMT
Last-Modified: Fri, 14 Jan 2022 13:54:05 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 734169

GET
H/1.1 200
OK background2.png
crmoon.net/img/ 698 KB
699 KB 385ms
128ms Image
image/png 162.241.125.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crmoon.net/img/background2.png
Requested by: Host: crmoon.net
URL: https://crmoon.net/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.125.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: norton-setup.info
Software: Apache /
Resource Hash: 145b4fe41f625c0437d3517a260c7820a88459c65e96c567e130aa7eb187c7ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crmoon.net/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 12:17:38 GMT
Last-Modified: Fri, 14 Jan 2022 13:54:05 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 715206

GET
H/1.1 200
OK btc_icon.svg
crmoon.net/img/ 1 KB
2 KB 294ms
128ms Image
image/svg+xml 162.241.125.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crmoon.net/img/btc_icon.svg
Requested by: Host: crmoon.net
URL: https://crmoon.net/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.125.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: norton-setup.info
Software: Apache /
Resource Hash: a68c396548626ce63ead1fd70de36c8fa0aedd53fceca745fbac58f220c143e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crmoon.net/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 12:17:38 GMT
Last-Modified: Fri, 14 Jan 2022 13:54:05 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 1381

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v7/ 27 KB
27 KB 121ms
40ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v7/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:wght@400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://crmoon.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 18:01:33 GMT
x-content-type-options: nosniff
age: 411365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 12 Jan 2023 18:01:33 GMT

GET
H/1.1 200
OK check.svg
crmoon.net/img/ 549 B
794 B 265ms
129ms Image
image/svg+xml 162.241.125.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crmoon.net/img/check.svg
Requested by: Host: crmoon.net
URL: https://crmoon.net/main/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.125.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: norton-setup.info
Software: Apache /
Resource Hash: c1f6735e4e5ac94c3f36e1ae89930751b1d2e7fb8fdd31b51ed1a1b331882cca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://crmoon.net/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 12:17:38 GMT
Last-Modified: Fri, 14 Jan 2022 13:54:05 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 549

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

chart.googleapis.com
crmoon.net
fonts.googleapis.com
fonts.gstatic.com
162.241.125.230
2a00:1450:4001:810::200a
2a00:1450:4001:811::200a
2a00:1450:4001:828::2003
0724f18c03513f32d7ddef2b28ad3564f10498b62478e3791c48bbee9b9f2e99
0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa
145b4fe41f625c0437d3517a260c7820a88459c65e96c567e130aa7eb187c7ef
1794a0f22b368f984405bb746b12fc67915c45558c84e59efaac648998154da5
1ad315d602b185d7045e299650b32ebfecdd3d206b5d3265c26f318397de6f00
1dd85973c2edea6651fa93328a58483ac584baa08a76c30769843c87c2f413e5
3e10e5f97bbb1d687243e66388019911f4dc0d9b0e41ddd3ea4af1fd5c931000
47db577b1b6d5c50413da47b8625b3e516084e85fe261a2ca8004a2dd5734c4c
87acaaabd86e02f473c010b968e8b0eab332ea942f9e5f2fcb1bb566ba8e129c
9f5f531ba9cbb62f977a08fa8fb8f05ae13c503fb68a536a2528439390ba36db
a62f288a2a21421b90f16c33a3a4cca278f847cc0984fcd9b49b3e8d0dd0e1e0
a68c396548626ce63ead1fd70de36c8fa0aedd53fceca745fbac58f220c143e4
a81d8c62c63b1e6c62763e5f96ae618ca0862d80903573db4f46ceaa3004306e
b9e585b2961590cd7a7b49672ce2314d5940f57c80e1f0bdb63344ef0308ee06
be8a54956317bdfc1482dc2c2e703d5bdee0d2c53ef77ea497d81ff471343981
c1f6735e4e5ac94c3f36e1ae89930751b1d2e7fb8fdd31b51ed1a1b331882cca
c3172f40c0b891c351a8844aa979038ea8c00e3f755cb7521617095e2758c165
d4ae63f16af3074de620bf6ce843abe5c47e396c79a203f9f894b4e625ec0318
d51a321bf502685c9374fe33fe4bbee89aa58928f86423101a2a9c4866a55ced
f24c04309fdde3619118e259ca5033c31dc80444ca7d1916420583f4fa7550b8
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

crmoon.net Open in urlscan Pro 162.241.125.230 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

75 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

1750 kBTransfer

1752 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

0 Cookies

Indicators

crmoon.net Open in urlscan Pro
162.241.125.230 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

1750 kB
Transfer

1752 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!