hayek.link
Open in
urlscan Pro
2606:4700:3030::6815:5524
Malicious Activity!
Public Scan
Effective URL: https://hayek.link/
Submission: On August 31 via manual from CH
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 28th 2021. Valid for: a year.
This is the only time hayek.link was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 2606:4700:303... 2606:4700:3030::6815:5524 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 47.246.43.243 47.246.43.243 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
8 | 3 |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
zos.alipayobjects.com | |
gw.alipayobjects.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
hayek.link
1 redirects
hayek.link |
682 KB |
4 |
alipayobjects.com
zos.alipayobjects.com gw.alipayobjects.com |
7 KB |
8 | 2 |
Domain | Requested by | |
---|---|---|
5 | hayek.link |
1 redirects
hayek.link
|
3 | zos.alipayobjects.com |
hayek.link
|
1 | gw.alipayobjects.com |
hayek.link
|
8 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-08-28 - 2022-08-27 |
a year | crt.sh |
*.alipayobjects.com Secure Site CA G2 |
2021-06-08 - 2022-07-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://hayek.link/
Frame ID: 44859CE9467BB354870FEECFF1E3F8FE
Requests: 9 HTTP requests in this frame
Screenshot
Page Title
去中心化担保交易Page URL History Show full URLs
-
http://hayek.link/
HTTP 301
https://hayek.link/ Page URL
Detected technologies
Varnish (Cache Tools) ExpandDetected patterns
- headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://hayek.link/
HTTP 301
https://hayek.link/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
hayek.link/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
2.8653d7d2.chunk.css
hayek.link/static/css/ |
96 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
2.8c77d627.chunk.js
hayek.link/static/js/ |
2 MB 654 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
main.0102d8c6.chunk.js
hayek.link/static/js/ |
27 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asJMfBrNqpMMlVpeInPQ.svg
zos.alipayobjects.com/rmsportal/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iSrlOTqrKddqbOmlvUfq.svg
zos.alipayobjects.com/rmsportal/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BTSsmHkPsQSPTktcXyTV.svg
gw.alipayobjects.com/zos/rmsportal/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
psUFoAMjkCcjqtUCNPxB.svg
zos.alipayobjects.com/rmsportal/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| webpackJsonptrade object| regeneratorRuntime function| setImmediate function| clearImmediate object| _ethers object| __core-js_shared__ number| 2f1acc6c3a606b082e5eef5e54414ffb0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
gw.alipayobjects.com
hayek.link
zos.alipayobjects.com
2606:4700:3030::6815:5524
47.246.43.243
1a48a7abd06258e60cd8c5c986af20c3cce54bd79e64d399d765b26eb5dcf3bc
2d67384ac68a6a0c11dc50cf595adebd2920471d219568070febe6e901ba7ba7
3640a9d4397738c547975e6b4a205940a113b8fc69ee2891d30c49cef26bc087
7a64caf1e8821fe0d56f2ca55f3f8a221f227264240b316ff9c4fcf7f9f97b1f
8ec90fff768e9372246a50f001509e149d9b2a6a39580b83439fb7521b5b3322
8eee49e3d0f4e651f9f40adfd661861997715b99d5b88103ae44d248ca6b1751
91e78c29ab741956ed11f3e6425a2214086583c8a0eb820519a6bdcff4280ffc
ce6b2e4eec51a8dfaaa33521054d999387b3ce86471149fa9b04bd49241387da
cea38ced7a9d59eb54e5c6510a564cac5aa1642da2d45176bef51b4404b6abb7