ehcvz.top Open in urlscan Pro
2606:4700:3030::6815:1653 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ehcvz.top/
Effective URL:
https://ehcvz.top/
Submission: On January 27 via api (January 27th 2024, 10:26:53 pm UTC) from US — Scanned from US

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3030::6815:1653, located in United States and belongs to CLOUDFLARENET, US. The main domain is ehcvz.top.
TLS certificate: Issued by E1 on December 8th 2023. Valid for: 3 months.

This is the only time ehcvz.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::ac43:cb7b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:303... 2606:4700:3030::6815:1653	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	1

1 2606:4700:3037::ac43:cb7b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ehcvz.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3030::6815:1653 (United States)

ASN13335 (CLOUDFLARENET, US)

ehcvz.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	ehcvz.top 1 redirects ehcvz.top	2 MB
16	1

	Domain	Requested by
17	ehcvz.top	1 redirects ehcvz.top
16	1

This site contains no links.

Subject Issuer	Validity	Valid
ehcvz.top E1	`2023-12-08` - `2024-03-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ehcvz.top/
Frame ID: FB7C0630CC84AAC99601764AF06E0B96
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

USDT

Page URL History Show full URLs

http://ehcvz.top/ HTTP 301
https://ehcvz.top/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2400 kB
Transfer

8275 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ehcvz.top/ HTTP 301
https://ehcvz.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ehcvz.top/
Redirect Chain

http://ehcvz.top/
https://ehcvz.top/

3 KB
1 KB

646ms
543ms

Document
text/html

2606:4700:3030::6815:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ehcvz.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 465e0af22b3d4594554d404a8adfc2f83dc3d5fbf7f0ae0fa33d1538d18a837c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84c46b43cab94bcd-BUF
content-encoding: br
content-type: text/html
date: Sat, 27 Jan 2024 22:26:44 GMT
last-modified: Tue, 13 Jun 2023 17:56:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wIJR38mJtM5ITZE1PBFF0TBXx5zI%2BSNWkHrNS2T21sdNpIKinAihim0m9PqMEINEeu5iC5H%2FKxEiID3NRo7Ww5cfEwC3t%2BbYtG4JkdvQmXFz7DKQgxp1hseYWa9CmbDmrhJdKrE7l3I%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 84c46b42c9ee4bd5-BUF
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 27 Jan 2024 22:26:44 GMT
Expires: Sat, 27 Jan 2024 23:26:44 GMT
Location: https://ehcvz.top/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DyT7CgI%2F9F8acfeNO5mX52pMcTQLsuuabxDSDv1iv9RwtFYlMnxJfzPuo%2FEOL9DXRCQ49%2F1QvBt%2Fc30wfh2Po%2FeFmNIWTceDUBRIrpSdSdBOHQoCZ%2F%2BxrpSQSFlWQ%2BFKJnKZ%2Bkap9vg%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-2.1.4.min.js Show response
ehcvz.top/js/ 82 KB
30 KB 610ms
569ms Script
application/javascript 2606:4700:3030::6815:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ehcvz.top/js/jquery-2.1.4.min.js
Requested by: Host: ehcvz.top
URL: https://ehcvz.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ehcvz.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 22:26:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 13 Jun 2023 17:56:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6488adcc-14979"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMCkK8Qyl3DwXIoVC33chMLhWtfxJnq1g2LFWXqZJiV9lC3RJXfD01H%2BnoYiPPXvADsgI0UTIz2N4tS4vGUnlxHxa1jhiPSQOuRC1dhl6YQalHEWX4HaX8CF9il2gTTlu4QeC0w%2FHGI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84c46b479d124bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 clipboard.min.js Show response
ehcvz.top/js/ 10 KB
4 KB 608ms
568ms Script
application/javascript 2606:4700:3030::6815:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ehcvz.top/js/clipboard.min.js
Requested by: Host: ehcvz.top
URL: https://ehcvz.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125d1f1220f760e33bb88559cedc90ce66db3e58048f4a09571456ce2521e141

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ehcvz.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 22:26:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 13 Jun 2023 17:56:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6488adcc-2967"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glemUoUWiPs%2F06x0Bz0nNPdDd7xIVSMyf2whQU0ojEHJc3Qb%2FLs18s23R8xNpvpSejtXh4WXHqbCDS2thatXY87TsRvQ6YcoNHTFnbULVRGQmXMRPCu3Nu8d6Pi1omLsSrB585AbMqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84c46b479d134bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 TronWeb.js Show response
ehcvz.top/js/ 714 KB
222 KB 613ms
573ms Script
application/javascript 2606:4700:3030::6815:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ehcvz.top/js/TronWeb.js
Requested by: Host: ehcvz.top
URL: https://ehcvz.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cfef9f4982f19835647bf7657d34c6dcf35ebb73e7a4a5c715881e071159bb3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ehcvz.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 22:26:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Tue, 13 Jun 2023 17:56:28 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1247114
etag: W/"6488adcc-13078a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eLIf6RnwD6UavMU4mIXNZi4zTpK1dTP%2FAreGkl87b98bJqw1hXkLjVds0qfW3r0Vqfp8DO3Pj%2BgdLrEC9azdM25tVR69ZqceMD9oSKMl226My4%2BRb4xN2%2Fw2TRxK5AKocKBkoMnabQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84c46b479d144bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 web3.min.js Show response
ehcvz.top/js/ 1 MB
331 KB 630ms
590ms Script
application/javascript 2606:4700:3030::6815:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ehcvz.top/js/web3.min.js
Requested by: Host: ehcvz.top
URL: https://ehcvz.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cadb8d9586d343470b2483bb5560cbfdad4a6a5988e0661d9b73a7300e4696c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ehcvz.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 22:26:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 13 Jun 2023 17:56:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6488adcc-15a28d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYAnKQaTSIWE9xrTpnHR3sjY%2BUWQqrpiIXaUC1llX9cjjvORumc%2BxzRp4v219NkyQhezMOlOPKpcc10HETMZLg37PQSKJjn7haxpz53R46ZVFcOpwloShkEKM7ZGoz%2BGbLVrllR0HxM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84c46b479d154bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 web3model.min.js Show response
ehcvz.top/js/ 420 KB
196 KB 771ms
732ms Script
application/javascript 2606:4700:3030::6815:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ehcvz.top/js/web3model.min.js
Requested by: Host: ehcvz.top
URL: https://ehcvz.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e698be56a50a33bc6923bdadde2748ddcde2aae86984dd9fd46bf78e12d3499c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ehcvz.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 22:26:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 13 Jun 2023 17:56:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6488adcc-6910d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMiXkWpN5Kntvdhnz76H1FJzunx516w%2Bwgv6PZvOCoYV847amKREyuLp44cThJea8LTpv3nr%2F%2B42jUByZDq4PB0Ad3Jl7%2BuTudEDKqFjv8VNBxtXyitbqTAMWHPwZYexh32VLrJUhw8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84c46b479d164bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 web3provider.js Show response
ehcvz.top/js/ 933 KB
240 KB 117ms
78ms Script
application/javascript 2606:4700:3030::6815:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ehcvz.top/js/web3provider.js
Requested by: Host: ehcvz.top
URL: https://ehcvz.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8e72cfafaff4415dc3952cd8b5467b2eee89acb71aa148f7a117e3fb9a5d74b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ehcvz.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 22:26:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78
cf-polished: origSize=954954
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Jun 2023 17:56:28 GMT
server: cloudflare
etag: W/"6488adcc-e924a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCNanbtZpmcjIUiFpY%2FffxAp3IMiMNhhIHXxlDAIJDaf217lei1bUc0lVqp3Z5tcDIgrzE%2Bt9RTM%2BkaEtS5Oa8%2BfiV0bHk06uJgC7ti5CISpjH9RaOqGQvz5plMje9DfhOQRnAwHSpo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84c46b479d174bcd-BUF

GET
H2 200 config.js Show response
ehcvz.top/js/ 54 B
474 B 611ms
572ms Script
application/javascript 2606:4700:3030::6815:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ehcvz.top/js/config.js
Requested by: Host: ehcvz.top
URL: https://ehcvz.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0377e9d70bdfd416d11b6b4691d23661861d8285e2031dd0993806137ca20ac6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ehcvz.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 22:26:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Tue, 13 Jun 2023 17:56:28 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=145
etag: W/"6488adcc-91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2QmE3jpqTLVVavyNYhEk%2B6u3qTskKT%2B4DxQ%2FcVz4xQhzh4njsztJyK6OQKE4D%2FcjwKh5p3N7TCh7dlP5JmX7FGCe%2FrimMxMrNPPFta8VXlsMB1K7FIaq4PKGhNStCfQMSOUy3hWFuk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84c46b479d184bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 app.b7084f51.css
ehcvz.top/css/ 30 KB
7 KB 83ms
44ms Stylesheet
text/css 2606:4700:3030::6815:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ehcvz.top/css/app.b7084f51.css
Requested by: Host: ehcvz.top
URL: https://ehcvz.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77164e27e8dc795a66a33e75a3e4cef375d1b419a7b96e9f26e5d52890b9feb9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ehcvz.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 22:26:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 679
cf-polished: origSize=30855
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Jun 2023 17:56:28 GMT
server: cloudflare
etag: W/"6488adcc-7887"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BrZ3lbs5NorAmMrTr2LZG%2BqT71p5qIew7Rc%2F2nuBcZ%2BEUiZ5fq2Zpj1Xi7DnBU%2BzztlpenxNgBBFo7ZWFuTOEwsNwWz%2B3PCY1ouTbz%2FrS20BMs0tjy82TGSzwaFvrsG7EDLFoUiPfU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84c46b479d104bcd-BUF

GET
H2 200 chunk-vendors.bbb34eb4.css
ehcvz.top/css/ 379 KB
83 KB 85ms
48ms Stylesheet
text/css 2606:4700:3030::6815:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ehcvz.top/css/chunk-vendors.bbb34eb4.css
Requested by: Host: ehcvz.top
URL: https://ehcvz.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efd710978a49e8026b952668c30d1fc9cdf3e7679a9e642c46993d6110c9d332

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ehcvz.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 22:26:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 679
cf-polished: origSize=388239
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Jun 2023 17:56:28 GMT
server: cloudflare
etag: W/"6488adcc-5ec8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3O07fT%2FVwsRKML9kGYXG9ECcyQLx8lpPjBb4BK%2FXOHj5CPEtzG3ECxFRLVVCCZhPxyNxIHbUOV%2Bz505ColwySzBuLzdK9E3pIH%2Ftu%2BDWd5nhnZWL%2FZPuBxbYCo3WG50gCPbFAIKoe4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84c46b479d114bcd-BUF

GET
H2 200 app.b56b349c.js Show response
ehcvz.top/js/ 89 KB
32 KB 83ms
46ms Script
application/javascript 2606:4700:3030::6815:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ehcvz.top/js/app.b56b349c.js
Requested by: Host: ehcvz.top
URL: https://ehcvz.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a100d51e7f8f1f8b4ced28a9b23b45f268305ec78dfbcd79e4b7baa71dc7d2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ehcvz.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 22:26:45 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Jun 2023 17:56:28 GMT
server: cloudflare
age: 679
etag: W/"6488adcc-164f9"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Smn6LQyGxmp0cz4gEF%2F35DQvQGL4nmhRWvzKK8hWEuffUbNmaPp2TQzuwlkidzcuHJAJXRRzDJY5e33TVLS7fG8KL%2BosSXR7x8pkIihzQTkQ%2FPmblcjLhngJCmXzI5FqUlqqptjitNM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84c46b479d194bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 chunk-vendors.4ed6eae8.js Show response
ehcvz.top/js/ 4 MB
1 MB 125ms
88ms Script
application/javascript 2606:4700:3030::6815:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ehcvz.top/js/chunk-vendors.4ed6eae8.js
Requested by: Host: ehcvz.top
URL: https://ehcvz.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69a4c4f99233827f8a83a8642228bc7758b28e7b8079d1db926ae396e01fa235

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ehcvz.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 22:26:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 679
cf-polished: origSize=4295927
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Jun 2023 17:56:28 GMT
server: cloudflare
etag: W/"6488adcc-418cf7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6GF6z%2BWOpgDOsq9x%2FdTlb2mNmNfy6DkdXazlXkuwKLerivK4ICLqyBTIeZa4%2BvrbI%2BUP7rWNuND9dC%2Bwy5PXexEWfI8UTXsC8GHOm3bwkt47URob8%2FbOzLMhGh8GwqqtG7cusrjueY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84c46b47cd264bcd-BUF

GET
H3 200 agentRouter.b30b209e.css
ehcvz.top/css/ 0
1 KB 53ms
43ms Other
text/css 2606:4700:3030::6815:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ehcvz.top/css/agentRouter.b30b209e.css
Requested by: Host: ehcvz.top
URL: https://ehcvz.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ehcvz.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 22:26:46 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Jun 2023 17:56:28 GMT
server: cloudflare
age: 679
etag: W/"6488adcc-600"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4J4nkQ2pDdAMMHAeDj96ROhYvz6ax22ztJ6S1uKv4N7N7jHeVfnwFvU1JW%2FJ3CImFJTlHgjzAA1YDijN7CyJasTUSm7jW5gLunfcbWc%2BQSeB5gyHid0ejV2yPBh7WulAcT9w8PleI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84c46b4fcebe4bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 agentRouter.6839361c.js
ehcvz.top/js/ 0
3 KB 76ms
67ms Other
application/javascript 2606:4700:3030::6815:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ehcvz.top/js/agentRouter.6839361c.js
Requested by: Host: ehcvz.top
URL: https://ehcvz.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ehcvz.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 22:26:46 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Jun 2023 17:56:28 GMT
server: cloudflare
age: 679
etag: W/"6488adcc-1973"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Se8KX%2F81EOTJ7mCpQiW97kdOovdtARTMsVCh6vSO0j9MRE08ch6aXz8iNkYpw%2BQ91QK515nREBtvMyNlmSjig86YD3cQqOtNPgg5A7bljp3AXjCb2gGw%2BKpVBKGO%2BbLjbHTtizHWGEo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84c46b4fcebf4bd3-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 re1.6ae90260.jpeg
ehcvz.top/img/ 37 KB
37 KB 283ms
282ms Image
image/jpeg 2606:4700:3030::6815:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ehcvz.top/img/re1.6ae90260.jpeg
Requested by: Host: ehcvz.top
URL: https://ehcvz.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e61ba5d4c9fb12d461a8109d17ef9e13b5c66c19fbf92fbdb62c8e0e17e9bff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ehcvz.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 22:26:47 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 13 Jun 2023 17:56:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6488adcc-93a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVU6O2x6z8o9z%2B9qvXHRyFBy5ipVFn7zRbjKeDdE7BAtWZGfyxmEogfRHV70nOOtjqZDpIkaGRTREYTV78o0Rfcrp8fcBkFxUKG2aCEqSAnoVk3ByOVOKjxE47A0Nr%2FdwfB4j6ltWHI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84c46b5338e74bd3-BUF
alt-svc: h3=":443"; ma=86400
content-length: 37800

POST
H3 200 siteName Show response
ehcvz.top/api/v1/base/ 48 B
607 B 540ms
540ms XHR
application/json 2606:4700:3030::6815:1653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ehcvz.top/api/v1/base/siteName

Requested by

Host: ehcvz.top
URL: https://ehcvz.top/js/chunk-vendors.4ed6eae8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:1653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65a6571f38be46474e3fb969a038352384901b98ff79660f271c3d9e1670f69d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://ehcvz.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 22:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2Fobupp8X0VN1I8G6NLFFQaAUpO7Y99AdkAwLv3zotxEr1kDC9kGWYoiC%2FDfbNf2%2B5tThNlen61hnovacoku4vCICHaq4X0kWyxRzOSNvcpIga4GbNA%2FhObdrbzy78C7fYcFGt3ow%2FA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 84c46b5348eb4bd3-BUF
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://ehcvz.top/ Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ehcvz.top
2606:4700:3030::6815:1653
2606:4700:3037::ac43:cb7b
0377e9d70bdfd416d11b6b4691d23661861d8285e2031dd0993806137ca20ac6
125d1f1220f760e33bb88559cedc90ce66db3e58048f4a09571456ce2521e141
1a100d51e7f8f1f8b4ced28a9b23b45f268305ec78dfbcd79e4b7baa71dc7d2a
2cfef9f4982f19835647bf7657d34c6dcf35ebb73e7a4a5c715881e071159bb3
465e0af22b3d4594554d404a8adfc2f83dc3d5fbf7f0ae0fa33d1538d18a837c
5cadb8d9586d343470b2483bb5560cbfdad4a6a5988e0661d9b73a7300e4696c
65a6571f38be46474e3fb969a038352384901b98ff79660f271c3d9e1670f69d
69a4c4f99233827f8a83a8642228bc7758b28e7b8079d1db926ae396e01fa235
77164e27e8dc795a66a33e75a3e4cef375d1b419a7b96e9f26e5d52890b9feb9
8e61ba5d4c9fb12d461a8109d17ef9e13b5c66c19fbf92fbdb62c8e0e17e9bff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e698be56a50a33bc6923bdadde2748ddcde2aae86984dd9fd46bf78e12d3499c
efd710978a49e8026b952668c30d1fc9cdf3e7679a9e642c46993d6110c9d332
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f8e72cfafaff4415dc3952cd8b5467b2eee89acb71aa148f7a117e3fb9a5d74b

ehcvz.top Open in urlscan Pro 2606:4700:3030::6815:1653 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

2400 kBTransfer

8275 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

ehcvz.top Open in urlscan Pro
2606:4700:3030::6815:1653 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2400 kB
Transfer

8275 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!