eth35.com Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://eth35.com/
Effective URL:
https://eth35.com/
Submission: On November 14 via api (November 14th 2024, 12:22:22 am UTC) from US — Scanned from NL

Summary HTTP 17 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 17 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is eth35.com.
TLS certificate: Issued by WE1 on November 5th 2024. Valid for: 3 months.

This is the only time eth35.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:205... 2600:9000:2057:aa00:18:6c16:27c0:93a1	() ()
2	34.107.203.234 34.107.203.234	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2a06:98c1:58::eb 2a06:98c1:58::eb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.117.59.81 34.117.59.81	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:7::eb 2606:4700:7::eb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	7

2 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

eth35.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:aa00:18:6c16:27c0:93a1 (United States)

ASN- ()

tools.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.203.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.203.107.34.bc.googleusercontent.com

settings.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:58::eb (United States)

ASN13335 (CLOUDFLARENET, US)

pub-b49b9a819cab43f18b728728fc1b3402.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.59.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:7::eb (United States)

ASN13335 (CLOUDFLARENET, US)

pub-b8b9114e72b24ef7aebe530a2eb94bbc.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	r2.dev pub-b49b9a819cab43f18b728728fc1b3402.r2.dev pub-b8b9114e72b24ef7aebe530a2eb94bbc.r2.dev	6 MB
3	luckyorange.com tools.luckyorange.com — Cisco Umbrella Rank: 15508 settings.luckyorange.com — Cisco Umbrella Rank: 15475	5 KB
2	eth35.com eth35.com	984 KB
1	ipinfo.io ipinfo.io — Cisco Umbrella Rank: 6592	397 B
0	sidoravdeev.com Failed sidoravdeev.com Failed
0	app.link Failed metamask.app.link Failed
17	6

	Domain	Requested by
6	pub-b49b9a819cab43f18b728728fc1b3402.r2.dev	eth35.com
2	settings.luckyorange.com	tools.luckyorange.com
2	eth35.com	eth35.com pub-b49b9a819cab43f18b728728fc1b3402.r2.dev
1	pub-b8b9114e72b24ef7aebe530a2eb94bbc.r2.dev
1	ipinfo.io	pub-b49b9a819cab43f18b728728fc1b3402.r2.dev
1	tools.luckyorange.com	eth35.com
0	sidoravdeev.com Failed	pub-b49b9a819cab43f18b728728fc1b3402.r2.dev
0	metamask.app.link Failed	pub-b49b9a819cab43f18b728728fc1b3402.r2.dev
17	8

This site contains links to these domains. Also see Links.

Domain
twitter.com

Subject Issuer	Validity	Valid
eth35.com WE1	`2024-11-05` - `2025-02-03`	3 months	crt.sh
luckyorange.com Amazon RSA 2048 M02	`2024-10-17` - `2025-11-14`	a year	crt.sh
settings.luckyorange.com R11	`2024-10-08` - `2025-01-06`	3 months	crt.sh
*.r2.dev E5	`2024-09-29` - `2024-12-28`	3 months	crt.sh
ipinfo.io R11	`2024-10-01` - `2024-12-30`	3 months	crt.sh

This page contains 2 frames:

Frame: dapp://eth35.com/
Frame ID: DA3C85209E9E70868CF97C9F57312E57
Requests: 29 HTTP requests in this frame

Frame: data://truncated
Frame ID: 74331BF98D1743A3F37A16DD424AE8AA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Liquid Staking for Ethereum - LiquidEther

Page URL History Show full URLs

http://eth35.com/ HTTP 307
https://eth35.com/ Page URL

Page Statistics

17
Requests

76 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

7161 kB
Transfer

11482 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/StakeEther/
Title: Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://twitter.com/StakeEther
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://eth35.com/ HTTP 307
https://eth35.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
eth35.com/
Redirect Chain

http://eth35.com/
https://eth35.com/

5 MB
983 KB

156ms
110ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eth35.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fbea595c690fd6a742cae28e60784af779dd6b23a082c9089ad8657fd758c78

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e22d8634dafb90c-AMS
content-encoding: zstd
content-type: text/html
date: Thu, 14 Nov 2024 00:22:06 GMT
last-modified: Sat, 07 Sep 2024 17:42:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OuABdrcOtiLirwlQHhjCqcf0dXrhdKSgIa9FKIS0Pts9p3IBlVzpdnboaUs6xGS11g1WR9%2FFtzLzPal5gApjwLS7uo4twgx7R9AJKGw59RUUKNAK5SVtU2vhRIQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=18930&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4170&recv_bytes=4483&delivery_rate=697&cwnd=12000&unsent_bytes=0&cid=49caa2ea0e4d8786&ts=122&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

Redirect headers

Location: https://eth35.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 lo.js Show response
tools.luckyorange.com/core/ 13 KB
5 KB 105ms
25ms Script
text/javascript 2600:9000:2057:aa00:18:6c16:27c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/lo.js?site-id=6b4e8193
Requested by: Host: eth35.com
URL: https://eth35.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:aa00:18:6c16:27c0:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f856c8414143f27e5dd06dab33f37003f605eb4ac572f908c08123d2973bc9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://eth35.com/

Response headers

content-encoding: gzip
etag: "2e76f2975071a8eb95d665a06b06cae4"
age: 1898
x-cache: Hit from cloudfront
x-amz-cf-id: jBOElnOw8n9gQZA6UK2giC6uPn9BGIVaSfmYJeUKhk3Hz7rIZOhYug==
date: Wed, 13 Nov 2024 23:50:29 GMT
content-type: text/javascript
vary: accept-encoding
last-modified: Wed, 06 Nov 2024 20:50:22 GMT
cache-control: max-age=3600
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 4678
x-amz-cf-pop: FRA6-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 6b4e8193 Show response
settings.luckyorange.com/ 149 B
239 B 262ms
261ms Fetch
application/json 34.107.203.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/6b4e8193
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=6b4e8193
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash: f7e7606b4dcbcbc8938a04a0b86cc8998473c6d038dcfcf8d32664561d7a32fe

Request headers

x-lucky-uid: undefined
Referer: https://eth35.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-lucky-referrer

Response headers

access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://eth35.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149
date: Thu, 14 Nov 2024 00:22:07 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding

OPTIONS
H2 200 6b4e8193
settings.luckyorange.com/ Frame 0
0 166ms
119ms Preflight 34.107.203.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/6b4e8193
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method: GET
Origin: https://eth35.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://eth35.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 14 Nov 2024 00:22:07 GMT
via: 1.1 google

GET
H/1.1 200
OK 1.js Show response
pub-b49b9a819cab43f18b728728fc1b3402.r2.dev/ 658 KB
658 KB 126ms
69ms Script
text/javascript 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-b49b9a819cab43f18b728728fc1b3402.r2.dev/1.js
Requested by: Host: eth35.com
URL: https://eth35.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bedac6e51ad4146953265c102a054bd68c0d90239b17ea24ed311fa67b6e7748

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://eth35.com/

Response headers

ETag: "04785c52273847fc0178e1714e6c8575"
Connection: keep-alive
CF-RAY: 8e22d866b8ca1cce-AMS
Accept-Ranges: bytes
Content-Length: 673356
Date: Thu, 14 Nov 2024 00:22:07 GMT
Content-Type: text/javascript
Last-Modified: Sat, 22 Jun 2024 12:17:26 GMT
Vary: Accept-Encoding
Server: cloudflare

GET
H/1.1 200
OK 2.js Show response
pub-b49b9a819cab43f18b728728fc1b3402.r2.dev/ 716 KB
716 KB 96ms
56ms Script
text/javascript 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-b49b9a819cab43f18b728728fc1b3402.r2.dev/2.js
Requested by: Host: eth35.com
URL: https://eth35.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://eth35.com/

Response headers

ETag: "50ed955cf32ac8e4e1daa0fac8fcde98"
Connection: keep-alive
CF-RAY: 8e22d866cb01667f-AMS
Accept-Ranges: bytes
Content-Length: 733070
Date: Thu, 14 Nov 2024 00:22:07 GMT
Content-Type: text/javascript
Last-Modified: Sat, 22 Jun 2024 12:17:26 GMT
Vary: Accept-Encoding
Server: cloudflare

GET
H/1.1 200
OK 3.js Show response
pub-b49b9a819cab43f18b728728fc1b3402.r2.dev/ 315 KB
316 KB 93ms
54ms Script
text/javascript 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-b49b9a819cab43f18b728728fc1b3402.r2.dev/3.js
Requested by: Host: eth35.com
URL: https://eth35.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://eth35.com/

Response headers

ETag: "ca1104de538caea2d54265fbe90916b4"
Connection: keep-alive
CF-RAY: 8e22d866cd6a9724-AMS
Accept-Ranges: bytes
Content-Length: 323051
Date: Thu, 14 Nov 2024 00:22:07 GMT
Content-Type: text/javascript
Last-Modified: Sat, 22 Jun 2024 12:17:21 GMT
Vary: Accept-Encoding
Server: cloudflare

GET
H/1.1 200
OK 4.js Show response
pub-b49b9a819cab43f18b728728fc1b3402.r2.dev/ 1 MB
1 MB 111ms
72ms Script
text/javascript 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-b49b9a819cab43f18b728728fc1b3402.r2.dev/4.js
Requested by: Host: eth35.com
URL: https://eth35.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fffa62486dc1a784ca7f14108e8c0bffbe70b82212418ed00fe5485bfb7dfe5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://eth35.com/

Response headers

ETag: "eccd8515c1fca377448be7d6166e3fe9"
Connection: keep-alive
CF-RAY: 8e22d866c827a016-AMS
Accept-Ranges: bytes
Content-Length: 1472302
Date: Thu, 14 Nov 2024 00:22:07 GMT
Content-Type: text/javascript
Last-Modified: Sat, 22 Jun 2024 12:17:41 GMT
Vary: Accept-Encoding
Server: cloudflare

GET
H/1.1 200
OK 5.js Show response
pub-b49b9a819cab43f18b728728fc1b3402.r2.dev/ 1 MB
1 MB 91ms
52ms Script
text/javascript 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-b49b9a819cab43f18b728728fc1b3402.r2.dev/5.js
Requested by: Host: eth35.com
URL: https://eth35.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 493a0c3f38e807d0d34ef683bec3524147318dac3d328ffded7d05f4ceccea6c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://eth35.com/

Response headers

ETag: "33e9b762f9b7f41e265af743ec1691c7"
Connection: keep-alive
CF-RAY: 8e22d866c99a9fa0-AMS
Accept-Ranges: bytes
Content-Length: 1163794
Date: Thu, 14 Nov 2024 00:22:07 GMT
Content-Type: text/javascript
Last-Modified: Sat, 22 Jun 2024 12:17:37 GMT
Vary: Accept-Encoding
Server: cloudflare

GET
H/1.1 200
OK 6.js Show response
pub-b49b9a819cab43f18b728728fc1b3402.r2.dev/ 2 MB
2 MB 119ms
80ms Script
text/javascript 2a06:98c1:58::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-b49b9a819cab43f18b728728fc1b3402.r2.dev/6.js
Requested by: Host: eth35.com
URL: https://eth35.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2357e4d144b17f4d0b1e1914452ee298c90f97e743a622b55a7ed650c65b571e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://eth35.com/

Response headers

ETag: "4dc663b98e3b55e4b104b229343d292c"
Connection: keep-alive
CF-RAY: 8e22d866cdc50e08-AMS
Accept-Ranges: bytes
Content-Length: 1891306
Date: Thu, 14 Nov 2024 00:22:07 GMT
Content-Type: text/javascript
Last-Modified: Sat, 22 Jun 2024 12:17:55 GMT
Vary: Accept-Encoding
Server: cloudflare

GET
H3 200 email-decode.min.js Show response
eth35.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 18ms
18ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eth35.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: eth35.com
URL: https://eth35.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://eth35.com/

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"672e2372-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Jx4u61FZ7HdgrswigTH%2Buqsdh0H%2BVDf4KP2VRLQS5MaavJmd6yM3xfFBCJ0m1d%2FdoPUfHszrPmz3d2RjvpIWrAxVFhF7h%2F4ScQUm09EOeuxwsPZ2p8Kc3zWrBQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e22d8668fb2b90c-AMS
expires: Sat, 16 Nov 2024 00:22:07 GMT
date: Thu, 14 Nov 2024 00:22:07 GMT
content-type: application/javascript
last-modified: Fri, 08 Nov 2024 14:42:58 GMT
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c9abefe41bbb94208a9623cc7a15ea2315bddd06c5538f6b54223946ecf1318

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 28 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8aae03f48ac45f588b9ef28e02f32c6344a9585de3d0ca79f55074cd2c53a68c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 30 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1dfe054bf3a2a3aa05755aff4d03675b4a66e788eb09fbe2853042ad6f2c5092

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 137 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5d41e8f94208fcdae0631e2b5e3e739d19c75c801cf8b55f5657c068b577703

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 106 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ac8aaeca0f581b438f66f7f84e6fff24c7d4d9c429df119ea7c39b0cb2d9d27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 15 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28534560056bed49b7f58e9301f89c2562049d75ea069e6288c863daaff4e00e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c80bb7811d02b78f112733866cf5aa0cef2ec41749359a64eac6e83b71fc895

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbb28f3614962e74d37387ade935faa16bfa8c0348abdaec59488ee988d4153d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3d3ffdff6f6d5a72a93d99505f5763ef2aec0c6a7c801ad92d673c6ab1ad94a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 992 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e7192cea2989ad344f5e0f1e2d6d6da0c388246a7f93ea08c5070b7456694c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 228 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 794715935df8982298d1083fd37f3632f9af539550838a962268632daf85f86b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://eth35.com
Referer

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 46 KB
46 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://eth35.com
Referer

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d49686def54bdb462b8eb6e90e1b1ed36a96e1f2ea4bd8926159a0d9d983d345

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7433 6 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db16fd847b02502e6ecbff600feb2a925dd093c62eda06de4576315c97a9aa05

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/jpeg

GET
H2 200 json Show response
ipinfo.io/ 291 B
397 B 162ms
123ms Fetch
application/json 34.117.59.81
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/json

Requested by

Host: pub-b49b9a819cab43f18b728728fc1b3402.r2.dev
URL: https://pub-b49b9a819cab43f18b728728fc1b3402.r2.dev/6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

81.59.117.34.bc.googleusercontent.com

Software

Resource Hash

b61a8fca164ac8c9eeecb5e15c2e157fc5f182ec780722b7320d84bd319f8b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://eth35.com/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 197
date: Thu, 14 Nov 2024 00:22:08 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding

GET
H/1.1 200
OK mm.svg
pub-b8b9114e72b24ef7aebe530a2eb94bbc.r2.dev/ 6 KB
6 KB 326ms
259ms Image
image/svg+xml 2606:4700:7::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-b8b9114e72b24ef7aebe530a2eb94bbc.r2.dev/mm.svg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23fc6a3d0010db9befe6b3aebd4c634a945c437377b06c6416082ac3ea16278e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://eth35.com/

Response headers

ETag: "96518a1585ce5ad63bc6377ec15fed7e"
Connection: keep-alive
CF-RAY: 8e22d86f6a1eb7d3-AMS
Accept-Ranges: bytes
Content-Length: 6023
Date: Thu, 14 Nov 2024 00:22:08 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 11 Mar 2024 15:32:36 GMT
Vary: Accept-Encoding
Server: cloudflare

GET /
metamask.app.link/dapp/eth35.com/ 0
0

GET /
eth35.com/ 0
0

POST record-visit
sidoravdeev.com/ 0
0

OPTIONS record-visit
sidoravdeev.com/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: metamask.app.link
URL: https://metamask.app.link/dapp/eth35.com/

Domain: eth35.com
URL: dapp://eth35.com/

Domain: sidoravdeev.com
URL: https://sidoravdeev.com/record-visit

Domain: sidoravdeev.com
URL: https://sidoravdeev.com/record-visit

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

916 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://eth35.com/ Message: Not allowed to launch 'dapp://eth35.com/' because a user gesture is required.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eth35.com
ipinfo.io
metamask.app.link
pub-b49b9a819cab43f18b728728fc1b3402.r2.dev
pub-b8b9114e72b24ef7aebe530a2eb94bbc.r2.dev
settings.luckyorange.com
sidoravdeev.com
tools.luckyorange.com
eth35.com
metamask.app.link
sidoravdeev.com
188.114.96.3
2600:9000:2057:aa00:18:6c16:27c0:93a1
2606:4700:7::eb
2a06:98c1:58::eb
34.107.203.234
34.117.59.81
0fbea595c690fd6a742cae28e60784af779dd6b23a082c9089ad8657fd758c78
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
1c80bb7811d02b78f112733866cf5aa0cef2ec41749359a64eac6e83b71fc895
1dfe054bf3a2a3aa05755aff4d03675b4a66e788eb09fbe2853042ad6f2c5092
2357e4d144b17f4d0b1e1914452ee298c90f97e743a622b55a7ed650c65b571e
23fc6a3d0010db9befe6b3aebd4c634a945c437377b06c6416082ac3ea16278e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28534560056bed49b7f58e9301f89c2562049d75ea069e6288c863daaff4e00e
493a0c3f38e807d0d34ef683bec3524147318dac3d328ffded7d05f4ceccea6c
4c9abefe41bbb94208a9623cc7a15ea2315bddd06c5538f6b54223946ecf1318
5ac8aaeca0f581b438f66f7f84e6fff24c7d4d9c429df119ea7c39b0cb2d9d27
5e7192cea2989ad344f5e0f1e2d6d6da0c388246a7f93ea08c5070b7456694c0
5fffa62486dc1a784ca7f14108e8c0bffbe70b82212418ed00fe5485bfb7dfe5
794715935df8982298d1083fd37f3632f9af539550838a962268632daf85f86b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8aae03f48ac45f588b9ef28e02f32c6344a9585de3d0ca79f55074cd2c53a68c
9f856c8414143f27e5dd06dab33f37003f605eb4ac572f908c08123d2973bc9e
b61a8fca164ac8c9eeecb5e15c2e157fc5f182ec780722b7320d84bd319f8b97
bbb28f3614962e74d37387ade935faa16bfa8c0348abdaec59488ee988d4153d
bedac6e51ad4146953265c102a054bd68c0d90239b17ea24ed311fa67b6e7748
c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff
c5d41e8f94208fcdae0631e2b5e3e739d19c75c801cf8b55f5657c068b577703
d49686def54bdb462b8eb6e90e1b1ed36a96e1f2ea4bd8926159a0d9d983d345
db16fd847b02502e6ecbff600feb2a925dd093c62eda06de4576315c97a9aa05
e3d3ffdff6f6d5a72a93d99505f5763ef2aec0c6a7c801ad92d673c6ab1ad94a
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f7e7606b4dcbcbc8938a04a0b86cc8998473c6d038dcfcf8d32664561d7a32fe

eth35.com Open in urlscan Pro 188.114.96.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

17 Requests

76 %HTTPS

50 %IPv6

6 Domains

8 Subdomains

7 IPs

2 Countries

7161 kBTransfer

11482 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

eth35.com Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

76 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

7161 kB
Transfer

11482 kB
Size

0
Cookies

17 HTTP transactions
15 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!