urlscan.io logo urlscan.io
SecurityTrails logo

138.68.10.92 Open in urlscan Pro
138.68.10.92  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cryptobtc.info/
Effective URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Submission: On February 28 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 24 HTTP transactions. The main IP is 138.68.10.92, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is 138.68.10.92.
This is the only time 138.68.10.92 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online) Tech Support Scam (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 104.27.160.179 13335 (CLOUDFLAR...)
17 138.68.10.92 14061 (DIGITALOC...)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
24 7
1    104.27.160.179 (United States)

ASN13335 (CLOUDFLARENET, US)
cryptobtc.info
17    138.68.10.92 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
138.68.10.92
2    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
2    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Domain Requested by
3 maxcdn.bootstrapcdn.com 138.68.10.92
2 code.jquery.com 138.68.10.92
1 fonts.googleapis.com 138.68.10.92
1 ajax.googleapis.com 138.68.10.92
1 cryptobtc.info 1 redirects
0 truncated Failed 138.68.10.92
24 6

This site contains no links.

Subject Issuer Validity Valid
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Frame ID: 00BECC92B45974A8C0E760C3C278E999
Requests: 22 HTTP requests in this frame

Frame: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/beep.mp3
Frame ID: 4EA798CD3F8E6CF67DA7AEB4E8574B17
Requests: 2 HTTP requests in this frame

Frame: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/beep.mp3
Frame ID: 43DC3B200EF18724E8D542A2B5E5989A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://cryptobtc.info/ HTTP 302
    http://138.68.10.92/?number=+1-(888)-490-1634 Page URL
  2. http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634& Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

24
Requests

25 %
HTTPS

71 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

519 kB
Transfer

944 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cryptobtc.info/ HTTP 302
    http://138.68.10.92/?number=+1-(888)-490-1634 Page URL
  2. http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://cryptobtc.info/ HTTP 302
  • http://138.68.10.92/?number=+1-(888)-490-1634

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
138.68.10.92/
Redirect Chain
  • https://cryptobtc.info/
  • http://138.68.10.92/?number=+1-(888)-490-1634
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://138.68.10.92/?number=+1-(888)-490-1634
Protocol
HTTP/1.1
Server
138.68.10.92 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
940a8e15d7cbfd98200c3a3488987b597182b3235bd0f719c02da16928370a45

Request headers

Host
138.68.10.92
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Fri, 28 Feb 2020 21:02:12 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip

Redirect headers

status
302
date
Fri, 28 Feb 2020 21:02:11 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dbd979a6188b24c1cfc171af1f149dc9d1582923731; expires=Sun, 29-Mar-20 21:02:11 GMT; path=/; domain=.cryptobtc.info; HttpOnly; SameSite=Lax
location
http://138.68.10.92/?number=+1-(888)-490-1634
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
56c5568aeb44ce27-LHR
Primary Request /
138.68.10.92/0MAfdfdfdfddfd99900NN1/ 		172 KB
93 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/?number=+1-(888)-490-1634
Protocol
HTTP/1.1
Server
138.68.10.92 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7e38077f0007afddf54385c591de83e8370a2717a8aa6c4eb0ee7bb36c6f6739

Request headers

Host
138.68.10.92
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://138.68.10.92/?number=+1-(888)-490-1634
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://138.68.10.92/?number=+1-(888)-490-1634

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Fri, 28 Feb 2020 21:02:12 GMT
Content-Type
text/html
Last-Modified
Tue, 22 Oct 2019 15:12:40 GMT
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"5daf1c68-2b0f9"
Content-Encoding
gzip
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Origin
http://138.68.10.92
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 21:02:13 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2018 17:26:44 GMT
Server
nginx
ETag
W/"5a637bd4-1538f"
Vary
Accept-Encoding
X-HW
1582923733.dop016.fr8.t,1582923733.cds132.fr8.shn,1582923733.cds132.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30288
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Origin
http://138.68.10.92
Sec-Fetch-Dest
style
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 28 Feb 2020 21:02:12 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
access-control-allow-origin
*
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
19740
bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		23 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e

Request headers

Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Origin
http://138.68.10.92
Sec-Fetch-Dest
style
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 28 Feb 2020 21:02:12 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
access-control-allow-origin
*
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
2776
style.css
138.68.10.92/0MAfdfdfdfddfd99900NN1/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/css/style.css
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
HTTP/1.1
Server
138.68.10.92 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4ac2980bc9e19d2e8d86d2c569157e306603602fc5afb706327f4d1062b63d36

Request headers

Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 21:02:12 GMT
Last-Modified
Tue, 22 Oct 2019 14:48:32 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5daf16c0-1036"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4150
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 25 Feb 2020 02:08:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
327239
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Thu, 25 Jan 2018 15:33:24 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Feb 2021 02:08:13 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/bootstrap.min.js
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4

Request headers

Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 28 Feb 2020 21:02:12 GMT
content-encoding
gzip
last-modified
Fri, 14 Dec 2018 05:14:43 GMT
access-control-allow-origin
*
etag
"1544764483"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
10035
support.svg
138.68.10.92/0MAfdfdfdfddfd99900NN1/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/images/support.svg
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
HTTP/1.1
Server
138.68.10.92 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ea2cefd1f0e8aaac01aa58121d8e5e763b42965325b97f11ba504bf8e1ed8081

Request headers

Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 21:02:12 GMT
Last-Modified
Tue, 22 Oct 2019 14:48:32 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5daf16c0-3eaf"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16047
335158-windows-8-window.png
138.68.10.92/0MAfdfdfdfddfd99900NN1/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/images/335158-windows-8-window.png
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
HTTP/1.1
Server
138.68.10.92 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
03da9d07362b0fbe8afb7ee92933cb5fb09ecf1660d4285a50d3f48b1ea6a996

Request headers

Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 21:02:12 GMT
Last-Modified
Tue, 22 Oct 2019 14:48:33 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5daf16c1-118e"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4494
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Origin
http://138.68.10.92
Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 21:02:12 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2018 17:26:44 GMT
Server
nginx
ETag
W/"5a637bd4-1538f"
Vary
Accept-Encoding
X-HW
1582923732.dop109.fr8.t,1582923732.cds057.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30288
script.js
138.68.10.92/0MAfdfdfdfddfd99900NN1/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/js/script.js
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
HTTP/1.1
Server
138.68.10.92 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
155c1901317ea5dad493e0ee48d7129afeca7d25119b9d10c621cf3adcf55797

Request headers

Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 21:02:13 GMT
Last-Modified
Tue, 22 Oct 2019 14:48:39 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5daf16c7-1f97"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8087
main.js
138.68.10.92/0MAfdfdfdfddfd99900NN1/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/main.js
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
HTTP/1.1
Server
138.68.10.92 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42e823ef46ce0c35862f08683cde0c21b6ecd7cc4f5109c2bc4c7c9eda8df006

Request headers

Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 21:02:13 GMT
Last-Modified
Tue, 22 Oct 2019 14:48:27 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5daf16bb-a95"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2709
css
fonts.googleapis.com/ 		33 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Comfortaa:300|Cormorant+Garamond|Cormorant+Infant|Cormorant+SC|Cormorant+Unicase|EB+Garamond|El+Messiri|Forum|Jura|Lobster|Neucha|Open+Sans+Condensed:300|PT+Sans|PT+Sans+Narrow|Philosopher|Playfair+Display+SC|Poiret+One|Ruslan+Display|Russo+One|Ubuntu&subset=cyrillic
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
194e3cea1157a5cb62a34f76bcde3e02810f47aaa52495ffbf830cf21548c8a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 28 Feb 2020 21:02:13 GMT
server
ESF
date
Fri, 28 Feb 2020 21:02:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 28 Feb 2020 21:02:13 GMT
truncated
/ 		239 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd08b9849632e73574f62ca80572a17f9bbd9bb1010fe8c6380e641460abd96c

Request headers

Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
background.png
138.68.10.92/0MAfdfdfdfddfd99900NN1/images/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/images/background.png
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
HTTP/1.1
Server
138.68.10.92 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8534415eb2e954341a5e1cf6d4dff503817a6a59868dc3762065c8d6b9e1382d

Request headers

Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 28 Feb 2020 21:02:13 GMT
Last-Modified
Tue, 22 Oct 2019 14:48:34 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5daf16c2-ac6c"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44140
err.mp3
138.68.10.92/0MAfdfdfdfddfd99900NN1/ 		196 KB
196 KB 		Media
General
Check archive.org
Download Go to
Full URL
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/err.mp3
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
HTTP/1.1
Server
138.68.10.92 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65

Request headers

Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 28 Feb 2020 21:02:13 GMT
Last-Modified
Tue, 22 Oct 2019 14:48:25 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5daf16b9-31080"
Content-Type
audio/mpeg
Content-Range
bytes 0-200831/200832
Connection
keep-alive
Content-Length
200832
beep.mp3
138.68.10.92/0MAfdfdfdfddfd99900NN1/ 		8 KB
8 KB 		Media
General
Check archive.org
Download Go to
Full URL
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/beep.mp3
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
HTTP/1.1
Server
138.68.10.92 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1

Request headers

Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 28 Feb 2020 21:02:13 GMT
Last-Modified
Tue, 22 Oct 2019 14:48:27 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5daf16bb-20d5"
Content-Type
audio/mpeg
Content-Range
bytes 0-8404/8405
Connection
keep-alive
Content-Length
8405
beep.mp3
138.68.10.92/0MAfdfdfdfddfd99900NN1/ Frame 4EA7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/beep.mp3
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
HTTP/1.1
Server
138.68.10.92 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Host
138.68.10.92
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Fri, 28 Feb 2020 21:02:13 GMT
Content-Type
audio/mpeg
Content-Length
8405
Last-Modified
Tue, 22 Oct 2019 14:48:27 GMT
Connection
keep-alive
ETag
"5daf16bb-20d5"
Accept-Ranges
bytes
truncated
/ 		0
0
Funk.ogg
138.68.10.92/0MAfdfdfdfddfd99900NN1/ 		0
0 		Media
General
Check archive.org
Download Go to
Full URL
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/Funk.ogg
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
HTTP/1.1
Server
138.68.10.92 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 28 Feb 2020 21:02:13 GMT
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Content-Length
580
Content-Type
text/html
err.mp3
138.68.10.92/0MAfdfdfdfddfd99900NN1/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/err.mp3
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
HTTP/1.1
Server
138.68.10.92 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 28 Feb 2020 21:02:13 GMT
Last-Modified
Tue, 22 Oct 2019 14:48:25 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5daf16b9-31080"
Content-Type
audio/mpeg
Content-Range
bytes 0-200831/200832
Connection
keep-alive
Content-Length
200832
beep.mp3
138.68.10.92/0MAfdfdfdfddfd99900NN1/ 		4 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/beep.mp3
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
HTTP/1.1
Server
138.68.10.92 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 28 Feb 2020 21:02:13 GMT
Last-Modified
Tue, 22 Oct 2019 14:48:27 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5daf16bb-20d5"
Content-Type
audio/mpeg
Content-Range
bytes 0-8404/8405
Connection
keep-alive
Content-Length
8405
beep.mp3
138.68.10.92/0MAfdfdfdfddfd99900NN1/ Frame 43DC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/beep.mp3
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
HTTP/1.1
Server
138.68.10.92 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Host
138.68.10.92
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Fri, 28 Feb 2020 21:02:13 GMT
Content-Type
audio/mpeg
Content-Length
8405
Last-Modified
Tue, 22 Oct 2019 14:48:27 GMT
Connection
keep-alive
ETag
"5daf16bb-20d5"
Accept-Ranges
bytes
beep.mp3
138.68.10.92/0MAfdfdfdfddfd99900NN1/ Frame 4EA7 		8 KB
8 KB 		Media
General
Check archive.org
Download Go to
Full URL
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/beep.mp3
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
HTTP/1.1
Server
138.68.10.92 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1

Request headers

Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/beep.mp3
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 28 Feb 2020 21:02:13 GMT
Last-Modified
Tue, 22 Oct 2019 14:48:27 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5daf16bb-20d5"
Content-Type
audio/mpeg
Content-Range
bytes 0-8404/8405
Connection
keep-alive
Content-Length
8405
beep.mp3
138.68.10.92/0MAfdfdfdfddfd99900NN1/ Frame 43DC 		8 KB
8 KB 		Media
General
Check archive.org
Download Go to
Full URL
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/beep.mp3
Requested by
Host: 138.68.10.92
URL: http://138.68.10.92/0MAfdfdfdfddfd99900NN1/?phone=+1-(888)-490-1634&
Protocol
HTTP/1.1
Server
138.68.10.92 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1

Request headers

Referer
http://138.68.10.92/0MAfdfdfdfddfd99900NN1/beep.mp3
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 28 Feb 2020 21:02:13 GMT
Last-Modified
Tue, 22 Oct 2019 14:48:27 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5daf16bb-20d5"
Content-Type
audio/mpeg
Content-Range
bytes 0-8404/8405
Connection
keep-alive
Content-Length
8405

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
truncated
URL
data:truncated

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online) Tech Support Scam (Consumer)

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery boolean| isOpera boolean| isFirefox boolean| isSafari boolean| isChrome boolean| isIE function| getVariableFromURl function| fillForm function| closeCode function| getCode function| modalClose function| getModal function| _toggleFullScreen function| open1 function| isPlaying function| catchControlKeys function| prevent string| phone boolean| state function| confirmExit function| reloadIFrame function| get_browser boolean| InternetEx boolean| isIEedge object| browser undefined| msg_ff object| modal object| btn object| span function| addEvent number| _i function| newLine function| toggleFullScreen number| idleTime function| timerIncrement function| getURLParameter string| stroka boolean| is_chrome undefined| isChromium string| vendorName function| alertCall function| alertTimed function| alertLoop function| ajay function| openMultipleTabs function| poponload undefined| link_redirect undefined| ignoreHashChange object| msgAudioEl number| playMsgInt function| nocontextmenu function| norightclick

0 Cookies

1 Console Messages

Source Level URL
Text
console-api warning URL: https://code.jquery.com/jquery-3.3.1.min.js(Line 2)
Message:
jQuery.Deferred exception: forceDownload is not defined ReferenceError: forceDownload is not defined at HTMLDocument.<anonymous> (http://138.68.10.92/0MAfdfdfdfddfd99900NN1/js/script.js:277:2) at l (https://code.jquery.com/jquery-3.3.1.min.js:2:29375) at c (https://code.jquery.com/jquery-3.3.1.min.js:2:29677) undefined