ethph.top Open in urlscan Pro
2606:4700:3035::6815:5b65 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ethph.top/
Effective URL:
https://ethph.top/
Submission: On April 11 via api (April 11th 2023, 9:09:11 pm UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3035::6815:5b65, located in United States and belongs to CLOUDFLARENET, US. The main domain is ethph.top.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 15th 2023. Valid for: a year.

This is the only time ethph.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::ac43:d79a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:303... 2606:4700:3035::6815:5b65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	1

1 2606:4700:3036::ac43:d79a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ethph.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3035::6815:5b65 (United States)

ASN13335 (CLOUDFLARENET, US)

ethph.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	ethph.top 1 redirects ethph.top	2 MB
16	1

	Domain	Requested by
17	ethph.top	1 redirects ethph.top
16	1

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-15` - `2024-03-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ethph.top/
Frame ID: 0BE289BE533FDB687C983C2C5F30E881
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ETHDT

Page URL History Show full URLs

http://ethph.top/ HTTP 301
https://ethph.top/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1605 kB
Transfer

5832 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ethph.top/ HTTP 301
https://ethph.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ethph.top/ Redirect Chain http://ethph.top/ https://ethph.top/	3 KB 2 KB	350ms 329ms	Document text/html	2606:4700:3035::6815:5b65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ethph.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5b65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9ff2bffda39430adc5a24264fb70a59e903a775b872d043540d3162b24c26343` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7b6635518d7f2c53-FRA content-encoding br content-type text/html date Tue, 11 Apr 2023 21:09:02 GMT last-modified Wed, 21 Dec 2022 03:33:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P96%2BKnt0zO1NLIeOoUBHz2q5er%2F01qFnWrIJeQVWKtYa9OnMn2QIUYQa8B5kIA3J70FgesSVKRxgclKEyu3DWtKyQQ5agVaC6uCUCQR2s66xc3Nbqa8vEbkDl%2Ba8TP%2Bu4MYbQPTt3Mk%3D"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers CF-RAY 7b6635514d782bf8-FRA Cache-Control max-age=3600 Connection keep-alive Date Tue, 11 Apr 2023 21:09:02 GMT Expires Tue, 11 Apr 2023 22:09:02 GMT Location https://ethph.top/ NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Z8CnRSZnL%2BE0bvkRfkpMb9HlRiIAoFz05D9SZPZmRFayojJcyfKffqhrv9w9WA1r0ARN2bULMPy623KQXLXnJZiffEf%2FCL1gVURMaWUEI45O1qMtW%2Fzo3Url2%2BA9HAfM51A0JEphFk%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jquery-2.1.4.min.js Show response ethph.top/js/	82 KB 30 KB	646ms 637ms	Script application/javascript	2606:4700:3035::6815:5b65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ethph.top/js/jquery-2.1.4.min.js Requested by Host: ethph.top URL: https://ethph.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5b65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c` Request headers accept-language de-DE,de;q=0.9 Referer https://ethph.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 11 Apr 2023 21:09:03 GMT content-encoding br cf-cache-status MISS last-modified Wed, 21 Dec 2022 03:33:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63a27e75-14979" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vI%2FsqW7XSUpYGESNDpV2KuXMcxJp%2BsDuP8HcJkk3dY5EJi8%2BnaM%2FJ2VEpnk28HqGQsClz%2BXPmfF4Ubws1SuAqnzl%2BmaCERyJiNBRm91XQ%2BfzbIbfRZrZywbm6XXR1hU6gSV%2By9iheiY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7b663553b8912c53-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	clipboard.min.js Show response ethph.top/js/	10 KB 4 KB	337ms 329ms	Script application/javascript	2606:4700:3035::6815:5b65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ethph.top/js/clipboard.min.js Requested by Host: ethph.top URL: https://ethph.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5b65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `125d1f1220f760e33bb88559cedc90ce66db3e58048f4a09571456ce2521e141` Request headers accept-language de-DE,de;q=0.9 Referer https://ethph.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 11 Apr 2023 21:09:02 GMT content-encoding br cf-cache-status MISS last-modified Wed, 21 Dec 2022 03:33:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63a27e75-2967" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xv32rs84h4vF8Nz%2Fpa3s9mrNV9DiymyzAkp89gjcHIYj0wnAuR5XFg8sr3od9pINxBADHuXl1ij6hr07IvZC%2BbiS5SpaTMbIbMWmCRCZLR4txqHG67FNTryH%2BcLTuzXrqF2c6xcYSzs%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7b663553b8932c53-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	TronWeb.js Show response ethph.top/js/	1 MB 260 KB	1112ms 1104ms	Script application/javascript	2606:4700:3035::6815:5b65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ethph.top/js/TronWeb.js Requested by Host: ethph.top URL: https://ethph.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5b65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1e82bd847e6a4e23d649032af7158a4dc10544b077b7c7d324e1405cf47f4b5a` Request headers accept-language de-DE,de;q=0.9 Referer https://ethph.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 11 Apr 2023 21:09:03 GMT content-encoding br cf-cache-status MISS last-modified Wed, 21 Dec 2022 03:33:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63a27e75-13078a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ps5IsjPPzW%2BNK4sbKdGZBlDF3g%2B4ztgkMx%2B2ZGLZwjb2PFWnxu5nIVYkoc9E7B0MmKZuY%2FG81vECXS83yr2etylBn9Q1ChYuGqmlZsY2FBW0xlV%2FqiVnEDKeY2XlNvKJPViAERKVugU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7b663553b8942c53-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	web3.min.js Show response ethph.top/js/	1 MB 294 KB	1117ms 1110ms	Script application/javascript	2606:4700:3035::6815:5b65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ethph.top/js/web3.min.js Requested by Host: ethph.top URL: https://ethph.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5b65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `57260df9b7b8c98913555b9221c91668e94b69f180335b5cd956be0884f772c3` Request headers accept-language de-DE,de;q=0.9 Referer https://ethph.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 11 Apr 2023 21:09:03 GMT content-encoding br cf-cache-status MISS last-modified Wed, 21 Dec 2022 03:33:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63a27e75-11c1e2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlUDaS5WySYYFGZ7%2BX8wVgSOwMUHZSdtqt7FrWzlTqFICbRML04x8iJVyZXQUkQnHOTWAYAynHx4uI4lwxTpwNMiimho9s96igiNS2LQWGZYjfJD63c%2Bc%2Fk5dO8ydHtuWtDRlZ2wbPc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7b663553b8952c53-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	web3model.min.js Show response ethph.top/js/	420 KB 196 KB	960ms 953ms	Script application/javascript	2606:4700:3035::6815:5b65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ethph.top/js/web3model.min.js Requested by Host: ethph.top URL: https://ethph.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5b65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a4cd4c5feca9f7333052edb99312a899313e1f3f6b8f34ab7f8dcf01fe8d7a74` Request headers accept-language de-DE,de;q=0.9 Referer https://ethph.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 11 Apr 2023 21:09:03 GMT content-encoding br cf-cache-status MISS last-modified Wed, 21 Dec 2022 03:33:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63a27e75-69009" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2BBP9%2BUPAOF3gWBA1WVkr9c0EPi9AOhiLuDliur%2BHOU8mhT6euo%2FmqlgE3bdM32QQuzy2c4z4Dcsrluys1Fbf1Kb6X8ojK%2FjrK4%2FYDHJsEE3qs60xG%2BHzxy1BNhtqSisWXzxeht0oqQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7b663553b8962c53-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	web3provider.js Show response ethph.top/js/	933 KB 241 KB	1113ms 1106ms	Script application/javascript	2606:4700:3035::6815:5b65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ethph.top/js/web3provider.js Requested by Host: ethph.top URL: https://ethph.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5b65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c277e3b2f5f091ff597960a3f7fd5e40a072f25251d0daf1201b4f0b194544e4` Request headers accept-language de-DE,de;q=0.9 Referer https://ethph.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 11 Apr 2023 21:09:03 GMT content-encoding br cf-cache-status MISS last-modified Wed, 21 Dec 2022 03:33:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63a27e75-e924a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BS6E1IyPnryk8BB4jBTjo7i9Nvd6RXKJkOvHcYTFOTYuTAhdOViCTJxAjJtLDUFmM%2BKoC86QD%2Bv%2FPZSKL5Xf6VlSV54abSjFfv5Fe3RV0G50cZ3O8YyWWiwNP3Asa%2Bv2wCoXXj%2B0uQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7b663553b8972c53-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	config.js Show response ethph.top/js/	397 B 517 B	368ms 362ms	Script application/javascript	2606:4700:3035::6815:5b65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ethph.top/js/config.js Requested by Host: ethph.top URL: https://ethph.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5b65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4a7fc19e3112488e69d56e8606d71606c9eafc03a04efa33a4afa00d114cd877` Request headers accept-language de-DE,de;q=0.9 Referer https://ethph.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 11 Apr 2023 21:09:03 GMT content-encoding br cf-cache-status MISS last-modified Wed, 21 Dec 2022 03:33:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63a27e75-18d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FgvDdXxVvj9q93%2BLBl4n45f8LpauPav7X28LKfOJH%2BD%2FGNKX%2B19J5yC24FLHpn8rLO0likEUHl76OyIKUbbR6rAj5un3J8iuT4%2BnagR9EW%2BYhYQwXto9qyX482IJ0DnZWi%2BWC03FiRI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7b663553b8982c53-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	app.ed3f7e9f.css ethph.top/css/	29 KB 7 KB	493ms 487ms	Stylesheet text/css	2606:4700:3035::6815:5b65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ethph.top/css/app.ed3f7e9f.css Requested by Host: ethph.top URL: https://ethph.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5b65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `98ae241b9948ff61bc449dea6b2d658ad5cb9048eed725e1a83111eacc306c04` Request headers accept-language de-DE,de;q=0.9 Referer https://ethph.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 11 Apr 2023 21:09:03 GMT content-encoding br cf-cache-status MISS last-modified Wed, 21 Dec 2022 03:33:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63a27e75-75bc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCvPE66d36lo%2FEQ%2FnVFZBAPnfJpZE105YpIDHDOKKpMar797tAXWPUTNmPKu7LsCi%2FoosBltRmtWKpKYZ7gPfNDWjdAT7JHsW0Ox8OSgZSMZN2P4lEqrTY3AtFzsVFUqzilPLgy1RO4%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b663553b88d2c53-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	chunk-vendors.63e0e228.css ethph.top/css/	379 KB 83 KB	952ms 946ms	Stylesheet text/css	2606:4700:3035::6815:5b65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ethph.top/css/chunk-vendors.63e0e228.css Requested by Host: ethph.top URL: https://ethph.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5b65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a796acf3bdf4162baa9ee4aadd83c35a8bb450dbca9025ff21a4d37ee5dee97b` Request headers accept-language de-DE,de;q=0.9 Referer https://ethph.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 11 Apr 2023 21:09:03 GMT content-encoding br cf-cache-status MISS last-modified Wed, 21 Dec 2022 03:33:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63a27e75-5ec77" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZp%2BgB8C27ows5vY%2BoOUzUoBeiezWdGDlrGAi16SZdGxzGGffp9%2B%2BuMCpDwsNcKHfknY0MrAhdvUMFWS6ilha9Z1XmVxwvHW6HsNtRGm%2FU2%2FX9HMksxKNJzojfMxaWqgKNTaOg3flxs%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b663553b8902c53-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	app.9b449c38.js Show response ethph.top/js/	89 KB 32 KB	645ms 640ms	Script application/javascript	2606:4700:3035::6815:5b65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ethph.top/js/app.9b449c38.js Requested by Host: ethph.top URL: https://ethph.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5b65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `70df2a42ea6b58071eea3c2e525c37d41bc20749e3d8487cac84e6553ad8c942` Request headers accept-language de-DE,de;q=0.9 Referer https://ethph.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 11 Apr 2023 21:09:03 GMT content-encoding br cf-cache-status MISS last-modified Wed, 21 Dec 2022 03:33:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63a27e75-16288" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFN4bjCKEvI6NJ5N0XDFJ0L7hw%2FRrVbxb66aaD9GFHyujfEoJzjBJphik009369ubNvGgcJRUZdXH6sG4CL0Og4he1TJe0kLwR3jHm22WyhkkGt7mSNauhHGUNvlXB5dVXOb4iJpJpM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7b663553b89a2c53-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	chunk-vendors.30a97e71.js Show response ethph.top/js/	1 MB 415 KB	1124ms 1119ms	Script application/javascript	2606:4700:3035::6815:5b65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ethph.top/js/chunk-vendors.30a97e71.js Requested by Host: ethph.top URL: https://ethph.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5b65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fe0ddb4c791ae17e23857d08522c9387f1217a0345ad57a0a7d934ea5aab2a08` Request headers accept-language de-DE,de;q=0.9 Referer https://ethph.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 11 Apr 2023 21:09:03 GMT content-encoding br cf-cache-status MISS last-modified Wed, 21 Dec 2022 03:33:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63a27e75-175a87" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssllV3lmWe%2BsnCbCYbaPMKcVg0d%2BhpwhzQl7VKrmgxudXmdJI5CdfInB6aFkPEYNPIxSkcnx%2FGIvqyzlfopgJuoiyawRYYyT9Q9uDOGEXYgslBTH%2Fqec3cuYn0cNpilq%2BZjRJPxIGhs%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7b663553c8a12c53-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	agentRouter.b30b209e.css ethph.top/css/	0 1 KB	329ms 328ms	Other text/css	2606:4700:3035::6815:5b65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ethph.top/css/agentRouter.b30b209e.css Requested by Host: ethph.top URL: https://ethph.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5b65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://ethph.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 11 Apr 2023 21:09:04 GMT content-encoding br cf-cache-status MISS last-modified Wed, 21 Dec 2022 03:33:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63a27e75-600" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qn8MokHE56oZr6w067xVoya0e%2FAKn0%2BdPTQnFVDAEE2ccwwTsqgt%2FIcRkLsHfE9Jmzh6slJM1vdOm6IoIX51xtTNAUDa4pHuk5VURwPDtENhOOyJ9l91hMISAT2KcHvIBkVqow%2FR630%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b66355cec579296-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	agentRouter.7418b58b.js ethph.top/js/	0 3 KB	326ms 325ms	Other application/javascript	2606:4700:3035::6815:5b65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ethph.top/js/agentRouter.7418b58b.js Requested by Host: ethph.top URL: https://ethph.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5b65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://ethph.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 11 Apr 2023 21:09:04 GMT content-encoding br cf-cache-status MISS last-modified Wed, 21 Dec 2022 03:33:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63a27e75-1973" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0VETJcsaXDyV2b%2BTDctIqbjW0mK7ieWtiOPz8pqT3ozoYwwhvhpZhND1BoJEwPXoTaDQoLsB0l8TlQgFXm8vrZECADGGpqaU%2FA2%2Bs%2FJYKaK0h9Ooc1uliT3HkealH%2F1DDVMF4QS4bw4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7b66355cec5a9296-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	re1.6ae90260.jpeg ethph.top/img/	37 KB 37 KB	485ms 484ms	Image image/jpeg	2606:4700:3035::6815:5b65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ethph.top/img/re1.6ae90260.jpeg Requested by Host: ethph.top URL: https://ethph.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5b65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8e61ba5d4c9fb12d461a8109d17ef9e13b5c66c19fbf92fbdb62c8e0e17e9bff` Request headers accept-language de-DE,de;q=0.9 Referer https://ethph.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 11 Apr 2023 21:09:04 GMT cf-cache-status MISS last-modified Wed, 21 Dec 2022 03:33:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "63a27e75-93a8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtwZTQjCcwnTRQaLIjuqNst8l5UkdkqWewDZNXYqHgU%2BipEU94rkbiaEGOExAh4OgLIsa%2BQo9g8TpV2IBa9bgwytgzM5ZjhpCuVo3boHRDs%2BJr0XMEaVTaiuvGcm%2FNXKeYc4CxJW2%2FU%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 7b66355e5dca9296-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 37800
POST H3	200	siteName Show response ethph.top/api/v1/base/	49 B 508 B	326ms 325ms	XHR application/json	2606:4700:3035::6815:5b65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ethph.top/api/v1/base/siteName Requested by Host: ethph.top URL: https://ethph.top/js/chunk-vendors.30a97e71.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5b65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1c22cd066681471c35865985c669f84c531318aeb8aec8ce1c1cfe76020a252b` Request headers Accept application/json, text/plain, / Referer https://ethph.top/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 11 Apr 2023 21:09:04 GMT content-encoding gzip cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3C%2B3IR8e3iGJfG1b%2BffZi98Sc8UL4JrK43ckamq5avQ6H%2FQ7fKh7wS18TR96Yc80AnUfoV7m9NnDcsJNQMBE5I0%2BZFp%2BH7MU%2F0UjdoPmiTABA4IhdxYD4rMqazeGFKvG6ef0QlzLtJs%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 cf-ray 7b66355e5dd39296-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://ethph.top/ Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ethph.top
2606:4700:3035::6815:5b65
2606:4700:3036::ac43:d79a
125d1f1220f760e33bb88559cedc90ce66db3e58048f4a09571456ce2521e141
1c22cd066681471c35865985c669f84c531318aeb8aec8ce1c1cfe76020a252b
1e82bd847e6a4e23d649032af7158a4dc10544b077b7c7d324e1405cf47f4b5a
4a7fc19e3112488e69d56e8606d71606c9eafc03a04efa33a4afa00d114cd877
57260df9b7b8c98913555b9221c91668e94b69f180335b5cd956be0884f772c3
70df2a42ea6b58071eea3c2e525c37d41bc20749e3d8487cac84e6553ad8c942
8e61ba5d4c9fb12d461a8109d17ef9e13b5c66c19fbf92fbdb62c8e0e17e9bff
98ae241b9948ff61bc449dea6b2d658ad5cb9048eed725e1a83111eacc306c04
9ff2bffda39430adc5a24264fb70a59e903a775b872d043540d3162b24c26343
a4cd4c5feca9f7333052edb99312a899313e1f3f6b8f34ab7f8dcf01fe8d7a74
a796acf3bdf4162baa9ee4aadd83c35a8bb450dbca9025ff21a4d37ee5dee97b
c277e3b2f5f091ff597960a3f7fd5e40a072f25251d0daf1201b4f0b194544e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
fe0ddb4c791ae17e23857d08522c9387f1217a0345ad57a0a7d934ea5aab2a08

ethph.top Open in urlscan Pro 2606:4700:3035::6815:5b65 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1605 kBTransfer

5832 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

ethph.top Open in urlscan Pro
2606:4700:3035::6815:5b65 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1605 kB
Transfer

5832 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!