ltc-event.fun Open in urlscan Pro
2a00:f940:2:2:1:1:0:219  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response ltc-event.fun/ltc/	36 KB 9 KB	206ms 165ms	Document text/html	2a00:f940:2:2:1:1:0:219 AS-REG
General Check archive.org Show headers Download Go to Full URL http://ltc-event.fun/ltc/ Protocol HTTP/1.1 Server 2a00:f940:2:2:1:1:0:219 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / PHP/5.6.36 Resource Hash 444ed417b6af98dba2b19bb78dcf5a05d1294da8454f4c27c2e31b09a86a16aa Request headers Host ltc-event.fun Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx Date Wed, 03 Jul 2019 20:06:41 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding X-Powered-By PHP/5.6.36 Content-Encoding gzip
GET H/1.1	200 OK	254310735-widget_css_bundle.css ltc-event.fun/ltc/data/	33 KB 8 KB	44ms 41ms	Stylesheet text/css	2a00:f940:2:2:1:1:0:219 AS-REG
General Check archive.org Show headers Download Go to Full URL http://ltc-event.fun/ltc/data/254310735-widget_css_bundle.css Requested by Host: ltc-event.fun URL: http://ltc-event.fun/ltc/ Protocol HTTP/1.1 Security , , Server 2a00:f940:2:2:1:1:0:219 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash 1d7b50b44b0b035afe34a18fb604f9776861b8060a3fa6d1e1e59648ee81f1e7 Request headers Referer http://ltc-event.fun/ltc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 03 Jul 2019 20:06:41 GMT Content-Encoding gzip Last-Modified Tue, 02 Jul 2019 10:04:05 GMT Server nginx ETag W/"5d1b2c15-8534" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	jquery.min.js Show response ltc-event.fun/ltc/data/	82 KB 29 KB	87ms 45ms	Script application/javascript	2a00:f940:2:2:1:1:0:219 AS-REG
General Check archive.org Show headers Download Go to Full URL http://ltc-event.fun/ltc/data/jquery.min.js Requested by Host: ltc-event.fun URL: http://ltc-event.fun/ltc/ Protocol HTTP/1.1 Security , , Server 2a00:f940:2:2:1:1:0:219 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Request headers Referer http://ltc-event.fun/ltc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 03 Jul 2019 20:06:41 GMT Content-Encoding gzip Last-Modified Tue, 02 Jul 2019 10:04:05 GMT Server nginx ETag W/"5d1b2c15-14915" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	0KRDtDNN.png ltc-event.fun/ltc/	588 B 819 B	81ms 40ms	Image image/png	2a00:f940:2:2:1:1:0:219 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL http://ltc-event.fun/ltc/0KRDtDNN.png Requested by Host: ltc-event.fun URL: http://ltc-event.fun/ltc/ Protocol HTTP/1.1 Security , , Server 2a00:f940:2:2:1:1:0:219 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash 13f801a06aca397189db6ad25fdf65c69b773c1882c5b18163d17b408cbcef23 Request headers Referer http://ltc-event.fun/ltc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 03 Jul 2019 20:06:41 GMT Last-Modified Wed, 03 Jul 2019 20:06:41 GMT Server nginx ETag "5d1d0ad1-24c" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 588
GET H/1.1	200 OK	RbBM28Q.gif ltc-event.fun/ltc/data/	11 KB 11 KB	83ms 41ms	Image image/gif	2a00:f940:2:2:1:1:0:219 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL http://ltc-event.fun/ltc/data/RbBM28Q.gif Requested by Host: ltc-event.fun URL: http://ltc-event.fun/ltc/ Protocol HTTP/1.1 Security , , Server 2a00:f940:2:2:1:1:0:219 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash 46dc548279e3ddb06dfca35c208b55c5e25ff107ea20cd52e05bf2921cf641fc Request headers Referer http://ltc-event.fun/ltc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 03 Jul 2019 20:06:41 GMT Last-Modified Tue, 02 Jul 2019 10:04:05 GMT Server nginx ETag "5d1b2c15-2a09" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 10761
GET H/1.1	200 OK	1625765397-widgets.js Show response ltc-event.fun/ltc/data/	142 KB 51 KB	46ms 45ms	Script application/javascript	2a00:f940:2:2:1:1:0:219 AS-REG
General Check archive.org Show headers Download Go to Full URL http://ltc-event.fun/ltc/data/1625765397-widgets.js Requested by Host: ltc-event.fun URL: http://ltc-event.fun/ltc/ Protocol HTTP/1.1 Security , , Server 2a00:f940:2:2:1:1:0:219 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software nginx / Resource Hash 6874c1f32a5a3db8e78bc5af3573302e2a5a4204916fe3ec6868ffa4b556132c Request headers Referer http://ltc-event.fun/ltc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 03 Jul 2019 20:06:41 GMT Content-Encoding gzip Last-Modified Tue, 02 Jul 2019 10:04:05 GMT Server nginx ETag W/"5d1b2c15-238af" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive
GET H2	200	6J0FMiT.jpg i.imgur.com/	443 KB 443 KB	119ms 44ms	Image image/jpeg	151.101.112.193 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/6J0FMiT.jpg Requested by Host: ltc-event.fun URL: http://ltc-event.fun/ltc/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software cat factory 1.0 / Resource Hash 590e5fdf5a146ddf6dc3048929b8bea78afa6d1d4ff1c85b4f2a10f955badf44 Request headers Referer http://ltc-event.fun/ltc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 03 Jul 2019 20:06:42 GMT age 1081398 x-cache HIT, HIT status 200 content-length 453234 x-served-by cache-bwi5127-BWI, cache-hhn4082-HHN last-modified Tue, 13 Nov 2018 23:38:21 GMT server cat factory 1.0 x-timer S1562184402.024992,VS0,VE6 etag "dd59a794e91aaded3d4b9f554c26c91d" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-storage-class STANDARD_IA x-cache-hits 1, 1

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery string| ADDRESS function| wait function| txid_gen function| addr_gen function| starttr function| newtr function| updateTrans object| times function| setProgress boolean| stop_progress function| updateProgress boolean| exec_copy function| copyAddress function| selectText function| addrWidthResizer function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowByEmailView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PlusBadgeView function| _PlusFollowersView function| _PlusOneView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt number| trans

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

i.imgur.com
ltc-event.fun
151.101.112.193
2a00:f940:2:2:1:1:0:219
13f801a06aca397189db6ad25fdf65c69b773c1882c5b18163d17b408cbcef23
1d7b50b44b0b035afe34a18fb604f9776861b8060a3fa6d1e1e59648ee81f1e7
444ed417b6af98dba2b19bb78dcf5a05d1294da8454f4c27c2e31b09a86a16aa
46dc548279e3ddb06dfca35c208b55c5e25ff107ea20cd52e05bf2921cf641fc
590e5fdf5a146ddf6dc3048929b8bea78afa6d1d4ff1c85b4f2a10f955badf44
6874c1f32a5a3db8e78bc5af3573302e2a5a4204916fe3ec6868ffa4b556132c
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4