ptpnbh.top Open in urlscan Pro
2606:4700:3034::6815:4d58  Malicious Activity! Public Scan

Submitted URL: http://ptpnbh.top/
Effective URL: https://ptpnbh.top/
Submission: On April 23 via api from US — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3034::6815:4d58, located in United States and belongs to CLOUDFLARENET, US. The main domain is ptpnbh.top.
TLS certificate: Issued by GTS CA 1P5 on April 3rd 2024. Valid for: 3 months.
This is the only time ptpnbh.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
10 2606:4700:303... 13335 (CLOUDFLAR...)
10 1
Apex Domain
Subdomains
Transfer
10 ptpnbh.top
ptpnbh.top
708 KB
10 1
Domain Requested by
10 ptpnbh.top ptpnbh.top
10 1

This site contains no links.

Subject Issuer Validity Valid
ptpnbh.top
GTS CA 1P5
2024-04-03 -
2024-07-02
3 months crt.sh

This page contains 1 frames:

Primary Page: https://ptpnbh.top/
Frame ID: B1477322026072B3CBB3D500724271D5
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

ETH

Page URL History Show full URLs

  1. http://ptpnbh.top/ HTTP 307
    https://ptpnbh.top/ Page URL

Page Statistics

10
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

708 kB
Transfer

2406 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ptpnbh.top/ HTTP 307
    https://ptpnbh.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ptpnbh.top/
Redirect Chain
  • http://ptpnbh.top/
  • https://ptpnbh.top/
683 B
835 B
Document
General
Full URL
https://ptpnbh.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5a77a6acf59098428a51ce48845a88a57eab599749835b6e86ca1e9f2994bf5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87916b1f0d579004-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Apr 2024 22:51:28 GMT
last-modified
Thu, 21 Dec 2023 02:33:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u7ddDhsZfSPLxbwRL3IxO%2Fz%2BHyYivFL1wz888Qknq3TZ51YS5CzK03Ct6wwrJnz8ul7uVLS0CPWoqh4LiE8htz7vTs5ad6a2cnk8o2q4CX7fXEazPBNXWf5%2BYyCFxIZRGXopp9kMKY0S"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://ptpnbh.top/
Non-Authoritative-Reason
HttpsUpgrades
index.css
ptpnbh.top/static/
94 KB
25 KB
Stylesheet
General
Full URL
https://ptpnbh.top/static/index.css
Requested by
Host: ptpnbh.top
URL: https://ptpnbh.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce38967e172ad16512f190c8840724b35d521e5d54c027ec74c16c0291fdbf94

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ptpnbh.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 22:51:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 21 Dec 2023 02:33:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6583a406-1779c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lfh%2FdbXWZ3Udn%2BgZdU%2Bup9DehHHQPaf%2Fr9zUosG1hyKUtmOn1jg%2FVjGuKvjuyssQZz9l5rqcCYy1Po7hXdF6R5PhkW8kiJPHot%2B0JXQqeIFzptcXSmClC35Z5SchnKkX8yN6renmRwLT"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
87916b1fbdd69004-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Apr 2024 10:51:28 GMT
chunk-vendors.5a30e4b0.js
ptpnbh.top/static/js/
2 MB
569 KB
Script
General
Full URL
https://ptpnbh.top/static/js/chunk-vendors.5a30e4b0.js
Requested by
Host: ptpnbh.top
URL: https://ptpnbh.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ef8c6346700019f8e5cac940dc38a3db29e44e31101f159118969e4cd40e7ac

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ptpnbh.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 22:51:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 21 Dec 2023 02:33:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6583a3fa-943a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PmSM9ywt3rNwHfHSiElmMpy0oP1yfxZEQEh7GGJXsduSw5Itzhz8kBUg4TsUf6BOUDiJVTlIWumq0Row42VDxM763XfIXTVfF5l8tpw9POy9QVxIDtvFHC45UmqxA7vYPDjskwB2FUSf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
87916b1fbdd79004-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Apr 2024 10:51:28 GMT
index.7d08fcb4.js
ptpnbh.top/static/js/
113 KB
45 KB
Script
General
Full URL
https://ptpnbh.top/static/js/index.7d08fcb4.js
Requested by
Host: ptpnbh.top
URL: https://ptpnbh.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4defbdcb90a8e44656678c06a9834157d0f061b6f2b4449406d1d6b73360d679

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ptpnbh.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 22:51:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 21 Dec 2023 02:33:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6583a3fa-b598"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R6gzqqecSeuGkNtGdj8YaDc3fU4TbXkv5GJMFDDyCRNRjIXCNFuP%2B%2BmHevk9eEsuaao90ew99RUFO34hVmJr70MIoTU9mto1qq0uKfOPVrSMuyiuWMs3cMpgU4OvVMqq7Vexz7fEHqJE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
87916b1fbdda9004-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Apr 2024 10:51:28 GMT
pages-index-index~pages-index-preview.d16fbb46.js
ptpnbh.top/static/js/
102 KB
19 KB
Script
General
Full URL
https://ptpnbh.top/static/js/pages-index-index~pages-index-preview.d16fbb46.js
Requested by
Host: ptpnbh.top
URL: https://ptpnbh.top/static/js/index.7d08fcb4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2e77c9a6e093db73e48d09207aca0cc0d120e580e678dce8e0a4fbbf972728a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ptpnbh.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 22:51:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 21 Dec 2023 02:33:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6583a3fa-48ee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p1nTVyQ5DfJk43govpV1YYuwn1oBJEB3LzVWv7cyC4ci6EJ482oTanKWXe4Rpj%2BY2xnjQJsFagJ1OF1xanx0o2Vxvces%2B%2B5p9qwlsRm3izkbXvcbJOZzRj%2BOYPelhJB6g85Y6wVFhgQd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
87916b222f5b9004-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Apr 2024 10:51:29 GMT
pages-index-index.055d2579.js
ptpnbh.top/static/js/
49 KB
11 KB
Script
General
Full URL
https://ptpnbh.top/static/js/pages-index-index.055d2579.js
Requested by
Host: ptpnbh.top
URL: https://ptpnbh.top/static/js/index.7d08fcb4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4028eb1eaa65d2df96827a139b34152fc66ca7dfd76f51fd670fc2fa06b709c3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ptpnbh.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 22:51:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 21 Dec 2023 02:33:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6583a3fa-2955"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3OhxOp86LfmUHm%2FUzLV5JF0GcdJqr0Xv%2B2XXWT0pzjv8xezFmGFmbWfwsR%2F7TU3G7JGQ9DfINsjl0S2FVZqj3XDnhKwpmY88XRfict4FITuTsE8EjAavyArR83iqksCdz7A4Om%2B6Pmb%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
87916b222f5e9004-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Apr 2024 10:51:29 GMT
rate
ptpnbh.top/api/common/
106 B
561 B
XHR
General
Full URL
https://ptpnbh.top/api/common/rate
Requested by
Host: ptpnbh.top
URL: https://ptpnbh.top/static/js/chunk-vendors.5a30e4b0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4909621de9566a851a6b77d3aba8370114c41c1cc943accde966d6b2b255e6d6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
lang
en
Referer
https://ptpnbh.top/
token
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 22:51:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wLhRxXROfRCHGulUoZEkiyZDIr1%2BUbyYEhOnZH1wU8dmZINjwSGs0qHCt4abEC%2B6Q4nTR4XFdz2JeAzKtYO4Eez3ydbUyvpKhBZgEJJ1L13DVvzqYMlEvteime%2BJ%2FVl5sN1botDiUUgAGbfyJ1HPY1M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ptpnbh.top
access-control-allow-credentials
true
cf-ray
87916b223f609004-FRA
alt-svc
h3=":443"; ma=86400
re1.jpeg
ptpnbh.top/static/img/
37 KB
37 KB
Image
General
Full URL
https://ptpnbh.top/static/img/re1.jpeg
Requested by
Host: ptpnbh.top
URL: https://ptpnbh.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e61ba5d4c9fb12d461a8109d17ef9e13b5c66c19fbf92fbdb62c8e0e17e9bff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ptpnbh.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 22:51:29 GMT
cf-cache-status
MISS
last-modified
Thu, 21 Dec 2023 02:33:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6583a3fa-93a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kCoLZY1n3iZLuOklPWiOwUE91Usrdfw0OQA6w8eFvCgwE6rzFHqTWrU%2B70JnIEX9HwnAgwkXw0QpOWmbSYqOj7IO1rcr1uoBT1pAePsKN%2FsPJQ51GcrRcng0HF5aiWcWRA8k3FjgFh7r"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
cf-ray
87916b230fc39004-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 23 May 2024 22:51:29 GMT
favicon.svg
ptpnbh.top/static/img/
556 B
761 B
Other
General
Full URL
https://ptpnbh.top/static/img/favicon.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5941f066b2070419995072dac7323c02d5ae107b23d8085772f232487fecae

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ptpnbh.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 22:51:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 21 Dec 2023 02:33:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6583a3fa-22c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5HPpCd4s35%2Fx2IWhrEPcYValav8rdxLwxFgmSKcBKog3jagcsq3DYJc08wmma0Vu9%2BfvOzJKBbq6GgkM%2FfZR9XTqDwPQiQXpddWkyIMfzjEJbFpLENAJbyqhyFA4VkKbeSYvB7z3ZOiL"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
87916b23c8419004-FRA
alt-svc
h3=":443"; ma=86400
shadow-grey.png
ptpnbh.top/img/
548 B
548 B
Image
General
Full URL
https://ptpnbh.top/img/shadow-grey.png
Requested by
Host: ptpnbh.top
URL: https://ptpnbh.top/static/index.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ptpnbh.top/static/index.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 22:51:31 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vtwnc7x4ECYEuFQlVflh6sV8PGNxktGBj204NVS%2BVNaFRT8oxkn0cNNHY3KIrkekSYv7ewfqSpo7zQoP2abqcyx3mQC%2BeQwktjFR3lnJgy3JByhksoOufZnTqIElLwZeG0dHXDgYt%2Bxt"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
87916b33683e9004-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonp object| __uniConfig object| __uniRoutes function| UniApp object| UniViewJSBridge object| UniServiceJSBridge object| uni object| wx function| getApp function| getCurrentPages function| clearImmediate function| setImmediate object| regeneratorRuntime

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://ptpnbh.top/img/shadow-grey.png
Message:
Failed to load resource: the server responded with a status of 404 ()