lietbiitt.top
Open in
urlscan Pro
2606:4700:3032::ac43:825a
Malicious Activity!
Public Scan
URL:
https://lietbiitt.top/Trade/index?type=buy&symbol=ARB/Login/index/Login/index/Login/index/Login/index
Submission: On October 27 via api from US — Scanned from DE
Submission: On October 27 via api from US — Scanned from DE
Summary
This website contacted 5 IPs
in 2 countries
across 4 domains to perform 19 HTTP transactions.
The main IP is 2606:4700:3032::ac43:825a, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is lietbiitt.top.
TLS certificate: Issued by WE1 on September 18th 2024. Valid for: 3 months.
This is the only time lietbiitt.top was scanned on urlscan.io!
TLS certificate: Issued by WE1 on September 18th 2024. Valid for: 3 months.
This is the only time lietbiitt.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 2606:4700:303... 2606:4700:3032::ac43:825a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 3 | 151.101.193.229 151.101.193.229 | 54113 (FASTLY) (FASTLY) | |
| 13 | 172.67.130.90 172.67.130.90 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 151.101.194.137 151.101.194.137 | 54113 (FASTLY) (FASTLY) | |
| 19 | 5 |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 14 |
lietbiitt.top
lietbiitt.top |
131 KB |
| 3 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311 |
139 KB |
| 1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 791 |
29 KB |
| 1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220 |
29 KB |
| 19 | 4 |
| Domain | Requested by | |
|---|---|---|
| 14 | lietbiitt.top |
lietbiitt.top
|
| 3 | cdn.jsdelivr.net |
lietbiitt.top
cdn.jsdelivr.net |
| 1 | code.jquery.com |
lietbiitt.top
|
| 1 | cdnjs.cloudflare.com |
lietbiitt.top
|
| 19 | 4 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| lietbiitt.top WE1 |
2024-09-18 - 2024-12-17 |
3 months | crt.sh |
| jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3 |
2024-07-30 - 2025-08-31 |
a year | crt.sh |
| cdnjs.cloudflare.com WE1 |
2024-09-28 - 2024-12-27 |
3 months | crt.sh |
| *.jquery.com Sectigo ECC Domain Validation Secure Server CA |
2024-06-25 - 2025-06-25 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://lietbiitt.top/Trade/index?type=buy&symbol=ARB/Login/index/Login/index/Login/index/Login/index
Frame ID: E13B582F6063ACD820AE1D9D74BC2205
Requests: 11 HTTP requests in this frame
Frame:
https://lietbiitt.top/Trade/ordinary?market=arb/login/index/login/index/login/index/login/indexusdt
Frame ID: 8553CA4FDE19BD0193EB8DDE5BDDEB79
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
LitebitDetected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H3 |
Primary Request
index
lietbiitt.top/Trade/ |
59 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.0/dist/css/ |
157 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.3.0/font/ |
59 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
base.css
lietbiitt.top/Public/Home/static/css/ |
25 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
66b83ae00c9c0.jpg
lietbiitt.top/Upload/public/ |
9 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hot-2.svg
lietbiitt.top/Public/Home/static/imgs/ |
7 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
empty-dark.png
lietbiitt.top/Public/Home/static/imgs/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.10.2/ |
91 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
layer.js
lietbiitt.top/Public/Home/static/js/layer/ |
19 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ordinary
lietbiitt.top/Trade/ Frame 8553 |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hot-2.svg
lietbiitt.top/Public/Home/static/imgs/ |
7 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap-icons.woff
cdn.jsdelivr.net/npm/bootstrap-icons@1.3.0/font/fonts/ |
104 KB 104 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kline.css
lietbiitt.top/Public/Static/css/ Frame 8553 |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loading.gif
lietbiitt.top/Public/Static/img/ Frame 8553 |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-2.1.4.min.js
code.jquery.com/ Frame 8553 |
82 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kline.min.js
lietbiitt.top/Public/Static/js/ Frame 8553 |
103 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pako.min.js
lietbiitt.top/Public/Static/js/ Frame 8553 |
45 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
klinecharts.min.js
lietbiitt.top/Public/Static/js/ Frame 8553 |
206 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ws-deedfeeds.js
lietbiitt.top/Public/Static/js/ Frame 8553 |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 01 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| lietbiitt.top/ | Name: PHPSESSID Value: qscm3hucd2tathj5hmlhthq1b1 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
lietbiitt.top
104.17.24.14
151.101.193.229
151.101.194.137
172.67.130.90
2606:4700:3032::ac43:825a
011ae1fe8e56c310d82ec3795cb8f86b9dea521dd0bc560a0ae0c2e87baedd4b
01c1dac4350f12ee1499491a4f59008e04f17e414c2e15a16690f3b3fe0b1f55
29ac5d91b196702d7c9142f722f87339b95c13ac927d9e8d8d72d750711915d9
2da11b3dd790a62a68f61535e5c59334c3f8f50af7eae1d31124957327029d4c
32cc4a47b370e278072a6440249872e681efa1d992600420c03a9631da885d70
3fea25260cd41ac2bc3b88847c3619c105b815fb91b16b5779e5dcd07e1665ef
446377cfd8abce9140615cc2df1cfd3c2e8f908f179cbe1c7bc6209ef1bd2f3e
6466ed8936ba729058d7e2ae3bc93a7d8f3fb8ec385d7e3c29f21968cbd5aaef
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
86ca9739ace11965a16bd99879fab454f61beda61f350de179a2a02047a69241
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
988778d9429a189cabe5ac0e22ff0ecb9c025973ddbe9cd516b9e9c83c79ad0f
b2f1be0590110ca32b19dd3162f56763f8d0eb518b61d5175db7edf5be1df95e
cc049e48fb9db0ecb40864effb10b982bf46de0dcf1fd1c1a1b40a72eb64bdc6
cf2ab3e645d02d9a002f806e96cf55a947ec602e03b70a283e3fc61c19d38815
ebc640d6a6fe06416d2394f844336b2714cea8923b05bcc7e7b01da533535b4b
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c