urlscan.io logo urlscan.io
SecurityTrails logo

emx2.org Open in urlscan Pro
198.54.116.91  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://emx2.org/btc/
Submission: On April 05 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 19 HTTP transactions. The main IP is 198.54.116.91, located in United States and belongs to NAMECHEAP-NET, US. The main domain is emx2.org.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 5th 2022. Valid for: a year.
This is the only time emx2.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
11 198.54.116.91 22612 (NAMECHEAP...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 95.216.163.127 24940 (HETZNER-AS)
1 2600:9000:215... 16509 (AMAZON-02)
1 18.195.235.189 16509 (AMAZON-02)
19 6
11    198.54.116.91 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server72-4.web-hosting.com
emx2.org
3    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
pro.fontawesome.com
1    95.216.163.127 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.127.163.216.95.clients.your-server.de
api.qrserver.com
1    2600:9000:2157:2000:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.matomo.cloud
1    18.195.235.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-235-189.eu-central-1.compute.amazonaws.com
hoskinson2022live.matomo.cloud
Apex Domain
Subdomains		 Transfer
11 emx2.org
emx2.org
298 KB
3 fontawesome.com
pro.fontawesome.com — Cisco Umbrella Rank: 5631
299 KB
2 matomo.cloud
cdn.matomo.cloud — Cisco Umbrella Rank: 26121
hoskinson2022live.matomo.cloud
38 KB
1 qrserver.com
api.qrserver.com — Cisco Umbrella Rank: 71060
718 B
0 elite-hacks.ru Failed
content.elite-hacks.ru Failed
19 5
Domain Requested by
11 emx2.org emx2.org
3 pro.fontawesome.com emx2.org
pro.fontawesome.com
1 hoskinson2022live.matomo.cloud cdn.matomo.cloud
1 cdn.matomo.cloud emx2.org
1 api.qrserver.com emx2.org
0 content.elite-hacks.ru Failed emx2.org
19 6

This site contains no links.

Subject Issuer Validity Valid
emx2.org
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-04-05		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-01 -
2023-01-01		 a year crt.sh
*.qrserver.com
R3		 2022-02-22 -
2022-05-23		 3 months crt.sh
cdn.matomo.cloud
Amazon		 2021-12-28 -
2023-01-25		 a year crt.sh
*.matomo.cloud
Amazon		 2021-08-20 -
2022-09-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://emx2.org/btc/
Frame ID: 5F7F5B34F5B09B53ADB70279CCE85ABA
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

15 000 BTC Giveaway

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

89 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

635 kB
Transfer

1415 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
emx2.org/btc/ 		24 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://emx2.org/btc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.91 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server72-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
06d8f876c7774881b0b081b8f6c07494762b7aab6158d5a99f5116aee6ddb50a

Request headers

Accept-Language
jp-JP,jp;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
br
content-length
4727
content-type
text/html
date
Tue, 05 Apr 2022 14:45:47 GMT
last-modified
Tue, 05 Apr 2022 12:25:40 GMT
server
LiteSpeed
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
aos.css
emx2.org/btc/aos_2.3.1/dist/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://emx2.org/btc/aos_2.3.1/dist/aos.css
Requested by
Host: emx2.org
URL: https://emx2.org/btc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.91 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server72-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emx2.org/btc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 14:45:48 GMT
content-encoding
br
last-modified
Wed, 15 Sep 2021 17:55:26 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1539
expires
Tue, 12 Apr 2022 14:45:48 GMT
all.css
pro.fontawesome.com/releases/v5.10.0/css/ 		153 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Requested by
Host: emx2.org
URL: https://emx2.org/btc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec

Request headers

Referer
https://emx2.org/
Origin
https://emx2.org
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 14:45:49 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
x-amz-request-id
GJ6MMPBB19QFQ75R
x-amz-id-2
ua32l2LOoXFWDmdg6j7RaBdVpIV0fG7l66EYKjhzJSJKeVOvw6za/EG/ksJvh752UbFJQKcYA8M=
last-modified
Mon, 28 Jun 2021 16:54:32 GMT
server
cloudflare
etag
W/"aa1272633e7e552395d147a499bad186"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6f7311cf793180cb-NRT
app.css
emx2.org/btc/dist/css/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://emx2.org/btc/dist/css/app.css
Requested by
Host: emx2.org
URL: https://emx2.org/btc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.91 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server72-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
1d3030a737b6954c9d67a15345092f3eb8fc773890138fc3c9ca480ad8e0f3c4

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emx2.org/btc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 14:45:48 GMT
content-encoding
br
last-modified
Wed, 15 Sep 2021 17:55:28 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
4709
expires
Tue, 12 Apr 2022 14:45:48 GMT
app.css
emx2.org/btc/css/ 		548 B
350 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://emx2.org/btc/css/app.css
Requested by
Host: emx2.org
URL: https://emx2.org/btc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.91 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server72-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emx2.org/btc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 14:45:48 GMT
content-encoding
br
last-modified
Wed, 15 Sep 2021 17:55:28 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
130
expires
Tue, 12 Apr 2022 14:45:48 GMT
logo.png
emx2.org/btc/images/content/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emx2.org/btc/images/content/logo.png
Requested by
Host: emx2.org
URL: https://emx2.org/btc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.91 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server72-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
5e2a1ae7a4d52bfc497db50c3101d66ff8d488f137b71111dd293a07ee54bb12

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emx2.org/btc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 14:45:49 GMT
last-modified
Thu, 16 Sep 2021 02:29:46 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
17722
expires
Tue, 12 Apr 2022 14:45:49 GMT
person.jpeg
emx2.org/btc/images/content/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emx2.org/btc/images/content/person.jpeg
Requested by
Host: emx2.org
URL: https://emx2.org/btc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.91 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server72-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
81140197416ce65d3967cb59fc41ecf21dbf60d0610b5302eef7f923833d347f

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emx2.org/btc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 14:45:49 GMT
last-modified
Thu, 16 Sep 2021 02:37:42 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
6677
expires
Tue, 12 Apr 2022 14:45:49 GMT
/
api.qrserver.com/v1/create-qr-code/ 		453 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.qrserver.com/v1/create-qr-code/?data=bc1qyelngc5k8dmganxzwpw4yrs3v0qlprqhw3j59c&size=150x150
Requested by
Host: emx2.org
URL: https://emx2.org/btc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.163.127 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.127.163.216.95.clients.your-server.de
Software
nginx /
Resource Hash
1c4f33a9d782f1c6dad6a4f77d56a71b7fa478569ea9acfde29291cf76e98d44

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emx2.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 05 Apr 2022 14:45:50 GMT
server
nginx
access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type, Origin, Authorization, X-Requested-With, Client-Security-Token
access-control-max-age
7200
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
image/png
aos.js
emx2.org/btc/aos_2.3.1/dist/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emx2.org/btc/aos_2.3.1/dist/aos.js
Requested by
Host: emx2.org
URL: https://emx2.org/btc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.91 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server72-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emx2.org/btc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 14:45:48 GMT
content-encoding
br
last-modified
Wed, 15 Sep 2021 17:55:26 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
4194
expires
Tue, 12 Apr 2022 14:45:48 GMT
jquery-1.11.1.min.js
emx2.org/btc/static/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emx2.org/btc/static/jquery-1.11.1.min.js
Requested by
Host: emx2.org
URL: https://emx2.org/btc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.91 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server72-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emx2.org/btc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 14:45:48 GMT
content-encoding
br
last-modified
Wed, 15 Sep 2021 17:55:34 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
32304
expires
Tue, 12 Apr 2022 14:45:48 GMT
toast.min.js
emx2.org/btc/static/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emx2.org/btc/static/toast.min.js
Requested by
Host: emx2.org
URL: https://emx2.org/btc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.91 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server72-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
475461dbaecdabf79083b4374920d5cbf7f9d2334c1e2b991416db0bb3227006

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emx2.org/btc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 14:45:48 GMT
content-encoding
br
last-modified
Wed, 15 Sep 2021 17:55:34 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
799
expires
Tue, 12 Apr 2022 14:45:48 GMT
app.js
emx2.org/btc/js/ 		615 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emx2.org/btc/js/app.js
Requested by
Host: emx2.org
URL: https://emx2.org/btc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.91 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server72-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
bc8dabec7b793325afed3710259171e4db115e29259e540127874f7062d23db2

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emx2.org/btc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 14:45:48 GMT
content-encoding
br
last-modified
Wed, 15 Sep 2021 17:55:28 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
187775
expires
Tue, 12 Apr 2022 14:45:48 GMT
matomo.js
cdn.matomo.cloud/hoskinson2022live.matomo.cloud/ 		127 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.matomo.cloud/hoskinson2022live.matomo.cloud/matomo.js
Requested by
Host: emx2.org
URL: https://emx2.org/btc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2157:2000:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5bf5eaf8af8771eb66af9cb61bc27e85396d7c36900e4a764abf12b2b16c5f51

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://emx2.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Sat, 02 Apr 2022 07:21:25 GMT
content-encoding
gzip
age
285865
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 24 Mar 2022 11:17:39 GMT
server
AmazonS3
etag
W/"3ad47629c9ce88890be564f01d15cffb"
vary
Accept-Encoding
x-amz-version-id
5TptOYKRRyddtEamnUUMGG9y_J2rybEH
via
1.1 8757f53e391a976cbd7bc9a6ff9d4f38.cloudfront.net (CloudFront)
cache-control
max-age=691200
x-amz-cf-pop
NRT12-C3
content-type
application/javascript; charset=utf-8
x-amz-cf-id
EqA2gKD2WkaNPdYNJrXnSkph9sWAhkn6kGsSPC_buOU7mzBh-eciag==
OpenSansRegular.ttf
emx2.org/btc/dist/fonts/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://emx2.org/btc/dist/fonts/OpenSansRegular.ttf
Requested by
Host: emx2.org
URL: https://emx2.org/btc/dist/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.91 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server72-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
999abf196e9c69fff63b7a543659139449e655ec99cdd8086bf5596e82616ff2

Request headers

Referer
https://emx2.org/btc/dist/css/app.css
Origin
https://emx2.org
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 14:45:49 GMT
last-modified
Wed, 15 Sep 2021 17:55:28 GMT
server
LiteSpeed
content-type
font/ttf
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
41732
expires
Tue, 12 Apr 2022 14:45:49 GMT
fa-solid-900.woff2
pro.fontawesome.com/releases/v5.10.0/webfonts/ 		120 KB
120 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.10.0/webfonts/fa-solid-900.woff2
Requested by
Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d27aa8bf9677cf4ef12acd7b37afc20f1f661d7c163b929ae9caf103b01fce37

Request headers

Referer
https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Origin
https://emx2.org
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 14:45:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
x-amz-request-id
E46V2BPSM7XZQV88
content-length
123004
x-amz-id-2
pEV7V0rVZGsPNwAl3Dzs5aS305rxNnVYKi/x2GeT5//QeOajOK28uf9NI1BbNn/U7fhoka9K9io=
last-modified
Mon, 28 Jun 2021 16:56:06 GMT
server
cloudflare
etag
"88fd444847dc842d15e229df26571b03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6f7311d5af2c80cb-NRT
truncated
/ 		501 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e681315667a7e8214de4505ba89694f7dfb051de8161a6ba95191fb5eac7f96

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
fa-regular-400.woff2
pro.fontawesome.com/releases/v5.10.0/webfonts/ 		149 KB
149 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.10.0/webfonts/fa-regular-400.woff2
Requested by
Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2df22a9c52c1db62b42d30787248f0d66b6f0c4fdcf7eb3b8783d990d85b867

Request headers

Referer
https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Origin
https://emx2.org
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 14:45:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
x-amz-request-id
E46YQ7TKRCV595VH
content-length
152164
x-amz-id-2
xpkZiNAufOaCo1TWAUkcwudZsW5OMPWDjeuecgoGQHp5evNLb7thlACjdyxOVSpUXDbqas00LPE=
last-modified
Mon, 28 Jun 2021 16:56:06 GMT
server
cloudflare
etag
"d4e531cbdfed1cd2094595d8779f28a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6f7311d5efb680cb-NRT
matomo.php
hoskinson2022live.matomo.cloud/ 		0
164 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://hoskinson2022live.matomo.cloud/matomo.php?action_name=15%20000%20BTC%20Giveaway&idsite=1&rec=1&r=456812&h=14&m=45&s=49&url=https%3A%2F%2Femx2.org%2Fbtc%2F&_id=97d80d5283d1d19d&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=pavejL&pf_net=276&pf_srv=132&pf_tfr=2
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/hoskinson2022live.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.235.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-235-189.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://emx2.org/
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://emx2.org
date
Tue, 05 Apr 2022 14:45:49 GMT
access-control-allow-credentials
true
server
Apache
vary
X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
analyze.php
content.elite-hacks.ru/ 		0
0
analyze.php
content.elite-hacks.ru/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
content.elite-hacks.ru
URL
https://content.elite-hacks.ru/analyze.php
Domain
content.elite-hacks.ru
URL
https://content.elite-hacks.ru/analyze.php

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| _paq object| AOS function| $ function| jQuery function| Toast object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| xhttp_analyze function| CopyToClipboard object| scrollElem function| randomString function| randomStringHashBTC number| divCounter function| randomInteger function| randomIntegerBTC function| getRandomArbitrary function| getRundomMnogitel function| GenerateAddress function| GenerateHash function| genDiv number| rand

2 Cookies

Domain/Path Name / Value
emx2.org/ Name: _pk_id.1.3a13
Value: 97d80d5283d1d19d.1649169949.
emx2.org/ Name: _pk_ses.1.3a13
Value: 1

4 Console Messages

Source Level URL
Text
javascript error URL: https://emx2.org/btc/
Message:
Access to XMLHttpRequest at 'https://content.elite-hacks.ru/analyze.php' from origin 'https://emx2.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://content.elite-hacks.ru/analyze.php
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://emx2.org/btc/
Message:
Access to XMLHttpRequest at 'https://content.elite-hacks.ru/analyze.php' from origin 'https://emx2.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://content.elite-hacks.ru/analyze.php
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.qrserver.com
cdn.matomo.cloud
content.elite-hacks.ru
emx2.org
hoskinson2022live.matomo.cloud
pro.fontawesome.com
content.elite-hacks.ru
18.195.235.189
198.54.116.91
2600:9000:2157:2000:c:7d55:b3c0:93a1
2606:4700::6812:1734
95.216.163.127
06d8f876c7774881b0b081b8f6c07494762b7aab6158d5a99f5116aee6ddb50a
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1c4f33a9d782f1c6dad6a4f77d56a71b7fa478569ea9acfde29291cf76e98d44
1d3030a737b6954c9d67a15345092f3eb8fc773890138fc3c9ca480ad8e0f3c4
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec
475461dbaecdabf79083b4374920d5cbf7f9d2334c1e2b991416db0bb3227006
5bf5eaf8af8771eb66af9cb61bc27e85396d7c36900e4a764abf12b2b16c5f51
5e2a1ae7a4d52bfc497db50c3101d66ff8d488f137b71111dd293a07ee54bb12
81140197416ce65d3967cb59fc41ecf21dbf60d0610b5302eef7f923833d347f
8e681315667a7e8214de4505ba89694f7dfb051de8161a6ba95191fb5eac7f96
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
999abf196e9c69fff63b7a543659139449e655ec99cdd8086bf5596e82616ff2
bc8dabec7b793325afed3710259171e4db115e29259e540127874f7062d23db2
d27aa8bf9677cf4ef12acd7b37afc20f1f661d7c163b929ae9caf103b01fce37
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e2df22a9c52c1db62b42d30787248f0d66b6f0c4fdcf7eb3b8783d990d85b867
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e