urlscan.io logo urlscan.io
SecurityTrails logo

crypto-x2eth.pw Open in urlscan Pro
2606:4700:3034::ac43:c611  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://crypto-x2eth.pw/
Effective URL: https://crypto-x2eth.pw/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On December 07 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3034::ac43:c611, located in United States and belongs to CLOUDFLARENET, US. The main domain is crypto-x2eth.pw.
TLS certificate: Issued by GTS CA 1P5 on December 7th 2023. Valid for: 3 months.
This is the only time crypto-x2eth.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 9 2a02:6b8:20::215 208722 (GLOBAL_DC)
1 2a02:6b8:a::a 208722 (GLOBAL_DC)
1 195.208.0.149 48287 (RU-CENTER)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6b8::90 208722 (GLOBAL_DC)
15 7
2    2606:4700:3034::ac43:c611 (United States)

ASN13335 (CLOUDFLARENET, US)
crypto-x2eth.pw
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2a02:6b8:20::215 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yastatic.net
1    2a02:6b8:a::a (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yandex.ru
1    195.208.0.149 (Russian Federation)

ASN48287 (RU-CENTER, RU)
PTR: ctv-carp53-http.nic.ru
wstatic.hosting.nic.ru
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:6b8::90 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
Apex Domain
Subdomains		 Transfer
9 yastatic.net
yastatic.net — Cisco Umbrella Rank: 7053
205 KB
2 gstatic.com
fonts.gstatic.com
60 KB
2 yandex.ru
yandex.ru — Cisco Umbrella Rank: 2221
an.yandex.ru — Cisco Umbrella Rank: 5624
94 KB
2 crypto-x2eth.pw
crypto-x2eth.pw
68 KB
1 nic.ru
wstatic.hosting.nic.ru
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
15 6
Domain Requested by
9 yastatic.net 1 redirects yastatic.net
2 fonts.gstatic.com fonts.googleapis.com
2 crypto-x2eth.pw 1 redirects
1 an.yandex.ru yastatic.net
1 wstatic.hosting.nic.ru crypto-x2eth.pw
1 yandex.ru crypto-x2eth.pw
1 fonts.googleapis.com crypto-x2eth.pw
15 7

This site contains links to these domains. Also see Links.

Domain
www.nic.ru
Subject Issuer Validity Valid
crypto-x2eth.pw
GTS CA 1P5		 2023-12-07 -
2024-03-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.hosting.nic.ru
GlobalSign GCC R3 DV TLS CA 2020		 2023-07-17 -
2024-08-17		 a year crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2023-06-02 -
2024-01-02		 7 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-09-24 -
2024-03-24		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://crypto-x2eth.pw/
Frame ID: 5B6CE94CE063E53EE84E97A72C2EBFD4
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Не добавлен на хостинг

Page URL History Show full URLs

  1. http://crypto-x2eth.pw/ HTTP 301
    https://crypto-x2eth.pw/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/

Page Statistics

15
Requests

93 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

434 kB
Transfer

1349 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://crypto-x2eth.pw/ HTTP 301
    https://crypto-x2eth.pw/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://yastatic.net/pcode/adfox/loader.js HTTP 302
  • https://yandex.ru/ads/system/context.js

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
crypto-x2eth.pw/
Redirect Chain
  • http://crypto-x2eth.pw/
  • https://crypto-x2eth.pw/
67 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crypto-x2eth.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:c611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ba0df6fcda86029371ccf65eb0504b532ea3858b26bdf7dedbbefb5b896db18

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83197cbecc25926b-FRA
content-type
text/html
date
Thu, 07 Dec 2023 02:55:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbAKDLZQ2R4fIzVxco%2Bv1Kl573X6MyzDxKpAxK1847qLf4%2BVDkDU4U3fJSV7JFUfj1sdO%2FkLJx1dPIMIJ3Lm20xxVs3L1lsfU5AvzVguGzfdrjAmqLhR75hFVBze4rLhussMkrsC2E8Fmelzt2E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
83197cbddab9905e-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 07 Dec 2023 02:55:00 GMT
Expires
Thu, 07 Dec 2023 03:55:00 GMT
Location
https://crypto-x2eth.pw/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYJMWG8p5G5uiyT0alhzv4DOSN4vDmTWsEC6l201CWRdW8YRTCf7biZ2U1iXYWgtt9E2rKAkQZ86cp%2F%2FJTfjzsrnZpp97S9w11uZa9It0gmC413T6KBJ1Xr3CAYOUuzjt68rSm%2B5hkeMhrScgbk%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
Requested by
Host: crypto-x2eth.pw
URL: https://crypto-x2eth.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
77b8fa83345c5cecb4473970f4c355b262147fdad6f62eef12898f65697040bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crypto-x2eth.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Dec 2023 02:55:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 02:07:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Dec 2023 02:55:01 GMT
context.js
yandex.ru/ads/system/
Redirect Chain
  • https://yastatic.net/pcode/adfox/loader.js
  • https://yandex.ru/ads/system/context.js
330 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: crypto-x2eth.pw
URL: https://crypto-x2eth.pw/
Protocol
H2
Server
2a02:6b8:a::a , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
1f653c2c42f4d1bf9e0dbc653a504096b51245c4adaad7c928f7651f25517b92
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crypto-x2eth.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1701917701509667-13378942047560444865-balancer-l7leveler-kubr-yp-sas-12-BAL-4036
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 07 Dec 2023 03:55:01 GMT

Redirect headers

strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
location
https://yandex.ru/ads/system/context.js
access-control-allow-origin
*
timing-allow-origin
*
content-length
0
logo.svg
wstatic.hosting.nic.ru/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wstatic.hosting.nic.ru/logo.svg
Requested by
Host: crypto-x2eth.pw
URL: https://crypto-x2eth.pw/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.208.0.149 , Russian Federation, ASN48287 (RU-CENTER, RU),
Reverse DNS
ctv-carp53-http.nic.ru
Software
openresty /
Resource Hash
72fe6cb5fde0707fd7a79f362fa9444b2f09faedecdfbb4902dceec7389e6aee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crypto-x2eth.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 02:55:01 GMT
last-modified
Mon, 19 Dec 2022 10:22:28 GMT
server
openresty
accept-ranges
bytes
etag
"63a03b64-19ed"
content-length
6637
content-type
image/svg+xml
c5149806ecb462ab363f.js
yastatic.net/partner-code-bundles/922674/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/922674/c5149806ecb462ab363f.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
7c6bd612f08d6612f19e47d22f2dfd2b56537e2e62319f98ffec5118b05d51b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://crypto-x2eth.pw/
Origin
https://crypto-x2eth.pw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 02:28:44 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4776
last-modified
Tue, 05 Dec 2023 10:33:30 GMT
etag
"4b46d3c02c14e8e754d1070aeef37f91"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 06 Dec 2053 09:31:01 GMT
fa3dc3da32fc8305b2e1.js
yastatic.net/partner-code-bundles/922674/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/922674/fa3dc3da32fc8305b2e1.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
34226406ab5d3fcb6dd956f24a4e7a1590089b5d664a28f7a53e61e688aaa6f8
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://crypto-x2eth.pw/
Origin
https://crypto-x2eth.pw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 02:18:45 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
7943
last-modified
Tue, 05 Dec 2023 10:33:30 GMT
etag
"82d029825f20d988763bd95bf539758b"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 06 Dec 2053 09:31:01 GMT
4f2c2a645967b7ae25ca.js
yastatic.net/partner-code-bundles/922674/ 		118 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/922674/4f2c2a645967b7ae25ca.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
4c1319275f3e1a9af54d39c6a56668c6b07048d5500f5475be6939bb8e998ccb
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://crypto-x2eth.pw/
Origin
https://crypto-x2eth.pw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 02:08:44 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
24574
last-modified
Tue, 05 Dec 2023 10:33:29 GMT
etag
"89859d93de8d263bee7c20bf0ef7a66b"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 06 Dec 2053 09:31:01 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://crypto-x2eth.pw/
Origin
https://crypto-x2eth.pw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 02:18:45 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
etag
"f80882bf67cf261aa08d636da095149a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 06 Dec 2053 09:31:01 GMT
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://crypto-x2eth.pw/
Origin
https://crypto-x2eth.pw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 02:08:44 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26004
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
etag
"7f0cdaf91230f9789ca4162aedff612e"
vary
Accept-Encoding
x-nginx-request-id
68c3f468510fe0d8
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin
*
content-type
font/woff2
cache-control
public, max-age=31556952
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 08:44:13 GMT
424d86a1f09fb51a9d36.js
yastatic.net/partner-code-bundles/922674/ 		59 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/922674/424d86a1f09fb51a9d36.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
54277f75300507ea70fe84aeda6d065e151182e184ebc39fba31f03d44e5126d
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://crypto-x2eth.pw/
Origin
https://crypto-x2eth.pw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 02:18:45 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
14838
last-modified
Tue, 05 Dec 2023 10:33:29 GMT
etag
"a021d4f7e573eabb0a0bb4e1eb50587d"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 06 Dec 2053 09:31:01 GMT
0a81c504a20d08425247.js
yastatic.net/partner-code-bundles/922674/ 		599 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/922674/0a81c504a20d08425247.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
c80dc9cac3025d2e2cb089e218c1d7d21d3df4f22cafb1ffc6aa07aeb68cad9a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://crypto-x2eth.pw/
Origin
https://crypto-x2eth.pw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 02:18:44 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
117430
last-modified
Tue, 05 Dec 2023 10:33:29 GMT
etag
"d40fbcf653bf106c1a9fdcb0b66307ba"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 06 Dec 2053 09:31:01 GMT
o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v35/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v35/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ce617e28c528cae254492f317057575634a707c324c4bcaa253f6a576cd8926
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://crypto-x2eth.pw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 01:59:13 GMT
x-content-type-options
nosniff
age
176148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39552
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 20:09:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 01:59:13 GMT
o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5ardu2ui.woff2
fonts.gstatic.com/s/notosans/v35/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v35/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5ardu2ui.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3eaaacd78ca10c4fa18e7d7311769484e322a4d1061b2faf05651e799d3d477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://crypto-x2eth.pw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:22:22 GMT
x-content-type-options
nosniff
age
189159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21196
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 20:08:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 22:22:22 GMT
v2
an.yandex.ru/adfox/260122/getBulk/ 		210 B
784 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/260122/getBulk/v2?pr=2052213456&pr1=290881558&dl=https%3A%2F%2Fcrypto-x2eth.pw%2F&prr=&extid_loader=&extid_tag_loader=crypto-x2eth.pw&date=2023-12-07T03%3A55%3A01.806%2B01%3A00&pd=7&pw=4&pv=3&pdw=1600&pdh=1200&ylv=0.922674&ybv=0.922674&ytt=27487790694405&is-turbo=0&skip-token=&ad-session-id=8657181701917701809&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.6%2C%22isInIframe%22%3Afalse%2C%22w%22%3A784%2C%22h%22%3A0%2C%22width%22%3A784%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A408%2C%22top%22%3A1160%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&pcode-version=922674&enable-flat-highlight=1&pp=i&ps=dyeo&p2=fufs&puid1=&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=867523%2C0%2C20%3B913081%2C0%2C77%3B909919%2C0%2C60%3B921639%2C0%2C98%3B913109%2C0%2C63%3B901183%2C0%2C57%3B909815%2C0%2C77%3B920494%2C0%2C63%3B910947%2C0%2C96%3B882586%2C0%2C26%3B892904%2C0%2C85%3B906702%2C0%2C91%3B910219%2C0%2C70%3B910553%2C0%2C57%3B914206%2C0%2C91%3B917129%2C0%2C73%3B922674%2C0%2C1%3B681841%2C0%2C71&pcode-flags-map=eJy1WdlS3EgW%2FZd6Bo%2F2xW9ZUqoqB22TSgFlh0NRBuxmAvAExt09dvjf5%2BSioiRwVmP3%2BAFLQvco8y7nnpt8W5ySbujWzdlA8qEkS1oORcMHVg9LUteUL16%2F%2Fbb4fXvz5WrxeiF4TxdHi4erzw%2FsEvdR5PtBvPj%2B7ugRpuVN3meiG5p6aEnfUStC7KaBrxFy1pFlSYes6WsxcJozTjOBlZC2tWN4ThB4u1Xgk0PVl4LxpiyBVgt5QflwRkS2pvkgWEWHpig6Kuy4vufEj7vjVPCN3FVNxVnDTwbKeWP3TxxGQZzuEPD17ARO3jS9GLqywQ%2F2hg5LbDgnnNHODhYnbuAqMLkDidFyqjb5uN1TltNmML%2BfwLkO%2Fk3wUj%2BNnQN4y74o4DpatWIzlKxic9AXI562hOV%2F%2FwqLHtc%2Fi1rLXP2bV%2FoDzF%2BKz%2FOY%2Fz8P%2FGz0ZbKvOFkOJa1XYj0xQrEm%2B2aJkzhxsDOjtSIBwQlK5ZR1PSk1r0hWoueC8hpP8s5OCYnrRc5PgKoHHSnoUHBS2alLfUPTA%2BeSZzq8AcLCB4Uk05ZICGB3CpX0OWuGjFMi2OmBUk8Cx3PD3fLHIIkGJNQJwoWkoYJxfChb9%2FXJUBBWThDDacSTwIu9R0AihIxp9xJE3waIvYJ1s5JRUHdJV%2FAmq4tmOFszxej1KcUndPJL%2FxzYfegkyR7v1jmSkCylC0gukViHBz0v5aLP6LI55M3YCR5ZeEWxx74TTTWcVqTdefeUlP004tGsbpIo9KPHRkMzQGSC6KSpSFnalxEnQRA8tVaWwxkT60EgF1%2BCMcau6gX6GpzxtCWFE%2FPUc51ImXfw6mBabi7TVWxaKtt%2B25xRTouCZQhmtpmAXf35nyncpHRJno%2BV1pIVWmwrGKpCF4JMNeXuktUn9j2maWr63NjOa6rkyVg8MvS2daWuA02gENqsyekvYnTgBVBH3ZVEuhlxa0mNnQHOjpBEyTPZ0p2wdlhiGSdtw2p7vFOwpZdOMeDWgVVwcCfhDpnHgfdjc8IbuMaetjMMJJwMMKqwgwsmltiwlyZTWzeMvZ0TFTPKWGwISvp8ILXVf54buc5EGhpJmHXcZhimLspEGapWpoXs0NesYIgffE55QTJqx0g8o%2F1k4qAgUGvroWxWLLPZRW7iR%2FrbYD0QajUsNyOFSZ5Ak10ya95EqFHPnewbPuOIWC2MhJStvkMm03roZp3wyXpS1xBGJmmmqUc6LeCFgak2h22RnNoXFSdppBNRBrCAWq3zcqPbpKSNuUi32y9PlPTVnVG3BWAgPZeNHSUNTMuVKCVFQQOhstpESRBpd%2B65bcUh7XLanYjGvu4kClx%2F33%2BKYtHYALKHV0PMq4CvekwuEE5ygskoiMbq1th1gjgcNYTONNHz2oQHDRXRFmuU6WptrdLYdcceV5I3GxXRQZHfvtm3xYerh4vfqu39x%2Bu7xWs3dI4Wt5%2FeX99cdRfbm%2Bu7j4vX3vcJaogy0PVbyUbzr572FIoJBFZKLVWyaS9%2Fu7jdXt%2B8uv%2BCtf13e3d59Seu%2F3F9u%2F149Xny6OP2Vj25%2FHp1p1%2Ff%2Fn798Elf3r7au7m8uzZPJfIOAQ%2Fut19vPn39zfz6673%2B%2F8v99tXd1R%2Bfn7zw7%2B2n22tl%2Bu75Lda6MVSUr%2BTPnJFBkFVnjZ%2FveSa5VFlQxB7MnqnGZzcMfccwI%2FRITgsCqtJ9s%2B6rJbUyXBy6vpHaasRWQ7LsuJjaaaYrEjKXgTsOwMROuKNnkleS4FaKclhekGfC6%2FvehfveD44v0w%2Fvj4PYi4%2BT0N8eX%2FiQ%2F%2B9T1%2FuwvZr6NwnD1EwFkzrfrx7R9Nla11DZdGofWthw%2Bk8Q%2FoEaQokGyVhDRoDs2o3RnlaANBob9QYmyIJMR3JZNshxEAVkrKDPeIMfs2MvwK6d4NgF5P69N7v3Z%2FeBuifHXoj5LPZgv%2B%2B2xEkjVyu1gqFT5qRVyakPDPqVVZa5YRAGe1UrFa9q%2BcotOs2tAKEbpBqg6JASDeYidm638H1Dk6aKUANyypLsTNRwIQ9iIG9RWHVvhwrSUXjpWKjupI6kDjS7JPLCRK9iTXiupJ9eQIcKEyRbW61RzFG0a%2Fkr6CSkJ2utuSONjKuUrpC7b%2BQw%2BeK1Q0pH%2FjNAbb9EFwAzCPvqH%2B0fD9IqWdR6PJl%2B%2FW2aSuKLvaMUkQscPzqK%2FBS9yA8nWZiApNIJqBnuMjku%2FhKur722V69yIoEkza2NLknC2BQGp1UjMw20tbSSbYLEMLKh6MauPw4%2FA2p7qIicfFAh9nHHdZL0AJWp8TSTpwmNIjQ5FHG2WuMK2ytpIfT5AkGbOPCxyKjAmvZc%2BlyJ9kM2Jv8fCx1SR1GsrD3Szc8855rbccLQ2Q%2FMOLs3LUC4WEKtkUHy7PmBwL%2BbwHpRqjcjIdQJr1TknUrSSrGDejRZ2%2FbmZro2H0pOSzGlguUeOYUkAc1DZMtbu7JOndg1Ikm9rChRynNZa%2BbAeiVb38TLb%2F0Idk463RDmg2e72mzGsg84TuxHY1pyeobcp3oQt5t5jpOMQzyhp5OXzXm3O51EfSdxn45hteRGeWYoEGiZnigNxXjzye7i7mHqxzR1tR9J3uUnp7PAycnNT%2BeznG88f8YEmr0ZQfcGNPss7SMCB0pPbml3lqXkDyuZ2AzNEuPTrONdPMxyy3VN5Wj8phedQIlWCtWMfwfWiJwYD%2B1mGDv73WGT1vf6PcnTJRWTBaoz25eCV%2BR8LIhOV9Q%2BpPc83B5TSKWheAKkW2dE2F0GEWM63ywkKg6SzJdQwo19xkdUzR%2BQDN%2Fkb%2BQ0pdejcdWIOLKqetTZ1pUkEAHRYch1w9kbFMtLQce2ccZyscY%2BhWD1ym6ceqk5jP7B7FtAY%2FH5cdKTFI1iMzFIlHEZY0JJsLzJ%2BkqeEiAzEL3VLvUP1JbjmWoex5Bp9pPS6BHlv11Z7T5Cz7Oyh9SqODnAvy66i%2F8j%2FrVbBt7u4FIY%2F6HKzWFGLZWekk0dyIxJ%2BTVTW3NnurFrhE1GpR1iaAd4sqAdgJEhsnjkrkxsUUAvtG94Rnf5pGD%2BIoD6w486Khil1F80VOcDT8nbi%2BJg1nAidcz7%2FX%2FtJsqa&use-server-side-rendering=1&pcode-icookie=MAVYpIya8o0f6z%2F%2B3hkOKqbzP8P4LusRZASuqC%2BuHNqHAT9QlaLjhef2EHwBMW44RoMFBeyeiz9VtzDol87HbxwDxwg%3D&top-ancestor=https%3A%2F%2Fcrypto-x2eth.pw&top-ancestor-undetermined=0&grab-orig-len=416&grab=eyJncmFiX3ZlcnNpb24iOjJ9CnJttJE9z-u6SJ2a8fHz1ChsEV_Ez3bebr3t-nQwU39ViS_qq1VVEd_rb63vUx6FuIKfXsn6W_EMjRDGMYy7mwV2626pXuvZyXZphzxlnnrC6dcOdtIpJ84Tr80Ed0JiJebVhaP1EfV9RIXY9NjxWvTW6_TtyucjhbYpNMP11tb5RrVaF5lWbvNQm6fO_cHskX7yVeSJgBgEgaQPnLuPaBjYm-fwsC-uXg2j6KGS56-0WFnBs4sIz3alWwMQaM6NSZXrXDi7ngdfHWhiTl9nG9mUcyQluzKDi3-jujAS66TEOC0xAIevyba6ZfTRXtshEvw6YK-uXkvMBD2XstrJQLIqjrH1iE90CLtUiGnMqCOowiIHJhlqp7haFiaEEdFj4IBekA%3D%3D&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
18674711e6f1b0a2e84ca9b115d4b97166444941ab3951089e943eafe3aec3fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://crypto-x2eth.pw/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 02:55:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 07 Dec 2023 02:55:02 GMT
x-yandex-req-id
1701917702021238-1318607095861948722900269-production-app-host-sas-pcode-562
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://crypto-x2eth.pw
content-type
application/json
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 07 Dec 2023 02:55:02 GMT
ad340feef65e981fb83e.js
yastatic.net/partner-code-bundles/922674/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/922674/ad340feef65e981fb83e.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
fc18ce08653f09e3e10e5da80daa53319613755944db2aed12435d682e14b655
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://crypto-x2eth.pw/
Origin
https://crypto-x2eth.pw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 02:18:45 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
3557
last-modified
Tue, 05 Dec 2023 10:33:29 GMT
etag
"1d83c18f1f9558fe4686902ef0eaef53"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 06 Dec 2053 09:31:02 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| cnc object| pcode_922674_default_f4TIUHdbdQ object| Ya object| __activeTestIds object| __vasActiveTestIds object| __pcodeAllActiveTestIds number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya object| yaads object| punycode boolean| yandex_context_perf_logging object| $sf object| yaSafeFrameAsyncCallbacks

1 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: yandexuid
Value: 5012516551701917702

1 Console Messages

Source Level URL
Text
network error URL: https://crypto-x2eth.pw/
Message:
Failed to load resource: the server responded with a status of 503 ()