2xcrypto.com
Open in
urlscan Pro
200.74.241.103
Malicious Activity!
Public Scan
Submission: On July 30 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R10 on July 18th 2024. Valid for: 3 months.
This is the only time 2xcrypto.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 200.74.241.103 200.74.241.103 | 27956 (Cyber Cas...) (Cyber Cast International) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:827::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:803::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:20:... 2606:4700:20::681a:fd5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
24 | 7 |
ASN27956 (Cyber Cast International, S.A., PA)
PTR: host-200-74-241-103.ccipanama.com
2xcrypto.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
2xcrypto.com
2xcrypto.com |
2 MB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336 |
159 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110 ajax.googleapis.com — Cisco Umbrella Rank: 641 |
31 KB |
1 |
ton.org
ton.org — Cisco Umbrella Rank: 44540 |
15 KB |
1 |
gstatic.com
fonts.gstatic.com |
30 KB |
0 |
cdndelivr.net
Failed
cdndelivr.net Failed |
|
24 | 6 |
Domain | Requested by | |
---|---|---|
17 | 2xcrypto.com |
2xcrypto.com
|
2 | cdnjs.cloudflare.com |
2xcrypto.com
|
1 | ton.org | |
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | ajax.googleapis.com |
2xcrypto.com
|
1 | fonts.googleapis.com |
2xcrypto.com
|
0 | cdndelivr.net Failed |
2xcrypto.com
|
24 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
2xcrypto.com R10 |
2024-07-18 - 2024-10-16 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-07-01 - 2024-09-23 |
3 months | crt.sh |
cdnjs.cloudflare.com E1 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-07-01 - 2024-09-23 |
3 months | crt.sh |
ton.org WE1 |
2024-07-20 - 2024-10-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://2xcrypto.com/
Frame ID: 7ADFBE1D23A29F3B1908C7D112A74695
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
Telegram | GiveawayDetected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
2xcrypto.com/ |
13 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
2xcrypto.com/css/ |
15 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
web3.min.js
cdnjs.cloudflare.com/ajax/libs/web3/4.10.1-dev.89711ab.0/ |
617 KB 131 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.js
2xcrypto.com/files/ |
3 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ton_logo_light_background.png
2xcrypto.com/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bage.png
2xcrypto.com/images/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qr.png
2xcrypto.com/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wallet.png
2xcrypto.com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
transfer.png
2xcrypto.com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
checkmark.png
2xcrypto.com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bonus.png
2xcrypto.com/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
popper.png
2xcrypto.com/images/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qrton.jpg
2xcrypto.com/images/ |
58 KB 58 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
coinmarketcap_logo.png
2xcrypto.com/images/ |
35 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ |
87 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.js
2xcrypto.com/js/ |
4 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
console-ban.min.js
cdndelivr.net/gh/fz6m/console-ban@3.2/dist/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background.png
2xcrypto.com/images/ |
717 KB 717 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background2.png
2xcrypto.com/images/ |
711 KB 711 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ |
29 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
check.svg
2xcrypto.com/ |
603 B 839 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ton_symbol.png
ton.org/download/ |
14 KB 15 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cdndelivr.net
- URL
- https://cdndelivr.net/gh/fz6m/console-ban@3.2/dist/console-ban.min.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| setImmediate function| clearImmediate function| Web3 function| $ function| jQuery function| changeQuantity function| mint function| main function| round function| copy function| kill_ctrl_key_combo function| disable_selection function| double_mouse function| enable_protection0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
2xcrypto.com
ajax.googleapis.com
cdndelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
ton.org
cdndelivr.net
104.17.24.14
200.74.241.103
2606:4700:20::681a:fd5
2a00:1450:4001:803::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82b::200a
108d54ae5261eaa8cd2ec1ca1464fdb60c9b67b9c6be3608c219fc35d138fc58
1230305f46368095881b1057257c4a1acd9e51525c33b4143f425af6855bb962
17d94896092d0325a465bdde7b56ce0da3ca022051cd9dd3ec11a041c1acf73f
2ca325c5dae0c37bce9289835f404b6f8e3b68173d43600e593c8e22e87d9485
474666d4f84344a298c4c16bc39262471507252d5dbcd84534723c4992b6484e
540af75ada3f5e6c55189f4446854eeca7f82b0f764e69a0b59aa76a234531ac
56b28a87a901f1c812dc14a8e72f05fdc157fae971b62ffe4ab93729a67bdbfa
5783c2438fbc9dbed062ecf2d6d371ddca9d77e4652969540ec76d848cfbfb60
5e313b81c60893209230d7c1158fa93834717d330de67b2fb116823ccae64ab1
614092abebda813711415020f352e3129a9fd431a4c8655f91b2e9b8ee86111a
688f7b329457228032586f0a5d83e32ed277e855ba49dee9f5713765a473abcc
6a7c56561000264ec3b20ec3f389f7cbdb63f3b1c2cb695c0957da61f93f15db
76f103ce6d95673c78f731d22ae0c33351e24d3ccaa6f522deb8f199a4fb74fe
7de5ea62067ff095bb447c068dd04ba536e7939675ff3dee11251b303c0f99b4
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
8714b1a210b08bacfd61dc1c2d2a2d85bdf271061ac2827b252ff744fbc3497d
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8d7bf8c76490274161663751d36d4242660c3ecf5ab4c8f81df52ae9ff2e16e9
c1cc5d4c1a3b2166bf340dfd81c490d669b6e1befc97df9f1fc9caa0da5c59a0
c420f9e8db826cd04dff715e91bc2d955dec23b58ad13bba38f421449498f075
d4ae63f16af3074de620bf6ce843abe5c47e396c79a203f9f894b4e625ec0318
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e