layer2-evm.pages.dev
Open in
urlscan Pro
172.66.46.220
Malicious Activity!
Public Scan
Effective URL: https://layer2-evm.pages.dev/
Submission: On July 12 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on May 27th 2024. Valid for: 3 months.
This is the only time layer2-evm.pages.dev was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 39 | 172.66.46.220 172.66.46.220 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
40 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
39 |
pages.dev
1 redirects
layer2-evm.pages.dev |
2 MB |
1 |
coinlib.io
widget.coinlib.io — Cisco Umbrella Rank: 787268 |
|
40 | 2 |
Domain | Requested by | |
---|---|---|
39 | layer2-evm.pages.dev |
1 redirects
layer2-evm.pages.dev
|
1 | widget.coinlib.io |
layer2-evm.pages.dev
|
40 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
coinlib.io |
Subject Issuer | Validity | Valid | |
---|---|---|---|
layer2-evm.pages.dev GTS CA 1P5 |
2024-05-27 - 2024-08-25 |
3 months | crt.sh |
coinlib.io WE1 |
2024-06-14 - 2024-09-12 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://layer2-evm.pages.dev/
Frame ID: 21241461A25DA2D3F21B28F3337D9ACC
Requests: 39 HTTP requests in this frame
Frame:
https://widget.coinlib.io/widget?type=horizontal_v2&theme=dark&pref_coin_id=1505&invert_hover=no
Frame ID: CBF8F476CF9E46A3877F90CFAE77E7C0
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Blockchain Rectification - We are help to help you resolve your crypto related issuesPage URL History Show full URLs
-
http://layer2-evm.pages.dev/
HTTP 307
https://layer2-evm.pages.dev/ Page URL
-
https://layer2-evm.pages.dev/cdn-cgi/phish-bypass?atok=GN9cW1OdiDh.Asj4zMbDXBf1nmv5xKX74zX_8qtoZZY-172076...
HTTP 301
https://layer2-evm.pages.dev/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
React (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+data-react
OWL Carousel (Widgets) Expand
Detected patterns
- <link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
- owl\.carousel.*\.js
Select2 (JavaScript Libraries) Expand
Detected patterns
- select2(?:\.min|\.full)?\.js
decimal.js (JavaScript libraries) Expand
Detected patterns
- decimal(?:\.min)?\.js(?:\?ver(?:sion)?=([\d.]*\d+))?
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Cryptocurrency Prices
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://layer2-evm.pages.dev/
HTTP 307
https://layer2-evm.pages.dev/ Page URL
-
https://layer2-evm.pages.dev/cdn-cgi/phish-bypass?atok=GN9cW1OdiDh.Asj4zMbDXBf1nmv5xKX74zX_8qtoZZY-1720767506-0.0.1.1-%2F
HTTP 301
https://layer2-evm.pages.dev/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://layer2-evm.pages.dev/ HTTP 307
- https://layer2-evm.pages.dev/
40 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
/
layer2-evm.pages.dev/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cf.errors.css
layer2-evm.pages.dev/cdn-cgi/styles/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-exclamation.png
layer2-evm.pages.dev/cdn-cgi/images/ |
452 B 635 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
layer2-evm.pages.dev/ |
29 KB 4 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
/
layer2-evm.pages.dev/ Redirect Chain
|
29 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.css
layer2-evm.pages.dev/assets/libs/bootstrap/dist/css/ |
159 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
owl.carousel.css
layer2-evm.pages.dev/assets/libs/owl.carousel/dist/assets/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
owl.theme.default.css
layer2-evm.pages.dev/assets/libs/owl.carousel/dist/assets/ |
1 KB 1018 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
remixicon.css
layer2-evm.pages.dev/assets/libs/remixicon/fonts/ |
108 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fonts.css
layer2-evm.pages.dev/assets/fonts/ |
2 KB 772 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app.css
layer2-evm.pages.dev/assets/css/ |
375 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
stmicons.css
layer2-evm.pages.dev/assets/stm_fonts/stmicons/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
select2.min.css
layer2-evm.pages.dev/npm/select2_4.1.0-rc.0/dist/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
toastr.min.css
layer2-evm.pages.dev/ajax/libs/toastr_js/latest/css/ |
8 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hero-img-home-2.png
layer2-evm.pages.dev/assets/img/ |
319 KB 320 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
layer2-evm.pages.dev/assets/libs/jquery/dist/ |
87 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.countdown.min.js
layer2-evm.pages.dev/assets/libs/jquery.countdown/ |
5 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
owl.carousel.min.js
layer2-evm.pages.dev/assets/libs/owl.carousel/dist/ |
43 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.bundle.min.js
layer2-evm.pages.dev/assets/libs/bootstrap/dist/js/ |
77 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
select2.min.js
layer2-evm.pages.dev/npm/select2_4.1.0-rc.0/dist/js/ |
29 KB 4 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app.js
layer2-evm.pages.dev/assets/js/ |
19 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
decimal.js
layer2-evm.pages.dev/assets/js/ |
142 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
web3.min.js
layer2-evm.pages.dev/assets/js/ |
3 MB 418 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
web3modal.js
layer2-evm.pages.dev/assets/js/ |
595 KB 197 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index.min.js
layer2-evm.pages.dev/assets/js/evm-chains/ |
41 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index.min.js
layer2-evm.pages.dev/assets/js/_walletconnect/web3-provider/ |
1 MB 243 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index.min.js
layer2-evm.pages.dev/assets/js/_portis/web3/ |
942 KB 163 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
webModule.js
layer2-evm.pages.dev/assets/js/ |
49 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
toastr.min.js
layer2-evm.pages.dev/ajax/libs/toastr_js/latest/ |
12 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
widget
widget.coinlib.io/ Frame CBF8 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Poppins-Medium.woff
layer2-evm.pages.dev/assets/fonts/ |
49 KB 50 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Montserrat-Bold.woff
layer2-evm.pages.dev/assets/fonts/ |
77 KB 77 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
stm.ttf
layer2-evm.pages.dev/assets/stm_fonts/stmicons/ |
29 KB 4 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Poppins-Regular.ttf
layer2-evm.pages.dev/assets/fonts/ |
29 KB 4 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Poppins-Regular.woff
layer2-evm.pages.dev/assets/fonts/ |
29 KB 4 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
stm.woff
layer2-evm.pages.dev/assets/stm_fonts/stmicons/ |
29 KB 4 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
arrow-drop-down.svg
layer2-evm.pages.dev/assets/img/ |
226 B 663 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
init
layer2-evm.pages.dev/api/ |
29 KB 4 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.png
layer2-evm.pages.dev/assets/img/ |
29 KB 4 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
image.html
layer2-evm.pages.dev/img/ |
29 KB 4 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- layer2-evm.pages.dev
- URL
- https://layer2-evm.pages.dev/npm/select2_4.1.0-rc.0/dist/css/select2.min.css
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| $ function| jQuery number| uidEvent object| bootstrap function| Decimal function| setImmediate function| clearImmediate object| regeneratorRuntime function| Web3 object| Web3Modal object| evmChains object| WalletConnectProvider function| Portis function| _0xfa7f function| _0x4bfb function| _0x3e11 function| _0xeba9 object| toastr1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.layer2-evm.pages.dev/ | Name: __cf_mw_byp Value: GN9cW1OdiDh.Asj4zMbDXBf1nmv5xKX74zX_8qtoZZY-1720767506-0.0.1.1-/ |
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
layer2-evm.pages.dev
widget.coinlib.io
layer2-evm.pages.dev
172.66.46.220
188.114.97.3
1fa313243be7cf951cfa148cc6107b3c6356ce64363175cbd9f8e2973526d12b
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
2aebc2552d7dadf4e3a0b80cc830c274e91146584dad8e29b04338b9ecedb363
3208439830c6d84cecaf1ea833fdc0bd3de1fcf2bd2b99d385675977b1acb2c7
373e5d0fc8551a29269ec793cc189d6593fe1c6d6b584471b275d479ce537408
38df771f6bbff5c05b637239adacd821acc13ae25c6a3ec0e69e0fb2ea9627dc
417386c3f17487378c9180fdfb964f00c4aad08c49d8b8bec9d4ba5d75aa9ae7
43d05d00a125f885e0958caff1d97f87b1cc3ff6bf79473ba3c80de7b544c3ba
53f40c35b1b0b2392457135afa560054aa9fc815a2ed0e2215a9d34ba1a1f052
57261a085900c47b3af70bf75b24ea55a6062b90eb942f2f7bd710a6ec537043
65a142882e5a99dbd06f3f46dcc1645a0a7f49e6ece84055743e8a4b78f186f8
70f0103526cf3a3d6fe3cfb3c5006e300dc03d15557f88a24ec3796cca9b8793
72a4a341c793da1906f896a173bd8897f9ab71a792932b1f9fc8c7067006a4e2
784cd6b8517f275dd449a824cddbf45384e1266aab627a2e5266b9723a2db853
7e90c50cdd614f41d6cd633b1f36b8bead48505a18574a22de6a86d9f0e459bd
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
869490f6e02d1e607d873acda394938c0280fcc91f0099c69aa5b82fa409210d
9a7b0ae0845d354ad9653660b5f8ea4a75887406e0ffceee125c03f86c58a9c0
9fc2d2fe9c75090349400e4c28f70e35defc5980b9734a04fd001ed322c586c9
a42a81d1222cdecdfa1313a4a5f3e8a9234e58bf0eeea762c372d9d6d09537c8
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
b14402f48a663a02ae743d956dd4c7768c2af3157f15ed5c75b9fcf19cd4506b
bf85fd5ce374ebc4230bfc085e7196b8fdca6f3c19573be3bfaa489225d074cb
c2477451b2b96c1801588819e82f4f0d0000f125d34e68ee83264473d57be1bb
c5f9ca622b9ca4e6646431f0e7702e1e1c71fee7ccf2caa2654d07fc265d5639
e604933a79ca1c55172c9dac467bc3e28babc1cf306c45d8084633e871ba0665
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f80b4670f9d1df98bb6716917baa46814feb1f340608e06f811c422cddccd8b2
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e