x2get.pro
Open in
urlscan Pro
190.115.22.30
Malicious Activity!
Public Scan
Submission Tags: https://sinking.yachts sinking-yachts phishing Search All
Submission: On March 28 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on January 8th 2023. Valid for: 3 months.
This is the only time x2get.pro was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Community Verdicts: Malicious — 1 votes Show Verdicts
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 190.115.22.30 190.115.22.30 | 262254 (DDOS-GUAR...) (DDOS-GUARD CORP.) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:812::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:5514 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 148.251.234.93 148.251.234.93 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:827::2003 | 15169 (GOOGLE) (GOOGLE) | |
21 | 7 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
x2get.pro
x2get.pro |
1 MB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 chart.googleapis.com — Cisco Umbrella Rank: 21688 |
3 KB |
1 |
gstatic.com
fonts.gstatic.com |
27 KB |
1 |
iplogger.com
iplogger.com — Cisco Umbrella Rank: 397790 |
583 B |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 334 |
2 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194 |
28 KB |
21 | 6 |
Domain | Requested by | |
---|---|---|
14 | x2get.pro |
x2get.pro
|
2 | chart.googleapis.com |
x2get.pro
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | iplogger.com |
x2get.pro
|
1 | cdn.jsdelivr.net |
x2get.pro
|
1 | cdnjs.cloudflare.com |
x2get.pro
|
1 | fonts.googleapis.com |
x2get.pro
|
21 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
x2get.pro R3 |
2023-01-08 - 2023-04-08 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
www.iplogger.ru R3 |
2023-02-01 - 2023-05-02 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://x2get.pro/
Frame ID: 4B27E0F5F584D0BB77AF4699110CD440
Requests: 21 HTTP requests in this frame
Screenshot
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
x2get.pro/ |
20 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
x2get.pro/css/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bage.png
x2get.pro/images/ |
468 B 887 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qr.png
x2get.pro/images/ |
660 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
creator.svg
x2get.pro/images/ |
11 KB 12 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wallet.png
x2get.pro/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
transfer.png
x2get.pro/images/ |
1002 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
checkmark.png
x2get.pro/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bonus.png
x2get.pro/images/ |
829 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
popper.png
x2get.pro/images/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chart
chart.googleapis.com/ |
876 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chart
chart.googleapis.com/ |
854 B 914 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ |
87 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.js
x2get.pro/js/ |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
console-ban.min.js
cdn.jsdelivr.net/gh/fz6m/console-ban@3.2/dist/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1iekJ4
iplogger.com/ |
116 B 583 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background.png
x2get.pro/images/ |
717 KB 717 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background2.png
x2get.pro/images/ |
698 KB 699 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
check.svg
x2get.pro/images/ |
549 B 972 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Malicious
task.url
Submitted on
March 28th 2023, 12:49:12 am
UTC —
From United States
Threats:
Phishing
Scam
Comment: This domain is present in the Sinking Yachts anti-phishing list. More Info: https://sinking.yachts
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| getCookie function| $ function| jQuery function| round function| copy function| copyDivToClipboardEth function| copyDivToClipboardBtc function| kill_ctrl_key_combo function| disable_selection function| double_mouse object| ConsoleBan2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
x2get.pro/ | Name: walletBTC Value: 1BitCoinRkwtFKLG6HaMgCQhg5EFiLDQ3K |
|
x2get.pro/ | Name: walletETH Value: 0x000000038e25e88904bbfac513957058373e6d8e |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
cdnjs.cloudflare.com
chart.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
iplogger.com
x2get.pro
148.251.234.93
190.115.22.30
2606:4700::6810:5514
2606:4700::6811:190e
2a00:1450:4001:812::200a
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
0ed8880fd14cc59e5cbfd004b4e3cfc3027aa371e9389f759cd3d3a3eb3f1daa
145b4fe41f625c0437d3517a260c7820a88459c65e96c567e130aa7eb187c7ef
405cafb58d1651f50b71375df1853895c1faa681116659c00a57687e9a8f6a43
4c1753ecf69ac3d8cfdb5cf61627356ac6b3d0f74bfd15d3cbc84b38a3aa207b
5f022ac2c585011ea8d71227bb0039f00d4fbea51c7de7ae7b36714da1f0312d
65e6ca0ad29ee582f98d1318f8de898c9fa9ac10ab6274ae6cff84e64ef9f652
71457fd7390d258d14e6675137056e20081f5232cc6ab5950f87bb937c0c7ec8
7de5ea62067ff095bb447c068dd04ba536e7939675ff3dee11251b303c0f99b4
82b540eede0cee71eb3f16111def3e1bb6b5adaa5c67160cbdbd3ed383fe1b3d
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
8fdd46732818abb1ea782eddd69d55bfe2c45d1e5cbb00401758fb69be143209
aaf9350c66dd67a27871b7f45a5aabc08d17fa06180a1f5b0f7fed1aabc8c352
b02fffaba9e664ff7840c82b102d6851ec0bb148cec462cef40999545309e599
bd38ee1b1bd999c41c9abc88948ca65857a2e14bcffbf3cf025077e41ef2e8aa
c3172f40c0b891c351a8844aa979038ea8c00e3f755cb7521617095e2758c165
c457ec078a32edf0e2f9c7bc9850ae157e6af88e68c403a9a1311b8cb23b63a8
d3a6aa068e030866321f313aee220ef4c390fc7028625b1128cb329fc0586a3f
d4ae63f16af3074de620bf6ce843abe5c47e396c79a203f9f894b4e625ec0318
eeae627399aa693d4824dc3d20d03a428fde9f76b369e164246c7a32a584503c
efe50eac1379add3c698cca74ae4e70a80f924f79dd08fdcd96690e999b1a6a3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e