elon2x-promo.com Open in urlscan Pro
2a06:98c1:3120::c Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://elon2x-promo.com/eth/
Submission Tags: cryptocurrency fake airdrop scam giveaway dawd2cecawdc Search All
Submission: On September 13 via api (September 13th 2022, 5:59:00 pm UTC) from US — Scanned from NL

Summary HTTP 29 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 5 countries across 7 domains to perform 29 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is elon2x-promo.com.
TLS certificate: Issued by E1 on September 6th 2022. Valid for: 3 months.

This is the only time elon2x-promo.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange) Binance (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
2 9	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
4	192.0.77.40 192.0.77.40	2635 (AUTOMATTIC) (AUTOMATTIC)
1	149.154.164.13 149.154.164.13	62041 (TELEGRAM) (TELEGRAM)
2	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
1 1	199.232.192.193 199.232.192.193	54113 (FASTLY) (FASTLY)
1	199.232.198.49 199.232.198.49	54113 (FASTLY) (FASTLY)
11	2600:9000:223... 2600:9000:223d:c200:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	51.210.32.106 51.210.32.106	16276 (OVH) (OVH)
29	8

9 2a06:98c1:3120::c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

elon2x-promo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.0.77.40 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com

static.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.154.164.13 (London, United Kingdom)

ASN62041 (TELEGRAM, VG)

telegra.ph	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.193 (United States) 1 redirects

ASN54113 (FASTLY, US)

imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.198.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:223d:c200:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.210.32.106 (France)

ASN16276 (OVH, FR)
PTR: ns3172579.ip-51-210-32.eu

image.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	disquscdn.com a.disquscdn.com — Cisco Umbrella Rank: 9507 c.disquscdn.com — Cisco Umbrella Rank: 4085	49 KB
9	elon2x-promo.com 2 redirects elon2x-promo.com	148 KB
4	tumblr.com static.tumblr.com — Cisco Umbrella Rank: 35067	619 KB
3	imgur.com 1 redirects i.imgur.com — Cisco Umbrella Rank: 4706 imgur.com — Cisco Umbrella Rank: 3898	93 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 976	54 KB
1	ibb.co image.ibb.co — Cisco Umbrella Rank: 114231	74 KB
1	telegra.ph telegra.ph — Cisco Umbrella Rank: 80555	4 KB
29	7

	Domain	Requested by
11	c.disquscdn.com	elon2x-promo.com
9	elon2x-promo.com	2 redirects elon2x-promo.com
4	static.tumblr.com	elon2x-promo.com
2	i.imgur.com	elon2x-promo.com
2	code.jquery.com	elon2x-promo.com
1	image.ibb.co	elon2x-promo.com
1	a.disquscdn.com	elon2x-promo.com
1	imgur.com	1 redirects
1	telegra.ph	elon2x-promo.com
29	9

This site contains links to these domains. Also see Links.

Domain
cryptogiveaway.s3.us-east-2.amazonaws.com

Subject Issuer	Validity	Valid
*.elon2x-promo.com E1	`2022-09-06` - `2022-12-05`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.tumblr.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-21`	a year	crt.sh
*.telegra.ph Go Daddy Secure Certificate Authority - G2	`2022-09-13` - `2023-10-15`	a year	crt.sh
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-03-16`	a year	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-03` - `2023-02-04`	a year	crt.sh
a.disquscdn.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
ibb.co R3	`2022-08-07` - `2022-11-05`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://elon2x-promo.com/eth/
Frame ID: 911F0C64EA49303BEB119FFE67B0BAFD
Requests: 13 HTTP requests in this frame

Frame: https://elon2x-promo.com/eth/eth1/index.html
Frame ID: 2DA32D0BC7A2876C57874F4DFB1C8D52
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Elon 100,000 ETH Giveaway!

Page URL History Show full URLs

https://elon2x-promo.com/eth HTTP 301
http://elon2x-promo.com/eth/ HTTP 301
https://elon2x-promo.com/eth/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Disqus (Comment Systems) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+id="disqus_thread"

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

97 %
HTTPS

33 %
IPv6

7
Domains

9
Subdomains

8
IPs

5
Countries

1040 kB
Transfer

1604 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cryptogiveaway.s3.us-east-2.amazonaws.com/index.html
Title: 0x59a9af4e413f0799...

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://elon2x-promo.com/eth HTTP 301
http://elon2x-promo.com/eth/ HTTP 301
https://elon2x-promo.com/eth/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://imgur.com/g0rIzwD.png HTTP 301
https://i.imgur.com/g0rIzwD.png

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
elon2x-promo.com/eth/
Redirect Chain

https://elon2x-promo.com/eth
http://elon2x-promo.com/eth/
https://elon2x-promo.com/eth/

36 KB
8 KB

72ms
72ms

Document
text/html

2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elon2x-promo.com/eth/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ff0817c642af3890ca7a3f7e42a34826c082ab4d8339ebac4420c055e9948e8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74a2c610cc739b80-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 13 Sep 2022 17:58:54 GMT
last-modified: Tue, 06 Sep 2022 20:49:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NiWZVLd9kvkn2j7ommjfMUb59patATFhZvN1RoTjfPyrjU76K6DrckKnwBd1ulItDJRMCWYlDgoTAv1xXQFQ1YiZPuwzleLCw5kopn7U%2BMlDqA1VMsAXDdONelc0%2BPNsysf4YUNIfkAIvZj56joi"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 74a2c6104ca88fe3-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 13 Sep 2022 17:58:54 GMT
Expires: Tue, 13 Sep 2022 18:58:54 GMT
Location: https://elon2x-promo.com/eth/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqRdrnDwLcmkx3ZezKKjcQf7jMkKjwiQqiB8DtJXPpeqCMF6PdbSjVhpfAiU6MI49peU699HqvNiav4g56axqsBY2tM7blrM9ZuJynVod4CLgJFgn6%2BT%2FIP6r%2Br4eHiwYz3TCndbRHK2ul31ZStz"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.4.1.slim.min.js Show response
code.jquery.com/ 69 KB
24 KB 59ms
17ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.slim.min.js
Requested by: Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:58:54 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1157d"
vary: Accept-Encoding
x-hw: 1663091934.dop232.am5.t,1663091934.cds233.am5.hn,1663091934.cds246.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24328

GET
H2 200 http__get-mcafee.market_b_index_files_clipboard.js Show response
static.tumblr.com/do7iv2w/swtpwjat5/ 8 KB
8 KB 46ms
15ms Script
application/x-javascript 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tumblr.com/do7iv2w/swtpwjat5/http__get-mcafee.market_b_index_files_clipboard.js

Requested by

Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

30c25c88089ccc0d6373e6f0f36814c97dfaa575543d90a7cb9060903a50ef84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Tue, 13 Sep 2022 17:58:54 GMT
last-modified: Tue, 20 Aug 2019 12:03:06 GMT
server: nginx
etag: "92a362208ec351a135d6f43ef3360b77"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 7728

GET
H2 200 http__get-mcafee.market_b_index_files_bootstrap.js Show response
static.tumblr.com/do7iv2w/Rddpwjavf/ 36 KB
36 KB 45ms
14ms Script
application/x-javascript 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tumblr.com/do7iv2w/Rddpwjavf/http__get-mcafee.market_b_index_files_bootstrap.js

Requested by

Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://elon2x-promo.com/
Origin: https://elon2x-promo.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Tue, 13 Sep 2022 17:58:54 GMT
last-modified: Tue, 20 Aug 2019 12:04:28 GMT
server: nginx
etag: "5869c96cc8f19086aee625d670d741f9"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 37045

GET
H2 200 m2.css
static.tumblr.com/bejxdgc/NDhpx23f1/ 64 KB
64 KB 45ms
14ms Stylesheet
text/css 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tumblr.com/bejxdgc/NDhpx23f1/m2.css

Requested by

Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

29e89f00341d65ffbab6fdfce78f7e42a1daf4bda2e3615ad9466e2ce47760ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Tue, 13 Sep 2022 17:58:54 GMT
last-modified: Fri, 30 Aug 2019 15:37:50 GMT
server: nginx
etag: "376dd17dad7defb0a0c4f2d99445382f"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 65054

GET
H2 200 main-branding-base.css
static.tumblr.com/bejxdgc/H7hpx23gv/ 510 KB
511 KB 45ms
14ms Stylesheet
text/css 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tumblr.com/bejxdgc/H7hpx23gv/main-branding-base.css

Requested by

Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

be9a62a389ef14e5aa7c9c7ef9f7bec271ecce1f86aa8f0cdcc9a5e3acf7948e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Tue, 13 Sep 2022 17:58:54 GMT
last-modified: Fri, 30 Aug 2019 15:38:57 GMT
server: nginx
etag: "0acc5b1299f898a0c3a615c3aab31699"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 522276

GET
H3 200 big.css
elon2x-promo.com/assets/ 13 KB
4 KB 1180ms
1180ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elon2x-promo.com/assets/big.css
Requested by: Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60cfa28b7eb57e5ec992f652f1f5061c3e46047cb2454b980eb6de61d18aafa4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/eth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:58:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 06 Sep 2022 20:49:51 GMT
server: cloudflare
etag: W/"6317b26f-34dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVQl7gmBueyCTyl8fu%2FhUHXQZNIcpRVDPPrMk%2Bje3hrVoeFaKVkaCo4294AVsgxQQWURNFLUd2CE8uuCpdndSoyA1E6rvieoU7c1z4o5JcL727JFXjzGgO6YKw94hemmNIo1p0VE1qvSiXaafmKq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a2c6114fc5bb59-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 comments.css
elon2x-promo.com/assets/ 151 KB
46 KB 247ms
247ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elon2x-promo.com/assets/comments.css
Requested by: Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e1b6f6eba2154d3ec903bf754ec64f3908fce7b06b6312734f9b334b524a945

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/eth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:58:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 06 Sep 2022 20:49:51 GMT
server: cloudflare
etag: W/"6317b26f-25ca0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BGMwHOw9QpY6uSEys9DW%2FF3kMLvzy3f%2Bx%2BW90d5EqoH6BAdUwFecuQLQWrjefYqt7QOXQDGjaVGWj7CHBW6zE3zmYxKz%2BtTbYFEVsVvG2Hg8Mmn37yePnqckhzKoi1Q%2FI6RgQlzOiJKxTn1J4ut"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a2c6114fc6bb59-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 u.css
elon2x-promo.com/assets/ 203 KB
35 KB 289ms
288ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elon2x-promo.com/assets/u.css
Requested by: Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4edb91d880958d290e76c6678b1584b4eca8747b643720f827b79548272c7b25

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/eth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:58:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 06 Sep 2022 20:49:51 GMT
server: cloudflare
etag: W/"6317b26f-32a77"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hyNrWvA15ZonxzoPDA0kTmCxO6wK%2BxpM1ZRrkC13LrAMwzlrOKL1WWP2jEKTCkOIxTm%2F5HIJXRwnD%2B4BkLzi%2FdlzguzTpSKl0Mzo%2BKwM70RNAs5l1xnpqaX1hHdaehNM9UQy9CPpnvbBIF8qJqd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a2c6114fc7bb59-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 51a37631516be9ff2d22b.png
telegra.ph/file/ 5 KB
4 KB 64ms
21ms Image
image/png 149.154.164.13
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://telegra.ph/file/51a37631516be9ff2d22b.png

Requested by

Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.154.164.13 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

329e78b4d2ca494ee7ed05e3baf6c80ae36af9977dcf9679850ea2f085b0e480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:58:55 GMT
content-encoding: gzip
server: nginx/1.20.1
etag: "e040b7a75d18f2b9469539bea6fd33f4eb30bc54"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=2592000, public
content-length: 3888
expires: Thu, 13 Oct 2022 17:58:55 GMT

GET
H3 200 qrcode.jLHDAT6SPG.png
elon2x-promo.com/eth/ 2 KB
3 KB 1196ms
1195ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elon2x-promo.com/eth/qrcode.jLHDAT6SPG.png
Requested by: Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9eb392e104e457e058eedbb81dcb60eb6ccfa77eca1f1ea8ab3c08b37dcd228

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/eth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:58:56 GMT
cf-cache-status: MISS
last-modified: Tue, 06 Sep 2022 20:49:51 GMT
server: cloudflare
etag: "6317b26f-914"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EO41jRFlV7vn%2FHDU28HAM6S9hA%2BcuCTN%2BF5wPAWmQRRbwmLwKWZW6my%2BslYYCzmqk2CTj7E8tkBAWWRn8oAdySk6PI4005%2FT45dJOW56Wgm7K7BKKTo7HkuiNutvovTyuO0GuaCCDFDKBoJRCcKU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 74a2c613ac29bb59-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2324

GET
H2 200 351kRoj.gif
i.imgur.com/ 69 KB
70 KB 68ms
23ms Image
image/gif 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/351kRoj.gif

Requested by

Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

51eddb6deb8ef75df2c8dff112415172bee5b695c4d4b1445e635e6ebaef93c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:58:56 GMT
x-content-type-options: nosniff
age: 3993406
x-cache: HIT, HIT
content-length: 70979
x-served-by: cache-iad-kjyo7100179-IAD, cache-fra19130-FRA
last-modified: Thu, 08 Aug 2019 00:29:14 GMT
server: cat factory 1.0
x-timer: S1663091936.151502,VS0,VE2
etag: "cd519e0239f4e797c107e736b71e6070"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2

200

g0rIzwD.png
i.imgur.com/
Redirect Chain

https://imgur.com/g0rIzwD.png
https://i.imgur.com/g0rIzwD.png

23 KB
23 KB

37ms
37ms

Image
image/jpeg

151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/g0rIzwD.png

Requested by

Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/

Protocol

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

2fc766b1c09aeb2b84ea140d363c60404eb3cf3a3da1ddd92a7ec398b74212ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:58:56 GMT
x-content-type-options: nosniff
age: 89438
x-cache: HIT, HIT
content-length: 23764
x-served-by: cache-iad-kiad7000072-IAD, cache-fra19130-FRA
last-modified: Tue, 16 Aug 2022 16:13:14 GMT
server: cat factory 1.0
x-timer: S1663091936.163439,VS0,VE2
etag: "d7414e56dc9d3b7e273c7903999fe6f6"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

Redirect headers

date: Tue, 13 Sep 2022 17:58:56 GMT
server: cat factory 1.0
x-timer: S1663091936.135634,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/g0rIzwD.png
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
x-cache-hits: 0
strict-transport-security: max-age=300
accept-ranges: bytes
access-control-allow-origin: https://imgur.com
content-length: 0
retry-after: 0
x-served-by: cache-ams21080-AMS

GET
H3 200 index.html Show response
elon2x-promo.com/eth/eth1/ Frame 2DA3 61 KB
6 KB 123ms
122ms Document
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elon2x-promo.com/eth/eth1/index.html
Requested by: Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6dbe5c5e24687845dc96b9da7fa9bbd88d93998990f26006e4697f59a19322b

Request headers

Referer: https://elon2x-promo.com/eth/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74a2c6191dc8bb59-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 13 Sep 2022 17:58:56 GMT
last-modified: Tue, 06 Sep 2022 20:49:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oW9ThvyJXqFoZ2u4vR9D2TM3VxP%2FN072RX8Jk%2BulbjBQ%2FwioqZrOCDLNGLmU2ETPbZ7ZRO78G1%2F2LeHP6x9i7kC8kEbMskh5%2BgbtxlnyfaxAI3mgvqkIVg97ceqzP%2F%2FQ%2FGf9nEHx6tLITILZn%2Fba"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ Frame 2DA3 86 KB
30 KB 18ms
17ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/eth1/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:58:56 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15851"
vary: Accept-Encoding
x-hw: 1663091936.dop232.am5.t,1663091936.cds233.am5.hn,1663091936.cds260.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H3 200 comments.css
elon2x-promo.com/assets/ Frame 2DA3 151 KB
46 KB 33ms
33ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://elon2x-promo.com/assets/comments.css
Requested by: Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/eth1/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e1b6f6eba2154d3ec903bf754ec64f3908fce7b06b6312734f9b334b524a945

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/eth/eth1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:58:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Sep 2022 20:49:51 GMT
server: cloudflare
age: 1
etag: W/"6317b26f-25ca0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wGWPq2RyOcDQ031ejIb84iI%2BNDtKitrocTtnz3gecnbz%2BrQtVFvUAlEEsVzxQj50Pi%2B0mpDs8oEtHdS40mTam4dv9MXS7HA%2B8PVvkxXX9nue%2FRLd5Xnhm4LddQdB8T7uABNf83tyl4ifFoug6wZD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74a2c619ef6cbb59-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 noavatar92.png
a.disquscdn.com/images/ Frame 2DA3 2 KB
2 KB 49ms
18ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/images/noavatar92.png

Requested by

Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/eth1/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:58:56 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 1413782
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: AMS50-C1
content-length: 1644
x-amz-cf-id: qThG_IwIsIbc07RNh-DhuQHbfaK8TrrL0vX2NoZrUmhY7gCOW7V3Dw==
expires: Sat, 03 Sep 2022 04:50:41 GMT

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/18260/6863/ Frame 2DA3 4 KB
5 KB 66ms
21ms Image
image/jpeg 2600:9000:223d:c200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/18260/6863/avatar92.jpg?1575621128

Requested by

Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:c200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1ed445642945e4491af05364cf2f1f46f909dfbecb3d0aec48042738b70f6600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 15:55:57 GMT
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1303379
x-cache: Hit from cloudfront
content-length: 4519
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Tue, 19 Jan 2021 17:47:11 GMT
server: nginx
etag: "661769ecec807be15f45271308aba2da"
content-type: image/jpeg
expires: Tue, 29 Aug 2023 15:55:57 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
x-amz-cf-id: AgKu1Kn4HCrDIxnyrsI9MDSPgXvhdbp811aRZEBSv-XZH8Pu-CckFw==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/28829/7573/ Frame 2DA3 3 KB
3 KB 67ms
24ms Image
image/jpeg 2600:9000:223d:c200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/28829/7573/avatar92.jpg?1590512489

Requested by

Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:c200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b9ccd7e2f1fecaca35566838222c3beacde5945e53befacfe050b5f15ed871a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 16:42:50 GMT
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2423766
x-cache: Hit from cloudfront
content-length: 2788
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Sun, 08 May 2022 13:38:49 GMT
server: nginx
etag: "9311381b509ffb9dd4028199ccae937b"
content-type: image/jpeg
expires: Wed, 16 Aug 2023 16:42:50 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
x-amz-cf-id: 8ZDdklEaHDqluMCCODqtihgbeHkTN7XnFQxr49WZGo4UDxjHvxxynw==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/5324/5484/ Frame 2DA3 3 KB
4 KB 64ms
22ms Image
image/jpeg 2600:9000:223d:c200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/5324/5484/avatar92.jpg?1591138209

Requested by

Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:c200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

590e5df8a37ed7da55f0debb967bb91bad38144b23ffe020d671ef2e7dc25d81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 15:55:57 GMT
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1303379
x-cache: Hit from cloudfront
content-length: 3182
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Mon, 29 Aug 2022 02:52:49 GMT
server: nginx
etag: "78998d1de119d74e2848de3d2d5a683b"
content-type: image/jpeg
expires: Tue, 29 Aug 2023 15:55:57 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
x-amz-cf-id: gDfJQ5Jc0u4_jeVuC6NVrBNEn8-ieXmOZdsHueqonw3KdEU90CJxBQ==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/10791/4816/ Frame 2DA3 5 KB
6 KB 67ms
26ms Image
image/jpeg 2600:9000:223d:c200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/10791/4816/avatar92.jpg?1565477284

Requested by

Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:c200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b16a7df01fbc9df48ac5b85fbe3f13e7452db0b2173429c02d6f335576c45f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 16:42:50 GMT
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2423766
x-cache: Hit from cloudfront
content-length: 5252
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Sat, 23 Apr 2022 03:34:10 GMT
server: nginx
etag: "20201601225482a416d72c7ed4038654"
content-type: image/jpeg
expires: Wed, 16 Aug 2023 16:42:50 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
x-amz-cf-id: Jr0Azp5g5Nju4xrusBw35C-NFe1oHQEKYlxm5wJMjKMIb5QFZN3Lgg==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/34897/3728/ Frame 2DA3 4 KB
4 KB 65ms
23ms Image
image/jpeg 2600:9000:223d:c200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/34897/3728/avatar92.jpg?1588900704

Requested by

Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:c200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bbdb15947385ef28138932740b9cc459456db31ba71025c898e42525bacbcabc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 16:42:50 GMT
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2423766
x-cache: Hit from cloudfront
content-length: 3893
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Tue, 03 May 2022 22:21:28 GMT
server: nginx
etag: "6d4b9981bfebf54e730c1c596661b10b"
content-type: image/jpeg
expires: Wed, 16 Aug 2023 16:42:50 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
x-amz-cf-id: zTGIgmOkJsE8XlscR2RwF_eNYEXrsxnZY5Cj5YotSXmEmvToJElbpw==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/24669/9375/ Frame 2DA3 2 KB
3 KB 65ms
24ms Image
image/jpeg 2600:9000:223d:c200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/24669/9375/avatar92.jpg?1591132484

Requested by

Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:c200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6abf6c97a47fcba7c3df4434ebe5d2bca806c697c5267043f9b330f9e9b0087a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 15:55:57 GMT
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1303379
x-cache: Hit from cloudfront
content-length: 2237
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Thu, 21 Jul 2022 14:16:33 GMT
server: nginx
etag: "a0d05eb9965b8bf42e5ff51136cc259a"
content-type: image/jpeg
expires: Tue, 29 Aug 2023 15:55:57 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
x-amz-cf-id: ph115cGYk8675eBZ9gJSXT3P2L7OJMqEd0wmFldNpy8zl5iiX854iQ==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/3421/2316/ Frame 2DA3 4 KB
5 KB 24ms
23ms Image
image/jpeg 2600:9000:223d:c200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/3421/2316/avatar92.jpg?1377541829

Requested by

Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:c200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8db2d72a390bc45796f54ca017e19b94b7d9d45f7f0f4b19c31c238df3998182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 23 Jul 2022 16:29:14 GMT
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 4498182
x-cache: Hit from cloudfront
content-length: 4240
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Mon, 26 Aug 2013 18:30:29 GMT
server: nginx
etag: "34f610ace5bbca8846b88394f3236d92"
content-type: image/jpeg
expires: Sun, 23 Jul 2023 16:29:14 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
x-amz-cf-id: nc531ncTSMUAzfWcP4u51a4p2u3ihgcUWGlCtTNUWNAFiCmveiGKAA==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/3744/9649/ Frame 2DA3 3 KB
4 KB 23ms
21ms Image
image/jpeg 2600:9000:223d:c200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/3744/9649/avatar92.jpg?1402496077

Requested by

Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:c200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f0fcbcaeae3b12de878ff361d3959ac0dcd2efb9334f615642235bda554d0da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 12:36:20 GMT
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6412956
x-cache: Hit from cloudfront
content-length: 3165
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Wed, 11 Jun 2014 14:14:37 GMT
server: nginx
etag: "ebfe3a128fc2c58406021482fc06dbf5"
content-type: image/jpeg
expires: Sat, 01 Jul 2023 12:36:20 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
x-amz-cf-id: heCI48XLrmPPIqXsS3jtvrEh0dhQsO2zjyLjy1EDJzXOzXN8_g9TaA==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/6351/2731/ Frame 2DA3 6 KB
6 KB 27ms
25ms Image
image/jpeg 2600:9000:223d:c200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/6351/2731/avatar92.jpg?1590568684

Requested by

Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:c200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fb6b3ddaaad6fd698b28050fd447f148920299aaebb9de060cd57326bad0ebb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 15:55:57 GMT
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1303379
x-cache: Hit from cloudfront
content-length: 5983
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Sun, 17 Apr 2022 15:37:59 GMT
server: nginx
etag: "912cc51c1512f91939faf68efba4f1ed"
content-type: image/jpeg
expires: Tue, 29 Aug 2023 15:55:57 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
x-amz-cf-id: UskQ6hGgB1YIz-_XcResTe3UwSkzXH1CoOzT29VQTEKw0KIC6gMbBQ==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/2207/636/ Frame 2DA3 4 KB
5 KB 24ms
23ms Image
image/jpeg 2600:9000:223d:c200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/2207/636/avatar92.jpg?1470225620

Requested by

Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:c200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3a6f355fe2a4283a0ef3c00c69b3fb7ac51d9aaa98c3c9572ac04a374fef1204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 18:28:17 GMT
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 5355038
x-cache: Hit from cloudfront
content-length: 4260
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Wed, 03 Aug 2016 12:00:21 GMT
server: nginx
etag: "a4604124d6fc729f442ee23d3bee9407"
content-type: image/jpeg
expires: Thu, 13 Jul 2023 18:28:17 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
x-amz-cf-id: V7DGmxQSeeFk4KSfysn7m7t6oLESoh73IqoisH_ksb6UTx2eTja_EA==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/29820/9294/ Frame 2DA3 3 KB
4 KB 25ms
24ms Image
image/jpeg 2600:9000:223d:c200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/29820/9294/avatar92.jpg?1585000487

Requested by

Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:c200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3604cdec2bd000c92f3d79db92c32034e907fbc1627baf89acd82e128bb9d897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 20:40:40 GMT
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3705496
x-cache: Hit from cloudfront
content-length: 3356
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Mon, 23 Mar 2020 21:54:48 GMT
server: nginx
etag: "2fcba68410b57bc2ba7da1fdfafcfafc"
content-type: image/jpeg
expires: Tue, 01 Aug 2023 20:40:40 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
x-amz-cf-id: 5oyIGslITzWZaXGL_lDBIAuzjOXwNqevNMTXScPyRdMrxuro0spCPA==
x-cache-hits: 0

GET
H2 200 1.jpg
image.ibb.co/dNDgLH/ Frame 2DA3 74 KB
74 KB 200ms
102ms Image
image/jpeg 51.210.32.106
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.ibb.co/dNDgLH/1.jpg
Requested by: Host: elon2x-promo.com
URL: https://elon2x-promo.com/eth/eth1/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.32.106 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3172579.ip-51-210-32.eu
Software: nginx /
Resource Hash: cc11813b12c4be220aba6eaaea59635c5b9bb1e308b7d01d605c234ca3aa5390

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elon2x-promo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 17:58:56 GMT
last-modified: Fri, 16 Mar 2018 15:02:43 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 75449
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange) Binance (Crypto Exchange)

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
c.disquscdn.com
code.jquery.com
elon2x-promo.com
i.imgur.com
image.ibb.co
imgur.com
static.tumblr.com
telegra.ph
149.154.164.13
151.101.12.193
192.0.77.40
199.232.192.193
199.232.198.49
2001:4de0:ac18::1:a:1a
2600:9000:223d:c200:6:8656:f5c0:93a1
2a06:98c1:3120::c
51.210.32.106
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1ed445642945e4491af05364cf2f1f46f909dfbecb3d0aec48042738b70f6600
29e89f00341d65ffbab6fdfce78f7e42a1daf4bda2e3615ad9466e2ce47760ef
2e1b6f6eba2154d3ec903bf754ec64f3908fce7b06b6312734f9b334b524a945
2fc766b1c09aeb2b84ea140d363c60404eb3cf3a3da1ddd92a7ec398b74212ab
30c25c88089ccc0d6373e6f0f36814c97dfaa575543d90a7cb9060903a50ef84
329e78b4d2ca494ee7ed05e3baf6c80ae36af9977dcf9679850ea2f085b0e480
3604cdec2bd000c92f3d79db92c32034e907fbc1627baf89acd82e128bb9d897
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
3a6f355fe2a4283a0ef3c00c69b3fb7ac51d9aaa98c3c9572ac04a374fef1204
3ff0817c642af3890ca7a3f7e42a34826c082ab4d8339ebac4420c055e9948e8
4edb91d880958d290e76c6678b1584b4eca8747b643720f827b79548272c7b25
51eddb6deb8ef75df2c8dff112415172bee5b695c4d4b1445e635e6ebaef93c3
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
590e5df8a37ed7da55f0debb967bb91bad38144b23ffe020d671ef2e7dc25d81
60cfa28b7eb57e5ec992f652f1f5061c3e46047cb2454b980eb6de61d18aafa4
6abf6c97a47fcba7c3df4434ebe5d2bca806c697c5267043f9b330f9e9b0087a
8db2d72a390bc45796f54ca017e19b94b7d9d45f7f0f4b19c31c238df3998182
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
b16a7df01fbc9df48ac5b85fbe3f13e7452db0b2173429c02d6f335576c45f41
b6dbe5c5e24687845dc96b9da7fa9bbd88d93998990f26006e4697f59a19322b
b9ccd7e2f1fecaca35566838222c3beacde5945e53befacfe050b5f15ed871a0
b9eb392e104e457e058eedbb81dcb60eb6ccfa77eca1f1ea8ab3c08b37dcd228
bbdb15947385ef28138932740b9cc459456db31ba71025c898e42525bacbcabc
be9a62a389ef14e5aa7c9c7ef9f7bec271ecce1f86aa8f0cdcc9a5e3acf7948e
cc11813b12c4be220aba6eaaea59635c5b9bb1e308b7d01d605c234ca3aa5390
f0fcbcaeae3b12de878ff361d3959ac0dcd2efb9334f615642235bda554d0da2
fb6b3ddaaad6fd698b28050fd447f148920299aaebb9de060cd57326bad0ebb6

elon2x-promo.com Open in urlscan Pro 2a06:98c1:3120::c Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

97 %HTTPS

33 %IPv6

7 Domains

9 Subdomains

8 IPs

5 Countries

1040 kBTransfer

1604 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

elon2x-promo.com Open in urlscan Pro
2a06:98c1:3120::c Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

97 %
HTTPS

33 %
IPv6

7
Domains

9
Subdomains

8
IPs

5
Countries

1040 kB
Transfer

1604 kB
Size

0
Cookies

29 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!