200k-1kdw.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2ee3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://eth200k.com/
Effective URL:
https://200k-1kdw.pages.dev/
Submission: On April 29 via api (April 29th 2024, 11:05:53 am UTC) from JP — Scanned from JP

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 22 HTTP transactions. The main IP is 2606:4700:310c::ac42:2ee3, located in United States and belongs to CLOUDFLARENET, US. The main domain is 200k-1kdw.pages.dev.
TLS certificate: Issued by E1 on March 31st 2024. Valid for: 3 months.

This is the only time 200k-1kdw.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.182.74 172.67.182.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:310... 2606:4700:310c::ac42:2ee3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700::68... 2606:4700::6812:323	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:21e... 2600:9000:21ee:4c00:18:6c16:27c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	172.67.145.97 172.67.145.97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.107.203.234 34.107.203.234	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.117.186.192 34.117.186.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6812:223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	8

1 172.67.182.74 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

eth200k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:310c::ac42:2ee3 (United States)

ASN13335 (CLOUDFLARENET, US)

200k-1kdw.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:323 (United States)

ASN13335 (CLOUDFLARENET, US)

pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21ee:4c00:18:6c16:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tools.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.145.97 (United States)

ASN13335 (CLOUDFLARENET, US)

acceleratecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.203.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.203.107.34.bc.googleusercontent.com

settings.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.186.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.186.117.34.bc.googleusercontent.com

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:223 (United States)

ASN13335 (CLOUDFLARENET, US)

pub-b8b9114e72b24ef7aebe530a2eb94bbc.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	r2.dev pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev pub-b8b9114e72b24ef7aebe530a2eb94bbc.r2.dev	8 MB
4	acceleratecdn.com acceleratecdn.com	884 B
4	luckyorange.com tools.luckyorange.com — Cisco Umbrella Rank: 13567 settings.luckyorange.com — Cisco Umbrella Rank: 13478	71 KB
2	pages.dev 200k-1kdw.pages.dev	32 KB
1	ipinfo.io ipinfo.io — Cisco Umbrella Rank: 7609	476 B
1	eth200k.com 1 redirects eth200k.com	444 B
0	app.link Failed metamask.app.link Failed
22	7

	Domain	Requested by
8	pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev	200k-1kdw.pages.dev
4	acceleratecdn.com	200k-1kdw.pages.dev pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev
2	settings.luckyorange.com	tools.luckyorange.com
2	tools.luckyorange.com	200k-1kdw.pages.dev tools.luckyorange.com
2	200k-1kdw.pages.dev	pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev
1	pub-b8b9114e72b24ef7aebe530a2eb94bbc.r2.dev
1	ipinfo.io	pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev
1	eth200k.com	1 redirects
0	metamask.app.link Failed	pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev
22	9

This site contains no links.

Subject Issuer	Validity	Valid
200k-1kdw.pages.dev E1	`2024-03-31` - `2024-06-29`	3 months	crt.sh
*.r2.dev E1	`2024-04-05` - `2024-07-04`	3 months	crt.sh
luckyorange.com Amazon RSA 2048 M03	`2023-11-18` - `2024-12-15`	a year	crt.sh
acceleratecdn.com E1	`2024-04-17` - `2024-07-16`	3 months	crt.sh
settings.luckyorange.com R3	`2024-04-03` - `2024-07-02`	3 months	crt.sh
ipinfo.io R3	`2024-04-19` - `2024-07-18`	3 months	crt.sh

This page contains 2 frames:

Frame: dapp://200k-1kdw.pages.dev/
Frame ID: A063630897DD94C80364B26212861FF7
Requests: 18 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/core.js?v=39ac4b4
Frame ID: 57AC07D3BB3213146E0AE886942C40F8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://eth200k.com/ HTTP 302
https://200k-1kdw.pages.dev/ Page URL

Page Statistics

22
Requests

91 %
HTTPS

50 %
IPv6

7
Domains

9
Subdomains

8
IPs

1
Countries

7842 kB
Transfer

8019 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://eth200k.com/ HTTP 302
https://200k-1kdw.pages.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
200k-1kdw.pages.dev/
Redirect Chain

https://eth200k.com/
https://200k-1kdw.pages.dev/

45 KB
22 KB

150ms
106ms

Document
text/html

2606:4700:310c::ac42:2ee3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://200k-1kdw.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2ee3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

961b2548bf83bf3864311a309cd4ade87698d79eafebea2129fbe7521a74660d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 87bed16b9ffb685b-NRT
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 29 Apr 2024 11:05:37 GMT
etag: W/"9f6dc4239dd7b5d5d7c236f06ca0cc0a"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a0SWGnBmsHzfkhwfusPyGtVH97L5SQiZMa6x%2BmruWRKpW%2FhBRrnQbFr4kALkHWqJp3jQ2f3eat4pSMRYUcDdJyZGshgg2NqU6Onj5X0x8Y5kAkWJTqs5uLhiXwtoQxeCJVfb5lyZHD9zX5T0ah1B5SQG"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87bed1674ca2685f-NRT
content-type: text/html
date: Mon, 29 Apr 2024 11:05:37 GMT
location: https://200k-1kdw.pages.dev/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=weEW40DqZ2k79cmdcu70fpxPxnNU8H85jfRF4yka7i4LtWK6xRqth1W16r8FzA5O%2B%2FvWkHwpxmZTyTb87bhsbDx1paaAaGHbigFxu%2FDCxGn%2FlQ1ZcQlJXoScoGAEvw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK 1.js Show response
pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev/ 658 KB
658 KB 407ms
374ms Script
text/javascript 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev/1.js
Requested by: Host: 200k-1kdw.pages.dev
URL: https://200k-1kdw.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bedac6e51ad4146953265c102a054bd68c0d90239b17ea24ed311fa67b6e7748

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://200k-1kdw.pages.dev/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 11:05:38 GMT
Last-Modified: Sun, 18 Feb 2024 14:26:03 GMT
Server: cloudflare
ETag: "04785c52273847fc0178e1714e6c8575"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 87bed16c9c0ff5f1-NRT
Content-Length: 673356

GET
H/1.1 200
OK 2.js Show response
pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev/ 716 KB
716 KB 411ms
379ms Script
text/javascript 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev/2.js
Requested by: Host: 200k-1kdw.pages.dev
URL: https://200k-1kdw.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://200k-1kdw.pages.dev/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 11:05:38 GMT
Last-Modified: Sun, 18 Feb 2024 14:26:02 GMT
Server: cloudflare
ETag: "50ed955cf32ac8e4e1daa0fac8fcde98"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 87bed16c9b14e3af-NRT
Content-Length: 733070

GET
H/1.1 200
OK 3.js Show response
pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev/ 315 KB
316 KB 420ms
388ms Script
text/javascript 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev/3.js
Requested by: Host: 200k-1kdw.pages.dev
URL: https://200k-1kdw.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://200k-1kdw.pages.dev/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 11:05:38 GMT
Last-Modified: Sun, 18 Feb 2024 14:25:49 GMT
Server: cloudflare
ETag: "ca1104de538caea2d54265fbe90916b4"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 87bed16c99fe2080-NRT
Content-Length: 323051

GET
H/1.1 200
OK 4.js Show response
pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev/ 1 MB
1 MB 415ms
384ms Script
text/javascript 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev/4.js
Requested by: Host: 200k-1kdw.pages.dev
URL: https://200k-1kdw.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fffa62486dc1a784ca7f14108e8c0bffbe70b82212418ed00fe5485bfb7dfe5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://200k-1kdw.pages.dev/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 11:05:38 GMT
Last-Modified: Sun, 18 Feb 2024 14:26:01 GMT
Server: cloudflare
ETag: "eccd8515c1fca377448be7d6166e3fe9"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 87bed16c9c69f665-NRT
Content-Length: 1472302

GET
H/1.1 200
OK 5.js Show response
pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev/ 1 MB
1 MB 413ms
383ms Script
text/javascript 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev/5.js
Requested by: Host: 200k-1kdw.pages.dev
URL: https://200k-1kdw.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 493a0c3f38e807d0d34ef683bec3524147318dac3d328ffded7d05f4ceccea6c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://200k-1kdw.pages.dev/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 11:05:38 GMT
Last-Modified: Sun, 18 Feb 2024 14:25:59 GMT
Server: cloudflare
ETag: "33e9b762f9b7f41e265af743ec1691c7"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 87bed16c9ebeaf8b-NRT
Content-Length: 1163794

GET
H/1.1 200
OK 6.js Show response
pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev/ 2 MB
2 MB 811ms
372ms Script
text/javascript 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev/6.js
Requested by: Host: 200k-1kdw.pages.dev
URL: https://200k-1kdw.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05a8371f49d0d51fe1eb64b4ccae6d5e5c538812bbb2a93d5cff7590b27f6336

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://200k-1kdw.pages.dev/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 11:05:38 GMT
Last-Modified: Sun, 24 Mar 2024 10:26:07 GMT
Server: cloudflare
ETag: "7c65d56fd6a35f2bf358be8476ba7e35"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 87bed16f2b1fb003-NRT
Content-Length: 1808715

GET
H/1.1 200
OK 7.js Show response
pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev/ 865 KB
865 KB 826ms
382ms Script
text/javascript 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev/7.js
Requested by: Host: 200k-1kdw.pages.dev
URL: https://200k-1kdw.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9fc172f09ecfe8fdb87b2be46d0d5c203b957ea6eabbf9fa0bb599e868556d7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://200k-1kdw.pages.dev/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 11:05:38 GMT
Last-Modified: Sat, 16 Mar 2024 20:11:20 GMT
Server: cloudflare
ETag: "29e453243b09c49fd060451dc191e2f1"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 87bed16f2c4c2080-NRT
Content-Length: 885479

GET
H/1.1 200
OK 8.js Show response
pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev/ 835 KB
835 KB 396ms
367ms Script
text/javascript 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev/8.js
Requested by: Host: 200k-1kdw.pages.dev
URL: https://200k-1kdw.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10a4c49b444eaa3fcf9c3b28f992ac53b3b8ff7e42c78f53b51d81af63554b0f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://200k-1kdw.pages.dev/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 11:05:38 GMT
Last-Modified: Wed, 21 Feb 2024 14:01:35 GMT
Server: cloudflare
ETag: "961afd2e5c80670f3b38fca7c76d5940"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 87bed16c9f37b003-NRT
Content-Length: 854748

GET
H2 200 lo.js Show response
tools.luckyorange.com/core/ 13 KB
5 KB 74ms
2ms Script
text/javascript 2600:9000:21ee:4c00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/lo.js?site-id=1225a879
Requested by: Host: 200k-1kdw.pages.dev
URL: https://200k-1kdw.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ee:4c00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51297bbebc47d5f2049f770ce38f55ade4734a7a12396396d8a92a0982985406

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://200k-1kdw.pages.dev/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 10:47:47 GMT
content-encoding: gzip
via: 1.1 f6b1442435aa25cd25201838d0696952.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT20-C4
age: 1072
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4624
last-modified: Fri, 05 Apr 2024 17:20:02 GMT
server: AmazonS3
etag: "913298ab416ac2a2929b289175ce18a9"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: ouM-aBi8_KvX6kDc_94Bbe3_39ncEFnigHGqE5_Jqva23eVNyLDR9A==

OPTIONS
H3 204 track-visitor
acceleratecdn.com/ Frame 0
0 601ms
570ms Preflight 172.67.145.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acceleratecdn.com/track-visitor
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.145.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://200k-1kdw.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87bed1727f1b795b-NRT
content-length: 0
date: Mon, 29 Apr 2024 11:05:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qzWvdGqfLPT8FGxSE4PyWjjHsg0C64dNOLel4Bi6%2FRxWAxz1cjGX2VMnKoXrrPYQpr2uTQTASBkqVhwqw1cD4sUj1ILXpdJRn4dvb6L8S3qEgFmIxJcoq2ZFUO99ORKoh5Wl8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H3 200 track-visitor Show response
acceleratecdn.com/ 2 B
466 B 294ms
294ms Fetch
text/plain 172.67.145.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acceleratecdn.com/track-visitor
Requested by: Host: 200k-1kdw.pages.dev
URL: https://200k-1kdw.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.145.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://200k-1kdw.pages.dev/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 29 Apr 2024 11:05:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=46N34vTFejVWqDHEnc%2BGDIkjwP2CKx23jd2qiMU95I0%2F%2FbbZx%2BL97hxwF1UivKUAMDWTuqzzueUfi8EpjgeSW%2Bzs6dFzo9EvJwgy%2FbXH%2B44EtVc%2BwqxMo%2BRhUcPbhjgYxp2OPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cf-ray: 87bed1760b71795b-NRT
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H2 200 1225a879 Show response
settings.luckyorange.com/ 4 KB
2 KB 152ms
151ms Fetch
application/json 34.107.203.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/1225a879
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=1225a879
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash: c53bbf825e200a9cc4cd8c9b2d04e6f9b993b9860400375fb95532d0da238354

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
x-lucky-uid: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
x-lucky-referrer
Referer: https://200k-1kdw.pages.dev/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 11:05:39 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://200k-1kdw.pages.dev
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 1225a879
settings.luckyorange.com/ Frame 0
0 163ms
152ms Preflight 34.107.203.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/1225a879
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method: GET
Origin: https://200k-1kdw.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://200k-1kdw.pages.dev
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 29 Apr 2024 11:05:39 GMT
via: 1.1 google

GET
H2 200 json Show response
ipinfo.io/ 257 B
476 B 161ms
154ms Fetch
application/json 34.117.186.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/json

Requested by

Host: pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev
URL: https://pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev/6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.186.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

192.186.117.34.bc.googleusercontent.com

Software

nginx/1.24.0 /

Resource Hash

2e0d23698665c264ed60b5003de2b1303a63697d2cc685d3d37b7efecd71ed96

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://200k-1kdw.pages.dev/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 11:05:39 GMT
via: 1.1 google
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
server: nginx/1.24.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257

GET
H/1.1 200
OK mm.svg
pub-b8b9114e72b24ef7aebe530a2eb94bbc.r2.dev/ 6 KB
6 KB 471ms
451ms Image
image/svg+xml 2606:4700::6812:223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-b8b9114e72b24ef7aebe530a2eb94bbc.r2.dev/mm.svg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23fc6a3d0010db9befe6b3aebd4c634a945c437377b06c6416082ac3ea16278e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://200k-1kdw.pages.dev/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 29 Apr 2024 11:05:44 GMT
Last-Modified: Mon, 11 Mar 2024 15:32:36 GMT
Server: cloudflare
ETag: "96518a1585ce5ad63bc6377ec15fed7e"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 87bed1920a09afb2-NRT
Content-Length: 6023

GET /
metamask.app.link/dapp/200k-1kdw.pages.dev/ 0
0

GET /
200k-1kdw.pages.dev/ 0
0

GET
H2 200 favicon.ico
200k-1kdw.pages.dev/ 10 KB
10 KB 45ms
45ms Other
image/x-icon 2606:4700:310c::ac42:2ee3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://200k-1kdw.pages.dev/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2ee3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cc126ad0a15380b56917763cf106f3e2d0caa504c259b41d55d4d78ce1690d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://200k-1kdw.pages.dev/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 11:05:49 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"332a61dc8e003b5ddd574ed585516050"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8IiUFQDt56zZgQM8dq5blyoIZfHCUMnylYkH7rjUX9xPk4lRN4lul2%2F%2FJlOEWC69gi%2Bm2Yuotu8trer0%2FdPEJGXCvotW2YwBhm%2Bu%2FGL8tikxwr0x%2BTQ5Eu4o%2B2X7L%2FJJ%2B4VPHxYCfc3FsdMKrV6d%2FEwF"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 87bed1b17d0f685b-NRT
alt-svc: h3=":443"; ma=86400

POST
H3 200 record-visit Show response
acceleratecdn.com/ 9 B
418 B 312ms
311ms Fetch
text/html 172.67.145.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acceleratecdn.com/record-visit
Requested by: Host: pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev
URL: https://pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev/6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.145.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e392a3891c070abe312d9c08bb6a4a9f5342424dd15c80f1d5cf67d14b79650a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://200k-1kdw.pages.dev/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 29 Apr 2024 11:05:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pPvc4TE8NYHItcqNAImLMo1%2BizqH2LotZLhCFtqukFbCBCnxZu3%2FCHP8Lb3XMSqoOW2mSfX5tHl9zvpI62sYOPUKlaUb06BPqDD7GyV6n1b6NPGV8Z%2BGegCZCWQUc1BVHrLbjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cf-ray: 87bed1b53d27795b-NRT
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 204 record-visit
acceleratecdn.com/ Frame 0
0 592ms
592ms Preflight 172.67.145.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acceleratecdn.com/record-visit
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.145.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://200k-1kdw.pages.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87bed1b18fd4795b-NRT
content-length: 0
date: Mon, 29 Apr 2024 11:05:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lVKUQQhPxFj0MWWVxV2jAS%2BSY4b0NSDaWhuxNvYwrD5VY71XlImFVmC9Wi9mYcTehwhxspT1%2B6ne6X51CToX4M8QQX%2FnCl9OYoRUJGSj%2FbaA4MEN8t%2FZnJygLt5l3O5M91NW8g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 core.js Show response
tools.luckyorange.com/core/ Frame 57AC 213 KB
64 KB 11ms
5ms Script
text/javascript 2600:9000:21ee:4c00:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/core.js?v=39ac4b4
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=1225a879
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ee:4c00:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a0f2530ea649f8a855bc1a6a05d7070a083118793e08f21ebb6824ef47f1a1f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://200k-1kdw.pages.dev
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 11:04:52 GMT
content-encoding: gzip
via: 1.1 ff8441cf5ba1180f46877d00029f6fec.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT20-C4
age: 58
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 65284
last-modified: Fri, 05 Apr 2024 17:20:03 GMT
server: AmazonS3
etag: "e38017620c5200099c5ce447fa0cc2f1"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: b8obzr7_JqGFi3IGXtvlZiaHwuO1eCNF2uL97jI93QQ3bXbZ_BNQHQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: metamask.app.link
URL: https://metamask.app.link/dapp/200k-1kdw.pages.dev/

Domain: 200k-1kdw.pages.dev
URL: dapp://200k-1kdw.pages.dev/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

925 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.200k-1kdw.pages.dev/	1970-01-21 05:49:08	Name: lo-uid Value: 1225a879-1714388739171-d08a72fc82062e4c
			.200k-1kdw.pages.dev/	1970-01-21 05:49:08	Name: lo-visits Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://200k-1kdw.pages.dev/(Line 290) Message: The Content Security Policy 'default-src 'none'; font-src 'self' data:; img-src 'self' data:; style-src 'unsafe-inline'; media-src 'self' data:; script-src 'unsafe-inline' data:;' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

200k-1kdw.pages.dev
acceleratecdn.com
eth200k.com
ipinfo.io
metamask.app.link
pub-37c8978a8b824cf5a062c9e19d9865af.r2.dev
pub-b8b9114e72b24ef7aebe530a2eb94bbc.r2.dev
settings.luckyorange.com
tools.luckyorange.com
200k-1kdw.pages.dev
metamask.app.link
172.67.145.97
172.67.182.74
2600:9000:21ee:4c00:18:6c16:27c0:93a1
2606:4700:310c::ac42:2ee3
2606:4700::6812:223
2606:4700::6812:323
34.107.203.234
34.117.186.192
05a8371f49d0d51fe1eb64b4ccae6d5e5c538812bbb2a93d5cff7590b27f6336
10a4c49b444eaa3fcf9c3b28f992ac53b3b8ff7e42c78f53b51d81af63554b0f
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
23fc6a3d0010db9befe6b3aebd4c634a945c437377b06c6416082ac3ea16278e
2e0d23698665c264ed60b5003de2b1303a63697d2cc685d3d37b7efecd71ed96
493a0c3f38e807d0d34ef683bec3524147318dac3d328ffded7d05f4ceccea6c
4a0f2530ea649f8a855bc1a6a05d7070a083118793e08f21ebb6824ef47f1a1f
51297bbebc47d5f2049f770ce38f55ade4734a7a12396396d8a92a0982985406
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5fffa62486dc1a784ca7f14108e8c0bffbe70b82212418ed00fe5485bfb7dfe5
6cc126ad0a15380b56917763cf106f3e2d0caa504c259b41d55d4d78ce1690d2
961b2548bf83bf3864311a309cd4ade87698d79eafebea2129fbe7521a74660d
bedac6e51ad4146953265c102a054bd68c0d90239b17ea24ed311fa67b6e7748
c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff
c53bbf825e200a9cc4cd8c9b2d04e6f9b993b9860400375fb95532d0da238354
d9fc172f09ecfe8fdb87b2be46d0d5c203b957ea6eabbf9fa0bb599e868556d7
e392a3891c070abe312d9c08bb6a4a9f5342424dd15c80f1d5cf67d14b79650a

200k-1kdw.pages.dev Open in urlscan Pro 2606:4700:310c::ac42:2ee3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

22 Requests

91 %HTTPS

50 %IPv6

7 Domains

9 Subdomains

8 IPs

1 Countries

7842 kBTransfer

8019 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

925 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

200k-1kdw.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2ee3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

91 %
HTTPS

50 %
IPv6

7
Domains

9
Subdomains

8
IPs

1
Countries

7842 kB
Transfer

8019 kB
Size

2
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!