mass.report
Scan Intelligence Report0/100
high Risk
cryptotradeinsights.org
https://cryptotradeinsights.org/hmpxw?utm_campaign=Automatika+Aust+Top+18.02&utm_content=aust&cid=au-set-1d&fbid=888474400439054&utm_medium=paid&utm_source=fb&utm_id=120241456814440770&utm_term=120241457246090770
IP
104.21.68.62 · Cloudflare, Inc.
Location
Toronto, Canada
Domain Age
25 days
HTTP
200 · 23.4s
SSL
Valid· WE1, Google Trust Services, US
Status
COMPLETED
KB/IOK Matches (0)—
No KB/IOK detections were recorded for this scan.
cryptotradeinsights.org
Credential Phishingfinance | technology | cryptocurrency | ecommerce · 4/5/2026
Summary
The page at cryptotradeinsights.org is impersonating a crypto-related brand by using a domain that contains “crypto” and presents branding cues that resemble crypto media content. Despite the lack of static login forms in the initial HTML, the SPA likely renders credential capture UI via JavaScript, as indicated by loaded external script and SPA-like behavior. The domain age is very young (25 days) and the SSL cert is valid, but issued to cryptotradeinsights.org, which does not correspond to the legitimate crypto brand implied by the domain similarity signals.
Attack Techniques (5)
Typosquatting/brand impersonation via domain containing 'crypto' (cryptotradeinsights.org) suggesting Crypto.com associationSingle-Page Application (SPA) rendering dynamic credential collection via JavaScript bundlesExternal script loading from a neutral/benign source (cloudflare insights beacon) used to obfuscate payloadBrand likeness through site visuals and content that resemble crypto-related media, misleading users into entering credentialsNew domain age (25 days) increasing the likelihood of fraudulent activity
Indicators of Compromise (5)
▸DOMAIN: cryptotradeinsights.org (contains 'crypto' and imitates crypto brand naming)
▸External script: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
▸POST request: https://cryptotradeinsights.org/cdn-cgi/rum? (204) indicating potential data exfiltration or tracking
▸Network assets loaded: multiple images and styles from cryptotradeinsights.org, plus fonts from Google, suggesting spoofed branding
▸SSL cert valid Jan 29 2026 to Apr 29 2026 for cryptotradeinsights.org; domain age 25 days; Cloudflare IP 104.21.68.62
Risk AssessmentUsed in abuse reports
Scanner detected a brand-impersonating domain with a short-lived, newly registered domain (cryptotradeinsights.org) that leverages Crypto-brand signals. The page appears to be a SPA that will render credential capture UI via JavaScript bundles, evidenced by static HTML containing no forms but a loaded external script and numerous resource requests. The domain’s branding and visuals appear designed to mimic crypto-related content, increasing risk of credential harvesting. Because the domain name similarity to a known crypto brand is high risk and the site is actively attempting to gather user input through dynamic scripts, this is a high-priority phishing domain requiring urgent takedown and suspension actions. Evidence includes: brand-like domain name, page title/content suggesting crypto topics, dynamic UI potential, and new SSL certificate coupled with a 25-day age warning.
Recommended Action
Suspend Domain
Cross-Reference8
URL Intelligence
Domain Intelligence
IP Intelligence
Public threat feed available — JSON API