fiddle.jshell.net
Open in
urlscan Pro
45.55.126.88
Malicious Activity!
Public Scan
Submission: On April 28 via manual from JP
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on April 22nd 2020. Valid for: 3 months.
This is the only time fiddle.jshell.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 45.55.126.88 45.55.126.88 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 2a00:1450:400... 2a00:1450:4001:821::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
2 | 152.199.21.147 152.199.21.147 | 15133 (EDGECAST) (EDGECAST) | |
5 | 2606:4700::68... 2606:4700::6810:7791 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665 | 15133 (EDGECAST) (EDGECAST) | |
1 | 13.225.73.104 13.225.73.104 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 151.101.112.193 151.101.112.193 | 54113 (FASTLY) (FASTLY) | |
3 | 2606:4700::68... 2606:4700::6810:7891 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
29 | 10 |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-104.fra2.r.cloudfront.net
avatars.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
medium.com
miro.medium.com glyph.medium.com |
162 KB |
8 |
jshell.net
fiddle.jshell.net |
37 KB |
7 |
twimg.com
pbs.twimg.com |
234 KB |
2 |
tumblr.com
static.tumblr.com |
574 KB |
1 |
imgur.com
i.imgur.com |
91 KB |
1 |
avatars.io
avatars.io |
13 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
1 |
googleapis.com
fonts.googleapis.com |
581 B |
29 | 8 |
Domain | Requested by | |
---|---|---|
8 | fiddle.jshell.net |
fiddle.jshell.net
|
7 | pbs.twimg.com |
fiddle.jshell.net
|
5 | miro.medium.com |
fiddle.jshell.net
|
3 | glyph.medium.com |
fiddle.jshell.net
|
2 | static.tumblr.com |
fiddle.jshell.net
|
1 | i.imgur.com |
fiddle.jshell.net
|
1 | avatars.io |
fiddle.jshell.net
|
1 | code.jquery.com |
fiddle.jshell.net
|
1 | fonts.googleapis.com |
fiddle.jshell.net
|
29 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
fiddle.jshell.net Let's Encrypt Authority X3 |
2020-04-22 - 2020-07-21 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-04-07 - 2020-06-30 |
3 months | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
tumblr.com DigiCert SHA2 Extended Validation Server CA |
2020-04-09 - 2022-04-14 |
2 years | crt.sh |
*.medium.com DigiCert SHA2 Secure Server CA |
2018-07-31 - 2020-09-09 |
2 years | crt.sh |
*.twimg.com DigiCert SHA2 High Assurance Server CA |
2019-11-12 - 2020-11-18 |
a year | crt.sh |
avatars.io Amazon |
2019-05-20 - 2020-06-20 |
a year | crt.sh |
*.imgur.com DigiCert SHA2 Secure Server CA |
2020-01-15 - 2022-03-16 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://fiddle.jshell.net/jtfd86xc/show/
Frame ID: DFAB1A4B7BE68858D3EE9E1FFA55368D
Requests: 5 HTTP requests in this frame
Frame:
https://fiddle.jshell.net/jtfd86xc/show/light/
Frame ID: 54E71314A353466F5787933C0D7C5AA1
Requests: 27 HTTP requests in this frame
Screenshot
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
fiddle.jshell.net/jtfd86xc/show/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
highlight.pack.js
fiddle.jshell.net/js/embed/ |
18 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embed.js
fiddle.jshell.net/js/embed/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embed-light.css
fiddle.jshell.net/css/embed/ |
7 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
1 KB 581 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
fiddle.jshell.net/jtfd86xc/show/light/ Frame 54E7 |
114 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dummy.js
fiddle.jshell.net/js/lib/ Frame 54E7 |
0 191 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
result-light.css
fiddle.jshell.net/css/ Frame 54E7 |
29 B 230 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.4.1.min.js
code.jquery.com/ Frame 54E7 |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m2.css
static.tumblr.com/bejxdgc/NDhpx23f1/ Frame 54E7 |
64 KB 64 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-branding-base.css
static.tumblr.com/bejxdgc/H7hpx23gv/ Frame 54E7 |
510 KB 510 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0*7BnzmbPe0EWkT0wh.jpg
miro.medium.com/fit/c/48/48/ Frame 54E7 |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1UATD6Vui-5Xa4Vb2QAOtbg_002.png
fiddle.jshell.net/jtfd86xc/show/light/index_files/ Frame 54E7 |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1*nuolQHEle68ErAQDhoatww.jpeg
miro.medium.com/max/1000/ Frame 54E7 |
87 KB 87 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0*V4KAYJF9WB-Cvxfi.jpg
miro.medium.com/fit/c/160/160/ Frame 54E7 |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1*tIWs8Qk_-H0ANcEVDFGLsg.png
miro.medium.com/max/240/ Frame 54E7 |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1*mdJWWVTfTd7LMbR1pZvZ0A.jpeg
miro.medium.com/max/240/ Frame 54E7 |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aVq2oAP-_normal.jpg
pbs.twimg.com/profile_images/1006221503548059657/ Frame 54E7 |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a3a234d295e0a5824b856d5ddf228d0c_bigger.jpeg
pbs.twimg.com/profile_images/2924807632/ Frame 54E7 |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
large
avatars.io/twitter/AlexCobb_/ Frame 54E7 |
12 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4ZyABl-E_400x400.jpg
pbs.twimg.com/profile_images/1178449867590512640/ Frame 54E7 |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pTlu6wrD_400x400.jpg
pbs.twimg.com/profile_images/1076901702102597632/ Frame 54E7 |
46 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VItKwBD2_400x400.jpg
pbs.twimg.com/profile_images/817962897011867651/ Frame 54E7 |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
63LLvWj2_400x400.png
pbs.twimg.com/profile_images/1123797849471377413/ Frame 54E7 |
112 KB 112 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j_33c0np_400x400.jpg
pbs.twimg.com/profile_images/1236403494392864768/ Frame 54E7 |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Ad99nEB.jpg
i.imgur.com/ Frame 54E7 |
90 KB 91 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 54E7 |
14 KB 14 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fell-400-normal.woff
glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ Frame 54E7 |
14 KB 14 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 54E7 |
15 KB 15 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
charter-700-normal.woff
glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ Frame 54E7 |
10 KB 11 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 54E7 |
14 KB 14 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marat-sans-600-normal.woff
glyph.medium.com/font/6f4b679/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ Frame 54E7 |
15 KB 15 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| hljs undefined| height object| force_height string| slug string| show_src number| resize_element_counter string| shell_edit_url object| EmbedManager2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
fiddle.jshell.net/ | Name: _jsfiddle_session Value: RCtmVEgvMEJYQlZYSzdGMHFGZzNCdkNIcFJsVzJvRGNxTnJXRnBNaXdsZk44ay9uVk1jSkREV0hGTFIxeit2cjdtS1hCMkNMaHZBVzZGMk5WbUZmYmpVYVBXUXRxbDVja1RDbmlxamN0a3dTcmJseTBBWlVsS1Rzbm1RSXFMbHhwbkZsNDdqM3NaYjlUckVvd0k5WG5RPT0tLWo1QzdJdytxSmN3Vm9UbXBMNTNlRGc9PQ%3D%3D--6b344e9cb1a2654a21a9861df4257c2dc7f4db93 |
|
fiddle.jshell.net/ | Name: csrftoken Value: ejX%2B8EfdR7d6ZAYqyI7SveTw1QRisIGpkBzMHgplsOX6udW85SPrYiBP3FEe%2FCziW3a9ydJgknVFapR4sMKSgQ%3D%3D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | ALLOWALL |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
avatars.io
code.jquery.com
fiddle.jshell.net
fonts.googleapis.com
glyph.medium.com
i.imgur.com
miro.medium.com
pbs.twimg.com
static.tumblr.com
13.225.73.104
151.101.112.193
152.199.21.147
2001:4de0:ac19::1:b:1a
2606:2800:134:fa2:1627:1fe:edb:1665
2606:4700::6810:7791
2606:4700::6810:7891
2a00:1450:4001:821::200a
45.55.126.88
06c91a82be00f2961fde70cdee401a0f62c75c86539a7c87ffd16edb87d8357c
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
198f7f8d32f771479af26f52469b8dd04dc50cd187aceb661dd3beeffaa2aebc
29e89f00341d65ffbab6fdfce78f7e42a1daf4bda2e3615ad9466e2ce47760ef
31ce12605ac90c6218f74f3f8365f923d69269345b0cb46e32b4feb868143428
41532aec4c3a3a0747ca853b064ef7a96483a95798a6526974ec043997e2ccf9
4e9c938cbadfe141fcd6bcdb9b99007d82b122468fab826be3af5390323ba841
4ed073e4c275c2a9aa07de5428e5561820300edb2232ecdc28073efb22ccfd1b
52cf354d386ddcaafd4c8cc18493a5e9b9659df4c00fa06e189714df85a8a47c
5bf8a2bf795b3af4a7d3e5ef848718c6d6fd081e0799f5af777b6d857c92cf2b
79756e53a42ec454c0443ea89676f87544c34c6a492476c8e5730e0164b6bd6e
88c246f58844411c9cdf8f8057e4ae96c69e6ba29b892f1ea3154f9912c3f372
8c16cea95eec6f9f7932b7571e6ee2f375f89cd5bdcc955b05a7c09619c8c0aa
8ed4d5864bd422a465a7a7cb8270d1cfbd7d7bb28b47a70da3b10e45562bf9c0
93967dd8cd4cccff9075fd0165b3b2f50c94d43150b9bd2dc12fb8770fa44e1d
99a9df080944a29084bf6f88ccc49b1f3a0cee1aed655c640ca433871a6af398
99dacff4ea7603fb33484a77a632cb1d805b2fff84f477934abc360977eef115
a214e8a9da8a7b9eeab2eaf27bd569cfdf5bf41fc7d3cbf09c93b20238ceaa87
be9a62a389ef14e5aa7c9c7ef9f7bec271ecce1f86aa8f0cdcc9a5e3acf7948e
be9dcdaafad8339b2af6f14f7ec02da9caa55a5574e6eb09c64515c232fc2de8
bf82b5b7148bf7f3ae01c94d29508087c09fa250768f4e54f015e6b02816487f
bfa49ab1e13e2fb1c79edc64c869a52835f724e6d760887f462aa24ca059e70d
c3e568b8600083d2343ae7a3849df66cbe77608ae46d57d5192508a4cfac4221
cb31d2d43efc714642919af84920177170837267c64a8fd3cec95889f83cc276
d1de21730854ea4db035a81914cb0bd57aa74d715af6f89b46a2d002917ca1ed
de11903c968934ce80d62295243657a52b74985516d3e5b237172329bfc1f186
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50c7f011fb1efc8e70b8ad32391fb3d02b1120a89632d1a3fac4d3a81876304
eb1b2b6a89fc6a95f114fe9e4d9e17a76b56679087db47817ec444276cf784a2
eb6716cc505aa72734bf11ebfd6c604e1136e11e8ab017f8a405b3ae73f633b1
f57137897a4e676f0d2199b79def1a95b253a1a938dff9d8ba10519f3beb2b08
ff4c91bf9cb91b2fb2e0344577754e3f2ade240aa8d8d8db0171901c9115feb1