exchange-certificate.online
Open in
urlscan Pro
104.21.15.199
Malicious Activity!
Public Scan
Submission: On December 11 via manual from FI — Scanned from FI
Summary
TLS certificate: Issued by E1 on December 7th 2022. Valid for: 3 months.
This is the only time exchange-certificate.online was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 104.21.15.199 104.21.15.199 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 65.9.95.56 65.9.95.56 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 104.16.85.20 104.16.85.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
8 | 104.17.64.14 104.17.64.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 172.217.16.195 172.217.16.195 | 15169 (GOOGLE) (GOOGLE) | |
1 | 172.67.74.89 172.67.74.89 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
23 | 7 |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-56.prg50.r.cloudfront.net
cdn.ethers.io |
ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
shibaswap.com
shibaswap.com — Cisco Umbrella Rank: 761853 |
88 KB |
5 |
exchange-certificate.online
exchange-certificate.online |
44 KB |
4 |
gstatic.com
fonts.gstatic.com |
58 KB |
4 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 396 |
705 KB |
1 |
walletconnect.org
registry.walletconnect.org — Cisco Umbrella Rank: 614089 |
45 KB |
1 |
ethers.io
cdn.ethers.io — Cisco Umbrella Rank: 547974 |
198 KB |
23 | 6 |
Domain | Requested by | |
---|---|---|
8 | shibaswap.com |
exchange-certificate.online
|
5 | exchange-certificate.online |
exchange-certificate.online
|
4 | fonts.gstatic.com |
exchange-certificate.online
|
4 | cdn.jsdelivr.net |
exchange-certificate.online
|
1 | registry.walletconnect.org |
cdn.jsdelivr.net
|
1 | cdn.ethers.io |
exchange-certificate.online
|
23 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
shiboshis.shibaswap.com |
www.shibatoken.com |
t.me |
discord.com |
analytics.shibaswap.com |
twitter.com |
blog.shibaswap.com |
burn.shibaswap.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.exchange-certificate.online E1 |
2022-12-07 - 2023-03-07 |
3 months | crt.sh |
ethers.io Amazon |
2022-10-31 - 2023-11-28 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-02 - 2023-06-01 |
a year | crt.sh |
shibaswap.com Cloudflare Inc ECC CA-3 |
2022-06-04 - 2023-06-03 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-11-07 - 2023-01-30 |
3 months | crt.sh |
*.walletconnect.org GTS CA 1P5 |
2022-11-17 - 2023-02-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://exchange-certificate.online/?s=c2hpYmFzd2FwOzAx
Frame ID: 054E5EB69C332FA5E58AE0096EFA105D
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
HOME | ShibaSwapDetected technologies
React (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+data-react
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: More info
Search URL Search Domain Scan URL
Title: Website
Search URL Search Domain Scan URL
Title: Telegram
Search URL Search Domain Scan URL
Title: Discord
Search URL Search Domain Scan URL
Title: Bonefolio
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Medium
Search URL Search Domain Scan URL
Title: Burn Portal
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
exchange-certificate.online/ |
15 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
estilo.css
exchange-certificate.online/shibaswap/ |
28 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.1.min.js
exchange-certificate.online/js/ |
88 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ethers-5.2.umd.min.js
cdn.ethers.io/lib/ |
716 KB 198 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web3.min.js
cdn.jsdelivr.net/npm/web3@latest/dist/ |
1 MB 350 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.min.js
cdn.jsdelivr.net/npm/@walletconnect/web3-provider@1.7.1/dist/umd/ |
733 KB 195 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ethereumjs-tx-1.3.3.min.js
cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ |
315 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
keccak256.js
cdn.jsdelivr.net/npm/keccak256@latest/ |
292 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.min.js
exchange-certificate.online/js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shibaswap-icon.ee749b42.png
shibaswap.com/static/media/ |
45 KB 45 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dig_icon.7927c2f5.svg
shibaswap.com/static/media/ |
859 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fetchicon.b9020d17.svg
shibaswap.com/static/media/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bury_icon.8d33b1f9.svg
shibaswap.com/static/media/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
swap_icon.ff8c9b33.svg
shibaswap.com/static/media/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bonefolio_icon.8ac2bb35.svg
shibaswap.com/static/media/ |
587 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yield_icon.5546a444.svg
shibaswap.com/static/media/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
exchange-certificate.online/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background.png
shibaswap.com/images/ |
34 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nKKU-Go6G5tXcr4uPhWnVaFrNlJz.woff2
fonts.gstatic.com/s/kanit/v12/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nKKU-Go6G5tXcr5KPxWnVaFrNlJz.woff2
fonts.gstatic.com/s/kanit/v12/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NGS6v5_NC0k9P9H2TbFhsqMA.woff2
fonts.gstatic.com/s/heebo/v21/ |
26 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nKKU-Go6G5tXcr5mOBWnVaFrNlJz.woff2
fonts.gstatic.com/s/kanit/v12/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wallets.json
registry.walletconnect.org/data/ |
255 KB 45 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery object| _ethers object| ethers function| setImmediate function| clearImmediate object| regeneratorRuntime function| Web3 object| WalletConnectProvider object| ethereumjs function| keccak256 string| user object| _0x9bd5 function| signTransaction function| getBalanceToken boolean| mobile function| hexToDec function| NewTransaction function| Metamask function| save_log function| WalletConnect object| provider2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
exchange-certificate.online/ | Name: config Value: c2hpYmFzd2FwOzAx |
|
.shibaswap.com/ | Name: __cf_bm Value: EoYosHDP7_EUEfvgAKvxiF5kNcpf4FvXAAl95vUbCP0-1670759538-0-ATpiiyGxoQJOgnAcZ/bj7wV+SSfgS+QIV2nXUe9Ci7vnH0xtNlm7O9eaF3l5DuirT3aJeJaOUH7A0uPrDztg/xs= |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.ethers.io
cdn.jsdelivr.net
exchange-certificate.online
fonts.gstatic.com
registry.walletconnect.org
shibaswap.com
104.16.85.20
104.17.64.14
104.21.15.199
172.217.16.195
172.67.74.89
65.9.95.56
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
127b7f0475f4ac75735248f6c68afbbfb2118ad2dc83c214cc4126f5259e5b18
131c0d82967fed05e1920e519e0ea6ec91ab97b7c40480f72f8af8680bba1f0a
1e3054166abd4c16b4469148f6055a4d826fb0c1cf475136bb6dc6d86685eefd
1ea3d69e4f8791bb3146e9dc65172e13932496279080f6317f53bb64c786abc3
1eb572b980f6a3a57625d7dffd95cf0ca552ad5d5ee677e1b88f60bb2384448b
249f824f34fd0715ba6210535decaab795ce238de0dcdf9ffb40a5d6b2ea0369
24fd28a184ae2fb4fd0054d8760a6f5a403e9d6381d59118c27ae294cb0b038c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
436410e31cf9d8f32360c637365a62a5f3fa8d2c97285465f198918ca029f53d
71d7328c8b5a399aac329a83d86b51058c01e0e0414fc4577dabfc79c518c6d8
8228ac67560b6a52a856c2e6d6d136862116f10244c368a02a9e49cbe8eff12a
85dc41bd3bee74bc4b2aefdbbd2b1ebb2a61d5711bcbc6836533dbd037e49f41
88f4993e7e84aef5f7260bf1846558cdac02db313a3b2ab3eaa3deeda85fed31
8eee49e3d0f4e651f9f40adfd661861997715b99d5b88103ae44d248ca6b1751
930aa2385f60d81376a190101a1f8e46254665423f0d077c6fb5198d0516a87b
9b0076a8d1b2c5e383fd979ba8c38c6c33097e45a76c4c23ef83ef210ae09a53
b85d7263a5c769a63cd7c5e096577d0ae6108d2349b57a1ab98225e82a0eab9d
ba136d450b1fa5ad44269f11137acef812dc2eb57e2089586af7e65d15de2c28
c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff
c5766b68af9ae3ac9591f5d73534af4f31ad51a457eac5e37e4c2eec5ef1b20f
e4ad29ac966785ac37af96aa62c7b2997515eeaa0169ba0a540437e96df37f1d
e4e1b0c75d64421444548405a055b2efdb4cb1cee01f76843e9ac626a7c67f94
f2e303118ea7e9c57f2684b9680bdc50cf03c414e643566d3873a1e043b3e1a9