uat-site--firefly-dex-preview.netlify.app Open in urlscan Pro
2a05:d014:275:cb02::c8 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://uat-site--firefly-dex-preview.netlify.app/
Submission: On April 11 via api (April 11th 2024, 3:22:33 pm UTC) from US — Scanned from DE

Summary HTTP 51 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 51 HTTP transactions. The main IP is 2a05:d014:275:cb02::c8, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is uat-site--firefly-dex-preview.netlify.app.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on January 15th 2024. Valid for: a year.

This is the only time uat-site--firefly-dex-preview.netlify.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Uniswap (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
12	2a05:d014:275... 2a05:d014:275:cb02::c8	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	76.76.21.22 76.76.21.22	16509 (AMAZON-02) (AMAZON-02)
12	23.20.28.125 23.20.28.125	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:20:... 2606:4700:20::681a:6d4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
20	37.27.106.242 37.27.106.242	24940 (HETZNER-AS) (HETZNER-AS)
51	8

12 2a05:d014:275:cb02::c8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

uat-site--firefly-dex-preview.netlify.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.76.21.22 (Walnut, United States)

ASN16509 (AMAZON-02, US)

chat.booper.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 23.20.28.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-28-125.compute-1.amazonaws.com

mainnet.infura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:6d4 (United States)

ASN13335 (CLOUDFLARENET, US)

tokens.fireflydex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 37.27.106.242 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: 37-27-106-242.ptr

rpc-node.fireflydex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	fireflydex.io tokens.fireflydex.io rpc-node.fireflydex.io	8 KB
12	infura.io mainnet.infura.io — Cisco Umbrella Rank: 29321	1 KB
12	netlify.app uat-site--firefly-dex-preview.netlify.app	2 MB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2490	389 B
1	booper.dev chat.booper.dev	247 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	99 KB
51	6

	Domain	Requested by
20	rpc-node.fireflydex.io	uat-site--firefly-dex-preview.netlify.app
12	mainnet.infura.io	uat-site--firefly-dex-preview.netlify.app
12	uat-site--firefly-dex-preview.netlify.app	uat-site--firefly-dex-preview.netlify.app
4	region1.google-analytics.com	www.googletagmanager.com
1	tokens.fireflydex.io	uat-site--firefly-dex-preview.netlify.app
1	chat.booper.dev	uat-site--firefly-dex-preview.netlify.app
1	www.googletagmanager.com	uat-site--firefly-dex-preview.netlify.app
51	7

This site contains links to these domains. Also see Links.

Domain
pacific-bridge.manta.network
info.fireflydex.io

Subject Issuer	Validity	Valid
*.netlify.app DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-15` - `2025-02-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
chat.booper.dev R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
*.infura.io Amazon RSA 2048 M02	`2023-11-29` - `2024-12-27`	a year	crt.sh
tokens.fireflydex.io E1	`2024-03-25` - `2024-06-23`	3 months	crt.sh
rpc-node.fireflydex.io R3	`2024-03-25` - `2024-06-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://uat-site--firefly-dex-preview.netlify.app/
Frame ID: 2ADC35C9B7D2E75F9FDAAEB5F2E08C81
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Firefly | Leading decentralized exchange on Manta

Detected technologies

Netlify (Web Servers) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.netlify\.(?:com|app)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

51
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

8
IPs

3
Countries

2419 kB
Transfer

6650 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://pacific-bridge.manta.network/
Title: Bridge

Search URL Search Domain Scan URL

URL: https://info.fireflydex.io/
Title: Charts↗

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
uat-site--firefly-dex-preview.netlify.app/ 5 KB
3 KB 169ms
134ms Document
text/html 2a05:d014:275:cb02::c8
AMAZON-02

General

			Domain/Path	Expires	Name / Value
			.uat-site--firefly-dex-preview.netlify.app/	1970-01-21 05:23:28	Name: _ga Value: GA1.1.53936875.1712848947
			.uat-site--firefly-dex-preview.netlify.app/	1970-01-21 05:23:28	Name: _ga_XJGWWZ5L5C Value: GS1.1.1712848946.1.1.1712848947.0.0.0

uat-site--firefly-dex-preview.netlify.app Open in urlscan Pro 2a05:d014:275:cb02::c8 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

57 %IPv6

6 Domains

7 Subdomains

8 IPs

3 Countries

2419 kBTransfer

6650 kBSize

2 Cookies

2 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

uat-site--firefly-dex-preview.netlify.app Open in urlscan Pro
2a05:d014:275:cb02::c8 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

8
IPs

3
Countries

2419 kB
Transfer

6650 kB
Size

2
Cookies

51 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!