nftpepe.co
Open in
urlscan Pro
212.1.210.107
Malicious Activity!
Public Scan
Submission: On May 16 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on May 15th 2023. Valid for: 3 months.
This is the only time nftpepe.co was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
20 | 212.1.210.107 212.1.210.107 | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
1 | 2607:f8b0:400... 2607:f8b0:400c:c18::61 | 15169 (GOOGLE) (GOOGLE) | |
1 | 192.229.173.207 192.229.173.207 | 15133 (EDGECAST) (EDGECAST) | |
1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6810:7baf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42:200... 2a04:4e42:200::485 | 54113 (FASTLY) (FASTLY) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:2a | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 | 2607:f8b0:400... 2607:f8b0:400c:c36::64 | 15169 (GOOGLE) (GOOGLE) | |
2 | 76.76.21.9 76.76.21.9 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 18.134.206.201 18.134.206.201 | 16509 (AMAZON-02) (AMAZON-02) | |
31 | 11 |
ASN47583 (AS-HOSTINGER, CY)
PTR: cpl30.main-hosting.eu
nftpepe.co |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-206-201.eu-west-2.compute.amazonaws.com
token.leonicornswap.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
nftpepe.co
nftpepe.co |
713 KB |
3 |
leonicornswap.com
api.leonicornswap.com token.leonicornswap.com |
507 KB |
2 |
unpkg.com
unpkg.com — Cisco Umbrella Rank: 930 |
501 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39 |
250 B |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 775 |
30 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379 |
95 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231 |
231 KB |
1 |
w3schools.com
www.w3schools.com — Cisco Umbrella Rank: 18837 |
5 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62 |
78 KB |
31 | 9 |
Domain | Requested by | |
---|---|---|
20 | nftpepe.co |
nftpepe.co
|
2 | api.leonicornswap.com |
nftpepe.co
|
2 | unpkg.com |
nftpepe.co
|
1 | token.leonicornswap.com |
nftpepe.co
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | code.jquery.com |
nftpepe.co
|
1 | cdn.jsdelivr.net |
nftpepe.co
|
1 | cdnjs.cloudflare.com |
nftpepe.co
|
1 | www.w3schools.com |
nftpepe.co
|
1 | www.googletagmanager.com |
nftpepe.co
|
31 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
pepe-swap.gitbook.io |
twitter.com |
t.me |
coinmarketcap.com |
coingecko.com |
link.trustwallet.com |
metamask.app.link |
go.cb-w.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
nftpepe.co R3 |
2023-05-15 - 2023-08-13 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-04-24 - 2023-07-17 |
3 months | crt.sh |
*.w3schools.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-03-05 - 2024-04-04 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
api.leonicornswap.com R3 |
2023-02-28 - 2023-05-29 |
3 months | crt.sh |
token.leonicornswap.com R3 |
2023-03-23 - 2023-06-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://nftpepe.co/
Frame ID: AD5C13C7FE8FE382ECCFBEEAB73DF3C2
Requests: 33 HTTP requests in this frame
Screenshot
Page Title
PEPESWAP | Swap & NFT & StakingDetected technologies
Google Analytics (Analytics) ExpandDetected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: Whitepaper
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
nftpepe.co/ |
91 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.bundle27b227b2.css
nftpepe.co/assets/css/ |
291 KB 44 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style-azalea40a340a3.css
nftpepe.co/assets/css/ |
339 KB 48 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme27b227b2.css
nftpepe.co/assets/css/ |
134 B 191 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
220 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w3.css
www.w3schools.com/w3css/4/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web3.min.js
cdnjs.cloudflare.com/ajax/libs/web3/3.0.0-rc.5/ |
2 MB 231 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
unpkg.com/web3modal@1.4.0/dist/ |
346 KB 146 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.min.js
unpkg.com/@walletconnect/web3-provider@1.2.0/dist/umd/ |
1 MB 354 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ethereumjs-tx-1.3.3.min.js
cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ |
315 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.1.min.js
code.jquery.com/ |
88 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
util.js
nftpepe.co/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
BANNER.webp
nftpepe.co/images/ |
15 KB 16 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
LOGO_BANNER.webp
nftpepe.co/images/ |
39 KB 39 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
globe-particle.html
nftpepe.co/images/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
TOKEN_PEPE.webp
nftpepe.co/images/ |
171 KB 171 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pc.html
nftpepe.co/images/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.bundle51715171.js
nftpepe.co/assets/js/ |
662 KB 192 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
scripts44034403.js
nftpepe.co/assets/js/ |
41 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
charts51715171.js
nftpepe.co/assets/js/ |
15 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
css1.css
nftpepe.co/ |
27 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
signer.js
nftpepe.co/ |
5 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
themify.woff
nftpepe.co/assets/fonts/ |
55 KB 55 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-brands-400.woff2
nftpepe.co/assets/fonts/ |
75 KB 75 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Ikon-Crypto90159015.ttf
nftpepe.co/assets/fonts/ |
36 KB 36 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 250 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
gossiper.php
nftpepe.co/ |
15 B 102 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
globe-particle.html
nftpepe.co/images/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0x2c8368f8f474ed9af49b87eac77061beb986c2f1
api.leonicornswap.com/api/tokens/ |
104 B 440 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0x27E873bee690C8E161813DE3566E9E18a64b0381
api.leonicornswap.com/api/tokens/ |
185 B 297 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
history
token.leonicornswap.com/ |
506 KB 506 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)90 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| gtag object| dataLayer function| setImmediate function| clearImmediate object| regeneratorRuntime function| Web3 object| scCGSHMRCache object| Web3Modal object| WalletConnectProvider object| ethereumjs function| $ function| jQuery number| chainIndex object| GASPRICE undefined| accounts string| infuraId undefined| provider object| networks function| connectWallet function| setUpWalletConnect function| switchNetwork function| switchNetworkMobile function| disconnectWallet function| isMobile function| bigDecimal boolean| isLoaded string| TARGET_ADDRESS number| autoIndex object| coins boolean| isWalletConnected object| net function| walletConnected function| connectWalletFailed function| prepareConnectWallet function| checkChain function| getCoins function| startAuto function| isAndroid function| showLoading function| hideLoading function| showProgress function| hideProgress function| gossiperWalletConnect function| gossiperWalletNotConnect function| gossiperWalletTransaction function| gossiperWalletLog function| log function| showDialogConnectWallet function| hideDialogConnectWallet function| goConnect2 function| openWindow function| goConnect function| connect object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| hexToRgb function| clamp function| isInArray function| pJS object| $jscomp function| $jscomp$lookupPolyfilledValue object| bootstrap function| Waypoint function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS function| Color function| Chart object| toastr object| YTPlayer function| toFixed object| NioApp function| getPrice function| number_format function| copyToClickBoard function| encodeRLP function| extractRVS function| sign function| getCoinTxData function| getTokenTxData function| callSendRawTransaction function| setSignLoading function| successSign function| errorSign function| updateWeb3Modal string| waypointContextKey2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.nftpepe.co/ | Name: _ga_87YY4XDXCB Value: GS1.1.1684250948.1.0.1684250948.0.0.0 |
|
.nftpepe.co/ | Name: _ga Value: GA1.1.260363756.1684250949 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.leonicornswap.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
nftpepe.co
token.leonicornswap.com
unpkg.com
www.google-analytics.com
www.googletagmanager.com
www.w3schools.com
18.134.206.201
192.229.173.207
2001:4de0:ac18::1:a:2a
212.1.210.107
2606:4700::6810:7baf
2606:4700::6811:190e
2607:f8b0:400c:c18::61
2607:f8b0:400c:c36::64
2a04:4e42:200::485
76.76.21.9
0b2022e1ff7f31794ecd66c68fc615c45d77237cb0fae7d24ad143ed79c2077a
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
0f9813b4977d4389c541114149f2a2e83a3250a29bc6ccaee4b603e1f6f731d4
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
20bdc6b23b5a3c634d5c02f6b741b99ed5fa95da858f2407d54720513ebb4883
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2
66628e69664d2b90230d813ab5fa580328efd813c2a05562204a48bee6121132
6e8ab2968883a313b4e37f2649d780fcf8f47aa8aeaaf56526a5ddcc92ff4087
71e589ea7c34d781f685c258ec7a8ec76035216e93b7e69796c83ffbc4cfa9cd
721e520cf1f7c827d1a8297611c238d2699403eb228dad8317d539f6d3ddf98e
8bd04d4f40d1b4b2514cacc9fd00a9eabc04262010ca351bc07f1ca4958fc8b7
8eee49e3d0f4e651f9f40adfd661861997715b99d5b88103ae44d248ca6b1751
913db55e4c2b7b0c4d6160045b3d48f4b5214129e0a45c28ecfcd401f22ab7bf
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
b83ce6164415f5ac5efe6b432b19d30271240c81c915db86189ca6d5b091e8be
c0176ac8bb8159ee5a96bfb2fa0a0d9aedf90528e240b93fa41a0c2d2c7c3926
c2344243fcfc43719900f668cf3d69914445bf448e2690ed2d11beee39179572
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
c8d0c95086fbb3863b0050ebe95760847c8bc8c5dd7c36ce902d920d3c1e3714
d64e805e32d33902a9dcb87d869f26421f736d075cd03e8ac8dd11cb84d96071
dde32bd187ca1d6c46f854bdbe81d64980644a822045d9cdaf36ca4b09e2ebb5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4efb1dccefb28a6b96d57b2d18f7b1ce1e3502f870fe6c6d4c5362fcc8201f8
e553afe7666bf8e497926d7aaa159eb6877c4588e699de00fcbb33443b32d2a7
e89435503bdeaa63e1d918d615e03e9558a0f470d2a2e7b31493355431c9e8e2
eaa566c7dddb8fb3085157f9f8ebb8879b41a1ec3904e7d49887d610c625c92e
f2930f02641676853a581498482cb6d3af4e920b02f10f9cae1a1693a0cdf478
f59c441f4ec1c4dbd40a27be99432a13005c60f10092ee581c1929ac31b593d4