orca-app-solana.com
Open in
urlscan Pro
2a06:98c1:3120::3
Malicious Activity!
Public Scan
Effective URL: https://orca-app-solana.com/en/
Submission: On January 17 via api from FI — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on January 14th 2024. Valid for: 3 months.
This is the only time orca-app-solana.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 5 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 99.86.4.99 99.86.4.99 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2606:4700:10:... 2606:4700:10::6816:18fe | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 54.186.23.98 54.186.23.98 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2600:9000:225... 2600:9000:225b:4400:19:7d10:bd80:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 54.201.135.255 54.201.135.255 | 16509 (AMAZON-02) (AMAZON-02) | |
15 | 8 |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-99.fra6.r.cloudfront.net
js.stripe.com |
ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-135-255.us-west-2.compute.amazonaws.com
m.stripe.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
stripe.com
js.stripe.com — Cisco Umbrella Rank: 1227 q.stripe.com — Cisco Umbrella Rank: 7010 m.stripe.com — Cisco Umbrella Rank: 1188 |
5 KB |
5 |
orca-app-solana.com
2 redirects
orca-app-solana.com |
63 KB |
3 |
orca.so
www.orca.so |
16 KB |
2 |
stripe.network
m.stripe.network — Cisco Umbrella Rank: 1315 |
16 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369 |
31 KB |
15 | 5 |
Domain | Requested by | |
---|---|---|
5 | orca-app-solana.com |
2 redirects
orca-app-solana.com
|
3 | q.stripe.com |
orca-app-solana.com
|
3 | www.orca.so |
orca-app-solana.com
|
2 | m.stripe.network |
js.stripe.com
m.stripe.network |
2 | js.stripe.com |
orca-app-solana.com
js.stripe.com |
1 | m.stripe.com |
m.stripe.network
|
1 | ajax.googleapis.com |
orca-app-solana.com
|
15 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
v1.orca.so |
Subject Issuer | Validity | Valid | |
---|---|---|---|
orca-app-solana.com GTS CA 1P5 |
2024-01-14 - 2024-04-13 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA |
2024-01-02 - 2024-04-04 |
3 months | crt.sh |
www.orca.so GTS CA 1P5 |
2023-12-04 - 2024-03-03 |
3 months | crt.sh |
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-12-20 - 2024-03-21 |
3 months | crt.sh |
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-22 - 2024-03-21 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://orca-app-solana.com/en/
Frame ID: 28EA32255E8B7403F528923A194BA224
Requests: 22 HTTP requests in this frame
Frame:
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: E19C0ED37B171D1E5F30E49C19F289E5
Requests: 4 HTTP requests in this frame
Frame:
https://m.stripe.network/inner.html
Frame ID: 9EB083D693FCE95910BA6389D028306B
Requests: 4 HTTP requests in this frame
Screenshot
Page Title
Orca | DeFi for people, not programsPage URL History Show full URLs
-
http://orca-app-solana.com/
HTTP 301
https://orca-app-solana.com/ HTTP 302
https://orca-app-solana.com/en/ Page URL
Detected technologies
Stripe (Payment Processors) ExpandDetected patterns
- js\.stripe\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Orca Protocol Disclaimer
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://orca-app-solana.com/
HTTP 301
https://orca-app-solana.com/ HTTP 302
https://orca-app-solana.com/en/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
orca-app-solana.com/en/ Redirect Chain
|
169 KB 56 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles.css
orca-app-solana.com/en/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
func.js
orca-app-solana.com/en/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame E19C |
200 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
618 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
767 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
819 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background-kelp.svg
www.orca.so/ |
23 KB 10 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image
www.orca.so/_next/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image
www.orca.so/_next/ |
1010 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame E19C |
631 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp-report
q.stripe.com/ Frame E19C |
0 717 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp-report
q.stripe.com/ Frame E19C |
0 716 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inner.html
m.stripe.network/ Frame 9EB0 |
930 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp-report
q.stripe.com/ Frame 9EB0 |
0 490 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
out-4.5.43.js
m.stripe.network/ Frame 9EB0 |
87 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
6
m.stripe.com/ Frame 9EB0 |
156 B 668 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| mostrar function| chamarmodal function| $ function| jQuery function| openModalError_button2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
orca-app-solana.com/ | Name: PHPSESSID Value: otm5evd61689n0h5pqg346rpes |
|
m.stripe.com/ | Name: m Value: d37c955e-9665-41ee-bc59-accdce8ea0c4a2cb6d |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
js.stripe.com
m.stripe.com
m.stripe.network
orca-app-solana.com
q.stripe.com
www.orca.so
2600:9000:225b:4400:19:7d10:bd80:93a1
2606:4700:10::6816:18fe
2a00:1450:4001:806::200a
2a06:98c1:3120::3
54.186.23.98
54.201.135.255
99.86.4.99
0031faa52ea912fee1494db76442c8f8d2c5af5fa9ac077f8a45209a6f83b41d
03ce37a48e8fa8b84caf58f902a90dac8db3fdab937b2c8c7a056a56b9f5dd16
103ef4b670d4ab81793bf213a9cc1024ac25064260b7cda7f11ef90854b42941
1cbd1fa9704aaa148578fd626205e7c47d664dab8b5b586a5c52b0bb4e060143
27a4439682a43259cb82ca1682aecf8370d36125f724cdff0c38578981fefdc7
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
36ec90aea0702d8abd3d4fc72b3d189c44fe1fa3cf6cb3c617f6f4522f92540f
3d63f5523f7e91d44f00f52d2ccf2f2766193bfe1db0cc27e9018975a74306ef
3e6d097f02f00472f30b829ec29deefadb5e559d272262f25db9b079be74a1a8
4b182992587119e85db1545688b637d5322778bd1894b548d1082394d522cd7b
4de0f7541473fd639ed252f1ed9b1169a3336b39acbef43d48b5335b169ae323
5cfc4286ee88c69f1b11cbb016dcc96f94558c1293ee442acd705569727107be
6ebbeff35834ab2030fada9fccbd2315e21b6a9918530d306d9f8885cadd7cb1
7b437026682e53694b4195c85dbd9e9c4bdae1512ba6eacb2af630cbe7f8c237
84c316bf1102f75b5f97ea6c5555c82651c678db14830b9750d65b87df3e92af
8639f1b554805fc4f701a8629deddd603c18f622b60d35f63ad686032b91b549
8eee49e3d0f4e651f9f40adfd661861997715b99d5b88103ae44d248ca6b1751
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
a164552a6dde632a86cead517df62c316010645e2c79c278f0999d56fad0e0a9
caae9257d022b731b579a65d458ee204cb2cc404cb9f300e78274d4bdf915d30
da4f28e516dfeb3118bffbf7dd48944620adf0f15d1e9fc019d1a21d5e6167eb
de7bcb1e092562459f03066ae4badc1a6495c370e31f5bed4a78d2093a801bef
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e18039d9b86dfb20f0de75a236ce38ca78dd53810c1e6db42c70baa281d54318
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f0a1e2263ef6cdf30ab88d2f53e6d4e16a40e66fc3f4d28755d6bc11bb19ec81
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d