urlscan.io logo urlscan.io
SecurityTrails logo

www.walletbank.shop Open in urlscan Pro
165.154.201.84  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.walletbank.shop/
Submission: On November 30 via automatic, source certstream-suspicious — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 165.154.201.84, located in Singapore and belongs to SCLOUDPTELTD-AS Scloud Pte Ltd, SG. The main domain is www.walletbank.shop.
TLS certificate: Issued by R3 on November 30th 2023. Valid for: 3 months.
This is the only time www.walletbank.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 165.154.201.84 142002 (SCLOUDPTE...)
2 157.240.199.15 32934 (FACEBOOK)
1 157.240.199.35 32934 (FACEBOOK)
7 3
Apex Domain
Subdomains		 Transfer
4 walletbank.shop
www.walletbank.shop
491 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
89 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
7 3
Domain Requested by
4 www.walletbank.shop www.walletbank.shop
2 connect.facebook.net www.walletbank.shop
connect.facebook.net
1 www.facebook.com www.walletbank.shop
7 3

This site contains no links.

Subject Issuer Validity Valid
www.walletbank.shop
R3		 2023-11-30 -
2024-02-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-08 -
2023-12-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.walletbank.shop/
Frame ID: 49D02EE0A7A97773FEC260FC0C6C8300
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RetreeWallet

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

580 kB
Transfer

825 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.walletbank.shop/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walletbank.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.154.201.84 , Singapore, ASN142002 (SCLOUDPTELTD-AS Scloud Pte Ltd, SG),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
0990fc1ff48fdeba1bdb06e7f0e37bde018bb9f3036f1f66c0ed742e379890b0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
1159
Content-Type
text/html
Date
Thu, 30 Nov 2023 12:00:53 GMT
ETag
"655d726c-487"
Last-Modified
Wed, 22 Nov 2023 03:15:56 GMT
Server
nginx/1.14.1
background.png
www.walletbank.shop/img/ 		481 KB
481 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walletbank.shop/img/background.png
Requested by
Host: www.walletbank.shop
URL: https://www.walletbank.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.154.201.84 , Singapore, ASN142002 (SCLOUDPTELTD-AS Scloud Pte Ltd, SG),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
43904a879797101a69dc962f977281d81847d9ad5f09952117d2efc28bed56d5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.walletbank.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 12:00:53 GMT
Last-Modified
Wed, 22 Nov 2023 03:15:36 GMT
Server
nginx/1.14.1
ETag
"655d7258-7848e"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
492686
btn.png
www.walletbank.shop/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walletbank.shop/img/btn.png
Requested by
Host: www.walletbank.shop
URL: https://www.walletbank.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.154.201.84 , Singapore, ASN142002 (SCLOUDPTELTD-AS Scloud Pte Ltd, SG),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
11d4b66fe026a3089e7440debb423e899249bea5b03ccdc8476b97ecf0cc077e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.walletbank.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 12:00:53 GMT
Last-Modified
Tue, 21 Nov 2023 05:44:41 GMT
Server
nginx/1.14.1
ETag
"655c43c9-1414"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5140
facebook.js
www.walletbank.shop/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walletbank.shop/facebook.js
Requested by
Host: www.walletbank.shop
URL: https://www.walletbank.shop/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.154.201.84 , Singapore, ASN142002 (SCLOUDPTELTD-AS Scloud Pte Ltd, SG),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
14deedfb90121add3762e9a4585c6332f8ece77d4a35dd90dd82f95402f49f6f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.walletbank.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 12:00:53 GMT
Last-Modified
Thu, 30 Nov 2023 11:41:09 GMT
Server
nginx/1.14.1
ETag
"656874d5-b0a"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2826
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.walletbank.shop
URL: https://www.walletbank.shop/facebook.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.199.15 Kai Yi Wan, Hong Kong, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-hkg4.fbcdn.net
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.walletbank.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 30 Nov 2023 12:00:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
YAmAJyy/ZKvW7qoOQ+yp0OCEWyeAyxGRlM4HZZBl8gsIBJY28MEH/pCbxq26U8uB88PH6DPAqsVt9QBYSA0BqQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
7081650108564203
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/7081650108564203?v=2.9.138&r=stable&domain=www.walletbank.shop
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.199.15 Kai Yi Wan, Hong Kong, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-hkg4.fbcdn.net
Software
/
Resource Hash
c6205640d1089aec772d2d7d882ab1ddf502c0fa34cb32b6f10d851d6dd0370a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.walletbank.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 30 Nov 2023 12:00:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
Iv3p8mGG9YQhvVHQASx24lzSMdrMbjmTlZo1bw6WTjBbxQ1BEuzcfaJZB/XO319Nzsb6lQOq5njzbJz2Fxw54g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=7081650108564203&ev=PageView&dl=https%3A%2F%2Fwww.walletbank.shop%2F&rl=&if=false&ts=1701345655416&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701345655415.905647988&ler=empty&it=1701345655043&coo=false&rqm=GET
Requested by
Host: www.walletbank.shop
URL: https://www.walletbank.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.199.35 Kai Yi Wan, Hong Kong, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-hkg4.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.walletbank.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 30 Nov 2023 12:00:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| $jscomp undefined| fbclid undefined| adId function| setUrlParams function| getFbParams function| getUrlParam function| copyText function| openEmail function| fbq function| _fbq

1 Cookies

Domain/Path Name / Value
.walletbank.shop/ Name: _fbp
Value: fb.1.1701345655415.905647988