1inch.exchanges.help
Open in
urlscan Pro
2606:4700:3032::ac43:df98
Malicious Activity!
Public Scan
Submission: On January 04 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by E1 on December 12th 2022. Valid for: 3 months.
This is the only time 1inch.exchanges.help was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 2606:4700:303... 2606:4700:3032::ac43:df98 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:440... 2606:4700:4400::6812:2a64 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:2b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
2 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 13.225.165.23 13.225.165.23 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 2a04:4e42::485 2a04:4e42::485 | 54113 (FASTLY) (FASTLY) | |
1 | 2606:4700::68... 2606:4700::6810:7daf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 20.27.177.113 20.27.177.113 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 185.199.111.133 185.199.111.133 | 54113 (FASTLY) (FASTLY) | |
33 | 9 |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-165-23.nrt12.r.cloudfront.net
cdn.ethers.io |
ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-133.github.com
objects.githubusercontent.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 488 |
483 KB |
4 |
exchanges.help
1inch.exchanges.help |
26 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 356 |
8 KB |
2 |
1inch.io
1inch.io — Cisco Umbrella Rank: 145997 |
9 KB |
1 |
githubusercontent.com
objects.githubusercontent.com — Cisco Umbrella Rank: 14699 |
731 KB |
1 |
github.com
1 redirects
github.com — Cisco Umbrella Rank: 2257 |
3 KB |
1 |
unpkg.com
unpkg.com — Cisco Umbrella Rank: 1163 |
182 KB |
1 |
ethers.io
cdn.ethers.io — Cisco Umbrella Rank: 318789 |
197 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 943 |
31 KB |
0 |
googleapis.com
Failed
ajax.googleapis.com Failed |
|
33 | 10 |
Domain | Requested by | |
---|---|---|
4 | cdn.jsdelivr.net |
1inch.exchanges.help
|
4 | 1inch.exchanges.help |
1inch.exchanges.help
|
2 | cdnjs.cloudflare.com |
1inch.exchanges.help
|
2 | 1inch.io |
1inch.exchanges.help
|
1 | objects.githubusercontent.com |
1inch.exchanges.help
|
1 | github.com | 1 redirects |
1 | unpkg.com |
1inch.exchanges.help
|
1 | cdn.ethers.io |
1inch.exchanges.help
|
1 | code.jquery.com |
1inch.exchanges.help
|
0 | ajax.googleapis.com Failed |
1inch.exchanges.help
|
33 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.exchanges.help E1 |
2022-12-12 - 2023-03-12 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-05 - 2023-06-04 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
ethers.io Amazon |
2022-10-31 - 2023-11-28 |
a year | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://1inch.exchanges.help/?r=453128
Frame ID: 2E9F8ADADA37D902145B393738A9EBE1
Requests: 33 HTTP requests in this frame
Screenshot
Detected technologies
Axios (JavaScript libraries) ExpandDetected patterns
- /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
SweetAlert2 (JavaScript Libraries) Expand
Detected patterns
- /npm/sweetalert2@([\d.]+)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://github.com/WalletConnect/walletconnect-monorepo/releases/download/1.7.8/web3-provider.min.js HTTP 302
- https://objects.githubusercontent.com/github-production-release-asset-2e65be/146185516/095e5946-fd7e-4702-9421-c3966c4c6efd?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20230104%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230104T050203Z&X-Amz-Expires=300&X-Amz-Signature=e3dc4559184f7abcceba8636d9ee05b5134c76e791e0a3ed0c5207c21ce4b4a1&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=146185516&response-content-disposition=attachment%3B%20filename%3Dweb3-provider.min.js&response-content-type=application%2Foctet-stream
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
1inch.exchanges.help/ |
28 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commonstyle.css
1inch.io/ |
31 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
1inch.io/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ethers-5.2.umd.min.js
cdn.ethers.io/lib/ |
716 KB 197 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dark.css
cdn.jsdelivr.net/npm/@sweetalert2/theme-dark@4/ |
31 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sweetalert2@11
cdn.jsdelivr.net/npm/ |
63 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web3.min.js
cdn.jsdelivr.net/gh/ethereum/web3.js/dist/ |
1 MB 364 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
unpkg.com/web3modal@1.9.7/dist/ |
434 KB 182 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
095e5946-fd7e-4702-9421-c3966c4c6efd
objects.githubusercontent.com/github-production-release-asset-2e65be/146185516/ Redirect Chain
|
730 KB 731 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/0.27.2/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ethereumjs-tx-1.3.3.min.js
cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ |
315 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ABI.js
1inch.exchanges.help/ |
13 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
wallet-sdk-bundle.js
1inch.exchanges.help/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
1inch.exchanges.help/ |
88 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
seaport.js
1inch.exchanges.help/ |
512 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1inch-wallet-banner-logo.png
1inch.io/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
en.png
1inch.io/img/flags/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
zh.png
1inch.io/img/flags/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ru.png
1inch.io/img/flags/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fr.png
1inch.io/img/flags/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ja.png
1inch.io/img/flags/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
es.png
1inch.io/img/flags/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ko.png
1inch.io/img/flags/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ind.png
1inch.io/img/flags/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
vn.png
1inch.io/img/flags/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ua.png
1inch.io/img/flags/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
pt.png
1inch.io/img/flags/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
android-apk-2.svg
1inch.io/img/wallet/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery.slim.min.js
cdn.jsdelivr.net/npm/jquery@3.5.1/dist/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- 1inch.exchanges.help
- URL
- https://1inch.exchanges.help/wallet-sdk-bundle.js
- Domain
- 1inch.io
- URL
- https://1inch.io/img/1inch-wallet-banner-logo.png
- Domain
- 1inch.io
- URL
- https://1inch.io/img/flags/en.png
- Domain
- 1inch.io
- URL
- https://1inch.io/img/flags/zh.png
- Domain
- 1inch.io
- URL
- https://1inch.io/img/flags/ru.png
- Domain
- 1inch.io
- URL
- https://1inch.io/img/flags/fr.png
- Domain
- 1inch.io
- URL
- https://1inch.io/img/flags/ja.png
- Domain
- 1inch.io
- URL
- https://1inch.io/img/flags/es.png
- Domain
- 1inch.io
- URL
- https://1inch.io/img/flags/ko.png
- Domain
- 1inch.io
- URL
- https://1inch.io/img/flags/ind.png
- Domain
- 1inch.io
- URL
- https://1inch.io/img/flags/vn.png
- Domain
- 1inch.io
- URL
- https://1inch.io/img/flags/ua.png
- Domain
- 1inch.io
- URL
- https://1inch.io/img/flags/pt.png
- Domain
- 1inch.io
- URL
- https://1inch.io/img/wallet/android-apk-2.svg
- Domain
- cdn.jsdelivr.net
- URL
- https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.slim.min.js
- Domain
- cdn.jsdelivr.net
- URL
- https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js
- Domain
- ajax.googleapis.com
- URL
- https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery object| _ethers object| ethers function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| setImmediate function| clearImmediate object| regeneratorRuntime function| Web3 object| Web3Modal object| WalletConnectProvider function| axios object| ethereumjs object| ERC20_ABI object| ERC1155_ABI object| ERC721_ABI1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.exchanges.help/ | Name: __ddg1_ Value: DeGkChnZtli4xE8LnrYK |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1inch.exchanges.help
1inch.io
ajax.googleapis.com
cdn.ethers.io
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
github.com
objects.githubusercontent.com
unpkg.com
1inch.exchanges.help
1inch.io
ajax.googleapis.com
cdn.jsdelivr.net
13.225.165.23
185.199.111.133
20.27.177.113
2001:4de0:ac18::1:a:2b
2606:4700:3032::ac43:df98
2606:4700:4400::6812:2a64
2606:4700::6810:7daf
2606:4700::6811:190e
2a04:4e42::485
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
2950fef1ddb4a5e176416faf280da11a36081e4271ca4ff976345c659b4de8e7
43e18ed335699ef399d795838b1990a9cf486ca9cbeac3bc28b7fb711f8dfaab
6fe7d51173db613091bf214c885b0fdd301a52bed7ddf6ef3da3e0e49ab0b03c
7d40fda14a142b9cfc1442cbd96e786d0c5e6d3fcff5a8e5e43ca2e723cf0c17
88f50abc79c7870087b6adcd4ad8384377f023f9359045383b21c842717fac90
968d103baade1160c2e2d096bcdeb0ad70400b2b2e92df06bd6e6e0c7b5f4dba
a84a9217d2e96418a1c0ae90709136b582d5c62af098ea8408ed979213c18ddf
abdf5f2f74c275ca8623b1f5b7bcf59359376f2db0d94b453090e90295202154
c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
df08c11cdf5e3a5c169e08f83f4a4b4dd92c00332c70b3fda6c617c0bbd07ebc
df20b91814f65993000ef1b2faa0558bd8253754765ebdb5eb822667d44fb14d
e373b70a5167485c73a265421bcfcd1fdddbae49c9c51605e6d2918a3de4ae0d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e