1inch.exchanges.help Open in urlscan Pro
2606:4700:3032::ac43:df98  Malicious Activity! Public Scan

URL: https://1inch.exchanges.help/?r=453128
Submission: On January 04 via api from JP — Scanned from JP

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 33 HTTP transactions. The main IP is 2606:4700:3032::ac43:df98, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1inch.exchanges.help.
TLS certificate: Issued by E1 on December 12th 2022. Valid for: 3 months.
This is the only time 1inch.exchanges.help was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.225.165.23 16509 (AMAZON-02)
4 2a04:4e42::485 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 20.27.177.113 8075 (MICROSOFT...)
1 185.199.111.133 54113 (FASTLY)
33 9
Apex Domain
Subdomains
Transfer
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 488
483 KB
4 exchanges.help
1inch.exchanges.help
26 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 356
8 KB
2 1inch.io
1inch.io — Cisco Umbrella Rank: 145997
9 KB
1 githubusercontent.com
objects.githubusercontent.com — Cisco Umbrella Rank: 14699
731 KB
1 github.com
github.com — Cisco Umbrella Rank: 2257
3 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1163
182 KB
1 ethers.io
cdn.ethers.io — Cisco Umbrella Rank: 318789
197 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 943
31 KB
0 googleapis.com Failed
ajax.googleapis.com Failed
33 10
Domain Requested by
4 cdn.jsdelivr.net 1inch.exchanges.help
4 1inch.exchanges.help 1inch.exchanges.help
2 cdnjs.cloudflare.com 1inch.exchanges.help
2 1inch.io 1inch.exchanges.help
1 objects.githubusercontent.com 1inch.exchanges.help
1 github.com 1 redirects
1 unpkg.com 1inch.exchanges.help
1 cdn.ethers.io 1inch.exchanges.help
1 code.jquery.com 1inch.exchanges.help
0 ajax.googleapis.com Failed 1inch.exchanges.help
33 10

This site contains no links.

Subject Issuer Validity Valid
*.exchanges.help
E1
2022-12-12 -
2023-03-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-05 -
2023-06-04
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
ethers.io
Amazon
2022-10-31 -
2023-11-28
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh

This page contains 1 frames:

Primary Page: https://1inch.exchanges.help/?r=453128
Frame ID: 2E9F8ADADA37D902145B393738A9EBE1
Requests: 33 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Overall confidence: 100%
Detected patterns
  • /npm/sweetalert2@([\d.]+)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

33
Requests

45 %
HTTPS

67 %
IPv6

10
Domains

10
Subdomains

9
IPs

3
Countries

1667 kB
Transfer

4339 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://github.com/WalletConnect/walletconnect-monorepo/releases/download/1.7.8/web3-provider.min.js HTTP 302
  • https://objects.githubusercontent.com/github-production-release-asset-2e65be/146185516/095e5946-fd7e-4702-9421-c3966c4c6efd?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20230104%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230104T050203Z&X-Amz-Expires=300&X-Amz-Signature=e3dc4559184f7abcceba8636d9ee05b5134c76e791e0a3ed0c5207c21ce4b4a1&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=146185516&response-content-disposition=attachment%3B%20filename%3Dweb3-provider.min.js&response-content-type=application%2Foctet-stream

33 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
1inch.exchanges.help/
28 KB
6 KB
Document
General
Full URL
https://1inch.exchanges.help/?r=453128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:df98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abdf5f2f74c275ca8623b1f5b7bcf59359376f2db0d94b453090e90295202154

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
78416cef0dbbf6d9-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 04 Jan 2023 05:03:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYNGjZGHUo%2BrGH2mFXh6ToEfhYcu9w%2BIp8ST7vkMCuSQexoUEnG4rmrcl7FsYI4NxfR6%2B0IUoiLV8BYAzZAU7SAYx3GJifqGmE4rcRskYw2Z6X7lHiqWWT%2BspQiH6bCJHZFG%2F66kFw4A54VzX%2FoEg3ye%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
commonstyle.css
1inch.io/
31 KB
7 KB
Stylesheet
General
Full URL
https://1inch.io/commonstyle.css
Requested by
Host: 1inch.exchanges.help
URL: https://1inch.exchanges.help/?r=453128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d40fda14a142b9cfc1442cbd96e786d0c5e6d3fcff5a8e5e43ca2e723cf0c17

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1inch.exchanges.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-fastly-request-id
eac64a9de46b04a66a71ed1a4cae4ff3fd7528e1
date
Wed, 04 Jan 2023 05:03:05 GMT
via
1.1 varnish
content-encoding
br
expires
Fri, 30 Dec 2022 00:30:01 GMT
cf-cache-status
HIT
x-proxy-cache
MISS
x-cache
MISS
x-served-by
cache-mel11273-MEL
last-modified
Wed, 28 Dec 2022 10:24:02 GMT
server
cloudflare
x-github-request-id
85AC:0C31:1321B2:161655:63B45E77
x-timer
S1672765048.731599,VS0,VE228
etag
W/"63ac1942-7b31"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
x-origin-cache
HIT
cf-ray
78416cf7f90280b1-NRT
x-cache-hits
0
index.css
1inch.io/
8 KB
2 KB
Stylesheet
General
Full URL
https://1inch.io/index.css
Requested by
Host: 1inch.exchanges.help
URL: https://1inch.exchanges.help/?r=453128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a84a9217d2e96418a1c0ae90709136b582d5c62af098ea8408ed979213c18ddf

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1inch.exchanges.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-fastly-request-id
291b6130c7ff32efcc83929b2d2e627913dc0504
date
Wed, 04 Jan 2023 05:03:05 GMT
via
1.1 varnish
content-encoding
br
cf-cache-status
MISS
expires
Wed, 28 Dec 2022 10:40:35 GMT
x-cache
HIT
x-proxy-cache
MISS
x-served-by
cache-mel11261-MEL
last-modified
Wed, 28 Dec 2022 10:24:02 GMT
server
cloudflare
x-github-request-id
1B80:6A6F:3FCAAF:4B6510:63AC1ACB
x-timer
S1672808586.566398,VS0,VE1
etag
W/"63ac1942-20d5"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
cf-ray
78416cf7f90380b1-NRT
x-cache-hits
1
jquery-3.6.0.min.js
code.jquery.com/
87 KB
31 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: 1inch.exchanges.help
URL: https://1inch.exchanges.help/?r=453128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://1inch.exchanges.help/
Origin
https://1inch.exchanges.help
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 05:03:05 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJmt1J0GEo0BCiQ0NzRmYTI4MC0wZDViLTRmOWUtYTNmOS02Y2I4MmI3NGIxMTAQ+OiCoKvU+wIaBgiJkdSdBiISMmEwMDoxNjMzOjEyODo0OjoyKKzYAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkZDU5YWE3ZGMtZDEzZi00ZjZkLTk1NTItYmZjNzkxNGE3OGM1GJvxASIYCAISFGNkczA0Ny5wYTEuaHdjZG4ubmV0.iip9hlWRnFVpCyAFc0bwJbG2YFW7R3LSD/A5oHAoJ2Q=
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1672808585.dop202.pa1.t,1672808585.cds204.pa1.hn,1672808585.cds047.pa1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/
1 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
Requested by
Host: 1inch.exchanges.help
URL: https://1inch.exchanges.help/?r=453128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1inch.exchanges.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 05:03:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4623915
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
591
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-514"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2KEQrtcmOUa0%2FQe%2FTncR5RM0ZF7xUYVjsGjlJgg4tIApr04a27Qb0%2BSwehA%2FX17tzJ5VhbJhOFpGM0biFYYuWdycRfj2NDrmmw366btIO48XSuQltRbfcGUgHeqJOSew1fNm5w7h9zjNiE4KTYBojDq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
78416cf7eb8a14d0-NRT
expires
Mon, 25 Dec 2023 05:03:04 GMT
ethers-5.2.umd.min.js
cdn.ethers.io/lib/
716 KB
197 KB
Script
General
Full URL
https://cdn.ethers.io/lib/ethers-5.2.umd.min.js
Requested by
Host: 1inch.exchanges.help
URL: https://1inch.exchanges.help/?r=453128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.165.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-165-23.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1inch.exchanges.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
3StspTE73ijjMFvXMjx4rHtfrweE9frC
content-encoding
gzip
via
1.1 ccbc34c31d1270b000318b6f37ee028e.cloudfront.net (CloudFront)
date
Tue, 03 Jan 2023 11:31:39 GMT
last-modified
Thu, 20 May 2021 21:33:05 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C4
age
63086
etag
W/"50ed955cf32ac8e4e1daa0fac8fcde98"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-cf-id
COr95ZR01IIPvPtyxcqBjhlJzHzK20TR0-OjpuhTfNUDoYE61UzUgA==
dark.css
cdn.jsdelivr.net/npm/@sweetalert2/theme-dark@4/
31 KB
5 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/@sweetalert2/theme-dark@4/dark.css
Requested by
Host: 1inch.exchanges.help
URL: https://1inch.exchanges.help/?r=453128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df20b91814f65993000ef1b2faa0558bd8253754765ebdb5eb822667d44fb14d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1inch.exchanges.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Jan 2023 05:03:04 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
37509
x-jsd-version
4.0.5
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4754
x-served-by
cache-fra-eddf8230055-FRA, cache-nrt-rjtf7700023-NRT
x-jsd-version-type
version
etag
W/"7a08-GAukVXl4Oi44Tpj4w8VOEfgRHAs"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
sweetalert2@11
cdn.jsdelivr.net/npm/
63 KB
18 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@11
Requested by
Host: 1inch.exchanges.help
URL: https://1inch.exchanges.help/?r=453128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6fe7d51173db613091bf214c885b0fdd301a52bed7ddf6ef3da3e0e49ab0b03c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1inch.exchanges.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Jan 2023 05:03:04 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
21711
x-jsd-version
11.6.16
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
18041
x-served-by
cache-fra-eddf8230057-FRA, cache-nrt-rjtf7700023-NRT
x-jsd-version-type
version
etag
W/"fb67-zfDAbUfmgNLMmTZ+1vg0StTtly4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
web3.min.js
cdn.jsdelivr.net/gh/ethereum/web3.js/dist/
1 MB
364 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/ethereum/web3.js/dist/web3.min.js
Requested by
Host: 1inch.exchanges.help
URL: https://1inch.exchanges.help/?r=453128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
88f50abc79c7870087b6adcd4ad8384377f023f9359045383b21c842717fac90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1inch.exchanges.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Jan 2023 05:03:04 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
27808
x-jsd-version
3.0.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
372383
x-served-by
cache-fra-eddf8230061-FRA, cache-nrt-rjtf7700023-NRT
x-jsd-version-type
version
etag
W/"13b809-XwSuevaXcvR48RWY2ysOS+KLNSc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
index.js
unpkg.com/web3modal@1.9.7/dist/
434 KB
182 KB
Script
General
Full URL
https://unpkg.com/web3modal@1.9.7/dist/index.js
Requested by
Host: 1inch.exchanges.help
URL: https://1inch.exchanges.help/?r=453128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df08c11cdf5e3a5c169e08f83f4a4b4dd92c00332c70b3fda6c617c0bbd07ebc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1inch.exchanges.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 05:03:04 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
22505671
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01G0YVG3WKRDATDAE279BN03XB-nrt
server
cloudflare
etag
W/"6c69d-zeBw22Gdht1oUlXQxD5c1cyWnKs"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
78416cf7f9c4afcd-NRT
095e5946-fd7e-4702-9421-c3966c4c6efd
objects.githubusercontent.com/github-production-release-asset-2e65be/146185516/
Redirect Chain
  • https://github.com/WalletConnect/walletconnect-monorepo/releases/download/1.7.8/web3-provider.min.js
  • https://objects.githubusercontent.com/github-production-release-asset-2e65be/146185516/095e5946-fd7e-4702-9421-c3966c4c6efd?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F...
730 KB
731 KB
Script
General
Full URL
https://objects.githubusercontent.com/github-production-release-asset-2e65be/146185516/095e5946-fd7e-4702-9421-c3966c4c6efd?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20230104%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230104T050203Z&X-Amz-Expires=300&X-Amz-Signature=e3dc4559184f7abcceba8636d9ee05b5134c76e791e0a3ed0c5207c21ce4b4a1&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=146185516&response-content-disposition=attachment%3B%20filename%3Dweb3-provider.min.js&response-content-type=application%2Foctet-stream
Requested by
Host: 1inch.exchanges.help
URL: https://1inch.exchanges.help/?r=453128
Protocol
H2
Server
185.199.111.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-133.github.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
968d103baade1160c2e2d096bcdeb0ad70400b2b2e92df06bd6e6e0c7b5f4dba

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1inch.exchanges.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 04 Jan 2023 05:03:05 GMT
via
1.1 varnish
content-md5
KfuSs0MKkeD2d6X4UoAGJw==
age
0
x-ms-server-encrypted
true
x-cache
MISS
content-disposition
attachment; filename=web3-provider.min.js
fastly-restarts
1
content-length
747143
x-ms-lease-state
available
x-served-by
cache-nrt-rjtf7700034-NRT
x-ms-lease-status
unlocked
x-ms-creation-time
Tue, 26 Apr 2022 10:12:16 GMT
last-modified
Tue, 26 Apr 2022 10:12:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1672808585.972463,VS0,VE942
etag
"0x8DA276D3DC9A6B7"
content-type
application/octet-stream
x-ms-request-id
1146d3af-601e-0022-0ff9-1fe77a000000
x-ms-version
2020-04-08
accept-ranges
bytes
x-cache-hits
0

Redirect headers

date
Wed, 04 Jan 2023 05:02:03 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
GitHub.com
content-security-policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com objects-origin.githubusercontent.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events *.actions.githubusercontent.com wss://*.actions.githubusercontent.com online.visualstudio.com/api/v1/locations github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com objects-origin.githubusercontent.com secured-user-images.githubusercontent.com/ opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
x-github-request-id
AC2C:3402:18B879:1FC6D6:63B50888
vary
X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
x-frame-options
deny
content-type
text/html; charset=utf-8
location
https://objects.githubusercontent.com/github-production-release-asset-2e65be/146185516/095e5946-fd7e-4702-9421-c3966c4c6efd?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20230104%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230104T050203Z&X-Amz-Expires=300&X-Amz-Signature=e3dc4559184f7abcceba8636d9ee05b5134c76e791e0a3ed0c5207c21ce4b4a1&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=146185516&response-content-disposition=attachment%3B%20filename%3Dweb3-provider.min.js&response-content-type=application%2Foctet-stream
cache-control
no-cache
content-length
0
x-xss-protection
0
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/0.27.2/
20 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/axios/0.27.2/axios.min.js
Requested by
Host: 1inch.exchanges.help
URL: https://1inch.exchanges.help/?r=453128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e373b70a5167485c73a265421bcfcd1fdddbae49c9c51605e6d2918a3de4ae0d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://1inch.exchanges.help
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 05:03:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7806589
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6498
last-modified
Wed, 27 Apr 2022 10:03:29 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"626914f1-1962"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Tz3O5ryxlHTYvWhADO6bkQpLuw88hcW2k8AtzkJjTLKklrhRcjJPiQC2myVmVnlsM%2Bh1VQec9%2BMCypnvij9OuS2rVxyWXGmN4n9HkQASGRRHMau%2F1ddr9NK2dAHyyjfmBMt8P4yash5ctET6yY1vJD%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
78416cf7edebaf49-NRT
expires
Mon, 25 Dec 2023 05:03:04 GMT
ethereumjs-tx-1.3.3.min.js
cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/
315 KB
96 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js
Requested by
Host: 1inch.exchanges.help
URL: https://1inch.exchanges.help/?r=453128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1inch.exchanges.help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Jan 2023 05:03:04 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
26574
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
97784
x-served-by
cache-fra-eddf8230099-FRA, cache-nrt-rjtf7700023-NRT
x-jsd-version-type
branch
etag
W/"4edeb-1sQW5dFT9QD3rGbSWitz20WGetQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ABI.js
1inch.exchanges.help/
13 KB
2 KB
Script
General
Full URL
https://1inch.exchanges.help/ABI.js
Requested by
Host: 1inch.exchanges.help
URL: https://1inch.exchanges.help/?r=453128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:df98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2950fef1ddb4a5e176416faf280da11a36081e4271ca4ff976345c659b4de8e7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1inch.exchanges.help/?r=453128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 05:03:06 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 26 Dec 2022 18:26:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"34ca-5f0bf471c2580-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzXuh3QqDlzeX%2BsYUtdEYFQwKQWWpeULtdvt67CrdpA0cgRktDj2BCywGSP0LS78tZow0TJExgujZiYQGG%2B0Fed1ssjYjIsPEX%2FiNkZW9iTvSMNXP5DMrNEMMNu%2BNVIK%2FSWH35x8axwBEr%2F7wusTZ%2BDoVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
78416cf7de35f6d9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wallet-sdk-bundle.js
1inch.exchanges.help/
0
0

main.js
1inch.exchanges.help/
88 KB
19 KB
Script
General
Full URL
https://1inch.exchanges.help/main.js
Requested by
Host: 1inch.exchanges.help
URL: https://1inch.exchanges.help/?r=453128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:df98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43e18ed335699ef399d795838b1990a9cf486ca9cbeac3bc28b7fb711f8dfaab

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1inch.exchanges.help/?r=453128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 05:03:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 26 Dec 2022 18:26:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"15f01-5f0bf471c2580-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hy3abFFAuLONSkRyC3NhZc3cBLxppDP8FpLV4%2BmIzddFOAZKXlGTzLAACaPhdfb%2BN6ejXi3XZLd0UWCkK5RJwQLdJ537bQluAY9Ci79%2F8WqBEZfC9PdJ5UAeMzzFNp%2FtoS%2B7z%2BGR8KQgeIc4hPV94qfSMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
78416cf7de39f6d9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
seaport.js
1inch.exchanges.help/
512 KB
0
Script
General
Full URL
https://1inch.exchanges.help/seaport.js
Requested by
Host: 1inch.exchanges.help
URL: https://1inch.exchanges.help/?r=453128
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:df98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1inch.exchanges.help/?r=453128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 05:03:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 26 Dec 2022 18:26:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1f5940-5f0bf471c2580-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSiYCuJz%2FMfMTqBEXqYaR%2Fxn5yIo9vAwmmXOY%2F%2FwXUNnQf%2FmQLlRDZLsegLumdB%2F4HKhhpVhKK9T7tspsfpDlKTEwOaEfsJZ0Q2cAt73%2BetAtv6CPtJk5xlsWZHFp5ATUuWwkQ1ssVnOPOsgu5c2kaQWQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
78416cf82f1e1ee9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1inch-wallet-banner-logo.png
1inch.io/img/
0
0

en.png
1inch.io/img/flags/
0
0

zh.png
1inch.io/img/flags/
0
0

ru.png
1inch.io/img/flags/
0
0

fr.png
1inch.io/img/flags/
0
0

ja.png
1inch.io/img/flags/
0
0

es.png
1inch.io/img/flags/
0
0

ko.png
1inch.io/img/flags/
0
0

ind.png
1inch.io/img/flags/
0
0

vn.png
1inch.io/img/flags/
0
0

ua.png
1inch.io/img/flags/
0
0

pt.png
1inch.io/img/flags/
0
0

android-apk-2.svg
1inch.io/img/wallet/
0
0

jquery.slim.min.js
cdn.jsdelivr.net/npm/jquery@3.5.1/dist/
0
0

bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/
0
0

jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
1inch.exchanges.help
URL
https://1inch.exchanges.help/wallet-sdk-bundle.js
Domain
1inch.io
URL
https://1inch.io/img/1inch-wallet-banner-logo.png
Domain
1inch.io
URL
https://1inch.io/img/flags/en.png
Domain
1inch.io
URL
https://1inch.io/img/flags/zh.png
Domain
1inch.io
URL
https://1inch.io/img/flags/ru.png
Domain
1inch.io
URL
https://1inch.io/img/flags/fr.png
Domain
1inch.io
URL
https://1inch.io/img/flags/ja.png
Domain
1inch.io
URL
https://1inch.io/img/flags/es.png
Domain
1inch.io
URL
https://1inch.io/img/flags/ko.png
Domain
1inch.io
URL
https://1inch.io/img/flags/ind.png
Domain
1inch.io
URL
https://1inch.io/img/flags/vn.png
Domain
1inch.io
URL
https://1inch.io/img/flags/ua.png
Domain
1inch.io
URL
https://1inch.io/img/flags/pt.png
Domain
1inch.io
URL
https://1inch.io/img/wallet/android-apk-2.svg
Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.slim.min.js
Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js
Domain
ajax.googleapis.com
URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery object| _ethers object| ethers function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| setImmediate function| clearImmediate object| regeneratorRuntime function| Web3 object| Web3Modal object| WalletConnectProvider function| axios object| ethereumjs object| ERC20_ABI object| ERC1155_ABI object| ERC721_ABI

1 Cookies

Domain/Path Name / Value
.exchanges.help/ Name: __ddg1_
Value: DeGkChnZtli4xE8LnrYK

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1inch.exchanges.help
1inch.io
ajax.googleapis.com
cdn.ethers.io
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
github.com
objects.githubusercontent.com
unpkg.com
1inch.exchanges.help
1inch.io
ajax.googleapis.com
cdn.jsdelivr.net
13.225.165.23
185.199.111.133
20.27.177.113
2001:4de0:ac18::1:a:2b
2606:4700:3032::ac43:df98
2606:4700:4400::6812:2a64
2606:4700::6810:7daf
2606:4700::6811:190e
2a04:4e42::485
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
2950fef1ddb4a5e176416faf280da11a36081e4271ca4ff976345c659b4de8e7
43e18ed335699ef399d795838b1990a9cf486ca9cbeac3bc28b7fb711f8dfaab
6fe7d51173db613091bf214c885b0fdd301a52bed7ddf6ef3da3e0e49ab0b03c
7d40fda14a142b9cfc1442cbd96e786d0c5e6d3fcff5a8e5e43ca2e723cf0c17
88f50abc79c7870087b6adcd4ad8384377f023f9359045383b21c842717fac90
968d103baade1160c2e2d096bcdeb0ad70400b2b2e92df06bd6e6e0c7b5f4dba
a84a9217d2e96418a1c0ae90709136b582d5c62af098ea8408ed979213c18ddf
abdf5f2f74c275ca8623b1f5b7bcf59359376f2db0d94b453090e90295202154
c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
df08c11cdf5e3a5c169e08f83f4a4b4dd92c00332c70b3fda6c617c0bbd07ebc
df20b91814f65993000ef1b2faa0558bd8253754765ebdb5eb822667d44fb14d
e373b70a5167485c73a265421bcfcd1fdddbae49c9c51605e6d2918a3de4ae0d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e