www.exge-mini.vip
Open in
urlscan Pro
104.21.71.138
Malicious Activity!
Public Scan
Effective URL: https://www.exge-mini.vip/
Submission: On May 22 via manual from MY — Scanned from SG
Summary
TLS certificate: Issued by GTS CA 2P2 on May 13th 2023. Valid for: 3 months.
This is the only time www.exge-mini.vip was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Coinbase (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 104.21.71.138 104.21.71.138 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 2606:4700:303... 2606:4700:3034::6815:478a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.18.23.210 104.18.23.210 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
24 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
exge-mini.vip
www.exge-mini.vip |
2 MB |
1 |
coinbase.com
api.wallet.coinbase.com — Cisco Umbrella Rank: 28673 |
2 KB |
0 |
apple.com
Failed
apps.apple.com Failed |
|
0 |
cb-w.com
Failed
go.cb-w.com Failed |
|
24 | 4 |
Domain | Requested by | |
---|---|---|
21 | www.exge-mini.vip |
www.exge-mini.vip
|
1 | api.wallet.coinbase.com |
www.exge-mini.vip
|
0 | apps.apple.com Failed |
www.exge-mini.vip
|
0 | go.cb-w.com Failed |
www.exge-mini.vip
|
24 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
apps.apple.com |
play.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
exge-mini.vip GTS CA 2P2 |
2023-05-13 - 2023-08-11 |
3 months | crt.sh |
wallet.coinbase.com Cloudflare Inc ECC CA-3 |
2023-05-17 - 2024-05-16 |
a year | crt.sh |
This page contains 1 frames:
Frame:
itms-appss://apps.apple.com/app/id1278383455
Frame ID: A91AE25EEC7C53D33104DE3A4F4DC660
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
CoinbaseDetected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+\sdata-v(?:ue)?-
- (?:/([\d.]+))?/vue(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 22- https://go.cb-w.com/xoXnYwQimhb?cb_url=https%3A%2F%2Fwww.exge-mini.vip%2F%23%2Fcoinbase HTTP 307
- https://v3eo.app.link/xoXnYwQimhb?cb_url=https%3A%2F%2Fwww.exge-mini.vip%2F%23%2Fcoinbase&_p=c1153edc9f067af4e3038cfdea HTTP 307
- https://apps.apple.com/app/id1278383455 HTTP 301
- itms-appss://apps.apple.com/app/id1278383455
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.exge-mini.vip/ |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue.min.js
www.exge-mini.vip/js/ |
91 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue-router.min.js
www.exge-mini.vip/js/ |
28 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vuex.min.js
www.exge-mini.vip/js/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.min.js
www.exge-mini.vip/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js.cookie.min.js
www.exge-mini.vip/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
www.exge-mini.vip/js/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-libs.0ec3373c.css
www.exge-mini.vip/static/css/ |
144 KB 42 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.b2c3d0c0.css
www.exge-mini.vip/static/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-libs.4e34bd7b.js
www.exge-mini.vip/static/js/ |
3 MB 946 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.9b45f01c.js
www.exge-mini.vip/static/js/ |
68 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chunk-18c7d0f2.7eaa7d96.css
www.exge-mini.vip/static/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chunk-18c7d0f2.5d3e4196.js
www.exge-mini.vip/static/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
config
www.exge-mini.vip/api/index/ |
602 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Nunito-Bold.c0844c99.ttf
www.exge-mini.vip/static/fonts/ |
149 KB 150 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Nunito-SemiBold.876701bc.ttf
www.exge-mini.vip/static/fonts/ |
150 KB 150 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
img_coinbase.29795107.png
www.exge-mini.vip/static/img/ |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon_duigou.455309c2.svg
www.exge-mini.vip/static/img/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
img_coinbase_phone.70f3a67b.png
www.exge-mini.vip/static/img/ |
434 KB 435 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon_appStore.041db9cd.png
www.exge-mini.vip/static/img/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon_googlePlay.ca316662.png
www.exge-mini.vip/static/img/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getFeatureFlags
api.wallet.coinbase.com/rpc/v2/ |
8 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
xoXnYwQimhb
go.cb-w.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
id1278383455
apps.apple.com/app/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
862 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
324 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
541 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- go.cb-w.com
- URL
- https://go.cb-w.com/xoXnYwQimhb?cb_url=https%3A%2F%2Fwww.exge-mini.vip%2F%23%2Fcoinbase
- Domain
- apps.apple.com
- URL
- itms-appss://apps.apple.com/app/id1278383455
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Coinbase (Crypto Exchange)21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onorientationchange number| orientation function| Vue object| t function| e function| VueRouter object| Vuex function| axios function| Cookies function| $ function| jQuery object| jsonpFunction object| lib number| rem number| dpr object| regeneratorRuntime function| WalletLink function| WalletLinkProvider object| __SVG_SPRITE__ object| vm2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
go.cb-w.com/ | Name: _s Value: 4JzCewA9xMiPFIxui3FNYYj8RQ7kB%2FIYsR8qJuYDPbRZiJPZrn2ePdCkax0kESKZ |
|
.app.link/ | Name: _s Value: Lte6%2FrSX6lO1fjt1QMD6LdJHKOzwS%2FTDxtUW9vlML%2FleE4HexdJOItFz7%2F8SxaIK |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.wallet.coinbase.com
apps.apple.com
go.cb-w.com
www.exge-mini.vip
apps.apple.com
go.cb-w.com
104.18.23.210
104.21.71.138
2606:4700:3034::6815:478a
015da12b5ade6f3def314fdd4f5bbae1491c4e7610ec6b3bbed5122845df13df
02dd6f3f0a1e6e6a303d4384daf003ed759534ab7fd55e47dbb3db98cf6e4623
060c53036a1ab3381f9cdea7e322b982e0d8305e40dce70167a17386d91148c4
1b227c45d8a352696099d1fc2ea62a90dd63c2db4b639d8b6f3b5af7ce7c85e6
24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1
3905ec3e06c450c131639e72dc2a8002ba0325dd3f904a045f750083a3228022
3efd92158a4c24f9995773fafede2577e1646f738152c03b807678b610583f3c
422d0d9cc33b25c8699e801b41642e754a0235c8c3106f33e7e46dd2e6ed4046
42c8739638a5fbf541d3bb5250ccda7632462aeda6ef7f1196d321df68d05ed0
6e9ca0a3aa2b1775bc5e3f006db1c66599e08571c372337816efdf492aa5de4f
7ea14a0cdb1f8b61ec46ac4fd7c398a1033ea26dbffb1a959f83af8aeebe11f5
866ab92c80fab3bb478b4591abda11ad2d134e70a71223c4dfcd6d96f9d6cf43
8b46ff76aa48621f4f443a4b72cb881859e22440dd5cd4c193e16fdb99d6bd9b
8b9e27ba172e5b535b1d0564b4882f74aecc77a4dc4d20fc400bd2b2bc4418c1
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
adb5d1b1eb058f2f393730f020967dccf2201994212ab41ae48de25d676a2211
b1303fa2dc2a0e950c8d8510e4a73d70cfa5d5a9a28fbfa60c06ddbd6962b4f4
bd813f91840e28de7b44d6cbc648957461a3a10061bb4ec417aab930615d8d05
dd82de481c3f09a0210d5a94bac775ce156ccfb9d691103762ac8393c14815d4
de4d680b4895f6f7b35a294ae3429cfef3273e8a45cfc982fb0c5d29cbc1fafa
ef25363d4882a5ad1c8a0552cf1d2d6d6f553a131e98aee799d8828bdbfbe97c
ef36a821f53b8776b387c20f62d524669ef1ae5d51a78dd7da6de813b8ba4c39
f1e4f2f2fc3d7c308dd2c7535c10c26020928a3e424a93712392d05429945cef
f396e1ab0be9fc34ab67b7b24c2d36c682f40fe0bad03b2e8fb694fc538ebb03
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e