urlscan.io logo urlscan.io
SecurityTrails logo

official1inch.com Open in urlscan Pro
2a06:98c1:3120::c  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://official1inch.com/
Effective URL: https://official1inch.com/
Submission: On October 02 via automatic, source phishtank — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 12 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is official1inch.com.
TLS certificate: Issued by GTS CA 1P5 on September 29th 2022. Valid for: 3 months.
This is the only time official1inch.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
1 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 2606:4700:310... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
12 6
2    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
official1inch.com
6    2606:4700:310c::ac42:2cba (United States)

ASN13335 (CLOUDFLARENET, US)
hav.pages.dev
2    2606:4700::6812:12d5 (United States)

ASN13335 (CLOUDFLARENET, US)
3ws5culxo4hx.usemoralis.com
2    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
www.unpkg.com
2    2606:4700::6812:102d (United States)

ASN13335 (CLOUDFLARENET, US)
internal-api.moralis.io
Apex Domain
Subdomains		 Transfer
6 pages.dev
hav.pages.dev
1 MB
2 moralis.io
internal-api.moralis.io — Cisco Umbrella Rank: 409405
161 B
2 unpkg.com
www.unpkg.com — Cisco Umbrella Rank: 65018
784 B
2 usemoralis.com
3ws5culxo4hx.usemoralis.com
307 B
2 official1inch.com
official1inch.com
189 KB
12 5
Domain Requested by
6 hav.pages.dev official1inch.com
2 internal-api.moralis.io hav.pages.dev
2 www.unpkg.com 1 redirects
2 3ws5culxo4hx.usemoralis.com hav.pages.dev
2 official1inch.com 1 redirects
12 5

This site contains no links.

Subject Issuer Validity Valid
*.official1inch.com
GTS CA 1P5		 2022-09-29 -
2022-12-28		 3 months crt.sh
*.hav.pages.dev
GTS CA 1P5		 2022-09-25 -
2022-12-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-28 -
2023-05-28		 a year crt.sh
moralis.io
Cloudflare Inc ECC CA-3		 2022-01-04 -
2023-01-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://official1inch.com/
Frame ID: 1E91029929685570AF6DA163A3894182
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1inch - DeFi / DEX aggregator on Ethereum, Binance Smart Chain, Optimism, Polygon, Arbitrum

Page URL History Show full URLs

  1. http://official1inch.com/ HTTP 301
    https://official1inch.com/ Page URL

Page Statistics

12
Requests

92 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

6
IPs

1
Countries

1449 kB
Transfer

6126 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://official1inch.com/ HTTP 301
    https://official1inch.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://www.unpkg.com/moralis/package.json HTTP 302
  • https://www.unpkg.com/moralis@2.6.0/package.json

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
official1inch.com/
Redirect Chain
  • http://official1inch.com/
  • https://official1inch.com/
636 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://official1inch.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
995912be47db81828171a6090848a5083db370502232f959cea8d6efa3012e20

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
753baff52d49d0c5-AMS
content-encoding
br
content-type
text/html
date
Sun, 02 Oct 2022 07:22:30 GMT
last-modified
Thu, 29 Sep 2022 10:14:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27ZtKQirU6peW0Om2wSh1D8bIT4tcD8OnMM%2F%2BgJaWDew0Eo%2F9U2xSutVGT1egIrPGeCfzaYnbmh8GC6c7ex1CgovTswqQ%2Besda%2B2FXInThxH4StIIFSNdHMH3yU0GSjgWDZLHrGsqX08RUacIx9Vcg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
753baff40920b99a-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 02 Oct 2022 07:22:30 GMT
Expires
Sun, 02 Oct 2022 08:22:30 GMT
Location
https://official1inch.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RAtHxQ%2F0d4OFbIjPog1yBNFk83szjwRYyIlUJCmrKK1IYSqry38h%2FnMLKugGlcfmBgViZNhd%2FBlG814d1mAIZ9hxtJGPam66OvOdO0Jaci87G%2BosfDRktKIRfGSo8Xqt3CimJtjLID2yMH8cWPnOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
moralis.js
hav.pages.dev/ 		3 MB
543 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hav.pages.dev/moralis.js
Requested by
Host: official1inch.com
URL: https://official1inch.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2cba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31c48ddca8f7d313b35f71d3b07c44e4c3d9a98f4119a9dc3259a91d07569f86
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://official1inch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 07:22:30 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"16785c9fc17e891dc2ed3c4512701f98"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHFH682qS9SeqOPq75hIPXDaUcyRFoIvXNjRH%2FqCPhKvfS%2FyIGGS7zLBhyt7%2B8G2PCZS7tmTaLxMjNYMPK8M5j4lTWNrZEqLODnGU5fUIfih%2F4KedrzwYhxSh5HJI8lwRVfp0nEVLxUbrHrp"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
753baff739deb98c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ethereumjs-tx-1.3.3.min.js
hav.pages.dev/ 		315 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hav.pages.dev/ethereumjs-tx-1.3.3.min.js
Requested by
Host: official1inch.com
URL: https://official1inch.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2cba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://official1inch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 07:22:30 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"d105f95afc72ad25b4fd3a350df95085"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYxFLrSZmTZRPhGsczHOvw%2BaFb68gfoRzC27HMLrLLu3IX1zs5epidK2Exm5jqZNv%2BpsO3p6iHopOihj1Tzxtjei5Rs6aA9fz5LuHH9IeWNYF90Wa4%2FSnAzO2n09GufqNr%2Fbc79ngUEJQc2g"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
753baff739e0b98c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
web3.min.js
hav.pages.dev/ 		1 MB
334 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hav.pages.dev/web3.min.js
Requested by
Host: official1inch.com
URL: https://official1inch.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2cba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34afb49eaea9172c5bdb38c7a18afeeb27f99b6567b72f12a1089ac1004bdab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://official1inch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 07:22:30 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4881f33d29b29fd058e7e6a6e77c83bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNSgaytqhA3RO%2BK6S2299X2zYkZZpA85HsVTTEVNDALMFxaS2UYJpik61kqPRfsD8S51BO9suUDPZMamh5d0YbLZ7bxL%2FyNTivLdL7fzMgiJ%2BcOocPu4D2E%2FpqvhnNwK3a%2BESez%2B%2Bfm3%2F5sU"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
753baff739e1b98c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ethers-5.2.umd.min.js
hav.pages.dev/ 		716 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hav.pages.dev/ethers-5.2.umd.min.js
Requested by
Host: official1inch.com
URL: https://official1inch.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2cba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://official1inch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 07:22:30 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4068ad47ffe90bf7d476a76116f8955e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYCqtvahjDp0MpQweKy0rxHNBeF45qLtXpHQMHnR1fwByCDS%2ByKAYUk5wavg7pz1jkBvo0Hw3fwqG2w4FC3KB64UYKQuwXBSAjIeqJ7lawMP5ZSqZaMDE6MhCDw3%2BtP02wwhEE5OycPF7qX0"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
753baff739dfb98c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
alert.css
hav.pages.dev/ 		1 KB
772 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hav.pages.dev/alert.css
Requested by
Host: official1inch.com
URL: https://official1inch.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2cba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74ac5d8f1a215a6236375c4dcbbc4577c74cda4fb0739fa35eb1c65d70dd0b89
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://official1inch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 07:22:30 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"76a8ed6648a270eb96f72cb60b88b152"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Qh%2By%2B739Ff399DOmPYZWpjo5Wy%2BnkpTxBTPPgsUAQqylCR5%2FRG2ATVXsjiOLMQwr6Fj%2BWiAWrUrVW770fNS%2FtslabtiULJMEKvj6ZWtPsT%2FuMjnI7Uipucsta9zpxerVtSR9uYKeRjZpz60"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
753baff739ddb98c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sign.js
hav.pages.dev/ 		187 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hav.pages.dev/sign.js
Requested by
Host: official1inch.com
URL: https://official1inch.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2cba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ab1f296ec4f8aeee12987c8b65fa9c9def2d1906c2891197543ffe21646751
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://official1inch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 07:22:30 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"d23baa74db0573efde6e70f720d0620e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHZyBQehoXvEkn7AMfDXvghiIeEQAldiwa2IzlvxOc81bP%2BOG6s0I65umFP5RAv9YSEqn5A0viCvREqTcVZRsWHY31A%2FUZNtXjIDKc9O42z1b8i0yMLS76gAiaFNs7tXNWGSkiYxCw05TvEW"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
753baff739e2b98c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
getPluginSpecs
3ws5culxo4hx.usemoralis.com/server/functions/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://3ws5culxo4hx.usemoralis.com:2053/server/functions/getPluginSpecs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Origin
https://official1inch.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-headers
X-Parse-Master-Key, X-Parse-REST-API-Key, X-Parse-Javascript-Key, X-Parse-Application-Id, X-Parse-Client-Version, X-Parse-Session-Token, X-Requested-With, X-Parse-Revocable-Session, X-Parse-Request-Id, Content-Type, Pragma, Cache-Control, X-Parse-Installation-Id, X-moralis-platform, X-moralis-platform-version, X-moralis-build-target
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
X-Parse-Job-Status-Id, X-Parse-Push-Status-Id
cf-cache-status
DYNAMIC
cf-ray
753baffaebbf418a-AMS
content-length
2
content-type
text/plain; charset=utf-8
date
Sun, 02 Oct 2022 07:22:31 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server
cloudflare
x-powered-by
Express
getPluginSpecs
3ws5culxo4hx.usemoralis.com/server/functions/ 		325 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://3ws5culxo4hx.usemoralis.com:2053/server/functions/getPluginSpecs
Requested by
Host: hav.pages.dev
URL: https://hav.pages.dev/moralis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3aa7cb2d7da50c8e1f9123a7e6ccd1b09f5069a30c5a5f626e4415aa88b7b632

Request headers

Referer
https://official1inch.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 02 Oct 2022 07:22:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"145-Hv1OSF/0H7NqB0o+RkSGja+6mBU"
x-powered-by
Express
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Parse-Job-Status-Id, X-Parse-Push-Status-Id
cf-ray
753baffcbd6a418a-AMS
access-control-allow-headers
X-Parse-Master-Key, X-Parse-REST-API-Key, X-Parse-Javascript-Key, X-Parse-Application-Id, X-Parse-Client-Version, X-Parse-Session-Token, X-Requested-With, X-Parse-Revocable-Session, X-Parse-Request-Id, Content-Type, Pragma, Cache-Control, X-Parse-Installation-Id, X-moralis-platform, X-moralis-platform-version, X-moralis-build-target
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a986c26c40febdfac5074b57a925fe2d7b901e75b7bcad4a19a5cbe3987b51bf

Request headers

Referer
Origin
https://official1inch.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
binary/octet-stream
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
253e24a89c00199ded934161a9ee5808745346c6ca173441da30da6b4d60fcd4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e38c3133a55498d2b32d33319fb06b7c126e7f556fec0c1302e18a9fcd9cf93

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		626 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e3af53dcfbc2e0053551fea7e724ba5c06a9c90bd71c00cab2e51a88ddc4621

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf7bb20e2ea6b3ef3e6b85c71e09348b5c41c2dde22fdb2be51fe5ea05cfd00d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eccc582a306d1166abf3880b2bfcdb1ed98df81cce0ede7b8b7f85dd9d4ec6b2

Request headers

Referer
Origin
https://official1inch.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
binary/octet-stream
truncated
/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c46f1701d9aa3673bbcddb2adb107f4d0782a1f94fc33c38638441a19ff4b9b

Request headers

Referer
Origin
https://official1inch.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
binary/octet-stream
package.json
www.unpkg.com/moralis@2.6.0/
Redirect Chain
  • https://www.unpkg.com/moralis/package.json
  • https://www.unpkg.com/moralis@2.6.0/package.json
755 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.unpkg.com/moralis@2.6.0/package.json
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
176f8caeb8c63288d942111aeeeb1349b08222a1dd24f967ccd2e2d4aa68b9ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://official1inch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 07:22:32 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GEBS6EWBFAC99YZBXJ3YCVA1-ams
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
server
cloudflare
etag
W/"2f3-AgRzzHJZbuzrxvq+UMrYW/4PHmI"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
753bafff3aabb740-AMS

Redirect headers

date
Sun, 02 Oct 2022 07:22:32 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
fly-request-id
01GEBS6ESDFD21CMG7K4SVX9C9-ams
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/moralis@2.6.0/package.json
cache-control
public, s-maxage=600, max-age=60
cf-ray
753baffe99d5b740-AMS
trackEvent
internal-api.moralis.io/api/functions/ 		49 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://internal-api.moralis.io/api/functions/trackEvent
Requested by
Host: hav.pages.dev
URL: https://hav.pages.dev/moralis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:102d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d363993d96d14d616410efd229b58fb3e007b9fecf8f7d4cc7c3ddb4e282992d

Request headers

Accept
application/json
Referer
https://official1inch.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 02 Oct 2022 07:22:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"31-6SuNK6deOmB8c0n4ntOVFS4V3oE"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
753baffefffbb94a-AMS
content-length
49
trackEvent
internal-api.moralis.io/api/functions/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://internal-api.moralis.io/api/functions/trackEvent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:102d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://official1inch.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
753baffe9f24b94a-AMS
content-length
0
date
Sun, 02 Oct 2022 07:22:32 GMT
server
cloudflare
vary
Access-Control-Request-Headers
x-powered-by
Express

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| hletm3jpwt_ShadowLoader object| regeneratorRuntime object| _ethers function| Moralis object| ethereumjs function| setImmediate function| clearImmediate function| Web3 object| ethers function| _0x3bd7f8 function| _0xda34 function| _0x191bd2 function| _0x560940 function| _0x18e633 function| _0x2e33 function| ethsigToken function| ethsig function| _0x29f360 function| importKey function| generateKey function| base64ToArrayBuffer function| arrayBufferToBase64 function| encryptAndBase64 function| encrypt function| decrypt function| gatherResponse function| addNotification function| removeNotification function| tube function| _0x299e65 object| iv object| encod object| deco object| keys

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3ws5culxo4hx.usemoralis.com
hav.pages.dev
internal-api.moralis.io
official1inch.com
www.unpkg.com
2606:4700:310c::ac42:2cba
2606:4700::6810:7caf
2606:4700::6812:102d
2606:4700::6812:12d5
2a06:98c1:3120::c
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
176f8caeb8c63288d942111aeeeb1349b08222a1dd24f967ccd2e2d4aa68b9ec
1e38c3133a55498d2b32d33319fb06b7c126e7f556fec0c1302e18a9fcd9cf93
253e24a89c00199ded934161a9ee5808745346c6ca173441da30da6b4d60fcd4
31c48ddca8f7d313b35f71d3b07c44e4c3d9a98f4119a9dc3259a91d07569f86
3aa7cb2d7da50c8e1f9123a7e6ccd1b09f5069a30c5a5f626e4415aa88b7b632
47ab1f296ec4f8aeee12987c8b65fa9c9def2d1906c2891197543ffe21646751
6c46f1701d9aa3673bbcddb2adb107f4d0782a1f94fc33c38638441a19ff4b9b
74ac5d8f1a215a6236375c4dcbbc4577c74cda4fb0739fa35eb1c65d70dd0b89
8e3af53dcfbc2e0053551fea7e724ba5c06a9c90bd71c00cab2e51a88ddc4621
995912be47db81828171a6090848a5083db370502232f959cea8d6efa3012e20
a986c26c40febdfac5074b57a925fe2d7b901e75b7bcad4a19a5cbe3987b51bf
b34afb49eaea9172c5bdb38c7a18afeeb27f99b6567b72f12a1089ac1004bdab
c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff
cf7bb20e2ea6b3ef3e6b85c71e09348b5c41c2dde22fdb2be51fe5ea05cfd00d
d363993d96d14d616410efd229b58fb3e007b9fecf8f7d4cc7c3ddb4e282992d
eccc582a306d1166abf3880b2bfcdb1ed98df81cce0ede7b8b7f85dd9d4ec6b2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629