swyftx.system-tools-hub.com

https://swyftx.system-tools-hub.com/jtmir?utm_campaign=JQ_1364431695696272_0203_Land374_cbo_1-2-2&fbid=1349318967001984&utm_content=17swftx2en_17swftx3en&cid=2_Pur_701_NzAu_2554_M_FinFInmFinsDigwalLxyach&bid=BID&subid=2hf5i5.340.123in

172.67.189.207 · Cloudflare, Inc.

Location

Toronto, Canada

Domain Age

78 days

HTTP

200 · 16.4s

SSL

Valid· WE1, Google Trust Services, US

Status

COMPLETED

Visual Evidence

Screenshot of swyftx.system-tools-hub.com

Zoom

Title: "Swyftx: Crypto Exchange, Buy & Sell Crypto"

Save

Domain Intelligence: system-tools-hub.com

Scanned 3 times since Mar 3, 2026, 06:28 AM UTC

✗ Critical (100)

Registered-domain escalation suggested

Suggested now

Submit system-tools-hub.com as the primary IOC, enriched with evidence from hostile subdomains like swyftx.system-tools-hub.com.

2 hostile subdomains across 3 completed scans were observed under this registered domain. Recent hosts: swyftx.system-tools-hub.com, ethereum.system-tools-hub.com.

Take this site down

Report to 50+ vendors instantly

KB/IOK Matches (1)—

swyftx-clone-kit

high

Directives: skipAi, skipUnblocker, skipMobileVariant

Swyftx

Credential Phishing

finance | cryptocurrency · 4/5/2026

Summary

This page presents Swyftx branding (title, logos, UI) on a domain under system-tools-hub.com, which is a typosquash/impersonation domain and not the legitimate Swyftx site. The page loads Swyftx visuals and imitates Swyftx’s layout, with SPA behavior indicated by 12 external scripts and dynamic credential capture potential. The domain swyftx.system-tools-hub.com appears to be a clone designed to harvest credentials or sensitive data.

Attack Techniques (5)

Typosquat/brand-imposter domain containing 'swyftx' (swyftx.system-tools-hub.com)Cloned SPA rendering Swyftx UI without static login form in HTML (forms rendered by JavaScript)Brand assets and logos loaded from impersonation domain paths (assets/logo-ulcveZNW.svg, etc.)External analytics and PostHog scripts embedded to track victims and exfiltrate dataSSL certificate issued to system-tools-hub.com with subdomain wildcard, recent validity (Feb–May 2026 window)

Indicators of Compromise (7)

▸DOMAIN: swyftx.system-tools-hub.com

▸PAGE TITLE: Swyftx: Crypto Exchange, Buy & Sell Crypto

▸SCRIPT/ASSET NAMES: assets/index-DYk4ZIO9.js, assets/index-BeNe0NKR.css, logo-ulcveZNW.svg

▸ANALYTICS: analytics-bundle.js, posthog scripts from eu-assets.i.posthog.com

▸IFRAME: chatwoot.widget loading from system-tools-hub.com

▸SSL SANs include *.system-tools-hub.com

▸WHOIS: domain created in 2025-12-15 (78 days old at scan time)

Risk AssessmentUsed in abuse reports

The site uses Swyftx branding on a domain outside the official Swyftx namespace, with evidence of a SPA rendering credentials via JavaScript bundles. The domain swyftx.system-tools-hub.com is impersonating Swyftx, indicated by the page title and presence of Swyftx logos/assets. A new SSL cert and Cloudflare hosting, plus a high number of external tracking scripts (PostHog, GTM) demonstrate deceptive intent and data exfiltration risk. This constitutes high-risk credential harvesting bait aimed at Swyftx users; actions should include domain suspension and investigation into hosting provider for abuse.

Recommended Action

Suspend Domain

Cross-Reference8

URL Intelligence