1. I don't like committing domain discrimination knowing how hard it is to get decent .com domains, but having an exchange domain "flame.exchange" is a red flag for me.
2. While I do love exchanges without KYC, straight-off advertising your exchange with "Trade freely and anonymously without the imposition of KYC" is something else. It's either it's a scam, or it's an unregistered business. Regardless, a red flag.
3. You don't even have an "about" page.
While I'm not saying that this is 100% a scam, I wouldn't touch it.
One good thing I can say though, is that I sort of like the UI.
4. Lack of user reviews despite being in business since 2018
5. Copied TOS from binance (
https://archive.is/Rf97Y |
Binance's)
6. I'm not sure if they're on maintenance or sth but I'm only seeing one trading pair... it took me a few tries to access the website, it kept giving '404 page not found'
7. No privacy policy (or missing?)
🚶♂️Additional from the above posts.
You are using 3rd party CMS which is not safe for the exchange site.
Here's the other information:
CMS: Express
Build with: Node.js
Security Headers
Missing security header for ClickJacking Protection. Alternatively, you can use Content-Security-Policy: frame-ancestors 'none'.
Missing security header to prevent Content-Type sniffing.
Missing Strict-Transport-Security security header.
Missing Content-Security-Policy directive. We recommend to add the following CSP directives (you can use default-src if all values are the same): script-src, object-src, base-uri, frame-src
You will need to fix these security issues.
You don't even have FAQ and Support.
Well, I think this website still in beta testing? And you are looking for real people to test your website?
Another info:
Your website is connected to another website that uses the same IP.
batterymonster.com
cbcnewspaper.com
flame.exchange
panasonic.factoryoutletstore.com
when.com
www.jetsgearonline.com
www.kingwoodonline.com
www.oncompetitionpolicy.com
www.refresharts.com
So it means you are not using a dedicated IP(Cloudflare DNS).
And you are using free universal SSL from Cloudflare
Common name: sni.cloudflaressl.com
SANs: *.flame.exchange, sni.cloudflaressl.com, flame.exchange
Organization: Cloudflare, Inc.
Location: San Francisco, CA, US
Valid from October 25, 2019 to October 9, 2020
Serial Number: 068f197f80ea53d8b1cc70f9715c90a0
Signature Algorithm: ecdsa-with-SHA256
Issuer: CloudFlare Inc ECC CA-2
Common name: CloudFlare Inc ECC CA-2
Organization: CloudFlare, Inc.
Location: San Francisco, CA, US
Valid from October 14, 2015 to October 9, 2020
Serial Number: 0ff3e61639aa3d1a1265f41f8b34e5b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: Baltimore CyberTrust Root
We haven't actually launched yet, I just started this topic for when we actually launch
![Smiley](https://bitcointalk.org/Smileys/default/smiley.gif)
3. The site isn't fully completed yet
6. The site isn't fully completed yet
7. The site isn't fully completed yet
BitMaxz's comment: We actually haven't launched, and we haven't upgraded CloudFlare yet. About the 3rd-party CMS.. 'Express' Is not a CMS, it's a Web-Application-Framework for Node.JS (You can find out more by simply googling 'express nodejs')