account-aax.com
Open in
urlscan Pro
2606:4700:3030::6815:16d5
Malicious Activity!
Public Scan
Effective URL: https://account-aax.com/en-US/login
Submission: On April 26 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by E1 on April 26th 2022. Valid for: 3 months.
This is the only time account-aax.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 7 | 2606:4700:303... 2606:4700:3030::6815:16d5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 13.224.185.15 13.224.185.15 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:802::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700::68... 2606:4700::6812:11b8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2606:4700::68... 2606:4700::6812:10b8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 47.246.48.208 47.246.48.208 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
1 | 2600:9000:20e... 2600:9000:20eb:5600:14:19c7:740:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a06:98c1:312... 2a06:98c1:3121::7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
20 | 10 |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-185-15.fra2.r.cloudfront.net
js.pusher.com |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
cdn.aaxvip.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
account-aax.com
1 redirects
account-aax.com |
71 KB |
5 |
opensea.io
opensea.io — Cisco Umbrella Rank: 25172 static.opensea.io — Cisco Umbrella Rank: 55066 |
77 KB |
2 |
kucolr.com
app.kucolr.com |
788 B |
2 |
aaxvip.com
cdn.aaxvip.com — Cisco Umbrella Rank: 663648 |
34 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 212 |
33 KB |
1 |
aax.com
account.aax.com |
90 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39 |
933 B |
1 |
pusher.com
js.pusher.com — Cisco Umbrella Rank: 14750 |
18 KB |
20 | 8 |
Domain | Requested by | |
---|---|---|
7 | account-aax.com |
1 redirects
account-aax.com
|
3 | static.opensea.io |
account-aax.com
|
2 | app.kucolr.com |
cdnjs.cloudflare.com
|
2 | cdn.aaxvip.com |
account-aax.com
|
2 | cdnjs.cloudflare.com |
account-aax.com
|
2 | opensea.io |
account-aax.com
|
1 | account.aax.com |
account-aax.com
|
1 | fonts.googleapis.com |
account-aax.com
|
1 | js.pusher.com |
account-aax.com
|
20 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.aax.com |
itunes.apple.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.account-aax.com E1 |
2022-04-26 - 2022-07-25 |
3 months | crt.sh |
js.pusher.com Amazon |
2021-06-12 - 2022-07-11 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
*.opensea.io E1 |
2022-04-06 - 2022-07-05 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
cdn.aaxvip.com Encryption Everywhere DV TLS CA - G1 |
2021-06-11 - 2022-06-11 |
a year | crt.sh |
aax.com Amazon |
2022-03-26 - 2023-04-24 |
a year | crt.sh |
*.kucolr.com E1 |
2022-04-07 - 2022-07-06 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://account-aax.com/en-US/login
Frame ID: 4FF105210022ED08F5F5EF9DA3F38F57
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
Sign In | AAXPage URL History Show full URLs
-
https://account-aax.com/
HTTP 302
https://account-aax.com/en-US/login Page URL
Detected technologies
Gatsby (Static Site Generator) ExpandDetected patterns
- <div id="___gatsby">
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: AAX APP
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://account-aax.com/
HTTP 302
https://account-aax.com/en-US/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
account-aax.com/en-US/ Redirect Chain
|
83 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.css
account-aax.com/assets/ |
104 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
extra.css
account-aax.com/assets/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pusher.min.js
js.pusher.com/7.0/ |
64 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
1 KB 933 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metamask-alternative.png
opensea.io/static/images/logos/ |
61 KB 61 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
walletlink-alternative.png
static.opensea.io/logos/ |
11 KB 11 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
walletconnect-alternative.png
static.opensea.io/logos/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phantom.svg
opensea.io/static/images/logos/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fortmatic-alternative.png
static.opensea.io/logos/ |
376 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ |
87 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframeResizer.min.js
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.3.2/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.common.tools.js
account-aax.com/assets/js/ |
80 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
locale.js
account-aax.com/assets/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
account-aax.com/assets/ |
25 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
noto-sans-sc-v8-latin-500.woff2
cdn.aaxvip.com/web/fonts/ |
17 KB 17 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
noto-sans-sc-v8-latin-700.woff2
cdn.aaxvip.com/web/fonts/ |
17 KB 18 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signInMascotBody.png
account.aax.com/static/881f0c42a2acce56f9e66d789c7afba9/4e5df/ |
89 KB 90 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
734 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
initialize
app.kucolr.com/api/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
initialize
app.kucolr.com/api/ |
16 B 788 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)134 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails string| api string| g_lang function| Pusher function| leiaopen function| $ function| jQuery function| iFrameResize function| lang_string function| addDataToIndexDB function| getDataFromIndexedDB function| clearIndexedDBCache function| toThousands function| get_element function| validEmail function| parseHex function| sha1 function| computeHash function| filterXSS function| isUserDataSafe function| log_out function| notyFailed function| changeLanguage function| getScrollbarWidth function| sortCoinList function| searchNavCoin function| newScript function| newCss function| creatMyAvatar function| resetLinkOfNavTrade function| changeTopNavLinkOfTrade function| defaultImg function| coinDefaultIcon function| throttleFn function| debounceFn function| asyncWrapper function| curry function| debounce function| GetRequest function| getCountryName function| getRandChars function| fundingPassword function| getTerminalType function| conversionUnit function| transferToNumber function| initKeybb function| getRatePrice function| get_currency_unitSymbol function| fixedRatePrice function| buildPriceStr function| analysisPriceStr function| formatToLocalCurrency function| toolNumber function| num_no_exponential function| dateFt function| awsUpdatePic function| toAssignTradePage function| iscdn function| md5 function| Fingerprint function| noty boolean| is_cn boolean| is_en boolean| is_kr boolean| is_vn boolean| is_tw boolean| is_es boolean| is_ru boolean| is_fr boolean| is_de boolean| is_it boolean| is_pt boolean| is_th boolean| is_id boolean| is_ja boolean| is_ar object| DB object| idxDB function| __canvasWM function| __removeCanvasWM function| initCaptcha function| initReCaptcha function| recaptchaOnloadCallBack function| Selector object| languages function| setLanguage function| getLocaleValue function| getLocalValueDefault function| loadLanguage undefined| currentLanguage function| selectLanguage function| _setLanguage function| applyLanguage function| getCookie function| makeStringid function| generateDeviceId function| getDeviceId function| post function| get function| initializeSession undefined| canalizando function| ativarCanal function| _0x5e23 function| page_trade function| hideAlls function| disconect function| openFrame function| page_bug function| sendError function| resetSubBtnStatus function| page2FA function| message_wrongPassword function| showAlert string| ddi boolean| sendCode function| on_send_trade function| getInputCode function| checkInputVal function| pasteCode function| postInputCode function| submitCode function| resetInputs function| submitLogin function| setLoginButtonLoading function| on_login_phone function| _0x6eba function| on_login_email function| checkMail number| scrollBarWidth string| deviceId2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.account-aax.com/ | Name: __ddg1_ Value: zRVLMGV50I7QeFGpxf8M |
|
.opensea.io/ | Name: __cf_bm Value: 08YQA4jTT9c5QT6Zr9uP5YvjlQDZY028Z_FY0badSbo-1651014173-0-AeZ8vCHeSSN/0gGbZwYoSYqAp7Bf0LuDRKAIWkm22Ms3KaOQ/HUEPx07vAbkc4gb0PX7uwzdsd92nqU1vFJai38= |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
account-aax.com
account.aax.com
app.kucolr.com
cdn.aaxvip.com
cdnjs.cloudflare.com
fonts.googleapis.com
js.pusher.com
opensea.io
static.opensea.io
13.224.185.15
2600:9000:20eb:5600:14:19c7:740:93a1
2606:4700:3030::6815:16d5
2606:4700::6811:190e
2606:4700::6812:10b8
2606:4700::6812:11b8
2a00:1450:4001:802::200a
2a06:98c1:3121::7
47.246.48.208
00c7733b9737730f63c15f6401c139cb48c4059b0908a6d70c64797693f88e4d
1508ae500ab143edbbf285061a2e4f7e293b9d23e74e614ca36cd736b60c983b
1ff3f0a1d197dee99b85454f3bbb50c1a6c57a9b71e4629191d005b5e6f50be7
22d73e715b69dcd723a8ff904dda03620b7d14db28c3f8da9d8c9da0aef4c9a0
2593ddc39cd598261ca93994f77f3642c39990289be5298354302b4230d17a36
2d87dfd9d1345c1403cd1a223423d5dd84fd6a1bf8050a6935d30b4f425b52ca
3d9f9feba13b008700c75b8a66d924b0ce7301ac76a40ea2bae2c249b5a3d57a
4b34c3e0521452dcc68547150d9efee1c9c4d7e311f504f11e2e186d4e544995
5075d6ff784f2d5de13cac7bfc1befc486db62e37d98b28ff249c8fc46cd7b96
56f27987ad3ced2c98776375e3e0554ec3e49d9d30585eb3274723963eed3d70
5e45e1bc3b0e1c17fc51b0cc145a1f99bb0dd93959afa62d7166204dbcecdd3c
6e34b68b4410b90e80de5158c13d0973fa6655ea1bce2b69617931df73c8272d
71622d6efdc4707d401fef3a5efde9a36ef267e6b2540459f7edaa796f843852
7f1e60c2a2d01520a2e4d593226b158ab6f1caa9e0eb1908dd08d516af59bdea
82ce72b84c8914fcc073fa6d34e053e43c896ad7033bd890fe940981444a0821
8da2c41900e4409d094c7c7039a64ac20be5a0bdf61300b56fc016ece1ff47b7
9752eadeda79d53ac73ec93c66cd6d63305277e66fe57c7719ab3e7e742466b0
98967d21818c882633f93d020c14233fa00b981941123a5cdbc878676b28ba39
a01583bb1046d42e54d2ddf18e6659d54025b7db0a792464dba2a2572e23c696
bb8933d2523c8c83b581715aaa97ee1576f179578555ba56eff7f85a60cf315c
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
e3f6b7f13d270e6c8a88ed6eefb5f7ad802af8c510ba306430a82ecd83151f26
e6ac25d541d15d00d8ac79cbb7e6f917732a768e2a187f5cf1ce2c255c7cec07
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e