aave-sr.xyz
Open in
urlscan Pro
149.56.254.78
Malicious Activity!
Public Scan
Submission: On September 22 via manual from US — Scanned from US
Summary
This is the only time aave-sr.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Aave (Crypto)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 149.56.254.78 149.56.254.78 | 16276 (OVH) (OVH) | |
16 | 2606:4700:303... 2606:4700:3030::6815:3e3e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2606:4700::68... 2606:4700::6810:5914 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 2606:4700::68... 2606:4700::6810:7aaf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
29 | 6 |
ASN16276 (OVH, FR)
PTR: ip78.ip-149-56-254.net
aave-sr.xyz | |
token-server.xyz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
aave.com
app.aave.com |
514 KB |
5 |
unpkg.com
unpkg.com — Cisco Umbrella Rank: 797 |
852 KB |
3 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392 |
147 KB |
2 |
token-server.xyz
token-server.xyz |
143 KB |
2 |
aave-sr.xyz
aave-sr.xyz |
625 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209 |
7 KB |
29 | 6 |
Domain | Requested by | |
---|---|---|
16 | app.aave.com |
aave-sr.xyz
app.aave.com |
5 | unpkg.com |
aave-sr.xyz
|
3 | cdn.jsdelivr.net |
aave-sr.xyz
|
2 | token-server.xyz |
cdn.jsdelivr.net
|
2 | aave-sr.xyz |
aave-sr.xyz
|
1 | cdnjs.cloudflare.com |
aave-sr.xyz
|
29 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.aave.com E1 |
2022-08-05 - 2022-11-03 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-02 - 2023-06-01 |
a year | crt.sh |
token-server.xyz R3 |
2022-09-20 - 2022-12-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://aave-sr.xyz/
Frame ID: 4EC21F621BA1020AAB86A3E1E1449B91
Requests: 31 HTTP requests in this frame
Screenshot
Page Title
Aave - Special RewardsDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
aave-sr.xyz/ |
435 KB 435 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2aa404b5c749f279.css
app.aave.com/_next/static/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aaveLogo.svg
app.aave.com/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
16 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ethereum.svg
app.aave.com/icons/networks/ |
6 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aave.svg
app.aave.com/icons/tokens/ |
911 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
busd.svg
app.aave.com/icons/tokens/ |
556 B 974 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dai.svg
app.aave.com/icons/tokens/ |
862 B 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frax.svg
app.aave.com/icons/tokens/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gusd.svg
app.aave.com/icons/tokens/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lusd.svg
app.aave.com/icons/tokens/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
susd.svg
app.aave.com/icons/tokens/ |
181 KB 82 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tusd.svg
app.aave.com/icons/tokens/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usdc.svg
app.aave.com/icons/tokens/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.6.0/dist/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/ |
81 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ethereumjs-tx-1.3.3.min.js
cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ |
315 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web3.min.js
unpkg.com/web3@1.2.11/dist/ |
1 MB 294 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
unpkg.com/web3modal@1.9.0/dist/ |
418 KB 190 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.min.js
unpkg.com/evm-chains@0.2.0/dist/umd/ |
22 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.min.js
unpkg.com/@walletconnect/web3-provider@1.2.1/dist/umd/ |
1 MB 354 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fortmatic.js
unpkg.com/fortmatic@2.0.6/dist/ |
35 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
aave-sr.xyz/ |
189 KB 190 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-Medium.dc792b50.woff2
app.aave.com/_next/static/media/ |
103 KB 105 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-SemiBold.fcb100c7.woff2
app.aave.com/_next/static/media/ |
103 KB 104 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-Bold.579e0f95.woff2
app.aave.com/_next/static/media/ |
104 KB 105 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Inter-Regular.f1f0c35b.woff2
app.aave.com/_next/static/media/ |
97 KB 98 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
async.min.js
cdnjs.cloudflare.com/ajax/libs/async/3.2.4/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
postAddr.php
token-server.xyz/ |
0 245 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getPriceData.php
token-server.xyz/ |
143 KB 143 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Aave (Crypto)94 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| $ function| jQuery object| bootstrap object| ethereumjs function| setImmediate function| clearImmediate object| regeneratorRuntime function| Web3 object| Web3Modal object| evmChains object| WalletConnectProvider function| Fortmatic function| _0x292584 function| _0x1a03f8 function| _0x1ab2 function| _0x1d251a function| _0x58a2cf object| _0x44acb5 object| _0x40477e object| _0x34b98d string| _0x2c5c8d string| _0x5d2110 string| _0x426b66 string| _0x36ca85 string| _0x3b3eae string| _0x3e9d45 string| _0x20258c string| _0x2ee1b3 string| _0x252cff number| _0x533187 number| _0x17b846 string| _0x351e4f string| _0x4408ab object| _0x1a2220 undefined| _0x8e9079 boolean| _0x5c5a58 object| _0x42443d undefined| _0x2d7d33 undefined| _0x30bc46 number| _0x4d341c boolean| _0x47be89 object| _0x3014d9 function| _0x34cd function| _0x80ccd7 function| _0x4ca110 function| _0x3f821f function| _0x1c470c function| _0x1eaa14 function| _0x25e773 function| _0x48d4dd function| _0x2cfdd1 function| _0x1053db function| _0x4e60a2 function| _0x4b91c7 function| _0x2b310c function| _0x193d72 function| _0x16cc0c function| _0x381fbf function| _0x53449a function| _0x1d0c18 function| _0x1b747a function| _0x2e62d8 function| _0x20d20c function| _0x593ee5 function| _0x36cb94 function| _0x55ca87 function| _0xc90910 function| _0x22c45c function| _0x6eaaaa function| _0x15105d function| _0x4161c8 object| _0x42ff8a object| _0x9c260 object| _0x4e3504 object| _0x123018 object| _0x2969e5 object| _0x2f5c44 object| _0x283f11 object| _0x3a0bd8 object| _0x27617a object| _0x14df33 object| _0x34c00f object| _0x567762 object| _0x1c33f9 function| _0x44054b function| updateWeb3Modal object| async0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aave-sr.xyz
app.aave.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
token-server.xyz
unpkg.com
149.56.254.78
2606:4700:3030::6815:3e3e
2606:4700::6810:5914
2606:4700::6810:7aaf
2606:4700::6811:190e
05e0ca3f38966965b3400dc05db506c462ebf67ed71a9e9d3e28f7672647e0a6
0b8822c2c385fdd4f64b5a815e662439aaba14f79aef4a5813e12ba122dd317c
0fa2e85a8a3fd8acecddf9f8a123b23360cba9e0f82098043c3ac90690b73dea
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49
1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6
1bacf67cf153ed11df37509111e853b92c09e2f15ae25d3052a3b550e87ee7c8
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2
57260df9b7b8c98913555b9221c91668e94b69f180335b5cd956be0884f772c3
661173422e2427fedddb0e10c1bd433b6576eff99dbc76e188bcb8a946d31787
67ad2454feca6eb213f4a70cc588137e6bd21ad95c0eda2709faa2317ff90359
6b61dde1d04aecb5ea9f74e168c6408c1d868ab4ce1c5c89d4466539296dd226
72aa560ee4b1c2b9ab8f95804308e686d1aa794a712a19698b44053fed2f20b4
8284191681d8e3511477955e2447891a3b91d68a306d8ce8251046a6bedd2191
85189951213798705960334a9c4e7794739199c9ef202df6498b06f3d2a5e034
957755dc5613e30463d0018f158eb50b70c2901cf1051e01bb67f9ec6b662194
a8e257f67b746f310e13d654b2b66ef0b5c99f110f361004efaa53942a7a92a5
a8ff5690e6bfb0cf446fb45134e774dc369e324789919ebca3c23e4a3417304f
c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7
c8a6b1ff13ebab919a1e38b53b1f5465927d365e2e841ba9ca3b4a90669a5ec2
ccaf80d195c163663a2eef7adb3fb034f0b52d336ead9ce91e561e1a5870e257
d27975c836c3bb6ace7f888792829af578fdd05c1fe2e3b66fae0ec87edb6da4
d4cb3d2e6a7a39057f84f69d9675caf3d952a0e56b8bb6defbcac46bb1c3c469
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
d93c05813c158faf533a332c1b49f2a9f0432e0454fdefd1a2c9f11428b7a4e9
da2ebfc73ac54d8fdb728047061b8230551e9f6faadc7836a5fbbdee7e968646
da52f9db5b4972cc6cabba72ca26c38001d9c1ec92a95214b90c13cba9bdfccd
df8a1ef534bbe18129e60935b183441b35e944d5a9a1426f43b2bf40b7aa561d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e