indodax.com.in Open in urlscan Pro
104.21.45.234 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://indadax.com/
Effective URL:
https://indodax.com.in/login.html
Submission: On May 09 via manual (May 9th 2024, 6:13:17 pm UTC) from PT — Scanned from PT

Summary HTTP 13 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 104.21.45.234, located in and belongs to CLOUDFLARENET, US. The main domain is indodax.com.in.
TLS certificate: Issued by E1 on April 18th 2024. Valid for: 3 months.

This is the only time indodax.com.in was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Poloniex (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.211.8 172.67.211.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	104.21.45.234 104.21.45.234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.158.137 13.33.158.137	16509 (AMAZON-02) (AMAZON-02)
13	2

1 172.67.211.8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

indadax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.21.45.234 (None, )

ASN13335 (CLOUDFLARENET, US)

indodax.com.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.158.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-158-137.fra60.r.cloudfront.net

d21y75miwcfqoq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	indodax.com.in indodax.com.in	328 KB
1	cloudfront.net d21y75miwcfqoq.cloudfront.net	455 B
1	indadax.com 1 redirects indadax.com	493 B
13	3

	Domain	Requested by
12	indodax.com.in	indodax.com.in
1	d21y75miwcfqoq.cloudfront.net	indodax.com.in
1	indadax.com	1 redirects
13	3

This site contains links to these domains. Also see Links.

Domain
sunswap.com
apenft.io

Subject Issuer	Validity	Valid
indodax.com.in E1	`2024-04-18` - `2024-07-17`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://indodax.com.in/login.html
Frame ID: F21CFFFD0D1C5F079B804F80A18CC69E
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://indadax.com/ HTTP 301
https://indodax.com.in/login.html Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

328 kB
Transfer

702 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://sunswap.com/
Title: SunS

Search URL Search Domain Scan URL

URL: https://apenft.io/
Title: NFT

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://indadax.com/ HTTP 301
https://indodax.com.in/login.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request login.html Show response indodax.com.in/ Redirect Chain https://indadax.com/ https://indodax.com.in/login.html	164 KB 24 KB	311ms 226ms	Document text/html	104.21.45.234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://indodax.com.in/login.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.45.234 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a67f81fe5882f502ba7fd3c824db5f19824d7cce608907409ad3cc248a6c4787` Request headers Accept-Language pt-PT,pt;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8813a9803f462fc3-MAD content-encoding br content-type text/html date Thu, 09 May 2024 18:13:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tw4BrZxxZ2FM%2BRPQU4OMiQSqILRxickiVx1fuMHxZVjxovZSuTjVmzditCsJvoyI%2BXTdKv4pQJqhcqt6hiteko51BKNpSouiQvoqMs3FvcWM4dIMCKlJSTmCKFsKMQxhbQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers alt-svc h3=":443"; ma=86400 cache-control max-age=3600 cf-ray 8813a97f4cf12f95-MAD content-length 167 content-type text/html date Thu, 09 May 2024 18:13:12 GMT expires Thu, 09 May 2024 19:13:12 GMT location https://indodax.com.in/login.html nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BWLrIXexS3s3%2BvQcPrd9bzvURH2jbnu%2BXXIC4ixtQFBp%2Bw3b0fly7rxfg02rNgJhtn4mkXVE8MKNR38zqe0pe7l5Zr3oU8IXrLjx3WJt2VR2db9psN1rSvM97%2BCWgw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	font-awesome.min.css indodax.com.in/css/	30 KB 7 KB	263ms 262ms	Stylesheet text/css	104.21.45.234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://indodax.com.in/css/font-awesome.min.css Requested by Host: indodax.com.in URL: https://indodax.com.in/login.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.45.234 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `68d4a759022635c8d1e96bf1cda36eb8559c7b2c6de3cb6d3f2f1104364aa7a1` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://indodax.com.in/login.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 18:13:12 GMT content-encoding br cf-cache-status MISS last-modified Thu, 18 Apr 2024 11:20:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66210214-7943" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FsHMjds2fOByu00JgG%2B7jDCsaVDkPiIGIsWGa%2F71R9DWMy07Pjuc0bz%2BOmn6%2B4uDmrvxNDT%2B8OOrIxFp4LzKBWBqiCsQf3%2FHEdwEb6aFMiTWCvsO2M0IklX%2FPmVLWv7Vfg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8813a981ba232fc3-MAD alt-svc h3=":443"; ma=86400
GET H3	200	font-proxima.css indodax.com.in/css/	7 KB 1 KB	200ms 199ms	Stylesheet text/css	104.21.45.234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://indodax.com.in/css/font-proxima.css Requested by Host: indodax.com.in URL: https://indodax.com.in/login.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.45.234 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `70d7aca7ecb837130c86e14abe13d4e68ba59cc18c43c955153e5dc489ba3f47` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://indodax.com.in/login.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 18:13:12 GMT content-encoding br cf-cache-status MISS last-modified Thu, 18 Apr 2024 11:20:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66210216-1dae" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0AK6hFAPrjzWeY23lX7vaiYSxL1Fa%2BULGqakewthCIfoFg%2Ba2Vub5Ff7GoyBxuKRDEGUxxgDM5UrmaJRXLl2bxkqU6hiOlj8hx0jXo9xiqDqPAs4cbXIKDGJl0N5YG6oWg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8813a981ba282fc3-MAD alt-svc h3=":443"; ma=86400
GET H3	200	style-ls.css indodax.com.in/css/	188 KB 31 KB	421ms 421ms	Stylesheet text/css	104.21.45.234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://indodax.com.in/css/style-ls.css Requested by Host: indodax.com.in URL: https://indodax.com.in/login.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.45.234 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d88d4958b9ccaf251170ea8431520af6e9ea0ed4383152ea3d805709d47325be` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://indodax.com.in/login.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 18:13:12 GMT content-encoding br cf-cache-status MISS last-modified Thu, 18 Apr 2024 11:21:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6621021c-2ef4a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ce55B5W2qp77rL6F3pSJIfLmHZdnqctX8cgq6WyfIBPh3UDGw5a2djveUXG9iXOhfbgCBKlXqDIWRqCf0a0bAkMsxg2OfY38oMVvl%2BuVK2lMancXArSi3QoSNFMsV%2FnKkQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8813a981ba292fc3-MAD alt-svc h3=":443"; ma=86400
GET H3	200	jquery-2.1.3.min.js Show response indodax.com.in/js/	82 KB 30 KB	365ms 365ms	Script application/javascript	104.21.45.234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://indodax.com.in/js/jquery-2.1.3.min.js Requested by Host: indodax.com.in URL: https://indodax.com.in/login.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.45.234 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8c02b2938c7c5f8553e55bc6376e0a2d43356568590eda5c88c7339bdc6f9f60` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://indodax.com.in/login.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 18:13:12 GMT content-encoding br cf-cache-status MISS last-modified Thu, 18 Apr 2024 11:20:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"662101f2-147eb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RavnigsPWHn%2FTuRwuai7go%2BEGz2bhjRDgU8PyeDLW1NGOLPyhHD0c32Ta8M%2BCtkhqgIYNcakWjFA2n5HntrEUOFe4dGYTU76Z%2Fed2mWakF05bGiRoprR%2FdAygx7hn4xcww%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8813a981ba2c2fc3-MAD alt-svc h3=":443"; ma=86400
GET H2	200	5d308ddf d21y75miwcfqoq.cloudfront.net/	68 B 455 B	864ms 684ms	Image image/png	13.33.158.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d21y75miwcfqoq.cloudfront.net/5d308ddf Requested by Host: indodax.com.in URL: https://indodax.com.in/login.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.158.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-158-137.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash `63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://indodax.com.in/login.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 18:13:14 GMT x-amz-version-id null via 1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront) last-modified Thu, 19 Nov 2020 18:37:03 GMT server AmazonS3 x-amz-cf-pop FRA60-P9 etag "91e42db1c66c0b276abf6234dc50b2eb" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/png cache-control no-cache, no-store accept-ranges bytes content-length 68 x-amz-cf-id F4Uvd547_hekQvxCFxR4TamI0YUV319Q_LuXx1jowp2jTAXu9p15WA==
GET H3	200	proxima-nova-condensed-semibold.woff2 indodax.com.in/css/fonts/ProximaNova/	18 KB 18 KB	308ms 306ms	Font application/octet-stream	104.21.45.234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://indodax.com.in/css/fonts/ProximaNova/proxima-nova-condensed-semibold.woff2 Requested by Host: indodax.com.in URL: https://indodax.com.in/css/font-proxima.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.45.234 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1d27f3ef1928dded801984f7a2d9bfc295a3242f385e6452bd8dd44d3b7e9a55` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://indodax.com.in/css/font-proxima.css Origin https://indodax.com.in Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 18:13:13 GMT cf-cache-status MISS last-modified Thu, 18 Apr 2024 11:22:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6621026a-4778" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R9%2FDChw%2Fy7IzldP2HYd86AOCw8tnk7irnpGnBbU1uyYzjWbGYrCpQql3lEQ6kBGpONRqSZo6NSCIiFmTKnAc%2FdzZ%2BSACi8G%2Bm%2Fg%2FM3%2B9JzBewpSGk2ACnEMl0gPzXmBV8A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 8813a98549cb2fc3-MAD alt-svc h3=":443"; ma=86400 content-length 18296
GET H3	200	proxima-nova-medium.woff2 indodax.com.in/css/fonts/ProximaNova/	21 KB 22 KB	143ms 140ms	Font application/octet-stream	104.21.45.234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://indodax.com.in/css/fonts/ProximaNova/proxima-nova-medium.woff2 Requested by Host: indodax.com.in URL: https://indodax.com.in/css/font-proxima.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.45.234 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c80867a3e00e9a8d9232195c59408284ec1f984798ff711bb76b95eb7bf08dbb` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://indodax.com.in/css/font-proxima.css Origin https://indodax.com.in Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 18:13:13 GMT cf-cache-status MISS last-modified Thu, 18 Apr 2024 11:22:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "66210280-55cc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2BGAhEFKFGscpiC8JH5RdV0L%2BL3HslgFnWzegXCtlj9ShQZ1xwhjPvXoMDd9BtBHqsglJtEpTGk8CE6%2FJCSkbhI5dIWFlkeP2k0OqCPd2uMZ4DyJ4dCSt5AFuwhnGcTIDQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 8813a98549d72fc3-MAD alt-svc h3=":443"; ma=86400 content-length 21964
GET H3	200	fontawesome-webfont.woff2 indodax.com.in/css/fonts/fontawesome/	75 KB 76 KB	321ms 317ms	Font application/octet-stream	104.21.45.234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://indodax.com.in/css/fonts/fontawesome/fontawesome-webfont.woff2 Requested by Host: indodax.com.in URL: https://indodax.com.in/css/font-awesome.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.45.234 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://indodax.com.in/css/font-awesome.min.css Origin https://indodax.com.in Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 18:13:13 GMT cf-cache-status MISS last-modified Thu, 18 Apr 2024 11:21:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6621023a-12d68" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ktmhmLn2m2hFNARRavREM7bJjAU2M0%2BR%2BfslVwH7092JMMxe5WlLc94vKru8QuibZ4Mmi6hskrEpt9KLRRy8QVPzt8ONQkYmNFfZWbCS%2B0Ufyoxcb6lFKM%2Bdog5Z%2FgV41g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 8813a98549da2fc3-MAD alt-svc h3=":443"; ma=86400 content-length 77160
GET H3	200	proxima-nova-semibold.woff2 indodax.com.in/css/fonts/ProximaNova/	38 KB 38 KB	309ms 306ms	Font application/octet-stream	104.21.45.234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://indodax.com.in/css/fonts/ProximaNova/proxima-nova-semibold.woff2 Requested by Host: indodax.com.in URL: https://indodax.com.in/css/font-proxima.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.45.234 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9f982e254a4bf3eb7973170c9d1212c69fc52f8a53e460caa3f70944820ad33d` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://indodax.com.in/css/font-proxima.css Origin https://indodax.com.in Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 18:13:13 GMT cf-cache-status MISS last-modified Thu, 18 Apr 2024 11:22:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6621028f-9824" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0LDFT9wVNedQ2ayzJTZai0YvZs1d%2FqYFo5jk7ClHe71X5MHTGkDhYW9l9JuuyMlWB4R5Tsm0YDUzHR3Svm14YolEUDwCepBzbXQZyYwCmoe6bGCTO11BHjfKxPonI9U%2BBA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 8813a98549db2fc3-MAD alt-svc h3=":443"; ma=86400 content-length 38948
GET H3	200	proxima-nova-regular.woff2 indodax.com.in/css/fonts/ProximaNova/	39 KB 39 KB	251ms 249ms	Font application/octet-stream	104.21.45.234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://indodax.com.in/css/fonts/ProximaNova/proxima-nova-regular.woff2 Requested by Host: indodax.com.in URL: https://indodax.com.in/css/font-proxima.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.45.234 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a8ca63bf7e73b105859b4255a8f911c242f85736c8f5eb377213d28ae89f476e` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://indodax.com.in/css/font-proxima.css Origin https://indodax.com.in Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 18:13:13 GMT cf-cache-status MISS last-modified Thu, 18 Apr 2024 11:22:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "66210288-9b2c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VjNDa%2BVbOAHv1heTTGFUeIG0DkxQdXkxtX7EbrE1%2FmHjluhF5%2BTnbjDKscE1RUvrg3945TwqIF9f0ouyH0rooaZtBxxA97dgngLGuBnRis7C%2FCZ8oXQfb5Btp2C7GAqcjQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 8813a98549de2fc3-MAD alt-svc h3=":443"; ma=86400 content-length 39724
GET H3	200	proxima-nova-bold.woff2 indodax.com.in/css/fonts/ProximaNova/	39 KB 39 KB	373ms 370ms	Font application/octet-stream	104.21.45.234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://indodax.com.in/css/fonts/ProximaNova/proxima-nova-bold.woff2 Requested by Host: indodax.com.in URL: https://indodax.com.in/css/font-proxima.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.45.234 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0317d04b30d7259cd54e9482edf3d9c9eee31b0922c3274fefb41d0f3598816f` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://indodax.com.in/css/font-proxima.css Origin https://indodax.com.in Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 18:13:13 GMT cf-cache-status MISS last-modified Thu, 18 Apr 2024 11:21:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6621024a-9a00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KUamslvqL42AkoMcPzGqSZxSepRNZMxHd9phA0bWcjLTjAN1eCyx7WgXsmbQ4js7gi7qijHSHfq72hb78joNMBZTNy2kH60uBu%2BurV2%2FP1cjtfWoSWJ0YRR9gHpc1H%2FNVQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 8813a98549e12fc3-MAD alt-svc h3=":443"; ma=86400 content-length 39424
GET H3	200	polo-icon-32x32.png@v=20200417 indodax.com.in/images/icons/favicons/	701 B 1 KB	146ms 146ms	Other image/png	104.21.45.234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://indodax.com.in/images/icons/favicons/polo-icon-32x32.png@v=20200417 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.45.234 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `51ed6801e6898f007b27f5226f918be58041a6324bd1b014850ab422f8427781` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://indodax.com.in/login.html Accept-Language pt-PT,pt;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 18:13:13 GMT cf-cache-status DYNAMIC last-modified Thu, 18 Apr 2024 11:23:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2bd-6165d34f74974" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SN5qw59NmPAnfHQp79cIhuGztrUUyELGD92sxweRlNW6HB8VQdSAswMD%2BLt28AWcAv5ngEoWzaj4X7vRKcMfRb6SnISSRmslfJHtyYIMVzfjkg9nyFBygN97qL7YM5eC1w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 8813a9884ff52fc3-MAD alt-svc h3=":443"; ma=86400 content-length 701

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Poloniex (Crypto Exchange)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| mobilenav_btn

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d21y75miwcfqoq.cloudfront.net
indadax.com
indodax.com.in
104.21.45.234
13.33.158.137
172.67.211.8
0317d04b30d7259cd54e9482edf3d9c9eee31b0922c3274fefb41d0f3598816f
1d27f3ef1928dded801984f7a2d9bfc295a3242f385e6452bd8dd44d3b7e9a55
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
51ed6801e6898f007b27f5226f918be58041a6324bd1b014850ab422f8427781
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
68d4a759022635c8d1e96bf1cda36eb8559c7b2c6de3cb6d3f2f1104364aa7a1
70d7aca7ecb837130c86e14abe13d4e68ba59cc18c43c955153e5dc489ba3f47
8c02b2938c7c5f8553e55bc6376e0a2d43356568590eda5c88c7339bdc6f9f60
9f982e254a4bf3eb7973170c9d1212c69fc52f8a53e460caa3f70944820ad33d
a67f81fe5882f502ba7fd3c824db5f19824d7cce608907409ad3cc248a6c4787
a8ca63bf7e73b105859b4255a8f911c242f85736c8f5eb377213d28ae89f476e
c80867a3e00e9a8d9232195c59408284ec1f984798ff711bb76b95eb7bf08dbb
d88d4958b9ccaf251170ea8431520af6e9ea0ed4383152ea3d805709d47325be

indodax.com.in Open in urlscan Pro 104.21.45.234 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

328 kBTransfer

702 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

Indicators

indodax.com.in Open in urlscan Pro
104.21.45.234 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

328 kB
Transfer

702 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!