indodax.com.in
Open in
urlscan Pro
104.21.45.234
Malicious Activity!
Public Scan
Effective URL: https://indodax.com.in/login.html
Submission: On May 09 via manual from PT — Scanned from PT
Summary
TLS certificate: Issued by E1 on April 18th 2024. Valid for: 3 months.
This is the only time indodax.com.in was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Poloniex (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 172.67.211.8 172.67.211.8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
12 | 104.21.45.234 104.21.45.234 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 13.33.158.137 13.33.158.137 | 16509 (AMAZON-02) (AMAZON-02) | |
13 | 2 |
ASN16509 (AMAZON-02, US)
PTR: server-13-33-158-137.fra60.r.cloudfront.net
d21y75miwcfqoq.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
indodax.com.in
indodax.com.in |
328 KB |
1 |
cloudfront.net
d21y75miwcfqoq.cloudfront.net |
455 B |
1 |
indadax.com
1 redirects
indadax.com |
493 B |
13 | 3 |
Domain | Requested by | |
---|---|---|
12 | indodax.com.in |
indodax.com.in
|
1 | d21y75miwcfqoq.cloudfront.net |
indodax.com.in
|
1 | indadax.com | 1 redirects |
13 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
sunswap.com |
apenft.io |
Subject Issuer | Validity | Valid | |
---|---|---|---|
indodax.com.in E1 |
2024-04-18 - 2024-07-17 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://indodax.com.in/login.html
Frame ID: F21CFFFD0D1C5F079B804F80A18CC69E
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://indadax.com/
HTTP 301
https://indodax.com.in/login.html Page URL
Detected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+\sdata-v(?:ue)?-
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: SunS
Search URL Search Domain Scan URL
Title: NFT
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://indadax.com/
HTTP 301
https://indodax.com.in/login.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
login.html
indodax.com.in/ Redirect Chain
|
164 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
font-awesome.min.css
indodax.com.in/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
font-proxima.css
indodax.com.in/css/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style-ls.css
indodax.com.in/css/ |
188 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-2.1.3.min.js
indodax.com.in/js/ |
82 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5d308ddf
d21y75miwcfqoq.cloudfront.net/ |
68 B 455 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
proxima-nova-condensed-semibold.woff2
indodax.com.in/css/fonts/ProximaNova/ |
18 KB 18 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
proxima-nova-medium.woff2
indodax.com.in/css/fonts/ProximaNova/ |
21 KB 22 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-webfont.woff2
indodax.com.in/css/fonts/fontawesome/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
proxima-nova-semibold.woff2
indodax.com.in/css/fonts/ProximaNova/ |
38 KB 38 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
proxima-nova-regular.woff2
indodax.com.in/css/fonts/ProximaNova/ |
39 KB 39 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
proxima-nova-bold.woff2
indodax.com.in/css/fonts/ProximaNova/ |
39 KB 39 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
polo-icon-32x32.png@v=20200417
indodax.com.in/images/icons/favicons/ |
701 B 1 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Poloniex (Crypto Exchange)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| mobilenav_btn0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
d21y75miwcfqoq.cloudfront.net
indadax.com
indodax.com.in
104.21.45.234
13.33.158.137
172.67.211.8
0317d04b30d7259cd54e9482edf3d9c9eee31b0922c3274fefb41d0f3598816f
1d27f3ef1928dded801984f7a2d9bfc295a3242f385e6452bd8dd44d3b7e9a55
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
51ed6801e6898f007b27f5226f918be58041a6324bd1b014850ab422f8427781
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
68d4a759022635c8d1e96bf1cda36eb8559c7b2c6de3cb6d3f2f1104364aa7a1
70d7aca7ecb837130c86e14abe13d4e68ba59cc18c43c955153e5dc489ba3f47
8c02b2938c7c5f8553e55bc6376e0a2d43356568590eda5c88c7339bdc6f9f60
9f982e254a4bf3eb7973170c9d1212c69fc52f8a53e460caa3f70944820ad33d
a67f81fe5882f502ba7fd3c824db5f19824d7cce608907409ad3cc248a6c4787
a8ca63bf7e73b105859b4255a8f911c242f85736c8f5eb377213d28ae89f476e
c80867a3e00e9a8d9232195c59408284ec1f984798ff711bb76b95eb7bf08dbb
d88d4958b9ccaf251170ea8431520af6e9ea0ed4383152ea3d805709d47325be