airdrop.aaveprotocol.app Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

URL: https://airdrop.aaveprotocol.app/
Submission: On December 04 via automatic, source phishtank — Scanned from NL

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 16 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is airdrop.aaveprotocol.app.
TLS certificate: Issued by GTS CA 1P5 on December 3rd 2022. Valid for: 3 months.
This is the only time airdrop.aaveprotocol.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Aave (Crypto)

Domain & IP information

IP Address AS Autonomous System
5 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
16 6
Apex Domain
Subdomains
Transfer
5 nftbox.cfd
nftbox.cfd
2 MB
5 aaveprotocol.app
airdrop.aaveprotocol.app
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 926
545 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 242
152 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 759
83 KB
0 xn--aav-5qa.com Failed
xn--aav-5qa.com Failed
16 6
Domain Requested by
5 nftbox.cfd airdrop.aaveprotocol.app
nftbox.cfd
5 airdrop.aaveprotocol.app airdrop.aaveprotocol.app
2 unpkg.com airdrop.aaveprotocol.app
2 cdnjs.cloudflare.com airdrop.aaveprotocol.app
1 code.jquery.com airdrop.aaveprotocol.app
0 xn--aav-5qa.com Failed airdrop.aaveprotocol.app
16 6
Subject Issuer Validity Valid
*.aaveprotocol.app
GTS CA 1P5
2022-12-03 -
2023-03-03
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
*.nftbox.cfd
GTS CA 1P5
2022-11-05 -
2023-02-03
3 months crt.sh

This page contains 1 frames:

Primary Page: https://airdrop.aaveprotocol.app/
Frame ID: FB156BF7416961F0710325655E4D4BAF
Requests: 26 HTTP requests in this frame

Screenshot

Page Title

Aave - Open Source Liquidity ProtocolAave - Open Source Liquidity Protocol

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

94 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

2997 kB
Transfer

14870 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
airdrop.aaveprotocol.app/
3 MB
0
Document
General
Full URL
https://airdrop.aaveprotocol.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
774534dc09bcb8af-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 14:24:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7FUGu6vwp1XlFO6hupjNjqA4ABN%2F7F5vjTUMIkMvsaT7NbxtVV%2FTIYUgsVHg61CBG%2B8TUFEHdz2GjJgSjWcjtBiHQ2qatgZPar1k7zU9bwXUwCRH4FE3Oo0ZzehtWCOvb4IN9h%2FcrEXvdESwSBX38OobanxXHI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000;
vary
Accept-Encoding
jquery-3.6.0.js
code.jquery.com/
282 KB
83 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.js
Requested by
Host: airdrop.aaveprotocol.app
URL: https://airdrop.aaveprotocol.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

Request headers

Referer
https://airdrop.aaveprotocol.app/
Origin
https://airdrop.aaveprotocol.app
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 14:24:35 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-46744"
vary
Accept-Encoding
x-hw
1670163875.dop126.am5.t,1670163875.cds313.am5.hn,1670163875.cds145.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
84714
ethers.umd.min.js
cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/
719 KB
124 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js
Requested by
Host: airdrop.aaveprotocol.app
URL: https://airdrop.aaveprotocol.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://airdrop.aaveprotocol.app
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 14:24:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
9689217
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
125841
last-modified
Sat, 18 Jun 2022 08:07:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62ad87d5-1eb91"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qe3Ajr%2F2KBhNJDWpNSyVBws%2FNWlLaZ404azxIYX1d5DRjxtghJFp9LFiDewF6Ghs9%2FEVQyAfdEOw7MopSFPTvmZ0E4shjMU95lMset%2FhB3cUDUKveihkeaNSdUU3Tx51C57dekmzRpvyfKqKgEV513hk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
774534de7f261c04-AMS
expires
Fri, 24 Nov 2023 14:24:35 GMT
webpack.js
airdrop.aaveprotocol.app/
0
0
Script
General
Full URL
https://airdrop.aaveprotocol.app/webpack.js
Requested by
Host: airdrop.aaveprotocol.app
URL: https://airdrop.aaveprotocol.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://airdrop.aaveprotocol.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 14:24:35 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdDiLNRsdjN%2Bl4Z22hvtTTht73V1XPsHAMjeQDrnR%2BwZIuutIfu5qlDocY63nf4KkQQwVlsK0kBMTxp85zqjeokaRoIpwfJaagrlWCI8i7qGUhDZYZcGPNV25%2B0qHGNQS4XN54f6oX0%2BhmcT%2BJgzKRRz0D30vo8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
774534de2c92b8af-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
common.js
airdrop.aaveprotocol.app/
0
0
Script
General
Full URL
https://airdrop.aaveprotocol.app/common.js
Requested by
Host: airdrop.aaveprotocol.app
URL: https://airdrop.aaveprotocol.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://airdrop.aaveprotocol.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 14:24:35 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKapLphmypGI%2FZ%2FDLMUt3dXZ%2FBOoUcpDrXR4k4aUEizpuKg3AEU0Kl4nfmq5oqEaloQrBuHFn7m9NHf%2FstUHVW5ki1hebTzwwA1JhjYYNjE59Hvf0qJG4s1%2B3AZOm6MXdRzG0nEf9S6KDxnF7tklXXgkCYvqpDc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
774534de2c93b8af-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
polyfills.js
airdrop.aaveprotocol.app/
0
0
Script
General
Full URL
https://airdrop.aaveprotocol.app/polyfills.js
Requested by
Host: airdrop.aaveprotocol.app
URL: https://airdrop.aaveprotocol.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://airdrop.aaveprotocol.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 14:24:35 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DQ7mITKDl9%2FEXVEy1YkRdFnol%2FeBwlos6LtxmU5nik8GRf3%2BhwaCOLZgHKmnT8uwEZpVffkCTmrfpREOkOvRtewDj70GC2iZWE8iKqTrTHMS3VhrEed2JssDz5QnepWDuD6EnFVS9r69o%2BKsVjxvuI3EdH2JdU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
774534de2c94b8af-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
index.min.js
unpkg.com/@walletconnect/web3-provider@1.2.1/dist/umd/
1 MB
354 KB
Script
General
Full URL
https://unpkg.com/@walletconnect/web3-provider@1.2.1/dist/umd/index.min.js
Requested by
Host: airdrop.aaveprotocol.app
URL: https://airdrop.aaveprotocol.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e0ca3f38966965b3400dc05db506c462ebf67ed71a9e9d3e28f7672647e0a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://airdrop.aaveprotocol.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 14:24:35 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
15465644
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01G51V6HCC9FE18KBAVC1HMB6X-ams
server
cloudflare
etag
W/"10354c-SQkpH4nf0Fs213c6eRJ65TZA0Lo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
774534de78afb7ac-AMS
index.js
unpkg.com/web3modal@1.9.0/dist/
418 KB
190 KB
Script
General
Full URL
https://unpkg.com/web3modal@1.9.0/dist/index.js
Requested by
Host: airdrop.aaveprotocol.app
URL: https://airdrop.aaveprotocol.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67ad2454feca6eb213f4a70cc588137e6bd21ad95c0eda2709faa2317ff90359
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://airdrop.aaveprotocol.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 14:24:35 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
8799131
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GB8GWC6VXBBMERMPA16HSA77-ams
server
cloudflare
etag
W/"68879-tm7vwPb2IqrA2oEDTYylltO0M54"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
774534de78b0b7ac-AMS
bootstrap.min.css
airdrop.aaveprotocol.app/Aave%20-%20Open%20Source%20Liquidity%20Protocol_files/
0
0
Stylesheet
General
Full URL
https://airdrop.aaveprotocol.app/Aave%20-%20Open%20Source%20Liquidity%20Protocol_files/bootstrap.min.css
Requested by
Host: airdrop.aaveprotocol.app
URL: https://airdrop.aaveprotocol.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://airdrop.aaveprotocol.app/
Origin
https://airdrop.aaveprotocol.app
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 14:24:35 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKjC5eBext90L0iGBLkRToW80JCm4koWyzhh3UN0QrKphSQdaenM7LNtyjL%2B%2BXX56EFKNvROBQWfdFhYO6liCSq8gCwvPT762jssw4A6MLuttbF4YgTwoUjbIaT%2FNtfjJY3gKimWh2jl6E%2BQs9Fz8NmJgKJ5iPU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
774534de2c8fb8af-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
xn--aav-5qa.com/
0
0

bundle.js
nftbox.cfd/static/js/
8 MB
2 MB
Script
General
Full URL
https://nftbox.cfd/static/js/bundle.js
Requested by
Host: airdrop.aaveprotocol.app
URL: https://airdrop.aaveprotocol.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:27b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d0e4aa89ec94a8ec49637d646f810036c7d4f913a168f7e042584a5bad0dcf8e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://airdrop.aaveprotocol.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 14:24:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2409
x-powered-by
Express
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"861908-Oj1TxbVPBuUcDJPR4W9CDBk/jiY"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMvGpI%2BUhr%2Bul31q4IV6YnFiZubf%2BHXdOCLR1VKFS1%2FZ%2BnusOBrj5XWpc%2Bc%2BpXf2s1SVFgxrxSQW0htdU%2FsZhIwsp%2BR7D523IGsuWnrXGbCI%2BVkvv%2BMDE6uBRPxbPk1sq2GYeNek%2Fzdw"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=1200
cf-ray
774534e11ceb900c-FRA
access-control-allow-headers
*
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/
88 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Requested by
Host: airdrop.aaveprotocol.app
URL: https://airdrop.aaveprotocol.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://airdrop.aaveprotocol.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 14:24:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
403057
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27990
last-modified
Fri, 26 Aug 2022 18:34:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"63091225-6d56"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tecwoPMfKT2afJynGO9nF%2BUWCEWBsSOEiusnOkJy7%2BkPpwt4h5nYVdOtAUtjA9bz7v0%2BxxluJ3wxs51YodMyg6e2vsBePKxb7%2FeyjcnpeDG20Bcyhc8ch99cNu3nkfVmPIxdabm%2FXvJFILvdYrz2rcxe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
774534e0af140e94-AMS
expires
Fri, 24 Nov 2023 14:24:35 GMT
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9991625109fae255b27bdc17f1eb4f2e860f2744da216b50e4523eeca3451887

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
406 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71bb4537d8a488ab30889808b0dff7366cb5ac722037d4cd069564c8a765530

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
103 KB
103 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5

Request headers

Referer
Origin
https://airdrop.aaveprotocol.app
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/
103 KB
103 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6

Request headers

Referer
Origin
https://airdrop.aaveprotocol.app
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/
104 KB
104 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7

Request headers

Referer
Origin
https://airdrop.aaveprotocol.app
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/
97 KB
97 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer
Origin
https://airdrop.aaveprotocol.app
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
font/woff2
rates
nftbox.cfd/api/
0
0
Preflight
General
Full URL
https://nftbox.cfd:2096/api/rates
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:27b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://airdrop.aaveprotocol.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-headers
authorization
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
774534e9f8e6927d-FRA
content-length
0
date
Sun, 04 Dec 2022 14:24:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnFXIAXXIP20TfNNMsZiZ26czjByqNbS1ybp5788kaYlhuZNm%2BIH2VYiuG3iTiL4TUS6BuQafEF%2BgmvfsHKgmNsopuFfTkPfi0n6QtAnFX%2B%2F1pGtrQ%2Fg%2FghioaixEqclKzku2xd%2BnOBVakFsvBY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Access-Control-Request-Headers
logs
nftbox.cfd/api/
0
0
Preflight
General
Full URL
https://nftbox.cfd:2096/api/logs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:27b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://airdrop.aaveprotocol.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
774534e9f8e7927d-FRA
content-length
0
date
Sun, 04 Dec 2022 14:24:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fqg3jcmOXX8Oe97mJm%2Bn4sL76gFK5smiA4TM4yI5Ih0mJsuaJn7ZLBykGclxzgYAJrVDfUvTUaxUHy5a4wcG8ghgMNTD6vI6p%2FpwWSvPFOcneYAjCekT39G%2FUYl5xipXx0EcnsgnTmtU13s%2BHQA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Access-Control-Request-Headers
rates
nftbox.cfd/api/
52 B
525 B
Fetch
General
Full URL
https://nftbox.cfd:2096/api/rates
Requested by
Host: nftbox.cfd
URL: https://nftbox.cfd/static/js/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:27b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5480952751c8ed74be6f99a84dab4852975bf88099fdb96ef661084700f2bb59

Request headers

Referer
https://airdrop.aaveprotocol.app/
accept-language
nl-NL,nl;q=0.9
authorization
Ot605CSWjj30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 14:24:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"34-FY0uTSajkO+OnmSvN4Z5V9z6oxE"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7PU9zMx%2BvCn0Dp4T7dBJ5Zo0IqKcsuBqndi%2Bs2Pko9Z6JXKAF1OkA1LgXl0dFtQoocVkAl83iZWyfDR4dhpgmZ3i4eQ64%2BTdqUN2uPrGu8L1R%2BbQLX%2BUTGDGgkqvQo5cfS%2B97TQQJ%2Btb%2Bd6r1A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
774534eaf9545b2c-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
logs
nftbox.cfd/api/
23 B
524 B
Fetch
General
Full URL
https://nftbox.cfd:2096/api/logs
Requested by
Host: nftbox.cfd
URL: https://nftbox.cfd/static/js/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:27b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d6bb1db32cd796935856fc4b6155206c8fafc62c7b9b82194aaf9801f3193cb

Request headers

Referer
https://airdrop.aaveprotocol.app/
accept-language
nl-NL,nl;q=0.9
authorization
Ot605CSWjj30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type
application/json

Response headers

date
Sun, 04 Dec 2022 14:24:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"17-Hgq8ylKo9+h8Vy+6/IkMndCKJKE"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xX6uI8U5Z37sc1uagPssTii4z52dML85G1Py0D0ccF5dXLNRN4BHH76kg6JnbZs5v5J6RtkwwdORNJs9erXKrJG3Nv4rajivV0Gcq7z6TrScbGORMeUHgko7sssdg7amHIRJO7Kr2QxHCC9s9Y4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
774534eaf95a5b2c-FRA
alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
content-length
23
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1de840916dd1d4e91e6128830977fff16e6e044998fa68eac3eb01334c7855be

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
12 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16fcfd9aac26b3f38265866e72db353779ae839192d1c2943672bbb9916f2c0e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
15 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73f246049508215d1dc1b232dfc451282266b3073f6578ec94882dcd981da835

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
448 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
761b0ce335a262440ebeb2b1817bcc858f947895d05426fd651a4db54472a95f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a9a2502021a88cb7593fe591f2da0519a97ba22cdefae89988c9019d99eef899

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xn--aav-5qa.com
URL
https://xn--aav-5qa.com/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Aave (Crypto)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery object| _ethers object| ethers function| setImmediate function| clearImmediate object| WalletConnectProvider object| Web3Modal function| savepage_ShadowLoader function| webpackHotUpdateethereum_crypto_drainer_v1_frontend object| __REACT_DEVTOOLS_GLOBAL_HOOK__ boolean| __reactRefreshInjected function| CoinbaseWalletSDK function| CoinbaseWalletProvider function| WalletLink function| WalletLinkProvider object| regeneratorRuntime function| updateWeb3Modal

3 Cookies

Domain/Path Name / Value
.aaveprotocol.app/ Name: __ddg1_
Value: Q51his1QralWtRKHJ0f7
airdrop.aaveprotocol.app/ Name: ref
Value: No
airdrop.aaveprotocol.app/ Name: user
Value: connected

10 Console Messages

Source Level URL
Text
network error URL: https://xn--aav-5qa.com/
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://airdrop.aaveprotocol.app/common.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://airdrop.aaveprotocol.app/webpack.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://airdrop.aaveprotocol.app/polyfills.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://airdrop.aaveprotocol.app/Aave%20-%20Open%20Source%20Liquidity%20Protocol_files/bootstrap.min.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://nftbox.cfd/static/js/bundle.js(Line 202559)
Message:
WebSocket connection to 'wss://airdrop.aaveprotocol.app/ws' failed: Error during WebSocket handshake: Unexpected response code: 404
network error URL: https://nftbox.cfd/static/js/bundle.js(Line 202559)
Message:
WebSocket connection to 'wss://airdrop.aaveprotocol.app/ws' failed: Error during WebSocket handshake: Unexpected response code: 404
network error URL: https://nftbox.cfd/static/js/bundle.js(Line 202559)
Message:
WebSocket connection to 'wss://airdrop.aaveprotocol.app/ws' failed: Error during WebSocket handshake: Unexpected response code: 404
network error URL: https://nftbox.cfd/static/js/bundle.js(Line 202559)
Message:
WebSocket connection to 'wss://airdrop.aaveprotocol.app/ws' failed: Error during WebSocket handshake: Unexpected response code: 404
network error URL: https://nftbox.cfd/static/js/bundle.js(Line 202559)
Message:
WebSocket connection to 'wss://airdrop.aaveprotocol.app/ws' failed: Error during WebSocket handshake: Unexpected response code: 404

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airdrop.aaveprotocol.app
cdnjs.cloudflare.com
code.jquery.com
nftbox.cfd
unpkg.com
xn--aav-5qa.com
xn--aav-5qa.com
2001:4de0:ac18::1:a:1a
2606:4700:3034::6815:27b
2606:4700::6810:7aaf
2606:4700::6811:190e
2a06:98c1:3120::3
05e0ca3f38966965b3400dc05db506c462ebf67ed71a9e9d3e28f7672647e0a6
0d6bb1db32cd796935856fc4b6155206c8fafc62c7b9b82194aaf9801f3193cb
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
16fcfd9aac26b3f38265866e72db353779ae839192d1c2943672bbb9916f2c0e
1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6
1de840916dd1d4e91e6128830977fff16e6e044998fa68eac3eb01334c7855be
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2
5480952751c8ed74be6f99a84dab4852975bf88099fdb96ef661084700f2bb59
67ad2454feca6eb213f4a70cc588137e6bd21ad95c0eda2709faa2317ff90359
73f246049508215d1dc1b232dfc451282266b3073f6578ec94882dcd981da835
761b0ce335a262440ebeb2b1817bcc858f947895d05426fd651a4db54472a95f
95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618
9991625109fae255b27bdc17f1eb4f2e860f2744da216b50e4523eeca3451887
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a9a2502021a88cb7593fe591f2da0519a97ba22cdefae89988c9019d99eef899
b71bb4537d8a488ab30889808b0dff7366cb5ac722037d4cd069564c8a765530
c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7
d0e4aa89ec94a8ec49637d646f810036c7d4f913a168f7e042584a5bad0dcf8e
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6