babyace.tech
Open in
urlscan Pro
151.106.117.37
Malicious Activity!
Public Scan
Effective URL: https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Submission: On March 08 via api from BE — Scanned from SG
Summary
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on February 20th 2024. Valid for: 3 months.
This is the only time babyace.tech was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 4 | 151.106.117.37 151.106.117.37 | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
1 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
22 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
babyace.tech
babyace.tech |
600 KB |
2 |
cosmo-wallet.com
1 redirects
cosmo-wallet.com |
729 B |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 228 |
20 KB |
0 |
web3-api.in
Failed
web3-api.in Failed |
|
22 | 4 |
Domain | Requested by | |
---|---|---|
2 | babyace.tech |
babyace.tech
|
2 | cosmo-wallet.com | 1 redirects |
1 | cdnjs.cloudflare.com |
babyace.tech
|
0 | web3-api.in Failed |
babyace.tech
|
22 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
cosmo-wallet.com R3 |
2024-01-13 - 2024-04-12 |
3 months | crt.sh |
babyace.tech ZeroSSL RSA Domain Secure Site CA |
2024-02-20 - 2024-05-20 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Frame ID: ABE2C17EBBB50C30F1332B6B6B796F14
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
Loading... Wait...Page URL History Show full URLs
-
http://cosmo-wallet.com/
HTTP 301
https://cosmo-wallet.com/ Page URL
- https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://cosmo-wallet.com/
HTTP 301
https://cosmo-wallet.com/ Page URL
- https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://cosmo-wallet.com/ HTTP 301
- https://cosmo-wallet.com/
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
cosmo-wallet.com/ Redirect Chain
|
111 B 427 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.html
babyace.tech/Open/ |
15 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f67e7227-b17f-40b7-9633-9ed3d8ab692f.js
babyace.tech/Open/ |
2 MB 596 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/ |
59 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
config
web3-api.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
config
web3-api.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
config
web3-api.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
config
web3-api.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
config
web3-api.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
config
web3-api.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
config
web3-api.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
config
web3-api.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
config
web3-api.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
config
web3-api.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
config
web3-api.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
config
web3-api.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
config
web3-api.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
config
web3-api.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
config
web3-api.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
config
web3-api.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
config
web3-api.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
config
web3-api.in/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- web3-api.in
- URL
- https://web3-api.in/config
- Domain
- web3-api.in
- URL
- https://web3-api.in/config
- Domain
- web3-api.in
- URL
- https://web3-api.in/config
- Domain
- web3-api.in
- URL
- https://web3-api.in/config
- Domain
- web3-api.in
- URL
- https://web3-api.in/config
- Domain
- web3-api.in
- URL
- https://web3-api.in/config
- Domain
- web3-api.in
- URL
- https://web3-api.in/config
- Domain
- web3-api.in
- URL
- https://web3-api.in/config
- Domain
- web3-api.in
- URL
- https://web3-api.in/config
- Domain
- web3-api.in
- URL
- https://web3-api.in/config
- Domain
- web3-api.in
- URL
- https://web3-api.in/config
- Domain
- web3-api.in
- URL
- https://web3-api.in/config
- Domain
- web3-api.in
- URL
- https://web3-api.in/config
- Domain
- web3-api.in
- URL
- https://web3-api.in/config
- Domain
- web3-api.in
- URL
- https://web3-api.in/config
- Domain
- web3-api.in
- URL
- https://web3-api.in/config
- Domain
- web3-api.in
- URL
- https://web3-api.in/config
- Domain
- web3-api.in
- URL
- https://web3-api.in/config
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)77 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| __p_2029758471 object| __p_9345557290 number| __p_3367345159 object| __p_0989361378 function| __getGlobal object| __globalObject function| __TextDecoder function| __Uint8Array undefined| __Buffer function| __String function| __Array function| utf8ArrayToStr function| __p_5166432681 string| __p_7660698168 string| __p_7412948270 string| __p_6788441016 string| __p_6609211126 string| __p_8553047088 object| __p_9338905274 string| __p_0905562066 string| __p_0136053061 string| __p_2908262497 string| __p_1801843687 object| __p_5184532915 string| __p_1181432359 function| __p_7069285084_calc function| __p_7356849905 number| __p_8350656799 function| I function| N function| me function| X function| U function| B function| G function| K function| q function| ve function| fe function| ya function| Ce function| ka function| _a function| La function| xa function| Ta function| Sa function| Fa function| qa function| $a function| Ja function| Ka function| ei function| ai function| si function| oi function| ci function| Pt function| gi function| Ci function| Li function| Ai function| ji function| Wi function| Oi function| Ri function| Fi function| Vi function| Ui function| Ji function| _0x1f4f function| _0x1e8a function| _0x43d2d1 function| __p_7144484021 function| __p_5324590066 function| myFunction object| CryptoJS0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
34 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
babyace.tech
cdnjs.cloudflare.com
cosmo-wallet.com
web3-api.in
web3-api.in
104.17.24.14
151.106.117.37
5d5e366ba0328b0926027ddaaec359b8c55b44ecb1f422672f1eda5b593bd458
6508e32be2391a50dd89e2c16c3355ce4143f38a02b009fd1d7896bf633d4396
769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc
cb28a272df1c44c3e8c50de63b63f93a8c02fa0e6789b3237e73311c0683d4e9