urlscan.io logo urlscan.io
SecurityTrails logo

babyace.tech Open in urlscan Pro
151.106.117.37  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cosmo-wallet.com/
Effective URL: https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Submission: On March 08 via api from BE — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 22 HTTP transactions. The main IP is 151.106.117.37, located in Singapore, Singapore and belongs to AS-HOSTINGER, CY. The main domain is babyace.tech.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on February 20th 2024. Valid for: 3 months.
This is the only time babyace.tech was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 4 151.106.117.37 47583 (AS-HOSTINGER)
1 104.17.24.14 13335 (CLOUDFLAR...)
22 3
Apex Domain
Subdomains		 Transfer
2 babyace.tech
babyace.tech
600 KB
2 cosmo-wallet.com
cosmo-wallet.com
729 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 228
20 KB
0 web3-api.in Failed
web3-api.in Failed
22 4
Domain Requested by
2 babyace.tech babyace.tech
2 cosmo-wallet.com 1 redirects
1 cdnjs.cloudflare.com babyace.tech
0 web3-api.in Failed babyace.tech
22 4

This site contains no links.

Subject Issuer Validity Valid
cosmo-wallet.com
R3		 2024-01-13 -
2024-04-12		 3 months crt.sh
babyace.tech
ZeroSSL RSA Domain Secure Site CA		 2024-02-20 -
2024-05-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Frame ID: ABE2C17EBBB50C30F1332B6B6B796F14
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading... Wait...

Page URL History Show full URLs

  1. http://cosmo-wallet.com/ HTTP 301
    https://cosmo-wallet.com/ Page URL
  2. https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET Page URL

Page Statistics

22
Requests

18 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

620 kB
Transfer

2154 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cosmo-wallet.com/ HTTP 301
    https://cosmo-wallet.com/ Page URL
  2. https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://cosmo-wallet.com/ HTTP 301
  • https://cosmo-wallet.com/

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
cosmo-wallet.com/
Redirect Chain
  • http://cosmo-wallet.com/
  • https://cosmo-wallet.com/
111 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cosmo-wallet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.106.117.37 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6508e32be2391a50dd89e2c16c3355ce4143f38a02b009fd1d7896bf633d4396
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
111
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Fri, 08 Mar 2024 09:32:07 GMT
etag
"6f-65ea04f6-5a0be3a8cc84ee16;;;"
last-modified
Thu, 07 Mar 2024 18:18:30 GMT
platform
hostinger
server
LiteSpeed

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
707
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Fri, 08 Mar 2024 09:32:06 GMT
location
https://cosmo-wallet.com/
platform
hostinger
server
LiteSpeed
Primary Request index.html
babyace.tech/Open/ 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.106.117.37 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5d5e366ba0328b0926027ddaaec359b8c55b44ecb1f422672f1eda5b593bd458
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://cosmo-wallet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
3795
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Fri, 08 Mar 2024 09:32:07 GMT
etag
"3ce0-65e732c8-12d844daafd46574;br"
last-modified
Tue, 05 Mar 2024 14:57:12 GMT
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
f67e7227-b17f-40b7-9633-9ed3d8ab692f.js
babyace.tech/Open/ 		2 MB
596 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://babyace.tech/Open/f67e7227-b17f-40b7-9633-9ed3d8ab692f.js
Requested by
Host: babyace.tech
URL: https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.106.117.37 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
cb28a272df1c44c3e8c50de63b63f93a8c02fa0e6789b3237e73311c0683d4e9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 09:32:07 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 05 Mar 2024 14:54:10 GMT
server
LiteSpeed
etag
"207bf5-65e73212-82e82e1a7ad0fa7;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
expires
Fri, 15 Mar 2024 09:32:07 GMT
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js
Requested by
Host: babyace.tech
URL: https://babyace.tech/Open/f67e7227-b17f-40b7-9633-9ed3d8ab692f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://babyace.tech/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Fri, 08 Mar 2024 09:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
140426
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19621
last-modified
Tue, 24 Oct 2023 23:03:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65384d58-4ca5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FBvU5Ja1YBVSGQC5xCFOyoO%2BIFR4xST5q8VJjlLv20NB0NGWZq86e2CS3m7uuQsO1r5%2F2NoF3D8eeJPt9LLsfiy8iCzhOeRFpIkpv%2Fh5OsJXH2R09wXj2PnnzVxFjEhZbxg77cef"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8611d0f82bc0448f-SIN
expires
Wed, 26 Feb 2025 09:32:08 GMT
config
web3-api.in/ 		0
0
config
web3-api.in/ 		0
0
config
web3-api.in/ 		0
0
config
web3-api.in/ 		0
0
config
web3-api.in/ 		0
0
config
web3-api.in/ 		0
0
config
web3-api.in/ 		0
0
config
web3-api.in/ 		0
0
config
web3-api.in/ 		0
0
config
web3-api.in/ 		0
0
config
web3-api.in/ 		0
0
config
web3-api.in/ 		0
0
config
web3-api.in/ 		0
0
config
web3-api.in/ 		0
0
config
web3-api.in/ 		0
0
config
web3-api.in/ 		0
0
config
web3-api.in/ 		0
0
config
web3-api.in/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
web3-api.in
URL
https://web3-api.in/config
Domain
web3-api.in
URL
https://web3-api.in/config
Domain
web3-api.in
URL
https://web3-api.in/config
Domain
web3-api.in
URL
https://web3-api.in/config
Domain
web3-api.in
URL
https://web3-api.in/config
Domain
web3-api.in
URL
https://web3-api.in/config
Domain
web3-api.in
URL
https://web3-api.in/config
Domain
web3-api.in
URL
https://web3-api.in/config
Domain
web3-api.in
URL
https://web3-api.in/config
Domain
web3-api.in
URL
https://web3-api.in/config
Domain
web3-api.in
URL
https://web3-api.in/config
Domain
web3-api.in
URL
https://web3-api.in/config
Domain
web3-api.in
URL
https://web3-api.in/config
Domain
web3-api.in
URL
https://web3-api.in/config
Domain
web3-api.in
URL
https://web3-api.in/config
Domain
web3-api.in
URL
https://web3-api.in/config
Domain
web3-api.in
URL
https://web3-api.in/config
Domain
web3-api.in
URL
https://web3-api.in/config

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| __p_2029758471 object| __p_9345557290 number| __p_3367345159 object| __p_0989361378 function| __getGlobal object| __globalObject function| __TextDecoder function| __Uint8Array undefined| __Buffer function| __String function| __Array function| utf8ArrayToStr function| __p_5166432681 string| __p_7660698168 string| __p_7412948270 string| __p_6788441016 string| __p_6609211126 string| __p_8553047088 object| __p_9338905274 string| __p_0905562066 string| __p_0136053061 string| __p_2908262497 string| __p_1801843687 object| __p_5184532915 string| __p_1181432359 function| __p_7069285084_calc function| __p_7356849905 number| __p_8350656799 function| I function| N function| me function| X function| U function| B function| G function| K function| q function| ve function| fe function| ya function| Ce function| ka function| _a function| La function| xa function| Ta function| Sa function| Fa function| qa function| $a function| Ja function| Ka function| ei function| ai function| si function| oi function| ci function| Pt function| gi function| Ci function| Li function| Ai function| ji function| Wi function| Oi function| Ri function| Fi function| Vi function| Ui function| Ji function| _0x1f4f function| _0x1e8a function| _0x43d2d1 function| __p_7144484021 function| __p_5324590066 function| myFunction object| CryptoJS

0 Cookies

34 Console Messages

Source Level URL
Text
javascript error URL: https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Message:
Access to fetch at 'https://web3-api.in/config' from origin 'https://babyace.tech' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://web3-api.in/config
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Message:
Access to fetch at 'https://web3-api.in/config' from origin 'https://babyace.tech' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://web3-api.in/config
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Message:
Access to fetch at 'https://web3-api.in/config' from origin 'https://babyace.tech' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://web3-api.in/config
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Message:
Access to fetch at 'https://web3-api.in/config' from origin 'https://babyace.tech' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://web3-api.in/config
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Message:
Access to fetch at 'https://web3-api.in/config' from origin 'https://babyace.tech' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://web3-api.in/config
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Message:
Access to fetch at 'https://web3-api.in/config' from origin 'https://babyace.tech' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://web3-api.in/config
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Message:
Access to fetch at 'https://web3-api.in/config' from origin 'https://babyace.tech' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://web3-api.in/config
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Message:
Access to fetch at 'https://web3-api.in/config' from origin 'https://babyace.tech' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://web3-api.in/config
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Message:
Access to fetch at 'https://web3-api.in/config' from origin 'https://babyace.tech' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://web3-api.in/config
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Message:
Access to fetch at 'https://web3-api.in/config' from origin 'https://babyace.tech' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://web3-api.in/config
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Message:
Access to fetch at 'https://web3-api.in/config' from origin 'https://babyace.tech' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://web3-api.in/config
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Message:
Access to fetch at 'https://web3-api.in/config' from origin 'https://babyace.tech' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://web3-api.in/config
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Message:
Access to fetch at 'https://web3-api.in/config' from origin 'https://babyace.tech' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://web3-api.in/config
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Message:
Access to fetch at 'https://web3-api.in/config' from origin 'https://babyace.tech' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://web3-api.in/config
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Message:
Access to fetch at 'https://web3-api.in/config' from origin 'https://babyace.tech' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://web3-api.in/config
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Message:
Access to fetch at 'https://web3-api.in/config' from origin 'https://babyace.tech' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://web3-api.in/config
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://babyace.tech/Open/index.html?wallet_connect=True&NFT-GET
Message:
Access to fetch at 'https://web3-api.in/config' from origin 'https://babyace.tech' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://web3-api.in/config
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests