urlscan.io logo urlscan.io
SecurityTrails logo

aave.do Open in urlscan Pro
2606:4700:3036::ac43:a873  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://engage.squarespace-mail.com/r?m=65decccb8ddb4c55e2ceb40b&u=https%3A%2F%2Faave.do&w=65dec2fe41e50907aacacca0&c=t_opt-in&l=en-...
Effective URL: https://aave.do/
Submission: On March 01 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 8 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3036::ac43:a873, located in United States and belongs to CLOUDFLARENET, US. The main domain is aave.do.
TLS certificate: Issued by GTS CA 1P5 on February 26th 2024. Valid for: 3 months.
This is the only time aave.do was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Aave (Crypto)

Domain & IP information

IP Address AS Autonomous System
1 1 198.185.159.145 53831 (SQUARESPACE)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 172.67.74.152 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
12 7
1    198.185.159.145 (United States)

ASN53831 (SQUARESPACE, US)
engage.squarespace-mail.com
5    2606:4700:3036::ac43:a873 (United States)

ASN13335 (CLOUDFLARENET, US)
aave.do
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2607:f8b0:4004:c1f::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:3030::6815:3e3e (United States)

ASN13335 (CLOUDFLARENET, US)
app.aave.com
1    2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    172.67.74.152 (United States)

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
1    2606:4700:10::6814:3d7a (United States)

ASN13335 (CLOUDFLARENET, US)
api.ipgeolocation.io
Apex Domain
Subdomains		 Transfer
5 aave.do
aave.do
32 KB
2 aave.com
app.aave.com — Cisco Umbrella Rank: 565704
7 KB
1 ipgeolocation.io
api.ipgeolocation.io — Cisco Umbrella Rank: 36851
791 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2821
155 B
1 gstatic.com
fonts.gstatic.com
46 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 760
31 KB
1 squarespace-mail.com
engage.squarespace-mail.com — Cisco Umbrella Rank: 98244
91 B
12 8
Domain Requested by
5 aave.do aave.do
2 app.aave.com aave.do
1 api.ipgeolocation.io aave.do
1 api.ipify.org aave.do
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com aave.do
1 code.jquery.com aave.do
1 engage.squarespace-mail.com 1 redirects
12 8

This site contains no links.

Subject Issuer Validity Valid
aave.do
GTS CA 1P5		 2024-02-26 -
2024-05-26		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
aave.com
E1		 2024-01-20 -
2024-04-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
ipify.org
GTS CA 1P5		 2024-01-22 -
2024-04-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-28 -
2024-04-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://aave.do/
Frame ID: 701B235CA34D0B3B882E6AD2C0E71113
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Aave - Open Source Liquidity Protocol

Page URL History Show full URLs

  1. https://engage.squarespace-mail.com/r?m=65decccb8ddb4c55e2ceb40b&u=https%3A%2F%2Faave.do&w=65dec2fe41e50907aacac... HTTP 302
    https://aave.do/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

7
IPs

1
Countries

119 kB
Transfer

300 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://engage.squarespace-mail.com/r?m=65decccb8ddb4c55e2ceb40b&u=https%3A%2F%2Faave.do&w=65dec2fe41e50907aacacca0&c=t_opt-in&l=en-US&s=j2fggw5zYq35eP3h83E4U3V0Rf4%3D HTTP 302
    https://aave.do/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
aave.do/
Redirect Chain
  • https://engage.squarespace-mail.com/r?m=65decccb8ddb4c55e2ceb40b&u=https%3A%2F%2Faave.do&w=65dec2fe41e50907aacacca0&c=t_opt-in&l=en-US&s=j2fggw5zYq35eP3h83E4U3V0Rf4%3D
  • https://aave.do/
98 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aave.do/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a873 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a2808f084bb43b7776343164dd54a0be0823eddfdc0d6c5ec7b66c7bb3be4ed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85db5fdb5b45c420-EWR
content-encoding
br
content-type
text/html
date
Fri, 01 Mar 2024 18:57:44 GMT
last-modified
Wed, 28 Feb 2024 02:24:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdmRpGRSwX%2BWZ2jsL8y3DNlFXdWJWhZBBrhVtU7GVmp%2FAyf5OI5oa3HAkJrm68hwGdx9wk3CLmdxuLqlwN1PimNBSE9y4JDnNyyA7UPQ30rDjtFqr59Rv9jjE5dsL8sWa98WPzPY"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent

Redirect headers

content-length
0
date
Fri, 01 Mar 2024 18:57:44 GMT
location
https://aave.do
server
Squarespace
x-contextid
vvuwM11x/POD8Z7Mv
jquery-3.6.3.min.js
code.jquery.com/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.3.min.js
Requested by
Host: aave.do
URL: https://aave.do/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aave.do/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 18:57:44 GMT
content-encoding
gzip
via
1.1 varnish
age
736347
x-cache
HIT
content-length
31046
x-served-by
cache-lga21954-LGA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1709319464.305840,VS0,VE0
etag
W/"28feccc0-15f5b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
21639
config.js
aave.do/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aave.do/config.js
Requested by
Host: aave.do
URL: https://aave.do/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a873 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a7cfeecfbd90eb145a413b838a28f1bf23db29e42f71ee6c2eb99ecbd5d2afb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aave.do/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 18:57:44 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 28 Feb 2024 01:49:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99jjmM6KuyX1UYq5x9QFhY8IPZcTfwqzv1BO4H0ozlNg9OtxAXA6YSJyNVEXsQBOIeFHcJbG0NN6jU42ulANHNfstMJKMwKmrjVeiM%2Fqz7AW0eOoMw%2FwKuLhb9JJJOc%2BJZM9Xeyq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
85db5fdbcbdcc420-EWR
alt-svc
h3=":443"; ma=86400
app.js
aave.do/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aave.do/app.js
Requested by
Host: aave.do
URL: https://aave.do/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a873 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c850af7de3df2281821f62ba9dc15782d6b6eb45e7343974b6f6813907aeed10

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aave.do/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 18:57:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 27 Feb 2024 00:12:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1328
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FoQspxHeIiHombeNXG7clnzVuF3OW5VhB9PhPwLKrVYY53U3aws9wA9a1YWEyEwuxhL941fDp40AajSnFfB5Bx4lr6bmdX4%2BEBGalpV%2FQBCBPpK%2BkgK6v8HHzokjeszqzqFBQbVF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
85db5fdc18cf8c1d-EWR
alt-svc
h3=":443"; ma=86400
info.js
aave.do/ 		1 KB
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aave.do/info.js
Requested by
Host: aave.do
URL: https://aave.do/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a873 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea8db7418e9d9b85d0f42fe5a332ba257ea0f70f41d22d000c6d2ad88868f0cb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aave.do/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 18:57:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Feb 2024 12:00:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1328
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xa%2F4JqtTbO8efSSeJUTCMVjCHBxNsM7k3RQnPa%2FHDE6W636IrAGhBJ8jUAwJscGUsOUj0y6eAEVnlebR%2BoosRFRYWAr1dp6JpDNuAX80jrHdld3Gy6n8ZL2A3fmgrTv%2FqF9JzQku"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
85db5fdc18d28c1d-EWR
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter:100,200,300,400,500,600,700,800,900&display=swap
Requested by
Host: aave.do
URL: https://aave.do/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aave.do/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Mar 2024 18:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Mar 2024 18:54:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Mar 2024 18:57:44 GMT
aaveLogo.svg
app.aave.com/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.aave.com/aaveLogo.svg
Requested by
Host: aave.do
URL: https://aave.do/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:3e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
957755dc5613e30463d0018f158eb50b70c2901cf1051e01bb67f9ec6b662194
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aave.do/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 18:57:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5023
content-encoding
gzip
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 23 Dec 2023 22:37:24 GMT
server
cloudflare
x-ipfs-roots
bafybeig6b2u7yjflzb2fappjr46muss54rgcbsrsm42tuoewxdi2ualopy,bafkreievo5k5yvqt4mcghuabr4ky5nilodbjahhraupado3h7hwgwzrbsq
etag
W/"bafkreievo5k5yvqt4mcghuabr4ky5nilodbjahhraupado3h7hwgwzrbsq"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4rii3hm2r0TInteZvo5m3q9Z5ku2Mva%2FjILqUhkTO5HgHNLYsWGrai7zmiBSJmqCejivZxCByyJE4gKDk1XVDnlmlN1LsoL7n9Hy0P0TjAW6kfJ4iz1PZt%2B8dnpzBDy4DcOxnsTOyEWh18%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control
max-age=1800
x-ipfs-path
/ipns/app.aave.com/aaveLogo.svg
cf-ray
85db5fdc1cc4182d-EWR
access-control-allow-headers
Content-Type, Range, User-Agent, X-Requested-With
ethereum.svg
app.aave.com/icons/networks/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.aave.com/icons/networks/ethereum.svg
Requested by
Host: aave.do
URL: https://aave.do/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:3e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bacf67cf153ed11df37509111e853b92c09e2f15ae25d3052a3b550e87ee7c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aave.do/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 18:57:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6383
content-encoding
gzip
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 23 Dec 2023 16:41:21 GMT
server
cloudflare
x-ipfs-roots
bafybeig6b2u7yjflzb2fappjr46muss54rgcbsrsm42tuoewxdi2ualopy,bafybeiaveny7myceie5q3pva4dwmfvpzzglz7jcy6i66kcc6gbxpche4ai,bafybeiabqgy5lvahzjh6efz5vactflc2lydmr4wyhzocp2bilxpsq4prrq,bafkreia3vt3hz4kt5ui56n2qsei6qu5zfqe6f4k24jotauvdwvioq7xhza
etag
W/"bafkreia3vt3hz4kt5ui56n2qsei6qu5zfqe6f4k24jotauvdwvioq7xhza"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=llhVxe%2BkdYGsW6FmbZjGkMZryaUfo9Me1bHVgpOAgxjYsc8xkyX%2FHWvJNwDDtd41%2BRZgEXhBdVdT7M6WcrZ5XL8l224nUzMW4WU4gnOViofmmVVedzxD5PuHMxZi0ijXN1TU%2B8RPxvoT%2B8w%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control
max-age=1800
x-ipfs-path
/ipns/app.aave.com/icons/networks/ethereum.svg
cf-ray
85db5fdbfc9d182d-EWR
access-control-allow-headers
Content-Type, Range, User-Agent, X-Requested-With
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:100,200,300,400,500,600,700,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://aave.do
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 06:16:15 GMT
x-content-type-options
nosniff
age
132089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Feb 2025 06:16:15 GMT
/
api.ipify.org/ 		22 B
155 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: aave.do
URL: https://aave.do/info.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba91ae2d795e612b37624d68868f1dcea5e4a3e2eadc4bf6b5df375c70ccddbb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aave.do/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 18:57:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
85db5fdc7ada4277-EWR
content-length
22
ipgeo
api.ipgeolocation.io/ 		919 B
791 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipgeolocation.io/ipgeo?apiKey=925fc5870835413391df1c1c0445b41f&ip=5.181.234.132
Requested by
Host: aave.do
URL: https://aave.do/info.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3d7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4157913b6307e40dd60b170f4384880de1018af7ae61d014ed0925a983cc7684
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aave.do/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 18:57:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
access-control-allow-origin
https://aave.do
access-control-allow-credentials
true
cf-ray
85db5fdd3a3f434f-EWR
alt-svc
h3=":443"; ma=86400
notify_telegram.php
aave.do/ 		488 B
781 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aave.do/notify_telegram.php
Requested by
Host: aave.do
URL: https://aave.do/info.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a873 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6884394de8aeb7234a7d09a22d8bad6be842b552d64b3db97f9fd3fdd2c60983

Request headers

Referer
https://aave.do/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Mar 2024 18:57:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHkWorRdp2zKpnBsOBpDe6qqUWXpIynm8kWNNNO0W%2BRu%2FeX%2FjoewBlHRt6aARPK6uJVR%2Bg%2BE0n2WHf6dVFiSU4Ug15Xyf7j8ND9HSNnEnsDuqz5R3ppH3VIlw%2BJQSfDKoBGNaJj4"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
85db5fdd8adf8c1d-EWR
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Aave (Crypto)

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| __p_2313303698 object| __p_4329511002 number| __p_5923613118 object| __p_5738362295 function| __getGlobal object| __globalObject function| __TextDecoder function| __Uint8Array undefined| __Buffer function| __String function| __Array function| utf8ArrayToStr function| __p_6687875972 string| __p_5544306532 string| __p_9977584722 object| __p_2699751753 string| __p_0491608848 object| __p_2855783333 string| __p_4995437712 string| __p_3757460393 string| __p_1988636911 string| __p_0080782699 function| __p_6893900295_flat_unnamed function| __p_2712075162_flat_unnamed function| __p_9186299648_flat_removeCaptchaAndShowContent function| __p_6648308770_flat_setCookie function| __p_7863326013_flat_getCookie function| __p_5526454299_flat_unnamed function| __p_4173168848 object| scriptsToLoad function| __p_5559975980 function| __p_1791335054 function| __p_4482555825 function| __p_4588717783 function| __p_7736591941 function| __p_7342206657

0 Cookies