# aster-dex.online — MALICIOUS

> Warning: aster-dex.online is flagged for phishing activity. Avoid interacting with this domain to protect your personal data and credentials.

## Summary
PhishDestroy has identified the domain aster-dex.online as a medium-risk generic phishing site. The site masqueraded as "Aster - The next-gen perp DEX for all traders," likely targeting users interested in decentralized trading platforms. Due to its phishing classification, the domain poses a risk of credential theft or fraud through deceptive content and impersonation tactics.

Technical analysis reveals that aster-dex.online was registered on September 22, 2025, through the registrar REGRU-RU and resolved to IP address 188.114.96.3. This domain appears in three distinct security blocklists and was mentioned in one AlienVault OTX threat intelligence pulse, underscoring its malicious activity. VirusTotal scans indicate that 8 out of 95 security vendors flagged this domain, supporting its phishing reputation. The domain’s page title was identified as "Aster - The next-gen perp DEX for all traders," consistent with attempts to lure users into fake decentralized exchange services.

Currently, the domain is offline, which reduces immediate risk, but the historical data and blocklist presence warrant continued caution. PhishDestroy recommends users and organizations maintain awareness of this domain’s status and avoid any interaction with it to prevent potential compromise. Security teams should keep it blacklisted and monitor for any future resurfacing attempts given the evolving tactics in phishing campaigns.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP 403)
- Page title: Aster - The next-gen perp DEX for all traders

## Domain Intelligence
- Registered: 2025-09-22 20:52:30
- Expires: 2026-09-22 23:59:59
- Registrar: REGRU-RU
- Country: RU
- IP: 188.114.96.3
- IP Country: US
- IP City: San Francisco
- IP Org: AS13335 Cloudflare, Inc.
- Nameservers: amit.ns.cloudflare.com kimora.ns.cloudflare.com
- SSL Issuer: none

## Detection Status
- VirusTotal: 8 vendors flagged
  Vendors: ["alphaMountain.ai", "CRDF", "CyRadar", "Forcepoint ThreatSeeker", "Fortinet", "Gridinsoft", "SOCRadar", "Webroot"]
- Google Safe Browsing: clean
- Blocklists: 3 hits
  Lists: ["PhishDestroy", "MetaMask", "SEAL"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/0199904c-57da-7099-b95c-aac30e6b1ed1.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/acdbbff6-cdb7-476c-85aa-42fecb9f5ede
- PhishDestroy: https://phishdestroy.io/domain/aster-dex.online/
- LLM endpoint: https://phishdestroy.io/domain/aster-dex.online/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/aster-dex.online/
Last updated: 2026-03-19