xolqw.top Open in urlscan Pro
2606:4700:3030::ac43:b7c2  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response xolqw.top/	683 B 842 B	144ms 107ms	Document text/html	2606:4700:3030::ac43:b7c2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xolqw.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:b7c2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5a77a6acf59098428a51ce48845a88a57eab599749835b6e86ca1e9f2994bf5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8b58eb9afca80e48-AMS content-encoding br content-type text/html date Mon, 19 Aug 2024 08:54:41 GMT last-modified Thu, 21 Dec 2023 02:33:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LxB6kBGcfUW%2B%2BnVqsY9jw5qODUr9t8UsJrwrDL%2BxL4LKhu3ZnP1H2OTukyVI4gqzrdpnxyrPYP0ldBMKPPr%2BhgolADF%2BSoCaxbMEwhE558xSMgAwTJXjG6T337Yz%2FKXtzdut39XiMWE%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	index.css xolqw.top/static/	94 KB 29 KB	27ms 27ms	Stylesheet text/css	2606:4700:3030::ac43:b7c2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xolqw.top/static/index.css Requested by Host: xolqw.top URL: https://xolqw.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:b7c2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce38967e172ad16512f190c8840724b35d521e5d54c027ec74c16c0291fdbf94 Request headers Referer https://xolqw.top/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 19 Aug 2024 08:54:41 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 21 Dec 2023 02:33:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1137 etag W/"6583a406-1779c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Y1ZsHtVUZJq4g34LDIZudEEHgECVklBtrfyZK3Z2Pi06kUGTKaKxQkctNfvDEq%2Fv0EK7V%2BJrTmso4NbmrRyQxBLZg6PM3Pqvru%2FLfvzFdAl8Wyb8BhZvoeUf56ckHZ7MHB%2BKerDDxY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 8b58eb9bad6a0e48-AMS alt-svc h3=":443"; ma=86400 expires Mon, 19 Aug 2024 20:35:44 GMT
GET H3	200	chunk-vendors.5a30e4b0.js Show response xolqw.top/static/js/	2 MB 594 KB	36ms 36ms	Script application/javascript	2606:4700:3030::ac43:b7c2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xolqw.top/static/js/chunk-vendors.5a30e4b0.js Requested by Host: xolqw.top URL: https://xolqw.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:b7c2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ef8c6346700019f8e5cac940dc38a3db29e44e31101f159118969e4cd40e7ac Request headers Referer https://xolqw.top/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 19 Aug 2024 08:54:41 GMT content-encoding gzip cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 18169 alt-svc h3=":443"; ma=86400 content-length 607136 last-modified Thu, 21 Dec 2023 02:33:30 GMT server cloudflare etag "6583a3fa-943a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uWK0IgNN4NkfZbU%2B7LsmKx1%2BGqIBKSmcbRXDrflQrNSF5tkmLwXdlZV1pAQ0qoGy31LJadeoW8S5MfEIVRqBX33XOOjbxdXgMbs4T0g6VNdkHkB3Ea2WTSps%2FOgyTe2f8Dk7iiLitZs%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 accept-ranges bytes cf-ray 8b58eb9bad6c0e48-AMS expires Mon, 19 Aug 2024 15:51:52 GMT
GET H3	200	index.7d08fcb4.js Show response xolqw.top/static/js/	113 KB 46 KB	105ms 104ms	Script application/javascript	2606:4700:3030::ac43:b7c2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xolqw.top/static/js/index.7d08fcb4.js Requested by Host: xolqw.top URL: https://xolqw.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:b7c2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4defbdcb90a8e44656678c06a9834157d0f061b6f2b4449406d1d6b73360d679 Request headers Referer https://xolqw.top/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 19 Aug 2024 08:54:41 GMT content-encoding gzip cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 18169 alt-svc h3=":443"; ma=86400 content-length 46488 last-modified Thu, 21 Dec 2023 02:33:30 GMT server cloudflare etag "6583a3fa-b598" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sx%2BBbovrsaDTzEurTB1OVBriff2uyXxkeie8kLNH41OGyAhdYFjLGjK9dEtfI36dFHPfbuJYL65luioSfeLK6Y4YGMZ3A%2B1MIyCR7evK7lVaQrC0zOFiNSnjXmg0egI52sWkb4oVa%2Fs%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 accept-ranges bytes cf-ray 8b58eb9bad700e48-AMS expires Mon, 19 Aug 2024 15:51:52 GMT
GET H3	200	pages-index-index~pages-index-preview.d16fbb46.js Show response xolqw.top/static/js/	102 KB 19 KB	27ms 26ms	Script application/javascript	2606:4700:3030::ac43:b7c2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xolqw.top/static/js/pages-index-index~pages-index-preview.d16fbb46.js Requested by Host: xolqw.top URL: https://xolqw.top/static/js/index.7d08fcb4.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:b7c2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2e77c9a6e093db73e48d09207aca0cc0d120e580e678dce8e0a4fbbf972728a Request headers Referer https://xolqw.top/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 19 Aug 2024 08:54:41 GMT content-encoding gzip cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 18166 alt-svc h3=":443"; ma=86400 content-length 18670 last-modified Thu, 21 Dec 2023 02:33:30 GMT server cloudflare etag "6583a3fa-48ee" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gAn0ZKeUkD4p46wxiO%2FxSa1DBn2vicqN0ryC4jpkfEMj81m5d2owzBCg2UorgVP0W1aQfr2DsFK6PrUgGAIY3DwbLNVuKumibM%2FidQLw6Q4pVPwA%2BAPZ9K8rvWQf9KeRbgh2XFmfIK4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 accept-ranges bytes cf-ray 8b58eb9df8310e48-AMS expires Mon, 19 Aug 2024 15:51:55 GMT
GET H3	200	pages-index-index.055d2579.js Show response xolqw.top/static/js/	49 KB 11 KB	26ms 26ms	Script application/javascript	2606:4700:3030::ac43:b7c2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xolqw.top/static/js/pages-index-index.055d2579.js Requested by Host: xolqw.top URL: https://xolqw.top/static/js/index.7d08fcb4.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:b7c2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4028eb1eaa65d2df96827a139b34152fc66ca7dfd76f51fd670fc2fa06b709c3 Request headers Referer https://xolqw.top/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 19 Aug 2024 08:54:41 GMT content-encoding gzip cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 18166 alt-svc h3=":443"; ma=86400 content-length 10581 last-modified Thu, 21 Dec 2023 02:33:30 GMT server cloudflare etag "6583a3fa-2955" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pmDKqkSm0n2biJlu28zVk3BiCIH8S2WNhcZshNEuACoIDBnK5RnVBCJQXMyp4x8xJLN2A8Tx77%2BL5zWZBRgW8Vo8QSAeJ9QjrDTzxKxusJeCHUGZ2zpGES3vHlPErlhavQ9orQEJeNs%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 accept-ranges bytes cf-ray 8b58eb9df8320e48-AMS expires Mon, 19 Aug 2024 15:51:55 GMT
POST H3	200	rate Show response xolqw.top/api/common/	109 B 560 B	137ms 135ms	XHR application/json	2606:4700:3030::ac43:b7c2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xolqw.top/api/common/rate Requested by Host: xolqw.top URL: https://xolqw.top/static/js/chunk-vendors.5a30e4b0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:b7c2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 542740560e1435cc14e79e85dca532a5b7a8a4281c4a9085622e47ba9fc11b42 Request headers lang en Referer https://xolqw.top/ Accept-Language en User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 token Content-Type application/x-www-form-urlencoded Response headers date Mon, 19 Aug 2024 08:54:41 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare access-control-max-age 86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hMuh1KjwmuiqXSlDsoDNQ6jsa%2B1DmIPrKYhwM4i1ESw%2BhLIp%2BddRQgMpGyMys0L%2FGRoQV%2F1Hwht9UL5EuwtlInm1S976ZCzRoJIu3RUOxLLkFSbP4tjh2fAuiFq36u42qeif8QTiOR%2BFMRLEGR4%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://xolqw.top access-control-allow-credentials true cf-ray 8b58eb9e28590e48-AMS alt-svc h3=":443"; ma=86400
GET H3	200	re1.jpeg xolqw.top/static/img/	37 KB 27 KB	29ms 27ms	Image image/jpeg	2606:4700:3030::ac43:b7c2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xolqw.top/static/img/re1.jpeg Requested by Host: xolqw.top URL: https://xolqw.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:b7c2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e61ba5d4c9fb12d461a8109d17ef9e13b5c66c19fbf92fbdb62c8e0e17e9bff Request headers Referer https://xolqw.top/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 19 Aug 2024 08:54:41 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 21 Dec 2023 02:33:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1031 etag W/"6583a3fa-93a8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1RVvfFm7UnWwAajZZPKzMWKnmYiClIo%2Bcni5wuIEwTfIENS212NEaRCH98oZkLQ2ZyF7%2FN0P3SlthyDoZ7%2BvW58qBLmT2HwiudOzQ78qU2oye7fYojdWdXxSR7DZDFvByDOgXM%2BwFCA%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 cf-ray 8b58eb9eb8fd0e48-AMS alt-svc h3=":443"; ma=86400 expires Wed, 18 Sep 2024 08:37:30 GMT
GET H3	200	favicon.svg xolqw.top/static/img/	556 B 767 B	109ms 108ms	Other image/svg+xml	2606:4700:3030::ac43:b7c2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xolqw.top/static/img/favicon.svg Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:b7c2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e5941f066b2070419995072dac7323c02d5ae107b23d8085772f232487fecae Request headers Referer https://xolqw.top/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 19 Aug 2024 08:54:41 GMT content-encoding br cf-cache-status MISS last-modified Thu, 21 Dec 2023 02:33:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6583a3fa-22c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zEqm%2BygkJFwFcBX6whvWT3DjJ2SyE4ox6C8vEITSmSQFZONQ4txfY41zYv2Jt2FKLAvMgQOnPaevMu0jJ6ifV09jWRKQ89c%2BxMMM3B3Kt%2FRx3QZ%2B6pO5%2FF%2B4QI2o21kfI0HKhjPheAI%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 8b58eb9ef94a0e48-AMS alt-svc h3=":443"; ma=86400
GET H3	404	shadow-grey.png xolqw.top/img/	548 B 548 B	114ms 113ms	Image text/html	2606:4700:3030::ac43:b7c2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xolqw.top/img/shadow-grey.png Requested by Host: xolqw.top URL: https://xolqw.top/static/index.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:b7c2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090 Request headers Referer https://xolqw.top/static/index.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Mon, 19 Aug 2024 08:54:44 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g2mmV4jLm4RZ7A0f4A9mtFW81wtkHS4N5cj0yjgbu697bSlE8HGB8X%2FRq%2FdWIOZoswfcg6M%2FYj%2B44q%2BOZQnZieBGWMudfcBVZRnNhxtdOdN1Q107iEm4As3rG6ELY3kfxknoLEtRgW0%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 8b58ebaecb710e48-AMS alt-svc h3=":443"; ma=86400

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonp object| __uniConfig object| __uniRoutes function| UniApp object| UniViewJSBridge object| UniServiceJSBridge object| uni object| wx function| getApp function| getCurrentPages function| clearImmediate function| setImmediate object| regeneratorRuntime

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://xolqw.top/img/shadow-grey.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

xolqw.top
2606:4700:3030::ac43:b7c2
3ef8c6346700019f8e5cac940dc38a3db29e44e31101f159118969e4cd40e7ac
4028eb1eaa65d2df96827a139b34152fc66ca7dfd76f51fd670fc2fa06b709c3
4defbdcb90a8e44656678c06a9834157d0f061b6f2b4449406d1d6b73360d679
542740560e1435cc14e79e85dca532a5b7a8a4281c4a9085622e47ba9fc11b42
7e5941f066b2070419995072dac7323c02d5ae107b23d8085772f232487fecae
8e61ba5d4c9fb12d461a8109d17ef9e13b5c66c19fbf92fbdb62c8e0e17e9bff
a2e77c9a6e093db73e48d09207aca0cc0d120e580e678dce8e0a4fbbf972728a
ce38967e172ad16512f190c8840724b35d521e5d54c027ec74c16c0291fdbf94
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
f5a77a6acf59098428a51ce48845a88a57eab599749835b6e86ca1e9f2994bf5