poolwi.top Open in urlscan Pro
2606:4700:3035::6815:5856  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response poolwi.top/	789 B 878 B	708ms 545ms	Document text/html	2606:4700:3035::6815:5856 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://poolwi.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5856 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a9f1cf4f72bfab16e587bb79c47c95344505c828166ce3a7e9583b6c7fd9f04 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cf-cache-status DYNAMIC cf-ray 8c991d3abc39bbb5-FRA content-encoding br content-type text/html date Fri, 27 Sep 2024 05:32:37 GMT last-modified Thu, 22 Aug 2024 14:36:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2BCeJf5zw5WXbL3JcMa87hLveZ4Krb0K2AfzhgGy%2F0%2FyvaHdDVh3Rs69J4u7XEyfGPpHXmwHo28jec3DEjLBzIVg0nyft425%2F5HDGQeK3uF8sdsgrk%2Bm6SOlkv9OtBMO0VeHmuHO5PpB"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation"
GET H2	200	speculation poolwi.top/cdn-cgi/	128 B 485 B	27ms 26ms	Other application/speculationrules+json	2606:4700:3035::6815:5856 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://poolwi.top/cdn-cgi/speculation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5856 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://poolwi.top Referer https://poolwi.top/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HzSV0pYfrpksYKxGdxVn1xFGnwL%2Ba6GSUZsODWyd7S3xTSYucuycqhdMvtl1ORQ2Y8l2tE0IRVeXFYJEmmyvUFoGHRfGfdoC%2Bmees8%2Bl0LbCzBr4sEZWR%2FH3hDpxQE%2FrEXPpErRrTN7k"}],"group":"cf-nel","max_age":604800} cf-ray 8c991d3e2edabbb5-FRA access-control-allow-origin https://poolwi.top alt-svc h3=":443"; ma=86400 content-length 128 date Fri, 27 Sep 2024 05:32:37 GMT content-type application/speculationrules+json vary Origin, Accept-Encoding server cloudflare
GET H2	200	index.2da1efab.css poolwi.top/static/	94 KB 29 KB	823ms 822ms	Stylesheet text/css	2606:4700:3035::6815:5856 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://poolwi.top/static/index.2da1efab.css Requested by Host: poolwi.top URL: https://poolwi.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5856 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e97de9a247807f12d74101e9f736250b2410be4e1ed3d17ed875e4b08cf66c83 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://poolwi.top/ Response headers cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"66c74ce6-178f9" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nHhKSNTRF6M%2B53B7LfAYWDLClQvcL0KR%2BiXWn6s8FfEkwsdwDGCmrR61scfU7alO9e4Yr50qtnx6kpLGk4x%2F9Ib4%2FFNPeIgu2rXdSDZf60KZWMOE5%2BCK0cO4Bxur4w4N3PPOjZV%2BrEwu"}],"group":"cf-nel","max_age":604800} cf-ray 8c991d3e2edebbb5-FRA expires Fri, 27 Sep 2024 17:32:37 GMT date Fri, 27 Sep 2024 05:32:38 GMT content-type text/css last-modified Thu, 22 Aug 2024 14:36:22 GMT vary Accept-Encoding server cloudflare
GET H2	200	chunk-vendors.1fa12096.js Show response poolwi.top/static/js/	1 MB 483 KB	831ms 831ms	Script application/javascript	2606:4700:3035::6815:5856 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://poolwi.top/static/js/chunk-vendors.1fa12096.js Requested by Host: poolwi.top URL: https://poolwi.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5856 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash abe03d82acb87ac15222d74e3766e394bb2109b13a02020bcfd5812a3e1213be Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://poolwi.top/ Response headers cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"66c74d54-1626af" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J1wcTsQzJmcyFKv3tnc%2FV40QUoVsTg2nQxjGZdIxkP7Ui8g3rn7ZrDOMY9i4p0LfFf4KooSF6s3drUGgOmmFSPSzEtTPAy76mvOuAwfv1p5VsUPURUzoYoFNxf%2FgmNWUd5etCXlzTvSC"}],"group":"cf-nel","max_age":604800} cf-ray 8c991d3e2ee0bbb5-FRA expires Fri, 27 Sep 2024 17:32:37 GMT date Fri, 27 Sep 2024 05:32:38 GMT content-type application/javascript last-modified Thu, 22 Aug 2024 14:38:12 GMT vary Accept-Encoding server cloudflare
GET H2	200	index.bb47d372.js Show response poolwi.top/static/js/	260 KB 78 KB	809ms 809ms	Script application/javascript	2606:4700:3035::6815:5856 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://poolwi.top/static/js/index.bb47d372.js Requested by Host: poolwi.top URL: https://poolwi.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5856 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5955f688bba46c1c743e8310e2095e41ac5d5c428d0885afb49207a17d8fbbc6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://poolwi.top/ Response headers cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"66c74d56-40e1f" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZkAI1zuMlu9LuYRQDw8A9pFfv3WaKjPcWDsZtVjJi1q7KrewbXSZFnX%2FGfyRFYSY6Lbq94z5ieNOk27txP4PEbK%2F9YP8w0KHAHZ5zi%2B8e5kdqbH4CqI6UUyy9oLnVskIuULsArSGPQX4"}],"group":"cf-nel","max_age":604800} cf-ray 8c991d3e2ee1bbb5-FRA expires Fri, 27 Sep 2024 17:32:37 GMT alt-svc h3=":443"; ma=86400 date Fri, 27 Sep 2024 05:32:38 GMT content-type application/javascript last-modified Thu, 22 Aug 2024 14:38:14 GMT vary Accept-Encoding server cloudflare
GET H2	200	pages-index-login.16689ce4.js Show response poolwi.top/static/js/	9 KB 4 KB	572ms 572ms	Script application/javascript	2606:4700:3035::6815:5856 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://poolwi.top/static/js/pages-index-login.16689ce4.js Requested by Host: poolwi.top URL: https://poolwi.top/static/js/index.bb47d372.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5856 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b33246d569bb44346584e7bfdeb6b076a8aa57b4af6b9cd070301f08a398a3a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://poolwi.top/ Response headers cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"66c74d6a-23f9" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZAk%2BXrsvTBnEkWW2zYdN6NcFF3Lhr7ZFvuRl3qg1whVOeiAJHi%2BdoOZn9Eu7X3JSqZZflz6CFTWRo630rxHGa8a%2BcmlTKUb6y%2FMneVa5epefHvHshNaftuNHkoCfxBkswXK%2FvjgLfYg"}],"group":"cf-nel","max_age":604800} cf-ray 8c991d4a88b0bbb5-FRA expires Fri, 27 Sep 2024 17:32:39 GMT date Fri, 27 Sep 2024 05:32:39 GMT content-type application/javascript last-modified Thu, 22 Aug 2024 14:38:34 GMT vary Accept-Encoding server cloudflare
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H3	200	no_connect.99b7dfe9.99b7dfe9.png poolwi.top/assets/	78 KB 79 KB	1054ms 1053ms	Image image/png	2606:4700:3035::6815:5856 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://poolwi.top/assets/no_connect.99b7dfe9.99b7dfe9.png Requested by Host: poolwi.top URL: https://poolwi.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5856 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b1573fd00988108053ce261c28e18c73bcb1d371cc1c390c78c268671bf4a3a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://poolwi.top/ Response headers cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "66c74ce6-139e1" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pDZt9s7qIBUr3qAYbLwSCOMNAyAlkw11PazHqXBdZeVcb0d%2F1XAjb%2BHClix9Et93ZgF7J4IRoa4SbHM57Xv7VdAhRTiMO0CYJVrw1G%2FTqQFn7AxcD4VakcLHdYtOCPDs5G2mEmIgcCk3"}],"group":"cf-nel","max_age":604800} cf-ray 8c991d4e2c481e4b-FRA expires Sun, 27 Oct 2024 05:32:40 GMT accept-ranges bytes content-length 80353 date Fri, 27 Sep 2024 05:32:41 GMT content-type image/png last-modified Thu, 22 Aug 2024 14:36:22 GMT vary Accept-Encoding server cloudflare
GET H3	404	favicon.ico poolwi.top/	548 B 596 B	546ms 546ms	Other text/html	2606:4700:3035::6815:5856 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://poolwi.top/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5856 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://poolwi.top/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS speculation-rules "/cdn-cgi/speculation" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gGLESvkvHnoa2wvmr46CT3t4gdZ4bDyTqzMDvIBJPgQgX4D6b%2BYrExxKEvJgwCkf76QIb96H8iXEP%2Bug0dK%2FKQjRgCameX%2BH7sbMwzKW01tsBrekPpabDOF%2BQT%2FtLRVYCmMUOiQOV5%2Br"}],"group":"cf-nel","max_age":604800} cf-ray 8c991d552a061e4b-FRA alt-svc h3=":443"; ma=86400 date Fri, 27 Sep 2024 05:32:41 GMT content-type text/html vary Accept-Encoding server cloudflare
GET H/1.1	200 OK	shadow-grey.png cdn.dcloud.net.cn/img/	136 B 579 B	1097ms 321ms	Image image/png	2408:4005:30a:4302:6218:d8d9:db29:5de0 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.dcloud.net.cn/img/shadow-grey.png Requested by Host: poolwi.top URL: https://poolwi.top/static/index.2da1efab.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2408:4005:30a:4302:6218:d8d9:db29:5de0 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://poolwi.top/ Response headers Cache-Control max-age=7200 ETag "5cf8b5bf-88" Connection close Expires Fri, 27 Sep 2024 07:32:42 GMT Accept-Ranges bytes Content-Length 136 Date Fri, 27 Sep 2024 05:32:42 GMT Content-Type image/png Last-Modified Thu, 06 Jun 2019 06:42:07 GMT Server nginx

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| coverSupport function| a1_0x51a6 function| a1_0x2d40f7 function| a1_0x54bb object| webpackJsonp function| a2_0x1917 function| a2_0x558c object| __uniConfig object| __uniRoutes function| UniApp object| UniViewJSBridge object| UniServiceJSBridge object| uni object| wx function| getApp function| getCurrentPages function| ClipboardJS function| a18_0x2421 function| a18_0x412f function| a18_0x301897

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dcloud.net.cn/	1970-01-21 09:26:15	Name: __uni__uid Value: 2yld4Gb2Q3pkRVHi8HEdAg==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://poolwi.top/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.dcloud.net.cn
poolwi.top
2408:4005:30a:4302:6218:d8d9:db29:5de0
2606:4700:3035::6815:5856
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1a9f1cf4f72bfab16e587bb79c47c95344505c828166ce3a7e9583b6c7fd9f04
5955f688bba46c1c743e8310e2095e41ac5d5c428d0885afb49207a17d8fbbc6
5b1573fd00988108053ce261c28e18c73bcb1d371cc1c390c78c268671bf4a3a
6b33246d569bb44346584e7bfdeb6b076a8aa57b4af6b9cd070301f08a398a3a
abe03d82acb87ac15222d74e3766e394bb2109b13a02020bcfd5812a3e1213be
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e97de9a247807f12d74101e9f736250b2410be4e1ed3d17ed875e4b08cf66c83