ldsarq.top Open in urlscan Pro
2606:4700:3032::6815:3631  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response ldsarq.top/	683 B 1 KB	107ms 87ms	Document text/html	2606:4700:3032::6815:3631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ldsarq.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:3631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f82ecad685d2ec89be742d528243bacd5beb436d13a397faedea23c6cf8d732 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8d8abdb6be773a8a-FRA content-encoding br content-type text/html date Sat, 26 Oct 2024 13:19:58 GMT last-modified Sun, 10 Mar 2024 22:08:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TO7RNc7KIYnNtNlIIGLxtShia%2BXfOOVcpuk5PVvCfA%2FCGuQXbIvW4JtHMuD1rrHRHgPGAd2J4m78DH9shv%2B7qIFNpS7wytZlTDpoRFrqNyfZuPpbXjh8oEVu1rTA5dFlW5FwCIwzqJNQ"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=6625&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4225&recv_bytes=4471&delivery_rate=873&cwnd=12000&unsent_bytes=0&cid=6421abceedd911d9&ts=95&x=1" cfExtPri cfHdrFlush;dur=0
GET H3	200	index.css ldsarq.top/static/	94 KB 30 KB	18ms 17ms	Stylesheet text/css	2606:4700:3032::6815:3631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ldsarq.top/static/index.css Requested by Host: ldsarq.top URL: https://ldsarq.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:3631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 892ed879ebe04951f95a8c1c54c76923c7d2081e0b438449e38143bfaa5758f3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ldsarq.top/ Response headers content-encoding gzip cf-cache-status HIT etag W/"65ee2f78-17659" age 3715 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s8NpgcJ3cJq6T4pZ2WHWHCDrKITDg40e3Tma68tPu5w3Mv9uYaFoPY1DOFQfYXCgRBlmt7244gu8ZQIuuFnLKQMUYU2SVXD8b0JxX045ozNzEyTym%2FYfHUesaK2xZB0ZBSuBU541Hb04"}],"group":"cf-nel","max_age":604800} expires Sun, 27 Oct 2024 00:18:03 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6615&sent=17&recv=15&lost=0&retrans=0&sent_bytes=5333&recv_bytes=5406&delivery_rate=165445&cwnd=12000&unsent_bytes=0&cid=6421abceedd911d9&ts=118&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 26 Oct 2024 13:19:58 GMT content-type text/css last-modified Sun, 10 Mar 2024 22:08:56 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d8abdb74eef3a8a-FRA server cloudflare
GET H3	200	chunk-vendors.3bbef372.js Show response ldsarq.top/static/js/	2 MB 609 KB	26ms 25ms	Script application/javascript	2606:4700:3032::6815:3631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ldsarq.top/static/js/chunk-vendors.3bbef372.js Requested by Host: ldsarq.top URL: https://ldsarq.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:3631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4861b47b1aa781633c53d7d8a674d0be1fb8e3e79876d75d9a8571b407416a14 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ldsarq.top/ Response headers content-encoding gzip cf-cache-status HIT etag "65ee2f40-97f85" age 3715 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D1OufjpKjb30WE9VIFgsMJnGP1NKdjckEXQF3AMUv1%2FbFYjFLjytk2nwhl1z18gaOUqc8aSLsApMjgYJteEXp5a5YukMDuYL1rwmAZH7yTUZlXwPrEmnudZqCVLbxCl2lPF5yvbWgDBn"}],"group":"cf-nel","max_age":604800} expires Sun, 27 Oct 2024 00:18:03 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6615&sent=27&recv=15&lost=0&retrans=0&sent_bytes=17333&recv_bytes=5406&delivery_rate=165445&cwnd=12000&unsent_bytes=0&cid=6421abceedd911d9&ts=123&x=1", cfExtPri, cfHdrFlush;dur=2 date Sat, 26 Oct 2024 13:19:58 GMT content-type application/javascript last-modified Sun, 10 Mar 2024 22:08:00 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d8abdb74ef23a8a-FRA accept-ranges bytes content-length 622469 server cloudflare
GET H3	200	index.58471fff.js Show response ldsarq.top/static/js/	113 KB 46 KB	59ms 59ms	Script application/javascript	2606:4700:3032::6815:3631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ldsarq.top/static/js/index.58471fff.js Requested by Host: ldsarq.top URL: https://ldsarq.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:3631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3b6334f93f6b6aa9141b998f59db7f23b163a15a913a6813311914dd18a0349 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ldsarq.top/ Response headers content-encoding gzip cf-cache-status HIT etag "65ee2f40-b646" age 3715 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VZ8P0Jr5X33bG6q3BrvIZcAoBIhqV8Zy%2FmfV8YSjNh9fvrcwyOEQj6qUV7GamQMpUtKOFKXMBHSNFcOkLsNuJr%2FEGTkyL6tWoSttELwtd5MMkEZdDkM6OAO1sSu9NJLPB5atrKclD08c"}],"group":"cf-nel","max_age":604800} expires Sun, 27 Oct 2024 00:18:03 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6615&sent=27&recv=15&lost=0&retrans=0&sent_bytes=17333&recv_bytes=5406&delivery_rate=165445&cwnd=12000&unsent_bytes=0&cid=6421abceedd911d9&ts=119&x=1", cfExtPri, cfHdrFlush;dur=6 date Sat, 26 Oct 2024 13:19:58 GMT content-type application/javascript last-modified Sun, 10 Mar 2024 22:08:00 GMT vary Accept-Encoding priority u=1,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d8abdb74ef43a8a-FRA accept-ranges bytes content-length 46662 server cloudflare
GET H3	200	pages-index-index~pages-index-preview.d16fbb46.js Show response ldsarq.top/static/js/	102 KB 19 KB	22ms 21ms	Script application/javascript	2606:4700:3032::6815:3631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ldsarq.top/static/js/pages-index-index~pages-index-preview.d16fbb46.js Requested by Host: ldsarq.top URL: https://ldsarq.top/static/js/index.58471fff.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:3631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2e77c9a6e093db73e48d09207aca0cc0d120e580e678dce8e0a4fbbf972728a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ldsarq.top/ Response headers content-encoding gzip cf-cache-status HIT etag "65ee2f40-48ee" age 3269 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7CZg%2BuN%2BmVTpE7PNOtp44wiCRCcgPqMd2yZeHLuVfGoj%2BLUlXNql8YFGzSpshP0hNizY%2Bl7hSCxnxgYvAvnfGaPgmoEa0tZSlAr1o5alhiHKZgpkFJ4%2Bkf116rPVN6qmDURZEQvDr0u9"}],"group":"cf-nel","max_age":604800} expires Sun, 27 Oct 2024 00:25:29 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8702&sent=632&recv=115&lost=0&retrans=0&sent_bytes=734075&recv_bytes=10605&delivery_rate=21898052&cwnd=354000&unsent_bytes=0&cid=6421abceedd911d9&ts=370&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 26 Oct 2024 13:19:58 GMT content-type application/javascript last-modified Sun, 10 Mar 2024 22:08:00 GMT vary Accept-Encoding priority u=3,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d8abdb8d8e63a8a-FRA accept-ranges bytes content-length 18670 server cloudflare
GET H3	200	pages-index-index.206790ff.js Show response ldsarq.top/static/js/	82 KB 20 KB	20ms 19ms	Script application/javascript	2606:4700:3032::6815:3631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ldsarq.top/static/js/pages-index-index.206790ff.js Requested by Host: ldsarq.top URL: https://ldsarq.top/static/js/index.58471fff.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:3631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9172a948b4b92d14d9c386189f0cc853f26e2e27f4e21720819dcf023753b415 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ldsarq.top/ Response headers content-encoding gzip cf-cache-status HIT etag "65ee2f40-4ef9" age 3269 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W4p6gcss3G5femBfLaK%2B3xDhPf3JzDgv7jU0hIPWhuWLcw86%2Fv9kofOiq82va%2FEDbJmLYhj%2BfW%2BQUoeqGSkagirUfr8QYcGS2icXzlv8nLNAC2hOW4zOctoByvOvvhn6VYe1eChQt%2BI3"}],"group":"cf-nel","max_age":604800} expires Sun, 27 Oct 2024 00:25:29 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8702&sent=622&recv=114&lost=0&retrans=0&sent_bytes=722075&recv_bytes=10296&delivery_rate=21898052&cwnd=354000&unsent_bytes=0&cid=6421abceedd911d9&ts=369&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 26 Oct 2024 13:19:58 GMT content-type application/javascript last-modified Sun, 10 Mar 2024 22:08:00 GMT vary Accept-Encoding priority u=3,i=?0 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d8abdb8d8e93a8a-FRA accept-ranges bytes content-length 20217 server cloudflare
POST H3	200	rate Show response ldsarq.top/api/common/	108 B 907 B	412ms 411ms	XHR application/json	2606:4700:3032::6815:3631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ldsarq.top/api/common/rate Requested by Host: ldsarq.top URL: https://ldsarq.top/static/js/chunk-vendors.3bbef372.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:3631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b41d5a4750729d950e50feaeeb48f13f9d5e6ffde7d3a45e29483fed87a64998 Request headers lang en Referer https://ldsarq.top/ Accept-Language en User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded token Response headers access-control-max-age 86400 access-control-expose-headers __token__ content-encoding br cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tQ7t2JJvW1%2FvynfMhowZUzFgJGjnaOZKv7nTRrMuosixB3pZjrUpnquklLMTDyLyxJzbNQp6rY53zR81woAKMLznfv1cxc2e9MxMfI3B1gieLAZtI5IYUuX2arOdkjliLXq4mt9TIfQwOSkgVtnn"}],"group":"cf-nel","max_age":604800} server-timing cfL4;desc="?proto=TCP&rtt=43874&sent=3&recv=6&lost=0&retrans=0&sent_bytes=139&recv_bytes=1314&delivery_rate=32963&cwnd=36&unsent_bytes=0&cid=bafac7c4046e7705&ts=270&x=0", cfL4;desc="?proto=QUIC&rtt=7392&sent=684&recv=125&lost=0&retrans=0&sent_bytes=792957&recv_bytes=11639&delivery_rate=29371&cwnd=354000&unsent_bytes=0&cid=6421abceedd911d9&ts=773&x=1", cfExtPri, cfHdrFlush;dur=0 alt-svc h3=":443"; ma=86400 date Sat, 26 Oct 2024 13:19:59 GMT content-type application/json; charset=utf-8 vary accept-encoding priority u=1,i nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8d8abdb8e8f53a8a-FRA access-control-allow-origin https://ldsarq.top server cloudflare
GET H3	200	re1.jpeg ldsarq.top/static/img/	37 KB 27 KB	33ms 32ms	Image image/jpeg	2606:4700:3032::6815:3631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ldsarq.top/static/img/re1.jpeg Requested by Host: ldsarq.top URL: https://ldsarq.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:3631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e61ba5d4c9fb12d461a8109d17ef9e13b5c66c19fbf92fbdb62c8e0e17e9bff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ldsarq.top/ Response headers content-encoding gzip cf-cache-status HIT etag W/"65ee2f40-93a8" age 3269 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wlz916%2FqpBTNpNvmurgPZODItaqLeN6Wmtjj%2FyrWwFmWKaytPjClOUFn43Jiwiv4dLTXaXpBMGJUeAeVNE46zodnNI%2FEcg1s8PsMd4W%2BLhSkURE5M%2FQYE5HefyPiqcaioXxwcpqiNnTo"}],"group":"cf-nel","max_age":604800} expires Mon, 25 Nov 2024 12:25:29 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7986&sent=658&recv=120&lost=0&retrans=0&sent_bytes=763248&recv_bytes=11116&delivery_rate=2519992&cwnd=354000&unsent_bytes=0&cid=6421abceedd911d9&ts=464&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 26 Oct 2024 13:19:58 GMT content-type image/jpeg last-modified Sun, 10 Mar 2024 22:08:00 GMT vary Accept-Encoding priority u=3,i cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d8abdb959563a8a-FRA server cloudflare
GET H3	200	favicon.svg ldsarq.top/static/img/	556 B 968 B	34ms 33ms	Other image/svg+xml	2606:4700:3032::6815:3631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ldsarq.top/static/img/favicon.svg Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:3631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e5941f066b2070419995072dac7323c02d5ae107b23d8085772f232487fecae Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ldsarq.top/ Response headers content-encoding br cf-cache-status HIT etag W/"65ee2f40-22c" age 3716 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qL4O7pT0kZApJcgjd41JcgTZ32RPNdpaNEkeIISwGR2%2FydejHqr8nS8jsNH756DjL1%2Faz%2BevSQ4jl68GcTIKtOIOZ4YRzO7Lgo0JvhNabsSNmsazuHk5fPqdOsWJ5bdSkhppml4Sysa7"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7516&sent=683&recv=124&lost=0&retrans=0&sent_bytes=791966&recv_bytes=11594&delivery_rate=960831&cwnd=354000&unsent_bytes=0&cid=6421abceedd911d9&ts=502&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 26 Oct 2024 13:19:58 GMT content-type image/svg+xml last-modified Sun, 10 Mar 2024 22:08:00 GMT vary Accept-Encoding priority u=1,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d8abdb999853a8a-FRA server cloudflare

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonp object| __uniConfig object| __uniRoutes function| UniApp object| UniViewJSBridge object| UniServiceJSBridge object| uni object| wx function| getApp function| getCurrentPages function| clearImmediate function| setImmediate object| regeneratorRuntime

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ldsarq.top
2606:4700:3032::6815:3631
4861b47b1aa781633c53d7d8a674d0be1fb8e3e79876d75d9a8571b407416a14
7e5941f066b2070419995072dac7323c02d5ae107b23d8085772f232487fecae
7f82ecad685d2ec89be742d528243bacd5beb436d13a397faedea23c6cf8d732
892ed879ebe04951f95a8c1c54c76923c7d2081e0b438449e38143bfaa5758f3
8e61ba5d4c9fb12d461a8109d17ef9e13b5c66c19fbf92fbdb62c8e0e17e9bff
9172a948b4b92d14d9c386189f0cc853f26e2e27f4e21720819dcf023753b415
a2e77c9a6e093db73e48d09207aca0cc0d120e580e678dce8e0a4fbbf972728a
b41d5a4750729d950e50feaeeb48f13f9d5e6ffde7d3a45e29483fed87a64998
c3b6334f93f6b6aa9141b998f59db7f23b163a15a913a6813311914dd18a0349