qaxhs.top Open in urlscan Pro
2606:4700:3035::ac43:c8cb  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response qaxhs.top/	683 B 803 B	909ms 613ms	Document text/html	2606:4700:3035::ac43:c8cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qaxhs.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:c8cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f82ecad685d2ec89be742d528243bacd5beb436d13a397faedea23c6cf8d732 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cf-cache-status DYNAMIC cf-ray 8c87d4c63c71f587-NRT content-encoding br content-type text/html date Wed, 25 Sep 2024 03:12:11 GMT last-modified Sun, 10 Mar 2024 22:08:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xI59Hr2YCSiPf2MErDL6vsJFlYucOSg9D%2FBYn7hKtMDDvo6Rcrmw83NKnGCLREP%2Bjc8TTxVk6voBA0zGDlTbuNAf%2BS2aLtthz26CEZ7NGECb1Gbhp4WWPIVSp0QJwTlUza5os2vFTLc%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	index.css qaxhs.top/static/	94 KB 29 KB	813ms 811ms	Stylesheet text/css	172.67.200.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qaxhs.top/static/index.css Requested by Host: qaxhs.top URL: https://qaxhs.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.203 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 892ed879ebe04951f95a8c1c54c76923c7d2081e0b438449e38143bfaa5758f3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://qaxhs.top/ Response headers cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"65ee2f78-17659" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ks4b1LPACaGjQ%2BkTcmqpGdSnEZwtUtlGuBFc%2FRhIdTdrNuI7gZswIv2JhWAyvXyOHWaekzQ1pQcod24fXP0XNunnuHXk7q0Uv0fUWGoffm2%2Be%2BgxU2JG6b8XA58%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c87d4ca3cfb33f6-NRT expires Wed, 25 Sep 2024 15:12:12 GMT date Wed, 25 Sep 2024 03:12:12 GMT content-type text/css last-modified Sun, 10 Mar 2024 22:08:56 GMT vary Accept-Encoding server cloudflare
GET H3	200	chunk-vendors.3bbef372.js Show response qaxhs.top/static/js/	2 MB 608 KB	1104ms 1102ms	Script application/javascript	172.67.200.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qaxhs.top/static/js/chunk-vendors.3bbef372.js Requested by Host: qaxhs.top URL: https://qaxhs.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.203 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4861b47b1aa781633c53d7d8a674d0be1fb8e3e79876d75d9a8571b407416a14 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://qaxhs.top/ Response headers cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag "65ee2f40-97f85" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4T%2BMZLXDPmFJokNPYMsz3rWfU%2Bhr9iXPpwbNJxES16R7VTmDDqbZOx1%2FXMntF3tMzCxcSxdIP5wqIegWRT5tgyp518m74OYVsvfc6BRruYUFwtz57TxLz1GexKw%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c87d4ca3cfe33f6-NRT expires Wed, 25 Sep 2024 15:12:12 GMT accept-ranges bytes content-length 622469 date Wed, 25 Sep 2024 03:12:12 GMT content-type application/javascript last-modified Sun, 10 Mar 2024 22:08:00 GMT vary Accept-Encoding server cloudflare
GET H3	200	index.58471fff.js Show response qaxhs.top/static/js/	113 KB 46 KB	1177ms 1175ms	Script application/javascript	172.67.200.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qaxhs.top/static/js/index.58471fff.js Requested by Host: qaxhs.top URL: https://qaxhs.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.203 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3b6334f93f6b6aa9141b998f59db7f23b163a15a913a6813311914dd18a0349 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://qaxhs.top/ Response headers cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag "65ee2f40-b646" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K91KhIHdwW3T35qS0KYDkRc1Grhx3dpf9uppXS9ZKRgncTIAejUzKh52rGizIHOgfR15NU7%2BeNMlWtmZzREA3v7G%2BkXiWBeFuHllyGL7Cf4iCNumP4A1gZlxxRM%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c87d4ca3d0033f6-NRT expires Wed, 25 Sep 2024 15:12:12 GMT accept-ranges bytes content-length 46662 date Wed, 25 Sep 2024 03:12:13 GMT content-type application/javascript last-modified Sun, 10 Mar 2024 22:08:00 GMT vary Accept-Encoding server cloudflare
GET H3	200	pages-index-index~pages-index-preview.d16fbb46.js Show response qaxhs.top/static/js/	102 KB 19 KB	876ms 876ms	Script application/javascript	172.67.200.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qaxhs.top/static/js/pages-index-index~pages-index-preview.d16fbb46.js Requested by Host: qaxhs.top URL: https://qaxhs.top/static/js/index.58471fff.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.203 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2e77c9a6e093db73e48d09207aca0cc0d120e580e678dce8e0a4fbbf972728a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://qaxhs.top/ Response headers cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag "65ee2f40-48ee" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MWcCu265WRK2L%2Bnl4fJJD7SfMXlV%2FUOb%2F%2FegHOKG6dPAacon%2FKgun9Mq6SBItnZWaRPUHKtN0U79jpKJ5w4ksA7kMtim5q%2FXA2W4%2FahzJmEbkjZ64mA0MiUetCg%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c87d4d7888733f6-NRT expires Wed, 25 Sep 2024 15:12:14 GMT accept-ranges bytes content-length 18670 date Wed, 25 Sep 2024 03:12:14 GMT content-type application/javascript last-modified Sun, 10 Mar 2024 22:08:00 GMT vary Accept-Encoding server cloudflare
GET H3	200	pages-index-index.206790ff.js Show response qaxhs.top/static/js/	82 KB 20 KB	857ms 857ms	Script application/javascript	172.67.200.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qaxhs.top/static/js/pages-index-index.206790ff.js Requested by Host: qaxhs.top URL: https://qaxhs.top/static/js/index.58471fff.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.203 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9172a948b4b92d14d9c386189f0cc853f26e2e27f4e21720819dcf023753b415 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://qaxhs.top/ Response headers cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag "65ee2f40-4ef9" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7zdPaVgpBAvahc1z5%2BM8BoHpsAyg13r9In9azMlNqVf2MF0eId%2FGJeuNDpCraaNCRua02%2BL1Hmjc9luHw2hYF246AnvpiF6VcnsvBr58bJoafbjtYCAcEf%2BUpVk%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c87d4d7888833f6-NRT expires Wed, 25 Sep 2024 15:12:14 GMT accept-ranges bytes content-length 20217 date Wed, 25 Sep 2024 03:12:14 GMT content-type application/javascript last-modified Sun, 10 Mar 2024 22:08:00 GMT vary Accept-Encoding server cloudflare
POST H3	200	rate Show response qaxhs.top/api/common/	106 B 546 B	661ms 661ms	XHR application/json	172.67.200.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qaxhs.top/api/common/rate Requested by Host: qaxhs.top URL: https://qaxhs.top/static/js/chunk-vendors.3bbef372.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.203 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 288d084378071d1d1ef842fcb62073d82308d3eef3b30561b37e72da7a503150 Request headers lang en Referer https://qaxhs.top/ Accept-Language en User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded token Response headers access-control-max-age 86400 access-control-expose-headers __token__ nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC access-control-allow-credentials true report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oB%2FYa5clhm88ER1wJQ8qDUR1Y1ISaTje1dMa6ZS1EDv95XtjpwlJPuMYGk7AxD3Unbxds3wId0yhUNAa5rfCbqubMYUPS0TDI7m9kkV2rpGWclJfIOLcC%2Fxz3P6XvB%2BGoCsdUeY4x5W74VMSlZZ7"}],"group":"cf-nel","max_age":604800} cf-ray 8c87d4d7989233f6-NRT access-control-allow-origin https://qaxhs.top date Wed, 25 Sep 2024 03:12:14 GMT content-type application/json; charset=utf-8 server cloudflare
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H3	200	re1.jpeg qaxhs.top/static/img/	37 KB 27 KB	863ms 862ms	Image image/jpeg	172.67.200.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qaxhs.top/static/img/re1.jpeg Requested by Host: qaxhs.top URL: https://qaxhs.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.203 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e61ba5d4c9fb12d461a8109d17ef9e13b5c66c19fbf92fbdb62c8e0e17e9bff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://qaxhs.top/ Response headers cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"65ee2f40-93a8" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Frdj9reBhjEvBHvCoWTCX7WGMklkapMKG6QyFEXqvfEodTtImT%2BKFs%2BvxJVYx499f0ty9JGPVSuczNadDAqyP%2FWoqF2Rxbcjtk6xBHKCPcY2QiMR8%2B4vA3dx0W8%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c87d4dd2cb433f6-NRT expires Fri, 25 Oct 2024 03:12:15 GMT date Wed, 25 Sep 2024 03:12:15 GMT content-type image/jpeg last-modified Sun, 10 Mar 2024 22:08:00 GMT vary Accept-Encoding server cloudflare
GET H3	200	favicon.svg qaxhs.top/static/img/	556 B 732 B	569ms 569ms	Other image/svg+xml	172.67.200.203 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qaxhs.top/static/img/favicon.svg Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.203 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e5941f066b2070419995072dac7323c02d5ae107b23d8085772f232487fecae Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://qaxhs.top/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"65ee2f40-22c" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h1MWcn%2BSe893V8i8wZIf3cDdH6B7dwvvRHe4Zt%2FKarFoN51MYoN%2FzRm4HkM7ZOB7BjcpaO5bqNoJT%2BStDbk9QnXUhvGn9ZaxSmiPA85u%2BgdYdyvBiiatJgg1Zdg%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8c87d4e29a0733f6-NRT date Wed, 25 Sep 2024 03:12:16 GMT content-type image/svg+xml last-modified Sun, 10 Mar 2024 22:08:00 GMT vary Accept-Encoding server cloudflare

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonp object| __uniConfig object| __uniRoutes function| UniApp object| UniViewJSBridge object| UniServiceJSBridge object| uni object| wx function| getApp function| getCurrentPages function| clearImmediate function| setImmediate object| regeneratorRuntime

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

qaxhs.top
172.67.200.203
2606:4700:3035::ac43:c8cb
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3
288d084378071d1d1ef842fcb62073d82308d3eef3b30561b37e72da7a503150
4861b47b1aa781633c53d7d8a674d0be1fb8e3e79876d75d9a8571b407416a14
7e5941f066b2070419995072dac7323c02d5ae107b23d8085772f232487fecae
7f82ecad685d2ec89be742d528243bacd5beb436d13a397faedea23c6cf8d732
892ed879ebe04951f95a8c1c54c76923c7d2081e0b438449e38143bfaa5758f3
8e61ba5d4c9fb12d461a8109d17ef9e13b5c66c19fbf92fbdb62c8e0e17e9bff
9172a948b4b92d14d9c386189f0cc853f26e2e27f4e21720819dcf023753b415
a2e77c9a6e093db73e48d09207aca0cc0d120e580e678dce8e0a4fbbf972728a
c3b6334f93f6b6aa9141b998f59db7f23b163a15a913a6813311914dd18a0349