wolt-fi.com Open in urlscan Pro
172.67.192.134 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wolt-fi.com/
Submission Tags: @phish_report
Submission: On August 06 via api (August 6th 2024, 12:32:55 pm UTC) from FI — Scanned from FI

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 16 HTTP transactions. The main IP is 172.67.192.134, located in United States and belongs to CLOUDFLARENET, US. The main domain is wolt-fi.com.
TLS certificate: Issued by WE1 on June 9th 2024. Valid for: 3 months.

This is the only time wolt-fi.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Suspicious — 1 votes Show Verdicts

Domain & IP information

	IP Address		AS Autonomous System
15	172.67.192.134 172.67.192.134		13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2

15 172.67.192.134 (United States)

ASN13335 (CLOUDFLARENET, US)

wolt-fi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	wolt-fi.com wolt-fi.com	2 MB
0	dcloud.net.cn Failed cdn.dcloud.net.cn Failed
16	2

	Domain	Requested by
15	wolt-fi.com	wolt-fi.com
0	cdn.dcloud.net.cn Failed	wolt-fi.com
16	2

This site contains no links.

Subject Issuer	Validity	Valid
wolt-fi.com WE1	`2024-06-09` - `2024-09-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://wolt-fi.com/
Frame ID: C616E6FB686CB06CD27B8CB322DCD4D9
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

16
Requests

94 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

2298 kB
Transfer

5083 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response wolt-fi.com/	1 KB 991 B	483ms 408ms	Document text/html	172.67.192.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wolt-fi.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.192.134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `84f5aba3ec0ecce7acc392b7c908e993514423ebef82d9c213409daf69c0cb2e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8aef0d44ebc03530-WAW content-encoding br content-type text/html date Tue, 06 Aug 2024 12:32:49 GMT last-modified Wed, 17 Apr 2024 18:48:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LqpJ2Fv6XOJjxusHbamFWdx0Is5B9ZUrGXXiocmO5YN6HoGoUKI7OkjaoRH1k2SpltCkp0I8BuDLQ%2BwP96XEkgzy9ufaM2Q3LLZUiHsFPSd%2Fuf3jFQtX6491me%2BmpQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	app.af448c39404036232f24ac1dfc8197cd.css wolt-fi.com/static/css/	790 KB 158 KB	83ms 82ms	Stylesheet text/css	172.67.192.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wolt-fi.com/static/css/app.af448c39404036232f24ac1dfc8197cd.css Requested by Host: wolt-fi.com URL: https://wolt-fi.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.192.134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `164933529bb83f7e9ad26181700de8fb28b8f28dedb9d2446dd824fec1041d57` Request headers Referer https://wolt-fi.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 12:32:49 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Apr 2024 18:48:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1049 etag W/"6620196a-c58fc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AVk%2F9lIj3JcEL3EZMrvctzDnP4n9oevIjbqmXXnQnshB8UC%2B2EOvcElWNOuJGb1iL3rTFu3WsV4fgR9ZUFvFWhb3kp8C6ROewkohypJSpnEky8%2FPJWzmkyTnZrUi%2BA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8aef0d477f963530-WAW alt-svc h3=":443"; ma=86400
GET H3	200	config.js Show response wolt-fi.com/static/	1 KB 991 B	77ms 76ms	Script text/html	172.67.192.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wolt-fi.com/static/config.js Requested by Host: wolt-fi.com URL: https://wolt-fi.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.192.134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `84f5aba3ec0ecce7acc392b7c908e993514423ebef82d9c213409daf69c0cb2e` Request headers Referer https://wolt-fi.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 12:32:49 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Apr 2024 18:48:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1049 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zXFPdX8uUv9m45%2B1mR39scuENt%2FPXvEVBMmADKzQA%2BLrC%2F4%2BVwBaODKhzx66WSp%2FSfytIDyCc1SOpJk8n%2Fe0kKl7cLWpQSoCHpjxNUd2%2FltXxJe6nEsgtcBzZ%2Bj%2BSg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 8aef0d477f9c3530-WAW alt-svc h3=":443"; ma=86400
GET H3	200	manifest.498f7b9e7a5711383e83.js Show response wolt-fi.com/static/js/	4 KB 3 KB	79ms 78ms	Script application/javascript	172.67.192.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wolt-fi.com/static/js/manifest.498f7b9e7a5711383e83.js Requested by Host: wolt-fi.com URL: https://wolt-fi.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.192.134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `25247c9b09a1352a29942e2875e94d04fc4fa622f9b8007a968b8815d67a6cac` Request headers Referer https://wolt-fi.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 12:32:49 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Apr 2024 18:48:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1049 etag W/"6620196a-1008" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sGzVGJeIcB2365SXAYBNqlpw7WCLj%2BI%2Bay2n7tAOAvfNPAYX0y8sbtOwlLigWXxgSWqUlaJyOEvvO8Xqru7S1kdy%2FANn4mRge7m7bQcuVSZon32Yw4NiKxjJdMAS4Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8aef0d477f9e3530-WAW alt-svc h3=":443"; ma=86400
GET H3	200	vendor.bc0e1de4e085b8a3188b.js Show response wolt-fi.com/static/js/	2 MB 714 KB	139ms 138ms	Script application/javascript	172.67.192.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wolt-fi.com/static/js/vendor.bc0e1de4e085b8a3188b.js Requested by Host: wolt-fi.com URL: https://wolt-fi.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.192.134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `25be6960a846580a5e3a798134a92e7dde1a4aa54b12b77c38490b0a78e5e941` Request headers Referer https://wolt-fi.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 12:32:49 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Apr 2024 18:48:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1049 etag W/"6620196a-254e22" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3KqT8OvFfRzygma2ryT8iUw0WlAGSwd2MZMRgT4BHh1Avt8ZqxHVEQUbrkn3%2Bfk6Rm0Y%2BR%2B2EK6Lx7toH9Td9AXGxfm9PLnGzEFxJr4K0Jk2ftk7kRONuIGyVMACkw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8aef0d477f9f3530-WAW alt-svc h3=":443"; ma=86400
GET H3	200	app.0ac9333af4c9ccb9f814.js Show response wolt-fi.com/static/js/	152 KB 44 KB	139ms 139ms	Script application/javascript	172.67.192.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wolt-fi.com/static/js/app.0ac9333af4c9ccb9f814.js Requested by Host: wolt-fi.com URL: https://wolt-fi.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.192.134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2e9b8a98d7855ab018e85b3ff624715bed029f7bdb39a24da514285cbc2f16a6` Request headers Referer https://wolt-fi.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 12:32:49 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Apr 2024 18:48:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1049 etag W/"6620196a-25f5f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c7B%2Bbwutidd3WSN%2FnttjXsE%2B5mmJ1Vh8GkaggdoN%2FK7SD8GtHhdAoIerAH1SJy056oymStNSXUIkFl%2B99jAW6HC5guxCexZbD7zf2KwZYInNzkNqrMazuq6qrIu3aQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8aef0d477fa23530-WAW alt-svc h3=":443"; ma=86400
GET H3	200	2.8b844e64e9618dc0d9f9.js Show response wolt-fi.com/static/js/	143 KB 44 KB	78ms 77ms	Script application/javascript	172.67.192.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wolt-fi.com/static/js/2.8b844e64e9618dc0d9f9.js Requested by Host: wolt-fi.com URL: https://wolt-fi.com/static/js/manifest.498f7b9e7a5711383e83.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.192.134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bf44a9413b57f6f062ba6452f5c2069135ded3a5d485470eca7722b8b895bc67` Request headers Referer https://wolt-fi.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 12:32:50 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Apr 2024 18:48:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1048 etag W/"6620196a-23c6a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ULF8K6fvjiQeW1Y4Q2gZ34LRV9%2BdLTUfO94USmlCVx2x5KhkKmStsyL%2FjtH1M0YouLHPnA6Z43ebrX13ENCDGvEK%2F3htfymaJyZpYiWSbL1sh5qF2ID6yoyK%2BeF%2FeQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8aef0d4b8dc53530-WAW alt-svc h3=":443"; ma=86400
GET H3	200	0.7d57c1da42c28cf9d70f.js Show response wolt-fi.com/static/js/	25 KB 14 KB	79ms 78ms	Script application/javascript	172.67.192.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wolt-fi.com/static/js/0.7d57c1da42c28cf9d70f.js Requested by Host: wolt-fi.com URL: https://wolt-fi.com/static/js/manifest.498f7b9e7a5711383e83.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.192.134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cb8bf3f84bf6e27cd45e4a82e351b564291470f90fbee5481921ddb2c7478462` Request headers Referer https://wolt-fi.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 12:32:50 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Apr 2024 18:48:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1048 etag W/"6620196a-65c9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6R63u5XLiUiL%2FJjmu2Xvn%2BfcJ3EntuedcrT1jmx7wAHrLu33eC%2BAvUsGyNJqkEF4txZ4F0lcjbFNbux%2B6MdqTjRtXDtlax%2FYK5T5%2Bfp4guNi8nFfmqqtnmWyfyQnnA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8aef0d4b8dc83530-WAW alt-svc h3=":443"; ma=86400
GET H3	200	31.ac18085bec6e098f04d4.js Show response wolt-fi.com/static/js/	8 KB 3 KB	90ms 90ms	Script application/javascript	172.67.192.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wolt-fi.com/static/js/31.ac18085bec6e098f04d4.js Requested by Host: wolt-fi.com URL: https://wolt-fi.com/static/js/manifest.498f7b9e7a5711383e83.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.192.134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9f4ae63d364ffb86a438b70852fedc743b99761199c7453eae8d09447262c86b` Request headers Referer https://wolt-fi.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 12:32:50 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Apr 2024 18:48:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1048 etag W/"6620196a-1f37" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YLpFynX9ynNGUP4uadDonLnzzmD4zk5Sv3Uck2%2FaWGtwZQz%2F57AJcRjtXwMRuFaDF6OA1RfXF4y5X9cl9ibvNtJW6kesYUNxw9fQdvBkJ4U6I9006joNapvWo6sqDQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8aef0d4b8dcb3530-WAW alt-svc h3=":443"; ma=86400
GET H3	200	Background_Image.jpg wolt-fi.com/static/new3/login/	940 KB 941 KB	97ms 97ms	Image image/jpeg	172.67.192.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wolt-fi.com/static/new3/login/Background_Image.jpg Requested by Host: wolt-fi.com URL: https://wolt-fi.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.192.134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7caf75670ed9665f040fd42b79521f66092880eadd8c8dd2bf38f3493a503c98` Request headers Referer https://wolt-fi.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 12:32:50 GMT cf-cache-status HIT last-modified Wed, 17 Apr 2024 18:48:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1048 etag "6620196a-eb1bd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xry%2Bqiu4I9TNhLgJMSfUgcWugDq3%2BDG1k0N42PB923HmMjrWKz6A6Bl6KdzcZJILA5wd7ncQYBgE%2BLkWwQgIR1M9%2BV0PGS2LHzI5C%2Fbw6cKqo8Iy09kpw7urtT53Ng%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 8aef0d4b9de33530-WAW alt-svc h3=":443"; ma=86400 content-length 963005
GET H3	200	login-bg.a40fbcc.png wolt-fi.com/static/img/	330 KB 330 KB	134ms 133ms	Image image/png	172.67.192.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wolt-fi.com/static/img/login-bg.a40fbcc.png Requested by Host: wolt-fi.com URL: https://wolt-fi.com/static/css/app.af448c39404036232f24ac1dfc8197cd.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.192.134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `56045cdf81285ff964b87077bc357d5fe1a648767fb14b2e7518fd99d1f106fd` Request headers Referer https://wolt-fi.com/static/css/app.af448c39404036232f24ac1dfc8197cd.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 12:32:50 GMT cf-cache-status HIT last-modified Wed, 17 Apr 2024 18:48:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1047 etag "6620196a-526ad" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vJ3y%2BOtcNdVB04%2FfEZQ9N7YHHd8v%2F0FXEIETUIn40yNfldVn8%2BUJd68lgyllg4ODDIDS9QODdJI188d9XfpAOZXk2yjqreZtGtqxFaAFEZCQVAm5CRDDcG5xxq%2FA4g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8aef0d4c4ee63530-WAW alt-svc h3=":443"; ma=86400 content-length 337581
GET DATA	200 OK	truncated /	25 KB 25 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `1bb4b4bd573097cb1bcd39f3430e6466979d79188bf6a787750e1f8030ce5e5e` Request headers Referer Origin https://wolt-fi.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type font/woff2;charset=utf-8
GET H3	200	youjiantou.png wolt-fi.com/static/new/	206 B 651 B	204ms 203ms	Image image/png	172.67.192.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wolt-fi.com/static/new/youjiantou.png Requested by Host: wolt-fi.com URL: https://wolt-fi.com/login?redirect=%2FHome Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.192.134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cd7f90cb5fd53810449e20a791726005a4e3474109928cfb064bcbef0465a036` Request headers Referer https://wolt-fi.com/login?redirect=%2FHome User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 12:32:50 GMT cf-cache-status HIT last-modified Wed, 17 Apr 2024 18:48:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1047 etag "6620196a-ce" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hgl9xFmY8vA99pl3oDT3YQC1ySdEAU16WPro5v3hiKK83KK%2FkND30aaBbGOdDmmsA66HVQBl%2Bzze3A0VJIoM8OJe0zUoTY9VtungZx9a2ptYZzeVsr9uWIy%2BiAA09A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8aef0d4c5f033530-WAW alt-svc h3=":443"; ma=86400 content-length 206
GET DATA	200 OK	truncated /	1011 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a7c5dbde6776d381105f1135ea5eebbe61eed8648b8444f03e02f8cc25b8a5e6` Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H3	200	close.png wolt-fi.com/static/new/	6 KB 6 KB	205ms 204ms	Image image/png	172.67.192.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wolt-fi.com/static/new/close.png Requested by Host: wolt-fi.com URL: https://wolt-fi.com/login?redirect=%2FHome Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.192.134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bdd630cbf1795115d27d523c2ac33032f88f3eec29063ed42d12a185aca3e18f` Request headers Referer https://wolt-fi.com/login?redirect=%2FHome User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 12:32:50 GMT cf-cache-status HIT last-modified Wed, 17 Apr 2024 18:48:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1047 etag "6620196a-1659" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aWOWr9YvB3a7sYu1xKQXhYKjlftTZKsugdLBamLcPVDDLbmEH%2BwmFmULAj%2BIvPDqSAX1f6dp6S9ac3qLVqJkoUvkAlNL3eVg2wuzIH2G2DY5qM7XqIEeqcShYVDKIw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8aef0d4c5f043530-WAW alt-svc h3=":443"; ma=86400 content-length 5721
GET H3	200	favicon.ico wolt-fi.com/	135 KB 15 KB	81ms 81ms	Other image/x-icon	172.67.192.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wolt-fi.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.192.134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6277de012c7b475d3312b8739d68bb0af67402101f915971e2ccc11d90e62f9b` Request headers Referer https://wolt-fi.com/login?redirect=%2FHome User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 12:32:50 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Apr 2024 18:48:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1046 etag W/"6620196a-21a16" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a9u36Oud5URoc3rHe0EC6lpyB9P5Mp%2BxkpIspIn0r7zfuDJDL%2FjUhgNt0q5wiVrZgeoVg0RD938WGDEArHcU9hrNCaJ049tfIIkpQO2l35Ao4qg30khCIm49rSlvMg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=14400 cf-ray 8aef0d4da8cd3530-WAW alt-svc h3=":443"; ma=86400
GET		mui-shadow-grey.png cdn.dcloud.net.cn/img/	0 0

GET H3	200	favicon.ico wolt-fi.com/	135 KB 0	0ms 0ms	Other image/x-icon	172.67.192.134 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wolt-fi.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.192.134 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6277de012c7b475d3312b8739d68bb0af67402101f915971e2ccc11d90e62f9b` Request headers Referer https://wolt-fi.com/login User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 12:32:50 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Apr 2024 18:48:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1046 etag W/"6620196a-21a16" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a9u36Oud5URoc3rHe0EC6lpyB9P5Mp%2BxkpIspIn0r7zfuDJDL%2FjUhgNt0q5wiVrZgeoVg0RD938WGDEArHcU9hrNCaJ049tfIIkpQO2l35Ao4qg30khCIm49rSlvMg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=14400 cf-ray 8aef0d4da8cd3530-WAW alt-svc h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.dcloud.net.cn
URL: https://cdn.dcloud.net.cn/img/mui-shadow-grey.png

Verdicts & Comments Add Verdict or Comment

Suspicious page.domain
Submitted on August 6th 2024, 12:41:32 pm UTC — From Finland

Threats: Brand Impersonation Scam
Comment: This website asks to do a crypto currency deposit, using Wolt's name and brand colours.

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| webpackJsonp object| __core-js_shared__ function| _

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://wolt-fi.com/login?redirect=%2FHome Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.dcloud.net.cn
wolt-fi.com
cdn.dcloud.net.cn
172.67.192.134
164933529bb83f7e9ad26181700de8fb28b8f28dedb9d2446dd824fec1041d57
1bb4b4bd573097cb1bcd39f3430e6466979d79188bf6a787750e1f8030ce5e5e
25247c9b09a1352a29942e2875e94d04fc4fa622f9b8007a968b8815d67a6cac
25be6960a846580a5e3a798134a92e7dde1a4aa54b12b77c38490b0a78e5e941
2e9b8a98d7855ab018e85b3ff624715bed029f7bdb39a24da514285cbc2f16a6
56045cdf81285ff964b87077bc357d5fe1a648767fb14b2e7518fd99d1f106fd
6277de012c7b475d3312b8739d68bb0af67402101f915971e2ccc11d90e62f9b
7caf75670ed9665f040fd42b79521f66092880eadd8c8dd2bf38f3493a503c98
84f5aba3ec0ecce7acc392b7c908e993514423ebef82d9c213409daf69c0cb2e
9f4ae63d364ffb86a438b70852fedc743b99761199c7453eae8d09447262c86b
a7c5dbde6776d381105f1135ea5eebbe61eed8648b8444f03e02f8cc25b8a5e6
bdd630cbf1795115d27d523c2ac33032f88f3eec29063ed42d12a185aca3e18f
bf44a9413b57f6f062ba6452f5c2069135ded3a5d485470eca7722b8b895bc67
cb8bf3f84bf6e27cd45e4a82e351b564291470f90fbee5481921ddb2c7478462
cd7f90cb5fd53810449e20a791726005a4e3474109928cfb064bcbef0465a036

wolt-fi.com Open in urlscan Pro 172.67.192.134 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Suspicious — 1 votes Show Verdicts

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

16 Requests

94 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

2298 kBTransfer

5083 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Suspicious page.domain Submitted on August 6th 2024, 12:41:32 pm UTC — From Finland

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

3 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

wolt-fi.com Open in urlscan Pro
172.67.192.134 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

2298 kB
Transfer

5083 kB
Size

0
Cookies

16 HTTP transactions
2 data transactions

Suspicious page.domain
Submitted on August 6th 2024, 12:41:32 pm UTC — From Finland

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!