![](/screenshots/0a6f7a4f-e8e6-492f-8773-e87fa07aa1ad.png)
gxoaid6.top
Open in
urlscan Pro
172.67.129.178
Malicious Activity!
Public Scan
Submission: On May 20 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on May 20th 2024. Valid for: 3 months.
This is the only time gxoaid6.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Google (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 172.67.129.178 172.67.129.178 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
9 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
gxoaid6.top
gxoaid6.top |
99 KB |
9 | 1 |
Domain | Requested by | |
---|---|---|
9 | gxoaid6.top |
gxoaid6.top
|
9 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
support.google.com |
accounts.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
gxoaid6.top GTS CA 1P5 |
2024-05-20 - 2024-08-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://gxoaid6.top/
Frame ID: E6B39FBB94A4ABE0D79A5B3A6AA59AF2
Requests: 9 HTTP requests in this frame
4 Outgoing links
These are links going to different origins than the main page.
Title: 详细了解如何使用访客模式
Search URL Search Domain Scan URL
Title: 帮助
Search URL Search Domain Scan URL
Title: 隐私权
Search URL Search Domain Scan URL
Title: 条款
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
gxoaid6.top/ |
448 B 690 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
components.js
gxoaid6.top/assets/js/ |
579 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-3.7.1.min.js
gxoaid6.top/assets/js/ |
174 KB 38 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
external_load.js
gxoaid6.top/assets/js/ |
2 KB 1 KB |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
filename.js
gxoaid6.top/assets/download/ |
84 B 568 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
layui.js
gxoaid6.top/assets/libs/layui/ |
6 KB 3 KB |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-3.7.1.min.js
gxoaid6.top/assets/js/ |
174 KB 0 |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
gxoaid6.top/assets/js/ |
1019 B 1 KB |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
gxoaid6.top/ |
5 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Google (Online)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| components function| $ function| jQuery function| generateUniqueId function| makeid object| layui function| validateEmail string| filename string| downloadFileName string| downloadLink0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
gxoaid6.top
172.67.129.178
2d325decf224ffd3eaac16f31295a5c8999c84d584a9e7ee3ffceda5ed822df3
6565269bf6f13b8758e7e999ae3fde95166fe4907cc7f6eff4ecdd509109ca6d
6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
925dba69d8f8ec4b57b672407ba10c8b344da2c6af4a9535e33c183d08fbe414
b5e5747df88266de4e2c0d6c4a4fd889f944de83c5292d0dd23bb72b4a07b367
bfc0aa57d42c192bd73820501983f83155bd4df35ffb36a2a14bec286a2a16f1
c10de123122cda6810b3bf87834e37f717d052dfe696b0cd802d47275f6f053e
f66fc082af3c56e9c795bcc442c226954c8cab8c5d579051ad5d78b7814fe961