URL: https://h5.gefun37352.top/
Submission: On June 10 via automatic, source phishtank — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 20.205.110.67, located in Central, Hong Kong and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is h5.gefun37352.top.
TLS certificate: Issued by R3 on May 22nd 2022. Valid for: 3 months.
This is the only time h5.gefun37352.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 20.205.110.67 8075 (MICROSOFT...)
1 47.97.206.211 37963 (ALIBABA-C...)
6 2
Apex Domain
Subdomains
Transfer
5 gefun37352.top
h5.gefun37352.top
890 KB
1 dcloud.net.cn
cdn.dcloud.net.cn — Cisco Umbrella Rank: 89527
579 B
6 2
Domain Requested by
5 h5.gefun37352.top h5.gefun37352.top
1 cdn.dcloud.net.cn h5.gefun37352.top
6 2

This site contains no links.

Subject Issuer Validity Valid
h5.gefun37352.top
R3
2022-05-22 -
2022-08-20
3 months crt.sh
*.dcloud.net.cn
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2020-08-17 -
2022-08-18
2 years crt.sh

This page contains 1 frames:

Primary Page: https://h5.gefun37352.top/
Frame ID: 6A1F2544CF30BE9ACB25C84A76FDFA79
Requests: 6 HTTP requests in this frame

Screenshot

Page Title

Instant access to investing

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

890 kB
Transfer

2520 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
h5.gefun37352.top/
862 B
923 B
Document
General
Full URL
https://h5.gefun37352.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.205.110.67 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
WAF/2.4-12.1 /
Resource Hash
06d68aff06d1af81e7e35c1ce25a26ba3a7726117de94f900af506c5033bd877

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Fri, 10 Jun 2022 23:12:38 GMT
etag
W/"627f4a02-35e"
last-modified
Sat, 14 May 2022 06:19:46 GMT
server
WAF/2.4-12.1
x-cache-status
MISS
index.a5c69d49.css
h5.gefun37352.top/static/
92 KB
30 KB
Stylesheet
General
Full URL
https://h5.gefun37352.top/static/index.a5c69d49.css
Requested by
Host: h5.gefun37352.top
URL: https://h5.gefun37352.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.205.110.67 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
WAF/2.4-12.1 /
Resource Hash
4092422fbd44790f2e0889437a157b0156f3801412dbe0758286232f58ae0afd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h5.gefun37352.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 23:12:38 GMT
content-encoding
gzip
last-modified
Sat, 14 May 2022 06:19:46 GMT
server
WAF/2.4-12.1
etag
W/"627f4a02-16ff2"
x-cache-status
HIT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
chunk-vendors.d391c23f.js
h5.gefun37352.top/static/js/
2 MB
654 KB
Script
General
Full URL
https://h5.gefun37352.top/static/js/chunk-vendors.d391c23f.js
Requested by
Host: h5.gefun37352.top
URL: https://h5.gefun37352.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.205.110.67 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
WAF/2.4-12.1 /
Resource Hash
374bc2d09409347db4d0ee7a466b7d813fea0b086568e2d6109268959e255ffb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h5.gefun37352.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 23:12:38 GMT
content-encoding
gzip
last-modified
Sat, 14 May 2022 06:19:46 GMT
server
WAF/2.4-12.1
etag
W/"627f4a02-1cfb23"
x-cache-status
HIT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
index.d537da7f.js
h5.gefun37352.top/static/js/
573 KB
205 KB
Script
General
Full URL
https://h5.gefun37352.top/static/js/index.d537da7f.js
Requested by
Host: h5.gefun37352.top
URL: https://h5.gefun37352.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.205.110.67 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
WAF/2.4-12.1 /
Resource Hash
6eca3a8ee5f90a16c252f15053e1f8a9fe0609313524764fd27b519b1d5ef8e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h5.gefun37352.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 23:12:38 GMT
content-encoding
gzip
last-modified
Sat, 14 May 2022 06:19:46 GMT
server
WAF/2.4-12.1
etag
W/"627f4a02-8f208"
x-cache-status
HIT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Access-Token,Sign,Lang,Agent-Identify,Client-Version,Platform,Device-Id,Context-Type
identify
h5.gefun37352.top/api/common/
97 B
191 B
XHR
General
Full URL
https://h5.gefun37352.top/api/common/identify
Requested by
Host: h5.gefun37352.top
URL: https://h5.gefun37352.top/static/js/chunk-vendors.d391c23f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.205.110.67 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
WAF/2.4-12.1 /
Resource Hash
5badc380aad94192abc552dbafd4790082021543afbf58f0ef2b8911aa5b9ad8

Request headers

Referer
https://h5.gefun37352.top/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 10 Jun 2022 23:12:40 GMT
server
WAF/2.4-12.1
content-length
97
x-cache-status
MISS
content-type
application/json
shadow-grey.png
cdn.dcloud.net.cn/img/
136 B
579 B
Image
General
Full URL
https://cdn.dcloud.net.cn/img/shadow-grey.png
Requested by
Host: h5.gefun37352.top
URL: https://h5.gefun37352.top/static/index.a5c69d49.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.97.206.211 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://h5.gefun37352.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 10 Jun 2022 23:12:42 GMT
Last-Modified
Thu, 06 Jun 2019 06:42:07 GMT
Server
nginx
ETag
"5cf8b5bf-88"
Content-Type
image/png
Cache-Control
max-age=7200
Connection
close
Accept-Ranges
bytes
Content-Length
136
Expires
Sat, 11 Jun 2022 01:12:42 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation boolean| coverSupport object| webpackJsonp object| regeneratorRuntime object| __uniConfig object| __uniRoutes function| UniApp object| UniViewJSBridge object| UniServiceJSBridge object| uni object| wx function| getApp function| getCurrentPages

1 Cookies

Domain/Path Name / Value
.dcloud.net.cn/ Name: __uni__uid
Value: CgEB5WKjz+q+kX2QXIbrAg==

1 Console Messages

Source Level URL
Text
network error URL: https://h5.gefun37352.top/api/common/identify
Message:
Failed to load resource: the server responded with a status of 500 ()