phreshjet.com
Open in
urlscan Pro
103.20.200.169
Malicious Activity!
Public Scan
Submission: On September 30 via api from US — Scanned from AU
Summary
TLS certificate: Issued by USERTrust RSA Domain Validation Secur... on April 10th 2024. Valid for: a year.
This is the only time phreshjet.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Made in China (Supplychain)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 103.20.200.169 103.20.200.169 | 38719 (DREAMSCAP...) (DREAMSCAPE-AS-AP Dreamscape Networks Limited) | |
2 | 172.64.154.190 172.64.154.190 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 172.64.154.139 172.64.154.139 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 3 |
ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU)
PTR: server-4p-r65.ipv4.syd02.ds.network
phreshjet.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
phreshjet.com
phreshjet.com |
141 KB |
2 |
micstatic.com
www.micstatic.com — Cisco Umbrella Rank: 147107 |
21 KB |
1 |
made-in-china.com
login.made-in-china.com — Cisco Umbrella Rank: 869722 |
5 KB |
6 | 3 |
Domain | Requested by | |
---|---|---|
3 | phreshjet.com |
phreshjet.com
|
2 | www.micstatic.com |
phreshjet.com
www.micstatic.com |
1 | login.made-in-china.com |
phreshjet.com
|
6 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
goldencareservices.com.au USERTrust RSA Domain Validation Secure Server CA |
2024-04-10 - 2025-04-10 |
a year | crt.sh |
*.micstatic.com DigiCert Basic RSA CN CA G2 |
2023-11-22 - 2024-12-22 |
a year | crt.sh |
*.made-in-china.com DigiCert Basic RSA CN CA G2 |
2024-08-21 - 2025-08-20 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://phreshjet.com/madeinchin/sign-in/index.php
Frame ID: 2D1FC317E757DA041D01D30B44D6CB5E
Requests: 6 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.php
phreshjet.com/madeinchin/sign-in/ |
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global_65d53e57.css
www.micstatic.com/gb/css/ |
79 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
login.made-in-china.com/css/ |
21 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad.jpeg
phreshjet.com/madeinchin/sign-in/images/ |
135 KB 135 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-2.png
www.micstatic.com/gb/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
phreshjet.com/madeinchin/sign-in/images/ |
4 KB 4 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Made in China (Supplychain)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
phreshjet.com/ | Name: PHPSESSID Value: v5jbfrlb30bp98ko00hmu3pflo |
|
.micstatic.com/ | Name: __cf_bm Value: LRkg2h7D6oqqKwzAR17M6k3DYZqHKorxtLrHCQwuyRo-1727690603-1.0.1.1-Zj6ek6pnDpJPGOxSg7W2IoYt99Dzpev4c71.tHB549mijCXx9DGYtolTw3guJrMgN93YRhDS6FBID6_qvU.WqQ |
|
.made-in-china.com/ | Name: __cf_bm Value: ik0Zu4X.WcxZ5XMYTOrzgTBLaBUMAG07.bs10eJS4n0-1727690603-1.0.1.1-UGfOElNK2iUmbvqmtXFjhy7GAo18g1ZDV0KW_I6t8UWNvSmqdKuqVlL4K76BxATq55tMsaLgJi.HSmSOKda0kA |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
login.made-in-china.com
phreshjet.com
www.micstatic.com
103.20.200.169
172.64.154.139
172.64.154.190
3a42ab03c49e17cc689ad27fe862c0c916f53767f974a5845125e39ab1f3deb8
45e51cad4213b395736ade53bcf14cc1ae7c2aa07a5875c10eb9ff4585200572
a5c8dcd1842a59b79ed671155925197ba68d1577b1256ed37d9bb122d266a40a
ace11d4217a3c9bd89a12eecc3a27fc118232491a66bb61b0410f26ee642ad36
ca230ee7ab7b30cd3cbc57dd169a65432fa2d051e0460f0369df4139aaa6aa76
ca6c1426bc7976ff4dfcf6dcb40c9ba311ae2aa369e5fe7cab2bc071d8e7ee5b