phreshjet.com - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 103.20.200.169, located in Australia and belongs to DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU. The main domain is phreshjet.com.
TLS certificate: Issued by USERTrust RSA Domain Validation Secur... on April 10th 2024. Valid for: a year.

This is the only time phreshjet.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Made in China (Supplychain)

Domain & IP information

	IP Address	AS Autonomous System
3	103.20.200.169 103.20.200.169	38719 (DREAMSCAP...) (DREAMSCAPE-AS-AP Dreamscape Networks Limited)
2	172.64.154.190 172.64.154.190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.154.139 172.64.154.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	3

3 103.20.200.169 (Australia)

ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU)
PTR: server-4p-r65.ipv4.syd02.ds.network

phreshjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.154.190 (None, )

ASN13335 (CLOUDFLARENET, US)

www.micstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.154.139 (None, )

ASN13335 (CLOUDFLARENET, US)

login.made-in-china.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	phreshjet.com phreshjet.com	141 KB
2	micstatic.com www.micstatic.com — Cisco Umbrella Rank: 147107	21 KB
1	made-in-china.com login.made-in-china.com — Cisco Umbrella Rank: 869722	5 KB
6	3

	Domain	Requested by
3	phreshjet.com	phreshjet.com
2	www.micstatic.com	phreshjet.com www.micstatic.com
1	login.made-in-china.com	phreshjet.com
6	3

This site contains no links.

Subject Issuer	Validity	Valid
goldencareservices.com.au USERTrust RSA Domain Validation Secure Server CA	`2024-04-10` - `2025-04-10`	a year	crt.sh
*.micstatic.com DigiCert Basic RSA CN CA G2	`2023-11-22` - `2024-12-22`	a year	crt.sh
*.made-in-china.com DigiCert Basic RSA CN CA G2	`2024-08-21` - `2025-08-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://phreshjet.com/madeinchin/sign-in/index.php
Frame ID: 2D1FC317E757DA041D01D30B44D6CB5E
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In | Made-in-China.com

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

6
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

167 kB
Transfer

254 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.php Show response phreshjet.com/madeinchin/sign-in/	7 KB 2 KB	532ms 520ms	Document text/html	103.20.200.169 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://phreshjet.com/madeinchin/sign-in/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.20.200.169 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS server-4p-r65.ipv4.syd02.ds.network Software Apache / PHP/8.2.11 Resource Hash `ace11d4217a3c9bd89a12eecc3a27fc118232491a66bb61b0410f26ee642ad36` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 2154 content-type text/html; charset=UTF-8 date Mon, 30 Sep 2024 10:03:22 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Apache vary Accept-Encoding x-powered-by PHP/8.2.11
GET H2	200	global_65d53e57.css www.micstatic.com/gb/css/	79 KB 13 KB	31ms 16ms	Stylesheet text/css	172.64.154.190 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.micstatic.com/gb/css/global_65d53e57.css Requested by Host: phreshjet.com URL: https://phreshjet.com/madeinchin/sign-in/index.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.154.190 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `45e51cad4213b395736ade53bcf14cc1ae7c2aa07a5875c10eb9ff4585200572` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://phreshjet.com/ Response headers server cloudflare cache-control public, max-age=315360000 timing-allow-origin * content-encoding gzip cf-cache-status HIT etag W/"5d0736aa-13d31" age 3326 cf-ray 8cb361fd5aa5a937-SYD expires Thu, 28 Sep 2034 10:03:23 GMT date Mon, 30 Sep 2024 10:03:23 GMT content-type text/css last-modified Mon, 17 Jun 2019 06:43:54 GMT vary Accept-Encoding origin-agent-cluster ?0
GET H2	200	login.css login.made-in-china.com/css/	21 KB 5 KB	35ms 19ms	Stylesheet text/css	172.64.154.139 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://login.made-in-china.com/css/login.css?t=oMKEghUFYpnY Requested by Host: phreshjet.com URL: https://phreshjet.com/madeinchin/sign-in/index.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.154.139 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ca6c1426bc7976ff4dfcf6dcb40c9ba311ae2aa369e5fe7cab2bc071d8e7ee5b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://phreshjet.com/ Response headers server cloudflare cache-control public, max-age=14400 timing-allow-origin * content-encoding gzip cf-cache-status HIT age 3326 cf-ray 8cb361fd5cb05737-SYD expires Mon, 30 Sep 2024 14:03:23 GMT access-control-allow-origin * server-timing app;dur=2 date Mon, 30 Sep 2024 10:03:23 GMT content-type text/css origin-agent-cluster ?0 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers last-modified Thu, 12 Sep 2024 07:40:52 GMT
GET H2	200	ad.jpeg phreshjet.com/madeinchin/sign-in/images/	135 KB 135 KB	6ms 6ms	Image image/jpeg	103.20.200.169 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://phreshjet.com/madeinchin/sign-in/images/ad.jpeg Requested by Host: phreshjet.com URL: https://phreshjet.com/madeinchin/sign-in/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.20.200.169 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS server-4p-r65.ipv4.syd02.ds.network Software Apache / Resource Hash `3a42ab03c49e17cc689ad27fe862c0c916f53767f974a5845125e39ab1f3deb8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://phreshjet.com/madeinchin/sign-in/index.php Response headers accept-ranges bytes content-length 137881 date Mon, 30 Sep 2024 10:03:23 GMT last-modified Tue, 11 Jul 2023 02:01:48 GMT content-type image/jpeg server Apache
GET H2	200	logo-2.png www.micstatic.com/gb/img/	8 KB 8 KB	18ms 18ms	Image image/png	172.64.154.190 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.micstatic.com/gb/img/logo-2.png Requested by Host: www.micstatic.com URL: https://www.micstatic.com/gb/css/global_65d53e57.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.154.190 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ca230ee7ab7b30cd3cbc57dd169a65432fa2d051e0460f0369df4139aaa6aa76` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.micstatic.com/gb/css/global_65d53e57.css Response headers cf-cache-status HIT etag "5f6c91d3-1e9f" age 3326 expires Thu, 28 Sep 2034 10:03:23 GMT date Mon, 30 Sep 2024 10:03:23 GMT content-type image/png last-modified Thu, 24 Sep 2020 12:32:19 GMT vary Accept-Encoding cache-control public, max-age=315360000 timing-allow-origin * cf-ray 8cb361fd8ad1a937-SYD accept-ranges bytes access-control-allow-origin * content-length 7839 origin-agent-cluster ?0 server cloudflare
GET H2	200	favicon.ico phreshjet.com/madeinchin/sign-in/images/	4 KB 4 KB	4ms 4ms	Other image/x-icon	103.20.200.169 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://phreshjet.com/madeinchin/sign-in/images/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.20.200.169 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS server-4p-r65.ipv4.syd02.ds.network Software Apache / Resource Hash `a5c8dcd1842a59b79ed671155925197ba68d1577b1256ed37d9bb122d266a40a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://phreshjet.com/madeinchin/sign-in/index.php Response headers accept-ranges bytes content-length 4286 date Mon, 30 Sep 2024 10:03:23 GMT last-modified Thu, 11 Jul 2019 06:24:44 GMT content-type image/x-icon server Apache

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Made in China (Supplychain)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
phreshjet.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: v5jbfrlb30bp98ko00hmu3pflo
.micstatic.com/	1970-01-20 23:54:52	Name: __cf_bm Value: LRkg2h7D6oqqKwzAR17M6k3DYZqHKorxtLrHCQwuyRo-1727690603-1.0.1.1-Zj6ek6pnDpJPGOxSg7W2IoYt99Dzpev4c71.tHB549mijCXx9DGYtolTw3guJrMgN93YRhDS6FBID6_qvU.WqQ
.made-in-china.com/	1970-01-20 23:54:52	Name: __cf_bm Value: ik0Zu4X.WcxZ5XMYTOrzgTBLaBUMAG07.bs10eJS4n0-1727690603-1.0.1.1-UGfOElNK2iUmbvqmtXFjhy7GAo18g1ZDV0KW_I6t8UWNvSmqdKuqVlL4K76BxATq55tMsaLgJi.HSmSOKda0kA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://phreshjet.com/madeinchin/sign-in/index.php Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.made-in-china.com
phreshjet.com
www.micstatic.com
103.20.200.169
172.64.154.139
172.64.154.190
3a42ab03c49e17cc689ad27fe862c0c916f53767f974a5845125e39ab1f3deb8
45e51cad4213b395736ade53bcf14cc1ae7c2aa07a5875c10eb9ff4585200572
a5c8dcd1842a59b79ed671155925197ba68d1577b1256ed37d9bb122d266a40a
ace11d4217a3c9bd89a12eecc3a27fc118232491a66bb61b0410f26ee642ad36
ca230ee7ab7b30cd3cbc57dd169a65432fa2d051e0460f0369df4139aaa6aa76
ca6c1426bc7976ff4dfcf6dcb40c9ba311ae2aa369e5fe7cab2bc071d8e7ee5b

phreshjet.com Open in urlscan Pro 103.20.200.169 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

6 Requests

50 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

167 kBTransfer

254 kBSize

3 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

phreshjet.com Open in urlscan Pro
103.20.200.169 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

167 kB
Transfer

254 kB
Size

3
Cookies

6 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!