20240321-6dl.pages.dev
Open in
urlscan Pro
2606:4700:310c::ac42:2eea
Malicious Activity!
Public Scan
Submission: On October 23 via api from US — Scanned from DE
Summary
TLS certificate: Issued by WE1 on September 14th 2024. Valid for: 3 months.
This is the only time 20240321-6dl.pages.dev was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 6 | 2606:4700:310... 2606:4700:310c::ac42:2eea | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 240d:c010:139... 240d:c010:139:1::68 | 139341 (ACE-AS-AP...) (ACE-AS-AP ACE) | |
2 | 43.152.28.43 43.152.28.43 | 139341 (ACE-AS-AP...) (ACE-AS-AP ACE) | |
1 | 123.57.250.119 123.57.250.119 | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
2 | 170.106.112.116 170.106.112.116 | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
5 | 101.33.11.246 101.33.11.246 | 139341 (ACE-AS-AP...) (ACE-AS-AP ACE) | |
2 | 2408:8763:0:2... 2408:8763:0:2a2:36::17 | 4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone) | |
30 | 7 |
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
stadig.ifeng.com |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
err.ifengcloud.ifeng.com |
ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
y0.ifengimg.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
ifengimg.com
x2.ifengimg.com — Cisco Umbrella Rank: 510446 x0.ifengimg.com — Cisco Umbrella Rank: 355715 d.ifengimg.com — Cisco Umbrella Rank: 274635 y0.ifengimg.com — Cisco Umbrella Rank: 856409 |
702 KB |
6 |
pages.dev
1 redirects
20240321-6dl.pages.dev |
16 KB |
3 |
ifeng.com
stadig.ifeng.com — Cisco Umbrella Rank: 389545 err.ifengcloud.ifeng.com — Cisco Umbrella Rank: 582904 |
333 B |
30 | 3 |
Domain | Requested by | |
---|---|---|
13 | x2.ifengimg.com |
20240321-6dl.pages.dev
x2.ifengimg.com |
6 | 20240321-6dl.pages.dev |
1 redirects
20240321-6dl.pages.dev
|
5 | d.ifengimg.com |
20240321-6dl.pages.dev
|
2 | y0.ifengimg.com | |
2 | err.ifengcloud.ifeng.com |
20240321-6dl.pages.dev
|
2 | x0.ifengimg.com |
20240321-6dl.pages.dev
|
1 | stadig.ifeng.com |
20240321-6dl.pages.dev
|
30 | 7 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
20240321-6dl.pages.dev WE1 |
2024-09-14 - 2024-12-13 |
3 months | crt.sh |
*.ifeng.com TrustAsia RSA OV TLS CA G3 |
2024-03-11 - 2025-04-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://20240321-6dl.pages.dev/static/js/member.bc25acb4.js
Frame ID: 03C4D39E59448BD26E5B14D8B010B9BF
Requests: 30 HTTP requests in this frame
Screenshot
Page Title
404-页面不存在Page URL History Show full URLs
- https://20240321-6dl.pages.dev/static/js/member.bc25acb4.js Page URL
-
https://20240321-6dl.pages.dev/cdn-cgi/phish-bypass?atok=Uc6JoJ9qmu030bl_h22UXuqNZ8aAVOA4ABVAYVQJLfs-172964...
HTTP 301
https://20240321-6dl.pages.dev/static/js/member.bc25acb4.js Page URL
Detected technologies
React (JavaScript Frameworks) ExpandDetected patterns
- react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js
Page Statistics
36 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: 纯正东北味!百年老牌哈尔滨红肠,二八肥瘦比,每一口都有肉
Search URL Search Domain Scan URL
Title: 剃须刀这种东西,200元和2000元差距有多大?
Search URL Search Domain Scan URL
Title: 古龙窑柴烧紫砂壶,大师亲制!每一把都与众不同
Search URL Search Domain Scan URL
Title: 大捡漏!法国轻奢ELLE行李箱,299起抢,好看又能装
Search URL Search Domain Scan URL
Title: 俄罗斯进口蜂蜜抢占中国市场,其实大多数人都买错了...
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: 韩国外交部召见俄罗斯驻韩大使 抗议朝鲜派兵援俄
Search URL Search Domain Scan URL
Title: 叉车司机因酷似泽连斯基走红
Search URL Search Domain Scan URL
Title: 外交部:中国驻缅甸曼德勒总领馆遭爆炸袭击 中方已向缅方...
Search URL Search Domain Scan URL
Title: 内塔尼亚胡:这是一个严重错误
Search URL Search Domain Scan URL
Title: 史上首次!美国突发警告,巨额债务已超1万亿美元
Search URL Search Domain Scan URL
Title: 这事儿丨秸秆焚烧“禁改限”,背后啥原因?
Search URL Search Domain Scan URL
Title: 西安情侣夜爬秦岭冰晶顶看云海失温遇难,亲属:已运回老家...
Search URL Search Domain Scan URL
Title: 马斯克每天给选民送100万是否违法?白宫回应
Search URL Search Domain Scan URL
Title: 特朗普若提前宣布胜选怎么办?哈里斯回应
Search URL Search Domain Scan URL
Title: 美官员称布林肯要求内塔尼亚胡公开反对“将军计划”遭拒
Search URL Search Domain Scan URL
Title: 5.8万执行款已被法院执行,申请人却未收到,办案法官:...
Search URL Search Domain Scan URL
Title: 的士司机要学阿拉伯语?港府:只是希望在车内张贴阿拉伯语...
Search URL Search Domain Scan URL
Title: 中国资产深夜全线爆发,外资巨头最新发声
Search URL Search Domain Scan URL
Title: UP主分析纯血鸿蒙:几乎不可能应用在其他品牌手机上
Search URL Search Domain Scan URL
Title: “无风起浪”!专家解读北方海域罕见异常高潮位现象
Search URL Search Domain Scan URL
Title: 区长被实名举报“强占人妻”,当地纪委监委回应
Search URL Search Domain Scan URL
Title: 凤凰新媒体介绍
Search URL Search Domain Scan URL
Title: 投资者关系 Investor Relations
Search URL Search Domain Scan URL
Title: 广告服务
Search URL Search Domain Scan URL
Title: 诚征英才
Search URL Search Domain Scan URL
Title: 保护隐私权
Search URL Search Domain Scan URL
Title: 免责条款
Search URL Search Domain Scan URL
Title: 凤凰卫视介绍
Search URL Search Domain Scan URL
Title: 京ICP证030609号
Search URL Search Domain Scan URL
Title: 视频
Search URL Search Domain Scan URL
Title: 纪实
Search URL Search Domain Scan URL
Title: 直播
Search URL Search Domain Scan URL
Title: 凤凰卫视
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://20240321-6dl.pages.dev/static/js/member.bc25acb4.js Page URL
-
https://20240321-6dl.pages.dev/cdn-cgi/phish-bypass?atok=Uc6JoJ9qmu030bl_h22UXuqNZ8aAVOA4ABVAYVQJLfs-1729646117-0.0.1.1-%2Fstatic%2Fjs%2Fmember.bc25acb4.js
HTTP 301
https://20240321-6dl.pages.dev/static/js/member.bc25acb4.js Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
member.bc25acb4.js
20240321-6dl.pages.dev/static/js/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cf.errors.css
20240321-6dl.pages.dev/cdn-cgi/styles/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-exclamation.png
20240321-6dl.pages.dev/cdn-cgi/images/ |
452 B 635 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
20240321-6dl.pages.dev/ |
4 KB 2 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
member.bc25acb4.js
20240321-6dl.pages.dev/static/js/ Redirect Chain
|
17 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
errorupload-f348bc846f.min.js
x2.ifengimg.com/fe/shank/channel/ |
14 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pc_error.aed4880dd9.css
x2.ifengimg.com/fe/content/404/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core-js.3.32.2.js
x2.ifengimg.com/fe/custom/dll/ |
225 KB 72 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
react.17.0.2.js
x2.ifengimg.com/fe/custom/dll/ |
128 KB 43 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fa.min.js
x0.ifengimg.com/fe/shank/content/2019/0418/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
89c4a615c3d00302ec9a24e714427b46_staytime.js
x0.ifengimg.com/fe/custom/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pc_error.fc44bc5907.js
x2.ifengimg.com/fe/content/404/ |
75 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page.js
stadig.ifeng.com/ |
0 53 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hb
err.ifengcloud.ifeng.com/v1/api/ |
0 140 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.b418be30.jpg
x2.ifengimg.com/fe/content/404/ |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pic01.ce2ebf55.jpg
x2.ifengimg.com/fe/content/404/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
404.89334e26.png
x2.ifengimg.com/fe/content/404/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon.fa7fd315.gif
x2.ifengimg.com/fe/content/404/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gaijin.6555deae.png
x2.ifengimg.com/fe/content/404/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s_11.bd341584.gif
x2.ifengimg.com/fe/content/404/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg001.afaeeb89.gif
x2.ifengimg.com/fe/content/404/ |
231 B 690 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg002.2b91d86f.gif
x2.ifengimg.com/fe/content/404/ |
183 B 642 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BE3E623B8D078F52E11EB1690D8C7E878B150DFB_size94_w800_h400.jpg
d.ifengimg.com/w418_h235_q90/x0.ifengimg.com/ucms/2023_49/ |
40 KB 40 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CF4E484E4287EDB8B085D7F2EED60876014A975A_size424_w800_h400.png
d.ifengimg.com/w418_h235_q90/x0.ifengimg.com/ucms/2023_46/ |
118 KB 118 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4ADEAF54A44202AC9D211060182D20CB2BBA0241_size964_w1080_h540.png
d.ifengimg.com/w418_h235_q90/x0.ifengimg.com/ucms/2023_50/ |
171 KB 171 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0618E45BCBD89B3DE22180B7316F3DCC4C343AA8_size485_w741_h370.png
d.ifengimg.com/w418_h235_q90/x0.ifengimg.com/ucms/2023_50/ |
159 KB 160 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7E9AB5A9A0ED113253B3252EC7F8120FDA9722EE_size108_w1080_h540.jpg
d.ifengimg.com/w418_h235_q90/x0.ifengimg.com/ucms/2023_45/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
y0.ifengimg.com/index/ |
4 KB 4 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
perf
err.ifengcloud.ifeng.com/v1/api/ |
0 140 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
y0.ifengimg.com/index/ |
4 KB 0 |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| bj_config object| BJ_REPORT function| tryJs object| allData object| adKeys number| __apiReportMaxCount function| analytics function| hook function| getFaParams function| analytics_sta_callback object| ifeng_imgLogData string| action object| bj_func_list function| clearImmediate function| setImmediate object| React object| ReactDOM1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.20240321-6dl.pages.dev/ | Name: __cf_mw_byp Value: Uc6JoJ9qmu030bl_h22UXuqNZ8aAVOA4ABVAYVQJLfs-1729646117-0.0.1.1-/static/js/member.bc25acb4.js |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
20240321-6dl.pages.dev
d.ifengimg.com
err.ifengcloud.ifeng.com
stadig.ifeng.com
x0.ifengimg.com
x2.ifengimg.com
y0.ifengimg.com
101.33.11.246
123.57.250.119
170.106.112.116
2408:8763:0:2a2:36::17
240d:c010:139:1::68
2606:4700:310c::ac42:2eea
43.152.28.43
23ef2fbbeda4fa9dba9da39f1bcbeba961a4dba05432a5c616dbd8fd1abea35e
266ea5c2f3a1a1ca8e060cc675627b2f2945671b975cd2dfd986367a72b2b8d5
2719ce905a7cd14b163b4acec41f1cfea2e12cbeabbfa2fa5d459bc1e3aea9c2
2ae12e548ce1946c626c8d7efde28bd99de18a193f03fcfbde1267fba83f3fd0
35de04b7a7bee39f6ca1a2ac241916954cfa993f04447d43ab541c888611a7ea
3ae40b6fdfdc5c70b6712afdf0e1e16873de38aec159b333540cb0d33ca8c0c3
48c052e7ad563d0f9e628933b88415126d5ccc1b67c26c4b7c0b33a2bdee887c
4ed2d3ef630a521b5237e5247ac4e5af4552fd7038aba095591307e0cc2612dd
5778655c22c5a7f14574084b5f499704f66e647a60b4b01b2cd4ea3cc50b1eb7
5db05eae940a28cb77cc3caa9ac8518185a765204e3528863c8f545ad84de526
6044fd4678c40f50c1fd75018f097a8d86fbba77494852bc13c18cd401c226f8
80780005a7325531768152c03eeb0deff779e92f3158836b6079ffc5a0c0d1d5
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
916b49cfcb30d6f8c41999f243a15ce300775d089858b4315fd1f940997bc388
a135bbab7b1ff5f530e9aec7d1a3b0d1e462ea7b8170fa2cffb9df73afcd99cf
a768955c622f1461907db1108947865d928d149409333daf3d97adfe85c4abbc
bb86355b75ba210c40a29e3fb192dfd18933e3b4751b6ae196adb0c29bc58ecb
be2c766e55d9bcf5bad0ff9850b3bd5c60fd66659a7a841644ccda1e6e7b20e7
c090027572445dd0f8c29b0285f1af96ad6d1e35b87461e0021e5d8333a52877
c65ffa858fc1241a857b7753b61c36b78ad8bf978b2f687aa0f71f2598e048a6
d21610c1d24b3d9469459d72782266dc15e7044d1ed32fcda3a3484bcab089e7
d55e83c935462662cfd0cbbc04274a39cef09b85aa0897e783586b6558909dfb
d716e585e0af322803ddb712205dd57506d849512ddc6c36397fbbf68029c835
e226bb22f14d8da8f4f243fa1b92048552815b3adc2e03c3e46f088850d350c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5a49fa578fc12cf848c2d8f6f98ef02ac2229790e4c55bfa5b3d8fb82aa22
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016