cs24163.kfg831.net
Open in
urlscan Pro
20.239.77.53
Public Scan
URL:
https://cs24163.kfg831.net/
Submission Tags: phishingrod
Submission: On August 12 via api from DE — Scanned from DE
Submission Tags: phishingrod
Submission: On August 12 via api from DE — Scanned from DE
Summary
This website contacted 1 IPs
in 1 countries
across 1 domains to perform 12 HTTP transactions.
The main IP is 20.239.77.53, located in
Hong Kong, Hong Kong and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US.
The main domain is cs24163.kfg831.net.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on August 12th 2023. Valid for: 3 months.
This is the only time cs24163.kfg831.net was scanned on urlscan.io!
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on August 12th 2023. Valid for: 3 months.
This is the only time cs24163.kfg831.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 12 | 20.239.77.53 20.239.77.53 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 12 | 1 |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 12 |
kfg831.net
cs24163.kfg831.net |
116 KB |
| 12 | 1 |
| Domain | Requested by | |
|---|---|---|
| 12 | cs24163.kfg831.net |
cs24163.kfg831.net
|
| 12 | 1 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| cs24163.kfg831.net ZeroSSL RSA Domain Secure Site CA |
2023-08-12 - 2023-11-10 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://cs24163.kfg831.net/
Frame ID: F277FED553F3DC3F3D66D75FA7EC2A45
Requests: 2 HTTP requests in this frame
Frame:
https://cs24163.kfg831.net/app/control/
Frame ID: BD615C053067D2569C95C8BB6C25C15C
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
welcomePage URL History Show full URLs
- https://cs24163.kfg831.net/ Page URL
- https://cs24163.kfg831.net/ Page URL
Detected technologies
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://cs24163.kfg831.net/ Page URL
- https://cs24163.kfg831.net/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
cs24163.kfg831.net/ |
973 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
/
cs24163.kfg831.net/ |
872 B 883 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
cs24163.kfg831.net/app/control/ Frame BD61 |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login.css
cs24163.kfg831.net/css/ Frame BD61 |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.7.2.min.js
cs24163.kfg831.net/js/ Frame BD61 |
93 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
seccode.php
cs24163.kfg831.net/ Frame BD61 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login_newyear.jpg
cs24163.kfg831.net/css/images/login/ Frame BD61 |
61 KB 61 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login_l.png
cs24163.kfg831.net/css/images/login/ Frame BD61 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login_r.png
cs24163.kfg831.net/css/images/login/ Frame BD61 |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login_btn.png
cs24163.kfg831.net/css/images/login/ Frame BD61 |
188 B 508 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ico_mobile.png
cs24163.kfg831.net/css/images/login/ Frame BD61 |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ico_aplus.png
cs24163.kfg831.net/css/images/login/ Frame BD61 |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 number| uid2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| cs24163.kfg831.net/ | Name: antscdn_waf_cookie6 Value: 2568603950 |
|
| cs24163.kfg831.net/ | Name: PHPSESSID Value: f1b7dc3f8539d2ccb8da2dee9f33882c |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=63072000; includeSubdomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cs24163.kfg831.net
20.239.77.53
001cb6c08f9d03d50016754d5353f56ed4da4d63ceed06d6b31b4b3efd7119de
2d8610a03c2b34810a3e63e1a9d374d58768408e94f8e59bdebb3d6ce828c424
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
544f1448d83405c549c7e5293733fe4e67b6a686ea44d5c501629aa3a26e641b
58b718fdf19aa4f8042fa1d508a80e435e6eb61ef99f5c78dc49ae3dd4e02bba
66a1532f43fa55a757e9d71ae2df5cc210e77f0cad87094df92b0cc624a7a181
784c6057c054a3f05875758e21774ba0b29c2173dedca95796608ce642069ae4
81fa7036011137b08bd413a81cc12472bbd84886b33fb7ac9f909a7658cd40f2
8523f9571035298655440c37dec1a99d770bb250fa28fa3f3c5b459301aae7a2
bf6963aad1889605c43b117bcdeccc0ca05417a177debebb6e3bddd50f894aa5
c05a467a44026ee49362db714bff9d985148ee64615309dba893d5085d3b323d
f89216a3a21bf380b3d2d4e1473739ac15fe06862a3b2001add0314c2c034242