i45e33cs2qcp23.cg7.co Open in urlscan Pro
2606:4700:4400::ac40:983f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://i45e33cs2qcp23.cg7.co/
Submission Tags: phishingrod
Submission: On November 27 via api (November 27th 2023, 2:28:30 am UTC) from DE — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 2606:4700:4400::ac40:983f, located in United States and belongs to CLOUDFLARENET, US. The main domain is i45e33cs2qcp23.cg7.co.
TLS certificate: Issued by E1 on November 27th 2023. Valid for: 3 months.

This is the only time i45e33cs2qcp23.cg7.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
4	2606:4700:440... 2606:4700:4400::ac40:983f		13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2

4 2606:4700:4400::ac40:983f (United States)

ASN13335 (CLOUDFLARENET, US)

i45e33cs2qcp23.cg7.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	cg7.co i45e33cs2qcp23.cg7.co	110 KB
10	1

	Domain	Requested by
4	i45e33cs2qcp23.cg7.co	i45e33cs2qcp23.cg7.co
10	1

This site contains no links.

Subject Issuer	Validity	Valid
i45e33cs2qcp23.cg7.co E1	`2023-11-27` - `2024-02-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://i45e33cs2qcp23.cg7.co/
Frame ID: 00585ACAFCE0C4B873C09C3ACFEBE37C
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WG后台管理系统

Page Statistics

10
Requests

40 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

110 kB
Transfer

369 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response i45e33cs2qcp23.cg7.co/	493 B 512 B	15987ms 15872ms	Document text/html	2606:4700:4400::ac40:983f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://i45e33cs2qcp23.cg7.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:983f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8bcb11f4492e9ab8b20552bd1c7463f4e5ef1547dd5e28719100b24c06ae0823` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 82c6ef0a2afb5bf9-FRA content-encoding gzip content-type text/html; charset=utf-8 date Mon, 27 Nov 2023 02:28:00 GMT last-modified Sun, 26 Nov 2023 10:21:58 GMT server cloudflare
GET H2	200	runtime~main.0585ffcbbdf6afdb3bd8.js Show response i45e33cs2qcp23.cg7.co/static/	50 KB 12 KB	15976ms 15975ms	Script application/javascript	2606:4700:4400::ac40:983f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://i45e33cs2qcp23.cg7.co/static/runtime~main.0585ffcbbdf6afdb3bd8.js Requested by Host: i45e33cs2qcp23.cg7.co URL: https://i45e33cs2qcp23.cg7.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:983f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d9323e17abd1466945b90a7ba69bbddd094a85bf9b038bc4f2c1a9d3e8fb6175` Request headers accept-language de-DE,de;q=0.9 Referer https://i45e33cs2qcp23.cg7.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 02:28:16 GMT content-encoding gzip cf-cache-status MISS last-modified Sun, 26 Nov 2023 10:21:58 GMT server cloudflare etag W/"65631c46-c9a0" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=315360000 cf-ray 82c6ef6d699e5bf9-FRA expires Thu, 24 Nov 2033 02:28:16 GMT
GET H2	200	main.d419d441f59767698a47.js Show response i45e33cs2qcp23.cg7.co/static/	5 KB 2 KB	15997ms 15997ms	Script application/javascript	2606:4700:4400::ac40:983f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://i45e33cs2qcp23.cg7.co/static/main.d419d441f59767698a47.js Requested by Host: i45e33cs2qcp23.cg7.co URL: https://i45e33cs2qcp23.cg7.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:983f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7a71c1403b61d2e8baae8b0211cb8d2841ccbcd4427e3c57e55fa69ec0e958b9` Request headers accept-language de-DE,de;q=0.9 Referer https://i45e33cs2qcp23.cg7.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 02:28:16 GMT content-encoding gzip cf-cache-status MISS last-modified Sun, 26 Nov 2023 10:21:58 GMT server cloudflare etag W/"65631c46-1215" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=315360000 cf-ray 82c6ef6d699f5bf9-FRA expires Thu, 24 Nov 2033 02:28:16 GMT
GET		chunk-saas-common.385e1e95ac4c043a0abe.css i45e33cs2qcp23.cg7.co/static/	0 0

GET		chunk-saas-common.3ebe8dd27c9768ad9950.js i45e33cs2qcp23.cg7.co/static/	0 0

GET H2	200	chunk-element-ui.6bf0393d54c2e7f595b2.css i45e33cs2qcp23.cg7.co/static/	314 KB 96 KB	780ms 780ms	Stylesheet text/css	2606:4700:4400::ac40:983f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://i45e33cs2qcp23.cg7.co/static/chunk-element-ui.6bf0393d54c2e7f595b2.css Requested by Host: i45e33cs2qcp23.cg7.co URL: https://i45e33cs2qcp23.cg7.co/static/runtime~main.0585ffcbbdf6afdb3bd8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:983f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `158d7fd5e60b6ae8b8e2412ea60c956a7f6299bf526b659c63bae1f7f2ff1f65` Request headers accept-language de-DE,de;q=0.9 Referer https://i45e33cs2qcp23.cg7.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 02:28:16 GMT content-encoding gzip cf-cache-status MISS last-modified Sun, 26 Nov 2023 10:21:58 GMT server cloudflare etag W/"65631c46-4e6f2" vary Accept-Encoding content-type text/css cache-control public, max-age=315360000 cf-ray 82c6efd16f7a5bf9-FRA expires Thu, 24 Nov 2033 02:28:16 GMT
GET		chunk-element-ui.b50c44e5062910f9d045.js i45e33cs2qcp23.cg7.co/static/	0 0

GET		vendors-node_modules_dhdbstjr98_gif_js_dist_gif_js-node_modules_vue_babel-helper-vue-jsx-merg-be5b05.b41d8a836daa6bec5991.js i45e33cs2qcp23.cg7.co/static/	0 0

GET		main-async.47f6e681d6821657a39c.css i45e33cs2qcp23.cg7.co/static/	0 0

GET		main-async.2efb1743ff38b6ce326b.js i45e33cs2qcp23.cg7.co/static/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i45e33cs2qcp23.cg7.co
URL: https://i45e33cs2qcp23.cg7.co/static/chunk-saas-common.385e1e95ac4c043a0abe.css

Domain: i45e33cs2qcp23.cg7.co
URL: https://i45e33cs2qcp23.cg7.co/static/chunk-saas-common.3ebe8dd27c9768ad9950.js

Domain: i45e33cs2qcp23.cg7.co
URL: https://i45e33cs2qcp23.cg7.co/static/chunk-element-ui.b50c44e5062910f9d045.js

Domain: i45e33cs2qcp23.cg7.co
URL: https://i45e33cs2qcp23.cg7.co/static/vendors-node_modules_dhdbstjr98_gif_js_dist_gif_js-node_modules_vue_babel-helper-vue-jsx-merg-be5b05.b41d8a836daa6bec5991.js

Domain: i45e33cs2qcp23.cg7.co
URL: https://i45e33cs2qcp23.cg7.co/static/main-async.47f6e681d6821657a39c.css

Domain: i45e33cs2qcp23.cg7.co
URL: https://i45e33cs2qcp23.cg7.co/static/main-async.2efb1743ff38b6ce326b.js

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| webpackChunkuniverse_backcenter_web

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

i45e33cs2qcp23.cg7.co
i45e33cs2qcp23.cg7.co
2606:4700:4400::ac40:983f
158d7fd5e60b6ae8b8e2412ea60c956a7f6299bf526b659c63bae1f7f2ff1f65
7a71c1403b61d2e8baae8b0211cb8d2841ccbcd4427e3c57e55fa69ec0e958b9
8bcb11f4492e9ab8b20552bd1c7463f4e5ef1547dd5e28719100b24c06ae0823
d9323e17abd1466945b90a7ba69bbddd094a85bf9b038bc4f2c1a9d3e8fb6175

i45e33cs2qcp23.cg7.co Open in urlscan Pro 2606:4700:4400::ac40:983f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

40 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

110 kBTransfer

369 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

i45e33cs2qcp23.cg7.co Open in urlscan Pro
2606:4700:4400::ac40:983f Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

40 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

110 kB
Transfer

369 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions