cm-hk.top
Open in
urlscan Pro
2606:4700:3035::6815:2dac
Malicious Activity!
Public Scan
Effective URL: https://cm-hk.top/home
Submission: On July 15 via api from CN — Scanned from DE
Summary
TLS certificate: Issued by WE1 on July 12th 2024. Valid for: 3 months.
This is the only time cm-hk.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 22 | 2606:4700:303... 2606:4700:3035::6815:2dac | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42::649 2a04:4e42::649 | 54113 (FASTLY) (FASTLY) | |
1 | 203.142.125.25 203.142.125.25 | 137872 (PEOPLESPH...) (PEOPLESPHONE-HK China Mobile Hong Kong Company Limited) | |
23 | 4 |
ASN137872 (PEOPLESPHONE-HK China Mobile Hong Kong Company Limited, HK)
omniapi.hk.chinamobile.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
cm-hk.top
1 redirects
cm-hk.top |
382 KB |
1 |
chinamobile.com
omniapi.hk.chinamobile.com |
70 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211 |
67 KB |
23 | 3 |
Domain | Requested by | |
---|---|---|
22 | cm-hk.top |
1 redirects
cm-hk.top
|
1 | omniapi.hk.chinamobile.com | |
1 | code.jquery.com |
cm-hk.top
|
23 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.hk.chinamobile.com |
www.hkrma.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
cm-hk.top WE1 |
2024-07-12 - 2024-10-10 |
3 months | crt.sh |
*.jquery.com Sectigo ECC Domain Validation Secure Server CA |
2024-06-25 - 2025-06-25 |
a year | crt.sh |
omniapi.hk.chinamobile.com Thawte TLS RSA CA G1 |
2024-02-14 - 2025-03-08 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://cm-hk.top/home
Frame ID: 93621341F8192F56B2052BCB78C7C061
Requests: 28 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://cm-hk.top/home
HTTP 307
https://cm-hk.top/home Page URL
-
https://cm-hk.top/cdn-cgi/phish-bypass?atok=lPU_4_VcKBqOoG3GEXHraPQd5oMp_P_WSqa_a27OXAM-172103...
HTTP 301
https://cm-hk.top/home Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Nuxt.js (JavaScript Frameworks) Expand
Detected patterns
- /_nuxt/
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://cm-hk.top/home
HTTP 307
https://cm-hk.top/home Page URL
-
https://cm-hk.top/cdn-cgi/phish-bypass?atok=lPU_4_VcKBqOoG3GEXHraPQd5oMp_P_WSqa_a27OXAM-1721034488-0.0.1.1-%2Fhome
HTTP 301
https://cm-hk.top/home Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://cm-hk.top/home HTTP 307
- https://cm-hk.top/home
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
home
cm-hk.top/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cf.errors.css
cm-hk.top/cdn-cgi/styles/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-exclamation.png
cm-hk.top/cdn-cgi/images/ |
452 B 635 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
cm-hk.top/ |
547 B 730 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
home
cm-hk.top/ Redirect Chain
|
547 B 690 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index-b0e7d142.js
cm-hk.top/assets/ |
142 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index-ecd635d7.css
cm-hk.top/assets/ |
33 B 520 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.7.0.slim.js
code.jquery.com/ |
226 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.js
cm-hk.top/bootstrap/js/ |
39 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Root-fc22ecd6.js
cm-hk.top/assets/ |
47 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Loading-c69f61e7.js
cm-hk.top/assets/ |
529 B 838 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
_plugin-vue_export-helper-c27b6911.js
cm-hk.top/assets/ |
91 B 566 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Loading-6b522c1e.css
cm-hk.top/assets/ |
1 KB 918 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Root-6f0d2a7d.css
cm-hk.top/assets/ |
962 KB 269 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Home-a1cd05c6.js
cm-hk.top/assets/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Home-eba6f941.css
cm-hk.top/assets/ |
885 B 823 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
450db212385d3c748e028aa04708c0c0.450db21.ttf
cm-hk.top/_nuxt/fonts/ |
547 B 716 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
check.php
cm-hk.top/php/app/index/ |
186 B 574 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
cm-hk.top/ |
547 B 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
294 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
38ef06561513e711912eb59443a615d5.38ef065.ttf
cm-hk.top/_nuxt/fonts/ |
547 B 723 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6715faa0f747c1b88c4ceecb061917fb.6715faa.ttf
cm-hk.top/_nuxt/fonts/ |
547 B 717 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f8cab25addcf6d31bfd557e7f583eec9.f8cab25.ttf
cm-hk.top/_nuxt/fonts/ |
547 B 718 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ORIGINAL_20230823120708_qy87Sgyz_686x360.png
omniapi.hk.chinamobile.com/upload/images/omni-channel-service-console/preferential/2023-08-23/ |
69 KB 70 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.cm-hk.top/ | Name: __cf_mw_byp Value: lPU_4_VcKBqOoG3GEXHraPQd5oMp_P_WSqa_a27OXAM-1721034488-0.0.1.1-/home |
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cm-hk.top
code.jquery.com
omniapi.hk.chinamobile.com
203.142.125.25
2606:4700:3035::6815:2dac
2a04:4e42::649
1dc424cc10627fef60eaeab1817563c0dc85fe49b83dc1370ef0e3c694acb4aa
297c1c809cbcbdd83e671b2de31c2d8fb0934d95acf29824272e12c27c83ba74
346481fddbff46994f07ecece698a972736476b1b141a37b7ea50cffb2d892b7
5ac4bf9d56709244db857defc5d7f6f0105a376f4dffa4942e22ff4d93bc1aa6
6b522c1ee41d84477750762dc3bf51daa323c081aab3176f1ba21f3006cd9ef4
6f0d2a7de075231a9369935998dcbeca0718548bf24f769a80393a2a66454dd6
7dde181eb2215eb29c46301d73825ac4ddd20efad7b08e4a048ed19ce0fcb4af
806d9d19d1debecdafdc7bdfbabb9eab0c3b204867ce0d920f28b09bf904bb6a
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
9a4ff5147b44c4caa3ce5ee75f9c17e2cd4a024e7b2a9afa5be0691779fd3482
9d5b55db5bf604e073d68195a460347ed76e81aef10856434ea2cbf15ceb1f3f
9e6a63e7a906d1c6c546c2ddde1fd756d46abada4ec06d645e999dfc87242db1
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a29e18233e1a76a6d0009b1fb7db727cc3f78d9466a534c9429953d4d2ba91a0
cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa
d726d850ab857e1b5b747aa982f688484427ebf080249f8ad85022db4a490176
de0d8cb723dedffeb347d0a145d4382d5e63fea39fae450b109c6860040da5dd
e0ba3b2fa48d5460c4085f002157001a049542be39e4edf3a25af550749c82a2
eba6f94114465cce197c89c21872a8ca8800b103a5c46da2e722f03470e87a8e
ec63be8dea53f6025ef4b0785c57fcb2754e8d7de260d6f414762be4b2353797
ecd635d74e6cb1486670df6063607783dde506374f7751916b8739bfcabb123f
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016