kghcv.aafvoyw.cn Open in urlscan Pro
155.94.182.56 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kghcv.aafvoyw.cn/mobile/index.php?openid.pape.max_auth_age=0&openid.return_to=https://www.smbc.co.jp/?ref_=nav_em...
Submission: On June 21 via automatic, source openphish (June 21st 2022, 1:12:53 pm UTC) — Scanned from DE

Summary HTTP 24 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 24 HTTP transactions. The main IP is 155.94.182.56, located in Los Angeles, United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is kghcv.aafvoyw.cn.
TLS certificate: Issued by R3 on June 20th 2022. Valid for: 3 months.

This is the only time kghcv.aafvoyw.cn was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SMBC (Financial)

Domain & IP information

	IP Address	AS Autonomous System
21	155.94.182.56 155.94.182.56	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
1	3.114.31.20 3.114.31.20	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:7200:1e:a5f1:c880:93a1	16509 (AMAZON-02) (AMAZON-02)
24	4

21 155.94.182.56 (Los Angeles, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: unassigned.quadranet.com

kghcv.aafvoyw.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.114.31.20 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-31-20.ap-northeast-1.compute.amazonaws.com

cv.gunosy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:7200:1e:a5f1:c880:93a1 (United States)

ASN16509 (AMAZON-02, US)

tr.gunosy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	aafvoyw.cn kghcv.aafvoyw.cn	78 KB
2	gunosy.com cv.gunosy.com — Cisco Umbrella Rank: 205445 tr.gunosy.com — Cisco Umbrella Rank: 148399	630 B
0	Failed function sub() { [native code] }. Failed
24	3

	Domain	Requested by
21	kghcv.aafvoyw.cn	kghcv.aafvoyw.cn
1	tr.gunosy.com	kghcv.aafvoyw.cn
1	cv.gunosy.com	kghcv.aafvoyw.cn
0	mhtml.blink Failed	kghcv.aafvoyw.cn
24	4

This site contains links to these domains. Also see Links.

Domain
www.smbc-card.com
mall.smbc-card.com
qa.smbc-card.com

Subject Issuer	Validity	Valid
kghcv.aafvoyw.cn R3	`2022-06-20` - `2022-09-18`	3 months	crt.sh
gunosy.com Amazon	`2021-12-16` - `2023-01-14`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://kghcv.aafvoyw.cn/mobile/index.php?openid.pape.max_auth_age=0&openid.return_to=https://www.smbc.co.jp/?ref_=nav_em_hd_re_signin&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.ns=http://specs.openid.net/auth/2.0&&ref_=nav_em_hd_clc_signinhttps://www.smbc.co.jp
Frame ID: 9F56AF1987E71A356AC6068F4DC34530
Requests: 23 HTTP requests in this frame

Frame: cid://frame-43-b0835366-12ef-4435-8ecf-3906268b7945@mhtml.blink
Frame ID: B27E544A336D54D94BAE477280C9857D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

三井住友VISAカード

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

24
Requests

96 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

79 kB
Transfer

281 kB
Size

2
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: https://www.smbc-card.com/memx/sp/web_meisai/top/index.html
Title: ご利用明細を確認する

			Domain/Path	Expires	Name / Value
			kghcv.aafvoyw.cn/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7rfnbkdmp63lk8dsu6fkp02p1m
			.gunosy.com/	1970-01-20 21:29:35	Name: __guk Value: 4e9244ff-adf7-488f-8faf-11381746f40b

Source	Level	URL Text
network	error	URL: https://kghcv.aafvoyw.cn/common/dynamic/memx/img/sp/space.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kghcv.aafvoyw.cn/static/responsive/img/mem/icon_button_self.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kghcv.aafvoyw.cn/static/responsive/img/mem/icon_right_chevron.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kghcv.aafvoyw.cn/static/responsive/img/mem/icon_info.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kghcv.aafvoyw.cn/static/responsive/img/mem/icon_popup.svg Message: Failed to load resource: the server responded with a status of 404 ()

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.php Show response kghcv.aafvoyw.cn/mobile/	46 KB 8 KB	1742ms 835ms	Document text/html	155.94.182.56 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://kghcv.aafvoyw.cn/mobile/index.php?openid.pape.max_auth_age=0&openid.return_to=https://www.smbc.co.jp/?ref_=nav_em_hd_re_signin&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.ns=http://specs.openid.net/auth/2.0&&ref_=nav_em_hd_clc_signinhttps://www.smbc.co.jp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.182.56 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Apache / Resource Hash `e652620a3f82cae282a6450f0be8245ecbbf5a4295938273a9834557729a14a4` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 8389 content-type text/html; charset=UTF-8 date Tue, 21 Jun 2022 13:12:49 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Apache vary Accept-Encoding
GET H2	200	dynamic_import.css kghcv.aafvoyw.cn/mobile/css/	655 B 301 B	179ms 179ms	Stylesheet text/css	155.94.182.56 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css Requested by Host: kghcv.aafvoyw.cn URL: https://kghcv.aafvoyw.cn/mobile/index.php?openid.pape.max_auth_age=0&openid.return_to=https://www.smbc.co.jp/?ref_=nav_em_hd_re_signin&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.ns=http://specs.openid.net/auth/2.0&&ref_=nav_em_hd_clc_signinhttps://www.smbc.co.jp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.182.56 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Apache / Resource Hash `f05858e401e238b9cb713d48dcbf0d5b1f2bc3a9f762bf691add9451711fc26c` Request headers accept-language de-DE,de;q=0.9 Referer https://kghcv.aafvoyw.cn/mobile/index.php?openid.pape.max_auth_age=0&openid.return_to=https://www.smbc.co.jp/?ref_=nav_em_hd_re_signin&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.ns=http://specs.openid.net/auth/2.0&&ref_=nav_em_hd_clc_signinhttps://www.smbc.co.jp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 13:12:50 GMT content-encoding gzip last-modified Sat, 05 Sep 2020 06:51:18 GMT server Apache etag "28f-5ae8b698ba580-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 190
GET H2	200	all_index.css kghcv.aafvoyw.cn/mobile/css/	4 KB 1 KB	179ms 179ms	Stylesheet text/css	155.94.182.56 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://kghcv.aafvoyw.cn/mobile/css/all_index.css Requested by Host: kghcv.aafvoyw.cn URL: https://kghcv.aafvoyw.cn/mobile/index.php?openid.pape.max_auth_age=0&openid.return_to=https://www.smbc.co.jp/?ref_=nav_em_hd_re_signin&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.ns=http://specs.openid.net/auth/2.0&&ref_=nav_em_hd_clc_signinhttps://www.smbc.co.jp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.182.56 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Apache / Resource Hash `3f837482f5cdbcee45e935e2359cff831bf4acb3dfa80c146c1fd17f012080d5` Request headers accept-language de-DE,de;q=0.9 Referer https://kghcv.aafvoyw.cn/mobile/index.php?openid.pape.max_auth_age=0&openid.return_to=https://www.smbc.co.jp/?ref_=nav_em_hd_re_signin&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.ns=http://specs.openid.net/auth/2.0&&ref_=nav_em_hd_clc_signinhttps://www.smbc.co.jp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 13:12:50 GMT content-encoding gzip last-modified Sat, 05 Sep 2020 06:51:18 GMT server Apache etag "102e-5ae8b698ba580-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1276
GET H2	200	smbcline.png kghcv.aafvoyw.cn/mobile/img/	5 KB 5 KB	180ms 178ms	Image image/png	155.94.182.56 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://kghcv.aafvoyw.cn/mobile/img/smbcline.png Requested by Host: kghcv.aafvoyw.cn URL: https://kghcv.aafvoyw.cn/mobile/index.php?openid.pape.max_auth_age=0&openid.return_to=https://www.smbc.co.jp/?ref_=nav_em_hd_re_signin&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.ns=http://specs.openid.net/auth/2.0&&ref_=nav_em_hd_clc_signinhttps://www.smbc.co.jp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.182.56 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Apache / Resource Hash `e2e1fd78b20919da3e5d1bb6ba4489cd3aad399bd2cfd393cf0ec714efa606f5` Request headers accept-language de-DE,de;q=0.9 Referer https://kghcv.aafvoyw.cn/mobile/index.php?openid.pape.max_auth_age=0&openid.return_to=https://www.smbc.co.jp/?ref_=nav_em_hd_re_signin&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.ns=http://specs.openid.net/auth/2.0&&ref_=nav_em_hd_clc_signinhttps://www.smbc.co.jp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 13:12:50 GMT last-modified Sat, 05 Sep 2020 06:51:18 GMT server Apache accept-ranges bytes etag "1533-5ae8b698ba580" content-length 5427 content-type image/png
GET H2	200	dh.png kghcv.aafvoyw.cn/mobile/index_files/	19 KB 19 KB	179ms 178ms	Image image/png	155.94.182.56 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://kghcv.aafvoyw.cn/mobile/index_files/dh.png Requested by Host: kghcv.aafvoyw.cn URL: https://kghcv.aafvoyw.cn/mobile/index.php?openid.pape.max_auth_age=0&openid.return_to=https://www.smbc.co.jp/?ref_=nav_em_hd_re_signin&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.ns=http://specs.openid.net/auth/2.0&&ref_=nav_em_hd_clc_signinhttps://www.smbc.co.jp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.182.56 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Apache / Resource Hash `bc6f6fdebc956feb6308fd53cad43f6bdfbc0b831d882bcd82bf591a8d8ec199` Request headers accept-language de-DE,de;q=0.9 Referer https://kghcv.aafvoyw.cn/mobile/index.php?openid.pape.max_auth_age=0&openid.return_to=https://www.smbc.co.jp/?ref_=nav_em_hd_re_signin&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.ns=http://specs.openid.net/auth/2.0&&ref_=nav_em_hd_clc_signinhttps://www.smbc.co.jp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 13:12:50 GMT last-modified Sat, 05 Sep 2020 06:51:18 GMT server Apache accept-ranges bytes etag "4c77-5ae8b698ba580" content-length 19575 content-type image/png
GET H2	200	impression cv.gunosy.com/lp/	43 B 221 B	805ms 243ms	Image image/gif	3.114.31.20 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cv.gunosy.com/lp/impression?cid=&tid=1565941832-2&sid=af46b3c7-3024-447a-b05b-59580ae5341a Requested by Host: kghcv.aafvoyw.cn URL: https://kghcv.aafvoyw.cn/mobile/index.php?openid.pape.max_auth_age=0&openid.return_to=https://www.smbc.co.jp/?ref_=nav_em_hd_re_signin&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.ns=http://specs.openid.net/auth/2.0&&ref_=nav_em_hd_clc_signinhttps://www.smbc.co.jp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.114.31.20 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-114-31-20.ap-northeast-1.compute.amazonaws.com Software istio-envoy / Resource Hash `b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b` Request headers accept-language de-DE,de;q=0.9 Referer https://kghcv.aafvoyw.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 13:12:50 GMT x-envoy-decorator-operation avocad-api-ee7e9e5c.ads-api.svc.cluster.local:30000/* x-envoy-upstream-service-time 0 server istio-envoy content-length 43 vary Origin content-type image/gif
GET H2	200	beacon tr.gunosy.com/v1/	43 B 409 B	759ms 690ms	Image image/gif	2600:9000:223c:7200:1e:a5f1:c880:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tr.gunosy.com/v1/beacon?tag_id=3061 Requested by Host: kghcv.aafvoyw.cn URL: https://kghcv.aafvoyw.cn/mobile/index.php?openid.pape.max_auth_age=0&openid.return_to=https://www.smbc.co.jp/?ref_=nav_em_hd_re_signin&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.ns=http://specs.openid.net/auth/2.0&&ref_=nav_em_hd_clc_signinhttps://www.smbc.co.jp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:7200:1e:a5f1:c880:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software envoy / Resource Hash `b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b` Request headers accept-language de-DE,de;q=0.9 Referer https://kghcv.aafvoyw.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 13:12:50 GMT via 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront) server envoy x-amz-cf-pop FRA56-P2 x-cache Miss from cloudfront content-type image/gif x-envoy-upstream-service-time 0 content-length 43 x-amz-cf-id s1-wYfgtSwhW7FCZgvul1ZBU2HFGTQrLerY1GHUabjdbP3p0NykZ9g==
GET H2	200	_reset.css kghcv.aafvoyw.cn/mobile/css/	788 B 451 B	194ms 192ms	Stylesheet text/css	155.94.182.56 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://kghcv.aafvoyw.cn/mobile/css/_reset.css Requested by Host: kghcv.aafvoyw.cn URL: https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.182.56 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Apache / Resource Hash `be06a46fa2532edf366bde01a5724360cdb41da634ef3d418a64869476a97a77` Request headers accept-language de-DE,de;q=0.9 Referer https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 13:12:50 GMT content-encoding gzip last-modified Sat, 05 Sep 2020 06:51:18 GMT server Apache etag "314-5ae8b698ba580-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 397
GET H2	200	_header.css kghcv.aafvoyw.cn/mobile/css/	28 KB 5 KB	194ms 193ms	Stylesheet text/css	155.94.182.56 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://kghcv.aafvoyw.cn/mobile/css/_header.css Requested by Host: kghcv.aafvoyw.cn URL: https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.182.56 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Apache / Resource Hash `17702549c3bf97345790bd931371e5f325db9f103479dc2b22c53a2ac8566956` Request headers accept-language de-DE,de;q=0.9 Referer https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 13:12:50 GMT content-encoding gzip last-modified Sat, 05 Sep 2020 06:51:18 GMT server Apache etag "6ef6-5ae8b698ba580-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 5451
GET H2	200	_footer.css kghcv.aafvoyw.cn/mobile/css/	4 KB 1 KB	195ms 193ms	Stylesheet text/css	155.94.182.56 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://kghcv.aafvoyw.cn/mobile/css/_footer.css Requested by Host: kghcv.aafvoyw.cn URL: https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.182.56 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Apache / Resource Hash `53542b7eec6f0fffb579b0e3bb25f471a9d78480f8c816efe24b16dd1c6ba99d` Request headers accept-language de-DE,de;q=0.9 Referer https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 13:12:50 GMT content-encoding gzip last-modified Sat, 05 Sep 2020 06:51:18 GMT server Apache etag "1019-5ae8b698ba580-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1152
GET H2	200	_menu.css kghcv.aafvoyw.cn/mobile/css/	21 KB 4 KB	195ms 193ms	Stylesheet text/css	155.94.182.56 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://kghcv.aafvoyw.cn/mobile/css/_menu.css Requested by Host: kghcv.aafvoyw.cn URL: https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.182.56 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Apache / Resource Hash `b440fe1a59f55262ad1993971df4face597949339e8c7c12e01989eeec6f55a0` Request headers accept-language de-DE,de;q=0.9 Referer https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 13:12:50 GMT content-encoding gzip last-modified Sat, 05 Sep 2020 06:51:18 GMT server Apache etag "53f5-5ae8b698ba580-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 4393
GET H2	200	_search.css kghcv.aafvoyw.cn/mobile/css/	8 KB 2 KB	195ms 193ms	Stylesheet text/css	155.94.182.56 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://kghcv.aafvoyw.cn/mobile/css/_search.css Requested by Host: kghcv.aafvoyw.cn URL: https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.182.56 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Apache / Resource Hash `6353677b503c30ce5f0b629260eb705c29b698bf31868bfd0963c88cd5d9aa31` Request headers accept-language de-DE,de;q=0.9 Referer https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 13:12:50 GMT content-encoding gzip last-modified Sat, 05 Sep 2020 06:51:18 GMT server Apache etag "2007-5ae8b698ba580-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 2182
GET H2	200	_contents.css kghcv.aafvoyw.cn/mobile/css/	114 KB 21 KB	195ms 193ms	Stylesheet text/css	155.94.182.56 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://kghcv.aafvoyw.cn/mobile/css/_contents.css Requested by Host: kghcv.aafvoyw.cn URL: https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.182.56 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Apache / Resource Hash `31eaa2eb811a4d599ede08e7cea4fdc2f5ef69177393e7cc45c998b414932b1c` Request headers accept-language de-DE,de;q=0.9 Referer https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 13:12:50 GMT content-encoding gzip last-modified Sat, 05 Sep 2020 06:51:18 GMT server Apache etag "1c676-5ae8b698ba580-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 21722
GET H2	200	_common.css kghcv.aafvoyw.cn/mobile/css/	13 KB 3 KB	378ms 377ms	Stylesheet text/css	155.94.182.56 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://kghcv.aafvoyw.cn/mobile/css/_common.css Requested by Host: kghcv.aafvoyw.cn URL: https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.182.56 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Apache / Resource Hash `05c961320fbf5c0f08ae7c61077d24e1e9c3a897faa3ef0dcd205bc5539b0a18` Request headers accept-language de-DE,de;q=0.9 Referer https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 13:12:50 GMT content-encoding gzip last-modified Sat, 05 Sep 2020 06:51:18 GMT server Apache etag "328d-5ae8b698ba580-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 2853
GET H2	200	picker.default.css kghcv.aafvoyw.cn/mobile/css/	4 KB 1 KB	376ms 375ms	Stylesheet text/css	155.94.182.56 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://kghcv.aafvoyw.cn/mobile/css/picker.default.css Requested by Host: kghcv.aafvoyw.cn URL: https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.182.56 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Apache / Resource Hash `e6762419ceae59c0d172eb1de4dc14e83f27bd43f884f8bd8a0d8e9aa32f7dc7` Request headers accept-language de-DE,de;q=0.9 Referer https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 13:12:50 GMT content-encoding gzip last-modified Sat, 05 Sep 2020 06:51:18 GMT server Apache etag "f28-5ae8b698ba580-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1203
GET H2	200	picker.default.date.css kghcv.aafvoyw.cn/mobile/css/	6 KB 1 KB	374ms 373ms	Stylesheet text/css	155.94.182.56 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://kghcv.aafvoyw.cn/mobile/css/picker.default.date.css Requested by Host: kghcv.aafvoyw.cn URL: https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.182.56 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Apache / Resource Hash `cd6afec6b81472b7c56ac1873d930f83672378c1295d861bfdea0cdb322835bf` Request headers accept-language de-DE,de;q=0.9 Referer https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 13:12:50 GMT content-encoding gzip last-modified Sat, 05 Sep 2020 06:51:18 GMT server Apache etag "17c7-5ae8b698ba580-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1361
GET H2	200	magnific-popup.css kghcv.aafvoyw.cn/mobile/css/	7 KB 2 KB	379ms 378ms	Stylesheet text/css	155.94.182.56 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://kghcv.aafvoyw.cn/mobile/css/magnific-popup.css Requested by Host: kghcv.aafvoyw.cn URL: https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.182.56 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Apache / Resource Hash `73c3a54c2bead0f2b0ddd5ce795ad2dbcd3d53ea4f1f4f0727c9a12db9cc7199` Request headers accept-language de-DE,de;q=0.9 Referer https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 13:12:50 GMT content-encoding gzip last-modified Sat, 05 Sep 2020 06:51:18 GMT server Apache etag "1b7e-5ae8b698ba580-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1820
GET H2	200	__grid_paging.css kghcv.aafvoyw.cn/mobile/css/	0 67 B	379ms 379ms	Stylesheet text/css	155.94.182.56 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://kghcv.aafvoyw.cn/mobile/css/__grid_paging.css Requested by Host: kghcv.aafvoyw.cn URL: https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.182.56 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Apache / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://kghcv.aafvoyw.cn/mobile/css/dynamic_import.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 13:12:50 GMT last-modified Thu, 06 Aug 2020 13:41:06 GMT server Apache accept-ranges bytes etag "0-5ac35a3dd8080" content-length 0 content-type text/css
GET H2	404	space.png kghcv.aafvoyw.cn/common/dynamic/memx/img/sp/	263 B 263 B	178ms 178ms	Image text/html	155.94.182.56 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Show image Full URL https://kghcv.aafvoyw.cn/common/dynamic/memx/img/sp/space.png Requested by Host: kghcv.aafvoyw.cn URL: https://kghcv.aafvoyw.cn/mobile/css/_contents.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 155.94.182.56 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS unassigned.quadranet.com Software Apache / Resource Hash `e08ead881ad86195c3137d6aa39e401263719e6b843bb914a4a153f98bb998ea` Request headers accept-language de-DE,de;q=0.9 Referer https://kghcv.aafvoyw.cn/mobile/css/_contents.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 13:12:50 GMT server Apache content-length 263 content-type text/html; charset=iso-8859-1
GET		frame-43-b0835366-12ef-4435-8ecf-3906268b7945@mhtml.blink / Frame B27E	0 0

kghcv.aafvoyw.cn Open in urlscan Pro 155.94.182.56 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

24 Requests

96 %HTTPS

33 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

79 kBTransfer

281 kBSize

2 Cookies

37 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

2 Cookies

5 Console Messages

Indicators

kghcv.aafvoyw.cn Open in urlscan Pro
155.94.182.56 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

96 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

79 kB
Transfer

281 kB
Size

2
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!