k-auth.aiyu.fun Open in urlscan Pro
146.56.47.115 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://k-auth.aiyu.fun/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On October 22 via api (October 22nd 2024, 8:00:31 am UTC) from IT — Scanned from IT

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 12 HTTP transactions. The main IP is 146.56.47.115, located in Seoul, Korea, Republic Of and belongs to ORACLE-BMC-31898, US. The main domain is k-auth.aiyu.fun.
TLS certificate: Issued by E6 on October 21st 2024. Valid for: 3 months.

This is the only time k-auth.aiyu.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	146.56.47.115 146.56.47.115	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2	185.199.110.153 185.199.110.153	54113 (FASTLY) (FASTLY)
1	163.181.92.179 163.181.92.179	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
12	3

9 146.56.47.115 (Seoul, Korea, Republic Of)

ASN31898 (ORACLE-BMC-31898, US)

k-auth.aiyu.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.199.110.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-110-153.github.com

cdn.casbin.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.92.179 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

cdn.casdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	aiyu.fun k-auth.aiyu.fun	1 MB
2	casbin.org cdn.casbin.org — Cisco Umbrella Rank: 900612	71 KB
1	casdoor.com cdn.casdoor.com	38 KB
12	3

	Domain	Requested by
9	k-auth.aiyu.fun	k-auth.aiyu.fun
2	cdn.casbin.org
1	cdn.casdoor.com
12	3

This site contains no links.

Subject Issuer	Validity	Valid
k-auth.aiyu.fun E6	`2024-10-21` - `2025-01-19`	3 months	crt.sh
cdn.casbin.org R11	`2024-09-05` - `2024-12-04`	3 months	crt.sh
*.casdoor.com R10	`2024-08-01` - `2024-10-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://k-auth.aiyu.fun/
Frame ID: 1BE6F0B8D241FE14B5BA2810253A5C1B
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Casdoor

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

1327 kB
Transfer

6877 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response k-auth.aiyu.fun/	760 B 717 B	3423ms 748ms	Document text/html	146.56.47.115 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://k-auth.aiyu.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.56.47.115 Seoul, Korea, Republic Of, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software Caddy beegoServer:1.12.3 / Resource Hash `37e886ef6cfee560ed501eddfb1ee1b804017c2dd9a35c84a63c683ec9ca84ca` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-encoding gzip content-length 471 content-type text/html; charset=utf-8 date Tue, 22 Oct 2024 07:59:49 GMT last-modified Sun, 20 Oct 2024 12:25:37 GMT server Caddy beegoServer:1.12.3
GET H2	200	main.a04ab87b.js Show response k-auth.aiyu.fun/static/js/	3 MB 741 KB	2220ms 2215ms	Script application/javascript	146.56.47.115 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://k-auth.aiyu.fun/static/js/main.a04ab87b.js Requested by Host: k-auth.aiyu.fun URL: https://k-auth.aiyu.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.56.47.115 Seoul, Korea, Republic Of, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software Caddy, beegoServer:1.12.3 / Resource Hash `d975e26da0b1ee97225d8ef449d8925f184718fd7070122f74fae6e308ebf17d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://k-auth.aiyu.fun/ Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-encoding gzip date Tue, 22 Oct 2024 07:59:51 GMT content-type application/javascript last-modified Sun, 20 Oct 2024 12:25:37 GMT server Caddy, beegoServer:1.12.3
GET H2	200	main.41aafb88.css k-auth.aiyu.fun/static/css/	3 KB 1 KB	2219ms 2216ms	Stylesheet text/css	146.56.47.115 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://k-auth.aiyu.fun/static/css/main.41aafb88.css Requested by Host: k-auth.aiyu.fun URL: https://k-auth.aiyu.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.56.47.115 Seoul, Korea, Republic Of, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software Caddy, beegoServer:1.12.3 / Resource Hash `0654f943b5d78b4eac48ccacddb181fdb85a7feea4b2dfd87acdbf29f5e9fd65` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://k-auth.aiyu.fun/ Response headers content-encoding gzip accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-length 1162 date Tue, 22 Oct 2024 07:59:51 GMT content-type text/css; charset=utf-8 last-modified Sun, 20 Oct 2024 12:25:37 GMT server Caddy, beegoServer:1.12.3
GET H2	200	get-account Show response k-auth.aiyu.fun/api/	130 B 184 B	357ms 356ms	Fetch application/json	146.56.47.115 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://k-auth.aiyu.fun/api/get-account Requested by Host: k-auth.aiyu.fun URL: https://k-auth.aiyu.fun/static/js/main.a04ab87b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.56.47.115 Seoul, Korea, Republic Of, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software Caddy, beegoServer:1.12.3 / Resource Hash `ee611932fce2d2d017fa0ffa9e73b97721bb5ef9cc69c9882079540bbdf485c8` Request headers Accept-Language en;q=0.9,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://k-auth.aiyu.fun/ Response headers alt-svc h3=":443"; ma=2592000 content-encoding gzip content-length 109 date Tue, 22 Oct 2024 08:00:10 GMT content-type application/json; charset=utf-8 server Caddy, beegoServer:1.12.3
GET H2	200	6524.99bc5580.chunk.js Show response k-auth.aiyu.fun/static/js/	1 MB 382 KB	699ms 698ms	Script application/javascript	146.56.47.115 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://k-auth.aiyu.fun/static/js/6524.99bc5580.chunk.js Requested by Host: k-auth.aiyu.fun URL: https://k-auth.aiyu.fun/static/js/main.a04ab87b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.56.47.115 Seoul, Korea, Republic Of, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software Caddy, beegoServer:1.12.3 / Resource Hash `8f82cd24005eb660ccf85e2b04f7a15036b46f8a1082b95da04aed89c023c58b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://k-auth.aiyu.fun/ Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-encoding gzip date Tue, 22 Oct 2024 08:00:10 GMT content-type application/javascript last-modified Sun, 20 Oct 2024 12:25:37 GMT server Caddy, beegoServer:1.12.3
GET H2	200	8541.fff194c2.chunk.js k-auth.aiyu.fun/static/js/	2 MB 0	391ms 391ms	Script application/javascript	146.56.47.115 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://k-auth.aiyu.fun/static/js/8541.fff194c2.chunk.js Requested by Host: k-auth.aiyu.fun URL: https://k-auth.aiyu.fun/static/js/main.a04ab87b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.56.47.115 Seoul, Korea, Republic Of, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software Caddy, beegoServer:1.12.3 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://k-auth.aiyu.fun/ Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-encoding gzip date Tue, 22 Oct 2024 08:00:10 GMT content-type application/javascript last-modified Sun, 20 Oct 2024 12:25:37 GMT server Caddy, beegoServer:1.12.3
GET H2	200	7299.e7dbd522.chunk.css k-auth.aiyu.fun/static/css/	12 KB 3 KB	358ms 358ms	Stylesheet text/css	146.56.47.115 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://k-auth.aiyu.fun/static/css/7299.e7dbd522.chunk.css Requested by Host: k-auth.aiyu.fun URL: https://k-auth.aiyu.fun/static/js/main.a04ab87b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.56.47.115 Seoul, Korea, Republic Of, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software Caddy, beegoServer:1.12.3 / Resource Hash `6930604fba3598b9eed4250ea2a6289f06654e28beaa2c8d8fc1a420e836495e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://k-auth.aiyu.fun/ Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-encoding gzip date Tue, 22 Oct 2024 08:00:10 GMT content-type text/css; charset=utf-8 last-modified Sun, 20 Oct 2024 12:25:37 GMT server Caddy, beegoServer:1.12.3
GET H2	200	7299.f780f553.chunk.js Show response k-auth.aiyu.fun/static/js/	623 KB 90 KB	390ms 390ms	Script application/javascript	146.56.47.115 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://k-auth.aiyu.fun/static/js/7299.f780f553.chunk.js Requested by Host: k-auth.aiyu.fun URL: https://k-auth.aiyu.fun/static/js/main.a04ab87b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.56.47.115 Seoul, Korea, Republic Of, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software Caddy, beegoServer:1.12.3 / Resource Hash `1a71c6e27b38b94d0c5851d22728424f47e42ea4fae782b957778e94e5b3ff82` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://k-auth.aiyu.fun/ Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-encoding gzip date Tue, 22 Oct 2024 08:00:10 GMT content-type application/javascript last-modified Sun, 20 Oct 2024 12:25:37 GMT server Caddy, beegoServer:1.12.3
GET H2	200	casdoor-logo_1185x256.png cdn.casbin.org/img/	71 KB 71 KB	2354ms 450ms	Image image/png	185.199.110.153 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.casbin.org/img/casdoor-logo_1185x256.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.110.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-110-153.github.com Software GitHub.com / Resource Hash `cad005da477becf0b404368be7523b78aeaaf4ec595ce9bdee5c396948d3800d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://k-auth.aiyu.fun/ Response headers x-fastly-request-id ea6b3c4f639bbc3ed6d00d96d59297f714861853 etag "66e30356-11a0c" age 0 x-github-request-id 3E6C:0DA1:3FE1615:41A5079:671741CD expires Tue, 22 Oct 2024 06:20:22 GMT x-proxy-cache MISS x-cache HIT date Tue, 22 Oct 2024 08:00:12 GMT content-type image/png last-modified Thu, 12 Sep 2024 15:05:58 GMT x-served-by cache-mxp6940-MXP x-cache-hits 0 vary Accept-Encoding cache-control max-age=600 x-timer S1729584013.640358,VS0,VE110 via 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 72204 x-origin-cache HIT server GitHub.com
GET H2	200	favicon.ico k-auth.aiyu.fun/	760 B 499 B	9211ms 9145ms	Other text/html	146.56.47.115 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://k-auth.aiyu.fun/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.56.47.115 Seoul, Korea, Republic Of, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software Caddy, beegoServer:1.12.3 / Resource Hash `37e886ef6cfee560ed501eddfb1ee1b804017c2dd9a35c84a63c683ec9ca84ca` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://k-auth.aiyu.fun/ Response headers content-encoding gzip accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-length 471 date Tue, 22 Oct 2024 08:00:10 GMT content-type text/html; charset=utf-8 last-modified Sun, 20 Oct 2024 12:25:37 GMT server Caddy, beegoServer:1.12.3
GET H2	200	favicon.png cdn.casdoor.com/static/	38 KB 38 KB	2466ms 103ms	Other image/png	163.181.92.179 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://cdn.casdoor.com/static/favicon.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 163.181.92.179 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `708946828401ef738b4a10cc63029d94e835307c094974b129ead5f4dc48d6ec` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://k-auth.aiyu.fun/ Response headers x-oss-cdn-auth success content-md5 ze235AeAdtSWwOj+yZOdFA== x-oss-storage-class Standard etag "CDEDB7E4078076D496C0E8FEC9939D14" age 467 x-oss-object-type Normal x-cache HIT TCP_MEM_HIT dirn:-2:-2 date Tue, 22 Oct 2024 07:52:26 GMT x-oss-server-time 13 content-type image/png last-modified Sun, 13 Feb 2022 15:28:51 GMT x-swift-cachetime 3600 timing-allow-origin * x-oss-hash-crc64ecma 4006038206320433066 via ens-cache7.l2de3[0,0,304-0,H], ens-cache5.l2de3[1,0], ens-cache12.de5[0,0,200-0,H], ens-cache10.de5[2,0] ali-swift-global-savetime 1729583546 x-swift-savetime Tue, 22 Oct 2024 07:53:23 GMT accept-ranges bytes access-control-allow-origin * eagleid a3b55c9e17295840131202705e content-length 38624 x-oss-request-id 671759BAAF1C2D30365F647B server Tengine
GET H2	200	casdoor-logo_1185x256.png cdn.casbin.org/img/	71 KB 0	5ms 5ms	Image image/png	185.199.110.153 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.casbin.org/img/casdoor-logo_1185x256.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.110.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-110-153.github.com Software GitHub.com / Resource Hash `cad005da477becf0b404368be7523b78aeaaf4ec595ce9bdee5c396948d3800d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://k-auth.aiyu.fun/ Response headers x-fastly-request-id ea6b3c4f639bbc3ed6d00d96d59297f714861853 etag "66e30356-11a0c" age 0 x-github-request-id 3E6C:0DA1:3FE1615:41A5079:671741CD expires Tue, 22 Oct 2024 06:20:22 GMT x-proxy-cache MISS x-cache HIT date Tue, 22 Oct 2024 08:00:12 GMT content-type image/png last-modified Thu, 12 Sep 2024 15:05:58 GMT x-served-by cache-mxp6940-MXP x-cache-hits 0 vary Accept-Encoding cache-control max-age=600 x-timer S1729584013.640358,VS0,VE110 via 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 72204 x-origin-cache HIT server GitHub.com

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkweb function| clearImmediate function| setImmediate object| regeneratorRuntime

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			k-auth.aiyu.fun/	1970-01-21 01:09:35	Name: casdoor_session_id Value: 6694112f48431e55f4ed3c64bab97519

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.casbin.org
cdn.casdoor.com
k-auth.aiyu.fun
146.56.47.115
163.181.92.179
185.199.110.153
0654f943b5d78b4eac48ccacddb181fdb85a7feea4b2dfd87acdbf29f5e9fd65
1a71c6e27b38b94d0c5851d22728424f47e42ea4fae782b957778e94e5b3ff82
37e886ef6cfee560ed501eddfb1ee1b804017c2dd9a35c84a63c683ec9ca84ca
6930604fba3598b9eed4250ea2a6289f06654e28beaa2c8d8fc1a420e836495e
708946828401ef738b4a10cc63029d94e835307c094974b129ead5f4dc48d6ec
8f82cd24005eb660ccf85e2b04f7a15036b46f8a1082b95da04aed89c023c58b
cad005da477becf0b404368be7523b78aeaaf4ec595ce9bdee5c396948d3800d
d975e26da0b1ee97225d8ef449d8925f184718fd7070122f74fae6e308ebf17d
ee611932fce2d2d017fa0ffa9e73b97721bb5ef9cc69c9882079540bbdf485c8

k-auth.aiyu.fun Open in urlscan Pro 146.56.47.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

1327 kBTransfer

6877 kBSize

1 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

Indicators

k-auth.aiyu.fun Open in urlscan Pro
146.56.47.115 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

1327 kB
Transfer

6877 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions