fdu-hotpot.top Open in urlscan Pro
106.14.39.185 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ahsapbasamak.org/indexx.php
Effective URL:
https://fdu-hotpot.top/wp-includes/assets/x/tracking-load.html
Submission: On January 21 via api (January 21st 2022, 12:12:51 am UTC) from NZ — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 106.14.39.185, located in Shanghai, China and belongs to CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN. The main domain is fdu-hotpot.top.
TLS certificate: Issued by R3 on December 23rd 2021. Valid for: 3 months.

This is the only time fdu-hotpot.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DPD (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1	185.111.234.36 185.111.234.36	51557 (TR-ISIMTE...) (TR-ISIMTESCIL-20201202)
13	106.14.39.185 106.14.39.185	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
14	2

1 185.111.234.36 (Turkey)

ASN51557 (TR-ISIMTESCIL-20201202, TR)

ahsapbasamak.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 106.14.39.185 (Shanghai, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

fdu-hotpot.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	fdu-hotpot.top fdu-hotpot.top	78 KB
1	ahsapbasamak.org ahsapbasamak.org	300 B
14	2

	Domain	Requested by
13	fdu-hotpot.top	fdu-hotpot.top
1	ahsapbasamak.org
14	2

This site contains no links.

Subject Issuer	Validity	Valid
ahsapbasamak.org RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-30` - `2022-12-30`	a year	crt.sh
fdu-hotpot.top R3	`2021-12-23` - `2022-03-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://fdu-hotpot.top/wp-includes/assets/x/tracking-load.html
Frame ID: 8B9486B1FBAC731F1B54B057E1100054
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Follow My Parcel

Page URL History Show full URLs

https://ahsapbasamak.org/indexx.php Page URL
https://fdu-hotpot.top/wp-includes/assets/x/ Page URL
https://fdu-hotpot.top/wp-includes/assets/x/tracking-load.html Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

78 kB
Transfer

345 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ahsapbasamak.org/indexx.php Page URL
https://fdu-hotpot.top/wp-includes/assets/x/ Page URL
https://fdu-hotpot.top/wp-includes/assets/x/tracking-load.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	indexx.php Show response ahsapbasamak.org/	109 B 300 B	422ms 109ms	Document text/html	185.111.234.36 TR-ISIMTESCIL-202...
General Check archive.org Show headers Download Go to Full URL https://ahsapbasamak.org/indexx.php Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 185.111.234.36 , Turkey, ASN51557 (TR-ISIMTESCIL-20201202, TR), Reverse DNS Software LiteSpeed / Resource Hash `aa088bafcbb20a5637dfb170f40d1e3f8a51d5f45cea3ea2bd86b0411068b29f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Content-Length 85 Content-Encoding br Vary Accept-Encoding,User-Agent Date Fri, 21 Jan 2022 00:12:46 GMT Server LiteSpeed
GET H/1.1	200 OK	/ Show response fdu-hotpot.top/wp-includes/assets/x/	63 B 346 B	3021ms 1303ms	Document text/html	106.14.39.185 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL https://fdu-hotpot.top/wp-includes/assets/x/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 106.14.39.185 Shanghai, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash `3f53cb05783292e1299271bb1ac6e9c5ec9cf0663ccfad9c80cc11111921b911` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ahsapbasamak.org/ Response headers Date Fri, 21 Jan 2022 00:12:50 GMT Server Apache/2.4.29 (Ubuntu) Last-Modified Wed, 22 Apr 2020 15:18:38 GMT ETag "3f-5a3e2a57e2f80" Accept-Ranges bytes Content-Length 63 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	Primary Request tracking-load.html Show response fdu-hotpot.top/wp-includes/assets/x/	23 KB 4 KB	236ms 236ms	Document text/html	106.14.39.185 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL https://fdu-hotpot.top/wp-includes/assets/x/tracking-load.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 106.14.39.185 Shanghai, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash `48ca706bc3e10859462d38c5de3a38c69364a9a4f74f596d32f53a7caf962e82` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://fdu-hotpot.top/wp-includes/assets/x/ Response headers Date Fri, 21 Jan 2022 00:12:50 GMT Server Apache/2.4.29 (Ubuntu) Last-Modified Wed, 22 Apr 2020 15:42:22 GMT ETag "5d5e-5a3e2fa5eb380-gzip" Accept-Ranges bytes Vary Accept-Encoding Content-Encoding gzip Content-Length 4246 Keep-Alive timeout=5, max=99 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	app.css fdu-hotpot.top/wp-includes/assets/x/files/	183 KB 20 KB	239ms 239ms	Stylesheet text/css	106.14.39.185 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL https://fdu-hotpot.top/wp-includes/assets/x/files/app.css Requested by Host: fdu-hotpot.top URL: https://fdu-hotpot.top/wp-includes/assets/x/tracking-load.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 106.14.39.185 Shanghai, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash `d3a9d53bed47724a9a3a6134220f6079537ca8d78c0e5cb70d6adc69f863b90c` Request headers Accept-Language de-DE,de;q=0.9 Referer https://fdu-hotpot.top/wp-includes/assets/x/tracking-load.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 21 Jan 2022 00:12:50 GMT Content-Encoding gzip Last-Modified Mon, 10 Feb 2020 01:21:54 GMT Server Apache/2.4.29 (Ubuntu) ETag "2dbb9-59e2e9086f080-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 20092
GET H/1.1	200 OK	app2.css fdu-hotpot.top/wp-includes/assets/x/files/	29 KB 5 KB	243ms 243ms	Stylesheet text/css	106.14.39.185 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL https://fdu-hotpot.top/wp-includes/assets/x/files/app2.css Requested by Host: fdu-hotpot.top URL: https://fdu-hotpot.top/wp-includes/assets/x/tracking-load.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 106.14.39.185 Shanghai, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash `e5f09705b4e1052ee58ce24a921810cd38a151051deb168cf58dc25cca746f36` Request headers Accept-Language de-DE,de;q=0.9 Referer https://fdu-hotpot.top/wp-includes/assets/x/tracking-load.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 21 Jan 2022 00:12:50 GMT Content-Encoding gzip Last-Modified Wed, 22 Apr 2020 15:36:46 GMT Server Apache/2.4.29 (Ubuntu) ETag "7210-5a3e2e657bf80-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 5064
GET H/1.1	200 OK	dpd.png fdu-hotpot.top/wp-includes/assets/x/files/	5 KB 5 KB	486ms 244ms	Image image/png	106.14.39.185 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Show image Full URL https://fdu-hotpot.top/wp-includes/assets/x/files/dpd.png Requested by Host: fdu-hotpot.top URL: https://fdu-hotpot.top/wp-includes/assets/x/tracking-load.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 106.14.39.185 Shanghai, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash `7c442b15a0b45f172fa964116dedbf9e300695349fb73ea058b28b9bde17c5d9` Request headers Accept-Language de-DE,de;q=0.9 Referer https://fdu-hotpot.top/wp-includes/assets/x/tracking-load.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 21 Jan 2022 00:12:50 GMT Last-Modified Sun, 09 Jan 2022 20:48:41 GMT Server Apache/2.4.29 (Ubuntu) ETag "1321-5d52c58581c40" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 4897
GET H/1.1	200 OK	claim.png fdu-hotpot.top/wp-includes/assets/x/files/	17 KB 18 KB	700ms 234ms	Image image/png	106.14.39.185 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Show image Full URL https://fdu-hotpot.top/wp-includes/assets/x/files/claim.png Requested by Host: fdu-hotpot.top URL: https://fdu-hotpot.top/wp-includes/assets/x/tracking-load.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 106.14.39.185 Shanghai, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash `863a24f0e0d23c794479143baad6d856fcbdfaec2701a67988fbd5b85b5b1218` Request headers Accept-Language de-DE,de;q=0.9 Referer https://fdu-hotpot.top/wp-includes/assets/x/tracking-load.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 21 Jan 2022 00:12:51 GMT Last-Modified Mon, 10 Feb 2020 01:21:54 GMT Server Apache/2.4.29 (Ubuntu) ETag "450a-59e2e9086f080" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 17674
GET H/1.1	200 OK	warning_red.png fdu-hotpot.top/wp-includes/assets/x/files/	3 KB 3 KB	702ms 235ms	Image image/png	106.14.39.185 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Show image Full URL https://fdu-hotpot.top/wp-includes/assets/x/files/warning_red.png Requested by Host: fdu-hotpot.top URL: https://fdu-hotpot.top/wp-includes/assets/x/tracking-load.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 106.14.39.185 Shanghai, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash `7a89397dda9a9adbd6a118c432895e46317944ce976d794c895f3788d27b0286` Request headers Accept-Language de-DE,de;q=0.9 Referer https://fdu-hotpot.top/wp-includes/assets/x/tracking-load.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 21 Jan 2022 00:12:51 GMT Last-Modified Mon, 10 Feb 2020 01:21:54 GMT Server Apache/2.4.29 (Ubuntu) ETag "a8f-59e2e9086f080" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2703
GET H/1.1	200 OK	loading.gif fdu-hotpot.top/wp-includes/assets/x/files/	17 KB 18 KB	704ms 235ms	Image image/gif	106.14.39.185 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Show image Full URL https://fdu-hotpot.top/wp-includes/assets/x/files/loading.gif Requested by Host: fdu-hotpot.top URL: https://fdu-hotpot.top/wp-includes/assets/x/tracking-load.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 106.14.39.185 Shanghai, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash `85e34065774eebcb0f3d652d24ce47c0ecbfd5c190228a20d3dc7c698eb279e1` Request headers Accept-Language de-DE,de;q=0.9 Referer https://fdu-hotpot.top/wp-includes/assets/x/tracking-load.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 21 Jan 2022 00:12:51 GMT Last-Modified Wed, 22 Apr 2020 15:30:18 GMT Server Apache/2.4.29 (Ubuntu) ETag "4522-5a3e2cf375680" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 17698
GET H/1.1	200 OK	dpd_group_82x22.png fdu-hotpot.top/wp-includes/assets/x/files/	3 KB 3 KB	488ms 242ms	Image image/png	106.14.39.185 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Show image Full URL https://fdu-hotpot.top/wp-includes/assets/x/files/dpd_group_82x22.png Requested by Host: fdu-hotpot.top URL: https://fdu-hotpot.top/wp-includes/assets/x/tracking-load.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 106.14.39.185 Shanghai, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash `9e72e47498366f1af8dc4972041ce63172ed73fc49553c3e729c66191e6ff2ea` Request headers Accept-Language de-DE,de;q=0.9 Referer https://fdu-hotpot.top/wp-includes/assets/x/tracking-load.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 21 Jan 2022 00:12:51 GMT Last-Modified Mon, 10 Feb 2020 01:21:54 GMT Server Apache/2.4.29 (Ubuntu) ETag "b83-59e2e9086f080" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 2947
GET H/1.1	200 OK	plutosansdpdlight-web.woff fdu-hotpot.top/wp-includes/assets/x/files/	32 KB 0	244ms 240ms	Font application/font-woff	106.14.39.185 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL https://fdu-hotpot.top/wp-includes/assets/x/files/plutosansdpdlight-web.woff Requested by Host: fdu-hotpot.top URL: https://fdu-hotpot.top/wp-includes/assets/x/files/app.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 106.14.39.185 Shanghai, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash Request headers Referer https://fdu-hotpot.top/wp-includes/assets/x/files/app.css Origin https://fdu-hotpot.top Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 21 Jan 2022 00:12:51 GMT Last-Modified Mon, 10 Feb 2020 01:21:54 GMT Server Apache/2.4.29 (Ubuntu) ETag "ed6d-59e2e9086f080" Content-Type application/font-woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 60781
GET H/1.1	200 OK	ico-magnifying-glass-14x14.png fdu-hotpot.top/wp-includes/assets/x/files/	1 KB 1 KB	458ms 239ms	Image image/png	106.14.39.185 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Show image Full URL https://fdu-hotpot.top/wp-includes/assets/x/files/ico-magnifying-glass-14x14.png Requested by Host: fdu-hotpot.top URL: https://fdu-hotpot.top/wp-includes/assets/x/files/app.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 106.14.39.185 Shanghai, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash `7d7224d9babceb8ed6e0b7c860678d49c0ea5b53df49153d8db99c18c1e4a986` Request headers Accept-Language de-DE,de;q=0.9 Referer https://fdu-hotpot.top/wp-includes/assets/x/files/app.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 21 Jan 2022 00:12:51 GMT Last-Modified Mon, 10 Feb 2020 01:21:54 GMT Server Apache/2.4.29 (Ubuntu) ETag "470-59e2e9086f080" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 1136
GET H/1.1	200 OK	dpd-mobile.png fdu-hotpot.top/wp-includes/assets/x/files/	0 0	430ms 241ms	Image image/png	106.14.39.185 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Show image Full URL https://fdu-hotpot.top/wp-includes/assets/x/files/dpd-mobile.png Requested by Host: fdu-hotpot.top URL: https://fdu-hotpot.top/wp-includes/assets/x/tracking-load.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 106.14.39.185 Shanghai, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://fdu-hotpot.top/wp-includes/assets/x/tracking-load.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 21 Jan 2022 00:12:51 GMT Last-Modified Mon, 10 Feb 2020 01:21:54 GMT Server Apache/2.4.29 (Ubuntu) ETag "7ffe-59e2e9086f080" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 32766
GET H/1.1	200 OK	plutosansdpdregular-web.woff fdu-hotpot.top/wp-includes/assets/x/files/	32 KB 0	241ms 241ms	Font application/font-woff	106.14.39.185 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL https://fdu-hotpot.top/wp-includes/assets/x/files/plutosansdpdregular-web.woff Requested by Host: fdu-hotpot.top URL: https://fdu-hotpot.top/wp-includes/assets/x/files/app.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 106.14.39.185 Shanghai, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash Request headers Referer https://fdu-hotpot.top/wp-includes/assets/x/files/app.css Origin https://fdu-hotpot.top Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Fri, 21 Jan 2022 00:12:51 GMT Last-Modified Mon, 10 Feb 2020 01:21:54 GMT Server Apache/2.4.29 (Ubuntu) ETag "ea8a-59e2e9086f080" Content-Type application/font-woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 60042

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DPD (Transportation)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ahsapbasamak.org
fdu-hotpot.top
106.14.39.185
185.111.234.36
3f53cb05783292e1299271bb1ac6e9c5ec9cf0663ccfad9c80cc11111921b911
48ca706bc3e10859462d38c5de3a38c69364a9a4f74f596d32f53a7caf962e82
7a89397dda9a9adbd6a118c432895e46317944ce976d794c895f3788d27b0286
7c442b15a0b45f172fa964116dedbf9e300695349fb73ea058b28b9bde17c5d9
7d7224d9babceb8ed6e0b7c860678d49c0ea5b53df49153d8db99c18c1e4a986
85e34065774eebcb0f3d652d24ce47c0ecbfd5c190228a20d3dc7c698eb279e1
863a24f0e0d23c794479143baad6d856fcbdfaec2701a67988fbd5b85b5b1218
9e72e47498366f1af8dc4972041ce63172ed73fc49553c3e729c66191e6ff2ea
aa088bafcbb20a5637dfb170f40d1e3f8a51d5f45cea3ea2bd86b0411068b29f
d3a9d53bed47724a9a3a6134220f6079537ca8d78c0e5cb70d6adc69f863b90c
e5f09705b4e1052ee58ce24a921810cd38a151051deb168cf58dc25cca746f36

fdu-hotpot.top Open in urlscan Pro 106.14.39.185 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

78 kBTransfer

345 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

fdu-hotpot.top Open in urlscan Pro
106.14.39.185 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

78 kB
Transfer

345 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!