fghdaswitch.com Open in urlscan Pro
31.192.110.33 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com
Submission: On April 17 via automatic, source openphish (April 17th 2020, 12:23:58 pm UTC)

Summary HTTP 28 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 28 HTTP transactions. The main IP is 31.192.110.33, located in Russian Federation and belongs to NCONNECT-AS, RU. The main domain is fghdaswitch.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 12th 2020. Valid for: 3 months.

This is the only time fghdaswitch.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: 163.cn (Online) Generic China (Online)

Domain & IP information

	IP Address	AS Autonomous System
14 18	31.192.110.33 31.192.110.33	49335 (NCONNECT-AS) (NCONNECT-AS)
4	220.194.24.216 220.194.24.216	4808 (CHINA169-...) (CHINA169-BJ China Unicom Beijing Province Network)
14	2620:0:862:ed... 2620:0:862:ed1a::1	14907 (WIKIMEDIA) (WIKIMEDIA)
6	123.58.177.239 123.58.177.239	45062 (NETEASE-A...) (NETEASE-AS Guangzhou NetEase Computer System Co.)
28	4

18 31.192.110.33 (Russian Federation) 14 redirects

ASN49335 (NCONNECT-AS, RU)

fghdaswitch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 220.194.24.216 (China)

ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)
PTR: mail-m24216.qiye.163.com

qiye.163.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mimg.qiye.163.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2620:0:862:ed1a::1 (United States)

ASN14907 (WIKIMEDIA, US)

en.wikipedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 123.58.177.239 (Hangzhou, China)

ASN45062 (NETEASE-AS Guangzhou NetEase Computer System Co., Ltd., CN)
PTR: m239-177.yeah.net

mimghz.qiye.163.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	fghdaswitch.com 14 redirects fghdaswitch.com	24 KB
14	wikipedia.org en.wikipedia.org
10	163.com qiye.163.com mimghz.qiye.163.com mimg.qiye.163.com	223 KB
28	3

	Domain	Requested by
18	fghdaswitch.com	14 redirects fghdaswitch.com
14	en.wikipedia.org	fghdaswitch.com
6	mimghz.qiye.163.com	fghdaswitch.com
3	mimg.qiye.163.com	fghdaswitch.com
1	qiye.163.com	fghdaswitch.com
28	5

This site contains links to these domains. Also see Links.

Domain
qiye.163.com
u.163.com
mail.163.com
corp.163.com

Subject Issuer	Validity	Valid
fghdaswitch.com cPanel, Inc. Certification Authority	`2020-04-12` - `2020-07-11`	3 months	crt.sh
*.qiye.163.com GeoTrust CN RSA CA G1	`2020-01-20` - `2022-02-19`	2 years	crt.sh
*.wikipedia.org DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-10-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com
Frame ID: ED1672CD1D911C52CEB5FF51AD19B75E
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

28
Requests

68 %
HTTPS

25 %
IPv6

3
Domains

5
Subdomains

4
IPs

3
Countries

244 kB
Transfer

240 kB
Size

0
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://qiye.163.com/?hl=zh_TW
Title: 繁體版

Search URL Search Domain Scan URL

URL: https://qiye.163.com/?hl=en_US
Title: English

Search URL Search Domain Scan URL

URL: https://qiye.163.com/help/l-1.html
Title: 帮助

Search URL Search Domain Scan URL

URL: http://u.163.com/androidds4
Title: Android版

Search URL Search Domain Scan URL

URL: http://u.163.com/iosds4
Title: iPhone版

Search URL Search Domain Scan URL

URL: https://qiye.163.com/admin.jsp
Title: 管理员登录

Search URL Search Domain Scan URL

URL: http://mail.163.com/dashi/
Title: 下载邮箱大师

Search URL Search Domain Scan URL

URL: http://corp.163.com/gb/home.shtml
Title: 关于网易

Search URL Search Domain Scan URL

URL: http://corp.163.com/gb/legal/legal.html
Title: 相关法律

Search URL Search Domain Scan URL

URL: http://qiye.163.com/
Title: 企业邮箱

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://fghdaswitch.com/regs/yksd/mx/index_files/getqrcode.do HTTP 302
https://en.wikipedia.org/wiki/Art

Request Chain 5

https://fghdaswitch.com/regs/yksd/mx/files/year.js.download HTTP 302
https://en.wikipedia.org/wiki/Art

Request Chain 6

https://fghdaswitch.com/regs/yksd/mx/files/loginjs.jsp HTTP 302
https://en.wikipedia.org/wiki/Art

Request Chain 7

https://fghdaswitch.com/regs/yksd/mx/files/jquery.js.download HTTP 302
https://en.wikipedia.org/wiki/Art

Request Chain 8

https://fghdaswitch.com/regs/yksd/mx/files/jquery-migrate.js.download HTTP 302
https://en.wikipedia.org/wiki/Art

Request Chain 9

https://fghdaswitch.com/regs/yksd/mx/files/lang_zhcn.js.download HTTP 302
https://en.wikipedia.org/wiki/Art

Request Chain 10

https://fghdaswitch.com/regs/yksd/mx/files/select_network.js.download HTTP 302
https://en.wikipedia.org/wiki/Art

Request Chain 11

https://fghdaswitch.com/regs/yksd/mx/files/login_util.js.download HTTP 302
https://en.wikipedia.org/wiki/Art

Request Chain 12

https://fghdaswitch.com/regs/yksd/mx/index_files/jquery.jsonp-2.4.0.min.js.download HTTP 302
https://en.wikipedia.org/wiki/Art

Request Chain 13

https://fghdaswitch.com/regs/yksd/mx/index_files/select_banner.js.download HTTP 302
https://en.wikipedia.org/wiki/Art

Request Chain 14

https://fghdaswitch.com/regs/yksd/mx/index_files/reset_pwd.js.download HTTP 302
https://en.wikipedia.org/wiki/Art

Request Chain 15

https://fghdaswitch.com/regs/yksd/mx/index_files/qiye_algorithm.js.download HTTP 302
https://en.wikipedia.org/wiki/Art

Request Chain 25

https://fghdaswitch.com/regs/yksd/mx/img/applogin_example.png HTTP 302
https://en.wikipedia.org/wiki/Art

Request Chain 26

https://fghdaswitch.com/regs/yksd/mx/img/codebg.png HTTP 302
https://en.wikipedia.org/wiki/Art

28 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response fghdaswitch.com/regs/yksd/mx/	11 KB 11 KB	521ms 93ms	Document text/html	31.192.110.33 NCONNECT-AS
General Check archive.org Show headers Download Go to Full URL https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.192.110.33 , Russian Federation, ASN49335 (NCONNECT-AS, RU), Reverse DNS Software Apache / Resource Hash `d4705e517811993d3bcd8f15aa8fb09de3c4f6167650233a31e67dd876d01f76` Request headers Host fghdaswitch.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 17 Apr 2020 12:23:27 GMT Server Apache Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	global.css fghdaswitch.com/regs/yksd/mx/files/	3 KB 4 KB	102ms 58ms	Stylesheet text/css	31.192.110.33 NCONNECT-AS
General Check archive.org Show headers Download Go to Full URL https://fghdaswitch.com/regs/yksd/mx/files/global.css Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.192.110.33 , Russian Federation, ASN49335 (NCONNECT-AS, RU), Reverse DNS Software Apache / Resource Hash `874cbf268437bff7b2e07511a081266a0ba82e99abec974e26feac3e378b2763` Request headers Referer https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 17 Apr 2020 12:23:27 GMT Last-Modified Thu, 23 May 2019 00:08:26 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 3537
GET H/1.1	200 OK	user.css fghdaswitch.com/regs/yksd/mx/files/	501 B 741 B	161ms 58ms	Stylesheet text/css	31.192.110.33 NCONNECT-AS
General Check archive.org Show headers Download Go to Full URL https://fghdaswitch.com/regs/yksd/mx/files/user.css Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.192.110.33 , Russian Federation, ASN49335 (NCONNECT-AS, RU), Reverse DNS Software Apache / Resource Hash `6ec5fd729fea809de4f701c80f30b1450c8271297ed56ae1177ab28138e3526a` Request headers Referer https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 17 Apr 2020 12:23:27 GMT Last-Modified Thu, 23 May 2019 00:08:26 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 501
GET H/1.1	200 OK	custom.css fghdaswitch.com/regs/yksd/mx/files/	5 KB 5 KB	173ms 58ms	Stylesheet text/css	31.192.110.33 NCONNECT-AS
General Check archive.org Show headers Download Go to Full URL https://fghdaswitch.com/regs/yksd/mx/files/custom.css Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 31.192.110.33 , Russian Federation, ASN49335 (NCONNECT-AS, RU), Reverse DNS Software Apache / Resource Hash `3315b2a9b892138959b6f9fd671782ece1da0590c97c7da2f80afccc5d342939` Request headers Referer https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 17 Apr 2020 12:23:27 GMT Last-Modified Thu, 23 May 2019 00:08:26 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 4808
GET H/1.1	200 OK	/ qiye.163.com/	0 0	1326ms 372ms	Image text/html	220.194.24.216 CHINA169-BJ China...
General Check archive.org Show headers Download Go to Show image Full URL https://qiye.163.com/ Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 220.194.24.216 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN), Reverse DNS mail-m24216.qiye.163.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
GET H2	200	Art en.wikipedia.org/wiki/ Redirect Chain https://fghdaswitch.com/regs/yksd/mx/index_files/getqrcode.do https://en.wikipedia.org/wiki/Art	0 0	47ms 22ms	Image text/html	2620:0:862:ed1a::1 WIKIMEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://en.wikipedia.org/wiki/Art Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2620:0:862:ed1a::1 , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers location https://en.wikipedia.org/wiki/Art Date Fri, 17 Apr 2020 12:23:27 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=97 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	Art Show response en.wikipedia.org/wiki/ Redirect Chain https://fghdaswitch.com/regs/yksd/mx/files/year.js.download https://en.wikipedia.org/wiki/Art	0 0	44ms 21ms	Script text/html	2620:0:862:ed1a::1 WIKIMEDIA
General Check archive.org Show headers Download Go to Full URL https://en.wikipedia.org/wiki/Art Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2620:0:862:ed1a::1 , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers location https://en.wikipedia.org/wiki/Art Date Fri, 17 Apr 2020 12:23:27 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	Art Show response en.wikipedia.org/wiki/ Redirect Chain https://fghdaswitch.com/regs/yksd/mx/files/loginjs.jsp https://en.wikipedia.org/wiki/Art	0 0	12ms 12ms	Script text/html	2620:0:862:ed1a::1 WIKIMEDIA
General Check archive.org Show headers Download Go to Full URL https://en.wikipedia.org/wiki/Art Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2620:0:862:ed1a::1 , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers location https://en.wikipedia.org/wiki/Art Date Fri, 17 Apr 2020 12:23:27 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	Art Show response en.wikipedia.org/wiki/ Redirect Chain https://fghdaswitch.com/regs/yksd/mx/files/jquery.js.download https://en.wikipedia.org/wiki/Art	0 0	59ms 49ms	Script text/html	2620:0:862:ed1a::1 WIKIMEDIA
General Check archive.org Show headers Download Go to Full URL https://en.wikipedia.org/wiki/Art Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2620:0:862:ed1a::1 , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers location https://en.wikipedia.org/wiki/Art Date Fri, 17 Apr 2020 12:23:27 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	Art Show response en.wikipedia.org/wiki/ Redirect Chain https://fghdaswitch.com/regs/yksd/mx/files/jquery-migrate.js.download https://en.wikipedia.org/wiki/Art	0 0	76ms 48ms	Script text/html	2620:0:862:ed1a::1 WIKIMEDIA
General Check archive.org Show headers Download Go to Full URL https://en.wikipedia.org/wiki/Art Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2620:0:862:ed1a::1 , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers location https://en.wikipedia.org/wiki/Art Date Fri, 17 Apr 2020 12:23:27 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	Art Show response en.wikipedia.org/wiki/ Redirect Chain https://fghdaswitch.com/regs/yksd/mx/files/lang_zhcn.js.download https://en.wikipedia.org/wiki/Art	0 0	63ms 48ms	Script text/html	2620:0:862:ed1a::1 WIKIMEDIA
General Check archive.org Show headers Download Go to Full URL https://en.wikipedia.org/wiki/Art Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2620:0:862:ed1a::1 , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers location https://en.wikipedia.org/wiki/Art Date Fri, 17 Apr 2020 12:23:27 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	Art Show response en.wikipedia.org/wiki/ Redirect Chain https://fghdaswitch.com/regs/yksd/mx/files/select_network.js.download https://en.wikipedia.org/wiki/Art	0 0	12ms 12ms	Script text/html	2620:0:862:ed1a::1 WIKIMEDIA
General Check archive.org Show headers Download Go to Full URL https://en.wikipedia.org/wiki/Art Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2620:0:862:ed1a::1 , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers location https://en.wikipedia.org/wiki/Art Date Fri, 17 Apr 2020 12:23:28 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	Art Show response en.wikipedia.org/wiki/ Redirect Chain https://fghdaswitch.com/regs/yksd/mx/files/login_util.js.download https://en.wikipedia.org/wiki/Art	0 0	12ms 12ms	Script text/html	2620:0:862:ed1a::1 WIKIMEDIA
General Check archive.org Show headers Download Go to Full URL https://en.wikipedia.org/wiki/Art Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2620:0:862:ed1a::1 , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers location https://en.wikipedia.org/wiki/Art Date Fri, 17 Apr 2020 12:23:28 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	Art Show response en.wikipedia.org/wiki/ Redirect Chain https://fghdaswitch.com/regs/yksd/mx/index_files/jquery.jsonp-2.4.0.min.js.download https://en.wikipedia.org/wiki/Art	0 0	13ms 12ms	Script text/html	2620:0:862:ed1a::1 WIKIMEDIA
General Check archive.org Show headers Download Go to Full URL https://en.wikipedia.org/wiki/Art Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2620:0:862:ed1a::1 , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers location https://en.wikipedia.org/wiki/Art Date Fri, 17 Apr 2020 12:23:28 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=98 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	Art Show response en.wikipedia.org/wiki/ Redirect Chain https://fghdaswitch.com/regs/yksd/mx/index_files/select_banner.js.download https://en.wikipedia.org/wiki/Art	0 0	12ms 12ms	Script text/html	2620:0:862:ed1a::1 WIKIMEDIA
General Check archive.org Show headers Download Go to Full URL https://en.wikipedia.org/wiki/Art Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2620:0:862:ed1a::1 , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers location https://en.wikipedia.org/wiki/Art Date Fri, 17 Apr 2020 12:23:28 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=95 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	Art Show response en.wikipedia.org/wiki/ Redirect Chain https://fghdaswitch.com/regs/yksd/mx/index_files/reset_pwd.js.download https://en.wikipedia.org/wiki/Art	0 0	13ms 12ms	Script text/html	2620:0:862:ed1a::1 WIKIMEDIA
General Check archive.org Show headers Download Go to Full URL https://en.wikipedia.org/wiki/Art Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2620:0:862:ed1a::1 , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers location https://en.wikipedia.org/wiki/Art Date Fri, 17 Apr 2020 12:23:28 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	Art Show response en.wikipedia.org/wiki/ Redirect Chain https://fghdaswitch.com/regs/yksd/mx/index_files/qiye_algorithm.js.download https://en.wikipedia.org/wiki/Art	0 0	13ms 12ms	Script text/html	2620:0:862:ed1a::1 WIKIMEDIA
General Check archive.org Show headers Download Go to Full URL https://en.wikipedia.org/wiki/Art Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2620:0:862:ed1a::1 , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers location https://en.wikipedia.org/wiki/Art Date Fri, 17 Apr 2020 12:23:28 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=98 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	logo.gif mimghz.qiye.163.com/o/public/	3 KB 3 KB	744ms 443ms	Image image/gif	123.58.177.239 NETEASE-AS Guangz...
General Check archive.org Show headers Download Go to Show image Full URL http://mimghz.qiye.163.com/o/public/logo.gif Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol HTTP/1.1 Server 123.58.177.239 Hangzhou, China, ASN45062 (NETEASE-AS Guangzhou NetEase Computer System Co., Ltd., CN), Reverse DNS m239-177.yeah.net Software nginx / Resource Hash `ed6dbc8fab5b63d6df0b079b70fc95459214b77dc174a05f0ea97d6a5fdc131c` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 17 Apr 2020 12:23:28 GMT Last-Modified Thu, 18 Oct 2012 06:21:43 GMT Server nginx ETag "507f9ff7-ca0" X-Cache HIT from ntes_qiye Content-Type image/gif Cache-Control max-age=315360000 Connection keep-alive Accept-Ranges bytes Content-Length 3232 Expires Mon, 12 Nov 2029 10:57:40 GMT
GET H/1.1	200 OK	user_yixin_right_20180827.jpg mimg.qiye.163.com/o/mailapp/qiyelogin/style/img/	187 KB 187 KB	2408ms 2221ms	Image image/jpeg	220.194.24.216 CHINA169-BJ China...
General Check archive.org Show headers Download Go to Show image Full URL http://mimg.qiye.163.com/o/mailapp/qiyelogin/style/img/user_yixin_right_20180827.jpg Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol HTTP/1.1 Server 220.194.24.216 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN), Reverse DNS mail-m24216.qiye.163.com Software nginx / Resource Hash `664aa37e0a5c4996aee36c91c517ba150c9062830df0a12127509eadea5ca871` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 17 Apr 2020 12:23:29 GMT Last-Modified Mon, 27 Aug 2018 03:02:35 GMT Server nginx ETag "5b8369cb-2eca6" X-Cache HIT from cnc ntes_qiye Content-Type image/jpeg Cache-Control max-age=315360000 Connection keep-alive Accept-Ranges bytes Content-Length 191654 Expires Thu, 26 Apr 2029 10:07:57 GMT
GET H/1.1	200 OK	loginFormBg.png mimghz.qiye.163.com/o/domain/201808271800/index/img/	3 KB 3 KB	1394ms 1094ms	Image image/png	123.58.177.239 NETEASE-AS Guangz...
General Check archive.org Show headers Download Go to Show image Full URL http://mimghz.qiye.163.com/o/domain/201808271800/index/img/loginFormBg.png Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol HTTP/1.1 Server 123.58.177.239 Hangzhou, China, ASN45062 (NETEASE-AS Guangzhou NetEase Computer System Co., Ltd., CN), Reverse DNS m239-177.yeah.net Software nginx / Resource Hash `aa41c1850a185eec48e1d91f3e79e897bd07d85b0b15cd50efa9df0b4fa8153d` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 17 Apr 2020 12:23:28 GMT Last-Modified Mon, 27 Aug 2018 09:25:26 GMT Server nginx ETag "5b83c386-c15" X-Cache HIT from ntes_qiye Content-Type image/png Cache-Control max-age=315360000 Connection keep-alive Accept-Ranges bytes Content-Length 3093 Expires Wed, 13 Mar 2030 00:36:46 GMT
GET H/1.1	200 OK	bg_cn_noqiye.png mimghz.qiye.163.com/o/domain/201808271800/index/img/	9 KB 9 KB	1334ms 1051ms	Image image/png	123.58.177.239 NETEASE-AS Guangz...
General Check archive.org Show headers Download Go to Show image Full URL http://mimghz.qiye.163.com/o/domain/201808271800/index/img/bg_cn_noqiye.png Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol HTTP/1.1 Server 123.58.177.239 Hangzhou, China, ASN45062 (NETEASE-AS Guangzhou NetEase Computer System Co., Ltd., CN), Reverse DNS m239-177.yeah.net Software nginx / Resource Hash `000114f7ef19aac009b411eff3232439da5e89a7476248a8813b94e9c4cd7bc1` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 17 Apr 2020 12:23:28 GMT Last-Modified Mon, 27 Aug 2018 09:25:26 GMT Server nginx ETag "5b83c386-23bb" X-Cache HIT from ntes_qiye Content-Type image/png Cache-Control max-age=315360000 Connection keep-alive Accept-Ranges bytes Content-Length 9147 Expires Wed, 13 Mar 2030 00:12:24 GMT
GET H/1.1	200 OK	bgx.gif mimg.qiye.163.com/xm/qiye/login/img/	87 B 418 B	1937ms 1768ms	Image image/gif	220.194.24.216 CHINA169-BJ China...
General Check archive.org Show headers Download Go to Show image Full URL http://mimg.qiye.163.com/xm/qiye/login/img/bgx.gif Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol HTTP/1.1 Server 220.194.24.216 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN), Reverse DNS mail-m24216.qiye.163.com Software nginx / Resource Hash `57f37271dc71a424614a1b51d7c9c95bc5d81ccc40588afb31f54689b46f8715` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 17 Apr 2020 12:23:29 GMT Last-Modified Thu, 07 Jan 2010 06:22:50 GMT Server nginx ETag "4b457dba-57" X-Cache HIT from cnc ntes_qiye Content-Type image/gif Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 87 Expires Fri, 17 Apr 2020 12:48:35 GMT
GET H/1.1	200 OK	bg.gif mimg.qiye.163.com/xm/qiye/login/img/	12 KB 13 KB	922ms 752ms	Image image/gif	220.194.24.216 CHINA169-BJ China...
General Check archive.org Show headers Download Go to Show image Full URL http://mimg.qiye.163.com/xm/qiye/login/img/bg.gif Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol HTTP/1.1 Server 220.194.24.216 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN), Reverse DNS mail-m24216.qiye.163.com Software nginx / Resource Hash `09e7fb9326ea92a21d2e4703ed5274db3e63652e90892761ae12e82ffc33eb66` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 17 Apr 2020 12:23:28 GMT Last-Modified Thu, 07 Jan 2010 06:22:50 GMT Server nginx ETag "4b457dba-310c" X-Cache HIT from cnc ntes_qiye Content-Type image/gif Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 12556 Expires Fri, 17 Apr 2020 13:10:07 GMT
GET H/1.1	200 OK	ic_android.png mimghz.qiye.163.com/o/domain/201808271800/index/img/	2 KB 2 KB	1378ms 1094ms	Image image/png	123.58.177.239 NETEASE-AS Guangz...
General Check archive.org Show headers Download Go to Show image Full URL http://mimghz.qiye.163.com/o/domain/201808271800/index/img/ic_android.png Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol HTTP/1.1 Server 123.58.177.239 Hangzhou, China, ASN45062 (NETEASE-AS Guangzhou NetEase Computer System Co., Ltd., CN), Reverse DNS m239-177.yeah.net Software nginx / Resource Hash `f62a777eec8cc1e11ec1d0f681b707d43b87129af5a160ecd858f829db5478a4` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 17 Apr 2020 12:23:28 GMT Last-Modified Mon, 27 Aug 2018 09:25:26 GMT Server nginx ETag "5b83c386-687" X-Cache HIT from ntes_qiye Content-Type image/png Cache-Control max-age=315360000 Connection keep-alive Accept-Ranges bytes Content-Length 1671 Expires Wed, 27 Feb 2030 01:27:00 GMT
GET H/1.1	200 OK	ic_apple.png mimghz.qiye.163.com/o/domain/201808271800/index/img/	1 KB 2 KB	705ms 422ms	Image image/png	123.58.177.239 NETEASE-AS Guangz...
General Check archive.org Show headers Download Go to Show image Full URL http://mimghz.qiye.163.com/o/domain/201808271800/index/img/ic_apple.png Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol HTTP/1.1 Server 123.58.177.239 Hangzhou, China, ASN45062 (NETEASE-AS Guangzhou NetEase Computer System Co., Ltd., CN), Reverse DNS m239-177.yeah.net Software nginx / Resource Hash `44ed03668b2e7924e52d736b5c3484f2a58a1d9f75497f38a44ce569cc86c402` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 17 Apr 2020 12:23:28 GMT Last-Modified Mon, 27 Aug 2018 09:25:26 GMT Server nginx ETag "5b83c386-5c0" X-Cache HIT from ntes_qiye Content-Type image/png Cache-Control max-age=315360000 Connection keep-alive Accept-Ranges bytes Content-Length 1472 Expires Wed, 13 Mar 2030 00:12:24 GMT
GET H/1.1	200 OK	ic_qr.png mimghz.qiye.163.com/o/domain/201808271800/index/img/	2 KB 3 KB	1754ms 1470ms	Image image/png	123.58.177.239 NETEASE-AS Guangz...
General Check archive.org Show headers Download Go to Show image Full URL http://mimghz.qiye.163.com/o/domain/201808271800/index/img/ic_qr.png Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol HTTP/1.1 Server 123.58.177.239 Hangzhou, China, ASN45062 (NETEASE-AS Guangzhou NetEase Computer System Co., Ltd., CN), Reverse DNS m239-177.yeah.net Software nginx / Resource Hash `54fdcb30f8d40ec4b1d3cf31eb64f76642655824532e2950b63312b4284bfa2a` Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 17 Apr 2020 12:23:29 GMT Last-Modified Mon, 27 Aug 2018 09:25:26 GMT Server nginx ETag "5b83c386-95e" X-Cache HIT from ntes_qiye Content-Type image/png Cache-Control max-age=315360000 Connection keep-alive Accept-Ranges bytes Content-Length 2398 Expires Wed, 03 Apr 2030 04:25:34 GMT
GET H2	200	Art en.wikipedia.org/wiki/ Redirect Chain https://fghdaswitch.com/regs/yksd/mx/img/applogin_example.png https://en.wikipedia.org/wiki/Art	0 0	12ms 12ms	Image text/html	2620:0:862:ed1a::1 WIKIMEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://en.wikipedia.org/wiki/Art Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2620:0:862:ed1a::1 , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://fghdaswitch.com/regs/yksd/mx/files/custom.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers location https://en.wikipedia.org/wiki/Art Date Fri, 17 Apr 2020 12:23:28 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	Art en.wikipedia.org/wiki/ Redirect Chain https://fghdaswitch.com/regs/yksd/mx/img/codebg.png https://en.wikipedia.org/wiki/Art	0 0	13ms 12ms	Image text/html	2620:0:862:ed1a::1 WIKIMEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://en.wikipedia.org/wiki/Art Requested by Host: fghdaswitch.com URL: https://fghdaswitch.com/regs/yksd/mx/?email=nobody@mycraftmail.com Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2620:0:862:ed1a::1 , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://fghdaswitch.com/regs/yksd/mx/files/custom.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers location https://en.wikipedia.org/wiki/Art Date Fri, 17 Apr 2020 12:23:28 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=96 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: 163.cn (Online) Generic China (Online)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

en.wikipedia.org
fghdaswitch.com
mimg.qiye.163.com
mimghz.qiye.163.com
qiye.163.com
123.58.177.239
220.194.24.216
2620:0:862:ed1a::1
31.192.110.33
000114f7ef19aac009b411eff3232439da5e89a7476248a8813b94e9c4cd7bc1
09e7fb9326ea92a21d2e4703ed5274db3e63652e90892761ae12e82ffc33eb66
3315b2a9b892138959b6f9fd671782ece1da0590c97c7da2f80afccc5d342939
44ed03668b2e7924e52d736b5c3484f2a58a1d9f75497f38a44ce569cc86c402
54fdcb30f8d40ec4b1d3cf31eb64f76642655824532e2950b63312b4284bfa2a
57f37271dc71a424614a1b51d7c9c95bc5d81ccc40588afb31f54689b46f8715
664aa37e0a5c4996aee36c91c517ba150c9062830df0a12127509eadea5ca871
6ec5fd729fea809de4f701c80f30b1450c8271297ed56ae1177ab28138e3526a
874cbf268437bff7b2e07511a081266a0ba82e99abec974e26feac3e378b2763
aa41c1850a185eec48e1d91f3e79e897bd07d85b0b15cd50efa9df0b4fa8153d
d4705e517811993d3bcd8f15aa8fb09de3c4f6167650233a31e67dd876d01f76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed6dbc8fab5b63d6df0b079b70fc95459214b77dc174a05f0ea97d6a5fdc131c
f62a777eec8cc1e11ec1d0f681b707d43b87129af5a160ecd858f829db5478a4

fghdaswitch.com Open in urlscan Pro 31.192.110.33 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

28 Requests

68 %HTTPS

25 %IPv6

3 Domains

5 Subdomains

4 IPs

3 Countries

244 kBTransfer

240 kBSize

0 Cookies

10 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fghdaswitch.com Open in urlscan Pro
31.192.110.33 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

68 %
HTTPS

25 %
IPv6

3
Domains

5
Subdomains

4
IPs

3
Countries

244 kB
Transfer

240 kB
Size

0
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!