www.gdtn-lab.cn
Open in
urlscan Pro
103.71.48.50
Malicious Activity!
Public Scan
Submission: On May 30 via manual from CN
Summary
This is the only time www.gdtn-lab.cn was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: 163.cn (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
32 | 103.71.48.50 103.71.48.50 | 38197 (SUNHK-DAT...) (SUNHK-DATA-AS-AP Sun Network (Hong Kong) Limited - HongKong Backbone) | |
7 | 103.129.252.34 103.129.252.34 | 137263 (NETEASE-A...) (NETEASE-AS-AP NETEASE HONG KONG LIMITED) | |
5 | 163.171.129.134 163.171.129.134 | 54994 (QUANTILNE...) (QUANTILNETWORKS - QUANTIL NETWORKS INC) | |
1 3 | 123.58.177.13 123.58.177.13 | 45062 (NETEASE-A...) (NETEASE-AS Guangzhou NetEase Computer System Co.) | |
1 | 103.65.41.125 103.65.41.125 | 135391 (AOFEI-HK ...) (AOFEI-HK AOFEI DATA INTERNATIONAL COMPANY LIMITED) | |
1 | 103.65.41.126 103.65.41.126 | 135391 (AOFEI-HK ...) (AOFEI-HK AOFEI DATA INTERNATIONAL COMPANY LIMITED) | |
1 | 123.126.97.207 123.126.97.207 | 4808 (CHINA169-...) (CHINA169-BJ China Unicom Beijing Province Network) | |
49 | 8 |
ASN38197 (SUNHK-DATA-AS-AP Sun Network (Hong Kong) Limited - HongKong Backbone, HK)
www.gdtn-lab.cn |
ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US)
urswebzj.nosdn.127.net |
ASN45062 (NETEASE-AS Guangzhou NetEase Computer System Co., Ltd., CN)
PTR: m13-177.yeah.net
email2.163.com |
ASN135391 (AOFEI-HK AOFEI DATA INTERNATIONAL COMPANY LIMITED, HK)
dl.reg.163.com |
ASN135391 (AOFEI-HK AOFEI DATA INTERNATIONAL COMPANY LIMITED, HK)
dl.reg.163.com |
ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)
PTR: mail-m97207.mail.163.com
countly.mail.163.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
32 |
gdtn-lab.cn
www.gdtn-lab.cn |
309 KB |
12 |
127.net
mimg.127.net urswebzj.nosdn.127.net |
114 KB |
6 |
163.com
1 redirects
email2.163.com dl.reg.163.com countly.mail.163.com |
26 KB |
49 | 3 |
Domain | Requested by | |
---|---|---|
32 | www.gdtn-lab.cn |
www.gdtn-lab.cn
|
7 | mimg.127.net |
www.gdtn-lab.cn
|
5 | urswebzj.nosdn.127.net |
www.gdtn-lab.cn
|
3 | email2.163.com |
1 redirects
www.gdtn-lab.cn
|
2 | dl.reg.163.com |
urswebzj.nosdn.127.net
|
1 | countly.mail.163.com |
mimg.127.net
|
49 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.163.com |
vipmail.163.com |
qiye.163.com |
hw.mail.163.com |
mail.163.com |
help.mail.163.com |
reg.mail.163.com |
3c.163.com |
qian.163.com |
you.163.com |
corp.163.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.163.com GeoTrust RSA CA 2018 |
2018-12-20 - 2020-03-20 |
a year | crt.sh |
mimg.127.net GeoTrust RSA CA 2018 |
2018-07-26 - 2019-08-10 |
a year | crt.sh |
*.reg.163.com GeoTrust RSA CA 2018 |
2018-01-26 - 2019-12-07 |
2 years | crt.sh |
*.mail.163.com GeoTrust RSA CA 2018 |
2018-03-21 - 2019-08-21 |
a year | crt.sh |
This page contains 5 frames:
Primary Page:
http://www.gdtn-lab.cn/user/index/email2/uid/Buf18vs8.html
Frame ID: 73A83DEC33CC4B62662A158AD9C19D11
Requests: 19 HTTP requests in this frame
Frame:
http://www.gdtn-lab.cn/user/index/urs/type/1/uid/18.html
Frame ID: F0686A56D594D09C0966AA528613E41C
Requests: 12 HTTP requests in this frame
Frame:
http://www.gdtn-lab.cn/user/index/urs/type/2/uid/18.html
Frame ID: 8D4D463CA729B410126EDEC4731610E6
Requests: 12 HTTP requests in this frame
Frame:
http://www.gdtn-lab.cn/user/index/urs/type/3/uid/18.html
Frame ID: C4AA10EC3759D7E45877AE947B4CA592
Requests: 12 HTTP requests in this frame
Frame:
https://dl.reg.163.com/webzj/v1.0.1/pub/index_dl2_new.html?MGID=1559212213352.1833&wdaId=&pkid=fjWGUOS&product=mail163
Frame ID: 93985205092F0DE80B409B9CED318ABC
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: 收费邮
Search URL Search Domain Scan URL
Title: 企业邮箱
Search URL Search Domain Scan URL
Title: 国外用户登录
Search URL Search Domain Scan URL
Title: 手机客户端
Search URL Search Domain Scan URL
Title: 帮助
Search URL Search Domain Scan URL
Title: 免费激活
Search URL Search Domain Scan URL
Title: 网易智造
Search URL Search Domain Scan URL
Title: 网易•有钱
Search URL Search Domain Scan URL
Title: 网易严选
Search URL Search Domain Scan URL
Title: 隐私政策
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- http://email2.163.com/res/css/style.76326ce1.css HTTP 301
- https://email2.163.com/res/css/style.76326ce1.css
49 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
Buf18vs8.html
www.gdtn-lab.cn/user/index/email2/uid/ |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
raven-3.27.0.min.js
mimg.127.net/p/freemail/lib/track/ |
37 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
es5-polyfill.js
mimg.127.net/p/freemail/lib/polyfill/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
html-polyfill.js
mimg.127.net/p/freemail/lib/polyfill/ |
140 B 557 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
message.js
urswebzj.nosdn.127.net/webzj_cdn101/ |
25 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.76326ce1.css
email2.163.com/res/css/ Redirect Chain
|
9 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
raven-3.27.0.min.js
mimg.127.net/p/freemail/lib/track/ |
0 14 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
es5-polyfill.js
mimg.127.net/p/freemail/lib/polyfill/ |
0 1 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
html-polyfill.js
mimg.127.net/p/freemail/lib/polyfill/ |
0 557 B |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
message.js
urswebzj.nosdn.127.net/webzj_cdn101/ |
0 9 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
year.js
mimg.127.net/copyright/ |
23 B 417 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.1bcee5e5.js
www.gdtn-lab.cn/themes/default/public/assets/js/ |
86 KB 37 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
18.html
www.gdtn-lab.cn/user/index/urs/type/1/uid/ Frame F068 |
44 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
18.html
www.gdtn-lab.cn/user/index/urs/type/2/uid/ Frame 8D4D |
44 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
18.html
www.gdtn-lab.cn/user/index/urs/type/3/uid/ Frame C4AA |
44 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
983 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.10.2.min.js
www.gdtn-lab.cn/themes/default/public/assets/js/ Frame F068 |
91 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
www.gdtn-lab.cn/themes/default/public/assets/simpleboot3/bootstrap/js/ Frame F068 |
36 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frontend.js
www.gdtn-lab.cn/static/js/ Frame F068 |
51 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layui.js
www.gdtn-lab.cn/static/js/layui/ Frame F068 |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.10.2.min.js
www.gdtn-lab.cn/themes/default/public/assets/js/ Frame C4AA |
91 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
www.gdtn-lab.cn/themes/default/public/assets/simpleboot3/bootstrap/js/ Frame C4AA |
36 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frontend.js
www.gdtn-lab.cn/static/js/ Frame C4AA |
51 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layui.js
www.gdtn-lab.cn/static/js/layui/ Frame C4AA |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.10.2.min.js
www.gdtn-lab.cn/themes/default/public/assets/js/ Frame 8D4D |
91 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
www.gdtn-lab.cn/themes/default/public/assets/simpleboot3/bootstrap/js/ Frame 8D4D |
36 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frontend.js
www.gdtn-lab.cn/static/js/ Frame 8D4D |
51 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layui.js
www.gdtn-lab.cn/static/js/layui/ Frame 8D4D |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global.e1dc50f7.png
email2.163.com/res/img/ |
21 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
492 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
578 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite_61fbe151ab715649c6b7c4ec39156201.png
urswebzj.nosdn.127.net/webzj_cdn101/ Frame F068 |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame F068 |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getConf
dl.reg.163.com/ |
63 B 217 B |
Script
text/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
islogin.html
www.gdtn-lab.cn/user/index/ Frame F068 |
66 B 442 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
element.js
www.gdtn-lab.cn/static/js/layui/lay/modules/ Frame F068 |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
form.js
www.gdtn-lab.cn/static/js/layui/lay/modules/ Frame F068 |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index_dl2_new.html
dl.reg.163.com/webzj/v1.0.1/pub/ Frame 9398 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
24 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite_61fbe151ab715649c6b7c4ec39156201.png
urswebzj.nosdn.127.net/webzj_cdn101/ Frame C4AA |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame C4AA |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
islogin.html
www.gdtn-lab.cn/user/index/ Frame C4AA |
66 B 442 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
element.js
www.gdtn-lab.cn/static/js/layui/lay/modules/ Frame C4AA |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
form.js
www.gdtn-lab.cn/static/js/layui/lay/modules/ Frame C4AA |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
i
countly.mail.163.com/countly/ |
0 0 |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layer.js
www.gdtn-lab.cn/static/js/layui/lay/modules/ Frame F068 |
22 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layer.js
www.gdtn-lab.cn/static/js/layui/lay/modules/ Frame C4AA |
22 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite_61fbe151ab715649c6b7c4ec39156201.png
urswebzj.nosdn.127.net/webzj_cdn101/ Frame 8D4D |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 8D4D |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layer.css
www.gdtn-lab.cn/static/js/layui/css/modules/layer/default/ Frame F068 |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
islogin.html
www.gdtn-lab.cn/user/index/ Frame 8D4D |
66 B 374 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
element.js
www.gdtn-lab.cn/static/js/layui/lay/modules/ Frame 8D4D |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
form.js
www.gdtn-lab.cn/static/js/layui/lay/modules/ Frame 8D4D |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layer.css
www.gdtn-lab.cn/static/js/layui/css/modules/layer/default/ Frame C4AA |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layer.js
www.gdtn-lab.cn/static/js/layui/lay/modules/ Frame 8D4D |
22 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layer.css
www.gdtn-lab.cn/static/js/layui/css/modules/layer/default/ Frame 8D4D |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: 163.cn (Online)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| Raven object| aTag object| URSCFG string| URSOPENBGP function| URS object| JSON3 object| Countly function| parcelRequire function| URSJSONP1559212213150 object| indexLogin function| succ number| __hasRun2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
dl.reg.163.com/ | Name: _ihtxzdilxldP8_ Value: 30 |
|
dl.reg.163.com/ | Name: JSESSIONID-WYTXZDL Value: kmEbcidsGAKjZQsP%2FXAj%2FIKQi7vbSogh6Rsc%2BE%5Cj%5C1w8HZ%2BJkr5lgQibgFW6AuF1eFfmN4go2sdAyWgqfnvufj0%2FnqFloRsu%2FeM4v82R0rXe4IKukaqUu2EHe%2B1rk3tGgG%2B9KJr1GYWL3t0eqG%2B3jPEwJUnQsB%2BBoJ63nEVUuEXMlPl%5C%3A1559212816332 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
countly.mail.163.com
dl.reg.163.com
email2.163.com
mimg.127.net
urswebzj.nosdn.127.net
www.gdtn-lab.cn
103.129.252.34
103.65.41.125
103.65.41.126
103.71.48.50
123.126.97.207
123.58.177.13
163.171.129.134
065f86db73775341c54048befea1dbd24e6013780ce06db950cee6e5908463be
098ec9249cb3e97872e1862b4400b9db4c6622a4d089b64b752ffc73b3ef7a30
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
16ede25c08f54c3b1627d401b847eec08b089227058660799c2372dbd6f52425
1d1f8f74389d9906bef9d17514d9a44f8c650a9ed9246df3222311770dc3976c
1f01a58452e90d8141dccdbc5be2fabc6afb6751c36330f2c1a6f032937c9580
214fa39c2152ad7ddde9a4ac671c226f6c4191d1bc1e99309e1f692633ae841c
2602da43ee9f2915106237a841d478a35db64185a1fef259daf41e8a06dbc783
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2f8107de1611ef0a51910822edb390f14a952b59d6138fba3c5ce89d48a39777
35ecd64370f9122a81979ff9e29f01254d926b9c4f2cfc99555780d1c0f168b0
3ab4438b4ef6f28a827cfbc01eb901621b6b3e988380dd94b4acbc10b26fc52a
416d593661bf216e2ee0589b7bb4c627ee3d94b6a3bda06d69bf2c27a9b85af8
5eb4afaa66086a34764b3a159b37d99c67996b392999da667c9632a10e7e82c6
6640146330083ae6db2715c627c2fa4742acb7145af98dd32fddbb71c65dd14f
8123f14ebaebc7bdca7ec975c016cf0ce3e08cd7f56af6742ac6cffc34e95d96
8140d258732ae0f47f99df87fa2f0c3fd2f6c09e464249b144561a05e1ad5791
8735edb7abda64163cac79507fe084fea61a7df5de597028f05d4347d316b64a
89ced95d7f1abcca6e3b5e4d534cacf419d8180e5965d57dbaf80b36fb5318b0
8b6d98b0cf87dc28a33bbd54f6e64114b0b8417e654b82111fd0579e7efdbdbf
a25d71fd2f5fc0c05e62dbdabd1a1fe3191ec0a90a03d546a9527355fc8e2ac6
a6393aad7b8ee53bd45e4bcef503f1da23b8a57793edb44966e91d1e167876f6
b450b905b1c97568a407949bb67c0e7b4e8e0b7dcf65d3161a7f5a59daeeea5a
c265f1a30b85cbe5877d5c4d59c1b7688fceeb0fe476e16658be16e9b11e6c90
cb3cf9269c2a54e5e65fbabcc939ef28604d3bf77c69b1d6983a265790fbf10c
d5292586cfe2230f1c91cae1f71ad9156c23fb60f7cd9d2bce428647b2cad47c
dd37cd41f21e27f74586217bc1a1e6017580492bec9774602ccfe0faf4c34663
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4129228b3c1d9183ed091b163797dddf16a2cf72868bb4fa56c98e7a074686d