shop.can.ac.cn
Open in
urlscan Pro
104.21.192.128
Malicious Activity!
Public Scan
Submission Tags: cascn
Submission: On February 16 via manual from US — Scanned from DE
Summary
This is the only time shop.can.ac.cn was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 104.21.192.128 104.21.192.128 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 2606:4700::68... 2606:4700::6810:5714 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 192.229.221.185 192.229.221.185 | 15133 (EDGECAST) (EDGECAST) | |
12 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
can.ac.cn
shop.can.ac.cn |
108 KB |
5 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 401 |
482 KB |
1 |
msauth.net
logincdn.msauth.net — Cisco Umbrella Rank: 2289 |
1 KB |
12 | 3 |
Domain | Requested by | |
---|---|---|
6 | shop.can.ac.cn |
cdn.jsdelivr.net
shop.can.ac.cn |
5 | cdn.jsdelivr.net |
shop.can.ac.cn
|
1 | logincdn.msauth.net | |
12 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
github.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-03 - 2022-07-02 |
a year | crt.sh |
identitycdn.msauth.net DigiCert SHA2 Secure Server CA |
2021-05-13 - 2022-05-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://shop.can.ac.cn/
Frame ID: 012530B097DE0DA61738CF065D82EE92
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
自动发货销售系统Detected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+\sdata-v(?:ue)?-
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: kamiFaka
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
shop.can.ac.cn/ |
995 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.d5a15e12.css
cdn.jsdelivr.net/gh/Baiyuetribe/kamifaka@CDN/v1.65/static/css/ |
181 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.7e54a98a.css
cdn.jsdelivr.net/gh/Baiyuetribe/kamifaka@CDN/v1.65/static/css/ |
298 KB 144 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.d7e01117.js
cdn.jsdelivr.net/gh/Baiyuetribe/kamifaka@CDN/v1.65/static/js/ |
1001 KB 303 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.61405570.js
cdn.jsdelivr.net/gh/Baiyuetribe/kamifaka@CDN/v1.65/static/js/ |
140 B 631 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.2ab997ab.js
cdn.jsdelivr.net/gh/Baiyuetribe/kamifaka@CDN/v1.65/static/js/ |
27 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
manifest.1dc35f97.css
shop.can.ac.cn/static/css/ |
17 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
manifest.0d5516f1.js
shop.can.ac.cn/static/js/ |
183 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
shop.can.ac.cn/images/ |
54 KB 55 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
theme_list
shop.can.ac.cn/api/v2/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
get_system
shop.can.ac.cn/api/v2/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2_bc3d32a696895f78c19df6c717586a5d.svg
logincdn.msauth.net/shared/1.0/content/images/backgrounds/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| webpackJsonp0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
logincdn.msauth.net
shop.can.ac.cn
104.21.192.128
192.229.221.185
2606:4700::6810:5714
02160bddb65f94a09dd3c4f20dafb3c6e4329a1fc6fa6d4f7232b376f2845676
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
4652f62c4f656004296be716e81ec254208bf37c7e8d8ebb294945e4cc717b9a
4f00303e3dd6f62301b66d0c4345a1f7245f171c77072b2290ade2769eb2a271
54f70f24696dcc42166b8649371d504b5a484695e09ab8d8614947e5af979315
6d379b73956f13882a7adb8857e27d5c9d1973f5f42191eb344f7eefbb36ca4e
a35c6cd4a6cad33e3a9a04f9f82718ae00360adfc84d40daabfae8b78b1ab9b6
b78c40ff157821031827dc5e4842348c83b45e4282d8e6ed594d1b8926ab5b87
e437fd0f7b244b959577ea855904ad8b8f35ea75a0624000e855d064b8ca8e69
ecdb5563294bc34d25fc321921f29c8a016c3b8d92e34a9eb347bdc6ab15f4e8
f0b3033ec07b22bf7d5ece917bee38823a9dc910f8ea2fe9850bf712824ca636
f5af97e8fc8a5f03761f5beda6c187f472536d2d607470235bf83f183405b97b