www.jindaticket.com Open in urlscan Pro
154.82.191.14 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.jindaticket.com/
Submission: On August 01 via automatic, source certstream-suspicious (August 1st 2020, 9:40:37 pm UTC)

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 33 HTTP transactions. The main IP is 154.82.191.14, located in United States and belongs to ROOTNETWORKS, US. The main domain is www.jindaticket.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 7th 2020. Valid for: 3 months.

This is the only time www.jindaticket.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bet365 (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
19	154.82.191.14 154.82.191.14	32708 (ROOTNETWORKS) (ROOTNETWORKS)
1 2	154.214.101.14 154.214.101.14	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
33	3

19 154.82.191.14 (United States)

ASN32708 (ROOTNETWORKS, US)

www.jindaticket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.214.101.14 (Los Angeles, United States) 1 redirects

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

chaojialin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	jindaticket.com www.jindaticket.com	149 KB
2	chaojialin.com 1 redirects chaojialin.com	473 B
33	2

	Domain	Requested by
19	www.jindaticket.com	www.jindaticket.com
2	chaojialin.com	1 redirects www.jindaticket.com
33	2

This site contains no links.

Subject Issuer	Validity	Valid
jindaticket.com Let's Encrypt Authority X3	`2020-06-07` - `2020-09-05`	3 months	crt.sh
www.chaojialin.com Let's Encrypt Authority X3	`2020-07-17` - `2020-10-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.jindaticket.com/
Frame ID: 81591F266ED450A722C1E1DB8FA74AC2
Requests: 32 HTTP requests in this frame

Frame: https://chaojialin.com/cn/register
Frame ID: D65CF73F30731AD4E305D578596CEE33
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Win32|Win64/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

33
Requests

61 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

149 kB
Transfer

380 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://www.jindaticket.com/templets/images/top2.jpg HTTP 301
https://www.jindaticket.com/templets/images/index.html

Request Chain 31

https://chaojialin.com/ HTTP 302
https://chaojialin.com/cn/register

33 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.jindaticket.com/	17 KB 5 KB	696ms 149ms	Document text/html	154.82.191.14 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www.jindaticket.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.82.191.14 , United States, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev / Resource Hash `f2ca587daeda8f7e0c624e57ad9d01c96452dbdf3034dfe5e848a190710015dc` Request headers Host www.jindaticket.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 01 Aug 2020 21:40:00 GMT Server Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev Last-Modified Tue, 18 Feb 2020 07:30:31 GMT ETag "45e6-59ed4a58c0ced-gzip" Accept-Ranges bytes Vary Accept-Encoding Content-Encoding gzip Content-Length 4652 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	child_cart.css www.jindaticket.com/templets/css/	19 KB 4 KB	150ms 148ms	Stylesheet text/css	154.82.191.14 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www.jindaticket.com/templets/css/child_cart.css Requested by Host: www.jindaticket.com URL: https://www.jindaticket.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.82.191.14 , United States, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev / Resource Hash `549f2f4a18d88713c443c498ec309ba7b89c6b18e65c61b262b613a09cc0a030` Request headers Referer https://www.jindaticket.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 01 Aug 2020 21:40:00 GMT Content-Encoding gzip Last-Modified Wed, 07 Nov 2018 01:48:41 GMT Server Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev ETag "4c87-57a0951554c03-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 4018
GET H/1.1	200 OK	child_atm.css www.jindaticket.com/templets/css/	3 KB 1 KB	298ms 148ms	Stylesheet text/css	154.82.191.14 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www.jindaticket.com/templets/css/child_atm.css Requested by Host: www.jindaticket.com URL: https://www.jindaticket.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.82.191.14 , United States, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev / Resource Hash `f6c69078c480d260be97c940be2d7f9a64aa0afebc1e1ff89944e75851954a7f` Request headers Referer https://www.jindaticket.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 01 Aug 2020 21:40:00 GMT Content-Encoding gzip Last-Modified Wed, 07 Nov 2018 01:48:41 GMT Server Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev ETag "ae4-57a0951554c03-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 872
GET H/1.1	200 OK	master.css www.jindaticket.com/templets/css/	27 KB 6 KB	447ms 151ms	Stylesheet text/css	154.82.191.14 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www.jindaticket.com/templets/css/master.css Requested by Host: www.jindaticket.com URL: https://www.jindaticket.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.82.191.14 , United States, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev / Resource Hash `c8d34d2eba22b06dedea0d9ee975a1bbf854c3bc4b389daa35256102dd6c895b` Request headers Referer https://www.jindaticket.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 01 Aug 2020 21:40:00 GMT Content-Encoding gzip Last-Modified Wed, 07 Nov 2018 01:48:41 GMT Server Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev ETag "6b60-57a0951554c03-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 5579
GET H/1.1	200 OK	subpage.css www.jindaticket.com/templets/css/	18 KB 4 KB	448ms 151ms	Stylesheet text/css	154.82.191.14 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www.jindaticket.com/templets/css/subpage.css Requested by Host: www.jindaticket.com URL: https://www.jindaticket.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.82.191.14 , United States, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev / Resource Hash `30a84a8d6c583ad87d5a17a04fc07e116a735ffa3e6a47f7c84096c8aa444e79` Request headers Referer https://www.jindaticket.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 01 Aug 2020 21:40:00 GMT Content-Encoding gzip Last-Modified Wed, 07 Nov 2018 01:48:41 GMT Server Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev ETag "47c5-57a0951554c03-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3520
GET H/1.1	200 OK	animate.css www.jindaticket.com/templets/css/	66 KB 5 KB	450ms 151ms	Stylesheet text/css	154.82.191.14 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www.jindaticket.com/templets/css/animate.css Requested by Host: www.jindaticket.com URL: https://www.jindaticket.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.82.191.14 , United States, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev / Resource Hash `1a618a7106fcd67496ed2cb05758d2f466e250ac3194d96016376cc623e9d2a5` Request headers Referer https://www.jindaticket.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 01 Aug 2020 21:40:00 GMT Content-Encoding gzip Last-Modified Wed, 07 Nov 2018 01:48:41 GMT Server Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev ETag "109dc-57a0951554c03-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 4346
GET H/1.1	200 OK	jquery.js Show response www.jindaticket.com/templets/js/	94 KB 34 KB	464ms 165ms	Script application/javascript	154.82.191.14 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www.jindaticket.com/templets/js/jquery.js Requested by Host: www.jindaticket.com URL: https://www.jindaticket.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.82.191.14 , United States, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev / Resource Hash `034c48b154fd671ed0197fa19195fd87f6b578f52ff2331317297e777b9a30b8` Request headers Referer https://www.jindaticket.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 01 Aug 2020 21:40:00 GMT Content-Encoding gzip Last-Modified Wed, 07 Nov 2018 01:48:41 GMT Server Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev ETag "177c3-57a0951554c03-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 34079
GET H/1.1	200 OK	banner.js Show response www.jindaticket.com/templets/js/	11 KB 4 KB	150ms 149ms	Script application/javascript	154.82.191.14 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www.jindaticket.com/templets/js/banner.js Requested by Host: www.jindaticket.com URL: https://www.jindaticket.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.82.191.14 , United States, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev / Resource Hash `6332a2b7681463db11940ca76aa2775266974c0899529bbd7c10ee997cedf7e8` Request headers Referer https://www.jindaticket.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 01 Aug 2020 21:40:01 GMT Content-Encoding gzip Last-Modified Wed, 07 Nov 2018 01:48:41 GMT Server Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev ETag "2b05-57a0951554c03-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 3301
GET H/1.1	200 OK	child_atm.js Show response www.jindaticket.com/templets/js/	29 KB 7 KB	150ms 150ms	Script application/javascript	154.82.191.14 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www.jindaticket.com/templets/js/child_atm.js Requested by Host: www.jindaticket.com URL: https://www.jindaticket.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.82.191.14 , United States, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev / Resource Hash `b641a504669ac8da0c4e0b012a31f5de6dba2ef27a6d3ee2d09799a2b0ca714b` Request headers Referer https://www.jindaticket.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 01 Aug 2020 21:40:01 GMT Content-Encoding gzip Last-Modified Wed, 07 Nov 2018 01:48:41 GMT Server Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev ETag "7220-57a0951554c03-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 6812
GET H/1.1	200 OK	Marquee.js Show response www.jindaticket.com/templets/js/	11 KB 3 KB	148ms 148ms	Script application/javascript	154.82.191.14 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www.jindaticket.com/templets/js/Marquee.js Requested by Host: www.jindaticket.com URL: https://www.jindaticket.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.82.191.14 , United States, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev / Resource Hash `14d898c3e5c4c6e54ffdcfff08004e238c49b898fb7bc8c5837448cc385e947c` Request headers Referer https://www.jindaticket.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 01 Aug 2020 21:40:01 GMT Content-Encoding gzip Last-Modified Wed, 07 Nov 2018 01:48:41 GMT Server Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev ETag "2a4b-57a0951554c03-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 2986
GET H/1.1	200 OK	jQselect.js Show response www.jindaticket.com/templets/js/	6 KB 2 KB	158ms 158ms	Script application/javascript	154.82.191.14 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www.jindaticket.com/templets/js/jQselect.js Requested by Host: www.jindaticket.com URL: https://www.jindaticket.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.82.191.14 , United States, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev / Resource Hash `87210469d05e43038c36849835780bcad4e26105bf18b02d12d077f821fe649a` Request headers Referer https://www.jindaticket.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 01 Aug 2020 21:40:01 GMT Content-Encoding gzip Last-Modified Wed, 07 Nov 2018 01:48:41 GMT Server Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev ETag "1962-57a0951554c03-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 1894
GET H/1.1	200 OK	zx.js Show response www.jindaticket.com/templets/js/	749 B 764 B	151ms 151ms	Script application/javascript	154.82.191.14 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www.jindaticket.com/templets/js/zx.js Requested by Host: www.jindaticket.com URL: https://www.jindaticket.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.82.191.14 , United States, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev / Resource Hash `675d41a7c78989c8226b41aa62ce2beda1eff93aa01522877701b040b7d92fc0` Request headers Referer https://www.jindaticket.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 01 Aug 2020 21:40:01 GMT Content-Encoding gzip Last-Modified Wed, 07 Nov 2018 01:48:41 GMT Server Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev ETag "2ed-57a0951554c03-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 369
GET H/1.1	200 OK	lihe.js Show response www.jindaticket.com/templets/js/	5 KB 2 KB	169ms 169ms	Script application/javascript	154.82.191.14 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www.jindaticket.com/templets/js/lihe.js Requested by Host: www.jindaticket.com URL: https://www.jindaticket.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.82.191.14 , United States, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev / Resource Hash `14e30ed73e138e4dd72ec98a7b60f29eacb7dd67301ac8209c7a2fa836e03a16` Request headers Referer https://www.jindaticket.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 01 Aug 2020 21:40:01 GMT Content-Encoding gzip Last-Modified Wed, 07 Nov 2018 01:48:41 GMT Server Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev ETag "127e-57a0951554c03-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 1471
GET H/1.1	200 OK	logo.png www.jindaticket.com/templets/images/	9 KB 9 KB	154ms 151ms	Image image/png	154.82.191.14 ROOTNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://www.jindaticket.com/templets/images/logo.png Requested by Host: www.jindaticket.com URL: https://www.jindaticket.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.82.191.14 , United States, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev / Resource Hash `97b077464e083062926254dae96a04e5a3920fd3954747902ce3b85339a4d0e3` Request headers Referer https://www.jindaticket.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 01 Aug 2020 21:40:01 GMT Content-Encoding gzip Last-Modified Thu, 06 Dec 2018 14:34:46 GMT Server Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev ETag "23c7-57c5b66788702-gzip" Vary Accept-Encoding Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 8613
GET H/1.1	200 OK	notceimg.png www.jindaticket.com/templets/images/	37 KB 37 KB	155ms 152ms	Image image/png	154.82.191.14 ROOTNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://www.jindaticket.com/templets/images/notceimg.png Requested by Host: www.jindaticket.com URL: https://www.jindaticket.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.82.191.14 , United States, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev / Resource Hash `98d86f858a0c0002e90b4ad41bd7d4b3fb2bc942792b5865752422b16fc9748c` Request headers Referer https://www.jindaticket.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 01 Aug 2020 21:40:01 GMT Content-Encoding gzip Last-Modified Wed, 07 Nov 2018 01:48:41 GMT Server Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev ETag "9447-57a0951554c03-gzip" Vary Accept-Encoding Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 37726
GET H/1.1	200 OK	indexright.gif www.jindaticket.com/templets/images/	1 KB 1 KB	153ms 150ms	Image image/gif	154.82.191.14 ROOTNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://www.jindaticket.com/templets/images/indexright.gif Requested by Host: www.jindaticket.com URL: https://www.jindaticket.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.82.191.14 , United States, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev / Resource Hash `4028a57f1c768dfc8df80167e10922094c7c47356538af99f6876ee138e3381f` Request headers Referer https://www.jindaticket.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 01 Aug 2020 21:40:01 GMT Content-Encoding gzip Last-Modified Wed, 07 Nov 2018 01:48:41 GMT Server Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev ETag "508-57a0951554c03-gzip" Vary Accept-Encoding Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 958
GET		index.html www.jindaticket.com/templets/images/ Redirect Chain https://www.jindaticket.com/templets/images/top2.jpg https://www.jindaticket.com/templets/images/index.html	0 0

GET H/1.1	200 OK	cjyciw.js Show response www.jindaticket.com/83598/37149/53491/	929 B 837 B	150ms 148ms	Script application/javascript	154.82.191.14 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www.jindaticket.com/83598/37149/53491/cjyciw.js Requested by Host: www.jindaticket.com URL: https://www.jindaticket.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.82.191.14 , United States, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev / Resource Hash `cb12481e7e06867b14e0b56d57d4548a4b11969c28f6c2fe696549fc6fa55a9e` Request headers Referer https://www.jindaticket.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 01 Aug 2020 21:40:01 GMT Content-Encoding gzip Last-Modified Sun, 02 Jun 2019 09:07:20 GMT Server Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev ETag "3a1-58a5393355e7c-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=93 Content-Length 442
GET H/1.1	200 OK	734bce67419d181a3c0d69c519bf593c.jpg www.jindaticket.com/uploads/allimg/20191125/	22 KB 22 KB	153ms 150ms	Image image/jpeg	154.82.191.14 ROOTNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://www.jindaticket.com/uploads/allimg/20191125/734bce67419d181a3c0d69c519bf593c.jpg Requested by Host: www.jindaticket.com URL: https://www.jindaticket.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.82.191.14 , United States, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev / Resource Hash `7d7cfc3d4feb6b976373d66f18ab2022b4c5b4e7bdac18509dc35fae7386d277` Request headers Referer https://www.jindaticket.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 01 Aug 2020 21:40:01 GMT Content-Encoding gzip Last-Modified Mon, 25 Nov 2019 02:31:47 GMT Server Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev ETag "58dd-5982290b47612-gzip" Vary Accept-Encoding Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 21882
GET		9a6a28b6fed278bae8312aad0f3ae161.jpg www.jindaticket.com/uploads/allimg/20191119/	0 0

GET		30d0ad459efa61de5065ec56aeb9f8c9.jpg www.jindaticket.com/uploads/allimg/20200218/	0 0

GET		e4f4981a3841f2b65cc9be14facd3d62.jpg www.jindaticket.com/uploads/allimg/20200218/	0 0

GET		5372510756013a2fe0a1a3fa2af96251.jpg www.jindaticket.com/uploads/allimg/20191120/	0 0

GET		5938eda28603cf4427da2e6e7d0a1df7.jpg www.jindaticket.com/uploads/allimg/20191119/	0 0

GET		e3504f809bf7c153f19de3a05a6efd2f.jpg www.jindaticket.com/uploads/allimg/20191113/	0 0

GET		b67014c33d2c2fecb084477f24da48d5.jpg www.jindaticket.com/uploads/allimg/20191110/	0 0

GET		9137bcf2f896b7efc4f7b5047c93dc17.jpg www.jindaticket.com/uploads/allimg/20191120/	0 0

GET		38f2c81a7b218972bcad118c56ca5063.jpg www.jindaticket.com/uploads/allimg/20191120/	0 0

GET		51db44738b8635e593998e23ac040216.jpg www.jindaticket.com/uploads/allimg/20191118/	0 0

GET		242dca56b75b520f062b9d3a33c1768d.jpg www.jindaticket.com/uploads/allimg/20191113/	0 0

GET		insexsearch.png www.jindaticket.com/templets/images/	0 0

GET H/1.1	200 OK	tmfaa7.js Show response www.jindaticket.com/83598/37149/53491/	4 KB 2 KB	151ms 148ms	Script application/javascript	154.82.191.14 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www.jindaticket.com/83598/37149/53491/tmfaa7.js Requested by Host: www.jindaticket.com URL: https://www.jindaticket.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 154.82.191.14 , United States, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev / Resource Hash `54eb2bc099256404f81656da313b7528a939eb8dd8b2ae0f70e98ea460cccca4` Request headers Referer https://www.jindaticket.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 01 Aug 2020 21:40:02 GMT Content-Encoding gzip Last-Modified Thu, 14 Nov 2019 16:49:42 GMT Server Apache/2.4.39 (Win64) OpenSSL/1.1.1b PHP/7.2.18 mod_fcgid/2.3.10-dev ETag "f43-59751449db0de-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1339
GET H/1.1	200 OK	Cookie set register chaojialin.com/cn/ Frame D65C Redirect Chain https://chaojialin.com/ https://chaojialin.com/cn/register	0 0	683ms 683ms	Document text/html	154.214.101.14 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Full URL https://chaojialin.com/cn/register Requested by Host: www.jindaticket.com URL: https://www.jindaticket.com/83598/37149/53491/tmfaa7.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 154.214.101.14 Los Angeles, United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software Microsoft-IIS/8.5 / PHP/5.6.26 ARR/3.0 ASP.NET Resource Hash Request headers Host chaojialin.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.jindaticket.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie web=qkmar7du564l3620bu5ontr922; randomYes=43551613050 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.jindaticket.com/ Response headers Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Content-Length 9443 Content-Type text/html; charset=UTF-8 Content-Encoding gzip Expires Thu, 19 Nov 1981 08:52:00 GMT Vary Accept-Encoding Server Microsoft-IIS/8.5 Set-Cookie randomYes=43551613039; path=/ randomYes=43551613039; path=/ firstVisit=1; Expires=Sat, 08-Aug-2020 21:40:06 GMT; Path=/ X-Powered-By PHP/5.6.26 ARR/3.0 ASP.NET Date Sat, 01 Aug 2020 21:39:37 GMT Redirect headers Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Content-Length 0 Content-Type text/html; charset=UTF-8 Expires Thu, 19 Nov 1981 08:52:00 GMT Location /cn/register Server Microsoft-IIS/8.5 Set-Cookie web=qkmar7du564l3620bu5ontr922; path=/ randomYes=43551613050; path=/ X-Powered-By PHP/5.6.26 ARR/3.0 ASP.NET Date Sat, 01 Aug 2020 21:39:36 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.jindaticket.com
URL: https://www.jindaticket.com/templets/images/index.html

Domain: www.jindaticket.com
URL: https://www.jindaticket.com/uploads/allimg/20191119/9a6a28b6fed278bae8312aad0f3ae161.jpg

Domain: www.jindaticket.com
URL: https://www.jindaticket.com/uploads/allimg/20200218/30d0ad459efa61de5065ec56aeb9f8c9.jpg

Domain: www.jindaticket.com
URL: https://www.jindaticket.com/uploads/allimg/20200218/e4f4981a3841f2b65cc9be14facd3d62.jpg

Domain: www.jindaticket.com
URL: https://www.jindaticket.com/uploads/allimg/20191120/5372510756013a2fe0a1a3fa2af96251.jpg

Domain: www.jindaticket.com
URL: https://www.jindaticket.com/uploads/allimg/20191119/5938eda28603cf4427da2e6e7d0a1df7.jpg

Domain: www.jindaticket.com
URL: https://www.jindaticket.com/uploads/allimg/20191113/e3504f809bf7c153f19de3a05a6efd2f.jpg

Domain: www.jindaticket.com
URL: https://www.jindaticket.com/uploads/allimg/20191110/b67014c33d2c2fecb084477f24da48d5.jpg

Domain: www.jindaticket.com
URL: https://www.jindaticket.com/uploads/allimg/20191120/9137bcf2f896b7efc4f7b5047c93dc17.jpg

Domain: www.jindaticket.com
URL: https://www.jindaticket.com/uploads/allimg/20191120/38f2c81a7b218972bcad118c56ca5063.jpg

Domain: www.jindaticket.com
URL: https://www.jindaticket.com/uploads/allimg/20191118/51db44738b8635e593998e23ac040216.jpg

Domain: www.jindaticket.com
URL: https://www.jindaticket.com/uploads/allimg/20191113/242dca56b75b520f062b9d3a33c1768d.jpg

Domain: www.jindaticket.com
URL: https://www.jindaticket.com/templets/images/insexsearch.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bet365 (Entertainment)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

chaojialin.com
www.jindaticket.com
www.jindaticket.com
154.214.101.14
154.82.191.14
034c48b154fd671ed0197fa19195fd87f6b578f52ff2331317297e777b9a30b8
14d898c3e5c4c6e54ffdcfff08004e238c49b898fb7bc8c5837448cc385e947c
14e30ed73e138e4dd72ec98a7b60f29eacb7dd67301ac8209c7a2fa836e03a16
1a618a7106fcd67496ed2cb05758d2f466e250ac3194d96016376cc623e9d2a5
30a84a8d6c583ad87d5a17a04fc07e116a735ffa3e6a47f7c84096c8aa444e79
4028a57f1c768dfc8df80167e10922094c7c47356538af99f6876ee138e3381f
549f2f4a18d88713c443c498ec309ba7b89c6b18e65c61b262b613a09cc0a030
54eb2bc099256404f81656da313b7528a939eb8dd8b2ae0f70e98ea460cccca4
6332a2b7681463db11940ca76aa2775266974c0899529bbd7c10ee997cedf7e8
675d41a7c78989c8226b41aa62ce2beda1eff93aa01522877701b040b7d92fc0
7d7cfc3d4feb6b976373d66f18ab2022b4c5b4e7bdac18509dc35fae7386d277
87210469d05e43038c36849835780bcad4e26105bf18b02d12d077f821fe649a
97b077464e083062926254dae96a04e5a3920fd3954747902ce3b85339a4d0e3
98d86f858a0c0002e90b4ad41bd7d4b3fb2bc942792b5865752422b16fc9748c
b641a504669ac8da0c4e0b012a31f5de6dba2ef27a6d3ee2d09799a2b0ca714b
c8d34d2eba22b06dedea0d9ee975a1bbf854c3bc4b389daa35256102dd6c895b
cb12481e7e06867b14e0b56d57d4548a4b11969c28f6c2fe696549fc6fa55a9e
f2ca587daeda8f7e0c624e57ad9d01c96452dbdf3034dfe5e848a190710015dc
f6c69078c480d260be97c940be2d7f9a64aa0afebc1e1ff89944e75851954a7f

www.jindaticket.com Open in urlscan Pro 154.82.191.14 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

33 Requests

61 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

149 kBTransfer

380 kBSize

0 Cookies

0 Outgoing links

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

0 Cookies

Indicators

www.jindaticket.com Open in urlscan Pro
154.82.191.14 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

61 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

149 kB
Transfer

380 kB
Size

0
Cookies

33 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!