222487.com
Open in
urlscan Pro
34.92.22.66
Malicious Activity!
Public Scan
Effective URL: https://222487.com:8989/
Submission: On August 13 via api from NL — Scanned from NL
Summary
TLS certificate: Issued by R3 on August 11th 2023. Valid for: 3 months.
This is the only time 222487.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bet365 (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 34.92.22.66 34.92.22.66 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
16 | 2409:8c54:281... 2409:8c54:2810:1101::6 | () () | |
31 | 3 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 66.22.92.34.bc.googleusercontent.com
222487.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
rbjgb.com
3rzeeh.rbjgb.com |
124 KB |
9 |
222487.com
222487.com |
125 KB |
31 | 2 |
Domain | Requested by | |
---|---|---|
16 | 3rzeeh.rbjgb.com |
222487.com
3rzeeh.rbjgb.com |
9 | 222487.com |
222487.com
|
31 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
222487.com R3 |
2023-08-11 - 2023-11-09 |
3 months | crt.sh |
*.rbjgb.com Sectigo RSA Domain Validation Secure Server CA |
2023-03-26 - 2024-03-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://222487.com:8989/
Frame ID: 2C1872FCF820F8BF9C2B4E9BA1700D83
Requests: 33 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://222487.com/ Page URL
- https://222487.com:8989/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Swiper Slider (Miscellaneous) Expand
Detected patterns
- swiper(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://222487.com/ Page URL
- https://222487.com:8989/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
222487.com/ |
82 B 411 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
222487.com/ |
452 KB 77 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gui-base.css
222487.com/ftl/commonPage/themes/ |
80 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gui-skin-default.css
222487.com/ftl/commonPage/themes/ |
31 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
3rzeeh.rbjgb.com/ftl/bet365-1733/themes/style/ |
59 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-dialog.min.css
3rzeeh.rbjgb.com/ftl/bet365-1733/themes/style/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
i18n.js
222487.com/commonPage/lan/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.3.min.js
3rzeeh.rbjgb.com/ftl/commonPage/js/jquery/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
float.js
3rzeeh.rbjgb.com/ftl/commonPage/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
idangerous.swiper.min.js
3rzeeh.rbjgb.com/ftl/commonPage/js/ |
44 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Comet.js
3rzeeh.rbjgb.com/ftl/commonPage/js/websocket/ |
17 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CometMarathon.js
3rzeeh.rbjgb.com/ftl/commonPage/js/websocket/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PopUp.js
3rzeeh.rbjgb.com/ftl/commonPage/js/websocket/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
message_zh_CN.js
222487.com/ |
32 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lazyload.js
3rzeeh.rbjgb.com/ftl/commonPage/js/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gui-base.js
3rzeeh.rbjgb.com/ftl/commonPage/js/ |
60 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-dialog.min.js
3rzeeh.rbjgb.com/ftl/commonPage/js/ |
20 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layer.js
3rzeeh.rbjgb.com/ftl/commonPage/js/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.super-marquee.js
3rzeeh.rbjgb.com/ftl/commonPage/js/jquery/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery.nicescroll.min.js
3rzeeh.rbjgb.com/ftl/commonPage/js/jquery/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validate.js
3rzeeh.rbjgb.com/061410/rcenter/common/js/jquery/plugins/jquery.validate/ |
27 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery.validate.extend.msites.js
3rzeeh.rbjgb.com/061410/rcenter/common/js/gamebox/common/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
moment.js
3rzeeh.rbjgb.com/ftl/commonPage/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pc.css
3rzeeh.rbjgb.com/ftl/commonPage/themes/hb/css/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
gb.validation.min.js
3rzeeh.rbjgb.com/061410/rcenter/common/static/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gb.validation.min.css
3rzeeh.rbjgb.com/061410/rcenter/common/static/css/ |
11 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
special_3.jpg
3rzeeh.rbjgb.com/ftl/commonPage/zh_CN/mobileTopic/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hongbao.css
222487.com/ftl/commonPage/themes/ |
53 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gui-layer.css
222487.com/ftl/commonPage/themes/ |
49 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
484 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
260 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gui.ttf
222487.com/ftl/commonPage/themes/fonts/gui-fonts/ |
80 KB 0 |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
layer.css
3rzeeh.rbjgb.com/ftl/commonPage/js/theme/default/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- 3rzeeh.rbjgb.com
- URL
- https://3rzeeh.rbjgb.com/ftl/commonPage/js/jquery/jquery.nicescroll.min.js
- Domain
- 3rzeeh.rbjgb.com
- URL
- https://3rzeeh.rbjgb.com/061410/rcenter/common/js/gamebox/common/jquery.validate.extend.msites.js
- Domain
- 3rzeeh.rbjgb.com
- URL
- https://3rzeeh.rbjgb.com/ftl/commonPage/js/moment.js
- Domain
- 3rzeeh.rbjgb.com
- URL
- https://3rzeeh.rbjgb.com/061410/rcenter/common/static/js/gb.validation.min.js?v=1691443158884
- Domain
- 3rzeeh.rbjgb.com
- URL
- https://3rzeeh.rbjgb.com/ftl/commonPage/zh_CN/mobileTopic/images/special_3.jpg
- Domain
- 3rzeeh.rbjgb.com
- URL
- https://3rzeeh.rbjgb.com/ftl/commonPage/js/theme/default/layer.css?v=3.1.0
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bet365 (Entertainment)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
222487.com
3rzeeh.rbjgb.com
3rzeeh.rbjgb.com
2409:8c54:2810:1101::6
34.92.22.66
1d042b9441e860ddcc01b9e9e5e8d354121ee0e31b47f6e18a321e2e633d22e7
1dbe4afbc9ed220c08b9e95577b56f83e2e8e0f7620c5dc18266bb325e5bb271
1fbcf8666e954fac26076fac509f215be910952ab0e2a667d184ef877c836b2f
3043f42fdd97ec607648da79c3abfa6f364404c7594143227c2541d1f0ac6069
329ab92b9276ef4e3148f69be6b208969bebdf2db3121a589caa172453fd9f10
42a5a785e7ab2956f273d32e8c4a03e91a57a1c55cc9e952da66724bd9d48b5b
4c79bd5f7674ac54a377c34facd56465a269d5ce434eb1635338f4efaee4f1c6
527228714a2a640b71788550f8dcd2c0964ee13fdfddc1c57ff377134f8fcecb
5339bf22971b6400e64154decc06b84fd4be337c2758cc7ca565756c92c97894
54f42d992ddc42c91f9114df3aaf6527ca2c41e64542e9ab4de8a9435115e8ff
56feab66e10b4718de666fc63941b4f36a5e553e8887d663e137e635add8beb3
5eb4d895bcb33061cda238c8ff4985ede69a866819b980c732cf3802ec101e8d
6ca90c3c7a08731135e1a6672028005df178fded2ad439b0d6807efb8a1ca364
6cf6e96f51f13834e233bee9a9040f6eff70601dc0b755e60885b20550b35a9f
728d63b799ab3d9bee5e987ad13f71aeb9d30ff78ed552c7edc425531c9c0f2a
73500ead881aa273814d982b0a0e78dc29ebf04f37b5932667785f6f7c45a664
7e060459cf8e6078db58eb538952fbe8671aa0d140ce9edc8c2450fbdf12a777
871bf30791bb89605b61cea815c3786246274b65ede3b8a8b8c2dd9244cfa89d
bc19a91cd57e7ce343a16a261bfb71fd89b03e033710e12c41ed9e9c3746b708
becd5057f84d375d0edb9bb6061674bf30a118cfa9aaba9204b51e193bec2d2b
cb1d0b332c0218bbb360fd25d693f88293b54389caf88c36ffcfd8adc948d0e4
d4413fa2a99427644e15bf76c4638ef25fd8027c53c8494c52cb045f9365fc4c
dd1edf5e54071903c4c1e81e33636444899d645df6b18bad22249da07f91c811
df904653b6c930ec406670bed1f674269b2797843081a9b526545b970544606c
e2bfb9fc21f2a1a6e33c7c5ed20de13ef2ef4bcf266aa4b2e6f2fee06f8f4eaf
fff36324a9f663c914dcefbcec79877e85c40d49ff2945c6342980365d51d7db