jwii.cc
Open in
urlscan Pro
69.49.230.222
Malicious Activity!
Public Scan
Submission: On August 29 via automatic, source openphish
Summary
This is the only time jwii.cc was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: 163.cn (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 69.49.230.222 69.49.230.222 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
4 | 103.129.252.34 103.129.252.34 | 137263 (NETEASE-A...) (NETEASE-AS-AP NETEASE HONG KONG LIMITED) | |
1 | 163.171.128.148 163.171.128.148 | 54994 (QUANTILNE...) (QUANTILNETWORKS) | |
1 | 183.131.108.223 183.131.108.223 | 58461 (CT-HANGZH...) (CT-HANGZHOU-IDC No.288) | |
16 | 5 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 69-49-230-222.unifiedlayer.com
jwii.cc |
ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN)
mail-activity.nosdn.127.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
jwii.cc
jwii.cc |
188 KB |
6 |
127.net
mimg.127.net urswebzj.nosdn.127.net mail-activity.nosdn.127.net |
102 KB |
16 | 2 |
Domain | Requested by | |
---|---|---|
10 | jwii.cc |
jwii.cc
|
4 | mimg.127.net |
jwii.cc
|
1 | mail-activity.nosdn.127.net |
jwii.cc
|
1 | urswebzj.nosdn.127.net |
jwii.cc
|
16 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mimg.127.net GeoTrust RSA CN CA G2 |
2021-08-17 - 2022-09-09 |
a year | crt.sh |
*.nosdn.127.net GeoTrust CN RSA CA G1 |
2020-03-27 - 2022-06-26 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://jwii.cc/web/mail163/block/login.html
Frame ID: C89F0DDFAA6120B513F507983E595E1F
Requests: 21 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.html
jwii.cc/web/mail163/block/ |
82 KB 82 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.248e37ee059989c49193.css
jwii.cc/web/mail163/block/figs/ |
88 KB 88 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
urs.163.607297a5.css
jwii.cc/web/mail163/block/figs/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
form3
jwii.cc/web/mail163/block/figs/ |
62 B 277 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t.gif
jwii.cc/web/mail163/block/figs/ |
77 B 317 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading_s.gif
jwii.cc/web/mail163/block/figs/ |
578 B 819 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
noface_new.gif
jwii.cc/web/mail163/block/figs/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
year.js.download
jwii.cc/web/mail163/block/figs/ |
23 B 276 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gonganlogo.png
jwii.cc/web/mail163/block/figs/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
resupload_2020_6_8_39628e5a6146f059949210bebf88d697.png
jwii.cc/web/mail163/block/figs/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
588 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico-user.png
mimg.127.net/p/freemail/index/lib/img/urs/ |
615 B 875 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico-password.png
mimg.127.net/p/freemail/index/lib/img/urs/ |
379 B 638 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite_61fbe151ab715649c6b7c4ec39156201.png
urswebzj.nosdn.127.net/webzj_cdn101/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico-error.png
mimg.127.net/p/freemail/index/lib/img/urs/ |
436 B 694 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mail-index-bottom-gg-7.png
mimg.127.net/ggimg/all/img21/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1871dab7-0857-42f7-b7ca-919a5b76c3a6
mail-activity.nosdn.127.net/ |
61 KB 61 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
429 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
326 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
331 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: 163.cn (Online)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
jwii.cc
mail-activity.nosdn.127.net
mimg.127.net
urswebzj.nosdn.127.net
103.129.252.34
163.171.128.148
183.131.108.223
69.49.230.222
065f86db73775341c54048befea1dbd24e6013780ce06db950cee6e5908463be
165a95bb7f51279e95c894226fddde08c7a9b8359f2f1bca5c481cd57cce465f
1e34a2e90f3638992e8531b253e9f25d3e00d7604be7bad35e3261b3e0c71d25
2a840f089f3a645c5c6dda7e3ed1fc43c33e15fbb87fc4c3ada8d6f0421af26a
2c44c94942bf16b971d8543513ddd9f47db6acc17f04aacea54b278e53cd672d
3f666934b806964af9be68a39f16151701e7a7b8009ac24e7acb9ac0a7c10aa5
48e7484ac4f925cce2688a289e73fd5e287dbda8f3f7b8ca0c2db6a807f12c4d
4a78062df2ac95881a546f84880e0e938fcdf265f7812ff7d3a3c93b9338df03
582f228d991eb285fe503a840fd5a61c98c87be59e460fcc02b5d2e141c6d0ff
67d26d3c0f24b481a552884c4e5e165fde02b12b6fe237c89815fecdf7251c3e
697c43474ba71d79eeb8ba6dcb0c1c49d3617aef8aa5cc4d296b1e799cb12f24
6f494c2fccb2dc23ad991b9b89ba2b6b5e1db103316116a57fae38776610ed64
78f95deba1d88e2fd1d8b43399c447f6eb336943374983cb83f4de4a97453c72
85bcfff50035a52bd2b913234a45fe12a485f7fb3dd24f681de98eaa953e52d0
af9a2d314e6b6a69b5f8b68511f4e0f53987e051e39d4e493df6ffe2c0763963
b275aa829dcfbb40e98fc132289102e17d8997431434dde4b2ce7e665858e70e
b7d3c2e78895ed6048d40b23537f1d008f0f169de24ec0745765b7e3765c0069
ca12da8dade48acfcd0b7ec3fe0c96fff0283622488812896f045aa22b1338c2
cee64c6ea4503e58c6702cc4e4ae9eacce784f2c054cf2c68f19a1e92b0a7489
dd37cd41f21e27f74586217bc1a1e6017580492bec9774602ccfe0faf4c34663
fe224462b5aab571aea8bed69f9bc6c68c2cb8a8c1d98f4e30f2019a34ca7916