www3512-3.com Open in urlscan Pro
38.21.26.41  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www3512-3.com/	32 KB 9 KB	1172ms 353ms	Document text/html	38.21.26.41 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www3512-3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.26.41 Mississauga, Canada, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software nginx / Resource Hash af6011532411417383fab64e97a008b5e26ce397588cb7a91b3b18e1c0e90767 Request headers Host www3512-3.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server nginx Date Tue, 02 Feb 2021 21:13:43 GMT Content-Type text/html Last-Modified Mon, 18 May 2020 09:38:38 GMT Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding ETag W/"5ec2579e-8101" Content-Encoding gzip
GET H/1.1	200 OK	api.js Show response www3512-3.com/	166 B 409 B	559ms 192ms	Script application/javascript	38.21.26.41 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www3512-3.com/api.js Requested by Host: www3512-3.com URL: https://www3512-3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.26.41 Mississauga, Canada, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software nginx / Resource Hash d3269bf7d21a028b788e22bbdadec963a5e5fcc4172a6e8d3e5efed08e4d5657 Request headers Referer https://www3512-3.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 21:13:43 GMT Last-Modified Thu, 07 Jan 2021 07:56:28 GMT Server nginx ETag "5ff6beac-a6" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 166
GET H/1.1	200 OK	iconfont.css www3512-3.com/sjju/xhtml/css/font/	10 KB 3 KB	187ms 186ms	Stylesheet text/css	38.21.26.41 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www3512-3.com/sjju/xhtml/css/font/iconfont.css Requested by Host: www3512-3.com URL: https://www3512-3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.26.41 Mississauga, Canada, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software nginx / Resource Hash 4ed0dd3791f48e3817a545afb39ee2fcb61bf9b36393299fbd57e0d7aec0a8e0 Request headers Referer https://www3512-3.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 21:13:43 GMT Content-Encoding gzip Last-Modified Mon, 18 May 2020 09:38:40 GMT Server nginx ETag W/"5ec257a0-274c" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	public.css www3512-3.com/sjju/xhtml/css/	20 KB 5 KB	381ms 193ms	Stylesheet text/css	38.21.26.41 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www3512-3.com/sjju/xhtml/css/public.css Requested by Host: www3512-3.com URL: https://www3512-3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.26.41 Mississauga, Canada, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software nginx / Resource Hash 872986d27e22d7eee96c02f6fc421891d3462318a57d2053ec7416d6ef23f156 Request headers Referer https://www3512-3.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 21:13:43 GMT Content-Encoding gzip Last-Modified Mon, 18 May 2020 09:38:40 GMT Server nginx ETag W/"5ec257a0-4ec2" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	index.css www3512-3.com/sjju/xhtml/css/	4 KB 1 KB	558ms 192ms	Stylesheet text/css	38.21.26.41 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www3512-3.com/sjju/xhtml/css/index.css Requested by Host: www3512-3.com URL: https://www3512-3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.26.41 Mississauga, Canada, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software nginx / Resource Hash ae911c3a6a300378178d4d04f67b3e533faf8a881c614dea358d9fa858004c9c Request headers Referer https://www3512-3.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 21:13:43 GMT Content-Encoding gzip Last-Modified Mon, 18 May 2020 09:38:44 GMT Server nginx ETag W/"5ec257a4-e7f" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	header-logo.png www3512-3.com/sjju/xhtml/images/public/	64 KB 64 KB	352ms 352ms	Image image/png	38.21.26.41 ROOTNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://www3512-3.com/sjju/xhtml/images/public/header-logo.png Requested by Host: www3512-3.com URL: https://www3512-3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.26.41 Mississauga, Canada, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software nginx / Resource Hash a30e746eccddcd25ecfc9b1c088bbe20f0f065040c379b2671381117ef32a459 Request headers Referer https://www3512-3.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 21:13:43 GMT Last-Modified Mon, 18 May 2020 09:38:40 GMT Server nginx ETag "5ec257a0-fe8f" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 65167
GET H/1.1	200 OK	d324ec022dac4dc49ac504d54d8a9abb.jpg www3512-3.com/sjju/c100205/202004/203be4d658cf4bdc9d4750875ec9aafb/images/	86 KB 87 KB	284ms 284ms	Image image/jpeg	38.21.26.41 ROOTNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://www3512-3.com/sjju/c100205/202004/203be4d658cf4bdc9d4750875ec9aafb/images/d324ec022dac4dc49ac504d54d8a9abb.jpg Requested by Host: www3512-3.com URL: https://www3512-3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.26.41 Mississauga, Canada, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software nginx / Resource Hash 86d5201d740163867b9442b8187f7394a215d33ca952c24f62d940f7f5cced7a Request headers Referer https://www3512-3.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 21:13:44 GMT Last-Modified Mon, 18 May 2020 09:38:40 GMT Server nginx ETag "5ec257a0-159ac" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 88492
GET H/1.1	200 OK	71262fc8f1b74e8584f60a4156383f06.jpg www3512-3.com/sjju/c100205/202002/db084f79413b411e996b3cff8210d4af/images/	74 KB 75 KB	433ms 431ms	Image image/jpeg	38.21.26.41 ROOTNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://www3512-3.com/sjju/c100205/202002/db084f79413b411e996b3cff8210d4af/images/71262fc8f1b74e8584f60a4156383f06.jpg Requested by Host: www3512-3.com URL: https://www3512-3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.26.41 Mississauga, Canada, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software nginx / Resource Hash bae4a3bb8c8ab3e39421e673abc6d399aaf9b6f3e913a7f13cf65f85069144ab Request headers Referer https://www3512-3.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 21:13:44 GMT Last-Modified Mon, 18 May 2020 09:38:40 GMT Server nginx ETag "5ec257a0-12919" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 76057
GET H/1.1	200 OK	3a50c7ffc2fc49d29945457172ef6550.jpg www3512-3.com/sjju/c100205/202002/a8cdfa56e9d1411bbf3068b331efd632/images/	141 KB 141 KB	444ms 443ms	Image image/jpeg	38.21.26.41 ROOTNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://www3512-3.com/sjju/c100205/202002/a8cdfa56e9d1411bbf3068b331efd632/images/3a50c7ffc2fc49d29945457172ef6550.jpg Requested by Host: www3512-3.com URL: https://www3512-3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.26.41 Mississauga, Canada, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software nginx / Resource Hash be74bbcca79d488dc23395cc1ce89d960b3d3ba9ab97212f59d44010a9a97f5e Request headers Referer https://www3512-3.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 21:13:44 GMT Last-Modified Mon, 18 May 2020 09:38:40 GMT Server nginx ETag "5ec257a0-23344" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 144196
GET H/1.1	200 OK	5722f58bda764b468315fa86df3e73c9.jpg www3512-3.com/sjju/c100205/202001/f67fbb15b199440088e9e35ad338c46f/images/	84 KB 84 KB	693ms 208ms	Image image/jpeg	38.21.26.41 ROOTNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://www3512-3.com/sjju/c100205/202001/f67fbb15b199440088e9e35ad338c46f/images/5722f58bda764b468315fa86df3e73c9.jpg Requested by Host: www3512-3.com URL: https://www3512-3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.26.41 Mississauga, Canada, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software nginx / Resource Hash 7db4ac8b7b5b99202b45e5afa49dde3dfd7803317a67269d720984c0f5dc2b1e Request headers Referer https://www3512-3.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 21:13:44 GMT Last-Modified Mon, 18 May 2020 09:38:40 GMT Server nginx ETag "5ec257a0-14fc7" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 85959
GET H/1.1	200 OK	f0c8a3642779472caffff2a11d84701e.jpg www3512-3.com/sjju/c100205/202001/6101e74b10e94f44b51a2454fb67d52e/images/	94 KB 94 KB	843ms 356ms	Image image/jpeg	38.21.26.41 ROOTNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://www3512-3.com/sjju/c100205/202001/6101e74b10e94f44b51a2454fb67d52e/images/f0c8a3642779472caffff2a11d84701e.jpg Requested by Host: www3512-3.com URL: https://www3512-3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.26.41 Mississauga, Canada, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software nginx / Resource Hash 9086dfb83c3cf2d5bce16e4cf20f310a41d580cbe6eb2a7b1a6585424020585e Request headers Referer https://www3512-3.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 21:13:44 GMT Last-Modified Mon, 18 May 2020 09:38:40 GMT Server nginx ETag "5ec257a0-1776e" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 96110
GET H/1.1	200 OK	5ba04d1efb374e418b57a3bfedf13029.png www3512-3.com/sjju/midbanner/202004/8c45ae4e54e245568eae0e49659d25c7/images/	138 KB 138 KB	382ms 381ms	Image image/png	38.21.26.41 ROOTNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://www3512-3.com/sjju/midbanner/202004/8c45ae4e54e245568eae0e49659d25c7/images/5ba04d1efb374e418b57a3bfedf13029.png Requested by Host: www3512-3.com URL: https://www3512-3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.26.41 Mississauga, Canada, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software nginx / Resource Hash cf2609fafea9aff81d1cd4fb6f9a8f97aad2cf0920ee88bf9114b38ffd6ac3a5 Request headers Referer https://www3512-3.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 21:13:44 GMT Last-Modified Mon, 18 May 2020 09:38:42 GMT Server nginx ETag "5ec257a2-2270b" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 141067
GET H/1.1	200 OK	red.png www3512-3.com/sjju/xhtml/images/public/	2 KB 2 KB	182ms 181ms	Image image/png	38.21.26.41 ROOTNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://www3512-3.com/sjju/xhtml/images/public/red.png Requested by Host: www3512-3.com URL: https://www3512-3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.26.41 Mississauga, Canada, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software nginx / Resource Hash 99a002b7d69f0fb585fbab405c4c9038347a4a3ffe1b74d0f7bd69cbb018d817 Request headers Referer https://www3512-3.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 21:13:44 GMT Last-Modified Mon, 18 May 2020 09:38:40 GMT Server nginx ETag "5ec257a0-838" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 2104
GET H/1.1	200 OK	close_dl.png www3512-3.com/sjju/xhtml/images/public/	42 KB 42 KB	228ms 227ms	Image image/png	38.21.26.41 ROOTNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://www3512-3.com/sjju/xhtml/images/public/close_dl.png Requested by Host: www3512-3.com URL: https://www3512-3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.26.41 Mississauga, Canada, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software nginx / Resource Hash 3f92363d4895fbc99454a5f02994a3336d0cf4978d5ab37779f19faa9a762226 Request headers Referer https://www3512-3.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 21:13:44 GMT Last-Modified Mon, 18 May 2020 09:38:42 GMT Server nginx ETag "5ec257a2-a7e0" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 42976
GET H/1.1	200 OK	64fa10f9c84a4b2889272b9a3fb6adb5.jpg www3512-3.com/sjju/easybtn/202004/d5067e49e53d41ee994a8c9e08acc803/images/	15 KB 16 KB	213ms 212ms	Image image/jpeg	38.21.26.41 ROOTNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://www3512-3.com/sjju/easybtn/202004/d5067e49e53d41ee994a8c9e08acc803/images/64fa10f9c84a4b2889272b9a3fb6adb5.jpg Requested by Host: www3512-3.com URL: https://www3512-3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.26.41 Mississauga, Canada, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software nginx / Resource Hash 80f93b30fb63f193da6c804b98393b72e647ba89ecb939dc2a7ad5edb11f541e Request headers Referer https://www3512-3.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 21:13:44 GMT Last-Modified Mon, 18 May 2020 09:38:40 GMT Server nginx ETag "5ec257a0-3df5" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 15861
GET H/1.1	200 OK	tongji.js Show response www3512-3.com/	474 B 718 B	185ms 184ms	Script application/javascript	38.21.26.41 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www3512-3.com/tongji.js Requested by Host: www3512-3.com URL: https://www3512-3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.26.41 Mississauga, Canada, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software nginx / Resource Hash 17eea00bdee933f0220674a12c25e3135dc22acda74773f9f73978b5dcfe1834 Request headers Referer https://www3512-3.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 21:13:43 GMT Last-Modified Fri, 22 May 2020 13:11:00 GMT Server nginx ETag "5ec7cf64-1da" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 474
GET H/1.1	200 OK	openpvp.js Show response www3512-3.com/	4 KB 2 KB	186ms 186ms	Script application/javascript	38.21.26.41 ROOTNETWORKS
General Check archive.org Show headers Download Go to Full URL https://www3512-3.com/openpvp.js Requested by Host: www3512-3.com URL: https://www3512-3.com/api.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.26.41 Mississauga, Canada, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software nginx / Resource Hash 16e6d1931be73a361ebccfc91ed498ca35bbae6c9fe6a8ae589896f33904dc92 Request headers Referer https://www3512-3.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 21:13:43 GMT Content-Encoding gzip Last-Modified Thu, 07 Jan 2021 07:56:28 GMT Server nginx ETag W/"5ff6beac-eb1" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive
GET H/1.1	404 Not Found	body-bg.png www3512-3.com/sjju/xhtml/images/public/	548 B 548 B	543ms 181ms	Image text/html	38.21.26.41 ROOTNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://www3512-3.com/sjju/xhtml/images/public/body-bg.png Requested by Host: www3512-3.com URL: https://www3512-3.com/sjju/xhtml/css/public.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.26.41 Mississauga, Canada, ASN32708 (ROOTNETWORKS, US), Reverse DNS Software nginx / Resource Hash d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090 Request headers Referer https://www3512-3.com/sjju/xhtml/css/public.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 21:13:44 GMT Server nginx Connection keep-alive Content-Length 548 Content-Type text/html
GET H/1.1	200 OK	s.gif sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/	0 116 B	1106ms 532ms	Image text/plain	103.235.46.39 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www3512-3.com/ Requested by Host: www3512-3.com URL: https://www3512-3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.39 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www3512-3.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 21:13:44 GMT Content-Length 0 Content-Type text/plain; charset=utf-8
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	39 KB 14 KB	1107ms 533ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?e3ba31b584469f11df2fa13e5bb44428 Requested by Host: www3512-3.com URL: https://www3512-3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash 7eaa6c3263f4eb167fa1c4dd4cf4f0b8340c53d263f68c5f6e532b8430fe3443 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers Referer https://www3512-3.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Feb 2021 21:13:44 GMT Content-Encoding gzip Server apache Etag 80b890902c81dea6638ef03284523dce Strict-Transport-Security max-age=172800 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Cache-Control max-age=0, must-revalidate Content-Type application/javascript Content-Length 14038
GET H2	200	/ b35ii.com/ Frame 6238	0 0	944ms 478ms	Document text/html	107.154.196.83 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://b35ii.com/ Requested by Host: www3512-3.com URL: https://www3512-3.com/openpvp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.154.196.83 , United States, ASN19551 (INCAPSULA, US), Reverse DNS 107.154.196.83.ip.incapdns.net Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :method GET :authority b35ii.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www3512-3.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www3512-3.com/ Response headers server nginx content-type text/html; charset=UTF-8 set-cookie introcode=599734; expires=Tue, 09-Feb-2021 21:13:44 GMT; Max-Age=604800; path=/ XSRF-TOKEN=eyJpdiI6Imp5TFRVa2pkdTdZTjZheTIycERxQmc9PSIsInZhbHVlIjoiVlA4XC9RSVJheDRaWWlMMDEzZFJZWFFDK2pTRWxjR2ZSUm1rUGt2bXNmR2xrdFl6OTVkajR3RFhUNlJcL0FxUHpFXC9mYWxYYUlOcWwyRGNXdlNrVDlXR3c9PSIsIm1hYyI6IjE5YTNiMTNmZDlhOWIwNzlhYWFkNmM1MWZhY2I2OTY5NzQ0NjA2YTJhNTgyNWIwZTIzMGFmOTY2NmE0MjcwNTMifQ%3D%3D; expires=Tue, 02-Feb-2021 23:13:44 GMT; Max-Age=7200; path=/ vanguard_session=eyJpdiI6ImpLeXJab3UzbGN1citOYTJKS1hYZEE9PSIsInZhbHVlIjoiRVUxZmdSNWhFT0lnZmlwQmhPMng4ejB5cXJOT1NaUEN4SmcraGhNeFgwZUVzbElMYXYrZGVXNFlSaHlQNm1Ba1BTSHZURDZGeFNFM3B0REc2RzhkVVE9PSIsIm1hYyI6IjQwZDQzN2VhNThlMTU1NjkzMmQyNDU2N2ZlMDUwMWNkMTQzYTVjOTMwZWVlOThlZDc1MGNiNWVhY2VhNmM0MGEifQ%3D%3D; expires=Tue, 02-Feb-2021 23:13:44 GMT; Max-Age=7200; path=/; httponly visid_incap_2446113=lx042SLpQp+yT4oxHERGTIfAGWAAAAAAQUIPAAAAAABEI3pHlfheFxI4CaNIP+2G; expires=Wed, 02 Feb 2022 17:36:23 GMT; HttpOnly; path=/; Domain=.b35ii.com; Secure; SameSite=None nlbi_2446113=OIUgVXSCI3Gk2LR1eG1MlAAAAACzveyU802SEZCxp2bOuCIk; path=/; Domain=.b35ii.com; Secure; SameSite=None incap_ses_572_2446113=eivDMj66KyNJCMzJLSfwB4fAGWAAAAAA9r63L6y3FAO4oJ012RaGlw==; path=/; Domain=.b35ii.com; Secure; SameSite=None cache-control no-cache, private date Tue, 02 Feb 2021 21:13:44 GMT x-bos bt5 content-encoding gzip strict-transport-security max-age=31536000 x-cdn Incapsula x-iinfo 10-211395435-211395436 NNNN CT(2 59 0) RT(1612300423476 0) q(0 0 1 0) r(3 3) U12
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	621ms 368ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1864516221&si=e3ba31b584469f11df2fa13e5bb44428&v=1.2.80&lv=1&sn=8355&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww3512-3.com%2F&tt=3512-3.com Requested by Host: www3512-3.com URL: https://www3512-3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers Referer https://www3512-3.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 02 Feb 2021 21:13:45 GMT X-Content-Type-Options nosniff Server apache Strict-Transport-Security max-age=172800 Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bet365 (Entertainment)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| murl string| purl string| ntitle object| ADAPI object| scripts function| check string| V_PATH object| _hmt boolean| _bdhm_loaded_e3ba31b584469f11df2fa13e5bb44428 object| mini_tangram_log_g50n7i

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.b35ii.com/	1969-12-31 23:59:59	Name: nlbi_2446113 Value: OIUgVXSCI3Gk2LR1eG1MlAAAAACzveyU802SEZCxp2bOuCIk
			.b35ii.com/	1970-01-20 00:37:03	Name: visid_incap_2446113 Value: lx042SLpQp+yT4oxHERGTIfAGWAAAAAAQUIPAAAAAABEI3pHlfheFxI4CaNIP+2G
			.b35ii.com/	1969-12-31 23:59:59	Name: incap_ses_572_2446113 Value: eivDMj66KyNJCMzJLSfwB4fAGWAAAAAA9r63L6y3FAO4oJ012RaGlw==
			.www3512-3.com/	1969-12-31 23:59:59	Name: Hm_lpvt_e3ba31b584469f11df2fa13e5bb44428 Value: 1612300425
			.www3512-3.com/	1970-01-20 00:37:16	Name: Hm_lvt_e3ba31b584469f11df2fa13e5bb44428 Value: 1612300425

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b35ii.com
hm.baidu.com
sp0.baidu.com
www3512-3.com
103.235.46.191
103.235.46.39
107.154.196.83
38.21.26.41
16e6d1931be73a361ebccfc91ed498ca35bbae6c9fe6a8ae589896f33904dc92
17eea00bdee933f0220674a12c25e3135dc22acda74773f9f73978b5dcfe1834
3f92363d4895fbc99454a5f02994a3336d0cf4978d5ab37779f19faa9a762226
4ed0dd3791f48e3817a545afb39ee2fcb61bf9b36393299fbd57e0d7aec0a8e0
7db4ac8b7b5b99202b45e5afa49dde3dfd7803317a67269d720984c0f5dc2b1e
7eaa6c3263f4eb167fa1c4dd4cf4f0b8340c53d263f68c5f6e532b8430fe3443
80f93b30fb63f193da6c804b98393b72e647ba89ecb939dc2a7ad5edb11f541e
86d5201d740163867b9442b8187f7394a215d33ca952c24f62d940f7f5cced7a
872986d27e22d7eee96c02f6fc421891d3462318a57d2053ec7416d6ef23f156
9086dfb83c3cf2d5bce16e4cf20f310a41d580cbe6eb2a7b1a6585424020585e
99a002b7d69f0fb585fbab405c4c9038347a4a3ffe1b74d0f7bd69cbb018d817
a30e746eccddcd25ecfc9b1c088bbe20f0f065040c379b2671381117ef32a459
ae911c3a6a300378178d4d04f67b3e533faf8a881c614dea358d9fa858004c9c
af6011532411417383fab64e97a008b5e26ce397588cb7a91b3b18e1c0e90767
bae4a3bb8c8ab3e39421e673abc6d399aaf9b6f3e913a7f13cf65f85069144ab
be74bbcca79d488dc23395cc1ce89d960b3d3ba9ab97212f59d44010a9a97f5e
cf2609fafea9aff81d1cd4fb6f9a8f97aad2cf0920ee88bf9114b38ffd6ac3a5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3269bf7d21a028b788e22bbdadec963a5e5fcc4172a6e8d3e5efed08e4d5657
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855