proxybot.cc
Open in
urlscan Pro
172.105.212.14
Malicious Activity!
Public Scan
Submission: On September 04 via api from IN — Scanned from JP
Summary
TLS certificate: Issued by R3 on September 1st 2023. Valid for: 3 months.
This is the only time proxybot.cc was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Yahoo Japan (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 172.105.212.14 172.105.212.14 | 63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud) | |
2 | 148.113.1.152 148.113.1.152 | 16276 (OVH) (OVH) | |
1 | 2404:6800:400... 2404:6800:4004:801::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2600:9000:213... 2600:9000:2138:fc00:c:dd71:23c0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2600:9000:206... 2600:9000:2066:9800:8:dcbf:c740:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2404:6800:400... 2404:6800:4004:826::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 54.238.41.231 54.238.41.231 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 51.79.176.156 51.79.176.156 | 16276 (OVH) (OVH) | |
3 | 183.79.248.124 183.79.248.124 | 24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan) | |
1 | 205.185.216.42 205.185.216.42 | 20446 (STACKPATH...) (STACKPATH-CDN) | |
30 | 11 |
ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-105-212-14.ip.linodeusercontent.com
proxybot.cc |
ASN16276 (OVH, FR)
PTR: ns5021463.ip-148-113-1.net
poweredby.jads.co |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-41-231.ap-northeast-1.compute.amazonaws.com
yjtag.yahoo.co.jp |
ASN16276 (OVH, FR)
PTR: ns5002768.ip-51-79-176.net
adserver.juicyads.com |
ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)
PTR: edge2000.img.vip.djm.yimg.jp
s.yimg.jp | |
dsb.yahooapis.jp |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
proxybot.cc
proxybot.cc |
319 KB |
4 |
juicyads.com
js.juicyads.com — Cisco Umbrella Rank: 55914 adserver.juicyads.com — Cisco Umbrella Rank: 42853 |
101 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35 |
359 B |
2 |
yimg.jp
s.yimg.jp — Cisco Umbrella Rank: 7680 |
36 KB |
2 |
jads.co
poweredby.jads.co — Cisco Umbrella Rank: 34124 |
11 KB |
1 |
juicyads.me
ads.juicyads.me — Cisco Umbrella Rank: 153663 |
131 KB |
1 |
yahooapis.jp
dsb.yahooapis.jp — Cisco Umbrella Rank: 167659 |
191 B |
1 |
yahoo.co.jp
yjtag.yahoo.co.jp — Cisco Umbrella Rank: 31409 |
1 KB |
1 |
yjtag.jp
s.yjtag.jp — Cisco Umbrella Rank: 36342 |
14 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47 |
81 KB |
30 | 10 |
Domain | Requested by | |
---|---|---|
13 | proxybot.cc |
proxybot.cc
|
3 | adserver.juicyads.com |
poweredby.jads.co
|
3 | www.google-analytics.com |
www.googletagmanager.com
|
2 | s.yimg.jp |
s.yjtag.jp
|
2 | poweredby.jads.co |
proxybot.cc
|
1 | ads.juicyads.me |
adserver.juicyads.com
|
1 | dsb.yahooapis.jp |
s.yimg.jp
|
1 | yjtag.yahoo.co.jp |
s.yjtag.jp
|
1 | s.yjtag.jp |
proxybot.cc
|
1 | js.juicyads.com |
proxybot.cc
|
1 | www.googletagmanager.com |
proxybot.cc
|
30 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
proxybot.cc R3 |
2023-09-01 - 2023-11-30 |
3 months | crt.sh |
*.jads.co Sectigo RSA Domain Validation Secure Server CA |
2022-12-26 - 2024-01-26 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-08-07 - 2023-10-30 |
3 months | crt.sh |
*.juicyads.com Sectigo RSA Domain Validation Secure Server CA |
2023-05-12 - 2024-06-11 |
a year | crt.sh |
*.tgm.yahoo-net.jp Cybertrust Japan SureServer CA G4 |
2023-03-02 - 2024-04-01 |
a year | crt.sh |
yjtag.yahoo.co.jp Cybertrust Japan SureServer CA G4 |
2023-02-13 - 2024-03-12 |
a year | crt.sh |
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4 |
2023-07-28 - 2024-08-27 |
a year | crt.sh |
*.juicyads.me Sectigo RSA Domain Validation Secure Server CA |
2023-05-12 - 2024-05-24 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://proxybot.cc/b?q=2Y6UXi87kd668s68PTSs6iIXUSY6UXiOWuFXI7MH8BFsw6kCndb8aXBTYk.8-n6quih3V-qEMda7rChM0IF6oOY6UXih3V-thM0aXBTYk7h3V-bkCndOYWwTXi/
Frame ID: 97FD0CB845E376CDCA4E4B47293B7658
Requests: 26 HTTP requests in this frame
Frame:
https://adserver.juicyads.com/adshow.php?adzone=848358&mobile=false
Frame ID: 0C1AF4023A87C9977529EC8C881663AE
Requests: 1 HTTP requests in this frame
Frame:
https://adserver.juicyads.com/adshow.php?adzone=1005764
Frame ID: 865BCE53D6B67B74AAAAC0AAB087D2B7
Requests: 1 HTTP requests in this frame
Frame:
https://adserver.juicyads.com/adshow.php?adzone=1005764
Frame ID: 3D4394781FF0F32A27A88C7A40669E5B
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
ãƒã‚°ã‚¤ãƒ³ - Yahoo! JAPANDetected technologies
Nuxt.js (JavaScript Frameworks) ExpandDetected patterns
- <div [^>]*id="__nuxt"
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
b
proxybot.cc/ |
25 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jfc.js
poweredby.jads.co/js/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
233 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b
proxybot.cc/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b
proxybot.cc/ |
36 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b
proxybot.cc/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b
proxybot.cc/ |
239 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b
proxybot.cc/ |
105 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b
proxybot.cc/ |
128 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b
proxybot.cc/ |
238 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jp.php
js.juicyads.com/ |
92 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b
proxybot.cc/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b
proxybot.cc/ |
142 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b
proxybot.cc/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jads.js
poweredby.jads.co/js/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
s.yjtag.jp/ |
43 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b
proxybot.cc/ |
512 B 868 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 251 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b
proxybot.cc/ |
142 KB 32 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag
yjtag.yahoo.co.jp/ |
5 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fadeinbox.js
adserver.juicyads.com/js/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adshow.php
adserver.juicyads.com/ Frame 0C1A |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ytag.js
s.yimg.jp/images/listing/tool/cv/ |
41 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tmual-3.1.0.min.js
s.yimg.jp/images/ds/yas/ |
100 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
stream
dsb.yahooapis.jp/api/v1/ |
2 B 191 B |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
adshow.php
adserver.juicyads.com/ Frame 865B |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adshow.php
adserver.juicyads.com/ Frame 3D43 |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad1952587-1693234476.gif
ads.juicyads.me/ads/user137356/ Frame 3D43 |
131 KB 131 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- adserver.juicyads.com
- URL
- https://adserver.juicyads.com/adshow.php?adzone=1005764
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Yahoo Japan (Online)114 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| documentPictureInPicture string| juicy_adzone string| isMobile string| adsrv string| containerStyle string| iframeDim string| frameWidth string| frameHeight string| fibSrc function| strip_alpha_chars function| domready function| gtag object| dataLayer object| DSCustomLogger object| TLDataContext object| google_tag_manager object| google_tag_data object| juicy_tags function| x7$3x function| g6rbFg number| w6A_7$ function| V2ZW0 function| B9w9o function| V8mFj1 number| h1HPPQ function| J$i$O string| ed45dea function| N4kk object| JuicyPop function| onYouTubeIframeAPIReady object| gaGlobal object| __NUXT__ object| YAHOO object| YJ_YADS function| YadsTimelineManager function| yadsTimelinePoolAds function| gAdController function| yadsDispatchDeliverProduct function| yadsRenderAd_v2 object| yadsInnerFuncs function| yadsRequestAsync object| adsbyjuicy undefined| _bt_url_prefix undefined| _bt_referrer undefined| _bt_site undefined| _bt_mode function| bt_log function| bt_eval function| bt_parameter function| bt_meta function| bt_cookie function| bt_data function| bt_handle_exception function| bt_data_escaped object| BrightTag function| btServe object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| $nuxt object| yjDataLayer object| ytagapi object| YAS function| tmual function| ytag object| tmualcmds function| ualPageviewFire function| GS function| HZ object| Xa object| Ya function| Za function| Be function| ShSh function| Rn function| MA function| cV function| re function| GA function| Ae function| Ac function| rPE function| cp function| Fe function| Ge object| a string| x number| mhz string| displaymode string| enablefade object| autohidebox string| showonscroll number| IEfadelength number| Mozfadedegree number| random_num function| displayfadeinbox function| mozfadefx function| staticfadebox function| hidefadebox function| controlledhidebox function| initfunction function| get_cookie number| offset object| iebody object| objref number| docheight number| objheight number| showonscrollvar11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
proxybot.cc/ | Name: A Value: 7q62bp1ifcdnl&sd=A&t=1693857525&u=1693857525&v=1 |
|
proxybot.cc/ | Name: B Value: 3es792hifcdnl&b=3&s=fo |
|
proxybot.cc/ | Name: XA Value: 7q62bp1ifcdnl&sd=A&t=1693857525&u=1693857525&v=1 |
|
proxybot.cc/ | Name: XB Value: 3es792hifcdnl&b=3&s=fo |
|
.proxybot.cc/ | Name: _ga Value: GA1.1.1654594759.1693857527 |
|
.proxybot.cc/ | Name: _yjsu_yjad Value: 1693857526.ac7b5feb-d4ce-461b-8824-998b56d953f8 |
|
proxybot.cc/ | Name: juicy_fadedin Value: yes |
|
.proxybot.cc/ | Name: _ga_D2YS78TFWG Value: GS1.1.1693857526.1.1.1693857527.0.0.0 |
|
.juicyads.com/ | Name: juicy_data_1 Value: YTowOnt9 |
|
.juicyads.com/ | Name: juicy_data Value: YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D |
|
.juicyads.com/ | Name: surferid Value: 225fc1d1697080433b37af2200476e81 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1;mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.juicyads.me
adserver.juicyads.com
dsb.yahooapis.jp
js.juicyads.com
poweredby.jads.co
proxybot.cc
s.yimg.jp
s.yjtag.jp
www.google-analytics.com
www.googletagmanager.com
yjtag.yahoo.co.jp
adserver.juicyads.com
148.113.1.152
172.105.212.14
183.79.248.124
205.185.216.42
2404:6800:4004:801::2008
2404:6800:4004:826::200e
2600:9000:2066:9800:8:dcbf:c740:93a1
2600:9000:2138:fc00:c:dd71:23c0:93a1
51.79.176.156
54.238.41.231
1237c6b213d486267bcf506b37a5eb094cbd5119229db9901812ffe6dde24998
2dd4c558e05fabc532a477cf8a606d0c4277b84d703e55e49c41b386803cc8e8
43799418c7a36f766db96b168104db592e151fc6e7ec6d9d613a0c99ddf9f9d6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
479928aeb69a62ed0fad13d232a754ce1d1f24787fcafd684b73ba1db32ffb5b
4a80819c5ee89f3ea534b99fe485991302abc498d994ba29d5c893ac5d795f79
4d624b99349b61f00a4f88f98d1e6b3f096e3b36d333dc4218ed6d9c3222a8e7
5ca3c364a831e1c02a4c9b9a23f759c3e48744c3585f178a036f3b5c5b93859f
6c61b7727789cf526e99dd3955257b4b4aa0c27a385264fcd1f634379fb3407f
788bdd0f0a555c3ecee1f02dcc96167582d4e586d4909912231fa713ab78a9a1
7c02da58f01b570cf7e9c104d0e6aaed287fc5874004920798d5118b1ef3c120
9365ad4bc993119e53f225080d775353ebf6d2190dbaf013caffcf93c40cb5b2
95f81385215bfd3e64ba3c2b31db69b2697d27dba01402c5c6e9504710122276
96b0b1bd5bf594a8a588e5711254ca9241d4d45172c37db6c27e44eaf1231f3d
9bdc87263763478099797018ae7f0ea332b466a7324bb67a08f83090856d5fb1
a9556daf36123f66aa90903d1cb88d2ea3c5b74492b5c74b3b9fe53d2c909953
bd26c80233f7dee89a9a762b53d263a76024034b3939df35b9553750146da351
c0be13a83cfae6b51dfe7d2e029ce99a903b8b2ce9baa8757dc7cee5d4d2646a
c1ea7edae427a4f628fc8f6be4022886fb39395ad4f0d5c3b10181ece8c58569
c7398b866493b0b2db87edfd1c11abb5d29687fab805c59ae427fc8e3714f520
ccbdc2f1520cef848cbdccde12ac99813439b3bf6c992ea2fd7f235cb3e45764
d4c89ef60adadf271b35903c7ff513f19607c817cd02a3a2959f92f43f04581a
dcf906b875045bcdfce9760e708adb5d0bc9cc2573e76f70a98f9f940d751808
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5ff9205bebbc09cf869c1b94c3cf86c78693241ceca3aeb24b2916a643f9ac2
f861ef534203aff61bfa1afd23a466d84ecd5e955bc2338cf7b1d046d31c4b9e