www.jbbis.shop Open in urlscan Pro
154.204.34.214  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.jbbis.shop/	59 KB 29 KB	628ms 201ms	Document text/html	154.204.34.214 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.jbbis.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 154.204.34.214 , Hong Kong, ASN35916 (MULTA-ASN1, US), Reverse DNS Software nginx / Resource Hash 9be7f7dbbc0bc190ebff9e48eab769f035170ce580a4b22c05ea373a154d7ab2 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html date Tue, 21 Mar 2023 20:13:56 GMT etag W/"64171eba-ea3b" last-modified Sun, 19 Mar 2023 14:39:54 GMT server nginx strict-transport-security max-age=31536000 vary Accept-Encoding
GET H2	200	axios.min.js Show response lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/axios/0.26.0/	17 KB 7 KB	1970ms 8ms	Script application/javascript	163.181.92.225 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://lf3-cdn-tos.bytecdntp.com/cdn/expire-1-M/axios/0.26.0/axios.min.js Requested by Host: www.jbbis.shop URL: https://www.jbbis.shop/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 163.181.92.225 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash 9de7375b7afd386e037872a35af5aa58e089986cfe9e5e2c783976528efb5f2f Request headers accept-language de-DE,de;q=0.9 Referer https://www.jbbis.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Mon, 20 Mar 2023 00:21:29 GMT content-encoding gzip via cache26.l2de2[1934,1933,200-0,M], cache25.l2de2[1935,0], ens-cache15.de5[0,0,200-0,H], ens-cache2.de5[1,0] x-tt-trace-tag id=03;cdn-cache=hit;type=static age 157949 x-swift-cachetime 2592000 x-cache HIT TCP_HIT dirn:12:173119531 server-timing inner; dur=6 x-swift-savetime Mon, 20 Mar 2023 00:21:29 GMT content-length 6074 last-modified Sun, 24 Apr 2022 11:42:05 GMT server Tengine x-tt-logid 2023032008212974BEA2A900AA1AA4349D etag W/"6265378d-4559" vary Accept-Encoding ali-swift-global-savetime 1679271689 content-type application/javascript access-control-allow-origin * cache-control max-age=2592000 x-tt-trace-host 01a073d9425f9af4f480b76a7e3024e41b2408ecb565bfa063098ea6800bc785f156769070f55284d3764d4dd3247b21825e53390cee076561cf17cf756146fa2b36b46d26c4c2055ccc2b0a01ef0dbf01 x-response-cinfo 185.213.155.165 x-response-cache edge_hit timing-allow-origin *, * eagleid a3b55c9616794296383108323e expires Wed, 19 Apr 2023 00:20:57 GMT
GET H2	200	jquery.min.js Show response lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/	87 KB 31 KB	2773ms 294ms	Script application/javascript	240e:930:c200:210::f0 CHINATELECOM-CHON...
General Check archive.org Show headers Download Go to Full URL https://lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/jquery.min.js Requested by Host: www.jbbis.shop URL: https://www.jbbis.shop/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 240e:930:c200:210::f0 , China, ASN134420 (CHINATELECOM-CHONGQING-IDC Chongqing Telecom, CN), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers accept-language de-DE,de;q=0.9 Referer https://www.jbbis.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Thu, 23 Feb 2023 09:15:30 GMT content-encoding gzip x-tt-trace-tag id=06;cdn-cache=hit;type=static age 2285908 x-link-via cqct15:443;xymp01:443; x-cache-status HIT from KS-CLOUD-XY-MP-01-10, HIT from KS-CLOUD-CQ-CT-15-19 server-timing inner; dur=9 content-length 30947 last-modified Sun, 24 Apr 2022 19:10:58 GMT server nginx etag W/"6265a0c2-15d9d" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=2592000 x-tt-trace-host 01fb34306a5d580a622e2c8adad99677902014fcee87ff87fbb0c2615b18d9a8e5a4fd675f16cfaa4c1df36e1cdf5c2acdcfee6bda66125d31cf2063e8c013efb765664ce2ed182aa3ae7e10d4891b0ea9c7077c1f6492e3a70c7583016abc8b53af0f23d4e22f3d9c04de564e28012863 x-response-cinfo 2a03:1b20:6:f011::4e accept-ranges bytes x-response-cache edge_hit timing-allow-origin * x-cdn-request-id e037e396f42e6623befcd7ce187cfb7b expires Sat, 25 Mar 2023 09:15:30 GMT
GET H2	200	outlook.png www.jbbis.shop/static/images/	7 KB 7 KB	218ms 217ms	Image image/png	154.204.34.214 MULTA-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.jbbis.shop/static/images/outlook.png Requested by Host: www.jbbis.shop URL: https://www.jbbis.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 154.204.34.214 , Hong Kong, ASN35916 (MULTA-ASN1, US), Reverse DNS Software nginx / Resource Hash c524a4bf458a69a4dd4ff37b58176037532325ea80ad57a5863187e7d5fe9c74 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.jbbis.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 20:13:58 GMT strict-transport-security max-age=31536000 last-modified Wed, 08 Mar 2023 10:14:36 GMT server nginx etag "6408600c-1a08" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 6664 expires Thu, 20 Apr 2023 20:13:58 GMT
GET H/1.1	200 OK	index.js Show response cdn.dingxiang-inc.com/ctu-group/captcha-ui/v5/	246 KB 134 KB	935ms 7ms	Script application/javascript	43.152.44.90 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://cdn.dingxiang-inc.com/ctu-group/captcha-ui/v5/index.js Requested by Host: www.jbbis.shop URL: https://www.jbbis.shop/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.44.90 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software nginx / Resource Hash 983e2b9a1e300806bd70eaf3a86ea9fc35747768c397503ffe4a677efbd66397 Request headers Referer https://www.jbbis.shop/ Origin https://www.jbbis.shop accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Mon, 20 Mar 2023 04:30:08 GMT Content-Encoding gzip X-Cache-Lookup Cache Hit Last-Modified Fri, 17 Mar 2023 04:09:45 GMT Server nginx Etag "6413e809-3d6de" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600 X-NWS-LOG-UUID 2604634280479976649 Connection keep-alive Accept-Ranges bytes Content-Length 136443 Expires Mon, 20 Mar 2023 05:30:08 GMT
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6710ee6e22d5e3e82f70554804806c37aac5789b110d944383ea393d93eb627a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d9ed6586942003696afe4e52b09f343f8342244b51a9e175b75162d7e615207b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4de8fc175826d9f78fce9f9f2b71a63fe832fc7507e0394125c823b0909fa54a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 07f38b8b8c1f96ed85ecd96988f0454a95d1f665427086a507c72e55ff3ce0e7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/png
GET H2	404	segoeui-regular.ttf www.jbbis.shop/owa/auth/15.1.2375/themes/resources/	0 0	201ms 200ms	Font text/html	154.204.34.214 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.jbbis.shop/owa/auth/15.1.2375/themes/resources/segoeui-regular.ttf Requested by Host: www.jbbis.shop URL: https://www.jbbis.shop/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 154.204.34.214 , Hong Kong, ASN35916 (MULTA-ASN1, US), Reverse DNS Software nginx / Resource Hash Request headers Referer https://www.jbbis.shop/ Origin https://www.jbbis.shop accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 20:14:00 GMT server nginx content-length 548 content-type text/html
GET H/1.1	200 OK	index.js Show response cdn.dingxiang-inc.com/ctu-group/constid-js/	120 KB 47 KB	6ms 6ms	Script application/javascript	43.152.44.90 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://cdn.dingxiang-inc.com/ctu-group/constid-js/index.js?_t=466508 Requested by Host: cdn.dingxiang-inc.com URL: https://cdn.dingxiang-inc.com/ctu-group/captcha-ui/v5/index.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.44.90 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software nginx / Resource Hash 2e79a487fd6dcf4ee71073915557c1989484bcd18e087d2d150ccdd9943a86e4 Request headers Referer https://www.jbbis.shop/ Origin https://www.jbbis.shop accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Tue, 21 Mar 2023 19:11:25 GMT Content-Encoding gzip X-Cache-Lookup Cache Hit Last-Modified Tue, 21 Mar 2023 11:10:42 GMT Server nginx Etag W/"641990b2-1e0e1" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600 X-NWS-LOG-UUID 593129101113273057 Connection keep-alive Accept-Ranges bytes Content-Length 48078 Expires Tue, 21 Mar 2023 20:11:25 GMT
GET H/1.1	200 OK	greenseer.js Show response cdn.dingxiang-inc.com/ctu-group/ctu-greenseer/	70 KB 26 KB	12ms 6ms	Script application/javascript	43.152.44.90 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://cdn.dingxiang-inc.com/ctu-group/ctu-greenseer/greenseer.js?_t=466508 Requested by Host: cdn.dingxiang-inc.com URL: https://cdn.dingxiang-inc.com/ctu-group/captcha-ui/v5/index.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.44.90 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software nginx / Resource Hash c014623cc6622f1ae59b2f9a06671ff45aea555348724b68170252d391133adb Request headers Referer https://www.jbbis.shop/ Origin https://www.jbbis.shop accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Tue, 21 Mar 2023 19:11:25 GMT Content-Encoding gzip X-Cache-Lookup Cache Hit Last-Modified Tue, 21 Mar 2023 11:00:27 GMT Server nginx Etag W/"64198e4b-119c8" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600 X-NWS-LOG-UUID 17689182888022315194 Connection keep-alive Accept-Ranges bytes Content-Length 26644 Expires Tue, 21 Mar 2023 20:11:25 GMT
GET DATA	200 OK	truncated /	11 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 943cbf0ffba2f388fdf311565f424776caef085ea1a69379e4c0cbee55bc83a0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	82 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 601f3bb039a5cfa35ce9cd46196db640c15df2f4652d2c3443ee255015218409 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	a Show response vip6.dingxiang-inc.com/api/	530 B 719 B	1037ms 213ms	XHR application/json	150.158.218.42 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL https://vip6.dingxiang-inc.com/api/a?w=330&h=165&s=50&ak=cea1e5e579181f6ef8560478b6cc78f6&c=&jsv=5.1.30&aid=dx-1679429639415-3160254-1&wp=1&de=0&uid=&lf=0&tpc=&_r=0.9734703622435597 Requested by Host: cdn.dingxiang-inc.com URL: https://cdn.dingxiang-inc.com/ctu-group/captcha-ui/v5/index.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.158.218.42 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software nginx / Resource Hash 8461ed66ed2e3a182df2261cf95a923f73dad6985c8e5b1bfafe9b18883375da Request headers accept-language de-DE,de;q=0.9 Referer https://www.jbbis.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers access-control-allow-origin * date Tue, 21 Mar 2023 20:14:00 GMT server nginx content-type application/json;charset=UTF-8
GET H/1.1	200	c1 Show response constid.dingxiang-inc.com/udid/	122 B 540 B	236ms 236ms	XHR application/json	111.231.37.102 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL https://constid.dingxiang-inc.com/udid/c1? Requested by Host: cdn.dingxiang-inc.com URL: https://cdn.dingxiang-inc.com/ctu-group/constid-js/index.js?_t=466508 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 111.231.37.102 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software nginx / Resource Hash 269c3b3772934dc9f2b2dd801cc4201e64bb141498bfdda2ae680d6aa16a706e Request headers Accept application/json, text/plain, */* Param 3354#X8XIT12okXNoT3JURlqoXrX9wqFieStNci6RxvNxAqi/x7qlAqwpSW6H9x6ryFElAWEzwlURdUtSK5G7lQERgf1tCQ+2EiSjXXdCCcf1maH1upuL5WsCmXXe+Cc1vEr6Rz3F6Eo4aNW1TcvAXyu78XW2aTOT+2mUJ32mkruuajXY8Y7UuX== Referer https://www.jbbis.shop/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Tue, 21 Mar 2023 20:14:00 GMT Server nginx Vary Origin Content-Type application/json;charset=UTF-8 Access-Control-Allow-Origin https://www.jbbis.shop Access-Control-Expose-Headers ETag, Status Access-Control-Allow-Credentials true Connection keep-alive Content-Length 122
OPTIONS H/1.1	200	c1 constid.dingxiang-inc.com/udid/	0 0	1005ms 231ms	Preflight	111.231.37.102 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL https://constid.dingxiang-inc.com/udid/c1? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 111.231.37.102 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers param Access-Control-Request-Method GET Origin https://www.jbbis.shop Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers param Access-Control-Allow-Methods GET,HEAD,POST Access-Control-Allow-Origin https://www.jbbis.shop Access-Control-Max-Age 1800 Allow GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH Connection keep-alive Content-Length 0 Date Tue, 21 Mar 2023 20:14:00 GMT Server nginx Vary Origin
GET H2	200	a4919acca66f499dab3cd32e641baaf0.webp static.dingxiang-inc.com/picture/dx/WYVC4YXkFU/zib3/	35 KB 35 KB	1087ms 7ms	Image image/webp	43.152.29.19 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Show image Full URL https://static.dingxiang-inc.com/picture/dx/WYVC4YXkFU/zib3/a4919acca66f499dab3cd32e641baaf0.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.29.19 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software nginx / Resource Hash 91825cc668234b8f75da994cb4498f63f7cac8ba2c259977451bfa7a8d65d5ed Request headers accept-language de-DE,de;q=0.9 Referer https://www.jbbis.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 18:45:13 GMT x-cache-lookup Cache Hit, Hit From Inner Cluster last-modified Tue, 21 Mar 2023 18:00:13 GMT server nginx etag "6419f0ad-8be0" content-type image/webp access-control-allow-origin * x-nws-log-uuid 2911413226241486482 accept-ranges bytes content-length 35808
GET H2	200	250fa6b3ccf8495a8f7a50dad184e730.webp static.dingxiang-inc.com/picture/dx/WYVC4YXkFU/zib3/	3 KB 3 KB	1088ms 8ms	Image image/webp	43.152.29.19 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Show image Full URL https://static.dingxiang-inc.com/picture/dx/WYVC4YXkFU/zib3/250fa6b3ccf8495a8f7a50dad184e730.webp Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.29.19 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software nginx / Resource Hash 8a83d3a8d630f2cfc9724d1f3220673d011cf23f688381b0da7c1325c0aeff5a Request headers accept-language de-DE,de;q=0.9 Referer https://www.jbbis.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 18:45:13 GMT x-cache-lookup Cache Hit, Hit From Inner Cluster last-modified Tue, 21 Mar 2023 18:00:13 GMT server nginx etag "6419f0ad-bca" content-type image/webp access-control-allow-origin * x-nws-log-uuid 11787759174896166627 accept-ranges bytes content-length 3018
GET H/1.1	200 OK	basic-Captcha-js.js Show response cdn.dingxiang-inc.com/ctu-group/captcha-js/5.1.30/	155 KB 56 KB	20ms 7ms	Script application/javascript	43.152.44.90 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://cdn.dingxiang-inc.com/ctu-group/captcha-js/5.1.30/basic-Captcha-js.js?v=315326c6 Requested by Host: cdn.dingxiang-inc.com URL: https://cdn.dingxiang-inc.com/ctu-group/captcha-ui/v5/index.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.44.90 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software nginx / Resource Hash ccdc41adec986bd5a4e4787861477c7ecff331fb86be41997f9cbc7ba92816a3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.jbbis.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Fri, 17 Mar 2023 05:06:48 GMT Content-Encoding gzip X-Cache-Lookup Cache Hit Last-Modified Fri, 17 Mar 2023 04:04:18 GMT Server nginx Etag W/"6413e6c2-26a45" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=86400 X-NWS-LOG-UUID 8211679584601288931 Connection keep-alive Accept-Ranges bytes Content-Length 56516 Expires Sat, 18 Mar 2023 05:06:48 GMT
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 318466c3f5f3124cb0b7df84abe521de26c1dc9eed3b52ad58da5e164c6a0b14 Request headers Referer Origin https://www.jbbis.shop accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 206905ede613650a6954c16bdf34794fc19871783144b4602267e631e5e5367c Request headers Referer Origin https://www.jbbis.shop accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/png
GET H2	200	a4919acca66f499dab3cd32e641baaf0.webp static.dingxiang-inc.com/picture/dx/WYVC4YXkFU/zib3/	35 KB 35 KB	1014ms 6ms	Image image/webp	43.152.29.19 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Show image Full URL https://static.dingxiang-inc.com/picture/dx/WYVC4YXkFU/zib3/a4919acca66f499dab3cd32e641baaf0.webp Requested by Host: cdn.dingxiang-inc.com URL: https://cdn.dingxiang-inc.com/ctu-group/captcha-js/5.1.30/basic-Captcha-js.js?v=315326c6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.29.19 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software nginx / Resource Hash 91825cc668234b8f75da994cb4498f63f7cac8ba2c259977451bfa7a8d65d5ed Request headers Referer https://www.jbbis.shop/ Origin https://www.jbbis.shop accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 21 Mar 2023 18:45:13 GMT x-cache-lookup Cache Hit, Hit From Inner Cluster last-modified Tue, 21 Mar 2023 18:00:13 GMT server nginx etag "6419f0ad-8be0" content-type image/webp access-control-allow-origin * x-nws-log-uuid 3179881024012358516 accept-ranges bytes content-length 35808
GET H/1.1	200 OK	logo.png cdn.dingxiang-inc.com/captcha/v5/	1 KB 2 KB	7ms 7ms	Image image/png	43.152.44.90 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.dingxiang-inc.com/captcha/v5/logo.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.44.90 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software nginx / Resource Hash 837bf33089351daaf388701baa1ca43455070273b420d6643c7366a67d9da961 Request headers accept-language de-DE,de;q=0.9 Referer https://www.jbbis.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Tue, 14 Mar 2023 08:55:56 GMT X-Cache-Lookup Cache Hit Last-Modified Tue, 14 Mar 2023 05:57:10 GMT Server nginx Etag "64100cb6-525" Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=86400 X-NWS-LOG-UUID 12332122256387323057 Connection keep-alive Accept-Ranges bytes Content-Length 1317 Expires Wed, 15 Mar 2023 08:55:56 GMT
GET DATA	200 OK	truncated /	917 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5b314ef26d66798fcebd2861ad4f723f47035b2b91c9234a7e32d5aef76ad9f8 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200	c1 Show response constid.dingxiang-inc.com/udid/	86 B 551 B	261ms 260ms	XHR application/json	111.231.37.102 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL https://constid.dingxiang-inc.com/udid/c1? Requested by Host: cdn.dingxiang-inc.com URL: https://cdn.dingxiang-inc.com/ctu-group/constid-js/index.js?_t=466508 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 111.231.37.102 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software nginx / Resource Hash 8bb7e30e7f87890b2779336db0363705bdcf3755a3a79dda200aadd1f84ce26c Request headers Accept application/json, text/plain, */* Param 3354#X8XIT12okXNoT3JURlqoXrm8wqFieStNcF+axI6Ayl6WeWtltqETbvJAMqRXbWdgMi+DSOUA2iPPgo6zzlJhgIhr2BeYx7JAciNWeWAotlGIBWEozHLiKg0wMFwveWB5AkojXX0CCcf1maH1upuLVr8Xi1SkawCmhT/Nmm5l1a/VmV/1Z88JHCoYZausjN4DPDcvXAXY3c8djaSuXYCAIhVSkzTt+N9p+AC0+83Xmcu+DcCO83Ia3VxvT/GC7ettokGx0i62mrXlftSzTDQ0m2y9iYvPYYIQhDS3nmIyn65pIt8bT25bi2y1X65EstSzYhT0m2X1fmoq1zTYYXX1XTZkXW1MY8XUEHQRNelq7OfsbxKFseSiXXOoU9TM4X3sXPljG6pjCSFSsf7owIMevJ/uT/Z3iA2ZttVpe/Ivt/ZcT8auxyIlkXV1M+OjRrkuO3ZzR/dIqteeEqCowhDcxhfux8OjTiCntJLnM3FIkiwe8tLelq2QO3UzRnVQGUocO6acm//u7J/1x8/1M/Ux+2MeL62c7+/Am+/1r22XjnzzcG6FeHlRBWGgdrVXjkrcW/WXYnPHmT06tdoUXXfmYMom2DyFXmTS8/TSjMaqjc3e6/80jc3e6/80uMXX1U1dGqvaKRdmq8P3L89Dq6XMkO9CLw8oRT3XmEZVktIGITnXmczkYvamCCIXmE4/v2/BjC8XmGDWoQkVw0gaXXkG52FGBeV6XX+MCQ6MI7nDXXHjS83t1G8M1XXTe4KqtJ0TggsVMFRFBowgwU5OXmm11/W6D6TLfcv16uaim8Tu1rX8sDM7sR8QFwrKFL/BFj5KsToX31SaPAct8uMbJuv6JzxhD6yWXjL7MmDTjWIyAV6UYxfDohU9uG3sCcYnYWCVET6W6STPSdUzTqaJCmY6T4SxyyUn3OfDSrp+/SgRVTVXYMq4znGEMS5ZzXgbPrX12aZ/2WHuX8X1T1tZT3J1XrXvwGwnqQjCVpD8X2X15H/P56IjmXXH+CxY4ucTm6IPhNanmDQT8AZCm/v7RXMA/9VXOrfE+r/XYNfpvYCp4jfwUY/bmrXsft/EYNZdiXfQFEoPXXQrXtTDk3yoiLbuv2rXY23w/5Im2hFq/5okY8X1EHMhNelSYrX1kYm+WD8uY2XerNQZR+LekSU1rq0e+NDe7J0cvAOcTA/ImpoITp/1TW/ATSo1lqoATr21r2== Referer https://www.jbbis.shop/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Tue, 21 Mar 2023 20:14:01 GMT Server nginx ETag 641a1009ELRbaLmYDJ7yjERyPOSbaFTZ1AMtwu41 Vary Origin Content-Type application/json;charset=UTF-8 Access-Control-Allow-Origin https://www.jbbis.shop Access-Control-Expose-Headers ETag, Status Access-Control-Allow-Credentials true Connection keep-alive Content-Length 86
OPTIONS H/1.1	200	c1 constid.dingxiang-inc.com/udid/	0 0	233ms 233ms	Preflight	111.231.37.102 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL https://constid.dingxiang-inc.com/udid/c1? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 111.231.37.102 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers param Access-Control-Request-Method GET Origin https://www.jbbis.shop Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers param Access-Control-Allow-Methods GET,HEAD,POST Access-Control-Allow-Origin https://www.jbbis.shop Access-Control-Max-Age 1800 Allow GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH Connection keep-alive Content-Length 0 Date Tue, 21 Mar 2023 20:14:00 GMT Server nginx Vary Origin

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Outlook Web Access (Online)

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| axios function| initWeb function| initLogon function| redir function| shw function| hd function| clkSecExp function| kdSecExp function| clkSec function| clkBsc function| checkSubmit function| clkLgn function| clkRtry function| clkReLgn function| gbid function| IsOwaPremiumBrowser function| hres function| LogoffMime function| addPerfMarker number| a_fRC number| g_fFcs number| a_fLOff number| a_fCAC number| a_fEnbSMm function| IsMimeCtlInst function| RndMimeCtl function| RndMimeCtlHlpr object| mainLogonDiv boolean| showPlaceholderText string| mainLogonDivClassName function| setPlaceholderText function| showPasswordClick function| $ function| jQuery function| webpackJsonpdxCaptcha object| _dx object| dxCaptcha object| myCaptcha string| version

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.jbbis.shop/	1970-01-20 20:06:29	Name: _dx_captcha_vid Value:
			www.jbbis.shop/	1969-12-31 23:59:59	Name: cookieTest Value: 1
			www.jbbis.shop/	1970-01-20 20:06:29	Name: _dx_captcha_cid Value: 57361933
			www.jbbis.shop/	1970-01-20 20:06:29	Name: _dx_uzZo5y Value: bc1ac4791afac9ec1acd5818b1625faf57b995b4dc98e012911defdb15d1e2108785db7a
			www.jbbis.shop/	1970-01-20 20:06:29	Name: _dx_app_cea1e5e579181f6ef8560478b6cc78f6 Value: 641a1009ELRbaLmYDJ7yjERyPOSbaFTZ1AMtwu41

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.jbbis.shop/owa/auth/15.1.2375/themes/resources/segoeui-regular.ttf Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://cdn.dingxiang-inc.com/ctu-group/ctu-greenseer/greenseer.js?_t=466508(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.dingxiang-inc.com
constid.dingxiang-inc.com
lf3-cdn-tos.bytecdntp.com
lf6-cdn-tos.bytecdntp.com
static.dingxiang-inc.com
vip6.dingxiang-inc.com
www.jbbis.shop
111.231.37.102
150.158.218.42
154.204.34.214
163.181.92.225
240e:930:c200:210::f0
43.152.29.19
43.152.44.90
07f38b8b8c1f96ed85ecd96988f0454a95d1f665427086a507c72e55ff3ce0e7
206905ede613650a6954c16bdf34794fc19871783144b4602267e631e5e5367c
269c3b3772934dc9f2b2dd801cc4201e64bb141498bfdda2ae680d6aa16a706e
2e79a487fd6dcf4ee71073915557c1989484bcd18e087d2d150ccdd9943a86e4
318466c3f5f3124cb0b7df84abe521de26c1dc9eed3b52ad58da5e164c6a0b14
4de8fc175826d9f78fce9f9f2b71a63fe832fc7507e0394125c823b0909fa54a
5b314ef26d66798fcebd2861ad4f723f47035b2b91c9234a7e32d5aef76ad9f8
601f3bb039a5cfa35ce9cd46196db640c15df2f4652d2c3443ee255015218409
6710ee6e22d5e3e82f70554804806c37aac5789b110d944383ea393d93eb627a
837bf33089351daaf388701baa1ca43455070273b420d6643c7366a67d9da961
8461ed66ed2e3a182df2261cf95a923f73dad6985c8e5b1bfafe9b18883375da
8a83d3a8d630f2cfc9724d1f3220673d011cf23f688381b0da7c1325c0aeff5a
8bb7e30e7f87890b2779336db0363705bdcf3755a3a79dda200aadd1f84ce26c
91825cc668234b8f75da994cb4498f63f7cac8ba2c259977451bfa7a8d65d5ed
943cbf0ffba2f388fdf311565f424776caef085ea1a69379e4c0cbee55bc83a0
983e2b9a1e300806bd70eaf3a86ea9fc35747768c397503ffe4a677efbd66397
9be7f7dbbc0bc190ebff9e48eab769f035170ce580a4b22c05ea373a154d7ab2
9de7375b7afd386e037872a35af5aa58e089986cfe9e5e2c783976528efb5f2f
c014623cc6622f1ae59b2f9a06671ff45aea555348724b68170252d391133adb
c524a4bf458a69a4dd4ff37b58176037532325ea80ad57a5863187e7d5fe9c74
ccdc41adec986bd5a4e4787861477c7ecff331fb86be41997f9cbc7ba92816a3
d9ed6586942003696afe4e52b09f343f8342244b51a9e175b75162d7e615207b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e