aibaibgsjsw5001.xyz Open in urlscan Pro
140.82.16.115 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cutt.ly/smbcc
Effective URL:
https://aibaibgsjsw5001.xyz/
Submission: On December 19 via api (December 19th 2024, 2:23:15 am UTC) from JP — Scanned from JP

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 23 HTTP transactions. The main IP is 140.82.16.115, located in Los Angeles, United States and belongs to AS-VULTR, US. The main domain is aibaibgsjsw5001.xyz.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 18th 2024. Valid for: a year.

This is the only time aibaibgsjsw5001.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SMBC (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	140.82.16.115 140.82.16.115	20473 (AS-VULTR) (AS-VULTR)
1	172.67.74.152 172.67.74.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2

1 2606:4700:10::6816:e8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 140.82.16.115 (Los Angeles, United States)

ASN20473 (AS-VULTR, US)
PTR: 140.82.16.115.vultrusercontent.com

aibaibgsjsw5001.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.74.152 (United States)

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	aibaibgsjsw5001.xyz aibaibgsjsw5001.xyz	477 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2001	316 B
1	cutt.ly 1 redirects cutt.ly — Cisco Umbrella Rank: 42920	400 B
23	3

	Domain	Requested by
22	aibaibgsjsw5001.xyz	aibaibgsjsw5001.xyz
1	api.ipify.org	aibaibgsjsw5001.xyz
1	cutt.ly	1 redirects
23	3

This site contains no links.

Subject Issuer	Validity	Valid
aibaibgsjsw5001.xyz Sectigo RSA Domain Validation Secure Server CA	`2024-12-18` - `2025-12-18`	a year	crt.sh
ipify.org WE1	`2024-11-13` - `2025-02-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://aibaibgsjsw5001.xyz/
Frame ID: 9EE66C80216E934BD03D70D725FA25D0
Requests: 5 HTTP requests in this frame

Frame: https://aibaibgsjsw5001.xyz/Template/a/
Frame ID: D3493D1DDA9C0A397A34D3CA95C56361
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

三井住友銀行

Page URL History Show full URLs

https://cutt.ly/smbcc HTTP 301
http://aibaibgsjsw5001.xyz/ HTTP 307
https://aibaibgsjsw5001.xyz/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

477 kB
Transfer

925 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cutt.ly/smbcc HTTP 301
http://aibaibgsjsw5001.xyz/ HTTP 307
https://aibaibgsjsw5001.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response aibaibgsjsw5001.xyz/ Redirect Chain https://cutt.ly/smbcc http://aibaibgsjsw5001.xyz/ https://aibaibgsjsw5001.xyz/	1 KB 1 KB	426ms 102ms	Document text/html	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Full URL https://aibaibgsjsw5001.xyz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `e1a4bd97296dcedca149917dedaef60b7cf58cfbf7e651bd4cd28041b55d649d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Cache-Control private Content-Encoding gzip Content-Length 773 Content-Type text/html Date Wed, 18 Dec 2024 18:23:09 GMT Server Microsoft-IIS/8.5 Vary Accept-Encoding X-Powered-By ASP.NET Redirect headers Location https://aibaibgsjsw5001.xyz/ Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	200 OK	jquery-1.9.1.min.js Show response aibaibgsjsw5001.xyz/js/	90 KB 32 KB	202ms 200ms	Script application/javascript	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Full URL https://aibaibgsjsw5001.xyz/js/jquery-1.9.1.min.js Requested by Host: aibaibgsjsw5001.xyz URL: https://aibaibgsjsw5001.xyz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aibaibgsjsw5001.xyz/ Response headers Content-Encoding gzip ETag "0f3c12b91d0cf1:0" Accept-Ranges bytes Content-Length 32857 Date Wed, 18 Dec 2024 18:23:09 GMT Content-Type application/javascript Last-Modified Mon, 15 Sep 2014 03:00:14 GMT Vary Accept-Encoding Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H2	200	/ Show response api.ipify.org/	23 B 316 B	217ms 199ms	XHR application/json	172.67.74.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: aibaibgsjsw5001.xyz URL: https://aibaibgsjsw5001.xyz/js/jquery-1.9.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `993800bc3b1fe26622be58638de570ebdefff767bcb8697c4d62722ed9c8bb73` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/javascript, /; q=0.01 Referer https://aibaibgsjsw5001.xyz/ Response headers cf-cache-status DYNAMIC cf-ray 8f43eddc69e3d4ab-NRT access-control-allow-origin * server-timing cfL4;desc="?proto=TCP&rtt=1193&min_rtt=1121&rtt_var=278&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4032&recv_bytes=2336&delivery_rate=3039416&cwnd=253&unsent_bytes=0&cid=ab6d93c70fd8c9ba&ts=206&x=0" content-length 23 date Thu, 19 Dec 2024 02:23:10 GMT content-type application/json vary Origin server cloudflare
POST H/1.1	200 OK	/ Show response aibaibgsjsw5001.xyz/	14 B 356 B	103ms 101ms	XHR text/html	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Full URL https://aibaibgsjsw5001.xyz/? Requested by Host: aibaibgsjsw5001.xyz URL: https://aibaibgsjsw5001.xyz/js/jquery-1.9.1.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `ac7b98bb06a9b58236be57cc735edf23baea07f13ce38eeaa64e5aba0d97ce26` Request headers Referer https://aibaibgsjsw5001.xyz/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept / Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Cache-Control private Content-Encoding gzip Content-Length 133 Date Wed, 18 Dec 2024 18:23:09 GMT Content-Type text/html Vary Accept-Encoding Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	favicon.ico aibaibgsjsw5001.xyz/	17 KB 17 KB	165ms 101ms	Other image/x-icon	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Full URL https://aibaibgsjsw5001.xyz/favicon.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `1f839500a7d5b2dd36950fc6d990f7c3a0f8fbf34b50b717f8526f073070c920` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aibaibgsjsw5001.xyz/ Response headers ETag "0ce97f7b888d71:0" Accept-Ranges bytes Content-Length 16958 Date Wed, 18 Dec 2024 18:23:09 GMT Content-Type image/x-icon Last-Modified Tue, 03 Aug 2021 22:43:24 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	/ Show response aibaibgsjsw5001.xyz/Template/a/ Frame D349	21 KB 6 KB	254ms 154ms	Document text/html	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Full URL https://aibaibgsjsw5001.xyz/Template/a/ Requested by Host: aibaibgsjsw5001.xyz URL: https://aibaibgsjsw5001.xyz/js/jquery-1.9.1.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `15c203f8a0890b3fd5b049076e1e0a47d192d5a64a9e0d5d1e3677ca3d29c87f` Request headers Referer https://aibaibgsjsw5001.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Cache-Control private Content-Encoding gzip Content-Length 6214 Content-Type text/html Date Wed, 18 Dec 2024 18:23:09 GMT Server Microsoft-IIS/8.5 Vary Accept-Encoding X-Powered-By ASP.NET
GET H/1.1	200 OK	direct.css aibaibgsjsw5001.xyz/Template/222222_files/ Frame D349	23 B 434 B	104ms 100ms	Stylesheet text/css	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Full URL https://aibaibgsjsw5001.xyz/Template/222222_files/direct.css Requested by Host: aibaibgsjsw5001.xyz URL: https://aibaibgsjsw5001.xyz/Template/a/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `1005b2bf35b332ee9a5723ce0e5d3999d633c2807a5d067bd41b0023f567d2c7` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aibaibgsjsw5001.xyz/Template/a/ Response headers Content-Encoding gzip ETag "0569906487d71:0" Accept-Ranges bytes Content-Length 143 Date Wed, 18 Dec 2024 18:23:10 GMT Content-Type text/css Last-Modified Mon, 02 Aug 2021 06:06:42 GMT Vary Accept-Encoding Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	common_rwd.css aibaibgsjsw5001.xyz/Template/222222_files/ Frame D349	328 KB 42 KB	216ms 213ms	Stylesheet text/css	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Full URL https://aibaibgsjsw5001.xyz/Template/222222_files/common_rwd.css Requested by Host: aibaibgsjsw5001.xyz URL: https://aibaibgsjsw5001.xyz/Template/a/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `5568993e23bf60304d0bac1ee7867676591205f38e9abfe4a4ef5cc9845c682e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aibaibgsjsw5001.xyz/Template/a/ Response headers Content-Encoding gzip ETag "03694ae95d1d71:0" Accept-Ranges bytes Content-Length 42438 Date Wed, 18 Dec 2024 18:23:10 GMT Content-Type text/css Last-Modified Thu, 04 Nov 2021 16:04:44 GMT Vary Accept-Encoding Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	LLDLDIL.css aibaibgsjsw5001.xyz/Template/222222_files/ Frame D349	4 KB 2 KB	104ms 101ms	Stylesheet text/css	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Full URL https://aibaibgsjsw5001.xyz/Template/222222_files/LLDLDIL.css Requested by Host: aibaibgsjsw5001.xyz URL: https://aibaibgsjsw5001.xyz/Template/a/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `0794d70728de2561810372752bb84f710f60b26f6fcebb73f6af886338c86adb` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aibaibgsjsw5001.xyz/Template/a/ Response headers Content-Encoding gzip ETag "0329a916487d71:0" Accept-Ranges bytes Content-Length 1278 Date Wed, 18 Dec 2024 18:23:10 GMT Content-Type text/css Last-Modified Mon, 02 Aug 2021 06:06:44 GMT Vary Accept-Encoding Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	jquery-1.7.2.min.js Show response aibaibgsjsw5001.xyz/Js/ Frame D349	93 KB 33 KB	211ms 100ms	Script application/javascript	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Full URL https://aibaibgsjsw5001.xyz/Js/jquery-1.7.2.min.js Requested by Host: aibaibgsjsw5001.xyz URL: https://aibaibgsjsw5001.xyz/Template/a/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `816f992fc469531b4486e1e35d0f43e5f894f91f67a3e61976eb9a1c6bfb37ac` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aibaibgsjsw5001.xyz/Template/a/ Response headers Content-Encoding gzip ETag "0ce3f5a91d0cf1:0" Accept-Ranges bytes Content-Length 33717 Date Wed, 18 Dec 2024 18:23:10 GMT Content-Type application/javascript Last-Modified Mon, 15 Sep 2014 03:01:32 GMT Vary Accept-Encoding Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	logo_smbc_01.svg aibaibgsjsw5001.xyz/Template/222222_files/ Frame D349	7 KB 7 KB	213ms 103ms	Image image/svg+xml	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Show image Full URL https://aibaibgsjsw5001.xyz/Template/222222_files/logo_smbc_01.svg Requested by Host: aibaibgsjsw5001.xyz URL: https://aibaibgsjsw5001.xyz/Template/a/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `485e5bfbda7308d10582d03f7dc04ede5efe692df0ced5bcad7cb5071d7c3b69` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aibaibgsjsw5001.xyz/Template/a/ Response headers ETag "05fcb926487d71:0" Accept-Ranges bytes Content-Length 6705 Date Wed, 18 Dec 2024 18:23:10 GMT Content-Type image/svg+xml Last-Modified Mon, 02 Aug 2021 06:06:46 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	logo_06.svg aibaibgsjsw5001.xyz/Template/222222_files/ Frame D349	3 KB 3 KB	302ms 101ms	Image image/svg+xml	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Show image Full URL https://aibaibgsjsw5001.xyz/Template/222222_files/logo_06.svg Requested by Host: aibaibgsjsw5001.xyz URL: https://aibaibgsjsw5001.xyz/Template/a/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `794a8451958635ae295689499311a6208eff440ace9b1118ea4b7555b672aa85` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aibaibgsjsw5001.xyz/Template/a/ Response headers ETag "05fcb926487d71:0" Accept-Ranges bytes Content-Length 2954 Date Wed, 18 Dec 2024 18:23:10 GMT Content-Type image/svg+xml Last-Modified Mon, 02 Aug 2021 06:06:46 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	LLDLDIL_SP_bnr_01.gif aibaibgsjsw5001.xyz/Template/222222_files/ Frame D349	43 KB 44 KB	200ms 199ms	Image image/gif	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Show image Full URL https://aibaibgsjsw5001.xyz/Template/222222_files/LLDLDIL_SP_bnr_01.gif Requested by Host: aibaibgsjsw5001.xyz URL: https://aibaibgsjsw5001.xyz/Template/a/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `a2977f952a24b00dcfdbf633d63cd232b4578b9c75cdfebce371664ef555a4e9` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aibaibgsjsw5001.xyz/Template/a/ Response headers ETag "0183bf74551db1:0" Accept-Ranges bytes Content-Length 44485 Date Wed, 18 Dec 2024 18:23:10 GMT Content-Type image/gif Last-Modified Wed, 18 Dec 2024 12:11:28 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	ico_help_01.svg aibaibgsjsw5001.xyz/Template/222222_files/ Frame D349	526 B 776 B	101ms 101ms	Image image/svg+xml	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Show image Full URL https://aibaibgsjsw5001.xyz/Template/222222_files/ico_help_01.svg Requested by Host: aibaibgsjsw5001.xyz URL: https://aibaibgsjsw5001.xyz/Template/a/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `34e169addd9fe376397a67c36c8444a443f8f91acc728727863d8082bcf3b5b5` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aibaibgsjsw5001.xyz/Template/a/ Response headers ETag "05fcb926487d71:0" Accept-Ranges bytes Content-Length 526 Date Wed, 18 Dec 2024 18:23:10 GMT Content-Type image/svg+xml Last-Modified Mon, 02 Aug 2021 06:06:46 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	ico_help_01(1).svg aibaibgsjsw5001.xyz/Template/222222_files/ Frame D349	2 KB 2 KB	101ms 101ms	Image image/svg+xml	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Show image Full URL https://aibaibgsjsw5001.xyz/Template/222222_files/ico_help_01(1).svg Requested by Host: aibaibgsjsw5001.xyz URL: https://aibaibgsjsw5001.xyz/Template/a/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `5deca1c38654656254fa5f20b79f18677560fda215fc3e0f88adc6bf7c8356e8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aibaibgsjsw5001.xyz/Template/a/ Response headers ETag "0bc473a4351db1:0" Accept-Ranges bytes Content-Length 2102 Date Wed, 18 Dec 2024 18:23:10 GMT Content-Type image/svg+xml Last-Modified Wed, 18 Dec 2024 11:51:52 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	ico_blank_01.svg aibaibgsjsw5001.xyz/Template/222222_files/ Frame D349	914 B 1 KB	106ms 105ms	Image image/svg+xml	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Show image Full URL https://aibaibgsjsw5001.xyz/Template/222222_files/ico_blank_01.svg Requested by Host: aibaibgsjsw5001.xyz URL: https://aibaibgsjsw5001.xyz/Template/a/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `6bd298af3a58263b7f307c721069ff7a94f653f036eec771559994c00d2056a6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aibaibgsjsw5001.xyz/Template/a/ Response headers ETag "05fcb926487d71:0" Accept-Ranges bytes Content-Length 914 Date Wed, 18 Dec 2024 18:23:10 GMT Content-Type image/svg+xml Last-Modified Mon, 02 Aug 2021 06:06:46 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	LLDLDIL_PC_e_bnr_01.png aibaibgsjsw5001.xyz/Template/222222_files/ Frame D349	164 KB 164 KB	102ms 101ms	Image image/png	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Show image Full URL https://aibaibgsjsw5001.xyz/Template/222222_files/LLDLDIL_PC_e_bnr_01.png Requested by Host: aibaibgsjsw5001.xyz URL: https://aibaibgsjsw5001.xyz/Template/a/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `9bd150b7df3e4eb4255b9f6d140721580219774c50de52f01477afb3adb5bea8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aibaibgsjsw5001.xyz/Template/a/ Response headers ETag "001374451db1:0" Accept-Ranges bytes Content-Length 167628 Date Wed, 18 Dec 2024 18:23:10 GMT Content-Type image/png Last-Modified Wed, 18 Dec 2024 11:58:56 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	222.jpg aibaibgsjsw5001.xyz/Template/222222_files/ Frame D349	118 KB 118 KB	210ms 209ms	Image image/jpeg	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Show image Full URL https://aibaibgsjsw5001.xyz/Template/222222_files/222.jpg Requested by Host: aibaibgsjsw5001.xyz URL: https://aibaibgsjsw5001.xyz/Template/a/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `099bf4fb5b1f2159170312259a70800c2bc7b4e71ee8987f50ac514f36d920dd` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aibaibgsjsw5001.xyz/Template/a/ Response headers ETag "0a3e2484451db1:0" Accept-Ranges bytes Content-Length 120530 Date Wed, 18 Dec 2024 18:23:10 GMT Content-Type image/jpeg Last-Modified Wed, 18 Dec 2024 11:59:26 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	ico_close_01.svg aibaibgsjsw5001.xyz/Template/222222_files/ Frame D349	499 B 749 B	106ms 106ms	Image image/svg+xml	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Show image Full URL https://aibaibgsjsw5001.xyz/Template/222222_files/ico_close_01.svg Requested by Host: aibaibgsjsw5001.xyz URL: https://aibaibgsjsw5001.xyz/Template/a/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `eeb30484ee0a88fd628076d13cd085aaf1ac6bc943f9c12309a4b65f281129dc` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aibaibgsjsw5001.xyz/Template/a/ Response headers ETag "05fcb926487d71:0" Accept-Ranges bytes Content-Length 499 Date Wed, 18 Dec 2024 18:23:10 GMT Content-Type image/svg+xml Last-Modified Mon, 02 Aug 2021 06:06:46 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	print.css aibaibgsjsw5001.xyz/Template/222222_files/ Frame D349	31 KB 2 KB	105ms 105ms	Stylesheet text/css	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Full URL https://aibaibgsjsw5001.xyz/Template/222222_files/print.css Requested by Host: aibaibgsjsw5001.xyz URL: https://aibaibgsjsw5001.xyz/Template/a/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `0be265fb6732c432470c579273583c9b80b6557da57566e97a8fa4f2f6286b7c` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aibaibgsjsw5001.xyz/Template/a/ Response headers Content-Encoding gzip ETag "0329a916487d71:0" Accept-Ranges bytes Content-Length 2048 Date Wed, 18 Dec 2024 18:23:10 GMT Content-Type text/css Last-Modified Mon, 02 Aug 2021 06:06:44 GMT Vary Accept-Encoding Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	ico_help_01(1).svg aibaibgsjsw5001.xyz/Template/222222_files/ Frame D349	2 KB 92 B	119ms 101ms	Image image/svg+xml	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Show image Full URL https://aibaibgsjsw5001.xyz/Template/222222_files/ico_help_01(1).svg Requested by Host: aibaibgsjsw5001.xyz URL: https://aibaibgsjsw5001.xyz/Template/a/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `5deca1c38654656254fa5f20b79f18677560fda215fc3e0f88adc6bf7c8356e8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aibaibgsjsw5001.xyz/Template/a/ Response headers ETag "0bc473a4351db1:0" Accept-Ranges bytes Content-Length 2102 Date Wed, 18 Dec 2024 18:23:10 GMT Content-Type image/svg+xml Last-Modified Wed, 18 Dec 2024 11:51:52 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	ico_blank_01.svg aibaibgsjsw5001.xyz/Template/222222_files/ Frame D349	914 B 0	81ms 81ms	Image image/svg+xml	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Show image Full URL https://aibaibgsjsw5001.xyz/Template/222222_files/ico_blank_01.svg Requested by Host: aibaibgsjsw5001.xyz URL: https://aibaibgsjsw5001.xyz/Template/a/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `6bd298af3a58263b7f307c721069ff7a94f653f036eec771559994c00d2056a6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aibaibgsjsw5001.xyz/Template/a/ Response headers ETag "05fcb926487d71:0" Accept-Ranges bytes Content-Length 914 Date Wed, 18 Dec 2024 18:23:10 GMT Content-Type image/svg+xml Last-Modified Mon, 02 Aug 2021 06:06:46 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET
GET H/1.1	200 OK	ico_close_01.svg aibaibgsjsw5001.xyz/Template/222222_files/ Frame D349	499 B 0	1ms 1ms	Image image/svg+xml	140.82.16.115 AS-VULTR
General Check archive.org Show headers Download Go to Show image Full URL https://aibaibgsjsw5001.xyz/Template/222222_files/ico_close_01.svg Requested by Host: aibaibgsjsw5001.xyz URL: https://aibaibgsjsw5001.xyz/Template/a/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 140.82.16.115 Los Angeles, United States, ASN20473 (AS-VULTR, US), Reverse DNS 140.82.16.115.vultrusercontent.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `eeb30484ee0a88fd628076d13cd085aaf1ac6bc943f9c12309a4b65f281129dc` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aibaibgsjsw5001.xyz/Template/a/ Response headers ETag "05fcb926487d71:0" Accept-Ranges bytes Content-Length 499 Date Wed, 18 Dec 2024 18:23:10 GMT Content-Type image/svg+xml Last-Modified Mon, 02 Aug 2021 06:06:46 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SMBC (Financial)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cutt.ly/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0i15be3ttmdfudu7mhks62bqaj
			aibaibgsjsw5001.xyz/	1969-12-31 23:59:59	Name: ASPSESSIONIDCGSRCDBT Value: AFHBGCIBCHLEADGADMBDGMKH

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aibaibgsjsw5001.xyz
api.ipify.org
cutt.ly
140.82.16.115
172.67.74.152
2606:4700:10::6816:e8
0794d70728de2561810372752bb84f710f60b26f6fcebb73f6af886338c86adb
099bf4fb5b1f2159170312259a70800c2bc7b4e71ee8987f50ac514f36d920dd
0be265fb6732c432470c579273583c9b80b6557da57566e97a8fa4f2f6286b7c
1005b2bf35b332ee9a5723ce0e5d3999d633c2807a5d067bd41b0023f567d2c7
15c203f8a0890b3fd5b049076e1e0a47d192d5a64a9e0d5d1e3677ca3d29c87f
1f839500a7d5b2dd36950fc6d990f7c3a0f8fbf34b50b717f8526f073070c920
34e169addd9fe376397a67c36c8444a443f8f91acc728727863d8082bcf3b5b5
485e5bfbda7308d10582d03f7dc04ede5efe692df0ced5bcad7cb5071d7c3b69
5568993e23bf60304d0bac1ee7867676591205f38e9abfe4a4ef5cc9845c682e
5deca1c38654656254fa5f20b79f18677560fda215fc3e0f88adc6bf7c8356e8
6bd298af3a58263b7f307c721069ff7a94f653f036eec771559994c00d2056a6
794a8451958635ae295689499311a6208eff440ace9b1118ea4b7555b672aa85
816f992fc469531b4486e1e35d0f43e5f894f91f67a3e61976eb9a1c6bfb37ac
993800bc3b1fe26622be58638de570ebdefff767bcb8697c4d62722ed9c8bb73
9bd150b7df3e4eb4255b9f6d140721580219774c50de52f01477afb3adb5bea8
a2977f952a24b00dcfdbf633d63cd232b4578b9c75cdfebce371664ef555a4e9
ac7b98bb06a9b58236be57cc735edf23baea07f13ce38eeaa64e5aba0d97ce26
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
e1a4bd97296dcedca149917dedaef60b7cf58cfbf7e651bd4cd28041b55d649d
eeb30484ee0a88fd628076d13cd085aaf1ac6bc943f9c12309a4b65f281129dc

aibaibgsjsw5001.xyz Open in urlscan Pro 140.82.16.115 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

477 kBTransfer

925 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

2 Cookies

Indicators

aibaibgsjsw5001.xyz Open in urlscan Pro
140.82.16.115 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

477 kB
Transfer

925 kB
Size

2
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!