ndk-dk.com.bjygmz.com Open in urlscan Pro
155.94.133.53 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ndk-dk.com.bjygmz.com/sbl/index.html
Effective URL:
https://ndk-dk.com.bjygmz.com/sbl/index.html
Submission: On October 28 via api (October 28th 2022, 12:06:27 am UTC) from JP — Scanned from DK

Summary HTTP 15 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 155.94.133.53, located in Los Angeles, United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is ndk-dk.com.bjygmz.com.
TLS certificate: Issued by R3 on October 25th 2022. Valid for: 3 months.

This is the only time ndk-dk.com.bjygmz.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SBI Sumishin Net Bank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
1 16	155.94.133.53 155.94.133.53		8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
15	2

16 155.94.133.53 (Los Angeles, United States) 1 redirects

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 155.94.133.53.static.quadranet.com

ndk-dk.com.bjygmz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	bjygmz.com 1 redirects ndk-dk.com.bjygmz.com	347 KB
15	1

	Domain	Requested by
16	ndk-dk.com.bjygmz.com	1 redirects ndk-dk.com.bjygmz.com
15	1

This site contains links to these domains. Also see Links.

Domain
tb-cb.jp
blog.netbk.co.jp
help.netbk.co.jp

Subject Issuer	Validity	Valid
ndk-dk.com.bjygmz.com R3	`2022-10-25` - `2023-01-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ndk-dk.com.bjygmz.com/sbl/index.html
Frame ID: D3460F736768C9A85ACBCBEC04A86EE4
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ログイン｜住信SBIネット銀行

Page URL History Show full URLs

http://ndk-dk.com.bjygmz.com/sbl/index.html HTTP 301
https://ndk-dk.com.bjygmz.com/sbl/index.html Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

347 kB
Transfer

1052 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://tb-cb.jp/?utm_source=sbi&utm_medium=run&utm_campaign=22cb02

Search URL Search Domain Scan URL

URL: https://blog.netbk.co.jp/
Title: 公式ブログ

Search URL Search Domain Scan URL

URL: https://help.netbk.co.jp/
Title: Q&A

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ndk-dk.com.bjygmz.com/sbl/index.html HTTP 301
https://ndk-dk.com.bjygmz.com/sbl/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.html Show response
ndk-dk.com.bjygmz.com/sbl/
Redirect Chain

http://ndk-dk.com.bjygmz.com/sbl/index.html
https://ndk-dk.com.bjygmz.com/sbl/index.html

770 B
924 B

535ms
177ms

Document
text/html

155.94.133.53
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://ndk-dk.com.bjygmz.com/sbl/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.133.53 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.133.53.static.quadranet.com

Software

nginx /

Resource Hash

85a10dd3c0c33a28d47c665ee4b0627ac809d35d36739529a308c49d5ad4ef6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: da-DK,da;q=0.9

Response headers

accept-ranges: bytes
content-length: 770
content-type: text/html
date: Fri, 28 Oct 2022 00:06:21 GMT
etag: "635a7454-302"
last-modified: Thu, 27 Oct 2022 12:06:44 GMT
server: nginx
strict-transport-security: max-age=31536000

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 28 Oct 2022 00:06:21 GMT
Location: https://ndk-dk.com.bjygmz.com/sbl/index.html
Server: nginx
Strict-Transport-Security: max-age=31536000

GET
H2 200 chunk-vendors.517c8728.js Show response
ndk-dk.com.bjygmz.com/sbl/js/ 158 KB
59 KB 359ms
358ms Script
application/javascript 155.94.133.53
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://ndk-dk.com.bjygmz.com/sbl/js/chunk-vendors.517c8728.js

Requested by

Host: ndk-dk.com.bjygmz.com
URL: https://ndk-dk.com.bjygmz.com/sbl/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.133.53 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.133.53.static.quadranet.com

Software

nginx /

Resource Hash

1db050a1e2270cc7ff278421a87927df089e96aed121045b346b0b29c5f59568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ndk-dk.com.bjygmz.com/sbl/index.html
Origin: https://ndk-dk.com.bjygmz.com
accept-language: da-DK,da;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 00:06:22 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 12:06:44 GMT
server: nginx
etag: W/"635a7454-2768f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 28 Oct 2022 12:06:22 GMT

GET
H2 200 app.a54074be.js Show response
ndk-dk.com.bjygmz.com/sbl/js/ 8 KB
3 KB 536ms
535ms Script
application/javascript 155.94.133.53
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://ndk-dk.com.bjygmz.com/sbl/js/app.a54074be.js

Requested by

Host: ndk-dk.com.bjygmz.com
URL: https://ndk-dk.com.bjygmz.com/sbl/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.133.53 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.133.53.static.quadranet.com

Software

nginx /

Resource Hash

65c88262af86fafdfbc48c9051631e9f0e3b7da12e6d6dfcd48c0122c31703ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ndk-dk.com.bjygmz.com/sbl/index.html
Origin: https://ndk-dk.com.bjygmz.com
accept-language: da-DK,da;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 00:06:22 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 12:06:44 GMT
server: nginx
etag: W/"635a7454-1e36"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 28 Oct 2022 12:06:22 GMT

GET
H2 200 app.a90aa50f.css
ndk-dk.com.bjygmz.com/sbl/css/ 2 KB
814 B 535ms
535ms Stylesheet
text/css 155.94.133.53
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://ndk-dk.com.bjygmz.com/sbl/css/app.a90aa50f.css

Requested by

Host: ndk-dk.com.bjygmz.com
URL: https://ndk-dk.com.bjygmz.com/sbl/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.133.53 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.133.53.static.quadranet.com

Software

nginx /

Resource Hash

787491771ee8eb8d5aa2034a272bc73b5b7688a5e1e2bcdf2367985fe9cd0405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://ndk-dk.com.bjygmz.com/sbl/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 00:06:22 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 12:06:35 GMT
server: nginx
etag: W/"635a744b-7b8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Fri, 28 Oct 2022 12:06:22 GMT

GET
H2 200 931.fc7e46d0.css
ndk-dk.com.bjygmz.com/sbl/css/ 696 KB
131 KB 183ms
182ms Stylesheet
text/css 155.94.133.53
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://ndk-dk.com.bjygmz.com/sbl/css/931.fc7e46d0.css

Requested by

Host: ndk-dk.com.bjygmz.com
URL: https://ndk-dk.com.bjygmz.com/sbl/js/app.a54074be.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.133.53 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.133.53.static.quadranet.com

Software

nginx /

Resource Hash

33121e33fb025ccb4c316c7ed04f007dda3e40f521cdc0ece222e0a7fe64f656

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://ndk-dk.com.bjygmz.com/sbl/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 00:06:22 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 12:06:35 GMT
server: nginx
etag: W/"635a744b-adf0f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Fri, 28 Oct 2022 12:06:22 GMT

GET
H2 200 931.490dabba.js Show response
ndk-dk.com.bjygmz.com/sbl/js/ 15 KB
9 KB 370ms
370ms Script
application/javascript 155.94.133.53
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://ndk-dk.com.bjygmz.com/sbl/js/931.490dabba.js

Requested by

Host: ndk-dk.com.bjygmz.com
URL: https://ndk-dk.com.bjygmz.com/sbl/js/app.a54074be.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.133.53 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.133.53.static.quadranet.com

Software

nginx /

Resource Hash

983a2d702b6ce0be531b7434ff9ebd9564945eb367b59db1b306dabeba0746a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://ndk-dk.com.bjygmz.com/sbl/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 00:06:22 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 12:06:44 GMT
server: nginx
etag: W/"635a7454-3baf"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 28 Oct 2022 12:06:22 GMT

GET
H2 200 410.b04017e2.css
ndk-dk.com.bjygmz.com/sbl/css/ 1 KB
646 B 370ms
370ms Stylesheet
text/css 155.94.133.53
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://ndk-dk.com.bjygmz.com/sbl/css/410.b04017e2.css

Requested by

Host: ndk-dk.com.bjygmz.com
URL: https://ndk-dk.com.bjygmz.com/sbl/js/app.a54074be.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.133.53 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.133.53.static.quadranet.com

Software

nginx /

Resource Hash

122f57000df3d7274663944dce6fc5f9ca5363c623d9be5df5d4c2cbb313f38e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://ndk-dk.com.bjygmz.com/sbl/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 00:06:22 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 12:06:35 GMT
server: nginx
etag: W/"635a744b-4c5"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Fri, 28 Oct 2022 12:06:22 GMT

GET
H2 200 410.8137d3e5.js Show response
ndk-dk.com.bjygmz.com/sbl/js/ 33 KB
13 KB 370ms
370ms Script
application/javascript 155.94.133.53
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://ndk-dk.com.bjygmz.com/sbl/js/410.8137d3e5.js

Requested by

Host: ndk-dk.com.bjygmz.com
URL: https://ndk-dk.com.bjygmz.com/sbl/js/app.a54074be.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.133.53 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.133.53.static.quadranet.com

Software

nginx /

Resource Hash

165b8623c6afaf8fc4d96d1ffb9ca216becda3d3fa3af6d4757043e7031c9206

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://ndk-dk.com.bjygmz.com/sbl/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 00:06:22 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 12:06:44 GMT
server: nginx
etag: W/"635a7454-8370"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 28 Oct 2022 12:06:22 GMT

GET
H2 200 logo_hw.4101e9ac.svg
ndk-dk.com.bjygmz.com/sbl/img/ 6 KB
6 KB 177ms
177ms Image
image/svg+xml 155.94.133.53
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ndk-dk.com.bjygmz.com/sbl/img/logo_hw.4101e9ac.svg

Requested by

Host: ndk-dk.com.bjygmz.com
URL: https://ndk-dk.com.bjygmz.com/sbl/css/931.fc7e46d0.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.133.53 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.133.53.static.quadranet.com

Software

nginx /

Resource Hash

bfc29f85187060b9f09b8d41214488a0260dcc9658f7f87ebb6368c62bfa1aae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://ndk-dk.com.bjygmz.com/sbl/css/931.fc7e46d0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 00:06:23 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 27 Oct 2022 12:06:35 GMT
server: nginx
etag: "635a744b-1735"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 5941

GET
H2 200 wenhao.4c8040e6.svg
ndk-dk.com.bjygmz.com/sbl/img/ 665 B
822 B 177ms
177ms Image
image/svg+xml 155.94.133.53
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ndk-dk.com.bjygmz.com/sbl/img/wenhao.4c8040e6.svg

Requested by

Host: ndk-dk.com.bjygmz.com
URL: https://ndk-dk.com.bjygmz.com/sbl/css/931.fc7e46d0.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.133.53 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.133.53.static.quadranet.com

Software

nginx /

Resource Hash

b36ac52dbbf4f96f45a2a764a62e27d0d656e69644c39d8119dbe57f9bd33fea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://ndk-dk.com.bjygmz.com/sbl/css/931.fc7e46d0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 00:06:23 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 27 Oct 2022 12:06:35 GMT
server: nginx
etag: "635a744b-299"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 665

GET
H2 200 leave.1e7e3ba9.svg
ndk-dk.com.bjygmz.com/sbl/img/ 1 KB
1 KB 178ms
177ms Image
image/svg+xml 155.94.133.53
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ndk-dk.com.bjygmz.com/sbl/img/leave.1e7e3ba9.svg

Requested by

Host: ndk-dk.com.bjygmz.com
URL: https://ndk-dk.com.bjygmz.com/sbl/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.133.53 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.133.53.static.quadranet.com

Software

nginx /

Resource Hash

cbac861d4fa8065a2aa9ab449e85d4224353eb074af9848a41cfbf232fefafdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://ndk-dk.com.bjygmz.com/sbl/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 00:06:23 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 27 Oct 2022 12:06:35 GMT
server: nginx
etag: "635a744b-4fb"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1275

GET
H2 200 money.293139e9.svg
ndk-dk.com.bjygmz.com/sbl/img/ 2 KB
2 KB 178ms
177ms Image
image/svg+xml 155.94.133.53
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ndk-dk.com.bjygmz.com/sbl/img/money.293139e9.svg

Requested by

Host: ndk-dk.com.bjygmz.com
URL: https://ndk-dk.com.bjygmz.com/sbl/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.133.53 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.133.53.static.quadranet.com

Software

nginx /

Resource Hash

719c74be0e7ce92d80fdec720b4744b067407a451fc29228ea164a0ddda431d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://ndk-dk.com.bjygmz.com/sbl/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 00:06:23 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 27 Oct 2022 12:06:35 GMT
server: nginx
etag: "635a744b-661"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1633

GET
H2 200 icon_link_blank_w.5cd3395d.svg
ndk-dk.com.bjygmz.com/sbl/img/ 947 B
1 KB 178ms
178ms Image
image/svg+xml 155.94.133.53
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ndk-dk.com.bjygmz.com/sbl/img/icon_link_blank_w.5cd3395d.svg

Requested by

Host: ndk-dk.com.bjygmz.com
URL: https://ndk-dk.com.bjygmz.com/sbl/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.133.53 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.133.53.static.quadranet.com

Software

nginx /

Resource Hash

af79fbbb5b883acf628e45a4c2ba579e91cbcb3ff198687fce6c3ebba967031e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://ndk-dk.com.bjygmz.com/sbl/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 00:06:23 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 27 Oct 2022 12:06:35 GMT
server: nginx
etag: "635a744b-3b3"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 947

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba3c2e49bb201111ff357c28f33ab12bea135eec9b31ac5e703692f5c044b49f

Request headers

accept-language: da-DK,da;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bnr_card-loan_210607.1be0aa86.png
ndk-dk.com.bjygmz.com/sbl/img/ 24 KB
24 KB 178ms
178ms Image
image/png 155.94.133.53
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ndk-dk.com.bjygmz.com/sbl/img/bnr_card-loan_210607.1be0aa86.png

Requested by

Host: ndk-dk.com.bjygmz.com
URL: https://ndk-dk.com.bjygmz.com/sbl/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.133.53 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.133.53.static.quadranet.com

Software

nginx /

Resource Hash

58f3286b345fdc5d66632b36ed3ffc26fd771e80d116b82c12e90404e4df2504

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://ndk-dk.com.bjygmz.com/sbl/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 00:06:23 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 27 Oct 2022 12:06:35 GMT
server: nginx
etag: "635a744b-5e46"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 24134
expires: Sun, 27 Nov 2022 00:06:23 GMT

GET
H2 200 bnr_ad_footer_221003.d6b3d5bc.jpg
ndk-dk.com.bjygmz.com/sbl/img/ 93 KB
94 KB 179ms
179ms Image
image/jpeg 155.94.133.53
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ndk-dk.com.bjygmz.com/sbl/img/bnr_ad_footer_221003.d6b3d5bc.jpg

Requested by

Host: ndk-dk.com.bjygmz.com
URL: https://ndk-dk.com.bjygmz.com/sbl/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.133.53 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.133.53.static.quadranet.com

Software

nginx /

Resource Hash

9e3124a0e07e0878e39852474dd29cabaf63827052ac81d14bf7a362151a560f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://ndk-dk.com.bjygmz.com/sbl/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 00:06:23 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 27 Oct 2022 12:06:35 GMT
server: nginx
etag: "635a744b-175d1"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 95697
expires: Sun, 27 Nov 2022 00:06:23 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3759e292a0291bd5d95671f16607f2e56915025a90389a9cb0a9fb4fa4a176a2

Request headers

accept-language: da-DK,da;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86d1ea912b3bae0c64af52e81a50100bb0da760d6889fc8e2d97ec022b069c86

Request headers

accept-language: da-DK,da;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d07b130be532f81f79aac6da773817ca825d622d3d1796fa84a0da0914781070

Request headers

accept-language: da-DK,da;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SBI Sumishin Net Bank (Banking)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ndk-dk.com.bjygmz.com
155.94.133.53
122f57000df3d7274663944dce6fc5f9ca5363c623d9be5df5d4c2cbb313f38e
165b8623c6afaf8fc4d96d1ffb9ca216becda3d3fa3af6d4757043e7031c9206
1db050a1e2270cc7ff278421a87927df089e96aed121045b346b0b29c5f59568
33121e33fb025ccb4c316c7ed04f007dda3e40f521cdc0ece222e0a7fe64f656
3759e292a0291bd5d95671f16607f2e56915025a90389a9cb0a9fb4fa4a176a2
58f3286b345fdc5d66632b36ed3ffc26fd771e80d116b82c12e90404e4df2504
65c88262af86fafdfbc48c9051631e9f0e3b7da12e6d6dfcd48c0122c31703ad
719c74be0e7ce92d80fdec720b4744b067407a451fc29228ea164a0ddda431d6
787491771ee8eb8d5aa2034a272bc73b5b7688a5e1e2bcdf2367985fe9cd0405
85a10dd3c0c33a28d47c665ee4b0627ac809d35d36739529a308c49d5ad4ef6c
86d1ea912b3bae0c64af52e81a50100bb0da760d6889fc8e2d97ec022b069c86
983a2d702b6ce0be531b7434ff9ebd9564945eb367b59db1b306dabeba0746a7
9e3124a0e07e0878e39852474dd29cabaf63827052ac81d14bf7a362151a560f
af79fbbb5b883acf628e45a4c2ba579e91cbcb3ff198687fce6c3ebba967031e
b36ac52dbbf4f96f45a2a764a62e27d0d656e69644c39d8119dbe57f9bd33fea
ba3c2e49bb201111ff357c28f33ab12bea135eec9b31ac5e703692f5c044b49f
bfc29f85187060b9f09b8d41214488a0260dcc9658f7f87ebb6368c62bfa1aae
cbac861d4fa8065a2aa9ab449e85d4224353eb074af9848a41cfbf232fefafdc
d07b130be532f81f79aac6da773817ca825d622d3d1796fa84a0da0914781070

ndk-dk.com.bjygmz.com Open in urlscan Pro 155.94.133.53 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

347 kBTransfer

1052 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

ndk-dk.com.bjygmz.com Open in urlscan Pro
155.94.133.53 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

347 kB
Transfer

1052 kB
Size

0
Cookies

15 HTTP transactions
4 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!