bbyaysc.cyou
Open in
urlscan Pro
103.71.152.102
Malicious Activity!
Public Scan
Submission: On October 11 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 20th 2023. Valid for: 3 months.
This is the only time bbyaysc.cyou was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: WhatsApp (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 103.71.152.102 103.71.152.102 | 136950 (HIITL-AS-...) (HIITL-AS-AP Hong Kong FireLine Network LTD) | |
1 | 2606:4700:303... 2606:4700:3034::6815:5f48 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
9 | 3 |
ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK)
bbyaysc.cyou |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
bbyaysc.cyou
bbyaysc.cyou |
202 KB |
1 |
zong07.icu
sys.zong07.icu |
9 KB |
9 | 2 |
Domain | Requested by | |
---|---|---|
8 | bbyaysc.cyou |
bbyaysc.cyou
|
1 | sys.zong07.icu |
bbyaysc.cyou
|
9 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
bbyaysc.cyou R3 |
2023-09-20 - 2023-12-19 |
3 months | crt.sh |
sys.zong07.icu GTS CA 1P5 |
2023-09-19 - 2023-12-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://bbyaysc.cyou/
Frame ID: B1F64E3ECA7DFF08BC92D618708C0640
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
WhatsAppDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
bbyaysc.cyou/ |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stylex.css
bbyaysc.cyou/static/ |
114 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom.css
bbyaysc.cyou/static/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap_qr.css
bbyaysc.cyou/static/ |
195 KB 64 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap_main.css
bbyaysc.cyou/static/ |
225 KB 54 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
bbyaysc.cyou/jQuery/ |
91 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.cookie.js
bbyaysc.cyou/jQuery/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
diao7.js
sys.zong07.icu/ |
19 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qrcode.min.js
bbyaysc.cyou/jQuery/ |
19 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
85 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: WhatsApp (Instant Messenger)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery string| version_ function| _0x3b84b3 function| _0x4e918a function| guid function| _0x6917 function| _0x3d17 function| sock function| qrcode function| refreshqrcode function| _0x43ae43 function| QRCode0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bbyaysc.cyou
sys.zong07.icu
103.71.152.102
2606:4700:3034::6815:5f48
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
55c173330e36aaceaf268be4fe4421376a4e9eab4ce0de8e32aeb1c75f1181af
5f95a290990daa0e2a906bb28fe4bd14211e570ac1b3d120e05ec4566c0246d1
62cf39739ea98e54b5c3c3c1bb35f8c6b9707cb59287e71904eada449ffd5bbf
6cf9d93792cdfccd76c36adea0894dc980c336960ee4f0da3acaaa775beb0a6d
a273ec2af625eb8f498a696ae39b7bf196200646e886e8f32f39c6f748070421
a3af05896b51603dc80b0248b30dd3a053edd6c9e33eb7a71f5f3608fe529150
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
d3889a9a244c69018e4848bffa27b76845ca2c34813976342d4b122e6533bbca
e0108076470765be9ef1e9b242b8a52ef78c8f4532c7263426abc05ea4b60240
f30fa83cd51dc0dee27ef099447686b30f5d0eabb88bd7826472353321f1c582