mingbaota.com Open in urlscan Pro
172.67.156.34 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mingbaota.com/old/
Effective URL:
https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141
Submission: On July 15 via api (July 15th 2024, 7:04:05 am UTC) from US — Scanned from CH

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 172.67.156.34, located in United States and belongs to CLOUDFLARENET, US. The main domain is mingbaota.com.
TLS certificate: Issued by E6 on June 11th 2024. Valid for: 3 months.

This is the only time mingbaota.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Viseca (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 12	172.67.156.34 172.67.156.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
15	5

12 172.67.156.34 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mingbaota.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	mingbaota.com 1 redirects mingbaota.com	648 KB
1	gstatic.com fonts.gstatic.com	43 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 240	27 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	3 KB
15	4

	Domain	Requested by
12	mingbaota.com	1 redirects mingbaota.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdnjs.cloudflare.com	mingbaota.com
1	fonts.googleapis.com	mingbaota.com
15	4

This site contains no links.

Subject Issuer	Validity	Valid
mingbaota.com E6	`2024-06-11` - `2024-09-09`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141
Frame ID: FC088FD841271DC4B36A649A22BA9A2A
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

One Digital

Page URL History Show full URLs

https://mingbaota.com/old/ HTTP 302
https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141 Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

93 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

721 kB
Transfer

2268 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mingbaota.com/old/ HTTP 302
https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://mingbaota.com/favicon.ico HTTP 302
https://mingbaota.com/wp-admin/install.php

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mingbaota.com/old/
Redirect Chain

https://mingbaota.com/old/
https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141

4 KB
2 KB

1161ms
1158ms

Document
text/html

172.67.156.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24edbbbf276a758deab4922e34f5bb26013104c3603e38bb2b80df4a7eac07fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8a37e553597302bb-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 15 Jul 2024 07:04:00 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cfPZFh0n0MlMp%2BGLxkPs%2Fh7mnPDbWE9BIIMHSyNO3Ckf8jIeoeftsOSiJOZZaD%2FU7dy2CWQI8zcls2xIqM7Gi2563wZeL5Zcwe0PwgtLV0RdKHr56zQV3DA6knDxXhsM"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8a37e54a9aea02bb-CDG
content-type: text/html; charset=UTF-8
date: Mon, 15 Jul 2024 07:03:59 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: ./?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HRPOXJQdI2PtgaL60b5mKlMd89HiatpjwiGNcWE5OR9mcvJne0%2BWHYcONOJ9xBZ9DuZGNKF%2BSV1HCS3lLf9%2FX5IJS67JZdIwZZhNDQbPYcH4JJnG%2B%2FNo9jTYRoMEp5Sm"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff

GET
H2 200 one.css
mingbaota.com/old/int/ 1 MB
159 KB 528ms
524ms Stylesheet
text/css 172.67.156.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mingbaota.com/old/int/one.css

Requested by

Host: mingbaota.com
URL: https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f21bc928f8ac62e0c9b400fd9a66629b23eed41105b9969a06be59ced5c6b98c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 15 Jul 2024 07:04:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 28 Dec 2023 11:57:18 GMT
server: cloudflare
etag: W/"658d629e-1688aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pjhSqfcmT%2FPBNAOl1y09ei1QDEYz9JTTqiWyNa7%2BaQ0rwFiqBdqri%2BdztETuZ3b4qWD%2FZnHtifUMHFmOPjjYKnWpW3hE%2By5On6SDZ78qLy07wSP2FKKxieu7eu1vsezw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 8a37e55c38da02bb-CDG
expires: Mon, 15 Jul 2024 19:04:00 GMT

GET
H2 200 two.css
mingbaota.com/old/int/ 3 KB
1 KB 461ms
458ms Stylesheet
text/css 172.67.156.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mingbaota.com/old/int/two.css

Requested by

Host: mingbaota.com
URL: https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

995a5932cc08b17fb187c06c2f2fd04a1e1e6d06a674f97d1c0d555991566afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 15 Jul 2024 07:04:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 28 Dec 2023 11:57:18 GMT
server: cloudflare
etag: W/"658d629e-dbf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BU2hfG%2FGcZfZr9RbiMxnajGbjXwkEASJS%2Bics1q4v17yzjN1pHtTnb712fB%2FS28x0GFk2NgnwdrBv6gK%2BsdyHt6qtBLzECrhJNyqqXdJGy5XIKrut0SeB%2FMAwgQKF1%2BE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 8a37e55c38dd02bb-CDG
expires: Mon, 15 Jul 2024 19:04:00 GMT

GET
H2 200 spinner.css
mingbaota.com/old/int/ 534 B
748 B 525ms
522ms Stylesheet
text/css 172.67.156.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mingbaota.com/old/int/spinner.css

Requested by

Host: mingbaota.com
URL: https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d1b98c81364bbd96e008f87c818f0eaed6fa1ea3fb1d5979f504066653af3ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 15 Jul 2024 07:04:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 28 Dec 2023 09:07:28 GMT
server: cloudflare
etag: W/"658d3ad0-216"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2F%2B3SbW1BF%2FeNpuU5JlqxamtGV0faT8KdzD6%2ByoxL3E%2BQRrNM8mQFVjhpGEWHBPj3Nbzb%2BD0gVF%2ByrEBJC8kvY6HYCX8nVqgqkp%2FQmSBqJIrhtIVz%2FiFbzs9NkGwWuGz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 8a37e55c38de02bb-CDG
expires: Mon, 15 Jul 2024 19:04:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 93 KB
3 KB 618ms
85ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i

Requested by

Host: mingbaota.com
URL: https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

254956541c0ae3bd4d653a874f452d4934bde89ce64e7d7eedb4d063d91bd5fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mingbaota.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jul 2024 07:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 15 Jul 2024 07:04:01 GMT

GET
H2 200 hed.jpg
mingbaota.com/old/images/ 99 KB
74 KB 192ms
191ms Image
image/jpeg 172.67.156.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mingbaota.com/old/images/hed.jpg

Requested by

Host: mingbaota.com
URL: https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44d635e4f078b2eba8aa51ff64db0bca73ef6a34a0452cc1d195d66bcc960604

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 15 Jul 2024 07:04:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 171353
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 28 Dec 2023 13:15:48 GMT
server: cloudflare
etag: W/"658d7504-18aea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hFCoryOc%2FfinnpgEhRNG%2BXnFOqtq0SA8XUgB5EP3e817fH6dfvvdFHzBvM3NmAp6MbubtYUFhAUYrrg8sA13rVUF4qsbRp%2Bz1quPZx5Jf7qfdrMlJOUb0EY%2Bv8aIcH65"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
cf-ray: 8a37e55c38df02bb-CDG
expires: Mon, 12 Aug 2024 07:28:07 GMT

GET
H2 200 logo.svg
mingbaota.com/old/images/ 1 KB
1021 B 524ms
524ms Image
image/svg+xml 172.67.156.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mingbaota.com/old/images/logo.svg

Requested by

Host: mingbaota.com
URL: https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b1ac825153c2c2e7321901e800fdaf9ca16e65aaf28d362698400ac3642b18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 15 Jul 2024 07:04:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Thu, 28 Dec 2023 07:49:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
etag: W/"658d287a-536"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qj9BtLBQntG5rkme1loxRHy6PJMUz61%2F%2Bp2w%2F%2Bcn%2BBU7egjlcg%2Bf6FZvlBiD6QD1XwK%2FmAIU75dl2f1l%2B%2Bi0hiXMoMBdg7muG3tlMnB4VFFsCXfDaN%2BePi41zJOxFDAg"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8a37e55c38e002bb-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 13677100.png
mingbaota.com/old/images/ 2 KB
2 KB 162ms
160ms Image
image/png 172.67.156.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mingbaota.com/old/images/13677100.png

Requested by

Host: mingbaota.com
URL: https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60169aa78d9d07bffe8b906177e05cdfce82141890beb4202051c19c4b22c921

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 15 Jul 2024 07:04:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 171353
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 28 Dec 2023 13:38:56 GMT
server: cloudflare
etag: W/"658d7a70-7e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qMJThvsWn8S2yJvCEeWpFa%2F8Zd4k%2FNCZKVsKxLU3KAtBvEpTPlQ5rGVFx8gaUGkknwX147RKzJyztsF7h3P3bxwqqY0abC%2BmCfCQBSy0FqE4CN7RlKnsVnPgEaW2WghC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 8a37e55c38e102bb-CDG
expires: Mon, 12 Aug 2024 07:28:07 GMT

GET
H2 200 sind.png
mingbaota.com/old/images/ 267 KB
221 KB 284ms
282ms Image
image/png 172.67.156.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mingbaota.com/old/images/sind.png

Requested by

Host: mingbaota.com
URL: https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77be7c0aceb9f197dc76abc620c7a3dbaf4ab51b8231596397fc6a7d51ce078

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 15 Jul 2024 07:04:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 171353
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 28 Dec 2023 13:33:06 GMT
server: cloudflare
etag: W/"658d7912-42aa0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=90%2B4HzmawqceSlZgB9iAiVVmqsM3S%2F2Hnp1Rhk7O5vzKrxLZgTULUO3cXfDMVNsP8W60aQNxnIqF%2BnmuzWbuII%2FgWnNJyUUlJ41dcd3ICz%2F6CBEBsvuseYAbvRWsCemO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
cf-ray: 8a37e55c38e202bb-CDG
expires: Mon, 12 Aug 2024 07:28:07 GMT

GET
H2 200 footers.jpg
mingbaota.com/old/images/ 176 KB
132 KB 253ms
252ms Image
image/jpeg 172.67.156.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mingbaota.com/old/images/footers.jpg

Requested by

Host: mingbaota.com
URL: https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19a7093262a3089280e3c692241abc13d4a70de72734a3ffea5d4cd07e8eb551

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 15 Jul 2024 07:04:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
age: 171353
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 28 Dec 2023 07:49:14 GMT
server: cloudflare
etag: W/"658d287a-2becd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3YyG8NUaDkd3ggGZjE2OV2phvo1uCUSSgPCAUenZVnESuc%2FC941hKW%2BgOmAO%2FRK%2F9urAeyY%2FCNJ1b60TjA2KlDKm1ZoewlWM%2FkDcQVIl8snfjHoLTTSit749akvNayxI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
cf-ray: 8a37e55c38e302bb-CDG
expires: Mon, 12 Aug 2024 07:28:07 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ 85 KB
27 KB 592ms
85ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: mingbaota.com
URL: https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://mingbaota.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 15 Jul 2024 07:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 233232
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27277
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15283"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pCBoepp94XR4wED7P%2FkBmgglMdOh4uqHgSE0BPsmrXKpcM4pmHhw4fVX3%2FqjPQqKr5uCVeb3aWJ4O%2FyFCGP1n10X3KQDXhYgnEk1TX4v%2FJwaGsjr6CVWNcnYBmh%2B9VlgC1ecPyum"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a37e55ebd9cbac8-ZRH
expires: Sat, 05 Jul 2025 07:04:01 GMT

GET
H2 200 FrutigerLTStd-Roman.otf
mingbaota.com/old/int/fonts/ 27 KB
27 KB 474ms
473ms Font
application/octet-stream 172.67.156.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mingbaota.com/old/int/fonts/FrutigerLTStd-Roman.otf

Requested by

Host: mingbaota.com
URL: https://mingbaota.com/old/int/two.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c6449a1ab705eb93617f7400991cb90be26b681e5480f71ead2477918d53da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mingbaota.com/old/int/two.css
Origin: https://mingbaota.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 15 Jul 2024 07:04:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 27328
last-modified: Thu, 28 Dec 2023 07:49:14 GMT
server: cloudflare
etag: "658d287a-6ac0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zfC%2BfoHBRJ87cWsMUWC%2FgLDEzQauM4GJ4sLVG83Xa5nSnTGNkIGv%2FL6zXfw93S3nuB%2FZeiY01f2gq818MFcOyT%2Bzol2lBCKFvgJuJKCuLavO62z28bL1zsaOiTjHVKJd"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a37e55fdb2102bb-CDG

GET
H2 200 FrutigerLTStd65Bold.otf
mingbaota.com/old/int/fonts/ 27 KB
28 KB 470ms
469ms Font
application/octet-stream 172.67.156.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mingbaota.com/old/int/fonts/FrutigerLTStd65Bold.otf

Requested by

Host: mingbaota.com
URL: https://mingbaota.com/old/int/two.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5fb3dde4fb8a635ced4abd35dd9a3dcab999288a46159e7aa0c2e6234e5888c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mingbaota.com/old/int/two.css
Origin: https://mingbaota.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 15 Jul 2024 07:04:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 27996
last-modified: Thu, 28 Dec 2023 07:49:14 GMT
server: cloudflare
etag: "658d287a-6d5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i0z0y5XQxF33wqpp0QWaBhnsl43X%2FH6S1fYfgwCLLNA26OTV8EeqRYe7wqDeCmOnBVn0cQeBt7YUi8gvX%2BbvsEhjujbS9dKyiu%2BE3kFvztxHhghanag9OGxdB6K8BcSD"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a37e55fdb2302bb-CDG

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v40/ 42 KB
43 KB 562ms
51ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mingbaota.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 09 Jul 2024 15:07:59 GMT
x-content-type-options: nosniff
age: 489362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43068
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:05:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 15:07:59 GMT

GET

install.php
mingbaota.com/wp-admin/
Redirect Chain

https://mingbaota.com/favicon.ico
https://mingbaota.com/wp-admin/install.php

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mingbaota.com
URL: https://mingbaota.com/wp-admin/install.php

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Viseca (Financial)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mingbaota.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: oea4dj7nuckk5ocki0m61udjhq

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://mingbaota.com/old/?LOG=f0fff7384b3e8067854f9c862505bb722deff93ac65d43321072986f541a0141 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
mingbaota.com
mingbaota.com
104.17.25.14
142.250.185.234
172.217.16.195
172.67.156.34
0c6449a1ab705eb93617f7400991cb90be26b681e5480f71ead2477918d53da1
19a7093262a3089280e3c692241abc13d4a70de72734a3ffea5d4cd07e8eb551
24edbbbf276a758deab4922e34f5bb26013104c3603e38bb2b80df4a7eac07fa
254956541c0ae3bd4d653a874f452d4934bde89ce64e7d7eedb4d063d91bd5fd
44d635e4f078b2eba8aa51ff64db0bca73ef6a34a0452cc1d195d66bcc960604
60169aa78d9d07bffe8b906177e05cdfce82141890beb4202051c19c4b22c921
7d1b98c81364bbd96e008f87c818f0eaed6fa1ea3fb1d5979f504066653af3ad
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8b1ac825153c2c2e7321901e800fdaf9ca16e65aaf28d362698400ac3642b18b
94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c
995a5932cc08b17fb187c06c2f2fd04a1e1e6d06a674f97d1c0d555991566afb
d5fb3dde4fb8a635ced4abd35dd9a3dcab999288a46159e7aa0c2e6234e5888c
f21bc928f8ac62e0c9b400fd9a66629b23eed41105b9969a06be59ced5c6b98c
f77be7c0aceb9f197dc76abc620c7a3dbaf4ab51b8231596397fc6a7d51ce078

mingbaota.com Open in urlscan Pro 172.67.156.34 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

721 kBTransfer

2268 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

mingbaota.com Open in urlscan Pro
172.67.156.34 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

721 kB
Transfer

2268 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!