sanjuanbosco.edu.ec
Open in
urlscan Pro
2606:4700:3037::6815:42f0
Malicious Activity!
Public Scan
Submission: On December 01 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 2nd 2022. Valid for: a year.
This is the only time sanjuanbosco.edu.ec was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: 163.cn (Online) Generic China (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 2606:4700:303... 2606:4700:3037::6815:42f0 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 240e:83:201:d... 240e:83:201:d:0:1:232:65 | 23724 (CHINANET-...) (CHINANET-IDC-BJ-AP IDC) | |
9 | 52.223.58.187 52.223.58.187 | 16509 (AMAZON-02) (AMAZON-02) | |
28 | 3 |
ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN)
qiye.163.com |
ASN16509 (AMAZON-02, US)
PTR: af7a760d1af735066.awsglobalaccelerator.com
mimghz.qiye.163.com | |
mimg.qiye.163.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
sanjuanbosco.edu.ec
sanjuanbosco.edu.ec |
30 KB |
10 |
163.com
qiye.163.com — Cisco Umbrella Rank: 84535 mimghz.qiye.163.com mimg.qiye.163.com |
222 KB |
28 | 2 |
Domain | Requested by | |
---|---|---|
18 | sanjuanbosco.edu.ec |
sanjuanbosco.edu.ec
|
6 | mimghz.qiye.163.com |
sanjuanbosco.edu.ec
|
3 | mimg.qiye.163.com |
sanjuanbosco.edu.ec
|
1 | qiye.163.com |
sanjuanbosco.edu.ec
|
28 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
qiye.163.com |
u.163.com |
mail.163.com |
corp.163.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-02 - 2023-06-01 |
a year | crt.sh |
*.qiye.163.com GeoTrust RSA CN CA G2 |
2022-01-24 - 2023-02-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c
Frame ID: 5B6CF8F878C3570BFF22C266D270D6F1
Requests: 28 HTTP requests in this frame
Screenshot
Page Title
网易企业邮箱 - 登录入口Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Title: 繁體版
Search URL Search Domain Scan URL
Title: English
Search URL Search Domain Scan URL
Title: 帮助
Search URL Search Domain Scan URL
Title: Android版
Search URL Search Domain Scan URL
Title: iPhone版
Search URL Search Domain Scan URL
Title: 管理员登录
Search URL Search Domain Scan URL
Title: 下载邮箱大师
Search URL Search Domain Scan URL
Title: 关于网易
Search URL Search Domain Scan URL
Title: 相关法律
Search URL Search Domain Scan URL
Title: 企业邮箱
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.php
sanjuanbosco.edu.ec/intr/qiye2/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
global.css
sanjuanbosco.edu.ec/intr/qiye2/files/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user.css
sanjuanbosco.edu.ec/intr/qiye2/files/ |
495 B 592 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.css
sanjuanbosco.edu.ec/intr/qiye2/files/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
qiye.163.com/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getqrcode.do
sanjuanbosco.edu.ec/intr/qiye2/index_files/ |
11 KB 11 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
year.js.download
sanjuanbosco.edu.ec/intr/qiye2/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loginjs.jsp
sanjuanbosco.edu.ec/intr/qiye2/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js.download
sanjuanbosco.edu.ec/intr/qiye2/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.js.download
sanjuanbosco.edu.ec/intr/qiye2/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lang_zhcn.js.download
sanjuanbosco.edu.ec/intr/qiye2/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select_network.js.download
sanjuanbosco.edu.ec/intr/qiye2/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login_util.js.download
sanjuanbosco.edu.ec/intr/qiye2/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.jsonp-2.4.0.min.js.download
sanjuanbosco.edu.ec/intr/qiye2/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select_banner.js.download
sanjuanbosco.edu.ec/intr/qiye2/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reset_pwd.js.download
sanjuanbosco.edu.ec/intr/qiye2/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qiye_algorithm.js.download
sanjuanbosco.edu.ec/intr/qiye2/index_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.gif
mimghz.qiye.163.com/o/public/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user_yixin_right_20180827.jpg
mimg.qiye.163.com/o/mailapp/qiyelogin/style/img/ |
187 KB 188 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loginFormBg.png
mimghz.qiye.163.com/o/domain/201808271800/index/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg_cn_noqiye.png
mimghz.qiye.163.com/o/domain/201808271800/index/img/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bgx.gif
mimg.qiye.163.com/xm/qiye/login/img/ |
87 B 257 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.gif
mimg.qiye.163.com/xm/qiye/login/img/ |
12 KB 12 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ic_android.png
mimghz.qiye.163.com/o/domain/201808271800/index/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ic_apple.png
mimghz.qiye.163.com/o/domain/201808271800/index/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ic_qr.png
mimghz.qiye.163.com/o/domain/201808271800/index/img/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
applogin_example.png
sanjuanbosco.edu.ec/intr/qiye2/img/ |
11 KB 11 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
codebg.png
sanjuanbosco.edu.ec/intr/qiye2/img/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: 163.cn (Online) Generic China (Online)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange string| myDomain boolean| isCommonPage boolean| isDefaultBg string| currentBanner string| currentStyle string| addresses string| errMsg string| domainType string| pageType string| verifyCodeUrl string| verifyCode0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
23 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mimg.qiye.163.com
mimghz.qiye.163.com
qiye.163.com
sanjuanbosco.edu.ec
240e:83:201:d:0:1:232:65
2606:4700:3037::6815:42f0
52.223.58.187
000114f7ef19aac009b411eff3232439da5e89a7476248a8813b94e9c4cd7bc1
09e7fb9326ea92a21d2e4703ed5274db3e63652e90892761ae12e82ffc33eb66
279e4ab891ef88fc5efa4728af9ce93f85d1cd72408910e441a283b3d0979b6f
44ed03668b2e7924e52d736b5c3484f2a58a1d9f75497f38a44ce569cc86c402
54fdcb30f8d40ec4b1d3cf31eb64f76642655824532e2950b63312b4284bfa2a
57f37271dc71a424614a1b51d7c9c95bc5d81ccc40588afb31f54689b46f8715
664aa37e0a5c4996aee36c91c517ba150c9062830df0a12127509eadea5ca871
9e1d3b7de9ca14f58a27bb5f7be516d5cf34af531ca93f8c40342d4714b96351
aa41c1850a185eec48e1d91f3e79e897bd07d85b0b15cd50efa9df0b4fa8153d
ba9756169b038363ae15d1706bbce13329e5f685afb02f5bb6775b3c507bbe17
d2ebb787f063b285064cf49dc6fb90cc675864c5cc51e8b2b477ebf40e18c13f
d6bc5b53501a0fff83c8fab79ae9f090e5f02792126fed2362d156a7c6a30a1f
e01225c49661fca51a5fd077c4e0332ea6124d2c36049c4e9fc62051d8a1b978
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed6dbc8fab5b63d6df0b079b70fc95459214b77dc174a05f0ea97d6a5fdc131c
f62a777eec8cc1e11ec1d0f681b707d43b87129af5a160ecd858f829db5478a4