8jq1i.cn Open in urlscan Pro
23.249.22.242 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://urldefense.com/v3/__https://8jq1i.cn/?irPXZBBkISDMHD__;!!IIc8w16ASern!_umt9VqsSbPZfPcR09J4QvDa1r65vxfxC-1gCTsCK...
Effective URL:
https://8jq1i.cn/?irPXZBBkISDMHD
Submission: On February 24 via manual (February 24th 2021, 12:04:46 pm UTC) from JP

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 17 HTTP transactions. The main IP is 23.249.22.242, located in Tokyo, Japan and belongs to ZNET, US. The main domain is 8jq1i.cn.
TLS certificate: Issued by R3 on February 22nd 2021. Valid for: 3 months.

This is the only time 8jq1i.cn was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Rakuten (E-commerce)

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.204.90.22 52.204.90.22	14618 (AMAZON-AES) (AMAZON-AES)
17	23.249.22.242 23.249.22.242	21859 (ZNET) (ZNET)
17	1

1 52.204.90.22 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

urldefense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 23.249.22.242 (Tokyo, Japan)

ASN21859 (ZNET, US)

8jq1i.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	8jq1i.cn 8jq1i.cn	124 KB
1	urldefense.com 1 redirects urldefense.com	134 B
17	2

	Domain	Requested by
17	8jq1i.cn	8jq1i.cn
1	urldefense.com	1 redirects
17	2

This site contains no links.

Subject Issuer	Validity	Valid
fnykk.cn R3	`2021-02-22` - `2021-05-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://8jq1i.cn/?irPXZBBkISDMHD
Frame ID: 78C2A5179EDEC2A9F8CCB8E9468B4FC8
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://urldefense.com/v3/__https://8jq1i.cn/?irPXZBBkISDMHD__;!!IIc8w16ASern!_umt9VqsSbPZfPcR09J4Q... HTTP 302
https://8jq1i.cn/?irPXZBBkISDMHD Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

17
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

124 kB
Transfer

210 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://urldefense.com/v3/__https://8jq1i.cn/?irPXZBBkISDMHD__;!!IIc8w16ASern!_umt9VqsSbPZfPcR09J4QvDa1r65vxfxC-1gCTsCKq7qLItHbpWEb38P7EvPgFNShRZ2zk0$ HTTP 302
https://8jq1i.cn/?irPXZBBkISDMHD Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response 8jq1i.cn/ Redirect Chain https://urldefense.com/v3/__https://8jq1i.cn/?irPXZBBkISDMHD__;!!IIc8w16ASern!_umt9VqsSbPZfPcR09J4QvDa1r65vxfxC-1gCTsCKq7qLItHbpWEb38P7EvPgFNShRZ2zk0$ https://8jq1i.cn/?irPXZBBkISDMHD	8 KB 3 KB	557ms 179ms	Document text/html	23.249.22.242 ZNET
General Check archive.org Show headers Download Go to Full URL https://8jq1i.cn/?irPXZBBkISDMHD Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.249.22.242 Tokyo, Japan, ASN21859 (ZNET, US), Reverse DNS Software nginx / Resource Hash `9c9797b6e4667df722ba99354080145bcfdae2bafd7601647e3400fc85d02b37` Request headers :method GET :authority 8jq1i.cn :scheme https :path /?irPXZBBkISDMHD pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers server nginx date Wed, 24 Feb 2021 12:04:28 GMT content-type text/html;charset=UTF-8 vary Accept-Encoding content-language en-US expires Thu, 25 Feb 2021 00:04:28 GMT cache-control max-age=43200 no-cache x-cache MISS content-encoding gzip Redirect headers date Wed, 24 Feb 2021 12:04:28 GMT content-length 0 location https://8jq1i.cn/?irPXZBBkISDMHD strict-transport-security max-age=31536000 x-robots-tag noindex, nofollow
GET H2	200	ichiba_chat_appender_v1_0.css 8jq1i.cn/static/css/	6 KB 2 KB	494ms 493ms	Stylesheet text/css	23.249.22.242 ZNET
General Check archive.org Show headers Download Go to Full URL https://8jq1i.cn/static/css/ichiba_chat_appender_v1_0.css Requested by Host: 8jq1i.cn URL: https://8jq1i.cn/?irPXZBBkISDMHD Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.249.22.242 Tokyo, Japan, ASN21859 (ZNET, US), Reverse DNS Software nginx / Resource Hash `2771191104d71c188d9dbdb97ce74cc190b1bd377275e0201bef4648bfc0f186` Request headers Referer https://8jq1i.cn/?irPXZBBkISDMHD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 24 Feb 2021 12:04:28 GMT content-encoding gzip last-modified Mon, 22 Feb 2021 02:57:52 GMT server nginx vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-cache MISS content-type text/css cache-control max-age=43200, no-cache expires Thu, 25 Feb 2021 00:04:28 GMT
GET H2	200	jquery-1.12.4.min.js Show response 8jq1i.cn/static/js/	95 KB 37 KB	194ms 192ms	Script application/javascript	23.249.22.242 ZNET
General Check archive.org Show headers Download Go to Full URL https://8jq1i.cn/static/js/jquery-1.12.4.min.js Requested by Host: 8jq1i.cn URL: https://8jq1i.cn/?irPXZBBkISDMHD Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.249.22.242 Tokyo, Japan, ASN21859 (ZNET, US), Reverse DNS Software nginx / Resource Hash `668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404` Request headers Referer https://8jq1i.cn/?irPXZBBkISDMHD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 24 Feb 2021 12:04:28 GMT content-encoding gzip last-modified Mon, 22 Feb 2021 02:57:52 GMT server nginx vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-cache MISS content-type application/javascript cache-control max-age=43200, no-cache expires Thu, 25 Feb 2021 00:04:28 GMT
GET H2	200	jquery.validate.min.js Show response 8jq1i.cn/static/js/	21 KB 8 KB	360ms 358ms	Script application/javascript	23.249.22.242 ZNET
General Check archive.org Show headers Download Go to Full URL https://8jq1i.cn/static/js/jquery.validate.min.js Requested by Host: 8jq1i.cn URL: https://8jq1i.cn/?irPXZBBkISDMHD Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.249.22.242 Tokyo, Japan, ASN21859 (ZNET, US), Reverse DNS Software nginx / Resource Hash `2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13` Request headers Referer https://8jq1i.cn/?irPXZBBkISDMHD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 24 Feb 2021 12:04:28 GMT content-encoding gzip last-modified Mon, 22 Feb 2021 02:57:52 GMT server nginx vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-cache MISS content-type application/javascript cache-control max-age=43200, no-cache expires Thu, 25 Feb 2021 00:04:28 GMT
GET H2	200	common_login.css 8jq1i.cn/static/css/	11 KB 3 KB	361ms 360ms	Stylesheet text/css	23.249.22.242 ZNET
General Check archive.org Show headers Download Go to Full URL https://8jq1i.cn/static/css/common_login.css Requested by Host: 8jq1i.cn URL: https://8jq1i.cn/?irPXZBBkISDMHD Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.249.22.242 Tokyo, Japan, ASN21859 (ZNET, US), Reverse DNS Software nginx / Resource Hash `3db3a37c8b57df998874da0335cc2f35d75df401c20200498547ac0f486af4b8` Request headers Referer https://8jq1i.cn/?irPXZBBkISDMHD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 24 Feb 2021 12:04:28 GMT content-encoding gzip last-modified Mon, 22 Feb 2021 02:57:52 GMT server nginx vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-cache MISS content-type text/css cache-control max-age=43200, no-cache expires Thu, 25 Feb 2021 00:04:28 GMT
GET H2	200	loginstyle.css 8jq1i.cn/static/css/	969 B 1 KB	493ms 492ms	Stylesheet text/css	23.249.22.242 ZNET
General Check archive.org Show headers Download Go to Full URL https://8jq1i.cn/static/css/loginstyle.css Requested by Host: 8jq1i.cn URL: https://8jq1i.cn/?irPXZBBkISDMHD Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.249.22.242 Tokyo, Japan, ASN21859 (ZNET, US), Reverse DNS Software nginx / Resource Hash `8c18139032ae0385b15a78d32b8deb3c392940f4e34c79fbdd1a069f46f5213c` Request headers Referer https://8jq1i.cn/?irPXZBBkISDMHD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 24 Feb 2021 12:04:28 GMT last-modified Mon, 22 Feb 2021 02:57:52 GMT server nginx vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-cache MISS content-type text/css cache-control max-age=43200, no-cache accept-ranges bytes content-length 969 expires Thu, 25 Feb 2021 00:04:28 GMT
GET H2	200	validation.css 8jq1i.cn/static/css/	100 B 362 B	361ms 360ms	Stylesheet text/css	23.249.22.242 ZNET
General Check archive.org Show headers Download Go to Full URL https://8jq1i.cn/static/css/validation.css Requested by Host: 8jq1i.cn URL: https://8jq1i.cn/?irPXZBBkISDMHD Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.249.22.242 Tokyo, Japan, ASN21859 (ZNET, US), Reverse DNS Software nginx / Resource Hash `a82db64ae2580c53c25c80ed9ab6e1678b81be4ca53788e3bdb7a4b619bbf904` Request headers Referer https://8jq1i.cn/?irPXZBBkISDMHD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 24 Feb 2021 12:04:28 GMT last-modified Mon, 22 Feb 2021 02:57:52 GMT server nginx vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-cache MISS content-type text/css cache-control max-age=43200, no-cache accept-ranges bytes content-length 100 expires Thu, 25 Feb 2021 00:04:28 GMT
GET H2	200	rakuten_pc_32px@2x_wm.png 8jq1i.cn/static/img/	4 KB 4 KB	190ms 190ms	Image image/png	23.249.22.242 ZNET
General Check archive.org Show headers Download Go to Show image Full URL https://8jq1i.cn/static/img/rakuten_pc_32px@2x_wm.png Requested by Host: 8jq1i.cn URL: https://8jq1i.cn/?irPXZBBkISDMHD Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.249.22.242 Tokyo, Japan, ASN21859 (ZNET, US), Reverse DNS Software nginx / Resource Hash `6da28d7a134d543417892f859bad07f0ac729296d84618a57d30b31810cea58a` Request headers Referer https://8jq1i.cn/?irPXZBBkISDMHD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 24 Feb 2021 12:04:29 GMT last-modified Mon, 22 Feb 2021 02:57:52 GMT server nginx vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-cache MISS content-type image/png cache-control max-age=43200, no-cache accept-ranges bytes content-length 3746 expires Thu, 25 Feb 2021 00:04:29 GMT
GET H2	200	t.gif 8jq1i.cn/static/img/	43 B 305 B	180ms 179ms	Image image/gif	23.249.22.242 ZNET
General Check archive.org Show headers Download Go to Show image Full URL https://8jq1i.cn/static/img/t.gif Requested by Host: 8jq1i.cn URL: https://8jq1i.cn/?irPXZBBkISDMHD Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.249.22.242 Tokyo, Japan, ASN21859 (ZNET, US), Reverse DNS Software nginx / Resource Hash `b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b` Request headers Referer https://8jq1i.cn/?irPXZBBkISDMHD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 24 Feb 2021 12:04:29 GMT last-modified Mon, 22 Feb 2021 02:57:52 GMT server nginx vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-cache MISS content-type image/gif cache-control max-age=43200, no-cache accept-ranges bytes content-length 43 expires Thu, 25 Feb 2021 00:04:29 GMT
GET H2	200	stop_540x249.png 8jq1i.cn/static/img/	57 KB 57 KB	200ms 199ms	Image image/png	23.249.22.242 ZNET
General Check archive.org Show headers Download Go to Show image Full URL https://8jq1i.cn/static/img/stop_540x249.png Requested by Host: 8jq1i.cn URL: https://8jq1i.cn/?irPXZBBkISDMHD Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.249.22.242 Tokyo, Japan, ASN21859 (ZNET, US), Reverse DNS Software nginx / Resource Hash `e1039b942a52729c7bd4fe9427a4f8a86816142ef90dd2be9b6ffcd353145a02` Request headers Referer https://8jq1i.cn/?irPXZBBkISDMHD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 24 Feb 2021 12:04:29 GMT last-modified Mon, 22 Feb 2021 02:57:52 GMT server nginx vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-cache MISS content-type image/png cache-control max-age=43200, no-cache accept-ranges bytes content-length 58080 expires Thu, 25 Feb 2021 00:04:29 GMT
GET H2	200	rakuten_pc_20px@2x.png 8jq1i.cn/static/img/	2 KB 3 KB	179ms 178ms	Image image/png	23.249.22.242 ZNET
General Check archive.org Show headers Download Go to Show image Full URL https://8jq1i.cn/static/img/rakuten_pc_20px@2x.png Requested by Host: 8jq1i.cn URL: https://8jq1i.cn/?irPXZBBkISDMHD Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.249.22.242 Tokyo, Japan, ASN21859 (ZNET, US), Reverse DNS Software nginx / Resource Hash `62775ef2856f63d6399abc1d54077916df8d62b16414816012b9ff0fad4efada` Request headers Referer https://8jq1i.cn/?irPXZBBkISDMHD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 24 Feb 2021 12:04:29 GMT last-modified Mon, 22 Feb 2021 02:57:52 GMT server nginx vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-cache MISS content-type image/png cache-control max-age=43200, no-cache accept-ranges bytes content-length 2484 expires Thu, 25 Feb 2021 00:04:29 GMT
GET H2	200	challenger.css 8jq1i.cn/static/css/	2 KB 931 B	185ms 184ms	Stylesheet text/css	23.249.22.242 ZNET
General Check archive.org Show headers Download Go to Full URL https://8jq1i.cn/static/css/challenger.css Requested by Host: 8jq1i.cn URL: https://8jq1i.cn/?irPXZBBkISDMHD Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.249.22.242 Tokyo, Japan, ASN21859 (ZNET, US), Reverse DNS Software nginx / Resource Hash `7a6a7a40c68cebdf9ce6829ffdf782b7da922d049cf39c3ba911b5491f4683e7` Request headers Referer https://8jq1i.cn/?irPXZBBkISDMHD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 24 Feb 2021 12:04:29 GMT content-encoding gzip last-modified Mon, 22 Feb 2021 02:57:52 GMT server nginx vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-cache MISS content-type text/css cache-control max-age=43200, no-cache expires Thu, 25 Feb 2021 00:04:29 GMT
GET H2	200	pop.gif 8jq1i.cn/static/img/	75 B 337 B	178ms 177ms	Image image/gif	23.249.22.242 ZNET
General Check archive.org Show headers Download Go to Show image Full URL https://8jq1i.cn/static/img/pop.gif Requested by Host: 8jq1i.cn URL: https://8jq1i.cn/?irPXZBBkISDMHD Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.249.22.242 Tokyo, Japan, ASN21859 (ZNET, US), Reverse DNS Software nginx / Resource Hash `7ab9a4d7f597471f82e8ebc6019525cd45f81decff7853062056a3c3417eba59` Request headers Referer https://8jq1i.cn/?irPXZBBkISDMHD User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 24 Feb 2021 12:04:29 GMT last-modified Mon, 22 Feb 2021 02:57:52 GMT server nginx vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-cache MISS content-type image/gif cache-control max-age=43200, no-cache accept-ranges bytes content-length 75 expires Thu, 25 Feb 2021 00:04:29 GMT
GET H2	200	bg_btn_red_btm.gif 8jq1i.cn/static/img/	442 B 705 B	178ms 177ms	Image image/gif	23.249.22.242 ZNET
General Check archive.org Show headers Download Go to Show image Full URL https://8jq1i.cn/static/img/bg_btn_red_btm.gif Requested by Host: 8jq1i.cn URL: https://8jq1i.cn/static/css/common_login.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.249.22.242 Tokyo, Japan, ASN21859 (ZNET, US), Reverse DNS Software nginx / Resource Hash `175cf3a6b7549f715fffaddc3ec5c9f92717e7c5f63b7e36ea9592e091a80a67` Request headers Referer https://8jq1i.cn/static/css/common_login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 24 Feb 2021 12:04:29 GMT last-modified Mon, 22 Feb 2021 02:57:52 GMT server nginx vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-cache MISS content-type image/gif cache-control max-age=43200, no-cache accept-ranges bytes content-length 442 expires Thu, 25 Feb 2021 00:04:29 GMT
GET H2	200	bg_btn_red_top.gif 8jq1i.cn/static/img/	2 KB 2 KB	179ms 178ms	Image image/gif	23.249.22.242 ZNET
General Check archive.org Show headers Download Go to Show image Full URL https://8jq1i.cn/static/img/bg_btn_red_top.gif Requested by Host: 8jq1i.cn URL: https://8jq1i.cn/static/css/common_login.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.249.22.242 Tokyo, Japan, ASN21859 (ZNET, US), Reverse DNS Software nginx / Resource Hash `849cd9d1c481a1b45559f5e833f40e13ee666842e6f8ba72c8e1cad9c8c15f6d` Request headers Referer https://8jq1i.cn/static/css/common_login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 24 Feb 2021 12:04:29 GMT last-modified Mon, 22 Feb 2021 02:57:52 GMT server nginx vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-cache MISS content-type image/gif cache-control max-age=43200, no-cache accept-ranges bytes content-length 1885 expires Thu, 25 Feb 2021 00:04:29 GMT
GET H2	200	icon_btn_arrow.gif 8jq1i.cn/static/img/	60 B 322 B	177ms 177ms	Image image/gif	23.249.22.242 ZNET
General Check archive.org Show headers Download Go to Show image Full URL https://8jq1i.cn/static/img/icon_btn_arrow.gif Requested by Host: 8jq1i.cn URL: https://8jq1i.cn/static/css/common_login.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.249.22.242 Tokyo, Japan, ASN21859 (ZNET, US), Reverse DNS Software nginx / Resource Hash `d8aac016132945bbe5a1f88a60206628c5d7c12e69917cb5fcbee4a7c24440c6` Request headers Referer https://8jq1i.cn/static/css/common_login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 24 Feb 2021 12:04:29 GMT last-modified Mon, 22 Feb 2021 02:57:52 GMT server nginx vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-cache MISS content-type image/gif cache-control max-age=43200, no-cache accept-ranges bytes content-length 60 expires Thu, 25 Feb 2021 00:04:29 GMT
GET H2	200	info.gif 8jq1i.cn/static/img/	360 B 623 B	179ms 178ms	Image image/gif	23.249.22.242 ZNET
General Check archive.org Show headers Download Go to Show image Full URL https://8jq1i.cn/static/img/info.gif Requested by Host: 8jq1i.cn URL: https://8jq1i.cn/static/css/common_login.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.249.22.242 Tokyo, Japan, ASN21859 (ZNET, US), Reverse DNS Software nginx / Resource Hash `33be38e33c8eb9aa13a4ed44c2e2813207bef13a5ba265818e485f0ebbc83f3b` Request headers Referer https://8jq1i.cn/static/css/common_login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 24 Feb 2021 12:04:29 GMT last-modified Mon, 22 Feb 2021 02:57:52 GMT server nginx vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-cache MISS content-type image/gif cache-control max-age=43200, no-cache accept-ranges bytes content-length 360 expires Thu, 25 Feb 2021 00:04:29 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Rakuten (E-commerce)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8jq1i.cn
urldefense.com
23.249.22.242
52.204.90.22
175cf3a6b7549f715fffaddc3ec5c9f92717e7c5f63b7e36ea9592e091a80a67
2771191104d71c188d9dbdb97ce74cc190b1bd377275e0201bef4648bfc0f186
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
33be38e33c8eb9aa13a4ed44c2e2813207bef13a5ba265818e485f0ebbc83f3b
3db3a37c8b57df998874da0335cc2f35d75df401c20200498547ac0f486af4b8
62775ef2856f63d6399abc1d54077916df8d62b16414816012b9ff0fad4efada
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6da28d7a134d543417892f859bad07f0ac729296d84618a57d30b31810cea58a
7a6a7a40c68cebdf9ce6829ffdf782b7da922d049cf39c3ba911b5491f4683e7
7ab9a4d7f597471f82e8ebc6019525cd45f81decff7853062056a3c3417eba59
849cd9d1c481a1b45559f5e833f40e13ee666842e6f8ba72c8e1cad9c8c15f6d
8c18139032ae0385b15a78d32b8deb3c392940f4e34c79fbdd1a069f46f5213c
9c9797b6e4667df722ba99354080145bcfdae2bafd7601647e3400fc85d02b37
a82db64ae2580c53c25c80ed9ab6e1678b81be4ca53788e3bdb7a4b619bbf904
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
d8aac016132945bbe5a1f88a60206628c5d7c12e69917cb5fcbee4a7c24440c6
e1039b942a52729c7bd4fe9427a4f8a86816142ef90dd2be9b6ffcd353145a02

8jq1i.cn Open in urlscan Pro 23.249.22.242 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

124 kBTransfer

210 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

0 Cookies

Indicators

8jq1i.cn Open in urlscan Pro
23.249.22.242 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

124 kB
Transfer

210 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!