webmail.vbtgj.asia Open in urlscan Pro
23.224.233.87  Malicious Activity! Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request t5.html Show response webmail.vbtgj.asia/index/	73 KB 15 KB	1555ms 389ms	Document text/html	23.224.233.87 CNSERVERS
General Check archive.org Show headers Download Go to Full URL https://webmail.vbtgj.asia/index/t5.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.224.233.87 , United States, ASN40065 (CNSERVERS, US), Reverse DNS Software nginx / Resource Hash ac6a33b1bf70dcba718c4c6c0e7c7bd8cca2b68cc6eff772b6e8e1ea20c2dd9c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=utf-8 date Fri, 12 May 2023 13:03:08 GMT server nginx strict-transport-security max-age=31536000 vary Accept-Encoding
GET H2	200	style.css webmail.vbtgj.asia/static/templete/outlook/static/css/	146 KB 27 KB	209ms 208ms	Stylesheet text/css	23.224.233.87 CNSERVERS
General Check archive.org Show headers Download Go to Full URL https://webmail.vbtgj.asia/static/templete/outlook/static/css/style.css Requested by Host: webmail.vbtgj.asia URL: https://webmail.vbtgj.asia/index/t5.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.224.233.87 , United States, ASN40065 (CNSERVERS, US), Reverse DNS Software nginx / Resource Hash e1d056c337d6028e6ded60e32cface28c6dfd8de734880c3f1908d3427657a85 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://webmail.vbtgj.asia/index/t5.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Fri, 12 May 2023 13:03:08 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Thu, 13 Apr 2023 11:53:56 GMT server nginx etag W/"6437ed54-24609" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Sat, 13 May 2023 01:03:08 GMT
GET H/1.1	200 OK	53_8b36337037cff88c3df203bb73d58e41.png aadcdn.msauth.cn/shared/1.0/content/images/applogos/	5 KB 6 KB	483ms 7ms	Image image/png	163.171.132.119 QUANTILNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauth.cn/shared/1.0/content/images/applogos/53_8b36337037cff88c3df203bb73d58e41.png Requested by Host: webmail.vbtgj.asia URL: https://webmail.vbtgj.asia/index/t5.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, CA), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898 Request headers accept-language de-DE,de;q=0.9 Referer https://webmail.vbtgj.asia/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers x-ms-blob-type BlockBlob Date Fri, 12 May 2023 13:03:09 GMT Content-MD5 izYzcDfP+Iw98gO7c9WOQQ== Age 1 X-Cache HIT from cache.51cdn.com X-Via 1.1 PSmglsjLAX2ui163:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:17 (Cdn Cache Server V2.0) Connection keep-alive Content-Length 5139 x-ms-lease-status unlocked Last-Modified Wed, 12 Feb 2020 03:12:12 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 ETag 0x8D7AF695A8C44DC X-Ws-Request-Id 645e390d_PSdgflkfFRA2gb73_46122-51417 Content-Type image/png Access-Control-Allow-Origin * x-ms-request-id a141c211-a01e-005d-2813-228b5b000000 Access-Control-Expose-Headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Cache-Control public, max-age=31536000 x-ms-version 2009-09-19
GET H/1.1	200 OK	signin-options_4e48046ce74f4b89d45037c90576bfac.svg aadcdn.msauth.cn/shared/1.0/content/images/	2 KB 2 KB	484ms 10ms	Image image/svg+xml	163.171.132.119 QUANTILNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauth.cn/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg Requested by Host: webmail.vbtgj.asia URL: https://webmail.vbtgj.asia/index/t5.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, CA), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93 Request headers accept-language de-DE,de;q=0.9 Referer https://webmail.vbtgj.asia/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers x-ms-blob-type BlockBlob Date Fri, 12 May 2023 13:03:09 GMT Content-Encoding gzip Content-MD5 R2FAVxfpONfnQAuxVxXbHg== Age 1 X-Cache HIT from cache.51cdn.com X-Via 1.1 hx172:10 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2ff185:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2po75:13 (Cdn Cache Server V2.0) Connection keep-alive Content-Length 621 x-ms-lease-status unlocked Last-Modified Tue, 10 Nov 2020 03:41:24 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 ETag 0x8D8852A7FA6B761 X-Ws-Request-Id 645e390d_PSdgflkfFRA2po75_27370-57331 Content-Type image/svg+xml Access-Control-Allow-Origin * x-ms-request-id 40bd392c-b01e-0000-5873-483773000000 Access-Control-Expose-Headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Cache-Control public, max-age=31536000 x-ms-version 2009-09-19
GET H/1.1	200 OK	arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg aadcdn.msauth.cn/shared/1.0/content/images/	513 B 1 KB	484ms 10ms	Image image/svg+xml	163.171.132.119 QUANTILNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauth.cn/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg Requested by Host: webmail.vbtgj.asia URL: https://webmail.vbtgj.asia/index/t5.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, CA), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58 Request headers accept-language de-DE,de;q=0.9 Referer https://webmail.vbtgj.asia/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers x-ms-blob-type BlockBlob Date Fri, 12 May 2023 13:03:09 GMT Content-Encoding gzip Content-MD5 TjUQkZ0p0Y7rbj6LJofS9Q== Age 1 X-Cache HIT from cache.51cdn.com X-Via 1.1 hx171:1 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2ff185:8 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2lp71:15 (Cdn Cache Server V2.0) Connection keep-alive Content-Length 276 x-ms-lease-status unlocked Last-Modified Fri, 17 Jan 2020 19:28:34 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 ETag 0x8D79B8371B97A82 X-Ws-Request-Id 645e390d_PSdgflkfFRA2po75_28669-44590 Content-Type image/svg+xml Access-Control-Allow-Origin * x-ms-request-id e038b528-b01e-0000-26ed-683773000000 Access-Control-Expose-Headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Cache-Control public, max-age=31536000 x-ms-version 2009-09-19
GET H2	200	jquery.js Show response cdn.bootcdn.net/ajax/libs/jquery/3.6.4/	286 KB 99 KB	4342ms 302ms	Script text/javascript	220.197.201.185 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://cdn.bootcdn.net/ajax/libs/jquery/3.6.4/jquery.js Requested by Host: webmail.vbtgj.asia URL: https://webmail.vbtgj.asia/index/t5.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 220.197.201.185 Kunming, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software nginx / PHP/7.4.19 Resource Hash 6bd8c1051ca05f5061e65b7c1998d70f3c8e07e6d6bdef4488eeed44e52d8ff1 Security Headers Name Value Strict-Transport-Security max-age=63072000; Request headers accept-language de-DE,de;q=0.9 Referer https://webmail.vbtgj.asia/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Fri, 12 May 2023 12:55:50 GMT content-encoding gzip x-cache-lookup Cache Miss, Cache Miss server nginx strict-transport-security max-age=63072000; x-powered-by PHP/7.4.19 vary Accept-Encoding access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-type text/javascript;charset=UTF-8 access-control-max-age 1800 access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true x-nws-log-uuid 12871519114668555864 access-control-allow-headers Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	29 KB 12 KB	1489ms 346ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?3226b22f2a06945ceb732c2228e96b24 Requested by Host: webmail.vbtgj.asia URL: https://webmail.vbtgj.asia/index/t5.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash 6c23230b47a0d38668f061edfa028e493681bc72f928acb5473a49948b8fa983 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers accept-language de-DE,de;q=0.9 Referer https://webmail.vbtgj.asia/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Date Fri, 12 May 2023 13:03:10 GMT Content-Encoding gzip Strict-Transport-Security max-age=172800 Server apache Etag 34d8783a67ea63f00ff1fc06079fb200 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Content-Type application/javascript Cache-Control max-age=0, must-revalidate Content-Length 11266
GET H/1.1	200 OK	49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg aadcdn.msauth.cn/shared/1.0/content/images/appbackgrounds/	987 B 2 KB	311ms 82ms	Image image/jpeg	163.171.132.119 QUANTILNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauth.cn/shared/1.0/content/images/appbackgrounds/49-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg Requested by Host: webmail.vbtgj.asia URL: https://webmail.vbtgj.asia/index/t5.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, CA), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d Request headers accept-language de-DE,de;q=0.9 Referer https://webmail.vbtgj.asia/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers x-ms-blob-type BlockBlob Date Fri, 12 May 2023 13:03:09 GMT Content-MD5 5YqvyYBhSpzXeWvqe16o8A== Age 1 X-Cache HIT from cache.51cdn.com X-Via 1.1 PS-YUL-01Ge696:12 (Cdn Cache Server V2.0), 1.1 kf230:7 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:8 (Cdn Cache Server V2.0) Connection keep-alive Content-Length 987 x-ms-lease-status unlocked Last-Modified Fri, 27 Mar 2020 19:41:47 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 ETag 0x8D7D286E322A911 X-Ws-Request-Id 645e390d_PSdgflkfFRA2po75_32842-13252 Content-Type image/jpeg Access-Control-Allow-Origin * x-ms-request-id 0b59202f-301e-0008-1a96-816f62000000 Access-Control-Expose-Headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Cache-Control public, max-age=31536000 x-ms-version 2009-09-19
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	369ms 368ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1232184263&si=3226b22f2a06945ceb732c2228e96b24&v=1.3.0&lv=1&sn=40301&r=0&ww=1600&u=https%3A%2F%2Fwebmail.vbtgj.asia%2Findex%2Ft5.html&tt=%E7%99%BB%E5%BD%95%E5%88%B0%20Outlook Requested by Host: webmail.vbtgj.asia URL: https://webmail.vbtgj.asia/index/t5.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://webmail.vbtgj.asia/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Pragma no-cache Date Fri, 12 May 2023 13:03:11 GMT Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Server apache Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| _hmt boolean| _bdhm_loaded_3226b22f2a06945ceb732c2228e96b24 object| mini_tangram_log_9zrfhh function| $ function| jQuery function| chekmail

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			webmail.vbtgj.asia/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1a77978d46124247990d0a4daab542d1
			.hm.baidu.com/	1970-01-20 21:20:56	Name: HMACCOUNT_BFESS Value: 2E2B9A3C3B03FA86
			.webmail.vbtgj.asia/	1970-01-20 20:30:32	Name: Hm_lvt_3226b22f2a06945ceb732c2228e96b24 Value: 1683896591
			.webmail.vbtgj.asia/	1969-12-31 23:59:59	Name: Hm_lpvt_3226b22f2a06945ceb732c2228e96b24 Value: 1683896591
			cdn.bootcdn.net/	1970-01-20 11:46:01	Name: timestep2_flag Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.cn
cdn.bootcdn.net
hm.baidu.com
webmail.vbtgj.asia
103.235.46.191
163.171.132.119
220.197.201.185
23.224.233.87
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
6bd8c1051ca05f5061e65b7c1998d70f3c8e07e6d6bdef4488eeed44e52d8ff1
6c23230b47a0d38668f061edfa028e493681bc72f928acb5473a49948b8fa983
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
ac6a33b1bf70dcba718c4c6c0e7c7bd8cca2b68cc6eff772b6e8e1ea20c2dd9c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e1d056c337d6028e6ded60e32cface28c6dfd8de734880c3f1908d3427657a85
e4e1e65871749d18aea150643c07e0aab2057da057c6c57ec1c3c43580e1c898