70291d.com
Open in
urlscan Pro
154.210.41.5
Malicious Activity!
Public Scan
Effective URL: http://70291d.com/
Submission: On September 08 via api from US
Summary
This is the only time 70291d.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bet365 (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 160.124.9.183 160.124.9.183 | 132839 (POWERLINE...) (POWERLINE-AS-AP POWER LINE DATACENTER) | |
1 | 103.235.46.191 103.235.46.191 | 55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.) | |
18 | 154.210.41.5 154.210.41.5 | 134705 (ITACE-AS-...) (ITACE-AS-AP Itace International Limited) | |
1 | 163.171.132.119 163.171.132.119 | 54994 (QUANTILNE...) (QUANTILNETWORKS) | |
3 | 115.223.14.234 115.223.14.234 | 134771 (CHINATELE...) (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU) | |
1 | 203.119.213.181 203.119.213.181 | 37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.) | |
32 | 7 |
ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK)
renteslacar.com |
ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com |
ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN)
s9.cnzz.com | |
c.cnzz.com | |
icon.cnzz.com |
ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
z12.cnzz.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
70291d.com
70291d.com |
3 MB |
8 |
renteslacar.com
renteslacar.com |
82 KB |
4 |
cnzz.com
s9.cnzz.com c.cnzz.com z12.cnzz.com icon.cnzz.com |
6 KB |
1 |
shareinstall.com.cn
www.shareinstall.com.cn |
21 KB |
1 |
baidu.com
hm.baidu.com |
|
32 | 5 |
Domain | Requested by | |
---|---|---|
18 | 70291d.com |
renteslacar.com
70291d.com |
8 | renteslacar.com |
renteslacar.com
|
1 | icon.cnzz.com |
70291d.com
|
1 | z12.cnzz.com |
70291d.com
|
1 | c.cnzz.com |
s9.cnzz.com
|
1 | s9.cnzz.com |
70291d.com
|
1 | www.shareinstall.com.cn |
70291d.com
|
1 | hm.baidu.com |
renteslacar.com
|
32 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.cnzz.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
baidu.com GlobalSign Organization Validation CA - SHA256 - G2 |
2020-04-02 - 2021-07-26 |
a year | crt.sh |
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G2 |
2020-02-04 - 2021-02-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://70291d.com/
Frame ID: 8DFE0CC39C6F3A9AD64CA8F985C3839E
Requests: 33 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://renteslacar.com/ Page URL
- http://70291d.com/ Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://renteslacar.com/ Page URL
- http://70291d.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
renteslacar.com/ |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
view.css
renteslacar.com/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tj.js
renteslacar.com/js/ |
311 B 627 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tz.js
renteslacar.com/js/ |
0 312 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
69.jpg
renteslacar.com/pics/ |
49 KB 50 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hm.js
hm.baidu.com/ |
32 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
head_pic.gif
renteslacar.com/images/ |
9 KB 9 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homej_conbg3.gif
renteslacar.com/images/ |
8 KB 8 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homej_conbg.gif
renteslacar.com/images/ |
8 KB 8 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
70291d.com/ |
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reset.css
70291d.com/css/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.min.css
70291d.com/css/ |
21 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
swiper-bundle.min.css
70291d.com/css/ |
0 296 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jshareinstall.min.js
www.shareinstall.com.cn/js/page/ |
21 KB 21 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-android.png
70291d.com/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-ios.png
70291d.com/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-iosff.png
70291d.com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
swiper-bundle.min.js
70291d.com/js/ |
171 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
70291d.com/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.4.1.min.js
70291d.com/js/ |
86 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
z_stat.php
s9.cnzz.com/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core.php
c.cnzz.com/ |
972 B 902 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stat.htm
z12.cnzz.com/ |
2 B 112 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pic.gif
icon.cnzz.com/img/ |
719 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-w.png
70291d.com/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img-slogan.png
70291d.com/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img-voice.png
70291d.com/images/ |
279 KB 279 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img-facekini.png
70291d.com/images/ |
844 KB 844 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img-camera.png
70291d.com/images/ |
294 KB 294 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img-square.png
70291d.com/images/ |
786 KB 787 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img-chat.png
70291d.com/images/ |
389 KB 390 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img-video1.webp
70291d.com/images/ |
825 KB 825 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bet365 (Entertainment)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1279226923 object| cnzz_image_1816794974 function| ShareInstall function| createCopy function| _typeof function| Swiper function| $ function| jQuery function| jump0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
70291d.com
c.cnzz.com
hm.baidu.com
icon.cnzz.com
renteslacar.com
s9.cnzz.com
www.shareinstall.com.cn
z12.cnzz.com
103.235.46.191
115.223.14.234
154.210.41.5
160.124.9.183
163.171.132.119
203.119.213.181
01f3aa79565e084a1dce5b73518fc06bc848794f7f405758dc393ee07981cda1
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
13b142b3062c79ffa7fcca1d036a1e7ed35f3f14db0a8704e0dcf8e71045adb6
1b0af35b9a2018c6c8b959a903ddb17c08854090c13712417eb9910c58b97204
2f01e855edfbb04f1314e8879c9f509086e915405a2c013abb8a4a066c2f0d7f
30999ec3d6420337276e3f78e6e52a8375f7cfd9ebfad45f7655caaa9c95b5fc
47ffda376fe5c6d2166168188c70c8280c71906c471af42c2bdb0bd42a76dcc3
52658b6b1d866b1a305f8783dd717215bc378bbf188e827de181508a5b4faad5
53def3b5bb559c55facea5faa07e8084ea052049c9cb92072b10ca5066625107
61c941d30a6671b5db811241cf4f1e7c992f8d29560df7100ef58044972d38ab
77a6b3fd10729365563d93f04d311ee9afd4ad06508a9b7f70ec909d17f9153b
78c5ac92be4516dbe30b0d16f744c48c948deb77f0599ce16a7ae918fb05ba6f
79dbf896196c846a90b77a4de7cc9c273b4992249a55e78fc3a2cc01c1bccece
8f491dbd86f40982f7cb5e195d050d4a37ca304acbbbc4f93ffae2cbf3e67858
92559065cbd01c8754c62c22b216ab49c310c06b10857481ae9d60325fb3d073
98a4ab97e12555ab969012d151a578dae7a3b8699d202485fcf8116e55497735
9d92d64044bbd3661a545035367bf8e505001ad731c69d46e3f52edd67f6ca70
9f3bb052fa1318b89e42be47659df75b1e0573e5fa111a0db4b95f84583a78f9
b1480f41af8480cad6160fea1cc903a3af57b36f78873727f6df539fbfaefb2e
bb138e0b4e0d9c2b27d3c3b5175303dacc2fad243c80cf0806076accc3e1a3cf
c16761a4a38beed27fcdc124bb8c74c142ed915e7b659f387d682387ca91ce86
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cbb302d4ea6aaa8c105df8d90a928d83d164905739e3c0373a9287228759d99f
cdb4c264a36885a19131c57f47efd0b9077cbe87cc939baceabfa2f2760523a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c6931f2971aca9958d9a006b22f1848e147241c593a55b21296dee9c2bf1eb
e5b70ad5e7220a163e2108aefbcbccdf72ee7f47da2e9aef8886ec3bf355c618
f80fdd5672c8ca331a68019b59abf1bfed9da47dd27484f43eb01a8882743603