urlscan.io logo urlscan.io
SecurityTrails logo

faefzsfv.i6j9d8kx.xyz Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://xsj088.com/?inviteCode=103538
Effective URL: https://faefzsfv.i6j9d8kx.xyz/?inviteCode=103538
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On November 02 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is faefzsfv.i6j9d8kx.xyz.
TLS certificate: Issued by WE1 on October 8th 2024. Valid for: 3 months.
This is the only time faefzsfv.i6j9d8kx.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 152.32.214.136 135377 (UCLOUD-HK...)
6 206.119.178.23 133199 (SONDERCLO...)
1 188.114.96.3 13335 (CLOUDFLAR...)
1 188.114.97.3 13335 (CLOUDFLAR...)
15 4
Apex Domain
Subdomains		 Transfer
6 xsj088.xyz
xsj088.xyz
312 KB
2 i6j9d8kx.xyz
faefzsfv.i6j9d8kx.xyz
7 KB
1 xsj088.com
xsj088.com
135 B
0 dcloud.net.cn Failed
cdn.dcloud.net.cn Failed
15 4
Domain Requested by
6 xsj088.xyz xsj088.xyz
2 faefzsfv.i6j9d8kx.xyz xsj088.xyz
faefzsfv.i6j9d8kx.xyz
1 xsj088.com 1 redirects
0 cdn.dcloud.net.cn Failed xsj088.xyz
15 4

This site contains no links.

Subject Issuer Validity Valid
xsj088.xyz
R10		 2024-10-25 -
2025-01-23		 3 months crt.sh
i6j9d8kx.xyz
WE1		 2024-10-08 -
2025-01-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://faefzsfv.i6j9d8kx.xyz/?inviteCode=103538
Frame ID: 737FC5EC997BAEBA73F1449956484E04
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NEW WORLD 百度一下,你就知道

Page URL History Show full URLs

  1. https://xsj088.com/?inviteCode=103538 HTTP 302
    https://xsj088.xyz/?inviteCode=103538 Page URL
  2. https://faefzsfv.i6j9d8kx.xyz/?inviteCode=103538 Page URL

Page Statistics

15
Requests

53 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

324 kB
Transfer

932 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://xsj088.com/?inviteCode=103538 HTTP 302
    https://xsj088.xyz/?inviteCode=103538 Page URL
  2. https://faefzsfv.i6j9d8kx.xyz/?inviteCode=103538 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://xsj088.com/?inviteCode=103538 HTTP 302
  • https://xsj088.xyz/?inviteCode=103538

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
xsj088.xyz/
Redirect Chain
  • https://xsj088.com/?inviteCode=103538
  • https://xsj088.xyz/?inviteCode=103538
781 B
935 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xsj088.xyz/?inviteCode=103538
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.119.178.23 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
dacc6706344cf57b1105ce356fa61337384fd24aaec83d5e4a7c37d6468dcdee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
781
content-type
text/html
date
Sat, 02 Nov 2024 22:14:51 GMT
etag
"6695d3b4-30d"
last-modified
Tue, 16 Jul 2024 01:58:12 GMT
server
nginx
strict-transport-security
max-age=31536000

Redirect headers

content-type
text/html; charset=UTF-8
date
Sat, 02 Nov 2024 22:14:50 GMT
location
https://xsj088.xyz?inviteCode=103538
server
nginx
strict-transport-security
max-age=31536000
index.2da1efab.css
xsj088.xyz/static/ 		94 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xsj088.xyz/static/index.2da1efab.css
Requested by
Host: xsj088.xyz
URL: https://xsj088.xyz/?inviteCode=103538
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.119.178.23 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
e97de9a247807f12d74101e9f736250b2410be4e1ed3d17ed875e4b08cf66c83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xsj088.xyz/?inviteCode=103538

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6695d3b4-178f9"
expires
Sun, 03 Nov 2024 10:14:51 GMT
date
Sat, 02 Nov 2024 22:14:51 GMT
content-type
text/css
last-modified
Tue, 16 Jul 2024 01:58:12 GMT
server
nginx
vary
Accept-Encoding
chunk-vendors.fbe855ac.js
xsj088.xyz/static/js/ 		776 KB
271 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsj088.xyz/static/js/chunk-vendors.fbe855ac.js
Requested by
Host: xsj088.xyz
URL: https://xsj088.xyz/?inviteCode=103538
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.119.178.23 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
682be307a78601bb96350809a7cf9016fd686a21dfdfae4ecd4d6a77b8d53676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xsj088.xyz/?inviteCode=103538

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6695d3b4-c1f99"
expires
Sun, 03 Nov 2024 10:14:51 GMT
date
Sat, 02 Nov 2024 22:14:51 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 01:58:12 GMT
server
nginx
vary
Accept-Encoding
index.bd93c33d.js
xsj088.xyz/static/js/ 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsj088.xyz/static/js/index.bd93c33d.js
Requested by
Host: xsj088.xyz
URL: https://xsj088.xyz/?inviteCode=103538
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.119.178.23 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
0a9aad4ac9a2e3f98adaf548e47a79fbdc0d773af8806f8d65ec2186c9cc7c80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xsj088.xyz/?inviteCode=103538

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6695d3b4-9531"
expires
Sun, 03 Nov 2024 10:14:51 GMT
date
Sat, 02 Nov 2024 22:14:51 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 01:58:12 GMT
server
nginx
vary
Accept-Encoding
pages-index-index.d82a81a4.js
xsj088.xyz/static/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsj088.xyz/static/js/pages-index-index.d82a81a4.js
Requested by
Host: xsj088.xyz
URL: https://xsj088.xyz/static/js/index.bd93c33d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.119.178.23 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
82ad2f408831882c21f42b26277582a0d3dc770583b8fd10cdc1a96d16f1a0cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xsj088.xyz/?inviteCode=103538

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6695d3b4-b9f"
expires
Sun, 03 Nov 2024 10:14:53 GMT
date
Sat, 02 Nov 2024 22:14:53 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 01:58:12 GMT
server
nginx
vary
Accept-Encoding
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
urllist.php
xsj088.xyz/api/v1/url/ 		282 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xsj088.xyz/api/v1/url/urllist.php
Requested by
Host: xsj088.xyz
URL: https://xsj088.xyz/static/js/chunk-vendors.fbe855ac.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.119.178.23 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
55ef766a0c8146291800c5f02ec5a2e7590081a5990b90bd5e00e4353603f134
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://xsj088.xyz/?inviteCode=103538

Response headers

strict-transport-security
max-age=31536000
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
expires
Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin
*
date
Sat, 02 Nov 2024 22:14:53 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx
access-control-allow-headers
Content-Type
ping.json
faefzsfv.i6j9d8kx.xyz/ 		42 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://faefzsfv.i6j9d8kx.xyz/ping.json?t=0.34631703595072216
Requested by
Host: xsj088.xyz
URL: https://xsj088.xyz/static/js/chunk-vendors.fbe855ac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xsj088.xyz/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=abIbtB47WkX%2BwJIJpcr41m%2BHr5rZJt2FEfVxtJL6EU0fE8PjXTESQLjlpgUpcbiRbtquJ8%2F2yYa4OhsIHybSUZ5JKBzRHR%2F659Nax4jogBvCe9VSDTwjp7kDeTnQPS4p1tYGA6yAuII%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
cf-ray
8dc77aec2f62bc6e-ZRH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
42
server-timing
cfL4;desc="?proto=TCP&rtt=13792&sent=8&recv=10&lost=0&retrans=0&sent_bytes=3961&recv_bytes=2222&delivery_rate=282208&cwnd=254&unsent_bytes=0&cid=d3cef58ab7426ecd&ts=817&x=0"
date
Sat, 02 Nov 2024 22:14:54 GMT
content-type
application/json
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
Primary Request /
faefzsfv.i6j9d8kx.xyz/ 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://faefzsfv.i6j9d8kx.xyz/?inviteCode=103538
Requested by
Host: xsj088.xyz
URL: https://xsj088.xyz/static/js/pages-index-index.d82a81a4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
771e112e10d450c0487668e30a8fbf823ea8c0a14daf4e09095cfe1c4641e9c8

Request headers

Referer
https://xsj088.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8dc77af3ce5c4c61-MXP
content-encoding
br
content-type
text/html
date
Sat, 02 Nov 2024 22:14:56 GMT
last-modified
Fri, 23 Aug 2024 18:59:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zSNsgzzAfpTF0Zzg3jUzyHlZSLF3GyV%2BwvCHex2f5I%2BQXp3%2B8kSVmqjeDraP0dgxzVYDavwbccH4HKYGoFw5K8zU4cu60x08V4lSf3fahfQk%2FkldgdQIvPNhf3OHBW7s3LspktckOkQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=19648&sent=8&recv=9&lost=0&retrans=0&sent_bytes=3961&recv_bytes=2315&delivery_rate=196801&cwnd=254&unsent_bytes=0&cid=b69c0e15fd7f0e7d&ts=920&x=0"
vary
Accept-Encoding
shadow-grey.png
cdn.dcloud.net.cn/img/ 		0
0
common.css
faefzsfv.i6j9d8kx.xyz/style/ 		0
0
Polyfill.js
faefzsfv.i6j9d8kx.xyz/js/ 		0
0
rem.js
faefzsfv.i6j9d8kx.xyz/js/ 		0
0
jquery-1.10.1.min.js
faefzsfv.i6j9d8kx.xyz/Swiper-2.7.6/demos/js/ 		0
0
global.js
faefzsfv.i6j9d8kx.xyz/js/ 		0
0
layer.js
faefzsfv.i6j9d8kx.xyz/3.1.1/ 		0
0
truncated
/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3b812720c532be020fff8ed451ce81c5bdcad52993cf88b0e0385fbdae1b2bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://faefzsfv.i6j9d8kx.xyz
Referer

Response headers

Content-Type
application/octet-stream

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.dcloud.net.cn
URL
https://cdn.dcloud.net.cn/img/shadow-grey.png
Domain
faefzsfv.i6j9d8kx.xyz
URL
https://faefzsfv.i6j9d8kx.xyz/style/common.css
Domain
faefzsfv.i6j9d8kx.xyz
URL
https://faefzsfv.i6j9d8kx.xyz/js/Polyfill.js
Domain
faefzsfv.i6j9d8kx.xyz
URL
https://faefzsfv.i6j9d8kx.xyz/js/rem.js
Domain
faefzsfv.i6j9d8kx.xyz
URL
https://faefzsfv.i6j9d8kx.xyz/Swiper-2.7.6/demos/js/jquery-1.10.1.min.js
Domain
faefzsfv.i6j9d8kx.xyz
URL
https://faefzsfv.i6j9d8kx.xyz/js/global.js?_ift=j9n2tt2led84a2rgjljovijqq
Domain
faefzsfv.i6j9d8kx.xyz
URL
https://faefzsfv.i6j9d8kx.xyz/3.1.1/layer.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
xsj088.xyz/ Name: PHPSESSID
Value: ofvvefnkatice1lrkr9c424sqs

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000