Submitted URL: http://ajehvnd.cn/
Effective URL: https://tqxvo1hqzbbgx.yydctea.com/
Submission: On May 19 via api from US — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 23 HTTP transactions. The main IP is 38.239.80.143, located in United States and belongs to DXTL-HK DXTL Tseung Kwan O Service, HK. The main domain is tqxvo1hqzbbgx.yydctea.com.
TLS certificate: Issued by R3 on April 9th 2024. Valid for: 3 months.
This is the only time tqxvo1hqzbbgx.yydctea.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 38.238.4.143 134548 (DXTL-HK D...)
20 38.239.80.143 134548 (DXTL-HK D...)
2 111.45.11.83 56040 (CMNET-GUA...)
23 3
Apex Domain
Subdomains
Transfer
20 yydctea.com
tqxvo1hqzbbgx.yydctea.com
2 MB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 10507
12 KB
1 ajehvnd.cn
ajehvnd.cn
124 B
0 iis7.com Failed
ad.iis7.com Failed
23 4
Domain Requested by
20 tqxvo1hqzbbgx.yydctea.com tqxvo1hqzbbgx.yydctea.com
2 hm.baidu.com tqxvo1hqzbbgx.yydctea.com
1 ajehvnd.cn 1 redirects
0 ad.iis7.com Failed tqxvo1hqzbbgx.yydctea.com
23 4

This site contains no links.

Subject Issuer Validity Valid
spiderinfo.cn
R3
2024-04-09 -
2024-07-08
3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018
2023-07-06 -
2024-08-06
a year crt.sh

This page contains 1 frames:

Primary Page: https://tqxvo1hqzbbgx.yydctea.com/
Frame ID: 467BF3943CC19C8E05A8197300201240
Requests: 23 HTTP requests in this frame

Screenshot

Page Title

爱游戏(ayx)中国官方网站

Page URL History Show full URLs

  1. http://ajehvnd.cn/ HTTP 307
    https://ajehvnd.cn/ HTTP 301
    http://tqxvo1hqzbbgx.yydctea.com/ HTTP 307
    https://tqxvo1hqzbbgx.yydctea.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Page Statistics

23
Requests

9 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

2483 kB
Transfer

2516 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ajehvnd.cn/ HTTP 307
    https://ajehvnd.cn/ HTTP 301
    http://tqxvo1hqzbbgx.yydctea.com/ HTTP 307
    https://tqxvo1hqzbbgx.yydctea.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
tqxvo1hqzbbgx.yydctea.com/
Redirect Chain
  • http://ajehvnd.cn/
  • https://ajehvnd.cn/
  • http://tqxvo1hqzbbgx.yydctea.com/
  • https://tqxvo1hqzbbgx.yydctea.com/
13 KB
3 KB
Document
General
Full URL
https://tqxvo1hqzbbgx.yydctea.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.239.80.143 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
094fb6b829354ecff50f7d0b37aa6666dd0494eda261902fb206387a2f932d87

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 19 May 2024 16:41:26 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

Location
https://tqxvo1hqzbbgx.yydctea.com/
Non-Authoritative-Reason
HttpsUpgrades
iis7.css
tqxvo1hqzbbgx.yydctea.com/img/gg/
16 KB
3 KB
Stylesheet
General
Full URL
https://tqxvo1hqzbbgx.yydctea.com/img/gg/iis7.css
Requested by
Host: tqxvo1hqzbbgx.yydctea.com
URL: https://tqxvo1hqzbbgx.yydctea.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.239.80.143 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
2e721e0351a50998a53387ffcb153196238725db3421e3be8cbb93f95a689f40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tqxvo1hqzbbgx.yydctea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 16:41:26 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 10:27:47 GMT
server
nginx
etag
W/"65817023-404b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 20 May 2024 04:41:26 GMT
kaiyun186.jpg
tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/
177 KB
177 KB
Image
General
Full URL
https://tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/kaiyun186.jpg
Requested by
Host: tqxvo1hqzbbgx.yydctea.com
URL: https://tqxvo1hqzbbgx.yydctea.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.239.80.143 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
0b9f91679c243425df7301137cbc25a7839b7beb71d9b0df6882f83a5249db37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tqxvo1hqzbbgx.yydctea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 16:41:26 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 19 Dec 2023 11:01:08 GMT
server
nginx
etag
"658177f4-2c375"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
181109
expires
Tue, 18 Jun 2024 16:41:26 GMT
shell.jpg
tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/
66 KB
67 KB
Image
General
Full URL
https://tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/shell.jpg
Requested by
Host: tqxvo1hqzbbgx.yydctea.com
URL: https://tqxvo1hqzbbgx.yydctea.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.239.80.143 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
922e7d305622c6793e20fb4abdb50315fd90f28693ab4e226ee83d4e33f8d7f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tqxvo1hqzbbgx.yydctea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 16:41:27 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 19 Dec 2023 11:10:18 GMT
server
nginx
etag
"65817a1a-1099c"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
67996
expires
Tue, 18 Jun 2024 16:41:27 GMT
leyu.jpg
tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/
114 KB
114 KB
Image
General
Full URL
https://tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/leyu.jpg
Requested by
Host: tqxvo1hqzbbgx.yydctea.com
URL: https://tqxvo1hqzbbgx.yydctea.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.239.80.143 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
2f5a8bfda15bd7f4f84c8c9453e30954038e47fe8b127d170e0482315008bb34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tqxvo1hqzbbgx.yydctea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 16:41:27 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 20 Dec 2023 06:52:19 GMT
server
nginx
etag
"65828f23-1c8ad"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
116909
expires
Tue, 18 Jun 2024 16:41:27 GMT
kongyunhu.gif
tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/
155 KB
155 KB
Image
General
Full URL
https://tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/kongyunhu.gif
Requested by
Host: tqxvo1hqzbbgx.yydctea.com
URL: https://tqxvo1hqzbbgx.yydctea.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.239.80.143 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
0abe89c8d8c42df681bd0b3706e15a3121e8bd3568b13d2776dd59c60d872328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tqxvo1hqzbbgx.yydctea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 16:41:27 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 20 Dec 2023 07:00:23 GMT
server
nginx
etag
"65829107-26ae2"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
158434
expires
Tue, 18 Jun 2024 16:41:27 GMT
paofen.jpg
tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/
127 KB
127 KB
Image
General
Full URL
https://tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/paofen.jpg
Requested by
Host: tqxvo1hqzbbgx.yydctea.com
URL: https://tqxvo1hqzbbgx.yydctea.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.239.80.143 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
05c5f11fb1e784e857bf3f3f0b6db5e3d2f5f9f342f4e65630f0d9c11a905ce1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tqxvo1hqzbbgx.yydctea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 16:41:27 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 20 Dec 2023 09:44:22 GMT
server
nginx
etag
"6582b776-1fc6c"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
130156
expires
Tue, 18 Jun 2024 16:41:27 GMT
qianzheng.jpg
tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/
122 KB
122 KB
Image
General
Full URL
https://tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/qianzheng.jpg
Requested by
Host: tqxvo1hqzbbgx.yydctea.com
URL: https://tqxvo1hqzbbgx.yydctea.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.239.80.143 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
96bd92fc7e1f6c5418dda0fed181d0449cb83625d6ff97cc626d3ca29587fcc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tqxvo1hqzbbgx.yydctea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 16:41:27 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 20 Dec 2023 09:53:19 GMT
server
nginx
etag
"6582b98f-1e751"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
124753
expires
Tue, 18 Jun 2024 16:41:27 GMT
long.jpg
tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/
160 KB
160 KB
Image
General
Full URL
https://tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/long.jpg
Requested by
Host: tqxvo1hqzbbgx.yydctea.com
URL: https://tqxvo1hqzbbgx.yydctea.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.239.80.143 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
eda9042ba790b7bc9361ce811dc5d18daeecd6c1a36ede4e44639f2357a35479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tqxvo1hqzbbgx.yydctea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 16:41:27 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 19 Dec 2023 11:03:37 GMT
server
nginx
etag
"65817889-2801e"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
163870
expires
Tue, 18 Jun 2024 16:41:27 GMT
fangyu1.jpg
tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/
122 KB
123 KB
Image
General
Full URL
https://tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/fangyu1.jpg
Requested by
Host: tqxvo1hqzbbgx.yydctea.com
URL: https://tqxvo1hqzbbgx.yydctea.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.239.80.143 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
52d9f2b40369a1ccd70c2d4a70998cbf6d1e5c621d97c77082dc6b1dbb55c94c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tqxvo1hqzbbgx.yydctea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 16:41:27 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 20 Dec 2023 09:44:21 GMT
server
nginx
etag
"6582b775-1e919"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
125209
expires
Tue, 18 Jun 2024 16:41:27 GMT
hth1.jpg
tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/
236 KB
236 KB
Image
General
Full URL
https://tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/hth1.jpg
Requested by
Host: tqxvo1hqzbbgx.yydctea.com
URL: https://tqxvo1hqzbbgx.yydctea.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.239.80.143 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
56d17169fb28d0c764e48ae779f0c71f48eb2aa8bdaf77bb7614b10f644bcbdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tqxvo1hqzbbgx.yydctea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 16:41:27 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 20 Dec 2023 07:05:05 GMT
server
nginx
etag
"65829221-3aec5"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
241349
expires
Tue, 18 Jun 2024 16:41:27 GMT
shouji.jpg
tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/
112 KB
112 KB
Image
General
Full URL
https://tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/shouji.jpg
Requested by
Host: tqxvo1hqzbbgx.yydctea.com
URL: https://tqxvo1hqzbbgx.yydctea.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.239.80.143 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
393ba1ed3a31c91bdae51d4b15e0c36034722feb1360fcf43f0d3f80fe861fcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tqxvo1hqzbbgx.yydctea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 16:41:27 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 20 Dec 2023 09:53:19 GMT
server
nginx
etag
"6582b98f-1bf02"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
114434
expires
Tue, 18 Jun 2024 16:41:27 GMT
shuju.jpg
tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/
140 KB
140 KB
Image
General
Full URL
https://tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/shuju.jpg
Requested by
Host: tqxvo1hqzbbgx.yydctea.com
URL: https://tqxvo1hqzbbgx.yydctea.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.239.80.143 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
5c532059ff75aecbf187ccded23fb3949aed871dea10a68bb84bbe93400df6de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tqxvo1hqzbbgx.yydctea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 16:41:27 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 20 Dec 2023 09:44:22 GMT
server
nginx
etag
"6582b776-2305d"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
143453
expires
Tue, 18 Jun 2024 16:41:27 GMT
huanhui.jpg
tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/
101 KB
101 KB
Image
General
Full URL
https://tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/huanhui.jpg
Requested by
Host: tqxvo1hqzbbgx.yydctea.com
URL: https://tqxvo1hqzbbgx.yydctea.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.239.80.143 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
3b6a3cee593d961c27d44ed07ed99b441bfbe4a81f0920d525b109d2d9bc746b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tqxvo1hqzbbgx.yydctea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 16:41:27 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 20 Dec 2023 09:53:18 GMT
server
nginx
etag
"6582b98e-192d0"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
103120
expires
Tue, 18 Jun 2024 16:41:27 GMT
se-2ni-20240331.gif
tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/
219 KB
219 KB
Image
General
Full URL
https://tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/se-2ni-20240331.gif
Requested by
Host: tqxvo1hqzbbgx.yydctea.com
URL: https://tqxvo1hqzbbgx.yydctea.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.239.80.143 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
9f1b2bef34ef65eb6fff70924e956e489f4e55fd2462fda330a5e8c4cc2a3a25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tqxvo1hqzbbgx.yydctea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 16:41:26 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 19 Dec 2023 10:19:39 GMT
server
nginx
etag
"65816e3b-36b0d"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
224013
expires
Tue, 18 Jun 2024 16:41:26 GMT
2ni-20240630.gif
tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/
174 KB
175 KB
Image
General
Full URL
https://tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/2ni-20240630.gif
Requested by
Host: tqxvo1hqzbbgx.yydctea.com
URL: https://tqxvo1hqzbbgx.yydctea.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.239.80.143 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
ebf4acdda789eaab9bb377251de41b7493aca29a37096f7dc21d14bb132c21ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tqxvo1hqzbbgx.yydctea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 16:41:26 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 19 Dec 2023 10:19:39 GMT
server
nginx
etag
"65816e3b-2b8a6"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
178342
expires
Tue, 18 Jun 2024 16:41:26 GMT
20231211182648834.jpg
ad.iis7.com/uploadfiles/
0
0

xiao-20240430.gif
tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/
432 KB
433 KB
Image
General
Full URL
https://tqxvo1hqzbbgx.yydctea.com/img/gg/ggimg/xiao-20240430.gif
Requested by
Host: tqxvo1hqzbbgx.yydctea.com
URL: https://tqxvo1hqzbbgx.yydctea.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.239.80.143 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
cb49ff8105e14f9f5f17e6f8a4f82035ada62f22e378ec5a31919351127d5737
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tqxvo1hqzbbgx.yydctea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 16:41:27 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 19 Dec 2023 10:40:13 GMT
server
nginx
etag
"6581730d-6c145"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
442693
expires
Tue, 18 Jun 2024 16:41:27 GMT
DXbd.js
tqxvo1hqzbbgx.yydctea.com/
658 B
871 B
Script
General
Full URL
https://tqxvo1hqzbbgx.yydctea.com/DXbd.js?v=0.7077607795805256
Requested by
Host: tqxvo1hqzbbgx.yydctea.com
URL: https://tqxvo1hqzbbgx.yydctea.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.239.80.143 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
f4db51818988729efdf5f480f6ac3224120e7a1170685bb0d651ab670bae89ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tqxvo1hqzbbgx.yydctea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 16:41:26 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 08 Apr 2024 16:42:05 GMT
server
nginx
etag
"66141e5d-292"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
658
expires
Mon, 20 May 2024 04:41:26 GMT
DXbd.js
tqxvo1hqzbbgx.yydctea.com/
658 B
871 B
Script
General
Full URL
https://tqxvo1hqzbbgx.yydctea.com/DXbd.js?v=0.48397941188592597
Requested by
Host: tqxvo1hqzbbgx.yydctea.com
URL: https://tqxvo1hqzbbgx.yydctea.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.239.80.143 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
f4db51818988729efdf5f480f6ac3224120e7a1170685bb0d651ab670bae89ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tqxvo1hqzbbgx.yydctea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 16:41:26 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 08 Apr 2024 16:42:05 GMT
server
nginx
etag
"66141e5d-292"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
658
expires
Mon, 20 May 2024 04:41:26 GMT
hm.js
hm.baidu.com/
29 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?afd1ad0147dd02bb28700cdf1ca1207a
Requested by
Host: tqxvo1hqzbbgx.yydctea.com
URL: https://tqxvo1hqzbbgx.yydctea.com/DXbd.js?v=0.7077607795805256
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.11.83 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
2f68d70b6c123e403517dced2c3e584b05ecf4aa29eaa09057563d5da09dcf4f
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tqxvo1hqzbbgx.yydctea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 19 May 2024 16:41:28 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
6775b8fdb6c4925bbb92b8d47e3cb232
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11261
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=370167779&si=afd1ad0147dd02bb28700cdf1ca1207a&v=1.3.0&lv=1&sn=37379&r=0&ww=1600&u=https%3A%2F%2Ftqxvo1hqzbbgx.yydctea.com%2F&tt=%E7%88%B1%E6%B8%B8%E6%88%8F(ayx)%E4%B8%AD%E5%9B%BD%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99
Requested by
Host: tqxvo1hqzbbgx.yydctea.com
URL: https://tqxvo1hqzbbgx.yydctea.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.11.83 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tqxvo1hqzbbgx.yydctea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sun, 19 May 2024 16:41:29 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
favicon.ico
tqxvo1hqzbbgx.yydctea.com/
0
142 B
Other
General
Full URL
https://tqxvo1hqzbbgx.yydctea.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.239.80.143 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://tqxvo1hqzbbgx.yydctea.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 16:41:29 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 08 Apr 2024 16:42:05 GMT
server
nginx
etag
"66141e5d-0"
content-type
image/x-icon
accept-ranges
bytes
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.iis7.com
URL
https://ad.iis7.com/uploadfiles/20231211182648834.jpg

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _hmt string| s object| reg boolean| _bdhm_loaded_afd1ad0147dd02bb28700cdf1ca1207a object| mini_tangram_log_t4v2x1

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 7D3F191D92BFDD27
.tqxvo1hqzbbgx.yydctea.com/ Name: Hm_lvt_afd1ad0147dd02bb28700cdf1ca1207a
Value: 1716136889
.tqxvo1hqzbbgx.yydctea.com/ Name: Hm_lpvt_afd1ad0147dd02bb28700cdf1ca1207a
Value: 1716136889

6 Console Messages

Source Level URL
Text
network error URL: https://tqxvo1hqzbbgx.yydctea.com/
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://tqxvo1hqzbbgx.yydctea.com/
Message:
Mixed Content: The page at 'https://tqxvo1hqzbbgx.yydctea.com/' was loaded over HTTPS, but requested an insecure element 'http://ad.iis7.com/uploadfiles/20231211182648834.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://tqxvo1hqzbbgx.yydctea.com/(Line 160)
Message:
Mixed Content: The page at 'https://tqxvo1hqzbbgx.yydctea.com/' was loaded over HTTPS, but requested an insecure element 'http://ad.iis7.com/uploadfiles/20231211182648834.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://ad.iis7.com/uploadfiles/20231211182648834.jpg
Message:
Failed to load resource: net::ERR_SSL_KEY_USAGE_INCOMPATIBLE
other warning URL: https://tqxvo1hqzbbgx.yydctea.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tqxvo1hqzbbgx.yydctea.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.iis7.com
ajehvnd.cn
hm.baidu.com
tqxvo1hqzbbgx.yydctea.com
ad.iis7.com
111.45.11.83
38.238.4.143
38.239.80.143
05c5f11fb1e784e857bf3f3f0b6db5e3d2f5f9f342f4e65630f0d9c11a905ce1
094fb6b829354ecff50f7d0b37aa6666dd0494eda261902fb206387a2f932d87
0abe89c8d8c42df681bd0b3706e15a3121e8bd3568b13d2776dd59c60d872328
0b9f91679c243425df7301137cbc25a7839b7beb71d9b0df6882f83a5249db37
2e721e0351a50998a53387ffcb153196238725db3421e3be8cbb93f95a689f40
2f5a8bfda15bd7f4f84c8c9453e30954038e47fe8b127d170e0482315008bb34
2f68d70b6c123e403517dced2c3e584b05ecf4aa29eaa09057563d5da09dcf4f
393ba1ed3a31c91bdae51d4b15e0c36034722feb1360fcf43f0d3f80fe861fcb
3b6a3cee593d961c27d44ed07ed99b441bfbe4a81f0920d525b109d2d9bc746b
52d9f2b40369a1ccd70c2d4a70998cbf6d1e5c621d97c77082dc6b1dbb55c94c
56d17169fb28d0c764e48ae779f0c71f48eb2aa8bdaf77bb7614b10f644bcbdf
5c532059ff75aecbf187ccded23fb3949aed871dea10a68bb84bbe93400df6de
922e7d305622c6793e20fb4abdb50315fd90f28693ab4e226ee83d4e33f8d7f5
96bd92fc7e1f6c5418dda0fed181d0449cb83625d6ff97cc626d3ca29587fcc2
9f1b2bef34ef65eb6fff70924e956e489f4e55fd2462fda330a5e8c4cc2a3a25
cb49ff8105e14f9f5f17e6f8a4f82035ada62f22e378ec5a31919351127d5737
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebf4acdda789eaab9bb377251de41b7493aca29a37096f7dc21d14bb132c21ae
eda9042ba790b7bc9361ce811dc5d18daeecd6c1a36ede4e44639f2357a35479
f4db51818988729efdf5f480f6ac3224120e7a1170685bb0d651ab670bae89ff