urlscan.io logo urlscan.io
SecurityTrails logo

e6.yu87v1dew9.icu Open in urlscan Pro
2600:9000:211e:4e00:3:fe52:b080:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://919297.com/
Effective URL: https://e6.yu87v1dew9.icu/
Submission: On May 21 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 2600:9000:211e:4e00:3:fe52:b080:93a1, located in United States and belongs to AMAZON-02, US. The main domain is e6.yu87v1dew9.icu.
TLS certificate: Issued by R3 on May 17th 2024. Valid for: 3 months.
This is the only time e6.yu87v1dew9.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains		 Transfer
3 yu87v1dew9.icu
e6.yu87v1dew9.icu
115 KB
2 919297.icu
www.919297.icu
2 KB
2 919297.com
919297.com
2 KB
1 histats.com
sstatic1.histats.com — Cisco Umbrella Rank: 42642
163 B
8 4
Domain Requested by
3 e6.yu87v1dew9.icu 919297.com
e6.yu87v1dew9.icu
2 www.919297.icu 919297.com
www.919297.icu
2 919297.com 919297.com
1 sstatic1.histats.com e6.yu87v1dew9.icu
8 4

This site contains links to these domains. Also see Links.

Domain
www.919297.com
x.x9f.icu
t.me
Subject Issuer Validity Valid
www.919297.com
R3		 2024-05-17 -
2024-08-15		 3 months crt.sh
www.919297.icu
R3		 2024-05-17 -
2024-08-15		 3 months crt.sh
e6.yu87v1dew9.icu
R3		 2024-05-17 -
2024-08-15		 3 months crt.sh
histats.com
R3		 2024-05-13 -
2024-08-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://e6.yu87v1dew9.icu/
Frame ID: D994004AE5443BBC80DC570536F65149
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

最新地址

Page URL History Show full URLs

  1. https://919297.com/ Page URL
  2. https://www.919297.icu/ Page URL
  3. https://e6.yu87v1dew9.icu/ Page URL

Page Statistics

8
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

119 kB
Transfer

119 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://919297.com/ Page URL
  2. https://www.919297.icu/ Page URL
  3. https://e6.yu87v1dew9.icu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
919297.com/ 		30 B
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://919297.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:3800:16:dc7f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d0ba04a28a1a25a92a6b818be6ad8d1d2e497e2c3f7941b2a6eff38dd5d30a2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
31653
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 21 May 2024 01:18:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding Origin
via
1.1 d8006f736d3dc32a20a91813f2f50fa2.cloudfront.net (CloudFront)
x-amz-cf-id
FnSgI13opp1VYl7xRaJh8nXb6jNQJFpl-FRSXh8Hpi40F17majPEXA==
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
c.js
919297.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://919297.com/c.js
Requested by
Host: 919297.com
URL: https://919297.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:3800:16:dc7f:db40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8dc54bf348628ebb861559775c37b5b593db97750b5b3c946c20dab15ebb302c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://919297.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 01:26:03 GMT
strict-transport-security
max-age=31536000
via
1.1 d8006f736d3dc32a20a91813f2f50fa2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P7
age
31171
x-cache
Hit from cloudfront
content-length
1171
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 17 May 2024 23:23:24 GMT
server
nginx
etag
"6647e6ec-493"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
x-amz-cf-id
YjaxxE0ICvX0dMwxugDAuVX2rhpus87dAEJrvGalCySiMBcofo18Eg==
expires
Tue, 21 May 2024 13:26:03 GMT
/
www.919297.icu/ 		292 B
713 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.919297.icu/
Requested by
Host: 919297.com
URL: https://919297.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:3a00:18:33c0:6100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9bc0b30d9d2c5d15658ffde19b32545eaed1b5cd011c97d43c8b9512c25cc8e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://919297.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
32595
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 21 May 2024 01:02:20 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding Origin
via
1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront)
x-amz-cf-id
r2_YUscFPAjofPFi1dOL7uU2Sdhw4PbmwKVVfB1jp393dvoDlEzGQQ==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
c.js
www.919297.icu/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.919297.icu/c.js
Requested by
Host: www.919297.icu
URL: https://www.919297.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:3a00:18:33c0:6100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.919297.icu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 01:11:07 GMT
strict-transport-security
max-age=31536000
via
1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P8
age
32068
x-cache
Hit from cloudfront
content-length
1203
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 18 May 2024 00:43:22 GMT
server
nginx
etag
"6647f9aa-4b3"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
x-amz-cf-id
XU3oWwRy7yiR_svlim1WBwqfeEyskRrRkzpCuvH44xUVeSWpu6lCGQ==
expires
Tue, 21 May 2024 13:11:07 GMT
Primary Request /
e6.yu87v1dew9.icu/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e6.yu87v1dew9.icu/
Requested by
Host: 919297.com
URL: https://919297.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4e00:3:fe52:b080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a8497a67686f87ee4bc467db9589b020169d5a5a7528f428705603675de72044
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.919297.icu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
32592
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 21 May 2024 01:02:23 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding Origin
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
x-amz-cf-id
Qe-Zciz2YUQtWypzl6WhyNBHs_sY6tEwzr-hsd7_NMivcrbN0SsbiQ==
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
style.css
e6.yu87v1dew9.icu/ 		111 KB
111 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://e6.yu87v1dew9.icu/style.css
Requested by
Host: e6.yu87v1dew9.icu
URL: https://e6.yu87v1dew9.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4e00:3:fe52:b080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e0c5964afeb2b460bc4b83e4f8f883251d219d2939abb07c25cde161aad8c219
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 02:08:20 GMT
strict-transport-security
max-age=31536000
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
age
28635
x-cache
Hit from cloudfront
content-length
113269
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 May 2024 10:27:07 GMT
server
nginx
etag
"6640997b-1ba75"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=43200
accept-ranges
bytes
x-amz-cf-id
i4M4aML8aLj8RZNlUQhDoQz5mJgDPF38cHKYpPLsmJS503rDqtlmsw==
expires
Tue, 21 May 2024 14:08:20 GMT
0.gif
sstatic1.histats.com/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sstatic1.histats.com/0.gif?4790373&101
Requested by
Host: e6.yu87v1dew9.icu
URL: https://e6.yu87v1dew9.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.129 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534297.ip-149-56-240.net
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 21 May 2024 10:05:36 GMT
Connection
close
Content-Length
43
Content-Type
image/gif
favicon.ico
e6.yu87v1dew9.icu/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://e6.yu87v1dew9.icu/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4e00:3:fe52:b080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0ee44ceef4add00b2c0e26c4869f9cb6ab69a84d405c68de1822639faa640df6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 10:05:37 GMT
content-encoding
gzip
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-C2
x-content-type-options
nosniff
etag
W/"6647f050-447"
vary
Accept-Encoding, Origin
x-cache
Error from cloudfront
content-type
text/html
x-frame-options
SAMEORIGIN
x-amz-cf-id
OSSvNPP1a-KmCHQpBdJ81Detzhb9eDOCaVykebiNlRkPtVwZDIwgxQ==
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| num object| imgd function| jump

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://e6.yu87v1dew9.icu/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block