scrhg-it.cn - urlscan.io

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 6 HTTP transactions. The main IP is 172.67.165.129, located in United States and belongs to CLOUDFLARENET, US. The main domain is scrhg-it.cn.
TLS certificate: Issued by WE1 on December 1st 2024. Valid for: 3 months.

This is the only time scrhg-it.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	172.67.165.129 172.67.165.129	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	38.6.200.42 38.6.200.42	400619 (AROSS-AS) (AROSS-AS)
2	148.153.240.67 148.153.240.67	63199 (CDSC-AS1) (CDSC-AS1)
1 2	172.65.218.121 172.65.218.121	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	4

2 172.67.165.129 (United States)

ASN13335 (CLOUDFLARENET, US)

scrhg-it.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.6.200.42 (Los Angeles, United States)

ASN400619 (AROSS-AS, US)

zhaohg.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.153.240.67 (Amman, Jordan)

ASN63199 (CDSC-AS1, US)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.218.121 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dw562s.bg6t8a.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	bg6t8a.top 1 redirects dw562s.bg6t8a.top	347 B
2	51.la sdk.51.la — Cisco Umbrella Rank: 73455 collect-v6.51.la — Cisco Umbrella Rank: 78995	34 KB
2	scrhg-it.cn scrhg-it.cn	4 KB
1	zhaohg.cn zhaohg.cn	1 KB
6	4

	Domain	Requested by
2	dw562s.bg6t8a.top	1 redirects zhaohg.cn
2	scrhg-it.cn
1	collect-v6.51.la	sdk.51.la
1	sdk.51.la	scrhg-it.cn
1	zhaohg.cn	scrhg-it.cn
6	5

This site contains no links.

Subject Issuer	Validity	Valid
scrhg-it.cn WE1	`2024-12-01` - `2025-03-01`	3 months	crt.sh
zhaohg.cn R11	`2024-10-05` - `2025-01-03`	3 months	crt.sh
*.51.la GlobalSign RSA OV SSL CA 2018	`2024-03-19` - `2025-04-20`	a year	crt.sh
dw562s.bg6t8a.top Sectigo RSA Domain Validation Secure Server CA	`2024-11-20` - `2025-11-20`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://scrhg-it.cn/
Frame ID: D38E93BB2190229AE1CF99466FD1A54B
Requests: 5 HTTP requests in this frame

Frame: https://dw562s.bg6t8a.top/normal/?cid=119185&currency=CNY/
Frame ID: 4E6806609AD98CA697D1D9C2F14FFC76
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

流量出售商务合作:@dk669669/@xmjiema

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

40 kB
Transfer

40 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://dw562s.bg6t8a.top:29294/?cid=119185&currency=CNY/ HTTP 302
https://dw562s.bg6t8a.top/normal/?cid=119185&currency=CNY/

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
scrhg-it.cn/ 110 B
803 B 565ms
384ms Document
text/html 172.67.165.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scrhg-it.cn/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc419fe024b613735180f1837df9d899be31525017567ab0e2dbae9c052f601d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ef330d2ba0fd370-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Mon, 09 Dec 2024 07:13:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B87AOF44Z%2FCpx7EVpLa8szOTq8obMoM0DQIFHpXwiPjDdzNtqmdcCRr7WY6nQOM65Ajv%2F3jsmLLFzvYdzc2kPsPx3J1t4028O9OBGltIR6W%2B9QyCF4XBflWjxEH25w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=38052&min_rtt=34645&rtt_var=11971&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4137&recv_bytes=4484&delivery_rate=474&cwnd=12000&unsent_bytes=0&cid=4289dc02ce6e580d&ts=392&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H2 200 qqqppp.js Show response
zhaohg.cn/ 2 KB
1 KB 2135ms
203ms Script
application/javascript 38.6.200.42
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://zhaohg.cn/qqqppp.js

Requested by

Host: scrhg-it.cn
URL: https://scrhg-it.cn/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

38.6.200.42 Los Angeles, United States, ASN400619 (AROSS-AS, US),

Reverse DNS

Software

nginx /

Resource Hash

03d8c1098dfd170d8ef038a351dcbbdf1bdc5be58655dec458a1d65392d99a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://scrhg-it.cn/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"674d932f-9a9"
expires: Mon, 09 Dec 2024 19:13:09 GMT
date: Mon, 09 Dec 2024 07:13:09 GMT
content-type: application/javascript
last-modified: Mon, 02 Dec 2024 10:59:59 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
34 KB 900ms
179ms Script
text/plain 148.153.240.67
CDSC-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: scrhg-it.cn
URL: https://scrhg-it.cn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.153.240.67 Amman, Jordan, ASN63199 (CDSC-AS1, US),
Reverse DNS
Software: openresty /
Resource Hash: c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://scrhg-it.cn/

Response headers

cache-control: no-store
access-control-allow-credentials: true
via: EU-GER-frankfurt-EDGE7-CACHE1[140],EU-GER-frankfurt-EDGE7-CACHE1[ovl,134],EU-GER-frankfurt-EDGE5-CACHE5[ovl,133],CHN-HElangfang-GLOBAL6-CACHE16[ovl,17]
access-control-allow-origin: *
x-ccdn-req-id-46b1: f31f8c6d7938eff714145414952e90c2
date: Mon, 09 Dec 2024 07:13:10 GMT
content-type: text/plain; charset=utf-8
server: openresty

GET
H2

200

/
dw562s.bg6t8a.top/normal/ Frame 4E68
Redirect Chain

https://dw562s.bg6t8a.top:29294/?cid=119185&currency=CNY/
https://dw562s.bg6t8a.top/normal/?cid=119185&currency=CNY/

0
0

819ms
290ms

Document
text/html

172.65.218.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dw562s.bg6t8a.top/normal/?cid=119185&currency=CNY/

Requested by

Host: zhaohg.cn
URL: https://zhaohg.cn/qqqppp.js

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

172.65.218.121 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://scrhg-it.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

c-type: pf
cache-control: no-cache
content-encoding: gzip
content-md5: dRW3w+43tq9BL4zWeKXeWA==
content-type: text/html
date: Mon, 09 Dec 2024 07:13:11 GMT
last-modified: Tue, 26 Nov 2024 07:48:30 GMT
rid: caf3fdc20efd7b85dfedd2826eebe4a6
server: gocache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
x-cache-status: MISS
x-oss-hash-crc64ecma: 8170113099047623139
x-oss-object-type: Normal
x-oss-request-id: 67569887D14BBC34344BA35A
x-oss-server-time: 2
x-oss-storage-class: Standard

Redirect headers

Connection: keep-alive
Content-Length: 140
Content-Type: text/html
Date: Mon, 09 Dec 2024 07:13:10 GMT
Location: https://dw562s.bg6t8a.top:443/normal/?cid=119185&currency=CNY/
Server: gocache
Strict-Transport-Security: max-age=31536000; includeSubDomains
c-Type: pf
rid: 24c00a8fccd69b5ab62bca979a09f1a7

POST
H2 200 collect Show response
collect-v6.51.la/v6/ 0
277 B 999ms
991ms XHR
text/plain 148.153.240.67
CDSC-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.153.240.67 Amman, Jordan, ASN63199 (CDSC-AS1, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://scrhg-it.cn/

Response headers

via: EU-GER-frankfurt-EDGE7-CACHE1[954],EU-GER-frankfurt-EDGE7-CACHE1[ovl,953]
access-control-allow-origin: https://scrhg-it.cn
x-ccdn-req-id-46b1: 26256f95e2e5b6442c41c19cbffeaea8
content-length: 0
date: Mon, 09 Dec 2024 07:13:11 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true

GET
H3 200 favicon.ico
scrhg-it.cn/ 4 KB
3 KB 385ms
385ms Other
image/x-icon 172.67.165.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scrhg-it.cn/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.165.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e471a9f02d1bb949155890f497d7b6188766b88154bf5aecc713d0ce4513723a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://scrhg-it.cn/

Response headers

server: cloudflare
cache-control: max-age=120
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"5daead54-10be"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2vpYc6C%2BCgjMmbht3gP1skgBp4m5vElj5lnVLzrKfZjO%2FycIW33hkkAPzvySblm9ZzQsZGR9Tpm%2BeE8dgUvThwTmgxu21VJAb1irki3A%2BhNKqFNOQzTuasOXLSGW4g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ef330f15e6ed370-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37363&min_rtt=32533&rtt_var=10358&sent=14&recv=12&lost=0&retrans=0&sent_bytes=5010&recv_bytes=5134&delivery_rate=26127&cwnd=12000&unsent_bytes=0&cid=4289dc02ce6e580d&ts=5298&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 09 Dec 2024 07:13:12 GMT
content-type: image/x-icon
last-modified: Tue, 22 Oct 2019 07:18:44 GMT
vary: Accept-Encoding
priority: u=1,i

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
scrhg-it.cn/	1969-12-31 23:59:59	Name: __vtins__K3PK1xC5ifS5vOxo Value: %7B%22sid%22%3A%20%22f6764257-7a6a-5c55-855e-8a6d6423360f%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201733730190658%2C%20%22ct%22%3A%201733728390658%7D
scrhg-it.cn/	1970-01-21 11:11:28	Name: __51uvsct__K3PK1xC5ifS5vOxo Value: 1
scrhg-it.cn/	1970-01-21 11:11:28	Name: __51vcke__K3PK1xC5ifS5vOxo Value: 3ae5562b-d553-5505-8eea-bebc191b1431
scrhg-it.cn/	1970-01-21 11:11:28	Name: __51vuft__K3PK1xC5ifS5vOxo Value: 1733728390659

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

collect-v6.51.la
dw562s.bg6t8a.top
scrhg-it.cn
sdk.51.la
zhaohg.cn
148.153.240.67
172.65.218.121
172.67.165.129
38.6.200.42
03d8c1098dfd170d8ef038a351dcbbdf1bdc5be58655dec458a1d65392d99a7f
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa
cc419fe024b613735180f1837df9d899be31525017567ab0e2dbae9c052f601d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e471a9f02d1bb949155890f497d7b6188766b88154bf5aecc713d0ce4513723a

scrhg-it.cn Open in urlscan Pro 172.67.165.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

100 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

4 IPs

2 Countries

40 kBTransfer

40 kBSize

4 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

4 Cookies

Indicators

scrhg-it.cn Open in urlscan Pro
172.67.165.129 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

40 kB
Transfer

40 kB
Size

4
Cookies

6 HTTP transactions
0 data transactions