354085.plus - urlscan.io

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 154.198.225.5, located in United States and belongs to CNSERVERS, US. The main domain is 354085.plus.
TLS certificate: Issued by R11 on December 20th 2024. Valid for: 3 months.

This is the only time 354085.plus was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	154.198.225.5 154.198.225.5	40065 (CNSERVERS) (CNSERVERS)
2	106.225.241.95 106.225.241.95	134238 (CT-JIANGX...) (CT-JIANGXI-IDC CHINANET Jiangx province IDC network)
1	223.109.148.175 223.109.148.175	() ()
6	4

1 154.198.225.5 (United States)

ASN40065 (CNSERVERS, US)

354085.plus	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 106.225.241.95 (China)

ASN134238 (CT-JIANGXI-IDC CHINANET Jiangx province IDC network, CN)

s9.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 223.109.148.175 (None, )

ASN- ()

z12.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	cnzz.com s9.cnzz.com — Cisco Umbrella Rank: 137146 z12.cnzz.com c.cnzz.com — Cisco Umbrella Rank: 91025	5 KB
1	354085.plus 354085.plus	629 B
0	azure.com Failed ney53nrqrdpiwiwl8qpca.eastasia.cloudapp.azure.com Failed
6	3

	Domain	Requested by
1	c.cnzz.com	s9.cnzz.com
1	z12.cnzz.com	s9.cnzz.com
1	s9.cnzz.com	354085.plus
1	354085.plus
0	ney53nrqrdpiwiwl8qpca.eastasia.cloudapp.azure.com Failed
6	5

This site contains no links.

Subject Issuer	Validity	Valid
354085.plus R11	`2024-12-20` - `2025-03-20`	3 months	crt.sh
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G3	`2024-02-17` - `2025-03-20`	a year	crt.sh

This page contains 1 frames:

Frame: https://ney53nrqrdpiwiwl8qpca.eastasia.cloudapp.azure.com:2000/?agent=dxvip555
Frame ID: D634464F37B54B33476782A03B04556A
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome

Page Statistics

6
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

6 kB
Transfer

11 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response 354085.plus/	506 B 629 B	4551ms 678ms	Document text/html	154.198.225.5 CNSERVERS
General Check archive.org Show headers Download Go to Full URL https://354085.plus/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 154.198.225.5 , United States, ASN40065 (CNSERVERS, US), Reverse DNS Software nginx / Resource Hash `308f8264e8e420f0a6bc32e0dde4885a8a796da79b12fe24050369e9ecc688e4` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-length 506 content-type text/html date Fri, 20 Dec 2024 14:04:35 GMT etag "67604b4c-1fa" last-modified Mon, 16 Dec 2024 15:46:20 GMT server nginx x-cache BYPASS
GET H2	200	z.js Show response s9.cnzz.com/	10 KB 4 KB	2435ms 1317ms	Script application/javascript	106.225.241.95 CT-JIANGXI-IDC CH...
General Check archive.org Show headers Download Go to Full URL https://s9.cnzz.com/z.js?id=1281398859&async=1 Requested by Host: 354085.plus URL: https://354085.plus/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 106.225.241.95 , China, ASN134238 (CT-JIANGXI-IDC CHINANET Jiangx province IDC network, CN), Reverse DNS Software Tengine / Resource Hash `749a8c0157536a47a5cd05de2a9daa4c1bb3b4693b4d92305d33bc2a7fd72b4d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://354085.plus/ Response headers content-encoding br etag W/"10992791028916673594" age 0 x-cache HIT TCP_REFRESH_HIT dirn:-2:-2 date Fri, 20 Dec 2024 14:04:22 GMT content-type application/javascript vary accept-encoding cache-control public, max-age=300 x-swift-cachetime 300 timing-allow-origin * via ens-cache6.l2cn7764[87,100,304-0,H], ens-cache15.l2cn7764[102,0], cache12.cn3693[119,119,200-0,H], cache2.cn3693[120,0] ali-swift-global-savetime 1734703462 x-swift-savetime Fri, 20 Dec 2024 14:04:22 GMT eagleid 6ae1f19617347034626226363e content-length 3884 server Tengine
POST H2	200	stat.htm z12.cnzz.com/	2 B 123 B	1761ms 550ms	Ping text/html	223.109.148.175
General Check archive.org Show headers Download Go to Full URL https://z12.cnzz.com/stat.htm?id=1281398859&r=&lg=en-us&ntime=none&cnzz_eid=573742032-1734703463-&showp=1600x1200&p=https%3A%2F%2F354085.plus%2F&t=Welcome&umuuid=193e4623a127ad-0ca712d88c5a7d-16462c6e-1d4c00-193e4623a13905&h=1 Requested by Host: s9.cnzz.com URL: https://s9.cnzz.com/z.js?id=1281398859&async=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305 Server 223.109.148.175 -, , ASN (), Reverse DNS Software Tengine / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://354085.plus/ Response headers content-encoding gzip date Fri, 20 Dec 2024 14:04:24 GMT content-type text/html; charset=utf-8 vary Accept-Encoding server Tengine
GET H2	200	c.js Show response c.cnzz.com/	907 B 847 B	355ms 342ms	Script application/javascript	106.225.241.95 CT-JIANGXI-IDC CH...
General Check archive.org Show headers Download Go to Full URL https://c.cnzz.com/c.js?web_id=1281398859&t=z Requested by Host: s9.cnzz.com URL: https://s9.cnzz.com/z.js?id=1281398859&async=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 106.225.241.95 , China, ASN134238 (CT-JIANGXI-IDC CHINANET Jiangx province IDC network, CN), Reverse DNS Software Tengine / Resource Hash `ac2151b12ed54ecc91d5556cfe7b7bf77115a33c131868834c356f1078fcb25b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://354085.plus/ Response headers content-encoding br etag W/"5288124533026727705" age 0 x-cache HIT TCP_REFRESH_HIT dirn:-2:-2 date Fri, 20 Dec 2024 14:04:23 GMT content-type application/javascript vary accept-encoding cache-control public, max-age=321 x-swift-cachetime 321 timing-allow-origin * via ens-cache1.l2cn7764[91,90,304-0,H], ens-cache47.l2cn7764[92,0], cache10.cn3693[109,109,200-0,H], cache2.cn3693[110,0] ali-swift-global-savetime 1734703463 x-swift-savetime Fri, 20 Dec 2024 14:04:23 GMT eagleid 6ae1f19617347034630626894e content-length 585 server Tengine
GET		/ ney53nrqrdpiwiwl8qpca.eastasia.cloudapp.azure.com/	0 0

GET		favicon.ico 354085.plus/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ney53nrqrdpiwiwl8qpca.eastasia.cloudapp.azure.com
URL: https://ney53nrqrdpiwiwl8qpca.eastasia.cloudapp.azure.com:2000/?agent=dxvip555

Domain: 354085.plus
URL: https://354085.plus/favicon.ico

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _czc object| _cz_loaded string| _cz_account object| _CNZZDbridge_1281398859

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.354085.plus/	1970-01-21 06:13:48	Name: UM_distinctid Value: 193e4623a127ad-0ca712d88c5a7d-16462c6e-1d4c00-193e4623a13905
			354085.plus/	1970-01-21 06:13:48	Name: CNZZDATA1281398859 Value: 573742032-1734703463-%7C1734703463

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

354085.plus
c.cnzz.com
ney53nrqrdpiwiwl8qpca.eastasia.cloudapp.azure.com
s9.cnzz.com
z12.cnzz.com
354085.plus
ney53nrqrdpiwiwl8qpca.eastasia.cloudapp.azure.com
106.225.241.95
154.198.225.5
223.109.148.175
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
308f8264e8e420f0a6bc32e0dde4885a8a796da79b12fe24050369e9ecc688e4
749a8c0157536a47a5cd05de2a9daa4c1bb3b4693b4d92305d33bc2a7fd72b4d
ac2151b12ed54ecc91d5556cfe7b7bf77115a33c131868834c356f1078fcb25b

354085.plus Open in urlscan Pro 154.198.225.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

67 %HTTPS

0 %IPv6

3 Domains

5 Subdomains

4 IPs

2 Countries

6 kBTransfer

11 kBSize

2 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

2 Cookies

Indicators

354085.plus Open in urlscan Pro
154.198.225.5 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

6 kB
Transfer

11 kB
Size

2
Cookies

6 HTTP transactions
0 data transactions