djfhnusdi.ewtyiuxv.cc Open in urlscan Pro
116.204.158.94 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://xycp1314.com/
Effective URL:
https://djfhnusdi.ewtyiuxv.cc/
Submission: On November 28 via api (November 28th 2023, 12:18:56 am UTC) from US — Scanned from US

Summary HTTP 10 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 116.204.158.94, located in Hong Kong and belongs to DNC-AS Dimension Network & Communication Limited, HK. The main domain is djfhnusdi.ewtyiuxv.cc.
TLS certificate: Issued by R3 on November 4th 2023. Valid for: 3 months.

This is the only time djfhnusdi.ewtyiuxv.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	23.225.71.76 23.225.71.76	40065 (CNSERVERS) (CNSERVERS)
1 1	23.251.33.122 23.251.33.122	62610 (ZEN-DPS) (ZEN-DPS)
9	116.204.158.94 116.204.158.94	59371 (DNC-AS Di...) (DNC-AS Dimension Network & Communication Limited)
10	2

1 23.225.71.76 (United States)

ASN40065 (CNSERVERS, US)

xycp1314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.251.33.122 (Hong Kong, Hong Kong) 1 redirects

ASN62610 (ZEN-DPS, US)

wzk2er.fewma.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 116.204.158.94 (Hong Kong)

ASN59371 (DNC-AS Dimension Network & Communication Limited, HK)

djfhnusdi.ewtyiuxv.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	ewtyiuxv.cc djfhnusdi.ewtyiuxv.cc	237 KB
1	fewma.cc 1 redirects wzk2er.fewma.cc	242 B
1	xycp1314.com xycp1314.com	616 B
10	3

	Domain	Requested by
9	djfhnusdi.ewtyiuxv.cc	xycp1314.com djfhnusdi.ewtyiuxv.cc
1	wzk2er.fewma.cc	1 redirects
1	xycp1314.com
10	3

This site contains links to these domains. Also see Links.

Domain
qwqewqc.9988776655.cc

Subject Issuer	Validity	Valid
xycp1314.com R3	`2023-10-29` - `2024-01-27`	3 months	crt.sh
djfhnusdi.ewtyiuxv.cc R3	`2023-11-04` - `2024-02-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://djfhnusdi.ewtyiuxv.cc/
Frame ID: C6E7977084D27E346E80E69440F0A70E
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome

Page URL History Show full URLs

https://xycp1314.com/ Page URL
https://wzk2er.fewma.cc:12345/?u=https://xycp1314.com/&p=/ HTTP 302
https://djfhnusdi.ewtyiuxv.cc/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

238 kB
Transfer

300 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://qwqewqc.9988776655.cc/chatlink.html

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://xycp1314.com/ Page URL
https://wzk2er.fewma.cc:12345/?u=https://xycp1314.com/&p=/ HTTP 302
https://djfhnusdi.ewtyiuxv.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ xycp1314.com/	430 B 616 B	1708ms 89ms	Document text/html	23.225.71.76 CNSERVERS
General Check archive.org Show headers Download Go to Full URL https://xycp1314.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.225.71.76 , United States, ASN40065 (CNSERVERS, US), Reverse DNS Software / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control max-age=259200 Connection close Content-Type text/html; charset=utf-8 Date Tue, 28 Nov 2023 00:18:24 GMT Transfer-Encoding chunked
GET H2	200	Primary Request / Show response djfhnusdi.ewtyiuxv.cc/ Redirect Chain https://wzk2er.fewma.cc:12345/?u=https://xycp1314.com/&p=/ https://djfhnusdi.ewtyiuxv.cc/	8 KB 3 KB	4177ms 231ms	Document text/html	116.204.158.94 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://djfhnusdi.ewtyiuxv.cc/ Requested by Host: xycp1314.com URL: https://xycp1314.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 116.204.158.94 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software tydcdn / Resource Hash `f0b9ddbe97be585aac24e2060ebfb3604f1361dab7cca72bcc1895be01bad3b7` Request headers Referer https://xycp1314.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-type text/html date Tue, 28 Nov 2023 00:18:28 GMT etag W/"653fa909-1ff4" last-modified Mon, 30 Oct 2023 13:00:57 GMT server tydcdn vary Accept-Encoding Accept-Encoding x-cache-status EXPIRED Redirect headers Connection keep-alive Content-Length 0 Content-Type text/html; charset=utf-8 Date Tue, 28 Nov 2023 00:18:24 GMT Location https://djfhnusdi.ewtyiuxv.cc/ Server nginx Vary Origin X-Frame-Options SAMEORIGIN
GET H2	200	ct.css djfhnusdi.ewtyiuxv.cc/css/	2 KB 925 B	668ms 664ms	Stylesheet text/css	116.204.158.94 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://djfhnusdi.ewtyiuxv.cc/css/ct.css Requested by Host: djfhnusdi.ewtyiuxv.cc URL: https://djfhnusdi.ewtyiuxv.cc/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 116.204.158.94 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software tydcdn / Resource Hash `ee533653391f0c3122634d9dbedab4242b31cf6658fbe97bf890e8c8134dcc38` Request headers accept-language en-US,en;q=0.9 Referer https://djfhnusdi.ewtyiuxv.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 00:18:29 GMT content-encoding gzip last-modified Fri, 22 Nov 2019 01:16:14 GMT server tydcdn etag W/"5dd736de-7c9" x-cache-status EXPIRED vary Accept-Encoding, Accept-Encoding content-type text/css cache-control max-age=43200 expires Tue, 28 Nov 2023 12:18:29 GMT
GET H2	200	pace-theme-minimal.css djfhnusdi.ewtyiuxv.cc/css/	301 B 519 B	669ms 666ms	Stylesheet text/css	116.204.158.94 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://djfhnusdi.ewtyiuxv.cc/css/pace-theme-minimal.css Requested by Host: djfhnusdi.ewtyiuxv.cc URL: https://djfhnusdi.ewtyiuxv.cc/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 116.204.158.94 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software tydcdn / Resource Hash `e60075ba33fb20d03edce52e2b7d2b90c4608d36f8dd6a8db41707de07b99923` Request headers accept-language en-US,en;q=0.9 Referer https://djfhnusdi.ewtyiuxv.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 00:18:29 GMT last-modified Fri, 22 Nov 2019 01:16:14 GMT server tydcdn etag "5dd736de-12d" x-cache-status EXPIRED content-type text/css cache-control max-age=43200 accept-ranges bytes content-length 301 expires Tue, 28 Nov 2023 12:18:29 GMT
GET H2	200	jquery.min.js Show response djfhnusdi.ewtyiuxv.cc/js/	87 KB 35 KB	669ms 665ms	Script application/javascript	116.204.158.94 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://djfhnusdi.ewtyiuxv.cc/js/jquery.min.js Requested by Host: djfhnusdi.ewtyiuxv.cc URL: https://djfhnusdi.ewtyiuxv.cc/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 116.204.158.94 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software tydcdn / Resource Hash `f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d` Request headers accept-language en-US,en;q=0.9 Referer https://djfhnusdi.ewtyiuxv.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 00:18:29 GMT content-encoding gzip last-modified Tue, 26 Sep 2023 12:27:06 GMT server tydcdn etag W/"6512ce1a-15d84" x-cache-status EXPIRED vary Accept-Encoding, Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Tue, 28 Nov 2023 12:18:29 GMT
GET H2	200	dh1.png djfhnusdi.ewtyiuxv.cc/images/	21 KB 21 KB	446ms 443ms	Image image/png	116.204.158.94 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Show image Full URL https://djfhnusdi.ewtyiuxv.cc/images/dh1.png Requested by Host: djfhnusdi.ewtyiuxv.cc URL: https://djfhnusdi.ewtyiuxv.cc/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 116.204.158.94 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software tydcdn / Resource Hash `630f46724c0f655dfe4a85714b281c0fd4708cbd8b31fa553d8eeaf6963d4e6c` Request headers accept-language en-US,en;q=0.9 Referer https://djfhnusdi.ewtyiuxv.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 00:18:29 GMT last-modified Sun, 16 Jan 2022 07:32:45 GMT server tydcdn etag "61e3ca1d-523d" x-cache-status HIT content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 21053 expires Wed, 27 Dec 2023 12:54:41 GMT
GET H2	200	image02.png djfhnusdi.ewtyiuxv.cc/images/	101 KB 101 KB	448ms 445ms	Image image/png	116.204.158.94 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Show image Full URL https://djfhnusdi.ewtyiuxv.cc/images/image02.png Requested by Host: djfhnusdi.ewtyiuxv.cc URL: https://djfhnusdi.ewtyiuxv.cc/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 116.204.158.94 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software tydcdn / Resource Hash `6cf4ae9732d6bbcfbe93e62241c37c8d3b1113b26e40738459011771e15dce5d` Request headers accept-language en-US,en;q=0.9 Referer https://djfhnusdi.ewtyiuxv.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 00:18:29 GMT last-modified Fri, 22 Nov 2019 01:15:46 GMT server tydcdn etag "5dd736c2-193e2" x-cache-status HIT content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 103394 expires Wed, 27 Dec 2023 12:54:41 GMT
GET H2	200	01.png djfhnusdi.ewtyiuxv.cc/images/	70 KB 71 KB	443ms 443ms	Image image/png	116.204.158.94 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Show image Full URL https://djfhnusdi.ewtyiuxv.cc/images/01.png Requested by Host: djfhnusdi.ewtyiuxv.cc URL: https://djfhnusdi.ewtyiuxv.cc/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 116.204.158.94 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software tydcdn / Resource Hash `ddab24615795199c7230dd51e8c151b95b1c1babbb2ebfcd7a9cb6607af46cb9` Request headers accept-language en-US,en;q=0.9 Referer https://djfhnusdi.ewtyiuxv.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 00:18:29 GMT last-modified Tue, 26 Sep 2023 12:27:31 GMT server tydcdn etag "6512ce33-119c3" x-cache-status HIT content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 72131 expires Wed, 27 Dec 2023 12:54:42 GMT
GET H2	200	ct1.js Show response djfhnusdi.ewtyiuxv.cc/js/	3 KB 1 KB	421ms 420ms	Script application/javascript	116.204.158.94 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://djfhnusdi.ewtyiuxv.cc/js/ct1.js Requested by Host: djfhnusdi.ewtyiuxv.cc URL: https://djfhnusdi.ewtyiuxv.cc/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 116.204.158.94 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software tydcdn / Resource Hash `50fff6a94fc6ff91bf211ed9e8322232ebe988f68d1be63ee1f0894369d27ab4` Request headers accept-language en-US,en;q=0.9 Referer https://djfhnusdi.ewtyiuxv.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 00:18:29 GMT content-encoding gzip last-modified Fri, 22 Nov 2019 01:16:02 GMT server tydcdn etag W/"5dd736d2-bb2" x-cache-status EXPIRED vary Accept-Encoding, Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Tue, 28 Nov 2023 12:18:29 GMT
GET H2	200	ct2.js Show response djfhnusdi.ewtyiuxv.cc/js/	7 KB 3 KB	421ms 421ms	Script application/javascript	116.204.158.94 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://djfhnusdi.ewtyiuxv.cc/js/ct2.js Requested by Host: djfhnusdi.ewtyiuxv.cc URL: https://djfhnusdi.ewtyiuxv.cc/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 116.204.158.94 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software tydcdn / Resource Hash `1b7eac09f8ae70c29e30b0aeeef1dc0a3f02c3a0a82501de648f2b7aaaa06de2` Request headers accept-language en-US,en;q=0.9 Referer https://djfhnusdi.ewtyiuxv.cc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 28 Nov 2023 00:18:29 GMT content-encoding gzip last-modified Fri, 22 Nov 2019 01:16:02 GMT server tydcdn etag W/"5dd736d2-1b29" x-cache-status EXPIRED vary Accept-Encoding, Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Tue, 28 Nov 2023 12:18:29 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

djfhnusdi.ewtyiuxv.cc
wzk2er.fewma.cc
xycp1314.com
116.204.158.94
23.225.71.76
23.251.33.122
1b7eac09f8ae70c29e30b0aeeef1dc0a3f02c3a0a82501de648f2b7aaaa06de2
50fff6a94fc6ff91bf211ed9e8322232ebe988f68d1be63ee1f0894369d27ab4
630f46724c0f655dfe4a85714b281c0fd4708cbd8b31fa553d8eeaf6963d4e6c
6cf4ae9732d6bbcfbe93e62241c37c8d3b1113b26e40738459011771e15dce5d
ddab24615795199c7230dd51e8c151b95b1c1babbb2ebfcd7a9cb6607af46cb9
e60075ba33fb20d03edce52e2b7d2b90c4608d36f8dd6a8db41707de07b99923
ee533653391f0c3122634d9dbedab4242b31cf6658fbe97bf890e8c8134dcc38
f0b9ddbe97be585aac24e2060ebfb3604f1361dab7cca72bcc1895be01bad3b7
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

djfhnusdi.ewtyiuxv.cc Open in urlscan Pro 116.204.158.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

238 kBTransfer

300 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

0 Cookies

Indicators

djfhnusdi.ewtyiuxv.cc Open in urlscan Pro
116.204.158.94 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

238 kB
Transfer

300 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions