wxllq.gz01.bdysite.com
Open in
urlscan Pro
150.138.249.207
Public Scan
Effective URL: http://wxllq.gz01.bdysite.com/gotopc.html
Submission: On February 13 via api from US
Summary
This is the only time wxllq.gz01.bdysite.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 103.121.92.140 103.121.92.140 | 137443 (ANCHGLOBA...) (ANCHGLOBAL-AS-AP Anchnet Asia Limited) | |
6 | 150.138.249.207 150.138.249.207 | 58540 (CHINATELE...) (CHINATELECOM-HUNAN-ZHUZHOU-MAN Zhuzhou) | |
1 | 120.222.213.208 120.222.213.208 | 24444 (CMNET-V4S...) (CMNET-V4SHANDONG-AS-AP Shandong Mobile Communication Company Limited) | |
2 | 58.215.145.248 58.215.145.248 | 23650 (CHINANET-...) (CHINANET-JS-AS-AP AS Number for CHINANET jiangsu province backbone) | |
1 | 2401:b180:200... 2401:b180:2000:20::23 | 37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.) | |
3 | 104.192.108.21 104.192.108.21 | 55992 (QIHOO Bei...) (QIHOO Beijing Qihu Technology Company Limited) | |
16 | 7 |
ASN58540 (CHINATELECOM-HUNAN-ZHUZHOU-MAN Zhuzhou, CN)
wxllq.gz01.bdysite.com |
ASN24444 (CMNET-V4SHANDONG-AS-AP Shandong Mobile Communication Company Limited, CN)
basejs.bj01.bdysite.com |
ASN23650 (CHINANET-JS-AS-AP AS Number for CHINANET jiangsu province backbone, CN)
s23.cnzz.com | |
c.cnzz.com |
ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
z5.cnzz.com |
ASN55992 (QIHOO Beijing Qihu Technology Company Limited, CN)
dl.360safe.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
bdysite.com
wxllq.gz01.bdysite.com basejs.bj01.bdysite.com |
16 KB |
3 |
360safe.com
dl.360safe.com |
|
3 |
cnzz.com
s23.cnzz.com c.cnzz.com z5.cnzz.com |
6 KB |
2 |
melogin.com
remote.melogin.com |
1 KB |
16 | 4 |
Domain | Requested by | |
---|---|---|
6 | wxllq.gz01.bdysite.com |
remote.melogin.com
wxllq.gz01.bdysite.com |
3 | dl.360safe.com |
wxllq.gz01.bdysite.com
|
2 | remote.melogin.com |
remote.melogin.com
|
1 | z5.cnzz.com |
wxllq.gz01.bdysite.com
|
1 | c.cnzz.com |
s23.cnzz.com
|
1 | s23.cnzz.com |
wxllq.gz01.bdysite.com
|
1 | basejs.bj01.bdysite.com |
wxllq.gz01.bdysite.com
|
16 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.cnzz.com |
Subject Issuer | Validity | Valid |
---|
This page contains 2 frames:
Primary Page:
http://wxllq.gz01.bdysite.com/gotopc.html
Frame ID: 94DD7739CB18FD9450BD395951D0F5E4
Requests: 8 HTTP requests in this frame
Frame:
http://dl.360safe.com/netunion/20140425/360safe+251289+n7ddbb65c96.exe
Frame ID: DEA4F7044BC992F9F5898B6EA8A47B99
Requests: 8 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://remote.melogin.com/ Page URL
- http://wxllq.gz01.bdysite.com/gotopc.html Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: 站长统计
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://remote.melogin.com/ Page URL
- http://wxllq.gz01.bdysite.com/gotopc.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
remote.melogin.com/ |
158 B 539 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
goto.js
remote.melogin.com/ |
1 KB 990 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
gotopc.html
wxllq.gz01.bdysite.com/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
goto.js
wxllq.gz01.bdysite.com/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
douyin.png
basejs.bj01.bdysite.com/pic/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
z_stat.php
s23.cnzz.com/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core.php
c.cnzz.com/ |
969 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stat.htm
z5.cnzz.com/ |
2 B 245 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
apk.html
wxllq.gz01.bdysite.com/ Frame DEA4 |
599 B 960 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
360safe+251289+n7ddbb65c96.exe
dl.360safe.com/netunion/20140425/ Frame DEA4 |
0 0 |
Document
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
apk.html
wxllq.gz01.bdysite.com/ Frame DEA4 |
599 B 960 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
360safe+251289+n7ddbb65c96.exe
dl.360safe.com/netunion/20140425/ Frame DEA4 |
0 0 |
Document
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
apk.html
wxllq.gz01.bdysite.com/ Frame DEA4 |
599 B 960 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
360safe+251289+n7ddbb65c96.exe
dl.360safe.com/netunion/20140425/ Frame DEA4 |
0 0 |
Document
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
apk.html
wxllq.gz01.bdysite.com/ Frame DEA4 |
599 B 960 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
360safe+251289+n7ddbb65c96.exe
dl.360safe.com/netunion/20140425/ Frame DEA4 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- dl.360safe.com
- URL
- http://dl.360safe.com/netunion/20140425/360safe+251289+n7ddbb65c96.exe
Verdicts & Comments Add Verdict or Comment
12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| goDownload function| IsPC string| cnzz_protocol object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1276082832 object| cnzz_image_1492791848 function| jsCopy function| jsCopy10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
basejs.bj01.bdysite.com
c.cnzz.com
dl.360safe.com
remote.melogin.com
s23.cnzz.com
wxllq.gz01.bdysite.com
z5.cnzz.com
dl.360safe.com
103.121.92.140
104.192.108.21
120.222.213.208
150.138.249.207
2401:b180:2000:20::23
58.215.145.248
2bd907d420a4ab5b3455ed79b0c89d4cf54241d0ea18dd38f24131c6ac1de05e
2c157a6ac27508ab55f020b1bc8574770c2339d7a57580622b21054970fb4846
2f19a23bb5938f5190c9db7396253e0475be4146a33d1c73cd06806a58c8f6d1
5400bbbc729c45fea71d79e81d3aafd39dfcad1850eea8bc27cdfda620090782
ab42b63aa08a5241b592d2c400da6d20ad82bbccafdc6df0b6028537f9fa12cd
c3e5c85d059df961a01d4700dc8ec680ddd25b6cf1ce9bb3e7b3a3ac2b193979
de3774ea2cd85447094cddb83b1b83f7166225bf84a2bccb6d8250d262292594
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e428238c8cb72e44ec6d063f53b9e20920486d00f5806c2039a7c55732eeca82