urlscan.io logo urlscan.io
SecurityTrails logo

ld-down-1.hjvmrkd.cn Open in urlscan Pro
218.93.204.41  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cdbrbc.cn/
Effective URL: https://ld-down-1.hjvmrkd.cn/
Submission: On February 21 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 14 HTTP transactions. The main IP is 218.93.204.41, located in China and belongs to CHINANET-BACKBONE No.31,Jin-rong Street, CN. The main domain is ld-down-1.hjvmrkd.cn.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 13th 2023. Valid for: 9 months.
This is the only time ld-down-1.hjvmrkd.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 209.209.49.167 399626 (GROUP-IID...)
6 218.93.204.41 4134 (CHINANET-...)
2 240e:e9:9005:... 23650 (CHINANET-...)
1 2408:873c:7a0... 4837 (CHINA169-...)
1 2401:b180:700... 37963 (ALIBABA-C...)
1 180.97.198.41 140292 (CHINATELE...)
1 18.167.91.167 16509 (AMAZON-02)
1 58.216.118.199 4134 (CHINANET-...)
14 9
1    209.209.49.167 (Hong Kong)

ASN399626 (GROUP-IID-002, US)
cdbrbc.cn
6    218.93.204.41 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
ld-down-1.hjvmrkd.cn
2    240e:e9:9005:5:3::3ed (China)

ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN)
s9.cnzz.com
c.cnzz.com
1    2408:873c:7a00:2000::5 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
z12.cnzz.com
1    2401:b180:7003::1ac (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
cnzz.mmstat.com
1    180.97.198.41 (China)

ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN)
tupian.51shop.online
1    18.167.91.167 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-167-91-167.ap-east-1.compute.amazonaws.com
api.jttv03.cc
1    58.216.118.199 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
filelong.dzeyu.com
Apex Domain
Subdomains		 Transfer
6 hjvmrkd.cn
ld-down-1.hjvmrkd.cn
1022 KB
3 cnzz.com
s9.cnzz.com — Cisco Umbrella Rank: 83926
c.cnzz.com — Cisco Umbrella Rank: 73693
z12.cnzz.com — Cisco Umbrella Rank: 263546
5 KB
1 dzeyu.com
filelong.dzeyu.com
10 KB
1 jttv03.cc
api.jttv03.cc
2 KB
1 51shop.online
tupian.51shop.online
198 KB
1 mmstat.com
cnzz.mmstat.com — Cisco Umbrella Rank: 86870
464 B
1 cdbrbc.cn
cdbrbc.cn
997 B
14 7
Domain Requested by
6 ld-down-1.hjvmrkd.cn ld-down-1.hjvmrkd.cn
1 filelong.dzeyu.com ld-down-1.hjvmrkd.cn
1 api.jttv03.cc ld-down-1.hjvmrkd.cn
1 tupian.51shop.online ld-down-1.hjvmrkd.cn
1 cnzz.mmstat.com ld-down-1.hjvmrkd.cn
1 z12.cnzz.com ld-down-1.hjvmrkd.cn
1 c.cnzz.com s9.cnzz.com
1 s9.cnzz.com ld-down-1.hjvmrkd.cn
1 cdbrbc.cn
14 9

This site contains links to these domains. Also see Links.

Domain
sdfda.n7e.cn
rkn2d2.shop
www.cnzz.com
Subject Issuer Validity Valid
6.1708.ca
R3		 2023-01-22 -
2023-04-22		 3 months crt.sh
ld-down-1.hjvmrkd.cn
Sectigo RSA Domain Validation Secure Server CA		 2023-01-13 -
2023-10-03		 9 months crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G3		 2023-01-28 -
2024-02-29		 a year crt.sh
*.mmstat.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-07-18 -
2023-08-19		 a year crt.sh
tupian.51shop.online
Sectigo RSA Domain Validation Secure Server CA		 2022-12-02 -
2024-01-02		 a year crt.sh
api.jttv03.cc
Sectigo RSA Domain Validation Secure Server CA		 2022-11-12 -
2023-12-13		 a year crt.sh
filelong.dzeyu.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-10 -
2024-02-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ld-down-1.hjvmrkd.cn/
Frame ID: 2EB8E96619E808721943943C5BDC689D
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Document

Page URL History Show full URLs

  1. https://cdbrbc.cn/ Page URL
  2. https://ld-down-1.hjvmrkd.cn/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //[^./]+\.cnzz\.com/(?:z_stat.php|core)\?

Page Statistics

14
Requests

93 %
HTTPS

38 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

1239 kB
Transfer

1559 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cdbrbc.cn/ Page URL
  2. https://ld-down-1.hjvmrkd.cn/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
cdbrbc.cn/ 		2 KB
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdbrbc.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.209.49.167 , Hong Kong, ASN399626 (GROUP-IID-002, US),
Reverse DNS
Software
nginx /
Resource Hash
0483d45ff5d45ea43ed499dfa36071b2ef3f985d8dfe1cf4ade18bc2c94c5a08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 21 Feb 2023 11:55:18 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
Primary Request /
ld-down-1.hjvmrkd.cn/ 		15 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ld-down-1.hjvmrkd.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
218.93.204.41 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
83b38469cf27f3c72784c24954cdf9dcf3b9a74b67519ed2b5a471b4f3c5aa41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://cdbrbc.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
101309
content-encoding
gzip
content-length
1918
content-type
text/html
date
Tue, 21 Feb 2023 11:55:23 GMT
etag
W/"63f323f7-3cef"
last-modified
Mon, 20 Feb 2023 07:40:39 GMT
ohc-cache-hit
sqctcache67 [2]
ohc-file-size
1918
ohc-global-saved-time
Mon, 20 Feb 2023 07:43:20 GMT
server
JSP3/2.0.14
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache-status
HIT
x-m-log
QNM:lac62;QNM3
x-m-reqid
uA4AACnDjtHCeEUX
x-qnm-cache
Hit
app.1676878682205.js
ld-down-1.hjvmrkd.cn/ 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ld-down-1.hjvmrkd.cn/app.1676878682205.js
Requested by
Host: ld-down-1.hjvmrkd.cn
URL: https://ld-down-1.hjvmrkd.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
218.93.204.41 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
cb07940c8ca4a1c791325e8a502b33c6d257b36628b03fb5650c376ea20b0ae9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ld-down-1.hjvmrkd.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

ohc-file-size
22678
date
Tue, 21 Feb 2023 11:55:23 GMT
strict-transport-security
max-age=31536000
age
101308
x-cache-status
HIT
content-length
22678
x-m-reqid
uA4AANvyXwTDeEUX
x-m-log
QNM:lac62;QNM3
ohc-cache-hit
sqctcache70 [2]
last-modified
Mon, 20 Feb 2023 07:40:39 GMT
server
JSP3/2.0.14
etag
"63f323f7-5896"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
ohc-global-saved-time
Mon, 20 Feb 2023 07:43:21 GMT
x-qnm-cache
Hit
expires
Mon, 20 Feb 2023 19:43:22 GMT
chunk-vendors.1676878682205.js
ld-down-1.hjvmrkd.cn/ 		391 KB
392 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ld-down-1.hjvmrkd.cn/chunk-vendors.1676878682205.js
Requested by
Host: ld-down-1.hjvmrkd.cn
URL: https://ld-down-1.hjvmrkd.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
218.93.204.41 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
251a0151ce988a44e41199e56f376986783c514c1d8b65f6d19200697ecdee65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ld-down-1.hjvmrkd.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

ohc-file-size
400819
date
Tue, 21 Feb 2023 11:55:23 GMT
strict-transport-security
max-age=31536000
age
101308
x-cache-status
HIT
content-length
400819
x-m-reqid
I58BAEUfKf_CeEUX
x-m-log
QNM:lac61;QNM3
ohc-cache-hit
sqctcache52 [2]
last-modified
Mon, 20 Feb 2023 07:40:39 GMT
server
JSP3/2.0.14
etag
"63f323f7-61db3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
ohc-global-saved-time
Mon, 20 Feb 2023 07:43:21 GMT
x-qnm-cache
Hit
expires
Mon, 20 Feb 2023 19:43:21 GMT
app.74ceccf4.css
ld-down-1.hjvmrkd.cn/css/ 		408 KB
409 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ld-down-1.hjvmrkd.cn/css/app.74ceccf4.css
Requested by
Host: ld-down-1.hjvmrkd.cn
URL: https://ld-down-1.hjvmrkd.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
218.93.204.41 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
9e3570566b71a30e4a1093ad11dc9a8509fcb8ecc4eb637f58462d4a6a24eab2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ld-down-1.hjvmrkd.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

ohc-file-size
417519
date
Tue, 21 Feb 2023 11:55:23 GMT
strict-transport-security
max-age=31536000
age
101308
x-cache-status
HIT
content-length
417519
x-m-reqid
pg0AACK8ZgLDeEUX
x-m-log
QNM:lac60;QNM3
ohc-cache-hit
sqctcache63 [2]
last-modified
Mon, 20 Feb 2023 07:40:39 GMT
server
JSP3/2.0.14
etag
"63f323f7-65eef"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
accept-ranges
bytes
ohc-global-saved-time
Mon, 20 Feb 2023 07:43:21 GMT
x-qnm-cache
Hit
expires
Mon, 20 Feb 2023 19:43:21 GMT
chunk-vendors.ce30c924.css
ld-down-1.hjvmrkd.cn/css/ 		153 KB
154 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ld-down-1.hjvmrkd.cn/css/chunk-vendors.ce30c924.css
Requested by
Host: ld-down-1.hjvmrkd.cn
URL: https://ld-down-1.hjvmrkd.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
218.93.204.41 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
f1a20b51ed3dc2764ec3ccde6374af3801c6340c743eeb79ac0798be0976bef1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ld-down-1.hjvmrkd.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

ohc-file-size
156872
date
Tue, 21 Feb 2023 11:55:23 GMT
strict-transport-security
max-age=31536000
age
101317
x-cache-status
HIT
content-length
156872
x-m-reqid
pg0AAOBnv-_AeEUX
x-m-log
QNM:lac60;QNM3
ohc-cache-hit
sqctcache65 [2]
last-modified
Fri, 13 Jan 2023 08:38:24 GMT
server
JSP3/2.0.14
etag
"63c11880-264c8"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
accept-ranges
bytes
ohc-global-saved-time
Mon, 20 Feb 2023 07:43:21 GMT
x-qnm-cache
Hit
expires
Mon, 20 Feb 2023 19:43:21 GMT
z_stat.php
s9.cnzz.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s9.cnzz.com/z_stat.php?id=1281217861
Requested by
Host: ld-down-1.hjvmrkd.cn
URL: https://ld-down-1.hjvmrkd.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:e9:9005:5:3::3ed , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
7a3134828eae6a0e8050b0e605160810e1fe165d4af830f7a1c1115e36e3ed12

Request headers

Referer
https://ld-down-1.hjvmrkd.cn/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 21 Feb 2023 11:31:32 GMT
content-encoding
gzip
via
cache73.l2cn3032[62,62,200-0,M], cache77.l2cn3032[63,0], cache34.cn2175[0,0,200-0,H], cache21.cn2175[0,0]
age
1433
x-swift-cachetime
3600
x-powered-by
PHP/5.5.25
x-cache
HIT TCP_MEM_HIT dirn:10:143797149
x-swift-savetime
Tue, 21 Feb 2023 11:31:32 GMT
content-length
4049
last-modified
Tue, 21 Feb 2023 11:31:32 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1676979092
content-type
application/javascript
cache-control
max-age=1800,s-maxage=3600
timing-allow-origin
*
eagleid
3ad79d2916769805256332038e
core.php
c.cnzz.com/ 		970 B
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.cnzz.com/core.php?web_id=1281217861&t=z
Requested by
Host: s9.cnzz.com
URL: https://s9.cnzz.com/z_stat.php?id=1281217861
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:e9:9005:5:3::3ed , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
d5a5ea063ed35c107dd40dac2ae590305754f7f22fbc159097e9603385103558

Request headers

Referer
https://ld-down-1.hjvmrkd.cn/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 21 Feb 2023 11:50:22 GMT
content-encoding
gzip
via
cache42.l2cn3032[36,35,200-0,M], cache53.l2cn3032[37,0], cache11.cn2175[0,0,200-0,H], cache21.cn2175[0,0]
age
303
x-swift-cachetime
900
x-powered-by
PHP/5.5.25
x-cache
HIT TCP_MEM_HIT dirn:9:226952887
x-swift-savetime
Tue, 21 Feb 2023 11:50:22 GMT
content-length
621
last-modified
Tue, 21 Feb 2023 11:50:22 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1676980222
content-type
application/javascript
timing-allow-origin
*
eagleid
3ad79d2916769805258312129e
expires
Tue, 21 Feb 2023 12:05:22 GMT
stat.htm
z12.cnzz.com/ 		2 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z12.cnzz.com/stat.htm?id=1281217861&r=https%3A%2F%2Fcdbrbc.cn%2F&lg=en-us&ntime=none&cnzz_eid=298707823-1676979092-https%3A%2F%2Fcdbrbc.cn%2F&showp=1600x1200&p=https%3A%2F%2Fld-down-1.hjvmrkd.cn%2F&t=Document&umuuid=18673d41aa6ef7-0d6896fa31dab-683f5457-1d4c00-18673d41aa782d&h=1&rnd=879738631
Requested by
Host: ld-down-1.hjvmrkd.cn
URL: https://ld-down-1.hjvmrkd.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2408:873c:7a00:2000::5 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ld-down-1.hjvmrkd.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 11:55:27 GMT
content-encoding
gzip
server
Tengine
vary
Accept-Encoding
content-type
text/html; charset=utf-8
9.gif
cnzz.mmstat.com/ 		43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnzz.mmstat.com/9.gif?abc=1&rnd=341958576
Requested by
Host: ld-down-1.hjvmrkd.cn
URL: https://ld-down-1.hjvmrkd.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:b180:7003::1ac , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ld-down-1.hjvmrkd.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Feb 2023 11:55:27 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
mtx.png
tupian.51shop.online/ 		197 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tupian.51shop.online/mtx.png
Requested by
Host: ld-down-1.hjvmrkd.cn
URL: https://ld-down-1.hjvmrkd.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
180.97.198.41 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
6c34b0f55a3658f5eb702ecbadbbb057ce2e7c5d071ea99e5c24df16c9f343fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ld-down-1.hjvmrkd.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

ohc-file-size
201557
x-log
X-Log
date
Tue, 21 Feb 2023 11:55:28 GMT
x-svr
IO
content-md5
3SLtBv8TnjVruU70YcFu6A==
age
304
x-reqid
4IAAAABe_JR5xDoX
x-cache-status
HIT
content-transfer-encoding
binary
content-disposition
inline; filename="mtx.png"; filename*=utf-8''mtx.png
content-length
201557
x-m-reqid
6C4AAP_fMJV5xDoX
x-m-log
QNM:gzh135;SRCPROXY:gzh439;SRC:12;SRCPROXY:12;QNM3:18
ohc-cache-hit
suz4ct52 [2]
last-modified
Mon, 16 Jan 2023 10:49:55 GMT
server
JSP3/2.0.14
etag
"FtUfiCgnDLY6d6s9jCi6deDkwwTr"
access-control-max-age
2592000
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
x-qiniu-zone
2
x-qnm-cache
Miss
ohc-global-saved-time
Tue, 21 Feb 2023 11:50:24 GMT
newDownLoad.bec37912.png
ld-down-1.hjvmrkd.cn/img/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ld-down-1.hjvmrkd.cn/img/newDownLoad.bec37912.png
Requested by
Host: ld-down-1.hjvmrkd.cn
URL: https://ld-down-1.hjvmrkd.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
218.93.204.41 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
728485b4ee6abfa4c8be63508b38402ef12ae3038f81e697e9569cc4d5ccd856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ld-down-1.hjvmrkd.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

ohc-file-size
43308
date
Tue, 21 Feb 2023 11:55:26 GMT
strict-transport-security
max-age=31536000
age
101309
x-cache-status
HIT
content-length
43308
x-m-reqid
pg0AAO8RgHDDeEUX
x-m-log
QNM:lac60;QNM3
ohc-cache-hit
sqctcache65 [2]
last-modified
Mon, 16 Jan 2023 10:55:21 GMT
server
JSP3/2.0.14
etag
"63c52d19-a92c"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
ohc-global-saved-time
Mon, 20 Feb 2023 07:43:26 GMT
x-qnm-cache
Hit
expires
Wed, 22 Mar 2023 07:43:26 GMT
downList
api.jttv03.cc/shorter/resource/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.jttv03.cc/shorter/resource/downList?appId=1005&channel=100000&cliSign=f2495792c9e77f03&device=e4474f44d8b25e158062a3aaca4cf69b&modelCode=MODEL_TWO&pageNo=1&pageSize=100&platform=5&sysVersion=h5&type=1&version=100003&adSpaceIds=12,13&moduleType=5
Requested by
Host: ld-down-1.hjvmrkd.cn
URL: https://ld-down-1.hjvmrkd.cn/chunk-vendors.1676878682205.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.167.91.167 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-167-91-167.ap-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
752801bb7645699128b4fd217d52d23bb2a92e39960e8b3be143cb14c8878ee4

Request headers

Accept
application/json, text/plain, */*
Referer
https://ld-down-1.hjvmrkd.cn/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Tue, 21 Feb 2023 11:55:26 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*
Accept
application/json
Connection
keep-alive
truncated
/ 		298 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d9ff43f513063b270b52e6b180915f80c119a0431b144cedf4966892390b5ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/gif
JT10142113070543
filelong.dzeyu.com/34ac984e-b887-4c3c-acdf-1293cf7e15eb/adsyn/ 		9 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://filelong.dzeyu.com/34ac984e-b887-4c3c-acdf-1293cf7e15eb/adsyn/JT10142113070543
Requested by
Host: ld-down-1.hjvmrkd.cn
URL: https://ld-down-1.hjvmrkd.cn/chunk-vendors.1676878682205.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.216.118.199 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
3d8b89013470c9a5ed824df6998675caadf22e385eeda46e148670547d3778d0

Request headers

Accept
application/json, text/plain, */*
Referer
https://ld-down-1.hjvmrkd.cn/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 11:50:26 GMT
via
cache14.l2cn1816[182,186,304-0,M], cache35.l2cn1816[187,0], kunlun8.cn1310[0,0,200-0,H], kunlun8.cn1310[5,0]
x-oss-request-id
63F4B0025337553032D0C84D
content-md5
G8h2EV2dVvJ56O4laLACvg==
age
302
x-swift-cachetime
3600
x-cache
HIT TCP_MEM_HIT dirn:11:878250557
x-swift-savetime
Tue, 21 Feb 2023 11:50:26 GMT
content-length
9344
x-oss-object-type
Normal
last-modified
Fri, 14 Oct 2022 12:43:35 GMT
server
Tengine
etag
"1BC876115D9D56F279E8EE2568B002BE"
access-control-max-age
0
access-control-allow-methods
*
content-type
application/octet-stream
access-control-allow-origin
*
ali-swift-global-savetime
1676980226
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
11854346264354538482
eagleid
3ad8769c16769805289785441e
x-oss-server-time
12
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ebd78b8625915b63c495e24a88a59e17a21afa24156cb4918fe725d89ff8a11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpeg

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange object| _hmt object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1281217861 object| cnzz_image_638019001 object| cnzz_image_2019978196 object| webpackJsonp

5 Cookies

Domain/Path Name / Value
.hjvmrkd.cn/ Name: UM_distinctid
Value: 18673d41aa6ef7-0d6896fa31dab-683f5457-1d4c00-18673d41aa782d
ld-down-1.hjvmrkd.cn/ Name: CNZZDATA1281217861
Value: 298707823-1676979092-https%253A%252F%252Fcdbrbc.cn%252F%7C1676979092
.mmstat.com/ Name: cna
Value: L597HMQWuDECAQAAAAADYHsO
.cnzz.mmstat.com/ Name: sca
Value: c4bb67e2
.cnzz.mmstat.com/ Name: atpsida
Value: 883132cb046dddc39fcadd2a_1676980527_1

4 Console Messages

Source Level URL
Text
javascript warning URL: https://ld-down-1.hjvmrkd.cn/(Line 166)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://s9.cnzz.com/z_stat.php?id=1281217861, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ld-down-1.hjvmrkd.cn/(Line 166)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://s9.cnzz.com/z_stat.php?id=1281217861, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://s9.cnzz.com/z_stat.php?id=1281217861
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/core.php?web_id=1281217861&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://s9.cnzz.com/z_stat.php?id=1281217861
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/core.php?web_id=1281217861&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.jttv03.cc
c.cnzz.com
cdbrbc.cn
cnzz.mmstat.com
filelong.dzeyu.com
ld-down-1.hjvmrkd.cn
s9.cnzz.com
tupian.51shop.online
z12.cnzz.com
18.167.91.167
180.97.198.41
209.209.49.167
218.93.204.41
2401:b180:7003::1ac
2408:873c:7a00:2000::5
240e:e9:9005:5:3::3ed
58.216.118.199
0483d45ff5d45ea43ed499dfa36071b2ef3f985d8dfe1cf4ade18bc2c94c5a08
0d9ff43f513063b270b52e6b180915f80c119a0431b144cedf4966892390b5ee
251a0151ce988a44e41199e56f376986783c514c1d8b65f6d19200697ecdee65
3d8b89013470c9a5ed824df6998675caadf22e385eeda46e148670547d3778d0
4ebd78b8625915b63c495e24a88a59e17a21afa24156cb4918fe725d89ff8a11
6c34b0f55a3658f5eb702ecbadbbb057ce2e7c5d071ea99e5c24df16c9f343fd
728485b4ee6abfa4c8be63508b38402ef12ae3038f81e697e9569cc4d5ccd856
752801bb7645699128b4fd217d52d23bb2a92e39960e8b3be143cb14c8878ee4
7a3134828eae6a0e8050b0e605160810e1fe165d4af830f7a1c1115e36e3ed12
83b38469cf27f3c72784c24954cdf9dcf3b9a74b67519ed2b5a471b4f3c5aa41
9e3570566b71a30e4a1093ad11dc9a8509fcb8ecc4eb637f58462d4a6a24eab2
cb07940c8ca4a1c791325e8a502b33c6d257b36628b03fb5650c376ea20b0ae9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5a5ea063ed35c107dd40dac2ae590305754f7f22fbc159097e9603385103558
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a20b51ed3dc2764ec3ccde6374af3801c6340c743eeb79ac0798be0976bef1