hhhzzzbb1217ldy.gzgxsz.com
Open in
urlscan Pro
43.229.114.44
Public Scan
Submission: On December 17 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R11 on December 17th 2024. Valid for: 3 months.
This is the only time hhhzzzbb1217ldy.gzgxsz.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Downloads These files were downloaded by the website
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 43.229.114.44 43.229.114.44 | 138415 (YANCYLIMI...) (YANCYLIMITED-AS-HK Yancy Limited) | |
1 | 103.78.242.131 103.78.242.131 | 135542 (LIGHTCLOU...) (LIGHTCLOUD-AS-AP LIGHT CLOUD TECHNOLOGY) | |
1 3 | 170.33.12.233 170.33.12.233 | 134963 (ASEPL-AS-...) (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited) | |
1 | 18.172.111.133 18.172.111.133 | () () | |
16 | 4 |
ASN138415 (YANCYLIMITED-AS-HK Yancy Limited, HK)
hhhzzzbb1217ldy.gzgxsz.com |
ASN135542 (LIGHTCLOUD-AS-AP LIGHT CLOUD TECHNOLOGY, MY)
666kkk.dynlj.com |
ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG)
t2y8gj99mvju7e24.unitedcoasts.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
gzgxsz.com
hhhzzzbb1217ldy.gzgxsz.com |
864 KB |
3 |
unitedcoasts.com
1 redirects
t2y8gj99mvju7e24.unitedcoasts.com |
1 KB |
1 |
cloudfront.net
d2lrzpmq7gd63s.cloudfront.net |
|
1 |
dynlj.com
666kkk.dynlj.com |
277 B |
16 | 4 |
Domain | Requested by | |
---|---|---|
12 | hhhzzzbb1217ldy.gzgxsz.com |
hhhzzzbb1217ldy.gzgxsz.com
|
3 | t2y8gj99mvju7e24.unitedcoasts.com |
1 redirects
hhhzzzbb1217ldy.gzgxsz.com
|
1 | d2lrzpmq7gd63s.cloudfront.net |
hhhzzzbb1217ldy.gzgxsz.com
|
1 | 666kkk.dynlj.com |
hhhzzzbb1217ldy.gzgxsz.com
|
16 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
sjewdsggy.skwfvaptjntbikzb.xyz |
Subject Issuer | Validity | Valid | |
---|---|---|---|
hhhzzzbb1217yt.gzgxsz.com R11 |
2024-12-17 - 2025-03-17 |
3 months | crt.sh |
666kkk.dynlj.com R11 |
2024-09-28 - 2024-12-27 |
3 months | crt.sh |
*.unitedcoasts.com E5 |
2024-12-03 - 2025-03-03 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2024-07-30 - 2025-07-03 |
a year | crt.sh |
This page contains 1 frames:
Frame:
https://d2lrzpmq7gd63s.cloudfront.net/BBang.apk
Frame ID: 89DB4515D2200ABC7735F9E4118F730C
Requests: 16 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 14- https://t2y8gj99mvju7e24.unitedcoasts.com:6443/page/izka3qa5/install/c/eyJtIjoiRW8yZzg1VDNWaTRBQUFHVDFmQmxqcTlCNVhTT0s4NEFUbFBuWm9kdk1nUG1EQUFLRDl4WmFHWVRyRllscTJRQ09BUDZNQUJzR1h5UHFINEV6cmgzeFROMnhVNVpkOUFHa0txRWo2dWNPQXhQa0NDbmpVcVFlbUU5aFJUTWduQW9sQSJ9?p=0 HTTP 302
- https://d2lrzpmq7gd63s.cloudfront.net/BBang.apk
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
hhhzzzbb1217ldy.gzgxsz.com/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
crypto-js.min.js
hhhzzzbb1217ldy.gzgxsz.com/ |
47 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
decrypt.js
hhhzzzbb1217ldy.gzgxsz.com/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.css
hhhzzzbb1217ldy.gzgxsz.com/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.5.1.min.js
hhhzzzbb1217ldy.gzgxsz.com/js/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
appinstall.js
hhhzzzbb1217ldy.gzgxsz.com/js/ |
46 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
op.js
666kkk.dynlj.com/bb/ |
64 B 277 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yy006.abc
hhhzzzbb1217ldy.gzgxsz.com/pic/ |
9 KB 10 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yy001.abc
hhhzzzbb1217ldy.gzgxsz.com/pic/ |
68 KB 68 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yy003.abc
hhhzzzbb1217ldy.gzgxsz.com/pic/ |
299 KB 299 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yy004.abc
hhhzzzbb1217ldy.gzgxsz.com/pic/ |
273 KB 274 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yy005.abc
hhhzzzbb1217ldy.gzgxsz.com/pic/ |
54 KB 54 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yy002.abc
hhhzzzbb1217ldy.gzgxsz.com/pic/ |
88 KB 89 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
init
t2y8gj99mvju7e24.unitedcoasts.com/web/izka3qa5/_/ |
734 B 904 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
eyJtIjoiRUFabm5ndElhVDRBQUFHVDFmQmxqcFMxZi1BR0tfbk5LcVUyVUtsaWx3cXg4dVFhZ2c1OXFjeG5LTkprMk1JWXFrNmxhREw5SG1fX05DYUlmTjRuRUhpLTBXY0JjaEVKQ0kwQUF1a3AwaHFXTjQ1MFl1cHFYdGhiRGcybGFHYjNhZyJ9
t2y8gj99mvju7e24.unitedcoasts.com/web/izka3qa5/_/clicked/c/ |
0 294 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BBang.apk
d2lrzpmq7gd63s.cloudfront.net/ Redirect Chain
|
0 0 |
Document
application/vnd.android.package-archive |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| CryptoJS function| cryptoJsAesDecrypt function| cryptoJsAesEncrypt function| $ function| jQuery function| AppInstall string| serverapi1 function| DownSoft object| data0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
666kkk.dynlj.com
d2lrzpmq7gd63s.cloudfront.net
hhhzzzbb1217ldy.gzgxsz.com
t2y8gj99mvju7e24.unitedcoasts.com
103.78.242.131
170.33.12.233
18.172.111.133
43.229.114.44
218494bdc3c0b92d89fb6a6261756d22b502dab461bcb904ace973510a27843c
7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd
891dd5c866a27e2c279c46aae03f317f7b1e1faed6b01ed7e79342d85af33d1e
8c8a28249e327ad2fee76456e348bb92d298f2ca3cfb3d0b46cfe253f0bdb985
91ea2cfd574bce069ca787dd7fede84208fa8d0b8495b139cae1099691a692d4
a28c37f5f3b79db9794b17ee7f5686b177e381510a99b5d17273870789cf8145
aa8aa243b72212f2a07aa32623102496ae17340926dfd04fd69c684c6eda53d8
adf51913a9dddd3ca05a1080422cc08b19adbecb705473890992cf48dfa2feae
b2156da1f2cc35ce6237cc9e2fa37bb4a10f366fbdf22824c8643783a99a5628
d709873f0f1c3157757a5ecbdd8d981996120ca7e485057e2525210b6c91a188
d7f26b7cca2c4477bdbedcf1982816a2f3282929289779d04cbb25aa2da87138
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f68b3519d8306b9c1afa3622614a18fa66f9f304ac69734bb6364591e1928bde