URL: https://hhhzzzbb1217ldy.gzgxsz.com/
Submission: On December 17 via api from US — Scanned from DE

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 16 HTTP transactions. The main IP is 43.229.114.44, located in Korea, Republic Of and belongs to YANCYLIMITED-AS-HK Yancy Limited, HK. The main domain is hhhzzzbb1217ldy.gzgxsz.com.
TLS certificate: Issued by R11 on December 17th 2024. Valid for: 3 months.
This is the only time hhhzzzbb1217ldy.gzgxsz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Size: 78 MB (81768577 bytes, 0% done)
Downloaded from: https://d2lrzpmq7gd63s.cloudfront.net/BBang.apk

Domain & IP information

IP Address AS Autonomous System
12 43.229.114.44 138415 (YANCYLIMI...)
1 103.78.242.131 135542 (LIGHTCLOU...)
1 3 170.33.12.233 134963 (ASEPL-AS-...)
1 18.172.111.133 ()
16 4
Domain Requested by
12 hhhzzzbb1217ldy.gzgxsz.com hhhzzzbb1217ldy.gzgxsz.com
3 t2y8gj99mvju7e24.unitedcoasts.com 1 redirects hhhzzzbb1217ldy.gzgxsz.com
1 d2lrzpmq7gd63s.cloudfront.net hhhzzzbb1217ldy.gzgxsz.com
1 666kkk.dynlj.com hhhzzzbb1217ldy.gzgxsz.com
16 4

This site contains links to these domains. Also see Links.

Domain
sjewdsggy.skwfvaptjntbikzb.xyz
Subject Issuer Validity Valid
hhhzzzbb1217yt.gzgxsz.com
R11
2024-12-17 -
2025-03-17
3 months crt.sh
666kkk.dynlj.com
R11
2024-09-28 -
2024-12-27
3 months crt.sh
*.unitedcoasts.com
E5
2024-12-03 -
2025-03-03
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh

This page contains 1 frames:

Frame: https://d2lrzpmq7gd63s.cloudfront.net/BBang.apk
Frame ID: 89DB4515D2200ABC7735F9E4118F730C
Requests: 16 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

866 kB
Transfer

978 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://t2y8gj99mvju7e24.unitedcoasts.com:6443/page/izka3qa5/install/c/eyJtIjoiRW8yZzg1VDNWaTRBQUFHVDFmQmxqcTlCNVhTT0s4NEFUbFBuWm9kdk1nUG1EQUFLRDl4WmFHWVRyRllscTJRQ09BUDZNQUJzR1h5UHFINEV6cmgzeFROMnhVNVpkOUFHa0txRWo2dWNPQXhQa0NDbmpVcVFlbUU5aFJUTWduQW9sQSJ9?p=0 HTTP 302
  • https://d2lrzpmq7gd63s.cloudfront.net/BBang.apk

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
hhhzzzbb1217ldy.gzgxsz.com/
3 KB
2 KB
Document
General
Full URL
https://hhhzzzbb1217ldy.gzgxsz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.229.114.44 , Korea, Republic Of, ASN138415 (YANCYLIMITED-AS-HK Yancy Limited, HK),
Reverse DNS
Software
superedge /
Resource Hash
91ea2cfd574bce069ca787dd7fede84208fa8d0b8495b139cae1099691a692d4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization, Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 17 Dec 2024 18:45:19 GMT
ETag
W/"67616cde-be4"
Last-Modified
Tue, 17 Dec 2024 12:21:50 GMT
Server
superedge
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding
X-Cache-Status
MISS
crypto-js.min.js
hhhzzzbb1217ldy.gzgxsz.com/
47 KB
17 KB
Script
General
Full URL
https://hhhzzzbb1217ldy.gzgxsz.com/crypto-js.min.js
Requested by
Host: hhhzzzbb1217ldy.gzgxsz.com
URL: https://hhhzzzbb1217ldy.gzgxsz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.229.114.44 , Korea, Republic Of, ASN138415 (YANCYLIMITED-AS-HK Yancy Limited, HK),
Reverse DNS
Software
superedge /
Resource Hash
eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hhhzzzbb1217ldy.gzgxsz.com/

Response headers

Content-Encoding
gzip
ETag
W/"66f16466-bb78"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Expires
Wed, 18 Dec 2024 06:45:19 GMT
Date
Tue, 17 Dec 2024 18:45:19 GMT
Content-Type
application/javascript
Vary
Accept-Encoding, Accept-Encoding
Last-Modified
Mon, 23 Sep 2024 12:51:50 GMT
Access-Control-Allow-Headers
Authorization, Origin, X-Requested-With, Content-Type, Accept
Transfer-Encoding
chunked
X-Cache-Status
MISS
Cache-Control
max-age=43200
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Server
superedge
decrypt.js
hhhzzzbb1217ldy.gzgxsz.com/
1 KB
1 KB
Script
General
Full URL
https://hhhzzzbb1217ldy.gzgxsz.com/decrypt.js
Requested by
Host: hhhzzzbb1217ldy.gzgxsz.com
URL: https://hhhzzzbb1217ldy.gzgxsz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.229.114.44 , Korea, Republic Of, ASN138415 (YANCYLIMITED-AS-HK Yancy Limited, HK),
Reverse DNS
Software
superedge /
Resource Hash
adf51913a9dddd3ca05a1080422cc08b19adbecb705473890992cf48dfa2feae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hhhzzzbb1217ldy.gzgxsz.com/

Response headers

Content-Encoding
gzip
ETag
W/"66f16467-42c"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Expires
Wed, 18 Dec 2024 06:45:19 GMT
Date
Tue, 17 Dec 2024 18:45:20 GMT
Content-Type
application/javascript
Vary
Accept-Encoding, Accept-Encoding
Last-Modified
Mon, 23 Sep 2024 12:51:51 GMT
Access-Control-Allow-Headers
Authorization, Origin, X-Requested-With, Content-Type, Accept
Transfer-Encoding
chunked
X-Cache-Status
MISS
Cache-Control
max-age=43200
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Server
superedge
index.css
hhhzzzbb1217ldy.gzgxsz.com/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://hhhzzzbb1217ldy.gzgxsz.com/css/index.css
Requested by
Host: hhhzzzbb1217ldy.gzgxsz.com
URL: https://hhhzzzbb1217ldy.gzgxsz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.229.114.44 , Korea, Republic Of, ASN138415 (YANCYLIMITED-AS-HK Yancy Limited, HK),
Reverse DNS
Software
superedge /
Resource Hash
d7f26b7cca2c4477bdbedcf1982816a2f3282929289779d04cbb25aa2da87138

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hhhzzzbb1217ldy.gzgxsz.com/

Response headers

Content-Encoding
gzip
ETag
W/"66f16480-73b"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Expires
Wed, 18 Dec 2024 06:45:19 GMT
Date
Tue, 17 Dec 2024 18:45:20 GMT
Content-Type
text/css
Vary
Accept-Encoding, Accept-Encoding
Last-Modified
Mon, 23 Sep 2024 12:52:16 GMT
Access-Control-Allow-Headers
Authorization, Origin, X-Requested-With, Content-Type, Accept
Transfer-Encoding
chunked
X-Cache-Status
MISS
Cache-Control
max-age=43200
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Server
superedge
jquery-3.5.1.min.js
hhhzzzbb1217ldy.gzgxsz.com/js/
87 KB
31 KB
Script
General
Full URL
https://hhhzzzbb1217ldy.gzgxsz.com/js/jquery-3.5.1.min.js
Requested by
Host: hhhzzzbb1217ldy.gzgxsz.com
URL: https://hhhzzzbb1217ldy.gzgxsz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.229.114.44 , Korea, Republic Of, ASN138415 (YANCYLIMITED-AS-HK Yancy Limited, HK),
Reverse DNS
Software
superedge /
Resource Hash
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hhhzzzbb1217ldy.gzgxsz.com/

Response headers

Content-Encoding
gzip
ETag
W/"66f16494-15d86"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Expires
Wed, 18 Dec 2024 06:45:19 GMT
Date
Tue, 17 Dec 2024 18:45:20 GMT
Content-Type
application/javascript
Vary
Accept-Encoding, Accept-Encoding
Last-Modified
Mon, 23 Sep 2024 12:52:36 GMT
Access-Control-Allow-Headers
Authorization, Origin, X-Requested-With, Content-Type, Accept
Transfer-Encoding
chunked
X-Cache-Status
MISS
Cache-Control
max-age=43200
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Server
superedge
appinstall.js
hhhzzzbb1217ldy.gzgxsz.com/js/
46 KB
18 KB
Script
General
Full URL
https://hhhzzzbb1217ldy.gzgxsz.com/js/appinstall.js
Requested by
Host: hhhzzzbb1217ldy.gzgxsz.com
URL: https://hhhzzzbb1217ldy.gzgxsz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.229.114.44 , Korea, Republic Of, ASN138415 (YANCYLIMITED-AS-HK Yancy Limited, HK),
Reverse DNS
Software
superedge /
Resource Hash
7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hhhzzzbb1217ldy.gzgxsz.com/

Response headers

Content-Encoding
gzip
ETag
W/"66f16491-b9e1"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Expires
Wed, 18 Dec 2024 06:45:19 GMT
Date
Tue, 17 Dec 2024 18:45:20 GMT
Content-Type
application/javascript
Vary
Accept-Encoding, Accept-Encoding
Last-Modified
Mon, 23 Sep 2024 12:52:33 GMT
Access-Control-Allow-Headers
Authorization, Origin, X-Requested-With, Content-Type, Accept
Transfer-Encoding
chunked
X-Cache-Status
MISS
Cache-Control
max-age=43200
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Server
superedge
op.js
666kkk.dynlj.com/bb/
64 B
277 B
Script
General
Full URL
https://666kkk.dynlj.com/bb/op.js
Requested by
Host: hhhzzzbb1217ldy.gzgxsz.com
URL: https://hhhzzzbb1217ldy.gzgxsz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.78.242.131 Malacca, Malaysia, ASN135542 (LIGHTCLOUD-AS-AP LIGHT CLOUD TECHNOLOGY, MY),
Reverse DNS
Software
nginx /
Resource Hash
b2156da1f2cc35ce6237cc9e2fa37bb4a10f366fbdf22824c8643783a99a5628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hhhzzzbb1217ldy.gzgxsz.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
etag
"676135e7-40"
expires
Wed, 18 Dec 2024 06:45:21 GMT
accept-ranges
bytes
content-length
64
date
Tue, 17 Dec 2024 18:45:21 GMT
content-type
application/javascript
last-modified
Tue, 17 Dec 2024 08:27:19 GMT
server
nginx
yy006.abc
hhhzzzbb1217ldy.gzgxsz.com/pic/
9 KB
10 KB
Image
General
Full URL
https://hhhzzzbb1217ldy.gzgxsz.com/pic/yy006.abc
Requested by
Host: hhhzzzbb1217ldy.gzgxsz.com
URL: https://hhhzzzbb1217ldy.gzgxsz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.229.114.44 , Korea, Republic Of, ASN138415 (YANCYLIMITED-AS-HK Yancy Limited, HK),
Reverse DNS
Software
superedge /
Resource Hash
a28c37f5f3b79db9794b17ee7f5686b177e381510a99b5d17273870789cf8145

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hhhzzzbb1217ldy.gzgxsz.com/

Response headers

X-Cache-Status
MISS
ETag
"6727ab43-241c"
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
9244
Date
Tue, 17 Dec 2024 18:45:20 GMT
Content-Type
application/octet-stream
Last-Modified
Sun, 03 Nov 2024 16:56:35 GMT
Server
superedge
Access-Control-Allow-Headers
Authorization, Origin, X-Requested-With, Content-Type, Accept
yy001.abc
hhhzzzbb1217ldy.gzgxsz.com/pic/
68 KB
68 KB
Image
General
Full URL
https://hhhzzzbb1217ldy.gzgxsz.com/pic/yy001.abc
Requested by
Host: hhhzzzbb1217ldy.gzgxsz.com
URL: https://hhhzzzbb1217ldy.gzgxsz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.229.114.44 , Korea, Republic Of, ASN138415 (YANCYLIMITED-AS-HK Yancy Limited, HK),
Reverse DNS
Software
superedge /
Resource Hash
d709873f0f1c3157757a5ecbdd8d981996120ca7e485057e2525210b6c91a188

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hhhzzzbb1217ldy.gzgxsz.com/

Response headers

X-Cache-Status
MISS
ETag
"6727ab43-10e65"
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
69221
Date
Tue, 17 Dec 2024 18:45:20 GMT
Content-Type
application/octet-stream
Last-Modified
Sun, 03 Nov 2024 16:56:35 GMT
Server
superedge
Access-Control-Allow-Headers
Authorization, Origin, X-Requested-With, Content-Type, Accept
yy003.abc
hhhzzzbb1217ldy.gzgxsz.com/pic/
299 KB
299 KB
Image
General
Full URL
https://hhhzzzbb1217ldy.gzgxsz.com/pic/yy003.abc
Requested by
Host: hhhzzzbb1217ldy.gzgxsz.com
URL: https://hhhzzzbb1217ldy.gzgxsz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.229.114.44 , Korea, Republic Of, ASN138415 (YANCYLIMITED-AS-HK Yancy Limited, HK),
Reverse DNS
Software
superedge /
Resource Hash
aa8aa243b72212f2a07aa32623102496ae17340926dfd04fd69c684c6eda53d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hhhzzzbb1217ldy.gzgxsz.com/

Response headers

X-Cache-Status
MISS
ETag
"6727ab43-4abf8"
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
306168
Date
Tue, 17 Dec 2024 18:45:20 GMT
Content-Type
application/octet-stream
Last-Modified
Sun, 03 Nov 2024 16:56:35 GMT
Server
superedge
Access-Control-Allow-Headers
Authorization, Origin, X-Requested-With, Content-Type, Accept
yy004.abc
hhhzzzbb1217ldy.gzgxsz.com/pic/
273 KB
274 KB
Image
General
Full URL
https://hhhzzzbb1217ldy.gzgxsz.com/pic/yy004.abc
Requested by
Host: hhhzzzbb1217ldy.gzgxsz.com
URL: https://hhhzzzbb1217ldy.gzgxsz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.229.114.44 , Korea, Republic Of, ASN138415 (YANCYLIMITED-AS-HK Yancy Limited, HK),
Reverse DNS
Software
superedge /
Resource Hash
8c8a28249e327ad2fee76456e348bb92d298f2ca3cfb3d0b46cfe253f0bdb985

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hhhzzzbb1217ldy.gzgxsz.com/

Response headers

X-Cache-Status
MISS
ETag
"6727ab43-4457a"
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
279930
Date
Tue, 17 Dec 2024 18:45:21 GMT
Content-Type
application/octet-stream
Last-Modified
Sun, 03 Nov 2024 16:56:35 GMT
Server
superedge
Access-Control-Allow-Headers
Authorization, Origin, X-Requested-With, Content-Type, Accept
yy005.abc
hhhzzzbb1217ldy.gzgxsz.com/pic/
54 KB
54 KB
Image
General
Full URL
https://hhhzzzbb1217ldy.gzgxsz.com/pic/yy005.abc
Requested by
Host: hhhzzzbb1217ldy.gzgxsz.com
URL: https://hhhzzzbb1217ldy.gzgxsz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.229.114.44 , Korea, Republic Of, ASN138415 (YANCYLIMITED-AS-HK Yancy Limited, HK),
Reverse DNS
Software
superedge /
Resource Hash
f68b3519d8306b9c1afa3622614a18fa66f9f304ac69734bb6364591e1928bde

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hhhzzzbb1217ldy.gzgxsz.com/

Response headers

X-Cache-Status
MISS
ETag
"6727ab43-d7b8"
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
55224
Date
Tue, 17 Dec 2024 18:45:21 GMT
Content-Type
application/octet-stream
Last-Modified
Sun, 03 Nov 2024 16:56:35 GMT
Server
superedge
Access-Control-Allow-Headers
Authorization, Origin, X-Requested-With, Content-Type, Accept
yy002.abc
hhhzzzbb1217ldy.gzgxsz.com/pic/
88 KB
89 KB
Image
General
Full URL
https://hhhzzzbb1217ldy.gzgxsz.com/pic/yy002.abc
Requested by
Host: hhhzzzbb1217ldy.gzgxsz.com
URL: https://hhhzzzbb1217ldy.gzgxsz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.229.114.44 , Korea, Republic Of, ASN138415 (YANCYLIMITED-AS-HK Yancy Limited, HK),
Reverse DNS
Software
superedge /
Resource Hash
218494bdc3c0b92d89fb6a6261756d22b502dab461bcb904ace973510a27843c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hhhzzzbb1217ldy.gzgxsz.com/

Response headers

X-Cache-Status
MISS
ETag
"6727ab43-160c4"
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
90308
Date
Tue, 17 Dec 2024 18:45:21 GMT
Content-Type
application/octet-stream
Last-Modified
Sun, 03 Nov 2024 16:56:35 GMT
Server
superedge
Access-Control-Allow-Headers
Authorization, Origin, X-Requested-With, Content-Type, Accept
init
t2y8gj99mvju7e24.unitedcoasts.com/web/izka3qa5/_/
734 B
904 B
XHR
General
Full URL
https://t2y8gj99mvju7e24.unitedcoasts.com:6443/web/izka3qa5/_/init?av=0&cv=0&hash=&server=https%3A%2F%2Ft2y8gj99mvju7e24.unitedcoasts.com%3A6443&sw=p6Cmpg&sh=p6Smpg&sp=1
Requested by
Host: hhhzzzbb1217ldy.gzgxsz.com
URL: https://hhhzzzbb1217ldy.gzgxsz.com/js/appinstall.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.33.12.233 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),
Reverse DNS
Software
NgxFence /
Resource Hash
891dd5c866a27e2c279c46aae03f317f7b1e1faed6b01ed7e79342d85af33d1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://hhhzzzbb1217ldy.gzgxsz.com/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
access-control-allow-credentials
true
access-control-allow-origin
https://hhhzzzbb1217ldy.gzgxsz.com
date
Tue, 17 Dec 2024 18:45:21 GMT
content-type
application/json;charset=utf-8
vary
Origin, Origin
server
NgxFence
eyJtIjoiRUFabm5ndElhVDRBQUFHVDFmQmxqcFMxZi1BR0tfbk5LcVUyVUtsaWx3cXg4dVFhZ2c1OXFjeG5LTkprMk1JWXFrNmxhREw5SG1fX05DYUlmTjRuRUhpLTBXY0JjaEVKQ0kwQUF1a3AwaHFXTjQ1MFl1cHFYdGhiRGcybGFHYjNhZyJ9
t2y8gj99mvju7e24.unitedcoasts.com/web/izka3qa5/_/clicked/c/
0
294 B
Ping
General
Full URL
https://t2y8gj99mvju7e24.unitedcoasts.com:6443/web/izka3qa5/_/clicked/c/eyJtIjoiRUFabm5ndElhVDRBQUFHVDFmQmxqcFMxZi1BR0tfbk5LcVUyVUtsaWx3cXg4dVFhZ2c1OXFjeG5LTkprMk1JWXFrNmxhREw5SG1fX05DYUlmTjRuRUhpLTBXY0JjaEVKQ0kwQUF1a3AwaHFXTjQ1MFl1cHFYdGhiRGcybGFHYjNhZyJ9?p=0&ref=https%3A%2F%2Fhhhzzzbb1217ldy.gzgxsz.com%2F&ac=0&cc=0
Requested by
Host: hhhzzzbb1217ldy.gzgxsz.com
URL: https://hhhzzzbb1217ldy.gzgxsz.com/js/appinstall.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.33.12.233 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),
Reverse DNS
Software
NgxFence /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hhhzzzbb1217ldy.gzgxsz.com/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-origin
https://hhhzzzbb1217ldy.gzgxsz.com
content-length
0
date
Tue, 17 Dec 2024 18:45:27 GMT
vary
Origin, Origin
server
NgxFence
BBang.apk
d2lrzpmq7gd63s.cloudfront.net/
Redirect Chain
  • https://t2y8gj99mvju7e24.unitedcoasts.com:6443/page/izka3qa5/install/c/eyJtIjoiRW8yZzg1VDNWaTRBQUFHVDFmQmxqcTlCNVhTT0s4NEFUbFBuWm9kdk1nUG1EQUFLRDl4WmFHWVRyRllscTJRQ09BUDZNQUJzR1h5UHFINEV6cmgzeFROMn...
  • https://d2lrzpmq7gd63s.cloudfront.net/BBang.apk
0
0
Document
General
Full URL
https://d2lrzpmq7gd63s.cloudfront.net/BBang.apk
Requested by
Host: hhhzzzbb1217ldy.gzgxsz.com
URL: https://hhhzzzbb1217ldy.gzgxsz.com/js/appinstall.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.111.133 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://hhhzzzbb1217ldy.gzgxsz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
public,max-age=0
content-disposition
attachment;filename=BBang.apk
content-length
81768577
content-type
application/vnd.android.package-archive
date
Tue, 17 Dec 2024 18:45:29 GMT
etag
"daffcf1f7b920afbdfda770e77e729db"
last-modified
Tue, 17 Dec 2024 18:37:54 GMT
server
AmazonS3
via
1.1 efb576f3260fb935bd57cce721b78428.cloudfront.net (CloudFront)
x-amz-cf-id
gE5IbkUai4fuCu7Q8M0Lo5kdxLmalOpdlnDvCYB_mPl9rnqqljB-GQ==
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront

Redirect headers

content-length
0
date
Tue, 17 Dec 2024 18:45:27 GMT
location
https://d2lrzpmq7gd63s.cloudfront.net/BBang.apk
server
NgxFence
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-cache
DYNAMIC

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CryptoJS function| cryptoJsAesDecrypt function| cryptoJsAesEncrypt function| $ function| jQuery function| AppInstall string| serverapi1 function| DownSoft object| data

0 Cookies