zgqk9z70gh77wk6.xyz Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://zgqk9z70gh77wk6.xyz/
Submission: On March 08 via api (March 8th 2024, 9:06:19 am UTC) from BE — Scanned from NL

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is zgqk9z70gh77wk6.xyz.
TLS certificate: Issued by GTS CA 1P5 on January 30th 2024. Valid for: 3 months.

This is the only time zgqk9z70gh77wk6.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	49.0.244.110 49.0.244.110	136907 (HWCLOUDS-...) (HWCLOUDS-AS-AP HUAWEI CLOUDS)
8	3

5 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

zgqk9z70gh77wk6.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 49.0.244.110 (Hong Kong, Hong Kong)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-49-0-244-110.compute.hwclouds-dns.com

mt.0gxlwmt2vr1pgu.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	zgqk9z70gh77wk6.xyz zgqk9z70gh77wk6.xyz	415 KB
2	0gxlwmt2vr1pgu.xyz mt.0gxlwmt2vr1pgu.xyz	2 KB
0	9q7grc5vriwg.xyz Failed 9q7grc5vriwg.xyz Failed
8	3

	Domain	Requested by
5	zgqk9z70gh77wk6.xyz	zgqk9z70gh77wk6.xyz
2	mt.0gxlwmt2vr1pgu.xyz	zgqk9z70gh77wk6.xyz
0	9q7grc5vriwg.xyz Failed	zgqk9z70gh77wk6.xyz
8	3

This site contains no links.

Subject Issuer	Validity	Valid
zgqk9z70gh77wk6.xyz GTS CA 1P5	`2024-01-30` - `2024-04-29`	3 months	crt.sh
mt.0gxlwmt2vr1pgu.xyz ZeroSSL ECC Domain Secure Site CA	`2024-02-18` - `2024-05-18`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://zgqk9z70gh77wk6.xyz/
Frame ID: 74542CD6065A0D37D0616AC44CDBC6EA
Requests: 6 HTTP requests in this frame

Frame: https://9q7grc5vriwg.xyz/
Frame ID: 3B5428E6C7C7B08EA6713608FB77F85A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

8
Requests

88 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

417 kB
Transfer

1677 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response zgqk9z70gh77wk6.xyz/	1 KB 927 B	542ms 459ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zgqk9z70gh77wk6.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fde3bfab9765601e508d28b16311550b0b55e85dd093708b4dbe09ff4a22fe99` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8611aafd3fa12c4f-FRA content-encoding br content-type text/html date Fri, 08 Mar 2024 09:06:13 GMT last-modified Sat, 24 Feb 2024 03:02:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AAWUJXihHhKdSm257WAMXU3ULJz%2Bk77XCWXlffVspDTSGJnZGoUPbJbC9TF08T8mkB0sVfM9sdkykn5B8%2BEX6z3L0gMHlNI%2Bdu8IxmMR%2FDgkRahESVdowJ7R23lXUlnHrF%2F9KQq3H03PbvyDDujFkdnI"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	chunk-vendors.css zgqk9z70gh77wk6.xyz/static/20240224110034/css/	183 KB 51 KB	853ms 852ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zgqk9z70gh77wk6.xyz/static/20240224110034/css/chunk-vendors.css Requested by Host: zgqk9z70gh77wk6.xyz URL: https://zgqk9z70gh77wk6.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d791a8aea8829f4e81caef657a18008255ec09e3d54758293f2ca790b26fe90c` Request headers accept-language nl-NL,nl;q=0.9 Referer https://zgqk9z70gh77wk6.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:06:14 GMT content-encoding br cf-cache-status MISS last-modified Sat, 24 Feb 2024 03:02:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65d95c3a-2da4c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AUodgsH%2FMkHYhvp0i9KXJVZPed4ZqSdJdY0xEsKhwAA7vsCW0MBnDL02CUtxFIzq78S7mXpa4jp5MkUBBxhy%2BzLVoiIkkZ3KHML%2FsaUJNJ8KACrn02QVxmLUDMFhtzRwtXZCEBBSoMUE5AMzhPCCzw%2B"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8611ab012c622c4f-FRA alt-svc h3=":443"; ma=86400
GET H2	200	iframe.css zgqk9z70gh77wk6.xyz/static/20240224110034/css/	189 B 439 B	464ms 464ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zgqk9z70gh77wk6.xyz/static/20240224110034/css/iframe.css Requested by Host: zgqk9z70gh77wk6.xyz URL: https://zgqk9z70gh77wk6.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ca692bd36ac8b118cdb308760651e96728011e448c9388dfc2be5be1adcde181` Request headers accept-language nl-NL,nl;q=0.9 Referer https://zgqk9z70gh77wk6.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:06:13 GMT content-encoding br cf-cache-status MISS last-modified Sat, 24 Feb 2024 03:02:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65d95c3a-bd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1uyaTGBvUhcj4tozO9MkupZgrEHFSV377ECBSex9PBx0DULKYBouRZjhEeYhuwVE9PDZDVUTmnHxFVomwXiwfl7bMviX4tJlVbGJOCVlxTozFFb2lH6%2BbaubignrivTBLdreezzvISJKRGybnQcUafD8"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8611ab012c642c4f-FRA alt-svc h3=":443"; ma=86400
GET H2	200	chunk-vendors.js Show response zgqk9z70gh77wk6.xyz/static/20240224110034/js/	1 MB 354 KB	1412ms 1411ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zgqk9z70gh77wk6.xyz/static/20240224110034/js/chunk-vendors.js Requested by Host: zgqk9z70gh77wk6.xyz URL: https://zgqk9z70gh77wk6.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6f92f154a1fd6d545771bc849f1a19e83557fc0fb599d23abe33a0820ba4997a` Request headers accept-language nl-NL,nl;q=0.9 Referer https://zgqk9z70gh77wk6.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:06:14 GMT content-encoding br cf-cache-status MISS last-modified Sat, 24 Feb 2024 03:02:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65d95c3a-16c18f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wsox%2F4fsPO1lp%2FSNcGMTULUdfdSxjLoX8RCq2m7sEKGKEjok801X3n6lG4v7FmREBDIM7RiaMgzxATpV%2FVoKq6%2Fd%2ByxF8ZURTtTPl9Vl6EthdZV%2BgXeBQZNVgBysbd2Yb6GhVd36H5nfz6F%2F0Kze4tJF"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8611ab012c672c4f-FRA alt-svc h3=":443"; ma=86400
GET H2	200	iframe.js Show response zgqk9z70gh77wk6.xyz/static/20240224110034/js/	35 KB 10 KB	636ms 636ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zgqk9z70gh77wk6.xyz/static/20240224110034/js/iframe.js Requested by Host: zgqk9z70gh77wk6.xyz URL: https://zgqk9z70gh77wk6.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6141f674a54d2bca25f49b8fcfa684749641635a19d45cc9cd006bea2044dbdb` Request headers accept-language nl-NL,nl;q=0.9 Referer https://zgqk9z70gh77wk6.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Fri, 08 Mar 2024 09:06:13 GMT content-encoding br cf-cache-status MISS last-modified Sat, 24 Feb 2024 03:02:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65d95c3a-8c28" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTvzKV%2FuZ5wbNlz74m9vjElGFlpniZWCZyg6xIMgrjT9o1KzrNn4957kGLm0I6IZJR%2Bf1KvDwbWl0kzIzNhYOtgFkLK2N1RZRADGjMG4iGptJDLVEIUlbA2lQXITFE%2BtlDWZj0JJ6X2HwmtO3y%2BuwnVd"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8611ab012c692c4f-FRA alt-svc h3=":443"; ma=86400
POST H/1.1	200	request Show response mt.0gxlwmt2vr1pgu.xyz/fast-endecode/main/	2 KB 2 KB	399ms 399ms	XHR application/json	49.0.244.110 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Full URL https://mt.0gxlwmt2vr1pgu.xyz/fast-endecode/main/request Requested by Host: zgqk9z70gh77wk6.xyz URL: https://zgqk9z70gh77wk6.xyz/static/20240224110034/js/chunk-vendors.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 49.0.244.110 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-49-0-244-110.compute.hwclouds-dns.com Software nginx/1.17.6 / Resource Hash `fc673e03e866ca1db5489222c745d8ae045d4a6d20e6e0a8ad842e275e74abcf` Request headers Accept application/json, text/plain, / Referer https://zgqk9z70gh77wk6.xyz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type application/json Response headers Access-Control-Allow-Origin * Date Fri, 08 Mar 2024 09:06:18 GMT Server nginx/1.17.6 Connection keep-alive Transfer-Encoding chunked Vary Origin Content-Type application/json;charset=UTF-8
OPTIONS H/1.1	200	request mt.0gxlwmt2vr1pgu.xyz/fast-endecode/main/ Frame	0 0	3707ms 379ms	Preflight	49.0.244.110 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Full URL https://mt.0gxlwmt2vr1pgu.xyz/fast-endecode/main/request Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 49.0.244.110 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-49-0-244-110.compute.hwclouds-dns.com Software nginx/1.17.6 / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://zgqk9z70gh77wk6.xyz Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Access-Control-Allow-Headers content-type Access-Control-Allow-Methods POST Access-Control-Allow-Origin * Connection keep-alive Content-Length 0 Date Fri, 08 Mar 2024 09:06:18 GMT Server nginx/1.17.6 Vary Origin
GET		/ 9q7grc5vriwg.xyz/ Frame 3B54	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 9q7grc5vriwg.xyz
URL: https://9q7grc5vriwg.xyz/

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9q7grc5vriwg.xyz
mt.0gxlwmt2vr1pgu.xyz
zgqk9z70gh77wk6.xyz
9q7grc5vriwg.xyz
2a06:98c1:3120::3
49.0.244.110
6141f674a54d2bca25f49b8fcfa684749641635a19d45cc9cd006bea2044dbdb
6f92f154a1fd6d545771bc849f1a19e83557fc0fb599d23abe33a0820ba4997a
ca692bd36ac8b118cdb308760651e96728011e448c9388dfc2be5be1adcde181
d791a8aea8829f4e81caef657a18008255ec09e3d54758293f2ca790b26fe90c
fc673e03e866ca1db5489222c745d8ae045d4a6d20e6e0a8ad842e275e74abcf
fde3bfab9765601e508d28b16311550b0b55e85dd093708b4dbe09ff4a22fe99

zgqk9z70gh77wk6.xyz Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

88 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

417 kBTransfer

1677 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

Indicators

zgqk9z70gh77wk6.xyz Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

417 kB
Transfer

1677 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions