www.haoso.cc Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://recovery-fbz.top/
Effective URL:
https://www.haoso.cc/
Submission: On August 11 via automatic, source certstream-suspicious (August 11th 2024, 9:52:12 pm UTC) — Scanned from DE

Summary HTTP 72 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 11 domains to perform 72 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.haoso.cc.
TLS certificate: Issued by WE1 on August 10th 2024. Valid for: 3 months.

This is the only time www.haoso.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	2606:4700:303... 2606:4700:3032::ac43:aa89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	240e:945:1:0:... 240e:945:1:0:3::3db	136195 (CHINATELE...) (CHINATELECOM-QINGDAO-CLOUDBASE Qingdao)
1	211.97.81.227 211.97.81.227	140886 (UNICOM-GX...) (UNICOM-GX-IDC UNICOM Guangxi province network)
3	49.233.110.58 49.233.110.58	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
1	112.47.51.222 112.47.51.222	9808 (CHINAMOBI...) (CHINAMOBILE-CN China Mobile Communications Group Co.)
1	111.45.11.83 111.45.11.83	56040 (CMNET-GUA...) (CMNET-GUANGDONG-AP China Mobile communications corporation)
1 9	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	156.225.111.17 156.225.111.17	35916 (MULTA-ASN1) (MULTA-ASN1)
3	154.85.69.5 154.85.69.5	139057 (LDPL-AS-A...) (LDPL-AS-AP LEGEND DYNASTY PTE. LTD.)
1	159.69.246.187 159.69.246.187	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
72	12

42 2606:4700:3032::ac43:aa89 (United States)

ASN13335 (CLOUDFLARENET, US)

recovery-fbz.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.haoso.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 240e:945:1:0:3::3db (China)

ASN136195 (CHINATELECOM-QINGDAO-CLOUDBASE Qingdao, Shandong Province, P.R.China., CN)

w.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.97.81.227 (China)

ASN140886 (UNICOM-GX-IDC UNICOM Guangxi province network, CN)

utrack.hexun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 49.233.110.58 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

h02hxsame.hexun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
h03hxsame.hexun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
h04hxsame.hexun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 112.47.51.222 (Xiamen, China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)

itv.hexun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 111.45.11.83 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.haoso.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 156.225.111.17 (Hong Kong) 3 redirects

ASN35916 (MULTA-ASN1, US)

cdn.staticfile.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 154.85.69.5 (Singapore, Singapore)

ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG)

cdn.staticfile.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.246.187 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.187.246.69.159.clients.your-server.de

api.qrserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	recovery-fbz.top recovery-fbz.top	333 KB
10	haoso.cc 1 redirects www.haoso.cc	150 KB
5	hexun.com utrack.hexun.com h05hxsame.hexun.com Failed h02hxsame.hexun.com h03hxsame.hexun.com h04hxsame.hexun.com h09hxsame.hexun.com Failed itv.hexun.com regtool.hexun.com Failed articlewriter.hexun.com Failed	3 KB
3	staticfile.net cdn.staticfile.net — Cisco Umbrella Rank: 435140	51 KB
3	staticfile.org 3 redirects cdn.staticfile.org — Cisco Umbrella Rank: 54201	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	85 KB
1	qrserver.com api.qrserver.com — Cisco Umbrella Rank: 55866	648 B
1	cnzz.com w.cnzz.com — Cisco Umbrella Rank: 142449	370 B
1	baidu.com ziyuan.baidu.com Failed hm.baidu.com — Cisco Umbrella Rank: 8226	175 B
0	dns.google Failed dns.google Failed
0	appadhoc.com Failed experiment.appadhoc.com Failed
72	11

	Domain	Requested by
42	recovery-fbz.top	recovery-fbz.top
10	www.haoso.cc	1 redirects recovery-fbz.top www.haoso.cc
3	cdn.staticfile.net	www.haoso.cc
3	cdn.staticfile.org	3 redirects
2	www.googletagmanager.com	www.haoso.cc
1	api.qrserver.com	www.haoso.cc
1	hm.baidu.com	recovery-fbz.top
1	itv.hexun.com	recovery-fbz.top
1	h04hxsame.hexun.com	recovery-fbz.top
1	h03hxsame.hexun.com	recovery-fbz.top
1	h02hxsame.hexun.com	recovery-fbz.top
1	utrack.hexun.com	recovery-fbz.top
1	w.cnzz.com	recovery-fbz.top
0	dns.google Failed
0	articlewriter.hexun.com Failed	recovery-fbz.top
0	regtool.hexun.com Failed	recovery-fbz.top
0	h09hxsame.hexun.com Failed	recovery-fbz.top
0	h05hxsame.hexun.com Failed	recovery-fbz.top
0	experiment.appadhoc.com Failed	recovery-fbz.top
0	ziyuan.baidu.com Failed	recovery-fbz.top
72	20

This site contains links to these domains. Also see Links.

Domain
t.me
linktr.ee

Subject Issuer	Validity	Valid
recovery-fbz.top WE1	`2024-08-11` - `2024-11-09`	3 months	crt.sh
haoso.cc WE1	`2024-08-10` - `2024-11-08`	3 months	crt.sh
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G3	`2024-02-17` - `2025-03-20`	a year	crt.sh
*.hexun.com Secure Site CA G2	`2023-08-29` - `2024-09-28`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2024-07-08` - `2025-08-09`	a year	crt.sh
*.qrserver.com R10	`2024-08-08` - `2024-11-06`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.haoso.cc/
Frame ID: E7479F0A5ECBD878AA1CF4FDC91E6AA7
Requests: 63 HTTP requests in this frame

Frame: https://www.haoso.cc/
Frame ID: 083289A998548E64CB5F6C23B61D3197
Requests: 1 HTTP requests in this frame

Frame: https://h05hxsame.hexun.com/s?z=hexun&c=1357&op=1
Frame ID: 8E9B57D6E2694A2167458E7DDB169D04
Requests: 1 HTTP requests in this frame

Frame: https://h02hxsame.hexun.com/s?z=hexun&c=1368&op=1
Frame ID: EA1FEFDF0AC3CF1D81C8145F2952FE6B
Requests: 1 HTTP requests in this frame

Frame: https://h03hxsame.hexun.com/s?z=hexun&c=1369&op=1
Frame ID: 03320104605330466E0528C245D5D95E
Requests: 1 HTTP requests in this frame

Frame: https://h04hxsame.hexun.com/s?z=hexun&c=1370&op=1
Frame ID: 4F9D769E00E542069F3E9816318B04D9
Requests: 1 HTTP requests in this frame

Frame: https://h09hxsame.hexun.com/s?z=hexun&c=1361&op=1
Frame ID: 2292ACE8B7F4C628B9396EBF04E2EB8B
Requests: 1 HTTP requests in this frame

Frame: https://www.haoso.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js
Frame ID: 3D8E90EBAAADE5F76CEC0F6CDCB46BAC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page URL History Show full URLs

https://recovery-fbz.top/ Page URL
https://www.haoso.cc/ Page URL

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

72
Requests

83 %
HTTPS

42 %
IPv6

11
Domains

20
Subdomains

12
IPs

5
Countries

623 kB
Transfer

1374 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/Langjian_st
Title: ✈@Langjian_st

Search URL Search Domain Scan URL

URL: https://linktr.ee/nbzhan.com
Title: https://linktr.ee/nbzhan.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://recovery-fbz.top/ Page URL
https://www.haoso.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://cdn.staticfile.org/Buttons/2.0.0/css/buttons.min.css HTTP 301
https://cdn.staticfile.net/Buttons/2.0.0/css/buttons.min.css

Request Chain 63

https://cdn.staticfile.org/jquery/1.12.4/jquery.min.js HTTP 301
https://cdn.staticfile.net/jquery/1.12.4/jquery.min.js

Request Chain 64

https://cdn.staticfile.org/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP 301
https://cdn.staticfile.net/jquery-cookie/1.4.1/jquery.cookie.min.js

Request Chain 68

https://www.haoso.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.haoso.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js

Request Chain 70

https://www.lslxcc.com/favicon.ico HTTP 302
https://dns.google/favicon.ico

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
recovery-fbz.top/ 96 KB
24 KB 1352ms
1040ms Document
text/html 2606:4700:3032::ac43:aa89
CLOUDFLARENET

General

Domain/Path	Expires	Name / Value
recovery-fbz.top/	1970-01-21 07:29:09	Name: ADHOC_MEMBERSHIP_CLIENT_ID1.0 Value: 1b9e8392-4582-b8ff-15cc-4369832b8af5
.baidu.com/	1970-01-21 07:29:09	Name: BAIDUID_BFESS Value: F94E976CE7E4A462D7FF6289140D9730:FG=1
.haoso.cc/	1970-01-21 07:29:09	Name: cf_clearance Value: lseyYsY2uC4ww2ZJbvORmK089l.o4Ot5r4PfLPgYkqY-1723413116-1.0.1.1-uZkhSWmsRYxgq7foQFDlIVBZGorg46vj8V7nskeDQCDpYhhYQqpNPgW9HCD1zw4T4pAUrZOOKlJHol_btBXOyA
.recovery-fbz.top/	1970-01-21 07:29:09	Name: appToken Value: pc%2Cother%2Cchrome%2ChxAppSignId63993104270148131723413118781%2CchuangzuoguanPC
www.haoso.cc/	1969-12-31 23:59:59	Name: PHPSESSID Value: emt3pm8fvvd5moj172pvve91jv
www.haoso.cc/	1970-01-20 22:53:37	Name: mysid Value: 118540814a71ccf58d69319ca7e51ebc
.haoso.cc/	1970-01-21 00:53:09	Name: _gcl_au Value: 1.1.119972785.1723413121
.haoso.cc/	1970-01-21 07:29:09	Name: cf_clearance Value: XiLhNMPVTWr3AzAJ4cwAKbpmsFCCa2tlghC0g6oex2M-1723413121-1.0.1.1-GeAVsdQ6zY_xadoDPjYwK9fiTF4UDGUsa_WucltVeEEpAgepQEuVO.QnwEwJ3ovvtpoacpXloWtamK8HnZ65qQ

Source	Level	URL Text
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://utrack.hexun.com/dp/dplus_config_ver1.0.1.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://utrack.hexun.com/dp/dplus_config_ver1.0.1.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://experiment.appadhoc.com/get_flags_async Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	URL: https://recovery-fbz.top/ Message: Mixed Content: The page at 'https://recovery-fbz.top/' was loaded over HTTPS, but requested an insecure element 'http://recovery-fbz.top/template/news/boke051/style/images/ewm_bac.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	warning	URL: https://recovery-fbz.top/template/news/boke051/style/js/pagemediacontrol_0.js(Line 900) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://itv.hexun.com/lbi-html/ly/2011/allPages/setpageview.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://recovery-fbz.top/template/news/boke051/style/js/pagemediacontrol_0.js(Line 900) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://itv.hexun.com/lbi-html/ly/2011/allPages/setpageview.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://articlewriter.hexun.com/article/search?keyword=&pageNum=1&pageSize=5&callback=jQuery111004793182008119752_1723413112927&_=1723413112928 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

www.haoso.cc Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

83 %HTTPS

42 %IPv6

11 Domains

20 Subdomains

12 IPs

5 Countries

623 kBTransfer

1374 kBSize

8 Cookies

2 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.haoso.cc Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

83 %
HTTPS

42 %
IPv6

11
Domains

20
Subdomains

12
IPs

5
Countries

623 kB
Transfer

1374 kB
Size

8
Cookies

72 HTTP transactions
0 data transactions