spread.huasecpa.cn Open in urlscan Pro
47.243.157.70 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tiktokus.page.link/cVt4
Effective URL:
http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910
Submission: On August 18 via manual (August 18th 2021, 11:43:06 am UTC) from UA

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 47.243.157.70, located in Central, Hong Kong and belongs to CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN. The main domain is spread.huasecpa.cn.

This is the only time spread.huasecpa.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
6	47.243.157.70 47.243.157.70	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
1	47.246.43.204 47.246.43.204	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
5	163.171.132.118 163.171.132.118	54994 (QUANTILNE...) (QUANTILNETWORKS)
1	47.246.43.223 47.246.43.223	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
13	4

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tiktokus.page.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 47.243.157.70 (Central, Hong Kong)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

spread.huasecpa.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.43.204 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

web.cdn.openinstall.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 163.171.132.118 (Germany)

ASN54994 (QUANTILNETWORKS, US)

wagnsu.huasecpa.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.43.223 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

web.openinstall.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	huasecpa.cn spread.huasecpa.cn wagnsu.huasecpa.cn	677 KB
2	openinstall.io web.cdn.openinstall.io web.openinstall.io	18 KB
2	page.link 2 redirects tiktokus.page.link	1 KB
13	3

	Domain	Requested by
6	spread.huasecpa.cn	spread.huasecpa.cn
5	wagnsu.huasecpa.cn	spread.huasecpa.cn
2	tiktokus.page.link	2 redirects
1	web.openinstall.io	web.cdn.openinstall.io
1	web.cdn.openinstall.io	spread.huasecpa.cn
13	5

This site contains no links.

Subject Issuer	Validity	Valid
*.cdn.openinstall.io RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-09-28` - `2021-09-29`	a year	crt.sh
wagnsu.huasecpa.cn Encryption Everywhere DV TLS CA - G1	`2021-07-30` - `2022-07-30`	a year	crt.sh
*.openinstall.io RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-23` - `2022-07-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910
Frame ID: 8AA57C5D637D4C34E83AD2DFE15487EE
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://tiktokus.page.link/cVt4 HTTP 301
https://tiktokus.page.link/cVt4 HTTP 302
http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

13
Requests

54 %
HTTPS

20 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

695 kB
Transfer

864 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tiktokus.page.link/cVt4 HTTP 301
https://tiktokus.page.link/cVt4 HTTP 302
http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request sexPrivme.html Show response
spread.huasecpa.cn/download/
Redirect Chain

http://tiktokus.page.link/cVt4
https://tiktokus.page.link/cVt4
http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910

4 KB
2 KB

608ms
586ms

Document
text/html

47.243.157.70
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL

http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910

Protocol

HTTP/1.1

Server

47.243.157.70 Central, Hong Kong, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

8cf84021880ce6f1c10a0f316bbcb5446c0995f3770aefec1ba58bc839a7756f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: spread.huasecpa.cn
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Wed, 18 Aug 2021 11:42:47 GMT
Content-Type: text/html
Last-Modified: Fri, 13 Aug 2021 09:49:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61164021-10f3"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 18 Aug 2021 11:42:46 GMT
location: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910
cross-origin-resource-policy: same-site
content-security-policy: script-src 'report-sample' 'nonce-m+erx371pdiSG8Pfp+UBPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-m+erx371pdiSG8Pfp+UBPg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK jquery.js Show response
spread.huasecpa.cn/download/ 95 KB
38 KB 620ms
597ms Script
application/javascript 47.243.157.70
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL

http://spread.huasecpa.cn/download/jquery.js

Requested by

Host: spread.huasecpa.cn
URL: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910

Protocol

HTTP/1.1

Server

47.243.157.70 Central, Hong Kong, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

4574aea110cdaa1cf0c27bc5d0d9364a3c18e7a33a185c87d581c6b159703e01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: spread.huasecpa.cn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910
Connection: keep-alive
Cache-Control: no-cache
Referer: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 11:42:47 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 13 Aug 2021 09:49:21 GMT
Server: nginx
ETag: W/"61164021-17b93"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 18 Aug 2021 23:42:47 GMT

GET
H/1.1 200
OK lead.css
spread.huasecpa.cn/download/ 3 KB
1 KB 306ms
305ms Stylesheet
text/css 47.243.157.70
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL

http://spread.huasecpa.cn/download/lead.css

Requested by

Host: spread.huasecpa.cn
URL: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910

Protocol

HTTP/1.1

Server

47.243.157.70 Central, Hong Kong, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

df215851a6eac73c9acb2b61b7112ab51479fb54c34a8b3356ae6a918ee823f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: spread.huasecpa.cn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910
Connection: keep-alive
Cache-Control: no-cache
Referer: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 11:42:47 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 13 Aug 2021 09:49:21 GMT
Server: nginx
ETag: W/"61164021-b97"
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 18 Aug 2021 23:42:47 GMT

GET
H/1.1 200
OK swiper.min.css
spread.huasecpa.cn/download/ 17 KB
4 KB 608ms
586ms Stylesheet
text/css 47.243.157.70
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL

http://spread.huasecpa.cn/download/swiper.min.css

Requested by

Host: spread.huasecpa.cn
URL: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910

Protocol

HTTP/1.1

Server

47.243.157.70 Central, Hong Kong, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

aa6093ae92ef933fc67b115b3f5e22f69f2fca61db60e1101197e5bc429a5c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: spread.huasecpa.cn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910
Connection: keep-alive
Cache-Control: no-cache
Referer: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 11:42:47 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 13 Aug 2021 09:49:21 GMT
Server: nginx
ETag: W/"61164021-4561"
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 18 Aug 2021 23:42:47 GMT

GET
H/1.1 200
OK swiper.min.js Show response
spread.huasecpa.cn/download/ 95 KB
27 KB 620ms
598ms Script
application/javascript 47.243.157.70
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL

http://spread.huasecpa.cn/download/swiper.min.js

Requested by

Host: spread.huasecpa.cn
URL: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910

Protocol

HTTP/1.1

Server

47.243.157.70 Central, Hong Kong, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

ede2c7dbc293f13a2c5d75df9d042e64ce50c09f4fec99cad573efc442d27b18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: spread.huasecpa.cn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910
Connection: keep-alive
Cache-Control: no-cache
Referer: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 11:42:47 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 13 Aug 2021 09:49:21 GMT
Server: nginx
ETag: W/"61164021-17a37"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 18 Aug 2021 23:42:47 GMT

GET
H/1.1 200
OK invite.js Show response
spread.huasecpa.cn/download/ 5 KB
2 KB 621ms
599ms Script
application/javascript 47.243.157.70
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL

http://spread.huasecpa.cn/download/invite.js

Requested by

Host: spread.huasecpa.cn
URL: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910

Protocol

HTTP/1.1

Server

47.243.157.70 Central, Hong Kong, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

bedc8b2cb0bd7476861f5ca17061dbea1d0edf48e5b4e72e0889d292c74c0c2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: spread.huasecpa.cn
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910
Connection: keep-alive
Cache-Control: no-cache
Referer: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 11:42:47 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 13 Aug 2021 09:49:21 GMT
Server: nginx
ETag: W/"61164021-13ea"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 18 Aug 2021 23:42:47 GMT

GET
H2 200 openinstall.js Show response
web.cdn.openinstall.io/ 44 KB
17 KB 144ms
61ms Script
application/javascript 47.246.43.204
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.cdn.openinstall.io/openinstall.js
Requested by: Host: spread.huasecpa.cn
URL: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.43.204 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: d88a0dc28d421f512811d7cdfb6de79fb8a6b05dae0d7199e78806a4cc5f3bbd

Request headers

Referer: http://spread.huasecpa.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone: 0
x-log: X-Log
date: Mon, 07 Jun 2021 06:19:06 GMT
content-encoding: gzip
vary: Accept-Encoding
x-svr: IO
content-md5: BevQ0zezZlOeEA2g7bBn3g==
age: 6240221
x-cache: HIT TCP_MEM_HIT dirn:11:241491995
content-transfer-encoding: binary
x-swift-cachetime: 31535393
content-disposition: inline; filename="openinstall.js"; filename*=utf-8''openinstall.js
x-swift-savetime: Mon, 07 Jun 2021 06:29:13 GMT
content-length: 16373
x-m-reqid: ISkAAMc-EbZqOIYW
x-m-log: QNM:xs466;QNM3
last-modified: Mon, 07 Jun 2021 04:00:38 GMT
server: Tengine
etag: "Fmg0KkKuS1g_29U79SiifWdmINIe.gz"
access-control-max-age: 2592000
ali-swift-global-savetime: 1623046746
content-type: application/javascript
via: cache15.l2ot7[0,0,200-0,H], cache28.l2ot7[0,0], cache13.de2[0,0,200-0,H], cache13.de2[1,0]
access-control-expose-headers: X-Log, X-Reqid
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-qnm-cache: Hit
eagleid: 2ff62ba116292869673968199e
x-reqid: ISkAACfIEbZqOIYW, ISkAAEgXqadoOIYW

GET
H/1.1 200
OK en_log.png
wagnsu.huasecpa.cn/download/ 17 KB
17 KB 134ms
49ms Image
image/png 163.171.132.118
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wagnsu.huasecpa.cn/download/en_log.png
Requested by: Host: spread.huasecpa.cn
URL: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.118 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: WS-web-server /
Resource Hash: 8194a455dccd8fb9f5b1be69ac4d1f6449c71cae82e56a5a76786c0af213ec52

Request headers

Referer: http://spread.huasecpa.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 11:42:48 GMT
Last-Modified: Thu, 27 May 2021 10:49:04 GMT
Server: WS-web-server
Age: 84055
ETag: "FnhKE1UefsjuVMCiNAgjZa02gtwq"
X-Ws-Request-Id: 611cf238_PSdgflkfFRA2hw6_14877-64406
Content-Type: image/png;charset=UTF-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16902
X-Via: 1.1 PSxgHKG8au107:7 (Cdn Cache Server V2.0)[0 200 0], 1.1 PS-FRA-01KiO164:14 (Cdn Cache Server V2.0)[0 200 0], 1.1 PSdgflkfFRA2vq70:0 (Cdn Cache Server V2.0)[0 200 0]

GET
H/1.1 200
OK en_0.png
wagnsu.huasecpa.cn/download/ 262 KB
263 KB 123ms
41ms Image
image/png 163.171.132.118
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wagnsu.huasecpa.cn/download/en_0.png
Requested by: Host: spread.huasecpa.cn
URL: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.118 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: WS-web-server /
Resource Hash: 555c27a3113359f113f981d507e511812170cd43e7003bfcf189c2805c4f9f51

Request headers

Referer: http://spread.huasecpa.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 11:42:48 GMT
Last-Modified: Thu, 27 May 2021 14:50:30 GMT
Server: WS-web-server
Age: 84055
ETag: "FnvDrzxARLuVrv9zqHTh-p3LCZzd"
X-Ws-Request-Id: 611cf238_PSdgflkfFRA2hw6_14446-64330
Content-Type: image/png;charset=UTF-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 268286
X-Via: 1.1 PSxgHKG8cg103:9 (Cdn Cache Server V2.0)[0 200 0], 1.1 PSdgflkfFRA2fd90:7 (Cdn Cache Server V2.0)[0 200 0], 1.1 PSdgflkfFRA2vq70:6 (Cdn Cache Server V2.0)[0 200 0]

GET
H/1.1 200
OK en_1.png
wagnsu.huasecpa.cn/download/ 307 KB
307 KB 129ms
47ms Image
image/png 163.171.132.118
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wagnsu.huasecpa.cn/download/en_1.png
Requested by: Host: spread.huasecpa.cn
URL: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.118 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: WS-web-server /
Resource Hash: 2de3b9991a48afc530e4e31f3663782831048f7724f5d0a37b4f8ee6875ea1c0

Request headers

Referer: http://spread.huasecpa.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 11:42:48 GMT
Last-Modified: Tue, 25 May 2021 08:44:19 GMT
Server: WS-web-server
Age: 84055
ETag: "FiGEhlpnlL8op6niS6fzh7j5pXPQ"
X-Ws-Request-Id: 611cf238_PSdgflkfFRA2hw6_15037-63135
Content-Type: image/png;charset=UTF-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 314050
X-Via: 1.1 dianxun79:10 (Cdn Cache Server V2.0)[0 200 0], 1.1 PSdgflkfFRA2hg92:2 (Cdn Cache Server V2.0)[0 200 0], 1.1 PSdgflkfFRA2hw69:3 (Cdn Cache Server V2.0)[1 200 0]

GET
H/1.1 200
OK ios-button.png
wagnsu.huasecpa.cn/download/ 8 KB
9 KB 126ms
43ms Image
image/png 163.171.132.118
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wagnsu.huasecpa.cn/download/ios-button.png
Requested by: Host: spread.huasecpa.cn
URL: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.118 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: WS-web-server /
Resource Hash: af45cd7022c685d9c27a250400d12cfeea497681e4a2e9edab4df6583172d786

Request headers

Referer: http://spread.huasecpa.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 11:42:48 GMT
Last-Modified: Thu, 27 May 2021 11:06:32 GMT
Server: WS-web-server
Age: 85658
ETag: "FquaTQIkA2g8Off7eNoXvzvSZs7x"
X-Ws-Request-Id: 611cf238_PSdgflkfFRA2hw6_14877-64407
Content-Type: image/png;charset=UTF-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8336
X-Via: 1.1 PSxgHKG8au107:6 (Cdn Cache Server V2.0)[0 200 0], 1.1 ld84:2 (Cdn Cache Server V2.0)[0 200 0], 1.1 PSdgflkfFRA2hw69:3 (Cdn Cache Server V2.0)[0 200 0]

GET
H/1.1 200
OK android-button.png
wagnsu.huasecpa.cn/download/ 8 KB
8 KB 125ms
42ms Image
image/png 163.171.132.118
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wagnsu.huasecpa.cn/download/android-button.png
Requested by: Host: spread.huasecpa.cn
URL: http://spread.huasecpa.cn/download/sexPrivme.html?channel=jj88910&channelCode=jj88910
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.118 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: WS-web-server /
Resource Hash: c82f3e1db55465701f228bec824ddbc2dde326879f520152b4b31f3bfd3c7732

Request headers

Referer: http://spread.huasecpa.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 11:42:48 GMT
Last-Modified: Thu, 27 May 2021 11:06:32 GMT
Server: WS-web-server
Age: 85654
ETag: "FiRbovjyZ2hFzmJ44ORtc3dgpWMw"
X-Ws-Request-Id: 611cf238_PSdgflkfFRA2hw6_15037-63136
Content-Type: image/png;charset=UTF-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7828
X-Via: 1.1 dianxun76:10 (Cdn Cache Server V2.0)[0 200 0], 1.1 ld81:3 (Cdn Cache Server V2.0)[0 200 0], 1.1 PSdgflkfFRA2hw69:4 (Cdn Cache Server V2.0)[0 200 0]

POST
H2 200 init Show response
web.openinstall.io/web/t0nz11/jj88910/ 505 B
902 B 929ms
846ms XHR
application/json 47.246.43.223
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.openinstall.io/web/t0nz11/jj88910/init?channelCode=jj88910&av=0&cv=0&hash=&sw=p6Cmpg&sh=p6Smpg&sp=1
Requested by: Host: web.cdn.openinstall.io
URL: https://web.cdn.openinstall.io/openinstall.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.43.223 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: da89717277a4f2a1d55bc43404d2322e671562be34157f8b5de066bf8079dc2c

Request headers

Referer: http://spread.huasecpa.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 18 Aug 2021 11:42:49 GMT
via: cache23.l2nu16[4,0], cache13.de2[795,0]
server: Tengine
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: http://spread.huasecpa.cn
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 505
eagleid: 2ff62ba116292869686473691e

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

spread.huasecpa.cn
tiktokus.page.link
wagnsu.huasecpa.cn
web.cdn.openinstall.io
web.openinstall.io
163.171.132.118
2a00:1450:4001:82a::200e
47.243.157.70
47.246.43.204
47.246.43.223
2de3b9991a48afc530e4e31f3663782831048f7724f5d0a37b4f8ee6875ea1c0
4574aea110cdaa1cf0c27bc5d0d9364a3c18e7a33a185c87d581c6b159703e01
555c27a3113359f113f981d507e511812170cd43e7003bfcf189c2805c4f9f51
8194a455dccd8fb9f5b1be69ac4d1f6449c71cae82e56a5a76786c0af213ec52
8cf84021880ce6f1c10a0f316bbcb5446c0995f3770aefec1ba58bc839a7756f
aa6093ae92ef933fc67b115b3f5e22f69f2fca61db60e1101197e5bc429a5c75
af45cd7022c685d9c27a250400d12cfeea497681e4a2e9edab4df6583172d786
bedc8b2cb0bd7476861f5ca17061dbea1d0edf48e5b4e72e0889d292c74c0c2f
c82f3e1db55465701f228bec824ddbc2dde326879f520152b4b31f3bfd3c7732
d88a0dc28d421f512811d7cdfb6de79fb8a6b05dae0d7199e78806a4cc5f3bbd
da89717277a4f2a1d55bc43404d2322e671562be34157f8b5de066bf8079dc2c
df215851a6eac73c9acb2b61b7112ab51479fb54c34a8b3356ae6a918ee823f4
ede2c7dbc293f13a2c5d75df9d042e64ce50c09f4fec99cad573efc442d27b18

spread.huasecpa.cn Open in urlscan Pro 47.243.157.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

54 %HTTPS

20 %IPv6

3 Domains

5 Subdomains

4 IPs

2 Countries

695 kBTransfer

864 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

spread.huasecpa.cn Open in urlscan Pro
47.243.157.70 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

54 %
HTTPS

20 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

695 kB
Transfer

864 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions