urlscan.io logo urlscan.io
SecurityTrails logo

ybswi3ct.top Open in urlscan Pro
154.201.253.110  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ybswi3ct.top/
Effective URL: https://ybswi3ct.top/?channelCode=fy416ip6_2
Submission: On April 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 20 HTTP transactions. The main IP is 154.201.253.110, located in United States and belongs to POWERLINE-AS-AP POWER LINE DATACENTER, HK. The main domain is ybswi3ct.top.
TLS certificate: Issued by R3 on April 16th 2024. Valid for: 3 months.
This is the only time ybswi3ct.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Porn Scam (Online)

Domain & IP information

IP Address AS Autonomous System
3 154.201.253.110 132839 (POWERLINE...)
7 2a0b:21c0:500... 21859 (ZEN-ECN)
2 170.33.13.110 ()
20 4
Domain Requested by
7 cdnyt.8577995.com ybswi3ct.top
3 ybswi3ct.top ybswi3ct.top
2 sdk.renrenjihua.com cdnyt.8577995.com
0 d12yf8zxb79pgj.cloudfront.net Failed cdnyt.8577995.com
20 4

This site contains no links.

Subject Issuer Validity Valid
sof4furc.top
R3		 2024-04-16 -
2024-07-15		 3 months crt.sh
*.8577995.com
AlphaSSL CA - SHA256 - G4		 2023-03-22 -
2024-04-22		 a year crt.sh
*.renrenjihua.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-31 -
2024-07-30		 a year crt.sh

This page contains 1 frames:

Frame: https://d12yf8zxb79pgj.cloudfront.net/httrdv/FeiYu-kgj.apk
Frame ID: AD5589D224FED6F116215684C225860B
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

名媛

Page URL History Show full URLs

  1. https://ybswi3ct.top/ Page URL
  2. https://ybswi3ct.top/?channelCode=fy416ip6_2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

60 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

2668 kB
Transfer

2717 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ybswi3ct.top/ Page URL
  2. https://ybswi3ct.top/?channelCode=fy416ip6_2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://app-cw312kln.renrenjihua.com/page/cw312kln/install/c/eyJjIjoiZnk0MTZpcDZfMiIsIm0iOiJJSVBZaW9qQkl5Y0FBQUdPN3R2bkVZQm1HUWs3c3hnYk1YX01RZXAxODltVFpqTmo2dzNySmNqS081RXlMZko2SURPUEZUWEoifQ==?p=0 HTTP 302
  • https://d12yf8zxb79pgj.cloudfront.net/httrdv/FeiYu-kgj.apk

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ybswi3ct.top/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ybswi3ct.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.201.253.110 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 18 Apr 2024 01:44:07 GMT
etag
W/"661e5490-b65"
last-modified
Tue, 16 Apr 2024 10:36:00 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
index.css
cdnyt.8577995.com/feiyuyuan/mingyuan/static/css/ 		0
0
chengse9527.gif
cdnyt.8577995.com/feiyuyuan/mingyuan/static/picture/ 		0
0
chengse2.gif
cdnyt.8577995.com/feiyuyuan/mingyuan/static/picture/ 		0
0
chengsexin2.gif
cdnyt.8577995.com/feiyuyuan/mingyuan/static/picture/ 		0
0
chengsexin3.png
cdnyt.8577995.com/feiyuyuan/mingyuan/static/picture/ 		0
0
jquery-2.2.4.min.js
cdnyt.8577995.com/feiyuyuan/mingyuan/static/js/ 		0
0
appinstall.js
cdnyt.8577995.com/feiyuyuan/ 		0
0
Primary Request /
ybswi3ct.top/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ybswi3ct.top/?channelCode=fy416ip6_2
Requested by
Host: ybswi3ct.top
URL: https://ybswi3ct.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.201.253.110 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
ce8ad21b8501bd1246bab01bac6583a48d7fe2181186b5dc1b514a3bf2c1897a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ybswi3ct.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 18 Apr 2024 01:44:07 GMT
etag
W/"661e5490-b65"
last-modified
Tue, 16 Apr 2024 10:36:00 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
index.css
cdnyt.8577995.com/feiyuyuan/mingyuan/static/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnyt.8577995.com/feiyuyuan/mingyuan/static/css/index.css
Requested by
Host: ybswi3ct.top
URL: https://ybswi3ct.top/?channelCode=fy416ip6_2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a0b:21c0:5002:4::a Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
977b198a3445845db2e1e54e6b63bbec5dbf77acfaa599c1d2e9823c33ac1c87

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ybswi3ct.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ser
BC24_dx-lt-yd-jiangsu-yancheng-8-cache-2, BC122_FR-Paris-Paris-3-cache-1
date
Thu, 18 Apr 2024 01:39:28 GMT
content-encoding
gzip
x-cache
HIT from BC122_FR-Paris-Paris-3-cache-1(baishan)
content-length
746
x-m-reqid
xL8AAHekjnd61MUX
x-m-log
QNM:dal25;SRCPROXY:dal19;SRC:181;SRCPROXY:181;QNM3:182
last-modified
Sat, 13 Apr 2024 11:46:51 GMT
server
openresty
etag
W/"661a70ab-68e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=43200
x-qnm-cache
Miss
expires
Thu, 18 Apr 2024 13:03:00 GMT
chengse9527.gif
cdnyt.8577995.com/feiyuyuan/mingyuan/static/picture/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnyt.8577995.com/feiyuyuan/mingyuan/static/picture/chengse9527.gif
Requested by
Host: ybswi3ct.top
URL: https://ybswi3ct.top/?channelCode=fy416ip6_2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a0b:21c0:5002:4::a Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
8f564dd65db073d8febce8a74863d2fd3aa42151f2b4de153da4048935bb803e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ybswi3ct.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 18 May 2024 00:31:54 GMT
date
Thu, 18 Apr 2024 01:39:28 GMT
x-m-log
QNM:dal51;QNM3
last-modified
Sat, 13 Apr 2024 12:37:15 GMT
server
openresty
etag
"661a7c7b-254237"
x-cache
HIT from BC231_FR-Paris-Paris-3-cache-1(baishan)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
x-qnm-cache
Hit
content-length
2441783
x-m-reqid
WHAAAGQIozpM18UX
x-ser
BC144_dx-lt-yd-zhejiang-jinhua-5-cache-18, BC231_FR-Paris-Paris-3-cache-1
chengse2.gif
cdnyt.8577995.com/feiyuyuan/mingyuan/static/picture/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnyt.8577995.com/feiyuyuan/mingyuan/static/picture/chengse2.gif
Requested by
Host: ybswi3ct.top
URL: https://ybswi3ct.top/?channelCode=fy416ip6_2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a0b:21c0:5002:4::a Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
bfa8e8c0f618c5f58530e8bcab1c5693c48552b71c09fe8b2c942a029c5235aa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ybswi3ct.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 18 May 2024 01:03:00 GMT
date
Thu, 18 Apr 2024 01:39:28 GMT
x-m-log
QNM:dal125;QNM3
last-modified
Sat, 13 Apr 2024 12:37:08 GMT
server
openresty
etag
"661a7c74-5edf"
x-cache
HIT from BC231_FR-Paris-Paris-3-cache-1(baishan)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-qnm-cache
Hit
content-length
24287
x-m-reqid
40kAAIxLM2hI18UX
x-ser
BC146_dx-lt-yd-jiangsu-yancheng-8-cache-16, BC231_FR-Paris-Paris-3-cache-1
chengsexin2.gif
cdnyt.8577995.com/feiyuyuan/mingyuan/static/picture/ 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnyt.8577995.com/feiyuyuan/mingyuan/static/picture/chengsexin2.gif
Requested by
Host: ybswi3ct.top
URL: https://ybswi3ct.top/?channelCode=fy416ip6_2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a0b:21c0:5002:4::a Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
707bc6bba8dde6faef373ee757709fcb0b2b1335bfc26205b963d19d7f44cbc6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ybswi3ct.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 18 May 2024 01:03:00 GMT
date
Thu, 18 Apr 2024 01:39:28 GMT
x-m-log
QNM:dal129;QNM3
last-modified
Sat, 13 Apr 2024 12:37:19 GMT
server
openresty
etag
"661a7c7f-205dd"
x-cache
HIT from BC232_FR-Paris-Paris-3-cache-1(baishan)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-qnm-cache
Hit
content-length
132573
x-m-reqid
agwAAG32DxRP18UX
x-ser
BC166_dx-lt-yd-zhejiang-wenzhou-11-cache-3, BC232_FR-Paris-Paris-3-cache-1
chengsexin3.png
cdnyt.8577995.com/feiyuyuan/mingyuan/static/picture/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnyt.8577995.com/feiyuyuan/mingyuan/static/picture/chengsexin3.png
Requested by
Host: ybswi3ct.top
URL: https://ybswi3ct.top/?channelCode=fy416ip6_2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a0b:21c0:5002:4::a Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
e1a40abec05f5c8d847d24a1d806afe6450d0feef4e5191ddc45ff31e5b69823

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ybswi3ct.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ser
BC25_dx-lt-yd-jiangsu-yancheng-8-cache-2, BC233_FR-Paris-Paris-3-cache-1
x-log
IMAGESLIM:53;BOOTS-PROXY:54;BOOTS-PROXY:55;BOOTS-PIPE:56;BOOTS-PROXY:56;BOOTS-PROXY:57;FUSIONGATE:250
date
Thu, 18 Apr 2024 01:39:28 GMT
x-reqid
xL8AAJH8_voEHMcX
x-cache
HIT from BC233_FR-Paris-Paris-3-cache-1(baishan)
content-length
41392
x-m-reqid
xL8AAJH8_voEHMcX
x-m-log
QNM:dal25;SRCPROXY:dal20;QNM:dal51;SRCPROXY:dal19;SRC:187;SRCPROXY:187;QNM3:188;SRCPROXY:252;QNM3:253
server
openresty
etag
"AGVQYefPUfO1zgrBMWibeMYOKD4_"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-slim-origin
0
x-qnm-cache
Miss, Miss,RawProxy
expires
Sat, 18 May 2024 01:02:59 GMT
jquery-2.2.4.min.js
cdnyt.8577995.com/feiyuyuan/mingyuan/static/js/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnyt.8577995.com/feiyuyuan/mingyuan/static/js/jquery-2.2.4.min.js
Requested by
Host: ybswi3ct.top
URL: https://ybswi3ct.top/?channelCode=fy416ip6_2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a0b:21c0:5002:4::a Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ybswi3ct.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 18 Apr 2024 02:46:28 GMT
date
Thu, 18 Apr 2024 01:39:28 GMT
content-encoding
gzip
x-m-log
QNM:dal25;SRCPROXY:dal20;SRC:365;SRCPROXY:365;QNM3:547
last-modified
Sat, 13 Apr 2024 11:46:51 GMT
server
openresty
etag
W/"661a70ab-14e4a"
vary
Accept-Encoding
x-cache
HIT from BC226_FR-Paris-Paris-3-cache-1(baishan)
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
x-qnm-cache
Miss
x-m-reqid
xL8AAGhCgPeB1MUX
x-ser
BC193_dx-lt-yd-zhejiang-wenzhou-11-cache-14, BC226_FR-Paris-Paris-3-cache-1
appinstall.js
cdnyt.8577995.com/feiyuyuan/ 		46 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnyt.8577995.com/feiyuyuan/appinstall.js
Requested by
Host: ybswi3ct.top
URL: https://ybswi3ct.top/?channelCode=fy416ip6_2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a0b:21c0:5002:4::a Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ybswi3ct.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 18 Apr 2024 04:49:21 GMT
date
Thu, 18 Apr 2024 01:39:28 GMT
x-m-log
QNM:dal51;SRCPROXY:dal19;SRC:361/304;SRCPROXY:362/304;QNM3:368
last-modified
Thu, 15 Feb 2024 08:50:35 GMT
server
openresty
etag
"65cdd05b-b9e1"
vary
Accept-Encoding
x-cache
HIT from BC227_FR-Paris-Paris-3-cache-1(baishan)
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
x-qnm-cache
Validate,Hit
content-length
47585
x-m-reqid
aMUAAEKJ0EWfTLUX
x-ser
BC150_dx-lt-yd-jiangsu-yancheng-8-cache-16, BC227_FR-Paris-Paris-3-cache-1
favicon.ico
ybswi3ct.top/ 		548 B
611 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ybswi3ct.top/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.201.253.110 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ybswi3ct.top/?channelCode=fy416ip6_2
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 01:44:09 GMT
server
nginx
content-length
548
content-type
text/html
init
sdk.renrenjihua.com/web/cw312kln/fy416ip/ 		615 B
900 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.renrenjihua.com/web/cw312kln/fy416ip/init?channelCode=fy416ip6_2&av=0&cv=0&hash=&sw=p6Cmpg&sh=p6Smpg&sp=1&li=p6GkuKehuKa4p6Q
Requested by
Host: cdnyt.8577995.com
URL: https://cdnyt.8577995.com/feiyuyuan/appinstall.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.33.13.110 -, , ASN (),
Reverse DNS
Software
NgxFence /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://ybswi3ct.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 18 Apr 2024 01:39:32 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
server
NgxFence
vary
Origin, Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ybswi3ct.top
access-control-allow-credentials
true
eyJjIjoiZnk0MTZpcDZfMiIsIm0iOiJlWE9lMFV0a1ZYZ0FBQUdPN3R2bkVZbzNuZnJNdmNKeHR2VVJ5OUFmc3hwSjhBZUt5Wi1wcHIzNFoxdEt5UVJodkE2V2NLdUQifQ==
sdk.renrenjihua.com/web/cw312kln/fy416ip/clicked/c/ 		0
380 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sdk.renrenjihua.com/web/cw312kln/fy416ip/clicked/c/eyJjIjoiZnk0MTZpcDZfMiIsIm0iOiJlWE9lMFV0a1ZYZ0FBQUdPN3R2bkVZbzNuZnJNdmNKeHR2VVJ5OUFmc3hwSjhBZUt5Wi1wcHIzNFoxdEt5UVJodkE2V2NLdUQifQ==?p=0&ref=https%3A%2F%2Fybswi3ct.top%2F%3FchannelCode%3Dfy416ip6_2&ac=0&cc=0&channelCode=fy416ip6_2
Requested by
Host: cdnyt.8577995.com
URL: https://cdnyt.8577995.com/feiyuyuan/appinstall.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.33.13.110 -, , ASN (),
Reverse DNS
Software
NgxFence /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ybswi3ct.top/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 01:39:32 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
server
NgxFence
vary
Origin, Origin
access-control-allow-origin
https://ybswi3ct.top
access-control-allow-credentials
true
accept-ranges
bytes
content-length
0
FeiYu-kgj.apk
d12yf8zxb79pgj.cloudfront.net/httrdv/
Redirect Chain
  • https://app-cw312kln.renrenjihua.com/page/cw312kln/install/c/eyJjIjoiZnk0MTZpcDZfMiIsIm0iOiJJSVBZaW9qQkl5Y0FBQUdPN3R2bkVZQm1HUWs3c3hnYk1YX01RZXAxODltVFpqTmo2dzNySmNqS081RXlMZko2SURPUEZUWEoifQ==?p=0
  • https://d12yf8zxb79pgj.cloudfront.net/httrdv/FeiYu-kgj.apk
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdnyt.8577995.com
URL
https://cdnyt.8577995.com/feiyuyuan/mingyuan/static/css/index.css
Domain
cdnyt.8577995.com
URL
https://cdnyt.8577995.com/feiyuyuan/mingyuan/static/picture/chengse9527.gif
Domain
cdnyt.8577995.com
URL
https://cdnyt.8577995.com/feiyuyuan/mingyuan/static/picture/chengse2.gif
Domain
cdnyt.8577995.com
URL
https://cdnyt.8577995.com/feiyuyuan/mingyuan/static/picture/chengsexin2.gif
Domain
cdnyt.8577995.com
URL
https://cdnyt.8577995.com/feiyuyuan/mingyuan/static/picture/chengsexin3.png
Domain
cdnyt.8577995.com
URL
https://cdnyt.8577995.com/feiyuyuan/mingyuan/static/js/jquery-2.2.4.min.js
Domain
cdnyt.8577995.com
URL
https://cdnyt.8577995.com/feiyuyuan/appinstall.js
Domain
d12yf8zxb79pgj.cloudfront.net
URL
https://d12yf8zxb79pgj.cloudfront.net/httrdv/FeiYu-kgj.apk

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Porn Scam (Online)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getQueryString undefined| rootUrl undefined| channelCode undefined| proxyAccount function| $ function| jQuery function| AppInstall

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://ybswi3ct.top/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000