Submitted URL: https://bx-bi9.asia/
Effective URL: http://www.tw-123.net/
Submission Tags: phishingrod
Submission: On December 28 via api from DE — Scanned from DE

Summary

This website contacted 7 IPs in 3 countries across 4 domains to perform 21 HTTP transactions. The main IP is 43.132.105.108, located in Central, Hong Kong and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is www.tw-123.net.
This is the only time www.tw-123.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 196.247.28.100 41564 (AS41564)
2 43.132.105.108 132203 (TENCENT-N...)
1 119.28.164.143 132203 (TENCENT-N...)
2 129.226.106.221 132203 (TENCENT-N...)
1 159.138.23.7 136907 (HWCLOUDS-...)
3 203.205.136.85 132203 (TENCENT-N...)
10 61.130.25.210 136190 (CHINATELE...)
2 240d:c000:201... ()
21 7
Apex Domain
Subdomains
Transfer
11 53kf.com
tb.53kf.com — Cisco Umbrella Rank: 296128
accwww8c1.53kf.com
www8c1.53kf.com
117 KB
8 qq.com
3gimg.qq.com — Cisco Umbrella Rank: 43898
apis.map.qq.com — Cisco Umbrella Rank: 82798
mapapi.qq.com — Cisco Umbrella Rank: 158994
pr.map.qq.com
16 KB
2 tw-123.net
www.tw-123.net
55 KB
1 bx-bi9.asia
bx-bi9.asia
95 B
21 4
Domain Requested by
9 www8c1.53kf.com tb.53kf.com
www.tw-123.net
3 mapapi.qq.com apis.map.qq.com
2 pr.map.qq.com apis.map.qq.com
2 apis.map.qq.com 3gimg.qq.com
mapapi.qq.com
2 www.tw-123.net www.tw-123.net
1 accwww8c1.53kf.com tb.53kf.com
1 tb.53kf.com www.tw-123.net
1 3gimg.qq.com www.tw-123.net
1 bx-bi9.asia 1 redirects
21 9

This site contains links to these domains. Also see Links.

Domain
line.me
Subject Issuer Validity Valid
*.flow.qq.com
GlobalSign Organization Validation CA - SHA256 - G2
2022-04-28 -
2023-05-30
a year crt.sh
*.march01.sparta.3g.qq.com
GlobalSign Organization Validation CA - SHA256 - G2
2022-03-09 -
2023-04-10
a year crt.sh
*.53kf.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2022-07-07 -
2023-07-07
a year crt.sh
*.july-03-2022.sparta.3g.qq.com
GlobalSign Organization Validation CA - SHA256 - G2
2022-08-05 -
2023-09-06
a year crt.sh

This page contains 2 frames:

Primary Page: http://www.tw-123.net/
Frame ID: 08DC3D153A6A15FA838F6D53D5798AA2
Requests: 14 HTTP requests in this frame

Frame: https://apis.map.qq.com/tools/geolocation?key=5WFBZ-IAS3J-IK3FJ-FFHNY-NJSF2-LQFXZ&referer=h5
Frame ID: 5A8263636D3DACD39B6078AB582A07CC
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

台北購物網 - 台北郵購 - 香港購物網

Page URL History Show full URLs

  1. https://bx-bi9.asia/ HTTP 302
    http://www.tw-123.net/ Page URL

Page Statistics

21
Requests

86 %
HTTPS

13 %
IPv6

4
Domains

9
Subdomains

7
IPs

3
Countries

188 kB
Transfer

468 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bx-bi9.asia/ HTTP 302
    http://www.tw-123.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.tw-123.net/
Redirect Chain
  • https://bx-bi9.asia/
  • http://www.tw-123.net/
4 KB
4 KB
Document
General
Full URL
http://www.tw-123.net/
Protocol
HTTP/1.1
Server
43.132.105.108 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
e36c13b3c5376810a24121f2f36c91ea7fc7939ea24f4e94c4722034cfb1328d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
3784
Content-Type
text/html
Date
Wed, 28 Dec 2022 06:56:57 GMT
ETag
"b9ceb9558400ef825d6af95f073d13f5"
Last-Modified
Tue, 27 Dec 2022 03:02:25 GMT
Server
tencent-cos
x-cos-hash-crc64ecma
477278598305299921
x-cos-request-id
NjNhYmU4YjlfYzc4ZTI3MDlfMjMyZF8zOWQ5NjI2

Redirect headers

content-length
267
content-type
text/html; charset=iso-8859-1
date
Wed, 28 Dec 2022 06:56:56 GMT
location
http://www.tw-123.net
server
Apache
geolocation.min.js
3gimg.qq.com/lightmap/components/geolocation/
2 KB
1 KB
Script
General
Full URL
https://3gimg.qq.com/lightmap/components/geolocation/geolocation.min.js
Requested by
Host: www.tw-123.net
URL: http://www.tw-123.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.28.164.143 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
TencentCOS /
Resource Hash
5ff20c933cd5f09d2c77f31298837ea649e0f9af4884abf25bc30b472f6dae9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 21:36:27 GMT
x-cos-object-type
normal
content-encoding
gzip
x-cache-lookup
Cache Hit, Hit From Inner Cluster
x-cos-storage-class
STANDARD_IA
content-length
1036
x-cos-hash-crc64ecma
9793051263248070416
last-modified
Sat, 12 Mar 2022 22:55:19 GMT
server
TencentCOS
etag
"59e2e449d14a32b45e8a80032d262d8fe012255e"
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
x-nws-log-uuid
7057378827148836182
accept-ranges
bytes
ip
0.0.0.0
access-control-allow-headers
*
qr.jpg
www.tw-123.net/
51 KB
51 KB
Image
General
Full URL
http://www.tw-123.net/qr.jpg
Requested by
Host: www.tw-123.net
URL: http://www.tw-123.net/
Protocol
HTTP/1.1
Server
43.132.105.108 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
460053968b0c80d8ce4d10d6990a76811e7fd59bcf6875b5db7f36ca5e9bca78

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 28 Dec 2022 06:56:57 GMT
x-cos-hash-crc64ecma
6517538613803924648
Last-Modified
Sun, 25 Dec 2022 13:17:41 GMT
Server
tencent-cos
ETag
"580316414451168610e1fd30fd0e6231"
Content-Type
image/jpeg
x-cos-request-id
NjNhYmU4YjlfYzc4ZTI3MDlfMjMzOF8zOTE3ZDE5
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51940
geolocation
apis.map.qq.com/tools/ Frame 5A82
2 KB
1 KB
Document
General
Full URL
https://apis.map.qq.com/tools/geolocation?key=5WFBZ-IAS3J-IK3FJ-FFHNY-NJSF2-LQFXZ&referer=h5
Requested by
Host: 3gimg.qq.com
URL: https://3gimg.qq.com/lightmap/components/geolocation/geolocation.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
129.226.106.221 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
f96321fb3e3dea1bfab9b9df1c3c83fad70646884ac23d759dcbe715e3a9dc0a

Request headers

Referer
http://www.tw-123.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 28 Dec 2022 06:57:00 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Response-Time
18.396ms
1
tb.53kf.com/code/code/9007871/
161 KB
39 KB
Script
General
Full URL
https://tb.53kf.com/code/code/9007871/1
Requested by
Host: www.tw-123.net
URL: http://www.tw-123.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.138.23.7 Central, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-23-7.compute.hwclouds-dns.com
Software
openresty /
Resource Hash
6bd7480a6c2986cdee62acb63204aaa33cac87ae4b4ea892a34a7817674706b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 28 Dec 2022 06:57:00 GMT
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
Vary
Accept-Encoding
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
text/javascript; charset=utf-8
Cache-control
private
geolocation_c55a9bf.css
mapapi.qq.com/web/mapComponents/geoLocation/v/static/geolocation/static/css/ Frame 5A82
542 B
654 B
Stylesheet
General
Full URL
https://mapapi.qq.com/web/mapComponents/geoLocation/v/static/geolocation/static/css/geolocation_c55a9bf.css
Requested by
Host: apis.map.qq.com
URL: https://apis.map.qq.com/tools/geolocation?key=5WFBZ-IAS3J-IK3FJ-FFHNY-NJSF2-LQFXZ&referer=h5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.136.85 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
X2S_Platform /
Resource Hash
ec491bc326e6802512dcc0b943bfdafa230e9ac5bf9b1f8e2659864d674b6925

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apis.map.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 06:57:01 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Thu, 10 Dec 2020 10:15:43 GMT
server
X2S_Platform
vary
Origin
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600
server_ip
203.205.136.85
x-nws-log-uuid
43e4bead-a166-4d37-aab4-66465154c229
accept-ranges
bytes
content-length
339
expires
Wed, 28 Dec 2022 07:57:01 GMT
mod_0d3c97a.js
mapapi.qq.com/web/mapComponents/static/common/static/js/ Frame 5A82
5 KB
2 KB
Script
General
Full URL
https://mapapi.qq.com/web/mapComponents/static/common/static/js/mod_0d3c97a.js
Requested by
Host: apis.map.qq.com
URL: https://apis.map.qq.com/tools/geolocation?key=5WFBZ-IAS3J-IK3FJ-FFHNY-NJSF2-LQFXZ&referer=h5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.136.85 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
X2S_Platform /
Resource Hash
740eaf1c2e167eadf0c8d0b1ba0ece9fbd2bea11b0ea1b5730e321dd295dee48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apis.map.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 06:57:01 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Thu, 03 Dec 2020 11:35:55 GMT
server
X2S_Platform
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
server_ip
203.205.136.85
x-nws-log-uuid
2927f848-eaba-4273-8c33-0beafb8a9011
accept-ranges
bytes
content-length
1990
expires
Wed, 28 Dec 2022 07:57:01 GMT
geolocation_libs_de092c0.js
mapapi.qq.com/web/mapComponents/geoLocation/v/static/geolocation/static/pkg/ Frame 5A82
29 KB
9 KB
Script
General
Full URL
https://mapapi.qq.com/web/mapComponents/geoLocation/v/static/geolocation/static/pkg/geolocation_libs_de092c0.js
Requested by
Host: apis.map.qq.com
URL: https://apis.map.qq.com/tools/geolocation?key=5WFBZ-IAS3J-IK3FJ-FFHNY-NJSF2-LQFXZ&referer=h5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.136.85 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
X2S_Platform /
Resource Hash
c7d642d73337e331ae47dc81f73e5953e7fcba1000215d8c8a19be504d7693f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apis.map.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 06:57:01 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Thu, 10 Dec 2020 10:15:45 GMT
server
X2S_Platform
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
server_ip
203.205.136.85
x-nws-log-uuid
bdf37259-3d15-44cd-a867-65c4c50bc178
accept-ranges
bytes
content-length
8763
expires
Wed, 28 Dec 2022 07:57:01 GMT
sendacc.jsp
accwww8c1.53kf.com/
20 B
205 B
Script
General
Full URL
http://accwww8c1.53kf.com/sendacc.jsp?cmd=ACC&did=0&sid=12&company_id=70710876&guest_id=11692811684000&status=0&guest_name=&guest_ip=37.58.57.4&guest_ip_info=%E5%BE%B7%E5%9B%BD&area=%E6%B3%95%E5%85%B0%E5%85%8B%E7%A6%8F%2D%E6%B3%95%E5%85%B0%E5%85%8B%E7%A6%8F&from_page=&talk_page=http%3A%2F%2Fwww.tw-123.net%2F&kf_time=1672210620&bto_id6d=-99&time=1672210620748&ucust_id=&style=1&is_mobile=n&visitor_type=new&is_uv=1&browser=chrome&os=os_other&is_revisit=0&page_title=%E5%8F%B0%E5%8C%97%E8%B3%BC%E7%89%A9%E7%B6%B2%20-%20%E5%8F%B0%E5%8C%97%E9%83%B5%E8%B3%BC%20-%20%E9%A6%99%E6%B8%AF%E8%B3%BC%E7%89%A9%E7%B6%B2
Requested by
Host: tb.53kf.com
URL: https://tb.53kf.com/code/code/9007871/1
Protocol
HTTP/1.1
Server
61.130.25.210 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
70c7cda673633bdfe6dc8c288d7bfa3152b2bb05b030bd2d13661b5ab8dedd15

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 28 Dec 2022 06:57:01 GMT
Server
openresty
Connection
close
Content-Length
20
Content-Type
text/html;Charset=utf-8
mobile_icon_70710876_1.js
www8c1.53kf.com/custom/70710876/
4 KB
1 KB
Script
General
Full URL
https://www8c1.53kf.com/custom/70710876/mobile_icon_70710876_1.js?v=1669174000
Requested by
Host: tb.53kf.com
URL: https://tb.53kf.com/code/code/9007871/1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.130.25.210 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
245140e2e6dd71f79a4e3a28ef05caf50c095e6e9b3b52d1d1ae09320d9faaff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 06:57:01 GMT
content-encoding
gzip
last-modified
Wed, 23 Nov 2022 03:26:40 GMT
server
openresty
etag
W/"637d92f0-10d8"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=259200
expires
Sat, 31 Dec 2022 06:57:01 GMT
mobile_invite_70710876_1.js
www8c1.53kf.com/custom/70710876/
2 KB
782 B
Script
General
Full URL
https://www8c1.53kf.com/custom/70710876/mobile_invite_70710876_1.js?v=1641796996
Requested by
Host: tb.53kf.com
URL: https://tb.53kf.com/code/code/9007871/1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.130.25.210 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
ca12e8db1fe26b302a480f99050dd272bb1442ca4b4acf0609801400bd933d37

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 06:57:01 GMT
content-encoding
gzip
last-modified
Mon, 10 Jan 2022 06:43:16 GMT
server
openresty
etag
W/"61dbd584-627"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=259200
expires
Sat, 31 Dec 2022 06:57:01 GMT
assign_worker_70710876_1.js
www8c1.53kf.com/custom/70710876/
187 B
382 B
Script
General
Full URL
https://www8c1.53kf.com/custom/70710876/assign_worker_70710876_1.js?v=1537498828
Requested by
Host: tb.53kf.com
URL: https://tb.53kf.com/code/code/9007871/1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.130.25.210 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
8563bf94a0867ae94a2434d347231fe5dbc34253e2e8a044969a47892351e3f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 06:57:01 GMT
last-modified
Fri, 03 Sep 2021 11:46:45 GMT
server
openresty
etag
"61320b25-bb"
content-type
application/x-javascript
cache-control
max-age=259200
accept-ranges
bytes
content-length
187
expires
Sat, 31 Dec 2022 06:57:01 GMT
mobile_chat_70710876_1.js
www8c1.53kf.com/custom/70710876/
3 KB
1021 B
Script
General
Full URL
https://www8c1.53kf.com/custom/70710876/mobile_chat_70710876_1.js?v=1669174000
Requested by
Host: tb.53kf.com
URL: https://tb.53kf.com/code/code/9007871/1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.130.25.210 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
e11a3ce0c8ed8eb4871072fdcd7d84ff14db4412fcea12a8c62770898e8cdd28

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 06:57:01 GMT
content-encoding
gzip
last-modified
Wed, 23 Nov 2022 03:26:40 GMT
server
openresty
etag
W/"637d92f0-a2d"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=259200
expires
Sat, 31 Dec 2022 06:57:01 GMT
kf_new.php
www8c1.53kf.com/
31 KB
11 KB
Script
General
Full URL
https://www8c1.53kf.com/kf_new.php?style=1&arg=9007871&land_page=http%3A%2F%2Fwww.tw-123.net%2F&from_page=&guest_id=11692811684000&kf_sign=jIxMDMTY3MYyMDExNjkyODExNjg0MDAwNzA3MTA4NzY%3D&api_uuid=d5325c5666d581d5ba17a0aeaa5c6119&uuid_53kf=4770aa1c9d2e62c03c10ef535a6b7340&ip_long=624572676&time=1672210620751
Requested by
Host: tb.53kf.com
URL: https://tb.53kf.com/code/code/9007871/1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.130.25.210 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
153cadb6c1593dd78a6582e25036c7446741d6e1864272d87e356ed2a1fad903

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/javascript; charset=utf-8
date
Wed, 28 Dec 2022 06:57:01 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
kf_ivt_new.php
www8c1.53kf.com/
82 KB
18 KB
Script
General
Full URL
https://www8c1.53kf.com/kf_ivt_new.php?kf_sign=jIxMDMTY3MYyMDExNjkyODExNjg0MDAwNzA3MTA4NzY=&arg=9007871&style=1&isonline=1&kfonline=1&lang=tw&resize=yes&charset=utf-8&kflist=off&kf=006,010&zdkf_type=1&lnk_overflow=0&callback_id6ds=5328017&guest_id=11692811684000&referer=http%3A%2F%2Fwww.tw-123.net%2F&keyword=&tpl_name=crystal_blue&tpl_width=800&tpl_height=600&uid=d5325c5666d581d5ba17a0aeaa5c6119&is_group=&0.9311524684614718&talktitle=%E5%8F%B0%E5%8C%97%E8%B3%BC%E7%89%A9%E7%B6%B2%20-%20%E5%8F%B0%E5%8C%97%E9%83%B5%E8%B3%BC%20-%20%E9%A6%99%E6%B8%AF%E8%B3%BC%E7%89%A9%E7%B6%B2&uuid_53kf=4770aa1c9d2e62c03c10ef535a6b7340&u_cust_id=&u_cust_name=&u_custom_info=
Requested by
Host: tb.53kf.com
URL: https://tb.53kf.com/code/code/9007871/1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.130.25.210 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
a28cf054c11f48ffd53110aca81f0c102628684be475ec7c1176a3582e1a755a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/javascript; charset=utf-8
date
Wed, 28 Dec 2022 06:57:02 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Group_23.png
www8c1.53kf.com/style/setting/ver07/img/style_setting_icon/
17 KB
17 KB
Image
General
Full URL
https://www8c1.53kf.com/style/setting/ver07/img/style_setting_icon/Group_23.png
Requested by
Host: www.tw-123.net
URL: http://www.tw-123.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.130.25.210 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
5b26a67a3e50a878d7c72e9a4738d5c36a9e81d7bdb6055a1bbe730f8ad07307

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 06:57:02 GMT
last-modified
Wed, 12 Sep 2018 09:56:18 GMT
server
openresty
etag
"5b98e2c2-4433"
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
content-length
17459
expires
Sat, 31 Dec 2022 06:57:02 GMT
pingd
pr.map.qq.com/ Frame 5A82
43 B
314 B
Image
General
Full URL
https://pr.map.qq.com/pingd?appid=mc_geolocation&logid=pv&from=h5&referer=http%3A%2F%2Fwww.tw-123.net%2F&_ignore=34600&sw=1600&sh=1200&dpr=1
Requested by
Host: apis.map.qq.com
URL: https://apis.map.qq.com/tools/geolocation?key=5WFBZ-IAS3J-IK3FJ-FFHNY-NJSF2-LQFXZ&referer=h5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240d:c000:2010:1807:0:95aa:d344:4937 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apis.map.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 28 Dec 2022 06:57:03 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ip
apis.map.qq.com/ws/location/v1/ Frame 5A82
296 B
531 B
Script
General
Full URL
https://apis.map.qq.com/ws/location/v1/ip?callback=window._JSONP_callback.JSONP4712&ip=37.58.57.4&key=TKUBZ-D24AF-GJ4JY-JDVM2-IBYKK-KEBCU&output=jsonp&t=1672210621948
Requested by
Host: mapapi.qq.com
URL: https://mapapi.qq.com/web/mapComponents/geoLocation/v/static/geolocation/static/pkg/geolocation_libs_de092c0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
129.226.106.221 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
814008aa9db10bb278d6311a2751a982738ed3dde95181891723288fb35e54b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apis.map.qq.com/tools/geolocation?key=5WFBZ-IAS3J-IK3FJ-FFHNY-NJSF2-LQFXZ&referer=h5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 28 Dec 2022 06:57:02 GMT
X-Limit
current_qps=47; limit_qps=1500; current_pv=9260459; limit_pv=100000000
Connection
keep-alive
Content-Length
296
Content-Type
application/javascript; charset=utf-8
pingd
pr.map.qq.com/ Frame 5A82
43 B
314 B
Image
General
Full URL
https://pr.map.qq.com/pingd?appid=mc_geolocation&logid=geolocation&from=h5&referer=http%3A%2F%2Fwww.tw-123.net%2F&_ignore=81314&type=temp&success=0&message=fail&loc_time=0.002
Requested by
Host: apis.map.qq.com
URL: https://apis.map.qq.com/tools/geolocation?key=5WFBZ-IAS3J-IK3FJ-FFHNY-NJSF2-LQFXZ&referer=h5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240d:c000:2010:1807:0:95aa:d344:4937 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apis.map.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 28 Dec 2022 06:57:03 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
mobile_53kf_1512306410.png
www8c1.53kf.com/img/upload/9007871/mobile/temp/
4 KB
5 KB
Image
General
Full URL
https://www8c1.53kf.com/img/upload/9007871/mobile/temp/mobile_53kf_1512306410.png
Requested by
Host: www.tw-123.net
URL: http://www.tw-123.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.130.25.210 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
3e764aef945cb9f6ef945e59a6d74ea6686af660feff4e769216994d7e564540

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 06:57:02 GMT
last-modified
Fri, 03 Sep 2021 11:46:44 GMT
server
openresty
etag
"61320b24-11ce"
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
content-length
4558
expires
Sat, 31 Dec 2022 06:57:02 GMT
jquery-1.4.2.flp.js
www8c1.53kf.com/minkh/js/
70 KB
24 KB
Script
General
Full URL
https://www8c1.53kf.com/minkh/js/jquery-1.4.2.flp.js?20121127002
Requested by
Host: tb.53kf.com
URL: https://tb.53kf.com/code/code/9007871/1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.130.25.210 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
ab7c6819c298fb73eb4c97eb4febccb234faaf83494280d64db41d9dfcdd9778

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 06:57:03 GMT
content-encoding
gzip
last-modified
Fri, 22 Feb 2013 09:00:17 GMT
server
openresty
etag
W/"512733a1-11875"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=259200
expires
Sat, 31 Dec 2022 06:57:03 GMT

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| qq object| soso object| geolocation object| options function| showPosition function| showErr function| check_lang string| facilitator_id string| local_cookie string| information_switch string| acc_host string| companyid string| hz6d_guest_ip string| ipstr string| areastr string| ipContinent number| in_timestamp string| hz6d_guest_id string| hz6d_style_id string| hz6d_alias_host object| company_site number| mnone string| hz6d_device string| get_gdt_openid string| kf_sign string| cloud_service string| user_u_cust_id string| user_u_cust_name string| user_u_custom_info undefined| local_guest_id string| lua_uuid_53kf string| force_kf undefined| android_guest_id string| http_pro function| hz6d_html_replace function| hz6d_is_exist function| hz6d_is_exists boolean| hasdoctype function| detectBrowser function| smoothMove string| browser function| setIsinvited function| set53gidCookie undefined| hz6d_53gid2 undefined| hz6d_53gid0 undefined| hz6d_53gid1 number| is_revisit string| hz6d_from_page string| hz6d_now_host function| getHz6dReferer undefined| hz6d_from_page_referer undefined| hz6d_from_page_host undefined| hz6d_now_hosts_string undefined| hz6d_now_hosts string| uuid_53kf string| acc_browser string| acc_os string| hz6d_land_page boolean| in_site string| talk_page_now string| talk_page boolean| is_null undefined| p number| acc_first_time boolean| acc_get_force function| hz6d_sendACC undefined| gdt_time undefined| gdt_url object| head object| script boolean| done number| onliner_zdfq function| $53 boolean| ret string| hz6d_from_page_new string| kf_70710876_land_page_ok string| id_creared_53app object| _53App string| hz6d_referer number| kf_success number| kftype string| powered_by_53kf_url string| powered_by_53kf_txt number| hz6d_kf_type number| hz6d_pos_model string| hz6d_hidden number| hz6d_close_icon number| hz6d_icon_type function| AccCallBack string| openurl function| getIconEvent function| Fk function| set_hz6d_bottom_logo string| callback_id6ds string| icon_qq string| icon_weibo string| position_mode string| inv_left string| inv_top object| hz6d_icon_div string| hz6d_icon_html object| doc object| fk function| positionIcon object| _kfApi object| _53stat function| hz6d_KfStat number| posi

12 Cookies

Domain/Path Name / Value
.www.tw-123.net/ Name: 53gid2
Value: 11692811684000
.www.tw-123.net/ Name: visitor_type
Value: new
.www.tw-123.net/ Name: 53gid0
Value: 11692811684000
.www.tw-123.net/ Name: 53gid1
Value: 11692811684000
.www.tw-123.net/ Name: 53revisit
Value: 1672210620746
.www.tw-123.net/ Name: 53kf_70710876_from_host
Value: www.tw-123.net
.www.tw-123.net/ Name: 53kf_70710876_keyword
Value:
.www.tw-123.net/ Name: uuid_53kf_70710876
Value: 4770aa1c9d2e62c03c10ef535a6b7340
.www.tw-123.net/ Name: 53kf_70710876_land_page
Value: http%253A%252F%252Fwww.tw-123.net%252F
.www.tw-123.net/ Name: kf_70710876_land_page_ok
Value: 1
.www.tw-123.net/ Name: 53uvid
Value: 1
www.tw-123.net/ Name: onliner_zdfq70710876
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3gimg.qq.com
accwww8c1.53kf.com
apis.map.qq.com
bx-bi9.asia
mapapi.qq.com
pr.map.qq.com
tb.53kf.com
www.tw-123.net
www8c1.53kf.com
119.28.164.143
129.226.106.221
159.138.23.7
196.247.28.100
203.205.136.85
240d:c000:2010:1807:0:95aa:d344:4937
43.132.105.108
61.130.25.210
153cadb6c1593dd78a6582e25036c7446741d6e1864272d87e356ed2a1fad903
245140e2e6dd71f79a4e3a28ef05caf50c095e6e9b3b52d1d1ae09320d9faaff
3e764aef945cb9f6ef945e59a6d74ea6686af660feff4e769216994d7e564540
460053968b0c80d8ce4d10d6990a76811e7fd59bcf6875b5db7f36ca5e9bca78
5b26a67a3e50a878d7c72e9a4738d5c36a9e81d7bdb6055a1bbe730f8ad07307
5ff20c933cd5f09d2c77f31298837ea649e0f9af4884abf25bc30b472f6dae9f
6bd7480a6c2986cdee62acb63204aaa33cac87ae4b4ea892a34a7817674706b5
70c7cda673633bdfe6dc8c288d7bfa3152b2bb05b030bd2d13661b5ab8dedd15
740eaf1c2e167eadf0c8d0b1ba0ece9fbd2bea11b0ea1b5730e321dd295dee48
814008aa9db10bb278d6311a2751a982738ed3dde95181891723288fb35e54b1
8563bf94a0867ae94a2434d347231fe5dbc34253e2e8a044969a47892351e3f1
a28cf054c11f48ffd53110aca81f0c102628684be475ec7c1176a3582e1a755a
ab7c6819c298fb73eb4c97eb4febccb234faaf83494280d64db41d9dfcdd9778
c7d642d73337e331ae47dc81f73e5953e7fcba1000215d8c8a19be504d7693f9
ca12e8db1fe26b302a480f99050dd272bb1442ca4b4acf0609801400bd933d37
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e11a3ce0c8ed8eb4871072fdcd7d84ff14db4412fcea12a8c62770898e8cdd28
e36c13b3c5376810a24121f2f36c91ea7fc7939ea24f4e94c4722034cfb1328d
ec491bc326e6802512dcc0b943bfdafa230e9ac5bf9b1f8e2659864d674b6925
f96321fb3e3dea1bfab9b9df1c3c83fad70646884ac23d759dcbe715e3a9dc0a