urlscan.io logo urlscan.io
SecurityTrails logo

nes.lsc124.shop Open in urlscan Pro
103.190.169.95  Public Scan

Go To Rescan Add Verdict Report
URL: https://nes.lsc124.shop/
Submission: On November 09 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 5 domains to perform 19 HTTP transactions. The main IP is 103.190.169.95, located in Taiwan and belongs to SKYCLOUD-NET Skycloud Computing co., Ltd., TW. The main domain is nes.lsc124.shop.
TLS certificate: Issued by R11 on November 7th 2024. Valid for: 3 months.
This is the only time nes.lsc124.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 103.190.169.95 7483 (SKYCLOUD-...)
2 240e:cf:8800:... 134238 (CT-JIANGX...)
8 2600:9000:23c... 16509 (AMAZON-02)
1 137.175.92.4 54600 (PEG-SV)
1 1 101.43.83.148 45090 (TENCENT-N...)
1 116.114.98.35 4837 (CHINA169-...)
1 2600:9000:26f... 16509 (AMAZON-02)
1 2600:9000:26f... 16509 (AMAZON-02)
1 2600:9000:220... 16509 (AMAZON-02)
1 2409:8c20:5c6... 56046 (CMNET-JIA...)
19 9
3    103.190.169.95 (Taiwan)

ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)
nes.lsc124.shop
2    240e:cf:8800:53:3::7ea (China)

ASN134238 (CT-JIANGXI-IDC CHINANET Jiangx province IDC network, CN)
s9.cnzz.com
c.cnzz.com
8    2600:9000:23cb:8600:1e:4a65:6f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.salesmartly.com
1    137.175.92.4 (United States)

ASN54600 (PEG-SV, US)
137.175.92.4
1    101.43.83.148 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
pic.imgdb.cn
1    116.114.98.35 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
wkphoto.cdn.bcebos.com
1    2600:9000:26fa:2800:1e:b46c:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
client.salesmartly.com
1    2600:9000:26fa:b000:1:8ade:fa00:93a1 (United States)

ASN16509 (AMAZON-02, US)
api.salesmartly.com
1    2600:9000:2209:e000:16:41f9:b9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
srz.salesmartly.com
1    2409:8c20:5c64:2000::6 (China)

ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN)
z12.cnzz.com
Apex Domain
Subdomains		 Transfer
11 salesmartly.com
assets.salesmartly.com — Cisco Umbrella Rank: 103422
client.salesmartly.com — Cisco Umbrella Rank: 151337
api.salesmartly.com — Cisco Umbrella Rank: 98439
srz.salesmartly.com — Cisco Umbrella Rank: 101233
313 KB
3 cnzz.com
s9.cnzz.com — Cisco Umbrella Rank: 151704
z12.cnzz.com — Cisco Umbrella Rank: 222973
c.cnzz.com — Cisco Umbrella Rank: 101023
5 KB
3 lsc124.shop
nes.lsc124.shop
61 KB
1 bcebos.com
wkphoto.cdn.bcebos.com — Cisco Umbrella Rank: 892434
1 imgdb.cn
pic.imgdb.cn — Cisco Umbrella Rank: 483453
132 B
19 5
Domain Requested by
8 assets.salesmartly.com nes.lsc124.shop
assets.salesmartly.com
3 nes.lsc124.shop nes.lsc124.shop
1 c.cnzz.com s9.cnzz.com
1 z12.cnzz.com s9.cnzz.com
1 srz.salesmartly.com assets.salesmartly.com
1 api.salesmartly.com assets.salesmartly.com
1 client.salesmartly.com nes.lsc124.shop
1 wkphoto.cdn.bcebos.com nes.lsc124.shop
1 pic.imgdb.cn 1 redirects
1 s9.cnzz.com nes.lsc124.shop
19 10

This site contains links to these domains. Also see Links.

Domain
168280.cc
Subject Issuer Validity Valid
nes.lsc124.shop
R11		 2024-11-07 -
2025-02-05		 3 months crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-02-17 -
2025-03-20		 a year crt.sh
*.salesmartly.com
Amazon RSA 2048 M02		 2024-05-21 -
2025-06-19		 a year crt.sh
137.175.92.4
Certum Domain Validation CA SHA2		 2024-08-01 -
2025-08-31		 a year crt.sh

This page contains 2 frames:

Primary Page: https://nes.lsc124.shop/
Frame ID: 0040A9B7BACB4E6FFC50BC55014BCD39
Requests: 11 HTTP requests in this frame

Frame: https://assets.salesmartly.com/chat/widget/code/css/chunk-common.fcd1043f.css
Frame ID: DA9F6CA1611A4492B9C11D1092298AFF
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

【新消息】恭喜你成为尊贵的豪爵车主

Page Statistics

19
Requests

95 %
HTTPS

60 %
IPv6

5
Domains

10
Subdomains

9
IPs

3
Countries

404 kB
Transfer

1284 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://pic.imgdb.cn/item/6720b80bd29ded1a8c2fc5ec.gif HTTP 302
  • https://wkphoto.cdn.bcebos.com/f9198618367adab447dadf2c9bd4b31c8701e453.jpg

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nes.lsc124.shop/ 		137 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nes.lsc124.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.190.169.95 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software
nginx /
Resource Hash
f06a3f8829d88d8b3eaae2ce7aa7e5ec2392e6e261df3bd1292d430b4f85150f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 09 Nov 2024 05:38:32 GMT
ETag
W/"6728cd24-2248f"
Last-Modified
Mon, 04 Nov 2024 13:33:24 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache
MISS from zone4-cdn169-085
style.css
nes.lsc124.shop/files/ 		124 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nes.lsc124.shop/files/style.css
Requested by
Host: nes.lsc124.shop
URL: https://nes.lsc124.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.190.169.95 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software
nginx /
Resource Hash
d790267ab244a9f05f16fde34f0a9784e3f22d9ecfc8e1189baf787786adef33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nes.lsc124.shop/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=43200
Content-Encoding
gzip
ETag
W/"665dcb78-1f1d2"
Expires
Sat, 09 Nov 2024 17:38:32 GMT
X-Cache
MISS from zone4-cdn169-085
Date
Sat, 09 Nov 2024 05:38:32 GMT
Content-Type
text/css
Last-Modified
Mon, 03 Jun 2024 13:56:08 GMT
Server
nginx
Vary
Accept-Encoding
z.js
s9.cnzz.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s9.cnzz.com/z.js?id=1281388072&async=1
Requested by
Host: nes.lsc124.shop
URL: https://nes.lsc124.shop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:cf:8800:53:3::7ea , China, ASN134238 (CT-JIANGXI-IDC CHINANET Jiangx province IDC network, CN),
Reverse DNS
Software
Tengine /
Resource Hash
01d37568862a2d2fb1218ea7e542e83612ca76a86372e3cd66db0212fabe65ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nes.lsc124.shop/

Response headers

content-encoding
br
etag
W/"642761064645879182"
age
0
x-cache
HIT TCP_REFRESH_HIT dirn:9:572985400
date
Sat, 09 Nov 2024 05:38:34 GMT
content-type
application/javascript
vary
accept-encoding
cache-control
public, max-age=300
x-swift-cachetime
300
timing-allow-origin
*
via
cache9.l2cn7828[69,69,304-0,H], cache64.l2cn7828[71,0], cache11.cn3693[81,81,200-0,H], cache10.cn3693[89,0]
ali-swift-global-savetime
1731130714
x-swift-savetime
Sat, 09 Nov 2024 05:38:34 GMT
eagleid
6ae1f19e17311307145733136e
content-length
3883
server
Tengine
project_20456_162875_1730257580.js
assets.salesmartly.com/js/ 		670 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.salesmartly.com/js/project_20456_162875_1730257580.js
Requested by
Host: nes.lsc124.shop
URL: https://nes.lsc124.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:8600:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
ba92286e3b5d648fc056906e4f2faf93e91c67b26c9a51f1c90c0db4a1e9a957

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nes.lsc124.shop/

Response headers

content-md5
R6zxt/j20ncX58zEImKHmQ==
x-oss-storage-class
Standard
etag
"47ACF1B7F8F6D27717E7CCC422628799"
age
58558
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
axKhEN6RzVdvPB7X_32QPyTCGEsVhj-zO4MgB789ilA0-XMTpTDlLg==
date
Fri, 08 Nov 2024 13:22:35 GMT
x-oss-server-time
4
content-type
application/javascript
last-modified
Wed, 30 Oct 2024 03:06:20 GMT
vary
Origin, Origin
x-oss-hash-crc64ecma
16523560379744243743
via
1.1 aa7ca65bca4d95ba9a04dd166671496c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
670
x-oss-request-id
672E109B08EA323538655B53
x-amz-cf-pop
JFK50-P1
server
AliyunOSS
haoliao.gif
137.175.92.4/tupian/ 		34 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://137.175.92.4:2411/tupian/haoliao.gif
Requested by
Host: nes.lsc124.shop
URL: https://nes.lsc124.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
137.175.92.4 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
15195e1d13639a253484a97d954751499c17d6955a55e3d4394ce7d7bf9ca605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nes.lsc124.shop/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-Control
max-age=2592000
Content-Encoding
gzip
ETag
W/"671676c8-89dd"
Connection
keep-alive
Expires
Mon, 09 Dec 2024 05:38:33 GMT
Date
Sat, 09 Nov 2024 05:38:33 GMT
Content-Type
image/gif
Last-Modified
Mon, 21 Oct 2024 15:44:08 GMT
Server
nginx
Vary
Accept-Encoding
f9198618367adab447dadf2c9bd4b31c8701e453.jpg
wkphoto.cdn.bcebos.com/
Redirect Chain
  • https://pic.imgdb.cn/item/6720b80bd29ded1a8c2fc5ec.gif
  • https://wkphoto.cdn.bcebos.com/f9198618367adab447dadf2c9bd4b31c8701e453.jpg
103 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wkphoto.cdn.bcebos.com/f9198618367adab447dadf2c9bd4b31c8701e453.jpg
Requested by
Host: nes.lsc124.shop
URL: https://nes.lsc124.shop/
Protocol
H2
Server
116.114.98.35 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
jykOBqSga3qpkKt9Z43HTA==
x-bce-flow-control-type
-1
etag
"8f290e06a4a06b7aa990ab7d678dc74c"
age
151382
ohc-cache-hit
als3un54 [4], cdix81 [1]
expires
Sun, 10 Nov 2024 10:47:43 GMT
x-bce-content-crc32
805552965
date
Sat, 09 Nov 2024 05:38:38 GMT
content-type
image/gif
last-modified
Tue, 29 Oct 2024 11:00:22 GMT
ohc-file-size
3835610
x-cache-status
HIT
x-bce-debug-id
GAShBsLG5G5dQyzWiuVgNfkBD/+A+SpdOMCav0qQTbXqDuDvjbmwcrMnWVbv/FqvMHx3OpbtfBs5BDpPgCk84Q==
x-bce-request-id
fadeea7a-e141-4070-9b09-ade9b3ec8d71
accept-ranges
bytes
ohc-global-saved-time
Thu, 07 Nov 2024 10:47:43 GMT
content-length
3835610
x-bce-is-transition
false
server
JSP3/2.0.14
x-bce-storage-class
STANDARD

Redirect headers

access-control-allow-origin
*
location
https://wkphoto.cdn.bcebos.com/f9198618367adab447dadf2c9bd4b31c8701e453.jpg
referrer-policy
no-referrer
install.js
assets.salesmartly.com/chat/widget/code/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.salesmartly.com/chat/widget/code/install.js
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/js/project_20456_162875_1730257580.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:8600:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
a41d518569778a4ffcb9ce89d73a23c61e8f1be40ea89daad19b8d4ae1dc0597

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nes.lsc124.shop/

Response headers

content-md5
1rLkbOAJROkkYGwT9oRRFA==
x-oss-storage-class
Standard
content-encoding
gzip
age
161995
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
_Oj_Kyxy5kRN7TeMI-RG1ScAgXCxWQA1_fLoM5tiTB783W97Hz5RnQ==
date
Thu, 07 Nov 2024 08:38:38 GMT
x-oss-server-time
5
content-type
application/javascript
last-modified
Thu, 07 Nov 2024 08:24:07 GMT
vary
Accept-Encoding,Origin, Origin
cache-control
public, max-age=600
x-oss-hash-crc64ecma
17730520108246453796
via
1.1 aa7ca65bca4d95ba9a04dd166671496c.cloudfront.net (CloudFront)
x-oss-request-id
672C7C8EE9CC4C3135E56A5F
x-amz-cf-pop
JFK50-P1
server
AliyunOSS
chunk-common.fcd1043f.css
assets.salesmartly.com/chat/widget/code/css/ Frame DA9F 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.salesmartly.com/chat/widget/code/css/chunk-common.fcd1043f.css
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:8600:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
67ae4902681eed1ee7a4a3b6a1ab10dfd3a17dec852733954e2f90f0b333713d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
8YlATqQpIwDAs7wjbQrI7Q==
x-oss-storage-class
Standard
content-encoding
gzip
age
161994
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
gqx5GXLeAyIqkY-vxCYRz5TLKgQkRsMVVHD1pGMhR7cEcy4yhCVJ6w==
date
Thu, 07 Nov 2024 08:38:39 GMT
x-oss-server-time
3
content-type
text/css
last-modified
Thu, 07 Nov 2024 08:24:07 GMT
vary
Accept-Encoding,Origin, Origin
cache-control
public, max-age=15552000
x-oss-hash-crc64ecma
16491430429095914100
via
1.1 aa7ca65bca4d95ba9a04dd166671496c.cloudfront.net (CloudFront)
x-oss-request-id
672C7C8F231938343048B8D0
x-amz-cf-pop
JFK50-P1
server
AliyunOSS
plugin.9168360c.css
assets.salesmartly.com/chat/widget/code/css/ Frame DA9F 		62 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.salesmartly.com/chat/widget/code/css/plugin.9168360c.css
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:8600:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
a3d3da6ce95b5baa701a166cab74157f5f35535baa9a4564261784d30bdf95fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
Yb4pRO97lM039lYSmLNhYg==
x-oss-storage-class
Standard
content-encoding
gzip
age
161994
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
AOMe4VSQdWQABVIQrQS8BJUQ0XY8ZD9sSk8QVMLM374EzV4TbC2jXA==
date
Thu, 07 Nov 2024 08:38:39 GMT
x-oss-server-time
4
content-type
text/css
last-modified
Thu, 07 Nov 2024 08:24:07 GMT
vary
Accept-Encoding,Origin, Origin
cache-control
public, max-age=15552000
x-oss-hash-crc64ecma
581344353774175465
via
1.1 aa7ca65bca4d95ba9a04dd166671496c.cloudfront.net (CloudFront)
x-oss-request-id
672C7C8F23193839393FB8D0
x-amz-cf-pop
JFK50-P1
server
AliyunOSS
chunk-common.9e487b8f.js
assets.salesmartly.com/chat/widget/code/js/ Frame DA9F 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.salesmartly.com/chat/widget/code/js/chunk-common.9e487b8f.js
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:8600:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
4443b6e9d85aa8b9f107021e6ed5e02576044ea0445320d33fc2a1c5c3c99c11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
EoiILXos1xosMK6LTct6+g==
x-oss-storage-class
Standard
content-encoding
gzip
age
161994
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
FNzJpnJPHKLSHj4K7ejB-Y1iJONl3pR8wOCkj3ReDTmf_a5utbbGnQ==
date
Thu, 07 Nov 2024 08:38:39 GMT
x-oss-server-time
4
content-type
application/javascript
last-modified
Thu, 07 Nov 2024 08:24:07 GMT
vary
Accept-Encoding,Origin, Origin
cache-control
public, max-age=15552000
x-oss-hash-crc64ecma
11442316330852576063
via
1.1 aa7ca65bca4d95ba9a04dd166671496c.cloudfront.net (CloudFront)
x-oss-request-id
672C7C8F0189C73635D90FF0
x-amz-cf-pop
JFK50-P1
server
AliyunOSS
chunk-vendors.03cb7422.js
assets.salesmartly.com/chat/widget/code/js/ Frame DA9F 		194 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.salesmartly.com/chat/widget/code/js/chunk-vendors.03cb7422.js
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:8600:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
af494312a63754114de1da39e5a5cc402bfe7a2948777f7d5d84b52231e2dcd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
pUfpscKW0n/FHe6YQ9QVVw==
x-oss-storage-class
Standard
content-encoding
gzip
age
161994
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
oXNzD_zraDttC0oBgA30kfW3X65BCSA2cZzY2Hg1vrYZPztSUXTEwg==
date
Thu, 07 Nov 2024 08:38:39 GMT
x-oss-server-time
7
content-type
application/javascript
last-modified
Thu, 07 Nov 2024 08:24:07 GMT
vary
Accept-Encoding,Origin, Origin
cache-control
public, max-age=15552000
x-oss-hash-crc64ecma
299870361214803047
via
1.1 aa7ca65bca4d95ba9a04dd166671496c.cloudfront.net (CloudFront)
x-oss-request-id
672C7C8FF1D29D3233F48C51
x-amz-cf-pop
JFK50-P1
server
AliyunOSS
vendor1_fd8e7641.js
assets.salesmartly.com/chat/widget/code/js/ Frame DA9F 		220 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:8600:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
d13fa59865cd9ce916e46cae3593eeb17c011b5dd2880ca6a65846c2d4e5a9e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
YOHCRGf6GIUU2shKUsykFw==
x-oss-storage-class
Standard
content-encoding
gzip
age
161994
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
ZybahpVo6TK1f_OUWZgciUib9nsk2G-mZrkW_gxEZuNbSD6AaSFuzg==
date
Thu, 07 Nov 2024 08:38:39 GMT
x-oss-server-time
8
content-type
application/javascript
last-modified
Thu, 07 Nov 2024 08:24:07 GMT
vary
Accept-Encoding,Origin, Origin
cache-control
public, max-age=15552000
x-oss-hash-crc64ecma
9671956606219813729
via
1.1 aa7ca65bca4d95ba9a04dd166671496c.cloudfront.net (CloudFront)
x-oss-request-id
672C7C8FFE67F33236EA60EB
x-amz-cf-pop
JFK50-P1
server
AliyunOSS
ling.mp3
client.salesmartly.com/setting/sounds/ 		46 KB
47 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://client.salesmartly.com/setting/sounds/ling.mp3
Requested by
Host: nes.lsc124.shop
URL: https://nes.lsc124.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:2800:1e:b46c:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35fbb2ad61551e3a396591657a66b563222454418238c46005b89418556f9983

Request headers

Referer
https://nes.lsc124.shop/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache-control
public, max-age=15552000
etag
"1065fe976ff9e98d69772fe0f0d7b808"
age
423527
Content-Range
bytes 0-47222/47223
via
1.1 da8cb5b9fb94d7de03d8eaa20297debc.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
Content-Length
47223
x-amz-cf-id
GTCz2rw-mUVQzVY7pCNSKxFVuMc9NgRyNhiAdJH8zvcfPUTF-tUWpQ==
date
Mon, 04 Nov 2024 07:59:48 GMT
content-type
audio/mp3
last-modified
Tue, 02 Jul 2024 06:29:42 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
x-amz-server-side-encryption
AES256
plugin.5f5454e1.js
assets.salesmartly.com/chat/widget/code/js/ Frame DA9F 		310 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.salesmartly.com/chat/widget/code/js/plugin.5f5454e1.js
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/install.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:8600:1e:4a65:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
78c88901d751ff54ddbbaa513b7d4447f165bf256ccf416856e5c8d255c7acfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-md5
9C0HkYvTb7wNfxUhiEdjvw==
x-oss-storage-class
Standard
content-encoding
gzip
age
161994
x-oss-object-type
Normal
x-cache
Hit from cloudfront
x-amz-cf-id
YNCXOQKb05vmX2dsiJA9_M6vGhRsBSjDQTOc_Rj_aZLs-gMYLvMBTg==
date
Thu, 07 Nov 2024 08:38:39 GMT
x-oss-server-time
5
content-type
application/javascript
last-modified
Thu, 07 Nov 2024 08:24:07 GMT
vary
Accept-Encoding,Origin, Origin
cache-control
public, max-age=15552000
x-oss-hash-crc64ecma
7138854609559229380
via
1.1 aa7ca65bca4d95ba9a04dd166671496c.cloudfront.net (CloudFront)
x-oss-request-id
672C7C8FB676933432C78B8E
x-amz-cf-pop
JFK50-P1
server
AliyunOSS
get-plugin-info
api.salesmartly.com/sys/company/plugin/ Frame DA9F 		47 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.salesmartly.com/sys/company/plugin/get-plugin-info?plugin_sign=6bc12402a909f1fcc0f8806ea5f483e9&plugin_id=gdc8ya&over_time=&env=chat&_=1731130714508&_lt=&_u=
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:b000:1:8ade:fa00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHP/7.2.34
Resource Hash
052a4866127cab399192f6179141e92ce42742a7c09ccf7a0ffba2f0583869b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 c06dccfbc9bb974276058f2bb42421ea.cloudfront.net (CloudFront)
access-control-allow-origin
https://nes.lsc124.shop
x-cache
Miss from cloudfront
x-amz-cf-id
5FSTOEFg6El3WSeqUcpSxCUykBhZY4NVT_LS5MslZbx75NxvmjzHHQ==
date
Sat, 09 Nov 2024 05:38:35 GMT
content-type
application/json; charset=UTF-8
x-powered-by
PHP/7.2.34
x-amz-cf-pop
JFK52-P1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type, Share-Access-Token
log
srz.salesmartly.com/client/log/ Frame DA9F 		47 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://srz.salesmartly.com/client/log/log?plugin_sign=7b8b5c00561a5ae3db98bb55ee8e02b7&plugin_id=gdc8ya&over_time=&env=chat&_=1731130714516&_lt=&_u=
Requested by
Host: assets.salesmartly.com
URL: https://assets.salesmartly.com/chat/widget/code/js/vendor1_fd8e7641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:e000:16:41f9:b9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ PHP/7.2.34
Resource Hash
052a4866127cab399192f6179141e92ce42742a7c09ccf7a0ffba2f0583869b5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 34deee8ac34d726c1404a3045667664a.cloudfront.net (CloudFront)
access-control-allow-origin
https://nes.lsc124.shop
x-cache
Miss from cloudfront
x-amz-cf-id
sXbFWOSl3rREbfpYSPKAtAzSFGMheiqjiovAINwyCQCtko6Pq_uDdA==
date
Sat, 09 Nov 2024 05:38:35 GMT
content-type
application/json; charset=UTF-8
x-powered-by
PHP/7.2.34
x-amz-cf-pop
EWR53-P1
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cpl, Agent-Cpl, Send-Cpl, Client-Type
stat.htm
z12.cnzz.com/ 		2 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://z12.cnzz.com/stat.htm?id=1281388072&r=&lg=en-us&ntime=none&cnzz_eid=623476613-1731130715-&showp=1600x1200&p=https%3A%2F%2Fnes.lsc124.shop%2F&t=%E3%80%90%E6%96%B0%E6%B6%88%E6%81%AF%E3%80%91%E6%81%AD%E5%96%9C%E4%BD%A0%E6%88%90%E4%B8%BA%E5%B0%8A%E8%B4%B5%E7%9A%84%E8%B1%AA%E7%88%B5%E8%BD%A6%E4%B8%BB&umuuid=1930f6e6ab060a-0c7a0cb3bfbb25-17462c6e-1d4c00-1930f6e6ab1112a&h=1
Requested by
Host: s9.cnzz.com
URL: https://s9.cnzz.com/z.js?id=1281388072&async=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2409:8c20:5c64:2000::6 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nes.lsc124.shop/

Response headers

content-encoding
gzip
date
Sat, 09 Nov 2024 05:38:35 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
Tengine
c.js
c.cnzz.com/ 		907 B
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.cnzz.com/c.js?web_id=1281388072&t=z
Requested by
Host: s9.cnzz.com
URL: https://s9.cnzz.com/z.js?id=1281388072&async=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:cf:8800:53:3::7ea , China, ASN134238 (CT-JIANGXI-IDC CHINANET Jiangx province IDC network, CN),
Reverse DNS
Software
Tengine /
Resource Hash
10b54cffe6153dd850c5a8fca2342ee1e851f2a621dc4c7546da5dfc63d07c86

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nes.lsc124.shop/

Response headers

content-encoding
br
etag
W/"2594784235694330838"
age
0
x-cache
HIT TCP_REFRESH_HIT dirn:12:35296879
date
Sat, 09 Nov 2024 05:38:35 GMT
content-type
application/javascript
vary
accept-encoding
cache-control
public, max-age=321
x-swift-cachetime
321
timing-allow-origin
*
via
cache40.l2cn7828[71,71,304-0,H], cache21.l2cn7828[74,0], cache5.cn3693[87,88,200-0,H], cache10.cn3693[90,0]
ali-swift-global-savetime
1731130715
x-swift-savetime
Sat, 09 Nov 2024 05:38:35 GMT
eagleid
6ae1f19e17311307154045811e
content-length
586
server
Tengine
favicon.ico
nes.lsc124.shop/ 		148 B
330 B 		Other
General
Check archive.org
Download Go to
Full URL
https://nes.lsc124.shop/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.190.169.95 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software
nginx /
Resource Hash
9cad3cff676946810a81047247f12e4e51faccc01df4134edfd871aee8ba0956

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nes.lsc124.shop/

Response headers

X-Cache
MISS from zone4-cdn169-085
Content-Length
148
ETag
"6720b5aa-94"
Date
Sat, 09 Nov 2024 05:38:35 GMT
Content-Type
text/html
Server
nginx

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| _czc function| redirect function| getRandomNumberWithPrefer function| copyToClipboard function| closePop function| copyNumAndRedirect object| tips object| __ssc function| ssq object| install_ss_chat_plugin object| ssmEvent object| _cz_loaded string| _cz_account object| _CNZZDbridge_1281388072

2 Cookies

Domain/Path Name / Value
.lsc124.shop/ Name: UM_distinctid
Value: 1930f6e6ab060a-0c7a0cb3bfbb25-17462c6e-1d4c00-1930f6e6ab1112a
nes.lsc124.shop/ Name: CNZZDATA1281388072
Value: 623476613-1731130715-%7C1731130715

1 Console Messages

Source Level URL
Text
network error URL: https://nes.lsc124.shop/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.salesmartly.com
assets.salesmartly.com
c.cnzz.com
client.salesmartly.com
nes.lsc124.shop
pic.imgdb.cn
s9.cnzz.com
srz.salesmartly.com
wkphoto.cdn.bcebos.com
z12.cnzz.com
101.43.83.148
103.190.169.95
116.114.98.35
137.175.92.4
2409:8c20:5c64:2000::6
240e:cf:8800:53:3::7ea
2600:9000:2209:e000:16:41f9:b9c0:93a1
2600:9000:23cb:8600:1e:4a65:6f00:93a1
2600:9000:26fa:2800:1e:b46c:cec0:93a1
2600:9000:26fa:b000:1:8ade:fa00:93a1
01d37568862a2d2fb1218ea7e542e83612ca76a86372e3cd66db0212fabe65ad
052a4866127cab399192f6179141e92ce42742a7c09ccf7a0ffba2f0583869b5
10b54cffe6153dd850c5a8fca2342ee1e851f2a621dc4c7546da5dfc63d07c86
15195e1d13639a253484a97d954751499c17d6955a55e3d4394ce7d7bf9ca605
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
35fbb2ad61551e3a396591657a66b563222454418238c46005b89418556f9983
4443b6e9d85aa8b9f107021e6ed5e02576044ea0445320d33fc2a1c5c3c99c11
67ae4902681eed1ee7a4a3b6a1ab10dfd3a17dec852733954e2f90f0b333713d
78c88901d751ff54ddbbaa513b7d4447f165bf256ccf416856e5c8d255c7acfb
9cad3cff676946810a81047247f12e4e51faccc01df4134edfd871aee8ba0956
a3d3da6ce95b5baa701a166cab74157f5f35535baa9a4564261784d30bdf95fb
a41d518569778a4ffcb9ce89d73a23c61e8f1be40ea89daad19b8d4ae1dc0597
af494312a63754114de1da39e5a5cc402bfe7a2948777f7d5d84b52231e2dcd7
ba92286e3b5d648fc056906e4f2faf93e91c67b26c9a51f1c90c0db4a1e9a957
d13fa59865cd9ce916e46cae3593eeb17c011b5dd2880ca6a65846c2d4e5a9e2
d790267ab244a9f05f16fde34f0a9784e3f22d9ecfc8e1189baf787786adef33
f06a3f8829d88d8b3eaae2ce7aa7e5ec2392e6e261df3bd1292d430b4f85150f