wxllq.gz01.bdysite.com Open in urlscan Pro
240e:ff:e020:33:0:ff:b017:67bf Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://accountspubg.com/
Effective URL:
http://wxllq.gz01.bdysite.com/gotopc.html
Submission: On May 07 via api (May 7th 2020, 4:25:02 am UTC) from DE

Summary HTTP 17 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 5 domains to perform 17 HTTP transactions. The main IP is 240e:ff:e020:33:0:ff:b017:67bf, located in China and belongs to CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN. The main domain is wxllq.gz01.bdysite.com.

This is the only time wxllq.gz01.bdysite.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	103.121.92.140 103.121.92.140	136160 (BSYNTCL-A...) (BSYNTCL-AS-AP Beijing Shijihulian Yuntong Network Technology Co.)
3	240e:ff:e020:... 240e:ff:e020:33:0:ff:b017:67bf	58466 (CT-GUANGZ...) (CT-GUANGZHOU-IDC CHINANET Guangdong province network)
2	120.222.213.208 120.222.213.208	24444 (CMNET-V4S...) (CMNET-V4SHANDONG-AS-AP Shandong Mobile Communication Company Limited)
2	240e:83:205:8... 240e:83:205:88:0:ff:b0bc:12d	23724 (CHINANET-...) (CHINANET-IDC-BJ-AP IDC)
4	101.89.124.234 101.89.124.234	4812 (CHINANET-...) (CHINANET-SH-AP China Telecom (Group))
1	104.192.108.21 104.192.108.21	55992 (QIHOO Bei...) (QIHOO Beijing Qihu Technology Company Limited)
1	203.119.206.97 203.119.206.97	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
1	47.88.68.21 47.88.68.21	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
1	106.11.84.4 106.11.84.4	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
17	9

2 103.121.92.140 (China)

ASN136160 (BSYNTCL-AS-AP Beijing Shijihulian Yuntong Network Technology Co., Ltd., CN)

accountspubg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 240e:ff:e020:33:0:ff:b017:67bf (China)

ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN)

wxllq.gz01.bdysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 120.222.213.208 (China)

ASN24444 (CMNET-V4SHANDONG-AS-AP Shandong Mobile Communication Company Limited, CN)

liulanqi.bj01.bdysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 240e:83:205:88:0:ff:b0bc:12d (China)

ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN)

liulanqi.bj01.bdysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 101.89.124.234 (China)

ASN4812 (CHINANET-SH-AP China Telecom (Group), CN)

s95.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s23.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.192.108.21 (United States)

ASN55992 (QIHOO Beijing Qihu Technology Company Limited, CN)

dl.360safe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.119.206.97 (China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

z4.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.88.68.21 (San Mateo, United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

cnzz.mmstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 106.11.84.4 (China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

z5.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	bdysite.com wxllq.gz01.bdysite.com liulanqi.bj01.bdysite.com	134 KB
6	cnzz.com s95.cnzz.com c.cnzz.com z4.cnzz.com s23.cnzz.com z5.cnzz.com	11 KB
2	accountspubg.com accountspubg.com	1 KB
1	mmstat.com cnzz.mmstat.com	382 B
1	360safe.com dl.360safe.com
17	5

	Domain	Requested by
4	liulanqi.bj01.bdysite.com	wxllq.gz01.bdysite.com
3	wxllq.gz01.bdysite.com	accountspubg.com wxllq.gz01.bdysite.com
2	c.cnzz.com	s95.cnzz.com s23.cnzz.com
2	accountspubg.com	accountspubg.com
1	z5.cnzz.com	wxllq.gz01.bdysite.com
1	s23.cnzz.com	wxllq.gz01.bdysite.com
1	cnzz.mmstat.com	wxllq.gz01.bdysite.com
1	z4.cnzz.com	wxllq.gz01.bdysite.com
1	dl.360safe.com	wxllq.gz01.bdysite.com
1	s95.cnzz.com	wxllq.gz01.bdysite.com
17	10

This site contains links to these domains. Also see Links.

Domain
192.168.0.1
192.168.1.1
www.cnzz.com

Subject Issuer	Validity	Valid
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-02-04` - `2021-02-04`	a year	crt.sh
*.mmstat.com GlobalSign Organization Validation CA - SHA256 - G2	`2019-07-29` - `2020-07-29`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://wxllq.gz01.bdysite.com/gotopc.html
Frame ID: AAB7FD0630AF9BDF316901ACD1EF7067
Requests: 15 HTTP requests in this frame

Frame: http://dl.360safe.com/netunion/20140425/360safe+251289+n7ddbb65c96.exe
Frame ID: 060AAE32992FD4C3556019034FA980D0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://accountspubg.com/ Page URL
http://wxllq.gz01.bdysite.com/gotopc.html Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

17
Requests

35 %
HTTPS

22 %
IPv6

5
Domains

10
Subdomains

9
IPs

2
Countries

147 kB
Transfer

160 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://192.168.0.1/
Title: 192.168.0.1

Search URL Search Domain Scan URL

URL: http://192.168.1.1/
Title: 192.168.1.1

Search URL Search Domain Scan URL

URL: https://www.cnzz.com/stat/website.php?web_id=1254433810
Title: 站长统计

Search URL Search Domain Scan URL

URL: https://www.cnzz.com/stat/website.php?web_id=1276082832
Title: 站长统计

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://accountspubg.com/ Page URL
http://wxllq.gz01.bdysite.com/gotopc.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response accountspubg.com/	91 B 480 B	2208ms 630ms	Document text/html	103.121.92.140 BSYNTCL-AS-AP Bei...
General Check archive.org Show headers Download Go to Full URL http://accountspubg.com/ Protocol HTTP/1.1 Server 103.121.92.140 , China, ASN136160 (BSYNTCL-AS-AP Beijing Shijihulian Yuntong Network Technology Co., Ltd., CN), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `78fef8a399b2a3d0f210c3e9037b79735d28383c97a6ad937517866d6ac815a2` Request headers Host accountspubg.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type text/html Content-Encoding gzip Last-Modified Sun, 22 Mar 2020 15:09:52 GMT Accept-Ranges bytes ETag "5e4641f05b0d61:0" Vary Accept-Encoding Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Date Thu, 07 May 2020 04:23:16 GMT Content-Length 187
GET H/1.1	200 OK	goto.js Show response accountspubg.com/	1 KB 990 B	329ms 329ms	Script application/javascript	103.121.92.140 BSYNTCL-AS-AP Bei...
General Check archive.org Show headers Download Go to Full URL http://accountspubg.com/goto.js Requested by Host: accountspubg.com URL: http://accountspubg.com/ Protocol HTTP/1.1 Server 103.121.92.140 , China, ASN136160 (BSYNTCL-AS-AP Beijing Shijihulian Yuntong Network Technology Co., Ltd., CN), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `e428238c8cb72e44ec6d063f53b9e20920486d00f5806c2039a7c55732eeca82` Request headers Referer http://accountspubg.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 07 May 2020 04:23:17 GMT Content-Encoding gzip Last-Modified Fri, 10 Jan 2020 05:59:45 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "6c991287bc7d51:0" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 684
GET H/1.1	200 OK	Primary Request Cookie set gotopc.html Show response wxllq.gz01.bdysite.com/	4 KB 2 KB	764ms 292ms	Document text/html	240e:ff:e020:33:0:ff:b017:67bf CT-GUANGZHOU-IDC ...
General Check archive.org Show headers Download Go to Full URL http://wxllq.gz01.bdysite.com/gotopc.html Requested by Host: accountspubg.com URL: http://accountspubg.com/goto.js Protocol HTTP/1.1 Server 240e:ff:e020:33:0:ff:b017:67bf , China, ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN), Reverse DNS Software openresty / Resource Hash `76003c4e9328106fb6745d83e94d8a13656f1e301f181ee921a880032f7dc76e` Request headers Host wxllq.gz01.bdysite.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://accountspubg.com/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://accountspubg.com/ Response headers Server openresty Date Thu, 07 May 2020 04:24:27 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Last-Modified Tue, 05 May 2020 10:40:46 GMT Vary Accept-Encoding ETag W/"5eb142ae-e82" Content-Encoding gzip Set-Cookie BAEID=A94F34A756870EE8FE7706A9B6463B92; expires=Fri, 07-May-21 04:24:27 GMT; max-age=31536000; path=/; version=1
GET H/1.1	200 OK	goto.js Show response wxllq.gz01.bdysite.com/	1 KB 1 KB	1973ms 1973ms	Script application/javascript	240e:ff:e020:33:0:ff:b017:67bf CT-GUANGZHOU-IDC ...
General Check archive.org Show headers Download Go to Full URL http://wxllq.gz01.bdysite.com/goto.js Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol HTTP/1.1 Server 240e:ff:e020:33:0:ff:b017:67bf , China, ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN), Reverse DNS Software openresty / Resource Hash `2bd907d420a4ab5b3455ed79b0c89d4cf54241d0ea18dd38f24131c6ac1de05e` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 07 May 2020 04:24:29 GMT Last-Modified Fri, 05 Jul 2019 02:37:51 GMT Server openresty ETag "5d1eb7ff-460" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1120
GET H/1.1	200 OK	2.jpg liulanqi.bj01.bdysite.com/pic/	27 KB 28 KB	1405ms 440ms	Image image/jpeg	120.222.213.208 CMNET-V4SHANDONG-...
General Check archive.org Show headers Download Go to Show image Full URL http://liulanqi.bj01.bdysite.com/pic/2.jpg Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol HTTP/1.1 Server 120.222.213.208 , China, ASN24444 (CMNET-V4SHANDONG-AS-AP Shandong Mobile Communication Company Limited, CN), Reverse DNS Software openresty / Resource Hash `09a47e303a29d37249377e762cc636239b5dfd24a5ff9e7a4a20e8f5a76da9c1` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 07 May 2020 04:24:29 GMT Last-Modified Sat, 29 Feb 2020 12:57:02 GMT Server openresty ETag "5e5a5f9e-6d9b" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 28059
GET H/1.1	200 OK	2-2.jpg liulanqi.bj01.bdysite.com/pic/	22 KB 22 KB	355ms 355ms	Image image/jpeg	120.222.213.208 CMNET-V4SHANDONG-...
General Check archive.org Show headers Download Go to Show image Full URL http://liulanqi.bj01.bdysite.com/pic/2-2.jpg Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol HTTP/1.1 Server 120.222.213.208 , China, ASN24444 (CMNET-V4SHANDONG-AS-AP Shandong Mobile Communication Company Limited, CN), Reverse DNS Software openresty / Resource Hash `c154505bfbe11cb832ccdec8952202cca437956c78568fcbd2ea585b816bc0f0` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 07 May 2020 04:24:30 GMT Last-Modified Sat, 29 Feb 2020 12:57:02 GMT Server openresty ETag "5e5a5f9e-56ce" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 22222
GET H/1.1	200 OK	kuaishou.png liulanqi.bj01.bdysite.com/pic/	11 KB 11 KB	294ms 294ms	Image image/png	240e:83:205:88:0:ff:b0bc:12d CHINANET-IDC-BJ-A...
General Check archive.org Show headers Download Go to Show image Full URL http://liulanqi.bj01.bdysite.com/pic/kuaishou.png Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol HTTP/1.1 Server 240e:83:205:88:0:ff:b0bc:12d , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN), Reverse DNS Software openresty / Resource Hash `9f32ddfe0c9315c45615cef343d590260dabcff5e1b4832add4e0715709e77c5` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 07 May 2020 04:24:30 GMT Last-Modified Wed, 15 Apr 2020 09:30:42 GMT Server openresty ETag "5e96d442-2a04" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 10756
GET H/1.1	200 OK	douyin.jpg liulanqi.bj01.bdysite.com/pic/	69 KB 69 KB	589ms 293ms	Image image/jpeg	240e:83:205:88:0:ff:b0bc:12d CHINANET-IDC-BJ-A...
General Check archive.org Show headers Download Go to Show image Full URL http://liulanqi.bj01.bdysite.com/pic/douyin.jpg Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol HTTP/1.1 Server 240e:83:205:88:0:ff:b0bc:12d , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN), Reverse DNS Software openresty / Resource Hash `4acf631693b8ed95e482e866ace749a8955282375d6147dedfdf2ddae8bd3b19` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 07 May 2020 04:24:30 GMT Last-Modified Thu, 26 Mar 2020 06:21:08 GMT Server openresty ETag "5e7c49d4-11455" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 70741
GET H2	200	z_stat.php Show response s95.cnzz.com/	12 KB 4 KB	1194ms 713ms	Script application/javascript	101.89.124.234 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Full URL https://s95.cnzz.com/z_stat.php?id=1254433810&web_id=1254433810 Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 101.89.124.234 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN), Reverse DNS Software Tengine / PHP/5.5.25 Resource Hash `fea4fa1bc6a002eb3575d9cd2d00fc5c30ed7e03d6aab1e4fadfdfae533972ea` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 07 May 2020 04:23:04 GMT content-encoding gzip age 86 x-powered-by PHP/5.5.25 x-cache MISS TCP_REFRESH_MISS dirn:-2:-2 status 200 x-swift-cachetime 5314 x-swift-savetime Thu, 07 May 2020 04:24:30 GMT content-length 4080 last-modified Thu, 07 May 2020 04:23:04 GMT server Tengine vary Accept-Encoding ali-swift-global-savetime 1570554476 content-type application/javascript via cache72.l2cn2302[0,200-0,H], cache38.l2cn2302[1,0], cache20.cn1401[12,200-0,M], cache17.cn1401[14,0] cache-control max-age=5400,s-maxage=5400 timing-allow-origin * eagleid 65597c2515888254706836648e
GET H/1.1	200 OK	apk.html Show response wxllq.gz01.bdysite.com/ Frame 060A	601 B 836 B	289ms 289ms	Document text/html	240e:ff:e020:33:0:ff:b017:67bf CT-GUANGZHOU-IDC ...
General Check archive.org Show headers Download Go to Full URL http://wxllq.gz01.bdysite.com/apk.html Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol HTTP/1.1 Server 240e:ff:e020:33:0:ff:b017:67bf , China, ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN), Reverse DNS Software openresty / Resource Hash `7ccdd1ca2762ce9200fb640e34c9ef80ccdbbbecd40b6a418ccaac1490e9a4bc` Request headers Host wxllq.gz01.bdysite.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://wxllq.gz01.bdysite.com/gotopc.html Accept-Encoding gzip, deflate Accept-Language en-US Cookie BAEID=A94F34A756870EE8FE7706A9B6463B92 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://wxllq.gz01.bdysite.com/gotopc.html Response headers Server openresty Date Thu, 07 May 2020 04:24:30 GMT Content-Type text/html Content-Length 601 Connection keep-alive Last-Modified Mon, 04 May 2020 12:53:16 GMT ETag "5eb0103c-259" Accept-Ranges bytes
GET H/1.1	200 OK	360safe+251289+n7ddbb65c96.exe dl.360safe.com/netunion/20140425/ Frame 060A	0 0	637ms 364ms	Document application/octet-stream	104.192.108.21 QIHOO Beijing Qih...
General Check archive.org Show headers Download Go to Full URL http://dl.360safe.com/netunion/20140425/360safe+251289+n7ddbb65c96.exe Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/apk.html Protocol HTTP/1.1 Server 104.192.108.21 , United States, ASN55992 (QIHOO Beijing Qihu Technology Company Limited, CN), Reverse DNS Software nginx / Resource Hash Request headers Host dl.360safe.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://wxllq.gz01.bdysite.com/apk.html Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://wxllq.gz01.bdysite.com/apk.html Response headers Server nginx Date Thu, 07 May 2020 04:24:30 GMT Content-Type application/octet-stream Content-Length 89782552 Last-Modified Fri, 20 Mar 2020 09:26:05 GMT Connection close Expires Thu, 07 May 2020 12:24:30 GMT Cache-Control max-age=28800 Accept-Ranges bytes
GET H2	200	core.php Show response c.cnzz.com/	969 B 903 B	249ms 247ms	Script application/javascript	101.89.124.234 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Full URL https://c.cnzz.com/core.php?web_id=1254433810&t=z Requested by Host: s95.cnzz.com URL: https://s95.cnzz.com/z_stat.php?id=1254433810&web_id=1254433810 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 101.89.124.234 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN), Reverse DNS Software Tengine / PHP/5.5.25 Resource Hash `ec6eaf9eb1698f45187862b1b4ac96b92f75c590e3e23df9b7473ba4ad7743c6` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Thu, 07 May 2020 04:15:30 GMT content-encoding gzip age 540 x-powered-by PHP/5.5.25 x-cache HIT TCP_MEM_HIT dirn:-2:-2 status 200 x-swift-cachetime 861 x-swift-savetime Thu, 07 May 2020 04:16:09 GMT content-length 619 last-modified Thu, 07 May 2020 04:15:30 GMT server Tengine vary Accept-Encoding ali-swift-global-savetime 1570554261 content-type application/javascript via cache74.l2cn2302[0,200-0,H], cache29.l2cn2302[1,0], cache19.cn1401[0,200-0,H], cache17.cn1401[0,0] timing-allow-origin * eagleid 65597c2515888254709618541e expires Thu, 07 May 2020 04:30:30 GMT
GET H2	200	stat.htm z4.cnzz.com/	2 B 112 B	1298ms 320ms	Image text/html	203.119.206.97 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Show image Full URL https://z4.cnzz.com/stat.htm?id=1254433810&r=http%3A%2F%2Faccountspubg.com%2F&lg=en-us&ntime=none&cnzz_eid=1558531407-1588825384-null&showp=1600x1200&p=http%3A%2F%2Fwxllq.gz01.bdysite.com%2Fgotopc.html&t=%E6%8A%96%E9%9F%B3%E5%BF%AB%E6%89%8B%E7%A6%8F%E5%88%A9%EF%BC%8C%E6%8A%96%E9%9F%B3%E5%8F%B7%EF%BC%9A228822%EF%BC%9B%E5%BF%AB%E6%89%8B%E5%8F%B7%EF%BC%9A999123456&umuuid=171ed60b76936-0445fdc8f8f5ea-37647e03-1d4c00-171ed60b76a636&h=1&rnd=1937175971 Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.119.206.97 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Thu, 07 May 2020 04:24:31 GMT content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=utf-8
GET H2	200	9.gif cnzz.mmstat.com/	43 B 382 B	795ms 195ms	Image image/gif	47.88.68.21 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://cnzz.mmstat.com/9.gif?abc=1&rnd=1733611197 Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.88.68.21 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash `cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 07 May 2020 04:24:31 GMT server nginx p3p CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV" status 200 cache-control no-cache content-type image/gif content-length 43 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	z_stat.php Show response s23.cnzz.com/	12 KB 5 KB	475ms 447ms	Script application/javascript	101.89.124.234 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Full URL http://s23.cnzz.com/z_stat.php?id=1276082832 Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol HTTP/1.1 Server 101.89.124.234 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN), Reverse DNS Software Tengine / PHP/5.5.25 Resource Hash `a564a72ba0bea114ad85dcefd0ba97d425511fc45c984c56204534806b2a436d` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Thu, 07 May 2020 03:36:55 GMT Content-Encoding gzip Age 2856 X-Powered-By PHP/5.5.25 X-Cache HIT TCP_MEM_HIT dirn:13:231090662 X-Swift-CacheTime 5400 Connection keep-alive Content-Length 4082 Last-Modified Thu, 07 May 2020 03:36:55 GMT Server Tengine Vary Accept-Encoding Ali-Swift-Global-Savetime 1588822615 Content-Type application/javascript Via cache29.l2cn2315[40,200-0,M], cache11.l2cn2315[41,0], cache13.cn1401[0,200-0,H], cache17.cn1401[0,0] Cache-Control max-age=5400,s-maxage=5400 Timing-Allow-Origin * EagleId 65597c2515888254714463697e X-Swift-SaveTime Thu, 07 May 2020 03:36:55 GMT
GET H2	200	core.php Show response c.cnzz.com/	969 B 879 B	252ms 251ms	Script application/javascript	101.89.124.234 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Full URL https://c.cnzz.com/core.php?web_id=1276082832&t=z Requested by Host: s23.cnzz.com URL: http://s23.cnzz.com/z_stat.php?id=1276082832 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 101.89.124.234 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN), Reverse DNS Software Tengine / PHP/5.5.25 Resource Hash `c3e5c85d059df961a01d4700dc8ec680ddd25b6cf1ce9bb3e7b3a3ac2b193979` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Thu, 07 May 2020 04:19:30 GMT content-encoding gzip age 301 x-powered-by PHP/5.5.25 x-cache HIT TCP_MEM_HIT dirn:-2:-2 status 200 x-swift-cachetime 879 x-swift-savetime Thu, 07 May 2020 04:19:51 GMT content-length 620 last-modified Thu, 07 May 2020 04:19:30 GMT server Tengine vary Accept-Encoding ali-swift-global-savetime 1575905940 content-type application/javascript via cache8.l2cn2302[0,200-0,H], cache38.l2cn2302[0,0], cache6.cn1401[0,200-0,H], cache17.cn1401[1,0] timing-allow-origin * eagleid 65597c2515888254716965345e expires Thu, 07 May 2020 04:34:30 GMT
GET H2	200	stat.htm z5.cnzz.com/	2 B 112 B	3222ms 253ms	Image text/html	106.11.84.4 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Show image Full URL https://z5.cnzz.com/stat.htm?id=1276082832&r=http%3A%2F%2Faccountspubg.com%2F&lg=en-us&ntime=none&cnzz_eid=1816440963-1588822615-null&showp=1600x1200&p=http%3A%2F%2Fwxllq.gz01.bdysite.com%2Fgotopc.html&t=%E6%8A%96%E9%9F%B3%E5%BF%AB%E6%89%8B%E7%A6%8F%E5%88%A9%EF%BC%8C%E6%8A%96%E9%9F%B3%E5%8F%B7%EF%BC%9A228822%EF%BC%9B%E5%BF%AB%E6%89%8B%E5%8F%B7%EF%BC%9A999123456&umuuid=171ed60b76936-0445fdc8f8f5ea-37647e03-1d4c00-171ed60b76a636&h=1&rnd=1925907710 Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 106.11.84.4 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Thu, 07 May 2020 04:24:34 GMT content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accountspubg.com
c.cnzz.com
cnzz.mmstat.com
dl.360safe.com
liulanqi.bj01.bdysite.com
s23.cnzz.com
s95.cnzz.com
wxllq.gz01.bdysite.com
z4.cnzz.com
z5.cnzz.com
101.89.124.234
103.121.92.140
104.192.108.21
106.11.84.4
120.222.213.208
203.119.206.97
240e:83:205:88:0:ff:b0bc:12d
240e:ff:e020:33:0:ff:b017:67bf
47.88.68.21
09a47e303a29d37249377e762cc636239b5dfd24a5ff9e7a4a20e8f5a76da9c1
2bd907d420a4ab5b3455ed79b0c89d4cf54241d0ea18dd38f24131c6ac1de05e
4acf631693b8ed95e482e866ace749a8955282375d6147dedfdf2ddae8bd3b19
76003c4e9328106fb6745d83e94d8a13656f1e301f181ee921a880032f7dc76e
78fef8a399b2a3d0f210c3e9037b79735d28383c97a6ad937517866d6ac815a2
7ccdd1ca2762ce9200fb640e34c9ef80ccdbbbecd40b6a418ccaac1490e9a4bc
9f32ddfe0c9315c45615cef343d590260dabcff5e1b4832add4e0715709e77c5
a564a72ba0bea114ad85dcefd0ba97d425511fc45c984c56204534806b2a436d
c154505bfbe11cb832ccdec8952202cca437956c78568fcbd2ea585b816bc0f0
c3e5c85d059df961a01d4700dc8ec680ddd25b6cf1ce9bb3e7b3a3ac2b193979
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e428238c8cb72e44ec6d063f53b9e20920486d00f5806c2039a7c55732eeca82
ec6eaf9eb1698f45187862b1b4ac96b92f75c590e3e23df9b7473ba4ad7743c6
fea4fa1bc6a002eb3575d9cd2d00fc5c30ed7e03d6aab1e4fadfdfae533972ea

wxllq.gz01.bdysite.com Open in urlscan Pro 240e:ff:e020:33:0:ff:b017:67bf Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

35 %HTTPS

22 %IPv6

5 Domains

10 Subdomains

9 IPs

2 Countries

147 kBTransfer

160 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

Indicators

wxllq.gz01.bdysite.com Open in urlscan Pro
240e:ff:e020:33:0:ff:b017:67bf Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

35 %
HTTPS

22 %
IPv6

5
Domains

10
Subdomains

9
IPs

2
Countries

147 kB
Transfer

160 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions