h5.qwljhkeqwe.com
Open in
urlscan Pro
149.104.33.70
Public Scan
Submitted URL: https://nvgyu.icu/
Effective URL: https://h5.qwljhkeqwe.com/
Submission: On September 11 via api from BE — Scanned from US
Effective URL: https://h5.qwljhkeqwe.com/
Submission: On September 11 via api from BE — Scanned from US
Summary
This website contacted 7 IPs
in 4 countries
across 8 domains to perform 20 HTTP transactions.
The main IP is 149.104.33.70, located in
United States and
belongs to CNSERVERS, US.
The main domain is h5.qwljhkeqwe.com.
TLS certificate: Issued by R11 on August 31st 2024. Valid for: 3 months.
This is the only time h5.qwljhkeqwe.com was scanned on urlscan.io!
TLS certificate: Issued by R11 on August 31st 2024. Valid for: 3 months.
This is the only time h5.qwljhkeqwe.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 8 | 149.104.33.70 149.104.33.70 | 40065 (CNSERVERS) (CNSERVERS) | |
| 1 | 101.101.101.101 101.101.101.101 | 131621 (TWNIC-NET...) (TWNIC-NET-AS Taiwan Network Information Center) | |
| 1 | 2403:2c80::26 2403:2c80::26 | 9312 (XTOM xTom) (XTOM xTom) | |
| 2 | 18.162.248.188 18.162.248.188 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 154.19.70.81 154.19.70.81 | 140227 (HKCICL-AS...) (HKCICL-AS-AP Hong Kong Communications International Co.) | |
| 1 | 116.205.151.16 116.205.151.16 | 55990 (HWCSNET H...) (HWCSNET Huawei Cloud Service data center) | |
| 20 | 7 |
1
101.101.101.101
(Taiwan)
ASN131621 (TWNIC-NET-AS Taiwan Network Information Center, TW)
PTR: twnic-public-dns.twnic.tw
ASN131621 (TWNIC-NET-AS Taiwan Network Information Center, TW)
PTR: twnic-public-dns.twnic.tw
| 101.101.101.101 |
2
18.162.248.188
(Hong Kong)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-162-248-188.ap-east-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-162-248-188.ap-east-1.compute.amazonaws.com
| 18.162.248.188 |
1
154.19.70.81
(Hong Kong, Hong Kong)
ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK)
ASN140227 (HKCICL-AS-AP Hong Kong Communications International Co., Limited, HK)
| njndaq.com |
1
116.205.151.16
(Guangzhou, China)
ASN55990 (HWCSNET Huawei Cloud Service data center, CN)
PTR: mail.choyorsu.com
ASN55990 (HWCSNET Huawei Cloud Service data center, CN)
PTR: mail.choyorsu.com
| 116.205.151.16 |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 7 |
qwljhkeqwe.com
h5.qwljhkeqwe.com |
2 MB |
| 1 |
njndaq.com
njndaq.com |
|
| 1 |
doh.sb
hk-hkg.doh.sb sg-sin.doh.sb Failed |
854 B |
| 1 |
nvgyu.icu
1 redirects
nvgyu.icu |
499 B |
| 0 |
Failed
function sub() { [native code] }. Failed |
|
| 0 |
axmbhsdw.com
Failed
axmbhsdw.com Failed |
|
| 0 |
doh.pub
Failed
sm2.doh.pub Failed |
|
| 0 |
alidns.com
Failed
dns.alidns.com Failed |
|
| 20 | 8 |
| Domain | Requested by | |
|---|---|---|
| 7 | h5.qwljhkeqwe.com |
h5.qwljhkeqwe.com
|
| 1 | njndaq.com |
h5.qwljhkeqwe.com
|
| 1 | hk-hkg.doh.sb |
h5.qwljhkeqwe.com
|
| 1 | nvgyu.icu | 1 redirects |
| 0 | 116.205.151.16 Failed |
h5.qwljhkeqwe.com
|
| 0 | axmbhsdw.com Failed |
h5.qwljhkeqwe.com
|
| 0 | sg-sin.doh.sb Failed |
h5.qwljhkeqwe.com
|
| 0 | sm2.doh.pub Failed |
h5.qwljhkeqwe.com
|
| 0 | dns.alidns.com Failed |
h5.qwljhkeqwe.com
|
| 20 | 9 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| h5.qwljhkeqwe.com R11 |
2024-08-31 - 2024-11-29 |
3 months | crt.sh |
| 101.101.101.101 Sectigo RSA Organization Validation Secure Server CA |
2023-08-16 - 2024-09-15 |
a year | crt.sh |
| *.doh.sb WR1 |
2024-07-24 - 2024-10-22 |
3 months | crt.sh |
| 18.162.248.188 Sectigo RSA Domain Validation Secure Server CA |
2024-04-16 - 2025-04-11 |
a year | crt.sh |
| njndaq.com R10 |
2024-08-16 - 2024-11-14 |
3 months | crt.sh |
| 116.205.151.16 Sectigo RSA Domain Validation Secure Server CA |
2024-08-27 - 2025-09-26 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://h5.qwljhkeqwe.com/
Frame ID: 21AD7107D26ADE9A5DCD60A8C7D823AB
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
夜殿Page URL History Show full URLs
-
https://nvgyu.icu/
HTTP 301
https://h5.qwljhkeqwe.com/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://nvgyu.icu/
HTTP 301
https://h5.qwljhkeqwe.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
h5.qwljhkeqwe.com/ Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
275.9e0b4e1b.js
h5.qwljhkeqwe.com/static/js/ |
4 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.f0cc35b1.js
h5.qwljhkeqwe.com/static/js/ |
179 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
275.21f442a0.css
h5.qwljhkeqwe.com/static/css/ |
54 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.58e5acd1.css
h5.qwljhkeqwe.com/static/css/ |
47 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
resolve
dns.alidns.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
resolve
sm2.doh.pub/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dns-query
101.101.101.101/ |
787 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dns-query
hk-hkg.doh.sb/ |
787 B 854 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
dns-query
sg-sin.doh.sb/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.ico
h5.qwljhkeqwe.com/ |
14 KB 15 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
splash.67f00869c2d69eb2ee91.png
h5.qwljhkeqwe.com/static/media/ |
399 KB 400 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS |
GetServerTime
axmbhsdw.com/User/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
GetServerTime
18.162.248.188/User/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
GetServerTime
njndaq.com/User/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
GetServerTime
116.205.151.16/User/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
GetServerTime
axmbhsdw.com/User/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
GetServerTime
18.162.248.188/User/ |
138 B 308 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
GetServerTime
njndaq.com/User/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
GetServerTime
116.205.151.16/User/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- dns.alidns.com
- URL
- https://dns.alidns.com/resolve?type=16&name=asdjkas.com×tamp=1726039950555
- Domain
- sm2.doh.pub
- URL
- https://sm2.doh.pub/resolve?type=16&name=asdjkas.com×tamp=1726039950557
- Domain
- sg-sin.doh.sb
- URL
- https://sg-sin.doh.sb/dns-query?type=16&name=asdjkas.com×tamp=1726039950559
- Domain
- axmbhsdw.com
- URL
- https://axmbhsdw.com/User/GetServerTime
- Domain
- axmbhsdw.com
- URL
- https://axmbhsdw.com/User/GetServerTime
- Domain
- njndaq.com
- URL
- https://njndaq.com/User/GetServerTime
- Domain
- 116.205.151.16
- URL
- https://116.205.151.16/User/GetServerTime
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackChunkweb function| _setGlobalConsole function| _log object| _frameCallbackRegistry function| ExpoModulesCore_CodedError object| REACT_NAVIGATION_DEVTOOLS object| __react_navigation__elements_contexts object| vttjs function| WebVTT function| C2S boolean| __reactResponderSystemActive2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| nvgyu.icu/ | Name: X-SUDUN-WAF-R-C Value: 0001685585 |
|
| h5.qwljhkeqwe.com/ | Name: X-SUDUN-WAF-R-C Value: 0001685585 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
116.205.151.16
axmbhsdw.com
dns.alidns.com
h5.qwljhkeqwe.com
hk-hkg.doh.sb
njndaq.com
nvgyu.icu
sg-sin.doh.sb
sm2.doh.pub
116.205.151.16
axmbhsdw.com
dns.alidns.com
njndaq.com
sg-sin.doh.sb
sm2.doh.pub
101.101.101.101
116.205.151.16
149.104.33.70
154.19.70.81
18.162.248.188
2403:2c80::26
0139489485c631f0f545f0fededf429115d203d8e96668b50391d4c647355b26
2f37a0f310a6a345284f8e2f412887ef25531ea299e80bffb2cb983a6de5ee4a
36367d5a5babef99056d7a3aad91cb51c29a9fad145f49a672a3010255af5b96
4fba3b9afd64cdc2a3993d0c8f66597dd66a022d76b83860aa9dd7b436ec6d9e
991817225d19aaf2c9977d89fbf68b6026b097db0e098d802ad65201ff31549b
bf127f1ff16e42cd0436cc0c2814ff02b0bc6d74338390d085bc56db8f642c64
bf8984e4a71ba72f32926bcc9043aa2f5a52808158d304635f59b27396d69c76
cd6fa9d62d8588d5bb9f7f50cab27fcc972c2c6ebdb0a7df2ad97b4b18560a19
f88af87d337fe7415554a404bdc796012c6422ddb59773d6501b2b5b5b80fb3c
f912f10f755bd2cca8d7b64a9c5a9de43268b4c393717ff0a27eac14b9f861bb