pru102.cc Open in urlscan Pro
116.204.156.86 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pru102.cc/
Effective URL:
https://pru102.cc/
Submission: On September 16 via api (September 16th 2023, 8:02:07 am UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 14 HTTP transactions. The main IP is 116.204.156.86, located in Hong Kong and belongs to DNC-AS Dimension Network & Communication Limited, HK. The main domain is pru102.cc.
TLS certificate: Issued by R3 on September 16th 2023. Valid for: 3 months.

This is the only time pru102.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete 58460387.apk 69 MB

Size: 69 MB (72200385 bytes, 0% done)

Downloaded from: https://xiaoyi-1319445221.cos.accelerate.myqcloud.com/2-DEP4-ENV58-GG-09150-simple6/5208557c-5467-11ee-8f05-975e93cbf22a.apk?q-sign-algorithm=sha1&q-ak=IKIDTpzgDXdWAZ2qT3qPltmqIZP3TeeS4Uii&q-sign-time=1694851265%3B1694851925&q-key-time=1694851265%3B1694851925&q-header-list=host&q-url-param-list=response-content-disposition%3Bresponse-disposition-type&q-signature=cdf1c426320721d936ece3968bbe1f7e5b3c2080&response-content-disposition=attachment%3B+name+%3D+58460387.apk%3Bfilename+%3D+%2258460387.apk%22&response-disposition-type=application%2Foctet-stream

Domain & IP information

	IP Address	AS Autonomous System
1 1	66.232.11.68 66.232.11.68	59371 (DNC-AS Di...) (DNC-AS Dimension Network & Communication Limited)
8	116.204.156.86 116.204.156.86	59371 (DNC-AS Di...) (DNC-AS Dimension Network & Communication Limited)
1	47.246.49.232 47.246.49.232	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	43.129.201.60 43.129.201.60	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
2	101.33.11.32 101.33.11.32	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1 1	104.166.182.223 104.166.182.223	21859 (ZEN-ECN) (ZEN-ECN)
1 1	103.188.121.242 103.188.121.242	() ()
1	170.106.97.208 170.106.97.208	() ()
14	5

1 66.232.11.68 (Hong Kong, Hong Kong) 1 redirects

ASN59371 (DNC-AS Dimension Network & Communication Limited, HK)

pru102.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 116.204.156.86 (Hong Kong)

ASN59371 (DNC-AS Dimension Network & Communication Limited, HK)

pru102.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.49.232 (United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

web.cdn.openinstall.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 43.129.201.60 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

www.5x8favj.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 101.33.11.32 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

web.openinstall.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.166.182.223 (United States) 1 redirects

ASN21859 (ZEN-ECN, US)

app-a4j3bd.openinstall.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.188.121.242 (None, ) 1 redirects

ASN- ()

sosadjkl.backty.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 170.106.97.208 (None, )

ASN- ()

xiaoyi-1319445221.cos.accelerate.myqcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	pru102.cc 1 redirects pru102.cc	508 KB
4	openinstall.io 1 redirects web.cdn.openinstall.io — Cisco Umbrella Rank: 119563 web.openinstall.io — Cisco Umbrella Rank: 122234 app-a4j3bd.openinstall.io	48 KB
2	5x8favj.top www.5x8favj.top	85 B
1	myqcloud.com xiaoyi-1319445221.cos.accelerate.myqcloud.com
1	backty.top 1 redirects sosadjkl.backty.top	755 B
14	5

	Domain	Requested by
9	pru102.cc	1 redirects pru102.cc
2	web.openinstall.io	web.cdn.openinstall.io
2	www.5x8favj.top	pru102.cc
1	xiaoyi-1319445221.cos.accelerate.myqcloud.com	web.cdn.openinstall.io
1	sosadjkl.backty.top	1 redirects
1	app-a4j3bd.openinstall.io	1 redirects
1	web.cdn.openinstall.io	pru102.cc
14	7

This site contains no links.

Subject Issuer	Validity	Valid
pru102.cc R3	`2023-09-16` - `2023-12-15`	3 months	crt.sh
*.cdn.openinstall.io Encryption Everywhere DV TLS CA - G1	`2023-09-11` - `2024-09-10`	a year	crt.sh
www.5x8favj.top R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.openinstall.io RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-07-05` - `2024-07-17`	a year	crt.sh
*.cos.na-siliconvalley.myqcloud.com GlobalSign Organization Validation CA - SHA256 - G3	`2023-03-01` - `2024-04-01`	a year	crt.sh

This page contains 1 frames:

Frame: https://xiaoyi-1319445221.cos.accelerate.myqcloud.com/2-DEP4-ENV58-GG-09150-simple6/5208557c-5467-11ee-8f05-975e93cbf22a.apk?q-sign-algorithm=sha1&q-ak=IKIDTpzgDXdWAZ2qT3qPltmqIZP3TeeS4Uii&q-sign-time=1694851265%3B1694851925&q-key-time=1694851265%3B1694851925&q-header-list=host&q-url-param-list=response-content-disposition%3Bresponse-disposition-type&q-signature=cdf1c426320721d936ece3968bbe1f7e5b3c2080&response-content-disposition=attachment%3B+name+%3D+58460387.apk%3Bfilename+%3D+%2258460387.apk%22&response-disposition-type=application%2Foctet-stream
Frame ID: E856C405F12A7A50465179C84CAD253F
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

S M 免费交友

Page URL History Show full URLs

http://pru102.cc/ HTTP 301
https://pru102.cc/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

5
IPs

3
Countries

556 kB
Transfer

617 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pru102.cc/ HTTP 301
https://pru102.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://app-a4j3bd.openinstall.io/page/a4j3bd/install/c/eyJtIjoiNEJxTG5ENU1YNVVBQUFHS25RSzBOaWlGMndzZUpaNzlCOHl6Wm0za0lRYjBpdG1HaG9yMjUyUXFHX2o0eGc0In0=?p=0 HTTP 302
https://sosadjkl.backty.top/dafe59f0ccabb343 HTTP 302
https://xiaoyi-1319445221.cos.accelerate.myqcloud.com/2-DEP4-ENV58-GG-09150-simple6/5208557c-5467-11ee-8f05-975e93cbf22a.apk?q-sign-algorithm=sha1&q-ak=IKIDTpzgDXdWAZ2qT3qPltmqIZP3TeeS4Uii&q-sign-time=1694851265%3B1694851925&q-key-time=1694851265%3B1694851925&q-header-list=host&q-url-param-list=response-content-disposition%3Bresponse-disposition-type&q-signature=cdf1c426320721d936ece3968bbe1f7e5b3c2080&response-content-disposition=attachment%3B+name+%3D+58460387.apk%3Bfilename+%3D+%2258460387.apk%22&response-disposition-type=application%2Foctet-stream

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
pru102.cc/
Redirect Chain

http://pru102.cc/
https://pru102.cc/

12 KB
4 KB

852ms
287ms

Document
text/html

116.204.156.86
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to

Full URL: https://pru102.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.204.156.86 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash: 4cacb73e15d9cadf8c36cb8971c939edadf0a97706ce26788326b3d0b91f9241

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sat, 16 Sep 2023 08:01:50 GMT
etag: W/"64d63390-313d"
last-modified: Fri, 11 Aug 2023 13:11:44 GMT
server: cdn-ddos-cc
vary: Accept-Encoding
x-cache-status: MISS

Redirect headers

Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Sat, 16 Sep 2023 08:01:49 GMT
Location: https://pru102.cc/
Server: cdn-ddos-cc
X-Cache-Status: MISS

GET
H2 200 openinstall.js Show response
web.cdn.openinstall.io/ 47 KB
47 KB 782ms
38ms Script
application/javascript 47.246.49.232
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://web.cdn.openinstall.io/openinstall.js

Requested by

Host: pru102.cc
URL: https://pru102.cc/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

47.246.49.232 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

45799db280e1e5a28a4ae9e75e3631273b9e636e09d01b7d7ab568367fe00703

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pru102.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 07:32:24 GMT
strict-transport-security: max-age=86400
via: cache14.l2fr1[0,0,304-0,H], cache8.l2fr1[1,0], cache8.fr2[0,0,200-0,H], cache2.fr2[0,0]
age: 1767
x-swift-cachetime: 3592
x-cache: HIT TCP_MEM_HIT dirn:13:144112219
x-swift-savetime: Sat, 16 Sep 2023 07:32:32 GMT
content-length: 47781
last-modified: Thu, 07 Sep 2023 10:01:39 GMT
server: Tengine
etag: "64f99f83-baa5"
vary: Accept-Encoding
ali-swift-global-savetime: 1694849544
content-type: application/javascript
cache-control: max-age=7200
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff6319616948513113963136e

GET
H2 200 jquery.js Show response
pru102.cc/static/js5/ 82 KB
33 KB 281ms
281ms Script
application/javascript 116.204.156.86
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to

Full URL: https://pru102.cc/static/js5/jquery.js
Requested by: Host: pru102.cc
URL: https://pru102.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.204.156.86 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash: ab2a8d3203b2ff01067a87040fd1011b24838db0b7217c6e4136a3d00e7680b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pru102.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 08:01:50 GMT
content-encoding: gzip
last-modified: Sat, 01 Apr 2023 16:39:57 GMT
server: cdn-ddos-cc
etag: W/"64285e5d-1491c"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 16 Sep 2023 19:01:27 GMT

GET
H2 200 img1.css
pru102.cc/static/picture5/ 156 KB
155 KB 573ms
572ms Image
text/css 116.204.156.86
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pru102.cc/static/picture5/img1.css
Requested by: Host: pru102.cc
URL: https://pru102.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.204.156.86 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash: 2d07ea865e6a127873a94f4c2198d42d5b60eed8acb0941aad830ff900e00806

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pru102.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 08:01:53 GMT
content-encoding: gzip
last-modified: Sat, 08 Jul 2023 07:37:36 GMT
server: cdn-ddos-cc
etag: W/"64a91240-26e65"
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 16 Sep 2023 19:01:27 GMT

GET
H2 200 1.css
pru102.cc/static/picture5/ 121 KB
119 KB 830ms
828ms Image
text/css 116.204.156.86
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pru102.cc/static/picture5/1.css
Requested by: Host: pru102.cc
URL: https://pru102.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.204.156.86 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash: 05b19c7bdb7a3f659a241ab154e5d5ed4f8225a388ef0493a5fa31a3012a7b97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pru102.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 08:01:53 GMT
content-encoding: gzip
last-modified: Sat, 01 Apr 2023 16:39:58 GMT
server: cdn-ddos-cc
etag: W/"64285e5e-1e2a5"
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 16 Sep 2023 19:01:27 GMT

POST
H2 200 instatll Show response
www.5x8favj.top/ 11 B
85 B 317ms
317ms XHR
text/plain 43.129.201.60
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5x8favj.top/instatll?tag=GG
Requested by: Host: pru102.cc
URL: https://pru102.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 43.129.201.60 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Caddy, Caddy /
Resource Hash: 3b7c46ab3a12e6161756f55f8e7d39a87d2b9718e6d0f8abe0b97a87994f4b49

Request headers

Referer: https://pru102.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 16 Sep 2023 08:01:53 GMT
server: Caddy, Caddy
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
alt-svc: h3=":443"; ma=2592000
content-length: 11

OPTIONS
H2 204 instatll
www.5x8favj.top/ 0
0 2229ms
312ms Preflight 43.129.201.60
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.5x8favj.top/instatll?tag=GG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 43.129.201.60 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Caddy Caddy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pru102.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
date: Sat, 16 Sep 2023 08:01:52 GMT
server: Caddy Caddy

GET
H2 200 2.png
pru102.cc/static/image5/ 51 KB
51 KB 824ms
823ms Image
image/png 116.204.156.86
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pru102.cc/static/image5/2.png
Requested by: Host: pru102.cc
URL: https://pru102.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.204.156.86 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash: 48bcb716184ac3d54509c98d71654ea0c674712178b5717a35b61fb5d7ec44b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pru102.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 08:01:53 GMT
last-modified: Sat, 01 Apr 2023 16:39:56 GMT
server: cdn-ddos-cc
etag: "64285e5c-cc04"
x-cache-status: HIT
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 52228
expires: Mon, 16 Oct 2023 07:01:28 GMT

GET
H2 200 1.css
pru102.cc/static/picture5/ 121 KB
119 KB 822ms
822ms Image
text/css 116.204.156.86
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pru102.cc/static/picture5/1.css
Requested by: Host: pru102.cc
URL: https://pru102.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.204.156.86 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash: 05b19c7bdb7a3f659a241ab154e5d5ed4f8225a388ef0493a5fa31a3012a7b97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pru102.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 08:01:53 GMT
content-encoding: gzip
last-modified: Sat, 01 Apr 2023 16:39:58 GMT
server: cdn-ddos-cc
etag: W/"64285e5e-1e2a5"
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 16 Sep 2023 19:01:27 GMT

GET
H2 200 down.png
pru102.cc/static/image5/ 5 KB
5 KB 822ms
822ms Image
image/png 116.204.156.86
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pru102.cc/static/image5/down.png
Requested by: Host: pru102.cc
URL: https://pru102.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.204.156.86 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash: d945c72530d4bba825bd7cb9620ed412c61f1006fe204f8962eb7f489c5ab606

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pru102.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 08:01:53 GMT
last-modified: Sat, 01 Apr 2023 16:39:56 GMT
server: cdn-ddos-cc
etag: "64285e5c-13df"
x-cache-status: HIT
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5087
expires: Mon, 16 Oct 2023 07:01:28 GMT

GET
H2 200 tips.png
pru102.cc/static/image5/ 22 KB
23 KB 822ms
822ms Image
image/png 116.204.156.86
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pru102.cc/static/image5/tips.png
Requested by: Host: pru102.cc
URL: https://pru102.cc/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.204.156.86 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash: f3b94ab8159f16f6e58635499dc7ed7cbfeaafe500620c82294424bd0a8842a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pru102.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 08:01:53 GMT
last-modified: Sat, 01 Apr 2023 16:39:57 GMT
server: cdn-ddos-cc
etag: "64285e5d-59e9"
x-cache-status: HIT
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 23017
expires: Mon, 16 Oct 2023 07:01:28 GMT

POST
H2 200 init Show response
web.openinstall.io/web/a4j3bd/_/ 525 B
923 B 1319ms
250ms XHR
application/json 101.33.11.32
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.openinstall.io/web/a4j3bd/_/init?av=0&cv=0&hash=&sw=p6Cmpg&sh=p6Smpg&sp=1
Requested by: Host: web.cdn.openinstall.io
URL: https://web.cdn.openinstall.io/openinstall.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 101.33.11.32 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: 650283c54ef2960ebcb3f2c2700237da9eb770abeff0c2c90a1d62b8c0ce09b6

Request headers

Referer: https://pru102.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Sat, 16 Sep 2023 08:01:54 GMT
x-cache-lookup: Cache Miss, Cache Miss, Cache Miss
server: Lego Server
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://pru102.cc
access-control-allow-credentials: true
x-nws-log-uuid: 12020768758510619263
content-length: 525

POST
H2 200 eyJtIjoiZ1U3OEt0cDZwaDRBQUFHS25RSzBOZ1V5bndhWDZEUGVmNkx6UUVmWkNUNEh6OFRGd3d1UWhhb083cHdNWHM0In0=
web.openinstall.io/web/a4j3bd/_/clicked/c/ 0
180 B 245ms
245ms Ping
text/plain 101.33.11.32
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.openinstall.io/web/a4j3bd/_/clicked/c/eyJtIjoiZ1U3OEt0cDZwaDRBQUFHS25RSzBOZ1V5bndhWDZEUGVmNkx6UUVmWkNUNEh6OFRGd3d1UWhhb083cHdNWHM0In0=?p=0&ref=https%3A%2F%2Fpru102.cc%2F&ac=0&cc=0
Requested by: Host: web.cdn.openinstall.io
URL: https://web.cdn.openinstall.io/openinstall.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 101.33.11.32 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Lego Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pru102.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 08:01:57 GMT
x-cache-lookup: Cache Miss, Cache Miss, Cache Miss
server: Lego Server
vary: Origin
access-control-allow-origin: https://pru102.cc
access-control-allow-credentials: true
x-nws-log-uuid: 3092174893467718967
content-length: 0

GET
H/1.1

200
OK

5208557c-5467-11ee-8f05-975e93cbf22a.apk
xiaoyi-1319445221.cos.accelerate.myqcloud.com/2-DEP4-ENV58-GG-09150-simple6/
Redirect Chain

https://app-a4j3bd.openinstall.io/page/a4j3bd/install/c/eyJtIjoiNEJxTG5ENU1YNVVBQUFHS25RSzBOaWlGMndzZUpaNzlCOHl6Wm0za0lRYjBpdG1HaG9yMjUyUXFHX2o0eGc0In0=?p=0
https://sosadjkl.backty.top/dafe59f0ccabb343
https://xiaoyi-1319445221.cos.accelerate.myqcloud.com/2-DEP4-ENV58-GG-09150-simple6/5208557c-5467-11ee-8f05-975e93cbf22a.apk?q-sign-algorithm=sha1&q-ak=IKIDTpzgDXdWAZ2qT3qPltmqIZP3TeeS4Uii&q-sign-t...

0
0

1608ms
921ms

Document
application/vnd.android.package-archive

170.106.97.208

General

Check archive.org

Show headers Download Go to

Full URL: https://xiaoyi-1319445221.cos.accelerate.myqcloud.com/2-DEP4-ENV58-GG-09150-simple6/5208557c-5467-11ee-8f05-975e93cbf22a.apk?q-sign-algorithm=sha1&q-ak=IKIDTpzgDXdWAZ2qT3qPltmqIZP3TeeS4Uii&q-sign-time=1694851265%3B1694851925&q-key-time=1694851265%3B1694851925&q-header-list=host&q-url-param-list=response-content-disposition%3Bresponse-disposition-type&q-signature=cdf1c426320721d936ece3968bbe1f7e5b3c2080&response-content-disposition=attachment%3B+name+%3D+58460387.apk%3Bfilename+%3D+%2258460387.apk%22&response-disposition-type=application%2Foctet-stream
Requested by: Host: web.cdn.openinstall.io
URL: https://web.cdn.openinstall.io/openinstall.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.106.97.208 -, , ASN (),
Reverse DNS
Software: tencent-cos /
Resource Hash

Request headers

Referer: https://pru102.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Disposition: attachment; name = 58460387.apk;filename = "58460387.apk"
Content-Length: 72200385
Content-Type: application/vnd.android.package-archive
Date: Sat, 16 Sep 2023 08:02:07 GMT
ETag: "7374b66d04ee617dfde74491f382fb3b"
Last-Modified: Sat, 16 Sep 2023 08:02:03 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 9063417637648110912
x-cos-request-id: NjUwNTYwZmVfMTFlZjVlMGJfMmRkMV82NjM0Mzc=

Redirect headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1365
Content-Type: text/html; charset=utf-8
Date: Sat, 16 Sep 2023 08:02:05 GMT
Location: https://xiaoyi-1319445221.cos.accelerate.myqcloud.com/2-DEP4-ENV58-GG-09150-simple6/5208557c-5467-11ee-8f05-975e93cbf22a.apk?q-sign-algorithm=sha1&q-ak=IKIDTpzgDXdWAZ2qT3qPltmqIZP3TeeS4Uii&q-sign-time=1694851265%3B1694851925&q-key-time=1694851265%3B1694851925&q-header-list=host&q-url-param-list=response-content-disposition%3Bresponse-disposition-type&q-signature=cdf1c426320721d936ece3968bbe1f7e5b3c2080&response-content-disposition=attachment%3B+name+%3D+58460387.apk%3Bfilename+%3D+%2258460387.apk%22&response-disposition-type=application%2Foctet-stream
Server: CDNRAY

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
web.openinstall.io/web/a4j3bd/	1970-01-21 00:23:31	Name: v-app-a4j3bd Value: 1
web.openinstall.io/web/a4j3bd/	1970-01-21 00:23:31	Name: c-app-a4j3bd Value: 1
web.openinstall.io/	1970-01-21 00:23:31	Name: op-mid Value: 12798518090117

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-a4j3bd.openinstall.io
pru102.cc
sosadjkl.backty.top
web.cdn.openinstall.io
web.openinstall.io
www.5x8favj.top
xiaoyi-1319445221.cos.accelerate.myqcloud.com
101.33.11.32
103.188.121.242
104.166.182.223
116.204.156.86
170.106.97.208
43.129.201.60
47.246.49.232
66.232.11.68
05b19c7bdb7a3f659a241ab154e5d5ed4f8225a388ef0493a5fa31a3012a7b97
2d07ea865e6a127873a94f4c2198d42d5b60eed8acb0941aad830ff900e00806
3b7c46ab3a12e6161756f55f8e7d39a87d2b9718e6d0f8abe0b97a87994f4b49
45799db280e1e5a28a4ae9e75e3631273b9e636e09d01b7d7ab568367fe00703
48bcb716184ac3d54509c98d71654ea0c674712178b5717a35b61fb5d7ec44b3
4cacb73e15d9cadf8c36cb8971c939edadf0a97706ce26788326b3d0b91f9241
650283c54ef2960ebcb3f2c2700237da9eb770abeff0c2c90a1d62b8c0ce09b6
ab2a8d3203b2ff01067a87040fd1011b24838db0b7217c6e4136a3d00e7680b8
d945c72530d4bba825bd7cb9620ed412c61f1006fe204f8962eb7f489c5ab606
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3b94ab8159f16f6e58635499dc7ed7cbfeaafe500620c82294424bd0a8842a8

pru102.cc Open in urlscan Pro 116.204.156.86 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

5 Domains

7 Subdomains

5 IPs

3 Countries

556 kBTransfer

617 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

3 Cookies

Indicators

pru102.cc Open in urlscan Pro
116.204.156.86 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

5
IPs

3
Countries

556 kB
Transfer

617 kB
Size

3
Cookies

14 HTTP transactions
0 data transactions