urlscan.io logo urlscan.io
SecurityTrails logo

xw7t8kpubi.452024.xyz Open in urlscan Pro
203.25.119.7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://azhm2.top/robots.txt
Effective URL: https://xw7t8kpubi.452024.xyz/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On February 06 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 3 domains to perform 2 HTTP transactions. The main IP is 203.25.119.7, located in Kowloon, Hong Kong and belongs to GIGABIT-MY Gigabit Hosting Sdn Bhd, MY. The main domain is xw7t8kpubi.452024.xyz.
TLS certificate: Issued by R3 on February 3rd 2024. Valid for: 3 months.
This is the only time xw7t8kpubi.452024.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 5 203.25.119.7 55720 (GIGABIT-M...)
2 1
Apex Domain
Subdomains		 Transfer
3 432024.xyz
lyo234kdj2.432024.xyz
2 KB
1 452024.xyz
xw7t8kpubi.452024.xyz
2 KB
1 azhm2.top
azhm2.top
220 B
2 3
Domain Requested by
3 lyo234kdj2.432024.xyz 2 redirects
1 xw7t8kpubi.452024.xyz lyo234kdj2.432024.xyz
1 azhm2.top 1 redirects
2 3

This site contains links to these domains. Also see Links.

Domain
6iw15a.azhm3.top
Subject Issuer Validity Valid
*.432024.xyz
R3		 2024-02-03 -
2024-05-03		 3 months crt.sh
*.452024.xyz
R3		 2024-02-03 -
2024-05-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://xw7t8kpubi.452024.xyz/
Frame ID: 4C5140450C3AAD3869A0FDF004E5F23D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

成全动漫在线观看免费观看,成全视频在线观看免费高清,成全动漫视频在线观看免费播放,成全看免费观看,成全视频观看免费高清动漫,成全视频动漫免费高清,成全视频免费观看在线看

Page URL History Show full URLs

  1. https://azhm2.top/robots.txt HTTP 301
    https://lyo234kdj2.432024.xyz/5houmen HTTP 301
    http://lyo234kdj2.432024.xyz/5houmen/ HTTP 301
    https://lyo234kdj2.432024.xyz/5houmen/ Page URL
  2. https://xw7t8kpubi.452024.xyz/ Page URL

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

1
Countries

3 kB
Transfer

5 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://azhm2.top/robots.txt HTTP 301
    https://lyo234kdj2.432024.xyz/5houmen HTTP 301
    http://lyo234kdj2.432024.xyz/5houmen/ HTTP 301
    https://lyo234kdj2.432024.xyz/5houmen/ Page URL
  2. https://xw7t8kpubi.452024.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://azhm2.top/robots.txt HTTP 301
  • https://lyo234kdj2.432024.xyz/5houmen HTTP 301
  • http://lyo234kdj2.432024.xyz/5houmen/ HTTP 301
  • https://lyo234kdj2.432024.xyz/5houmen/

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
lyo234kdj2.432024.xyz/5houmen/
Redirect Chain
  • https://azhm2.top/robots.txt
  • https://lyo234kdj2.432024.xyz/5houmen
  • http://lyo234kdj2.432024.xyz/5houmen/
  • https://lyo234kdj2.432024.xyz/5houmen/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lyo234kdj2.432024.xyz/5houmen/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.25.119.7 Kowloon, Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 06 Feb 2024 01:58:40 GMT
ETag
W/"65bf9d43-7ce"
Last-Modified
Sun, 04 Feb 2024 14:20:51 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache
MISS

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Tue, 06 Feb 2024 09:59:00 GMT
Location
https://lyo234kdj2.432024.xyz/5houmen/
X-NoCache
this
Primary Request /
xw7t8kpubi.452024.xyz/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xw7t8kpubi.452024.xyz/
Requested by
Host: lyo234kdj2.432024.xyz
URL: https://lyo234kdj2.432024.xyz/5houmen/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.25.119.7 Kowloon, Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),
Reverse DNS
Software
nginx /
Resource Hash
8efa5e6c1b0fb2ad84a51f1a6d43bb0400d1c197d626fa478a15bddc5f63076f

Request headers

Referer
https://lyo234kdj2.432024.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 06 Feb 2024 01:58:41 GMT
ETag
W/"65bfcb3b-b08"
Last-Modified
Sun, 04 Feb 2024 17:36:59 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache
MISS

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| strU function| randomWord string| ym function| delayURL

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

azhm2.top
lyo234kdj2.432024.xyz
xw7t8kpubi.452024.xyz
203.25.119.7
8efa5e6c1b0fb2ad84a51f1a6d43bb0400d1c197d626fa478a15bddc5f63076f