gq5qa.egdh55d.top Open in urlscan Pro
139.162.21.77 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sxlmggx12.com/
Effective URL:
https://gq5qa.egdh55d.top/baidu.com/?channelCode=cunzhang
Submission: On June 24 via manual (June 24th 2024, 2:58:53 pm UTC) from US — Scanned from DE

Summary HTTP 36 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 36 HTTP transactions. The main IP is 139.162.21.77, located in and belongs to . The main domain is gq5qa.egdh55d.top.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on June 24th 2024. Valid for: 3 months.

This is the only time gq5qa.egdh55d.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	156.251.153.37 156.251.153.37	40065 (CNSERVERS) (CNSERVERS)
1	45.32.65.219 45.32.65.219	20473 (AS-CHOOPA) (AS-CHOOPA)
1	2606:4700:303... 2606:4700:3033::6815:97a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	51.222.244.150 51.222.244.150	16276 (OVH) (OVH)
2	2620:1ec:bdf::73 2620:1ec:bdf::73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.119.174.243 20.119.174.243	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	139.162.21.77 139.162.21.77	() ()
36	9

2 156.251.153.37 (United States)

ASN40065 (CNSERVERS, US)

sxlmggx12.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.32.65.219 (Los Angeles, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 45.32.65.219.vultrusercontent.com

xss9.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:97a (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflare.mh616.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.222.244.150 (Canada)

ASN16276 (OVH, FR)
PTR: ns5005926.ip-51-222-244.net

uv60.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::73 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.21.77 (None, )

ASN- ()

gq5qa.egdh55d.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 743 r.clarity.ms — Cisco Umbrella Rank: 7784 c.clarity.ms — Cisco Umbrella Rank: 1434	28 KB
2	uv60.cn uv60.cn — Cisco Umbrella Rank: 389770	23 KB
2	sxlmggx12.com sxlmggx12.com	1 KB
1	egdh55d.top gq5qa.egdh55d.top	9 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 224	767 B
1	mh616.org cloudflare.mh616.org	1 KB
1	xss9.com xss9.com	627 B
36	7

	Domain	Requested by
2	c.clarity.ms	1 redirects
2	r.clarity.ms	www.clarity.ms
2	www.clarity.ms	sxlmggx12.com www.clarity.ms
2	uv60.cn	xss9.com uv60.cn
2	sxlmggx12.com
1	gq5qa.egdh55d.top	xss9.com gq5qa.egdh55d.top
1	c.bing.com	1 redirects
1	cloudflare.mh616.org	sxlmggx12.com
1	xss9.com	sxlmggx12.com
36	9

This site contains no links.

Subject Issuer	Validity	Valid
sxlmggx12.com R3	`2024-04-09` - `2024-07-08`	3 months	crt.sh
xss9.com R3	`2024-05-10` - `2024-08-08`	3 months	crt.sh
mh616.org GTS CA 1P5	`2024-05-04` - `2024-08-02`	3 months	crt.sh
uv60.cn Sectigo RSA Domain Validation Secure Server CA	`2024-05-19` - `2025-05-19`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
gq5qa.egdh55d.top ZeroSSL RSA Domain Secure Site CA	`2024-06-24` - `2024-09-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gq5qa.egdh55d.top/baidu.com/?channelCode=cunzhang
Frame ID: D0E0C979F3E47DFFE3A1099285B1B893
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://sxlmggx12.com/ HTTP 307
https://sxlmggx12.com/ Page URL
https://gq5qa.egdh55d.top/baidu.com/?channelCode=cunzhang Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

31 %
HTTPS

33 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

63 kB
Transfer

181 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sxlmggx12.com/ HTTP 307
https://sxlmggx12.com/ Page URL
https://gq5qa.egdh55d.top/baidu.com/?channelCode=cunzhang Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://sxlmggx12.com/ HTTP 307
https://sxlmggx12.com/

Request Chain 7

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9EE62E586A7F4AA6BCEA44B2B6CD0EDB&RedC=c.clarity.ms&MXFR=1A159D23BAED692F099A898BBEED67B1 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9EE62E586A7F4AA6BCEA44B2B6CD0EDB&MUID=2E4E7719D9DC62DE1E1F63B1D80E63CC

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
sxlmggx12.com/
Redirect Chain

http://sxlmggx12.com/
https://sxlmggx12.com/

1016 B
861 B

2243ms
502ms

Document
text/html

156.251.153.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://sxlmggx12.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 156.251.153.37 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx/onex /
Resource Hash: 7a4431241aff983287b76a162de3d5912589b0efaa9298c4bf0966ddaad40a54

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 24 Jun 2024 14:58:46 GMT
Server: nginx/onex
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Location: https://sxlmggx12.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 FWkB Show response
xss9.com/ 859 B
627 B 559ms
164ms Script
application/x-javascript 45.32.65.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://xss9.com/FWkB
Requested by: Host: sxlmggx12.com
URL: https://sxlmggx12.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.32.65.219 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.32.65.219.vultrusercontent.com
Software: Apache /
Resource Hash: 5ca681aeb2e875a68e9c78519f77f7376cfcf8adb72bceee7d63df79092dab6e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sxlmggx12.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 14:58:46 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: nocache
content-length: 510

GET
H2 200 jquery-1.10.2.min_656a2.js Show response
cloudflare.mh616.org/ 1 KB
1 KB 759ms
717ms Script
application/javascript 2606:4700:3033::6815:97a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloudflare.mh616.org/jquery-1.10.2.min_656a2.js
Requested by: Host: sxlmggx12.com
URL: https://sxlmggx12.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:97a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adde22ed1284fe2c333a60308cb911dc96e2193023c52bef6484f3a475e13f9e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sxlmggx12.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 14:58:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 17 Jun 2024 00:44:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"666f86e1-49f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mb8Qc7m%2FCoS03nBkPVy9hT7SBf1McGanRSpDerDCCDfFxfdvqCHIcaaT%2BGfwCuL3yPBSEBzArecVIGtN9wZVjuxrtOwvK2o0TaDUZK4ngy27WeRY3HMArpmPOmlei%2B063NK8dbzTralEVU52M61Mz7dNsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 898d93f07d759261-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK tongji.js Show response
uv60.cn/tj/ 55 KB
22 KB 2181ms
136ms Script
application/javascript 51.222.244.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://uv60.cn/tj/tongji.js?v=2.08

Requested by

Host: xss9.com
URL: https://xss9.com/FWkB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.222.244.150 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ns5005926.ip-51-222-244.net

Software

nginx /

Resource Hash

2c60a4ba87818b0c31e5993bd2b6e173ac40358604d57a58acea3c38d313940e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sxlmggx12.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 24 Jun 2024 14:58:49 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Thu, 30 May 2024 04:56:57 GMT
Server: nginx
ETag: W/"66580719-da2e"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 mm2vcvpavf Show response
www.clarity.ms/tag/ 1 KB
1 KB 160ms
106ms Script
application/x-javascript 2620:1ec:bdf::73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/mm2vcvpavf
Requested by: Host: sxlmggx12.com
URL: https://sxlmggx12.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::73 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bac39478c0790034ec91239b504243b64cdf2b8be61fe6a24168b4a8e93bda6d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sxlmggx12.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Mon, 24 Jun 2024 14:58:47 GMT
x-azure-ref: 20240624T145847Z-17d856f55772lbftts4hkhau5g00000000900000000053hn
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1025
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 17ms
16ms Script
application/javascript 2620:1ec:bdf::73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/mm2vcvpavf
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::73 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sxlmggx12.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 14:58:47 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240624T145847Z-17d856f55772lbftts4hkhau5g00000000900000000053k6
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 949203f2-601e-0050-0434-c2ec8b000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
277 B 316ms
97ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://sxlmggx12.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://sxlmggx12.com
Date: Mon, 24 Jun 2024 14:58:47 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9EE62E586A7F4AA6BCEA44B2B6CD0EDB&RedC=c.clarity.ms&MXFR=1A159D23BAED692F099A898BBEED67B1
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9EE62E586A7F4AA6BCEA44B2B6CD0EDB&MUID=2E4E7719D9DC62DE1E1F63B1D80E63CC

42 B
444 B

26ms
26ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9EE62E586A7F4AA6BCEA44B2B6CD0EDB&MUID=2E4E7719D9DC62DE1E1F63B1D80E63CC
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://sxlmggx12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 14:58:48 GMT
last-modified: Wed, 19 Jun 2024 18:40:50 GMT
server: Microsoft-IIS/10.0
etag: "2c9f213578c2da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 24 Jun 2024 14:58:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4715B699C6AE46099181F7156BE1F811 Ref B: FRAEDGE1309 Ref C: 2024-06-24T14:58:49Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9EE62E586A7F4AA6BCEA44B2B6CD0EDB&MUID=2E4E7719D9DC62DE1E1F63B1D80E63CC
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 404
Not Found favicon.ico
sxlmggx12.com/ 903 B
647 B 502ms
502ms Other
text/html 156.251.153.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://sxlmggx12.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 156.251.153.37 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx/onex /
Resource Hash: 43d38b92121010cf6332c7d953c8664a3430ae09406477b3dce6418433f962cb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sxlmggx12.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 24 Jun 2024 14:58:49 GMT
Content-Encoding: gzip
Server: nginx/onex
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/html

GET
H/1.1 200
OK start Show response
uv60.cn/api/v1/api2/statistics/ 102 B
829 B 177ms
177ms XHR
application/json 51.222.244.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://uv60.cn/api/v1/api2/statistics/start?s=ef3c67a15c8b56227a0da961f7b763ed&d=LytKL1dsVWYwcVQ3MWRkc0s0TElZSXp5QjYvbWYrN2pBQzZza3JQWWhkV1RzQ2JTRzZDWFZxd0VtU1QrdEhLYldoRG1uRkFnN1ZZQ2NDZFBYekZXbTVzcmp0S0lReXl5TzRzYmpCM1pjdGpRa1BLNFVlT2pLYXhDZU0rWTN1UHFCSU5mSEF0b1FLUWNRdm1OdkRiUnZ0Z2FrMDM0eW9RV0U2bGhDOElEa0RGUURQam9QWE5PamN3SlFVN25Qc2w4NUk1c1E3MlpIRHVLN2RtdStqbDB1ZGNoZFAzdkVJTTF0eEZNZ1FEak56NHFwY3AxVWg3eXU4c1hCL1VjaEV6OGZCOG9vREVwZ3VCSGwwc09lSGdNRktPZE5uTlhxUmdMMnlRa3pKcmRyQkcxRTAvL3Z4Sm8xUi9wUm5tMjBWcTg=&t=1719241129255

Requested by

Host: uv60.cn
URL: https://uv60.cn/tj/tongji.js?v=2.08

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.222.244.150 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ns5005926.ip-51-222-244.net

Software

nginx /

Resource Hash

50672458fcaaf173ccd349b6aeb96baf18b9447c3c2e2bdd5c21518808bc0002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://sxlmggx12.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 24 Jun 2024 14:58:49 GMT
Strict-Transport-Security: max-age=31536000
Server: nginx
Access-Control-Max-Age: 10080
Access-Control-Allow-Methods: POST,GET,DELETE,OPTIONS,HEAD
Content-Type: application/json
Access-Control-Allow-Origin: https://sxlmggx12.com
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: lang,signature,key,timestamp,secret,Content-Type,form-type,Content-Length,Accept-Encoding,X-Requested-with, x-token,x_token,x-user-id,x-c,x-xsrf-token, Origin, Authorization
Content-Length: 102

GET
H/1.1 200
OK Primary Request /
gq5qa.egdh55d.top/baidu.com/ 60 KB
9 KB 3563ms
353ms Document
text/html 139.162.21.77

General

Check archive.org

Show headers Download Go to

Full URL: https://gq5qa.egdh55d.top/baidu.com/?channelCode=cunzhang
Requested by: Host: xss9.com
URL: https://xss9.com/FWkB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 139.162.21.77 -, , ASN (),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://sxlmggx12.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 24 Jun 2024 14:58:52 GMT
ETag: W/"6613eb70-f081"
Last-Modified: Mon, 08 Apr 2024 13:04:48 GMT
Server: cdn-ddos-cc
Transfer-Encoding: chunked
Vary: Accept-Encoding

POST
H/1.1 204
No Content collect
r.clarity.ms/ 0
277 B 100ms
100ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://sxlmggx12.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://sxlmggx12.com
Date: Mon, 24 Jun 2024 14:58:50 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET tjq.js
gq5qa.egdh55d.top/baidu.com/static/js/ 0
0

GET swiper-3.4.2.min.css
gq5qa.egdh55d.top/baidu.com/static/css/ 0
0

GET style.css
gq5qa.egdh55d.top/baidu.com/static/css/ 0
0

GET swiper-3.4.2.min.js
gq5qa.egdh55d.top/baidu.com/static/js/ 0
0

GET jquery.min.js
gq5qa.egdh55d.top/baidu.com/static/js/ 0
0

GET jquery.lazyload.min.js
gq5qa.egdh55d.top/baidu.com/static/js/ 0
0

GET openinstall.js
gq5qa.egdh55d.top/baidu.com/ 0
0

GET logo.png
gq5qa.egdh55d.top/baidu.com/static/picture/ 0
0

GET app_btn.png
gq5qa.egdh55d.top/baidu.com/static/picture/ 0
0

GET arrow.png
gq5qa.egdh55d.top/baidu.com/static/picture/ 0
0

GET banner.gif
gq5qa.egdh55d.top/baidu.com/static/images/ 0
0

GET list_title1.png
gq5qa.egdh55d.top/baidu.com/static/picture/ 0
0

GET look1.png
gq5qa.egdh55d.top/baidu.com/static/picture/ 0
0

GET star.png
gq5qa.egdh55d.top/baidu.com/static/picture/ 0
0

GET list_title2.png
gq5qa.egdh55d.top/baidu.com/static/picture/ 0
0

GET look2.png
gq5qa.egdh55d.top/baidu.com/static/picture/ 0
0

GET list_title3.png
gq5qa.egdh55d.top/baidu.com/static/picture/ 0
0

GET look3.png
gq5qa.egdh55d.top/baidu.com/static/picture/ 0
0

GET list_title4.png
gq5qa.egdh55d.top/baidu.com/static/picture/ 0
0

GET icon1.png
gq5qa.egdh55d.top/baidu.com/static/picture/ 0
0

GET icon2.png
gq5qa.egdh55d.top/baidu.com/static/picture/ 0
0

GET icon4.png
gq5qa.egdh55d.top/baidu.com/static/picture/ 0
0

GET link.js
gq5qa.egdh55d.top/baidu.com/static/js/ 0
0

GET common.js
gq5qa.egdh55d.top/baidu.com/static/js/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/js/tjq.js

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/css/swiper-3.4.2.min.css

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/css/style.css

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/js/swiper-3.4.2.min.js

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/js/jquery.min.js

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/js/jquery.lazyload.min.js

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/openinstall.js

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/picture/logo.png

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/picture/app_btn.png

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/picture/arrow.png

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/images/banner.gif

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/picture/list_title1.png

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/picture/look1.png

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/picture/star.png

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/picture/list_title2.png

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/picture/look2.png

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/picture/list_title3.png

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/picture/look3.png

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/picture/list_title4.png

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/picture/icon1.png

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/picture/icon2.png

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/picture/icon4.png

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/js/link.js

Domain: gq5qa.egdh55d.top
URL: https://gq5qa.egdh55d.top/baidu.com/static/js/common.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-21 06:19:37	Name: CLID Value: 1d25d4b5fb0c4edfa107ec40318f00b1.20240624.20250624
.sxlmggx12.com/	1970-01-21 06:19:37	Name: _clck Value: g03wtp%7C2%7Cfmw%7C0%7C1636
.sxlmggx12.com/	1970-01-20 21:35:27	Name: _clsk Value: 1n168t9%7C1719241127794%7C1%7C0%7Cr.clarity.ms%2Fcollect
.bing.com/	1970-01-21 06:55:37	Name: MUID Value: 2E4E7719D9DC62DE1E1F63B1D80E63CC
.c.bing.com/	1970-01-20 21:44:05	Name: MR Value: 0
.c.bing.com/	1970-01-21 06:55:37	Name: SRM_B Value: 2E4E7719D9DC62DE1E1F63B1D80E63CC
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 06:55:37	Name: MUID Value: 2E4E7719D9DC62DE1E1F63B1D80E63CC
.c.clarity.ms/	1970-01-20 21:44:05	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 21:34:01	Name: ANONCHK Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sxlmggx12.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cloudflare.mh616.org
gq5qa.egdh55d.top
r.clarity.ms
sxlmggx12.com
uv60.cn
www.clarity.ms
xss9.com
gq5qa.egdh55d.top
139.162.21.77
156.251.153.37
20.119.174.243
2606:4700:3033::6815:97a
2620:1ec:bdf::73
2620:1ec:c11::237
45.32.65.219
51.222.244.150
68.219.88.97
2c60a4ba87818b0c31e5993bd2b6e173ac40358604d57a58acea3c38d313940e
43d38b92121010cf6332c7d953c8664a3430ae09406477b3dce6418433f962cb
50672458fcaaf173ccd349b6aeb96baf18b9447c3c2e2bdd5c21518808bc0002
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5ca681aeb2e875a68e9c78519f77f7376cfcf8adb72bceee7d63df79092dab6e
7a4431241aff983287b76a162de3d5912589b0efaa9298c4bf0966ddaad40a54
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
adde22ed1284fe2c333a60308cb911dc96e2193023c52bef6484f3a475e13f9e
bac39478c0790034ec91239b504243b64cdf2b8be61fe6a24168b4a8e93bda6d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

gq5qa.egdh55d.top Open in urlscan Pro 139.162.21.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

36 Requests

31 %HTTPS

33 %IPv6

7 Domains

9 Subdomains

9 IPs

3 Countries

63 kBTransfer

181 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

10 Cookies

1 Console Messages

Indicators

gq5qa.egdh55d.top Open in urlscan Pro
139.162.21.77 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

31 %
HTTPS

33 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

63 kB
Transfer

181 kB
Size

10
Cookies

36 HTTP transactions
0 data transactions