h3p-1312109307.cos.ap-chongqing.myqcloud.com
Open in
urlscan Pro
114.117.223.42
Public Scan
Effective URL: https://h3p-1312109307.cos.ap-chongqing.myqcloud.com/si.html?appKey=3YKY6X6EUhGVth97o9tBKZQfwqbU&adslotId=441923&
Submission Tags: https://phish.report @phish_report Search All
Submission: On March 01 via api from FI — Scanned from SG
Summary
TLS certificate: Issued by GlobalSign Organization Validation CA... on March 14th 2022. Valid for: a year.
This is the only time h3p-1312109307.cos.ap-chongqing.myqcloud.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 43.132.81.29 43.132.81.29 | 139341 (ACE-AS-AP...) (ACE-AS-AP ACE) | |
4 | 223.119.20.31 223.119.20.31 | 58453 (CMI-INT-H...) (CMI-INT-HK Level 30) | |
2 | 163.171.210.190 163.171.210.190 | 54994 (QUANTILNE...) (QUANTILNETWORKS) | |
2 | 103.235.46.191 103.235.46.191 | 55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.) | |
1 | 240e:95c:2002... 240e:95c:2002:b:3::3e9 | () () | |
2 2 | 47.111.36.14 47.111.36.14 | () () | |
2 2 | 120.26.53.4 120.26.53.4 | () () | |
1 | 114.117.223.42 114.117.223.42 | () () | |
1 | 240e:b1:9801:... 240e:b1:9801:207::6fe1:d523 | () () | |
1 | 47.246.16.225 47.246.16.225 | () () | |
16 | 9 |
ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
45t.cn
static.45t.cn |
113 KB |
2 |
haoxuexiba.cn
2 redirects
domain.haoxuexiba.cn |
421 B |
2 |
duijie112.cn
2 redirects
u.duijie112.cn |
285 B |
2 |
baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8406 |
12 KB |
2 |
45dwz.cn
api-jump.45dwz.cn |
871 B |
1 |
dui88.com
yun.dui88.com |
4 KB |
1 |
quickapp.cn
statres.quickapp.cn |
3 KB |
1 |
myqcloud.com
h3p-1312109307.cos.ap-chongqing.myqcloud.com |
2 KB |
1 |
cnzz.com
v1.cnzz.com |
440 B |
1 |
le1o.cn
le1o.cn |
3 KB |
0 |
tuia.cn
Failed
engine.tuia.cn Failed |
|
0 |
Failed
function sub() { [native code] }. Failed |
|
16 | 12 |
Domain | Requested by | |
---|---|---|
4 | static.45t.cn |
le1o.cn
|
2 | domain.haoxuexiba.cn | 2 redirects |
2 | u.duijie112.cn | 2 redirects |
2 | hm.baidu.com |
le1o.cn
|
2 | api-jump.45dwz.cn |
static.45t.cn
|
1 | yun.dui88.com |
h3p-1312109307.cos.ap-chongqing.myqcloud.com
|
1 | statres.quickapp.cn |
h3p-1312109307.cos.ap-chongqing.myqcloud.com
|
1 | h3p-1312109307.cos.ap-chongqing.myqcloud.com |
static.45t.cn
|
1 | v1.cnzz.com |
static.45t.cn
|
1 | le1o.cn | |
0 | engine.tuia.cn Failed |
yun.dui88.com
|
0 | virtual Failed |
static.45t.cn
|
16 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
le1o.cn TrustAsia RSA DV TLS CA G2 |
2023-01-27 - 2024-01-27 |
a year | crt.sh |
static.45t.cn Encryption Everywhere DV TLS CA - G1 |
2022-09-03 - 2023-09-04 |
a year | crt.sh |
api-jump.45dwz.cn Encryption Everywhere DV TLS CA - G1 |
2022-04-27 - 2023-04-27 |
a year | crt.sh |
baidu.com GlobalSign RSA OV SSL CA 2018 |
2022-07-05 - 2023-08-06 |
a year | crt.sh |
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G3 |
2023-01-28 - 2024-02-29 |
a year | crt.sh |
*.cos.ap-chongqing.myqcloud.com GlobalSign Organization Validation CA - SHA256 - G2 |
2022-03-14 - 2023-04-15 |
a year | crt.sh |
*.quickapp.cn RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2022-04-07 - 2023-04-24 |
a year | crt.sh |
*.dui88.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2022-06-21 - 2023-07-08 |
a year | crt.sh |
This page contains 1 frames:
Frame:
https://engine.tuia.cn/index/activity?appKey=3YKY6X6EUhGVth97o9tBKZQfwqbU&adslotId=441923&&deviceId=b31bbe0a-3771-49dd-b480-d02fe3428597
Frame ID: 75829AD3824591751172D5175387765C
Requests: 16 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://le1o.cn/02xGY Page URL
-
https://u.duijie112.cn/2a4d
HTTP 302
https://u.duijie112.cn/2a4d?us_ts_tmp_=1677651506301 HTTP 301
http://domain.haoxuexiba.cn/lookup/s?shortUk=2a4d HTTP 307
https://domain.haoxuexiba.cn/lookup/s?shortUk=2a4d HTTP 302
https://h3p-1312109307.cos.ap-chongqing.myqcloud.com/si.html?appKey=3YKY6X6EUhGVth97o9tBKZQfwqbU&adslotId=441923& Page URL
Detected technologies
Baidu Analytics (百度统计) (Analytics) ExpandDetected patterns
- hm\.baidu\.com/hm\.js
CNZZ (Analytics) Expand
Detected patterns
- //[^./]+\.cnzz\.com/(?:z_stat.php|core)\?
Clipboard.js (Miscellaneous) Expand
Detected patterns
- clipboard(?:-([\d.]+))?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://le1o.cn/02xGY Page URL
-
https://u.duijie112.cn/2a4d
HTTP 302
https://u.duijie112.cn/2a4d?us_ts_tmp_=1677651506301 HTTP 301
http://domain.haoxuexiba.cn/lookup/s?shortUk=2a4d HTTP 307
https://domain.haoxuexiba.cn/lookup/s?shortUk=2a4d HTTP 302
https://h3p-1312109307.cos.ap-chongqing.myqcloud.com/si.html?appKey=3YKY6X6EUhGVth97o9tBKZQfwqbU&adslotId=441923& Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
02xGY
le1o.cn/ |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
static.45t.cn/static/js/ |
82 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.js
static.45t.cn/static/js/ |
14 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clipboard.min.js
static.45t.cn/static/js/ |
10 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
go.css
static.45t.cn/static/default/ |
4 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getJumpUrl
api-jump.45dwz.cn/link/ |
188 B 420 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getOriginalUrl
api-jump.45dwz.cn/link/ |
179 B 451 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hm.js
hm.baidu.com/ |
29 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hm.gif
hm.baidu.com/ |
43 B 299 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
z_stat.php
v1.cnzz.com/ |
0 440 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
openapp.jdmobile://virtual?params={%22category%22:%22jump%22,%22des%22:%22m%22,%22url%22:%22https://u.jd.com/LzoCh34%22,%22keplerID%22:%220%22,%22keplerFrom%22:%221%22}
openapp.jdmobile://virtual?params={%22category%22:%22jump%22,%22des%22:%22m%22,%22url%22:%22https://u.jd.com/LzoCh34%22,%22keplerID%22:%220%22,%22keplerFrom%22:%221%22} |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
si.html
h3p-1312109307.cos.ap-chongqing.myqcloud.com/ Redirect Chain
|
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
hm.gif
hm.baidu.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
routerinline.min.js
statres.quickapp.cn/quickapp/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
silverlining.min.js
yun.dui88.com/h5-mami/activity/wx/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
activity
engine.tuia.cn/index/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- virtual
- URL
- openapp.jdmobile://virtual?params={%22category%22:%22jump%22,%22des%22:%22m%22,%22url%22:%22https://u.jd.com/LzoCh34%22,%22keplerID%22:%220%22,%22keplerFrom%22:%221%22}
- Domain
- hm.baidu.com
- URL
- https://hm.baidu.com/hm.gif?hca=1AAFEC724026D3D7&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=10334%2C10334&et=3&ja=0&ln=en-us&lo=0&rnd=1099253847&si=1bf4405e43bebb24adb16df25db337aa&v=1.3.0&lv=1&sn=21036&r=0&ww=1600&u=https%3A%2F%2Fle1o.cn%2F02xGY
- Domain
- engine.tuia.cn
- URL
- https://engine.tuia.cn/index/activity?appKey=3YKY6X6EUhGVth97o9tBKZQfwqbU&adslotId=441923&&deviceId=b31bbe0a-3771-49dd-b480-d02fe3428597
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.hm.baidu.com/ | Name: HMACCOUNT_BFESS Value: 1AAFEC724026D3D7 |
|
.le1o.cn/ | Name: Hm_lvt_1bf4405e43bebb24adb16df25db337aa Value: 1677651501 |
|
.le1o.cn/ | Name: Hm_lpvt_1bf4405e43bebb24adb16df25db337aa Value: 1677651501 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-jump.45dwz.cn
domain.haoxuexiba.cn
engine.tuia.cn
h3p-1312109307.cos.ap-chongqing.myqcloud.com
hm.baidu.com
le1o.cn
static.45t.cn
statres.quickapp.cn
u.duijie112.cn
v1.cnzz.com
virtual
yun.dui88.com
engine.tuia.cn
hm.baidu.com
virtual
103.235.46.191
114.117.223.42
120.26.53.4
163.171.210.190
223.119.20.31
240e:95c:2002:b:3::3e9
240e:b1:9801:207::6fe1:d523
43.132.81.29
47.111.36.14
47.246.16.225
02fc58b9e08e9b7e9a5a848399a7b8e3714ee2917309dbecaefeea88c470b683
23b6c2731facc667b41824fe6d22b5a820f2d3b1b903456742279a395d05a20d
5cde5152e74b6a7fa829026b54edf48501245adc0e3591b8202ee37aead25ec4
60238ca2d7090b622b54c8b2a199938cea3fdcabd74f16d88fdcce9d2a989971
693b7a368224345db422aa58616214278f01fde9c9f1893e5b9e866bf996b201
6cca0a2fc5b6faa7803c85b43cb5ecf4713c419182abc03c0067ce7122639d9b
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2
a7d2b4cad21010f3ec5ba6bffded608feec637eb4e19f8290cc87bec05726ddb
c7f796f6f8900246b862cc758d29c53c3f282b2c4fe826c7fd1d2ee2672e12c1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
f02acef36c6958d064615862ffd8ae66c7f6af28498560da1557042e0353e1e4
ffbf454f8600b0a6c119c3281c8f0822f498b4a3d8c54b5703d897af4ff83f7c