urlscan.io logo urlscan.io
SecurityTrails logo

www.tw-123.net Open in urlscan Pro
43.132.105.108  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gx-gu4.asia/
Effective URL: http://www.tw-123.net/
Submission Tags: phishingrod
Submission: On December 28 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 4 domains to perform 21 HTTP transactions. The main IP is 43.132.105.108, located in Central, Hong Kong and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is www.tw-123.net.
This is the only time www.tw-123.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 196.247.28.75 41564 (AS41564)
2 43.132.105.108 132203 (TENCENT-N...)
1 119.28.164.142 132203 (TENCENT-N...)
2 240e:97c:2f::7c 58466 (CT-GUANGZ...)
1 159.138.23.7 136907 (HWCLOUDS-...)
3 203.205.136.85 ()
9 61.130.25.210 136190 (CHINATELE...)
2 240d:c000:201... ()
21 8
1    196.247.28.75 (Washington, United States)

ASN41564 (AS41564, GB)
gx-gu4.asia
2    43.132.105.108 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
www.tw-123.net
1    119.28.164.142 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
3gimg.qq.com
2    240e:97c:2f::7c (China)

ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN)
apis.map.qq.com
1    159.138.23.7 (Central, Hong Kong)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-159-138-23-7.compute.hwclouds-dns.com
tb.53kf.com
3    203.205.136.85 (None, )

ASN- ()
mapapi.qq.com
9    61.130.25.210 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)
accwww8c1.53kf.com
www8c1.53kf.com
2    240d:c000:2010:1807:0:95aa:d331:c04c (None, )

ASN- ()
pr.map.qq.com
Apex Domain
Subdomains		 Transfer
10 53kf.com
tb.53kf.com — Cisco Umbrella Rank: 296128
accwww8c1.53kf.com
www8c1.53kf.com
93 KB
8 qq.com
3gimg.qq.com — Cisco Umbrella Rank: 43898
apis.map.qq.com — Cisco Umbrella Rank: 82798
mapapi.qq.com
pr.map.qq.com
15 KB
2 tw-123.net
www.tw-123.net
55 KB
1 gx-gu4.asia
gx-gu4.asia
95 B
21 4
Domain Requested by
8 www8c1.53kf.com tb.53kf.com
www.tw-123.net
3 mapapi.qq.com apis.map.qq.com
2 pr.map.qq.com apis.map.qq.com
2 apis.map.qq.com 3gimg.qq.com
mapapi.qq.com
2 www.tw-123.net www.tw-123.net
1 accwww8c1.53kf.com tb.53kf.com
1 tb.53kf.com www.tw-123.net
1 3gimg.qq.com www.tw-123.net
1 gx-gu4.asia 1 redirects
21 9

This site contains links to these domains. Also see Links.

Domain
line.me
Subject Issuer Validity Valid
*.flow.qq.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-04-28 -
2023-05-30		 a year crt.sh
*.march01.sparta.3g.qq.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-03-09 -
2023-04-10		 a year crt.sh
*.53kf.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-07-07 -
2023-07-07		 a year crt.sh
*.july-03-2022.sparta.3g.qq.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-08-05 -
2023-09-06		 a year crt.sh

This page contains 2 frames:

Primary Page: http://www.tw-123.net/
Frame ID: 52B8586CCC096C320BA0EE66FED9C65C
Requests: 14 HTTP requests in this frame

Frame: https://apis.map.qq.com/tools/geolocation?key=5WFBZ-IAS3J-IK3FJ-FFHNY-NJSF2-LQFXZ&referer=h5
Frame ID: 8CD63E4A69AC9898EC91828E6AE036FA
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

台北購物網 - 台北郵購 - 香港購物網

Page URL History Show full URLs

  1. https://gx-gu4.asia/ HTTP 302
    http://www.tw-123.net/ Page URL

Page Statistics

21
Requests

81 %
HTTPS

25 %
IPv6

4
Domains

9
Subdomains

8
IPs

3
Countries

163 kB
Transfer

398 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gx-gu4.asia/ HTTP 302
    http://www.tw-123.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.tw-123.net/
Redirect Chain
  • https://gx-gu4.asia/
  • http://www.tw-123.net/
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.tw-123.net/
Protocol
HTTP/1.1
Server
43.132.105.108 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
e36c13b3c5376810a24121f2f36c91ea7fc7939ea24f4e94c4722034cfb1328d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
3784
Content-Type
text/html
Date
Wed, 28 Dec 2022 06:56:57 GMT
ETag
"b9ceb9558400ef825d6af95f073d13f5"
Last-Modified
Tue, 27 Dec 2022 03:02:25 GMT
Server
tencent-cos
x-cos-hash-crc64ecma
477278598305299921
x-cos-request-id
NjNhYmU4YjhfZjBhNmIwMDlfOWZkMV8zZDg0YThh

Redirect headers

content-length
267
content-type
text/html; charset=iso-8859-1
date
Wed, 28 Dec 2022 06:56:55 GMT
location
http://www.tw-123.net
server
Apache
geolocation.min.js
3gimg.qq.com/lightmap/components/geolocation/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3gimg.qq.com/lightmap/components/geolocation/geolocation.min.js
Requested by
Host: www.tw-123.net
URL: http://www.tw-123.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.28.164.142 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
TencentCOS /
Resource Hash
5ff20c933cd5f09d2c77f31298837ea649e0f9af4884abf25bc30b472f6dae9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 21:36:27 GMT
content-encoding
gzip
x-cos-object-type
normal
x-cache-lookup
Cache Hit
x-cos-storage-class
STANDARD_IA
content-length
1036
x-cos-hash-crc64ecma
9793051263248070416
last-modified
Sat, 12 Mar 2022 22:55:19 GMT
server
TencentCOS
etag
"59e2e449d14a32b45e8a80032d262d8fe012255e"
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
x-nws-log-uuid
15407892894205985472
accept-ranges
bytes
ip
0.0.0.0
access-control-allow-headers
*
qr.jpg
www.tw-123.net/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tw-123.net/qr.jpg
Requested by
Host: www.tw-123.net
URL: http://www.tw-123.net/
Protocol
HTTP/1.1
Server
43.132.105.108 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
460053968b0c80d8ce4d10d6990a76811e7fd59bcf6875b5db7f36ca5e9bca78

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 28 Dec 2022 06:56:57 GMT
x-cos-hash-crc64ecma
6517538613803924648
Last-Modified
Sun, 25 Dec 2022 13:17:41 GMT
Server
tencent-cos
ETag
"580316414451168610e1fd30fd0e6231"
Content-Type
image/jpeg
x-cos-request-id
NjNhYmU4YjlfZjBhNmIwMDlfOWZjN18zZDE5ZGNj
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51940
geolocation
apis.map.qq.com/tools/ Frame 8CD6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apis.map.qq.com/tools/geolocation?key=5WFBZ-IAS3J-IK3FJ-FFHNY-NJSF2-LQFXZ&referer=h5
Requested by
Host: 3gimg.qq.com
URL: https://3gimg.qq.com/lightmap/components/geolocation/geolocation.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:97c:2f::7c , China, ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN),
Reverse DNS
Software
/
Resource Hash
c2a4753e52ef6163cb65d8b0a6261100fe22bc0bd28db138fc1d8a0c5ff2494a

Request headers

Referer
http://www.tw-123.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 28 Dec 2022 06:57:00 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Response-Time
6.239ms
1
tb.53kf.com/code/code/9007871/ 		161 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.53kf.com/code/code/9007871/1
Requested by
Host: www.tw-123.net
URL: http://www.tw-123.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.138.23.7 Central, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-23-7.compute.hwclouds-dns.com
Software
openresty /
Resource Hash
bdc45d9c3db84112c310f7593d37edb259366ae5f34ba62530cbd3abae0ca634

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 28 Dec 2022 06:57:00 GMT
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
Vary
Accept-Encoding
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
text/javascript; charset=utf-8
Cache-control
private
geolocation_c55a9bf.css
mapapi.qq.com/web/mapComponents/geoLocation/v/static/geolocation/static/css/ Frame 8CD6 		542 B
654 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mapapi.qq.com/web/mapComponents/geoLocation/v/static/geolocation/static/css/geolocation_c55a9bf.css
Requested by
Host: apis.map.qq.com
URL: https://apis.map.qq.com/tools/geolocation?key=5WFBZ-IAS3J-IK3FJ-FFHNY-NJSF2-LQFXZ&referer=h5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.136.85 -, , ASN (),
Reverse DNS
Software
X2S_Platform /
Resource Hash
ec491bc326e6802512dcc0b943bfdafa230e9ac5bf9b1f8e2659864d674b6925

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apis.map.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 06:57:02 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Thu, 10 Dec 2020 10:15:43 GMT
server
X2S_Platform
vary
Origin
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600
server_ip
203.205.136.85
x-nws-log-uuid
c9e9ab47-cb9b-4c52-bdfa-d790a29db92b
accept-ranges
bytes
content-length
339
expires
Wed, 28 Dec 2022 07:57:01 GMT
mod_0d3c97a.js
mapapi.qq.com/web/mapComponents/static/common/static/js/ Frame 8CD6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mapapi.qq.com/web/mapComponents/static/common/static/js/mod_0d3c97a.js
Requested by
Host: apis.map.qq.com
URL: https://apis.map.qq.com/tools/geolocation?key=5WFBZ-IAS3J-IK3FJ-FFHNY-NJSF2-LQFXZ&referer=h5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.136.85 -, , ASN (),
Reverse DNS
Software
X2S_Platform /
Resource Hash
740eaf1c2e167eadf0c8d0b1ba0ece9fbd2bea11b0ea1b5730e321dd295dee48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apis.map.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 06:57:02 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Thu, 03 Dec 2020 11:35:55 GMT
server
X2S_Platform
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
server_ip
203.205.136.85
x-nws-log-uuid
b09198f0-0f62-4d7d-a1f9-f71fa22cc0b7
accept-ranges
bytes
content-length
1990
expires
Wed, 28 Dec 2022 07:57:01 GMT
geolocation_libs_de092c0.js
mapapi.qq.com/web/mapComponents/geoLocation/v/static/geolocation/static/pkg/ Frame 8CD6 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mapapi.qq.com/web/mapComponents/geoLocation/v/static/geolocation/static/pkg/geolocation_libs_de092c0.js
Requested by
Host: apis.map.qq.com
URL: https://apis.map.qq.com/tools/geolocation?key=5WFBZ-IAS3J-IK3FJ-FFHNY-NJSF2-LQFXZ&referer=h5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.136.85 -, , ASN (),
Reverse DNS
Software
X2S_Platform /
Resource Hash
c7d642d73337e331ae47dc81f73e5953e7fcba1000215d8c8a19be504d7693f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apis.map.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 06:57:02 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Thu, 10 Dec 2020 10:15:45 GMT
server
X2S_Platform
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
server_ip
203.205.136.85
x-nws-log-uuid
6f9f89c7-9834-42db-9f3c-c5cb4f69dfdd
accept-ranges
bytes
content-length
8763
expires
Wed, 28 Dec 2022 07:57:01 GMT
sendacc.jsp
accwww8c1.53kf.com/ 		20 B
205 B 		Script
General
Check archive.org
Download Go to
Full URL
http://accwww8c1.53kf.com/sendacc.jsp?cmd=ACC&did=0&sid=12&company_id=70710876&guest_id=11692811693000&status=0&guest_name=&guest_ip=37.58.57.4&guest_ip_info=%E5%BE%B7%E5%9B%BD&area=%E6%B3%95%E5%85%B0%E5%85%8B%E7%A6%8F%2D%E6%B3%95%E5%85%B0%E5%85%8B%E7%A6%8F&from_page=&talk_page=http%3A%2F%2Fwww.tw-123.net%2F&kf_time=1672210620&bto_id6d=-99&time=1672210620759&ucust_id=&style=1&is_mobile=n&visitor_type=new&is_uv=1&browser=chrome&os=os_other&is_revisit=0&page_title=%E5%8F%B0%E5%8C%97%E8%B3%BC%E7%89%A9%E7%B6%B2%20-%20%E5%8F%B0%E5%8C%97%E9%83%B5%E8%B3%BC%20-%20%E9%A6%99%E6%B8%AF%E8%B3%BC%E7%89%A9%E7%B6%B2
Requested by
Host: tb.53kf.com
URL: https://tb.53kf.com/code/code/9007871/1
Protocol
HTTP/1.1
Server
61.130.25.210 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
70c7cda673633bdfe6dc8c288d7bfa3152b2bb05b030bd2d13661b5ab8dedd15

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 28 Dec 2022 06:57:01 GMT
Server
openresty
Connection
close
Content-Length
20
Content-Type
text/html;Charset=utf-8
mobile_icon_70710876_1.js
www8c1.53kf.com/custom/70710876/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www8c1.53kf.com/custom/70710876/mobile_icon_70710876_1.js?v=1669174000
Requested by
Host: tb.53kf.com
URL: https://tb.53kf.com/code/code/9007871/1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.130.25.210 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
245140e2e6dd71f79a4e3a28ef05caf50c095e6e9b3b52d1d1ae09320d9faaff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 06:57:01 GMT
content-encoding
gzip
last-modified
Wed, 23 Nov 2022 03:26:40 GMT
server
openresty
etag
W/"637d92f0-10d8"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=259200
expires
Sat, 31 Dec 2022 06:57:01 GMT
mobile_invite_70710876_1.js
www8c1.53kf.com/custom/70710876/ 		2 KB
782 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www8c1.53kf.com/custom/70710876/mobile_invite_70710876_1.js?v=1641796996
Requested by
Host: tb.53kf.com
URL: https://tb.53kf.com/code/code/9007871/1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.130.25.210 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
ca12e8db1fe26b302a480f99050dd272bb1442ca4b4acf0609801400bd933d37

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 06:57:01 GMT
content-encoding
gzip
last-modified
Mon, 10 Jan 2022 06:43:16 GMT
server
openresty
etag
W/"61dbd584-627"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=259200
expires
Sat, 31 Dec 2022 06:57:01 GMT
assign_worker_70710876_1.js
www8c1.53kf.com/custom/70710876/ 		187 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www8c1.53kf.com/custom/70710876/assign_worker_70710876_1.js?v=1537498828
Requested by
Host: tb.53kf.com
URL: https://tb.53kf.com/code/code/9007871/1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.130.25.210 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
8563bf94a0867ae94a2434d347231fe5dbc34253e2e8a044969a47892351e3f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 06:57:01 GMT
last-modified
Fri, 03 Sep 2021 11:46:45 GMT
server
openresty
etag
"61320b25-bb"
content-type
application/x-javascript
cache-control
max-age=259200
accept-ranges
bytes
content-length
187
expires
Sat, 31 Dec 2022 06:57:01 GMT
mobile_chat_70710876_1.js
www8c1.53kf.com/custom/70710876/ 		3 KB
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www8c1.53kf.com/custom/70710876/mobile_chat_70710876_1.js?v=1669174000
Requested by
Host: tb.53kf.com
URL: https://tb.53kf.com/code/code/9007871/1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.130.25.210 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
e11a3ce0c8ed8eb4871072fdcd7d84ff14db4412fcea12a8c62770898e8cdd28

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 06:57:01 GMT
content-encoding
gzip
last-modified
Wed, 23 Nov 2022 03:26:40 GMT
server
openresty
etag
W/"637d92f0-a2d"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=259200
expires
Sat, 31 Dec 2022 06:57:01 GMT
kf_new.php
www8c1.53kf.com/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www8c1.53kf.com/kf_new.php?style=1&arg=9007871&land_page=http%3A%2F%2Fwww.tw-123.net%2F&from_page=&guest_id=11692811693000&kf_sign=jIxMDMTY3MYyMDExNjkyODExNjkzMDAwNzA3MTA4NzY%3D&api_uuid=d511fd581d57bc0fa859a27c346732ef&uuid_53kf=fa89263021ae785c034b5e3d207f13a6&ip_long=624572676&time=1672210620761
Requested by
Host: tb.53kf.com
URL: https://tb.53kf.com/code/code/9007871/1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.130.25.210 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
75d3c55162176b55ec05d8311f42c5941c43affb3b478be5da9d627d44137d7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/javascript; charset=utf-8
date
Wed, 28 Dec 2022 06:57:02 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
kf_ivt_new.php
www8c1.53kf.com/ 		82 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www8c1.53kf.com/kf_ivt_new.php?kf_sign=jIxMDMTY3MYyMDExNjkyODExNjkzMDAwNzA3MTA4NzY=&arg=9007871&style=1&isonline=1&kfonline=1&lang=tw&resize=yes&charset=utf-8&kflist=off&kf=006,010&zdkf_type=1&lnk_overflow=0&callback_id6ds=5328017&guest_id=11692811693000&referer=http%3A%2F%2Fwww.tw-123.net%2F&keyword=&tpl_name=crystal_blue&tpl_width=800&tpl_height=600&uid=d511fd581d57bc0fa859a27c346732ef&is_group=&0.9383128151419127&talktitle=%E5%8F%B0%E5%8C%97%E8%B3%BC%E7%89%A9%E7%B6%B2%20-%20%E5%8F%B0%E5%8C%97%E9%83%B5%E8%B3%BC%20-%20%E9%A6%99%E6%B8%AF%E8%B3%BC%E7%89%A9%E7%B6%B2&uuid_53kf=fa89263021ae785c034b5e3d207f13a6&u_cust_id=&u_cust_name=&u_custom_info=
Requested by
Host: tb.53kf.com
URL: https://tb.53kf.com/code/code/9007871/1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.130.25.210 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
2efc70ec4a6f4fb59d2d5ea71b9ea71b48ee8b3c562678182cde862e138a0baf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/javascript; charset=utf-8
date
Wed, 28 Dec 2022 06:57:02 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Group_23.png
www8c1.53kf.com/style/setting/ver07/img/style_setting_icon/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www8c1.53kf.com/style/setting/ver07/img/style_setting_icon/Group_23.png
Requested by
Host: www.tw-123.net
URL: http://www.tw-123.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.130.25.210 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
5b26a67a3e50a878d7c72e9a4738d5c36a9e81d7bdb6055a1bbe730f8ad07307

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 06:57:02 GMT
last-modified
Wed, 12 Sep 2018 09:56:18 GMT
server
openresty
etag
"5b98e2c2-4433"
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
content-length
17459
expires
Sat, 31 Dec 2022 06:57:02 GMT
pingd
pr.map.qq.com/ Frame 8CD6 		43 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr.map.qq.com/pingd?appid=mc_geolocation&logid=pv&from=h5&referer=http%3A%2F%2Fwww.tw-123.net%2F&_ignore=61354&sw=1600&sh=1200&dpr=1
Requested by
Host: apis.map.qq.com
URL: https://apis.map.qq.com/tools/geolocation?key=5WFBZ-IAS3J-IK3FJ-FFHNY-NJSF2-LQFXZ&referer=h5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240d:c000:2010:1807:0:95aa:d331:c04c -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apis.map.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 28 Dec 2022 06:57:03 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ip
apis.map.qq.com/ws/location/v1/ Frame 8CD6 		185 B
420 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.map.qq.com/ws/location/v1/ip?callback=window._JSONP_callback.JSONP5044&ip=2&key=TKUBZ-D24AF-GJ4JY-JDVM2-IBYKK-KEBCU&output=jsonp&t=1672210622725
Requested by
Host: mapapi.qq.com
URL: https://mapapi.qq.com/web/mapComponents/geoLocation/v/static/geolocation/static/pkg/geolocation_libs_de092c0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:97c:2f::7c , China, ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN),
Reverse DNS
Software
/
Resource Hash
5b3d73284e6be21541a808e50d8e04405ae942721261e1a2dda509b6a688de95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apis.map.qq.com/tools/geolocation?key=5WFBZ-IAS3J-IK3FJ-FFHNY-NJSF2-LQFXZ&referer=h5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 28 Dec 2022 06:57:03 GMT
X-Limit
current_qps=23; limit_qps=1500; current_pv=9260753; limit_pv=100000000
Connection
keep-alive
Content-Length
185
Content-Type
application/javascript; charset=utf-8
pingd
pr.map.qq.com/ Frame 8CD6 		43 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr.map.qq.com/pingd?appid=mc_geolocation&logid=geolocation&from=h5&referer=http%3A%2F%2Fwww.tw-123.net%2F&_ignore=9594&type=temp&success=0&message=fail&loc_time=0.001
Requested by
Host: apis.map.qq.com
URL: https://apis.map.qq.com/tools/geolocation?key=5WFBZ-IAS3J-IK3FJ-FFHNY-NJSF2-LQFXZ&referer=h5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240d:c000:2010:1807:0:95aa:d331:c04c -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://apis.map.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 28 Dec 2022 06:57:03 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
mobile_53kf_1512306410.png
www8c1.53kf.com/img/upload/9007871/mobile/temp/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www8c1.53kf.com/img/upload/9007871/mobile/temp/mobile_53kf_1512306410.png
Requested by
Host: www.tw-123.net
URL: http://www.tw-123.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.130.25.210 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
3e764aef945cb9f6ef945e59a6d74ea6686af660feff4e769216994d7e564540

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.tw-123.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 06:57:03 GMT
last-modified
Fri, 03 Sep 2021 11:46:44 GMT
server
openresty
etag
"61320b24-11ce"
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
content-length
4558
expires
Sat, 31 Dec 2022 06:57:03 GMT
jquery-1.4.2.flp.js
www8c1.53kf.com/minkh/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www8c1.53kf.com
URL
https://www8c1.53kf.com/minkh/js/jquery-1.4.2.flp.js?20121127002

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| qq object| soso object| geolocation object| options function| showPosition function| showErr function| check_lang string| facilitator_id string| local_cookie string| information_switch string| acc_host string| companyid string| hz6d_guest_ip string| ipstr string| areastr string| ipContinent number| in_timestamp string| hz6d_guest_id string| hz6d_style_id string| hz6d_alias_host object| company_site number| mnone string| hz6d_device string| get_gdt_openid string| kf_sign string| cloud_service string| user_u_cust_id string| user_u_cust_name string| user_u_custom_info undefined| local_guest_id string| lua_uuid_53kf string| force_kf undefined| android_guest_id string| http_pro function| hz6d_html_replace function| hz6d_is_exist function| hz6d_is_exists boolean| hasdoctype function| detectBrowser function| smoothMove string| browser function| setIsinvited function| set53gidCookie undefined| hz6d_53gid2 undefined| hz6d_53gid0 undefined| hz6d_53gid1 number| is_revisit string| hz6d_from_page string| hz6d_now_host function| getHz6dReferer undefined| hz6d_from_page_referer undefined| hz6d_from_page_host undefined| hz6d_now_hosts_string undefined| hz6d_now_hosts string| uuid_53kf string| acc_browser string| acc_os string| hz6d_land_page boolean| in_site string| talk_page_now string| talk_page boolean| is_null undefined| p number| acc_first_time boolean| acc_get_force function| hz6d_sendACC undefined| gdt_time undefined| gdt_url object| head object| script boolean| done number| onliner_zdfq function| $53 boolean| ret string| hz6d_from_page_new string| kf_70710876_land_page_ok string| id_creared_53app object| _53App

10 Cookies

Domain/Path Name / Value
.www.tw-123.net/ Name: 53gid2
Value: 11692811693000
.www.tw-123.net/ Name: visitor_type
Value: new
.www.tw-123.net/ Name: 53gid0
Value: 11692811693000
.www.tw-123.net/ Name: 53gid1
Value: 11692811693000
.www.tw-123.net/ Name: 53revisit
Value: 1672210620756
.www.tw-123.net/ Name: 53kf_70710876_from_host
Value: www.tw-123.net
.www.tw-123.net/ Name: 53kf_70710876_keyword
Value:
.www.tw-123.net/ Name: uuid_53kf_70710876
Value: fa89263021ae785c034b5e3d207f13a6
.www.tw-123.net/ Name: 53kf_70710876_land_page
Value: http%253A%252F%252Fwww.tw-123.net%252F
.www.tw-123.net/ Name: kf_70710876_land_page_ok
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3gimg.qq.com
accwww8c1.53kf.com
apis.map.qq.com
gx-gu4.asia
mapapi.qq.com
pr.map.qq.com
tb.53kf.com
www.tw-123.net
www8c1.53kf.com
www8c1.53kf.com
119.28.164.142
159.138.23.7
196.247.28.75
203.205.136.85
240d:c000:2010:1807:0:95aa:d331:c04c
240e:97c:2f::7c
43.132.105.108
61.130.25.210
245140e2e6dd71f79a4e3a28ef05caf50c095e6e9b3b52d1d1ae09320d9faaff
2efc70ec4a6f4fb59d2d5ea71b9ea71b48ee8b3c562678182cde862e138a0baf
3e764aef945cb9f6ef945e59a6d74ea6686af660feff4e769216994d7e564540
460053968b0c80d8ce4d10d6990a76811e7fd59bcf6875b5db7f36ca5e9bca78
5b26a67a3e50a878d7c72e9a4738d5c36a9e81d7bdb6055a1bbe730f8ad07307
5b3d73284e6be21541a808e50d8e04405ae942721261e1a2dda509b6a688de95
5ff20c933cd5f09d2c77f31298837ea649e0f9af4884abf25bc30b472f6dae9f
70c7cda673633bdfe6dc8c288d7bfa3152b2bb05b030bd2d13661b5ab8dedd15
740eaf1c2e167eadf0c8d0b1ba0ece9fbd2bea11b0ea1b5730e321dd295dee48
75d3c55162176b55ec05d8311f42c5941c43affb3b478be5da9d627d44137d7f
8563bf94a0867ae94a2434d347231fe5dbc34253e2e8a044969a47892351e3f1
bdc45d9c3db84112c310f7593d37edb259366ae5f34ba62530cbd3abae0ca634
c2a4753e52ef6163cb65d8b0a6261100fe22bc0bd28db138fc1d8a0c5ff2494a
c7d642d73337e331ae47dc81f73e5953e7fcba1000215d8c8a19be504d7693f9
ca12e8db1fe26b302a480f99050dd272bb1442ca4b4acf0609801400bd933d37
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e11a3ce0c8ed8eb4871072fdcd7d84ff14db4412fcea12a8c62770898e8cdd28
e36c13b3c5376810a24121f2f36c91ea7fc7939ea24f4e94c4722034cfb1328d
ec491bc326e6802512dcc0b943bfdafa230e9ac5bf9b1f8e2659864d674b6925