urlscan.io logo urlscan.io
SecurityTrails logo

thdcyp-1312109307.cos.ap-chengdu.myqcloud.com Open in urlscan Pro
183.66.100.53  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u.qushaia.cn/289c
Effective URL: https://thdcyp-1312109307.cos.ap-chengdu.myqcloud.com/sg.html?appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&adslotId=433989&
Submission: On July 03 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 6 domains to perform 4 HTTP transactions. The main IP is 183.66.100.53, located in China and belongs to CHINATELECOM-CHONGQING-IDC Chongqing Telecom, CN. The main domain is thdcyp-1312109307.cos.ap-chengdu.myqcloud.com.
TLS certificate: Issued by GlobalSign Organization Validation CA... on March 7th 2023. Valid for: a year.
This is the only time thdcyp-1312109307.cos.ap-chengdu.myqcloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 47.111.36.14 37963 (ALIBABA-C...)
2 2 120.26.53.4 37963 (ALIBABA-C...)
1 183.66.100.53 134420 (CHINATELE...)
1 240e:c3:2c00:... 63838 (CT-HUNAN-...)
1 116.177.242.225 ()
4 4
2    47.111.36.14 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
u.qushaia.cn
2    120.26.53.4 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
domain.haoxuexiba.cn
1    183.66.100.53 (China)

ASN134420 (CHINATELECOM-CHONGQING-IDC Chongqing Telecom, CN)
thdcyp-1312109307.cos.ap-chengdu.myqcloud.com
1    240e:c3:2c00:303::71db:8e23 (China)

ASN63838 (CT-HUNAN-HENGYANG-IDC Hengyang, CN)
statres.quickapp.cn
1    116.177.242.225 (None, )

ASN- ()
yun.dui88.com
Apex Domain
Subdomains		 Transfer
2 haoxuexiba.cn
domain.haoxuexiba.cn
421 B
2 qushaia.cn
u.qushaia.cn
284 B
1 dui88.com
yun.dui88.com
4 KB
1 quickapp.cn
statres.quickapp.cn — Cisco Umbrella Rank: 89188
3 KB
1 myqcloud.com
thdcyp-1312109307.cos.ap-chengdu.myqcloud.com
2 KB
0 oldbiga1.cn Failed
activity8.oldbiga1.cn Failed
4 6
Domain Requested by
2 domain.haoxuexiba.cn 2 redirects
2 u.qushaia.cn 2 redirects
1 yun.dui88.com thdcyp-1312109307.cos.ap-chengdu.myqcloud.com
1 statres.quickapp.cn thdcyp-1312109307.cos.ap-chengdu.myqcloud.com
1 thdcyp-1312109307.cos.ap-chengdu.myqcloud.com
0 activity8.oldbiga1.cn Failed yun.dui88.com
4 6

This site contains no links.

Subject Issuer Validity Valid
*.cos.ap-chengdu.myqcloud.com
GlobalSign Organization Validation CA - SHA256 - G3		 2023-03-07 -
2024-04-07		 a year crt.sh
*.quickapp.cn
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-04-18 -
2024-04-23		 a year crt.sh
*.dui88.com
WoTrus DV Server CA [Run by the Issuer]		 2023-06-12 -
2024-06-11		 a year crt.sh

This page contains 1 frames:

Frame: https://activity8.oldbiga1.cn/activity/index?id=34235&slotId=433989&login=normal&appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&deviceId=1c29ee78-45b1-415a-8dba-eef1457d31e6&dsm=1.433989.0.0&dsm2=1.433989.2.34235&tenter=SOW&subActivityWay=1&tck_rid_6c8=0adcef05lj5aloaw-24733849&tck_loc_c5d=tactivity-34235&dcm=401.433989.0.0&netType=2&tenter=SOW&visType=0&specialType=0&sourcePage=34235&deviceIdType=2&formUserId=null&isTestActivityType=0&userType=1&ep=FNzMSzXBuFEUV2GxlIGfbX4lHeiRVkLlFlYax7LOh3gwo332iArm5OILDZaB5La7lUQM5LWP3YeJ_Ghy4M_ZYQ==&iframe=1&openStyleType=2513&sign=8DC9686F32811F9E43665CB1EABE7B16
Frame ID: E190DD4ECF766EC79D011E34B26F48E6
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://u.qushaia.cn/289c HTTP 302
    https://u.qushaia.cn/289c?us_ts_tmp_=1688374366419 HTTP 301
    http://domain.haoxuexiba.cn/lookup/s?shortUk=289c HTTP 307
    https://domain.haoxuexiba.cn/lookup/s?shortUk=289c HTTP 302
    https://thdcyp-1312109307.cos.ap-chengdu.myqcloud.com/sg.html?appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&adslotId=433989& Page URL

Page Statistics

4
Requests

75 %
HTTPS

20 %
IPv6

6
Domains

6
Subdomains

4
IPs

1
Countries

8 kB
Transfer

16 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u.qushaia.cn/289c HTTP 302
    https://u.qushaia.cn/289c?us_ts_tmp_=1688374366419 HTTP 301
    http://domain.haoxuexiba.cn/lookup/s?shortUk=289c HTTP 307
    https://domain.haoxuexiba.cn/lookup/s?shortUk=289c HTTP 302
    https://thdcyp-1312109307.cos.ap-chengdu.myqcloud.com/sg.html?appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&adslotId=433989& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://engine.tuia.cn/index/activity?appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&adslotId=433989&&deviceId=1c29ee78-45b1-415a-8dba-eef1457d31e6 HTTP 302
  • https://activity8.oldbiga1.cn/activity/index?id=34235&slotId=433989&login=normal&appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&deviceId=1c29ee78-45b1-415a-8dba-eef1457d31e6&dsm=1.433989.0.0&dsm2=1.433989.2.34235&tenter=SOW&subActivityWay=1&tck_rid_6c8=0adcef05lj5aloaw-24733849&tck_loc_c5d=tactivity-34235&dcm=401.433989.0.0&netType=2&tenter=SOW&visType=0&specialType=0&sourcePage=34235&deviceIdType=2&formUserId=null&isTestActivityType=0&userType=1&ep=FNzMSzXBuFEUV2GxlIGfbX4lHeiRVkLlFlYax7LOh3gwo332iArm5OILDZaB5La7lUQM5LWP3YeJ_Ghy4M_ZYQ==&iframe=1&openStyleType=2513&sign=8DC9686F32811F9E43665CB1EABE7B16

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sg.html
thdcyp-1312109307.cos.ap-chengdu.myqcloud.com/
Redirect Chain
  • https://u.qushaia.cn/289c
  • https://u.qushaia.cn/289c?us_ts_tmp_=1688374366419
  • http://domain.haoxuexiba.cn/lookup/s?shortUk=289c
  • https://domain.haoxuexiba.cn/lookup/s?shortUk=289c
  • https://thdcyp-1312109307.cos.ap-chengdu.myqcloud.com/sg.html?appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&adslotId=433989&
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thdcyp-1312109307.cos.ap-chengdu.myqcloud.com/sg.html?appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&adslotId=433989&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.66.100.53 , China, ASN134420 (CHINATELECOM-CHONGQING-IDC Chongqing Telecom, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
6cca0a2fc5b6faa7803c85b43cb5ecf4713c419182abc03c0067ce7122639d9b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
1288
Content-Type
text/html
Date
Mon, 03 Jul 2023 08:52:56 GMT
ETag
"c0843bfc676882b235918dfbf38eac1a"
Last-Modified
Wed, 14 Jun 2023 03:22:36 GMT
Server
tencent-cos
x-cos-hash-crc64ecma
12983100110330408374
x-cos-request-id
NjRhMjhjNjhfYWUxZjYzNjRfZGFiOF8xYzIzNGQy

Redirect headers

content-length
0
date
Mon, 03 Jul 2023 08:52:53 GMT
location
https://thdcyp-1312109307.cos.ap-chengdu.myqcloud.com/sg.html?appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&adslotId=433989&
server
Archer
x-profile
prodvpc
x-service-id
MICRO-US-DOMAIN-WEB
routerinline.min.js
statres.quickapp.cn/quickapp/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statres.quickapp.cn/quickapp/js/routerinline.min.js
Requested by
Host: thdcyp-1312109307.cos.ap-chengdu.myqcloud.com
URL: https://thdcyp-1312109307.cos.ap-chengdu.myqcloud.com/sg.html?appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&adslotId=433989&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:c3:2c00:303::71db:8e23 , China, ASN63838 (CT-HUNAN-HENGYANG-IDC Hengyang, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
41ee5d69a63eba07b8efa22b0129f49e548e4bfbcd671f75f6a671b1aabb4b6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thdcyp-1312109307.cos.ap-chengdu.myqcloud.com/sg.html?appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&adslotId=433989&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Ohc-File-Size
7510
Date
Mon, 03 Jul 2023 08:53:01 GMT
Content-Encoding
br
Ohc-Cache-HIT
chenzct83 [2]
Last-Modified
Wed, 31 May 2023 02:25:44 GMT
Server
JSP3/2.0.14
Age
87707
ETag
"6476b028-1d56"
X-Cache-Status
HIT
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://admin.quickapp.cn
Connection
keep-alive
Accept-Ranges
bytes
Ohc-Global-Saved-Time
Sun, 02 Jul 2023 08:31:14 GMT
silverlining.min.js
yun.dui88.com/h5-mami/activity/wx/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yun.dui88.com/h5-mami/activity/wx/silverlining.min.js?19541
Requested by
Host: thdcyp-1312109307.cos.ap-chengdu.myqcloud.com
URL: https://thdcyp-1312109307.cos.ap-chengdu.myqcloud.com/sg.html?appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&adslotId=433989&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.177.242.225 -, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
6d9d0824c49eee0d6b5c1da5c614523346dc15b8ad82f121a5b715c3576a1cf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thdcyp-1312109307.cos.ap-chengdu.myqcloud.com/sg.html?appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&adslotId=433989&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 09:17:24 GMT
content-encoding
gzip
x-oss-request-id
649E9DA45878D2383195CFE6
x-cache-lookup
Cache Hit
content-md5
HaH4vdJqtMmSX63TvCueLQ==
content-length
3203
x-oss-object-type
Normal
last-modified
Fri, 31 Mar 2023 09:06:23 GMT
server
AliyunOSS
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Range
cache-control
max-age=31536000
x-oss-storage-class
Standard
x-nws-log-uuid
3513749329578642450
accept-ranges
bytes
x-oss-hash-crc64ecma
6593329724321096342
access-control-allow-headers
Content-Length,Range
x-oss-server-time
11
index
activity8.oldbiga1.cn/activity/
Redirect Chain
  • https://engine.tuia.cn/index/activity?appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&adslotId=433989&&deviceId=1c29ee78-45b1-415a-8dba-eef1457d31e6
  • https://activity8.oldbiga1.cn/activity/index?id=34235&slotId=433989&login=normal&appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&deviceId=1c29ee78-45b1-415a-8dba-eef1457d31e6&dsm=1.433989.0.0&dsm2=1.433989.2.3...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
activity8.oldbiga1.cn
URL
https://activity8.oldbiga1.cn/activity/index?id=34235&slotId=433989&login=normal&appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&deviceId=1c29ee78-45b1-415a-8dba-eef1457d31e6&dsm=1.433989.0.0&dsm2=1.433989.2.34235&tenter=SOW&subActivityWay=1&tck_rid_6c8=0adcef05lj5aloaw-24733849&tck_loc_c5d=tactivity-34235&dcm=401.433989.0.0&netType=2&tenter=SOW&visType=0&specialType=0&sourcePage=34235&deviceIdType=2&formUserId=null&isTestActivityType=0&userType=1&ep=FNzMSzXBuFEUV2GxlIGfbX4lHeiRVkLlFlYax7LOh3gwo332iArm5OILDZaB5La7lUQM5LWP3YeJ_Ghy4M_ZYQ==&iframe=1&openStyleType=2513&sign=8DC9686F32811F9E43665CB1EABE7B16

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| appRouter function| installShortcut function| channelReady

0 Cookies