921895.com Open in urlscan Pro
27.0.235.160 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bet895222222.com/
Effective URL:
https://921895.com/r/895829.com
Submission: On November 29 via automatic, source openphish (November 29th 2024, 1:24:49 pm UTC) — Scanned from NZ

Summary HTTP 33 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 11 domains to perform 33 HTTP transactions. The main IP is 27.0.235.160, located in Noida, India and belongs to ANTBOX1-AS-AP Antbox Networks Limited, HK. The main domain is 921895.com.
TLS certificate: Issued by R11 on September 4th 2024. Valid for: 3 months.

This is the only time 921895.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	144.48.83.25 144.48.83.25	138995 (ANTBOX1-A...) (ANTBOX1-AS-AP Antbox Networks Limited)
2	43.199.118.118 43.199.118.118	16509 (AMAZON-02) (AMAZON-02)
1	104.193.90.94 104.193.90.94	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	154.198.53.47 154.198.53.47	138995 (ANTBOX1-A...) (ANTBOX1-AS-AP Antbox Networks Limited)
1	103.244.226.202 103.244.226.202	138995 (ANTBOX1-A...) (ANTBOX1-AS-AP Antbox Networks Limited)
2	27.0.235.49 27.0.235.49	138995 (ANTBOX1-A...) (ANTBOX1-AS-AP Antbox Networks Limited)
1	45.194.36.61 45.194.36.61	138995 (ANTBOX1-A...) (ANTBOX1-AS-AP Antbox Networks Limited)
20	27.0.235.160 27.0.235.160	138995 (ANTBOX1-A...) (ANTBOX1-AS-AP Antbox Networks Limited)
1	27.0.235.55 27.0.235.55	138995 (ANTBOX1-A...) (ANTBOX1-AS-AP Antbox Networks Limited)
4	2606:4700:303... 2606:4700:3030::ac43:c221	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	9

1 144.48.83.25 (Hobart, Australia) 1 redirects

ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK)

bet895222222.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 43.199.118.118 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-199-118-118.ap-east-1.compute.amazonaws.com

895829.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.193.90.94 (United States)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

code.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.198.53.47 (Seychelles)

ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK)

115895.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.244.226.202 (Hong Kong, Hong Kong)

ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK)
PTR: undefined.hostname.localhost

622895.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 27.0.235.49 (Noida, India)

ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK)

268895.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
921895.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.194.36.61 (Ashburn, United States)

ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK)

182895.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 27.0.235.160 (Noida, India)

ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK)

166895.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
921895.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 27.0.235.55 (Noida, India)

ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK)

895116.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3030::ac43:c221 (United States)

ASN13335 (CLOUDFLARENET, US)

img2.thethsdnadagvx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	921895.com 921895.com	577 KB
4	thethsdnadagvx.com img2.thethsdnadagvx.com	307 KB
2	895829.com 895829.com	7 KB
1	895116.com 895116.com	97 B
1	166895.com 166895.com	97 B
1	182895.com 182895.com	97 B
1	268895.com 268895.com	97 B
1	622895.com 622895.com	97 B
1	115895.com 115895.com	97 B
1	bdstatic.com code.bdstatic.com — Cisco Umbrella Rank: 114230	32 KB
1	bet895222222.com 1 redirects bet895222222.com	161 B
33	11

	Domain	Requested by
20	921895.com	code.bdstatic.com 895829.com 921895.com
4	img2.thethsdnadagvx.com	921895.com
2	895829.com
1	895116.com	code.bdstatic.com
1	166895.com	code.bdstatic.com
1	182895.com	code.bdstatic.com
1	268895.com	code.bdstatic.com
1	622895.com	code.bdstatic.com
1	115895.com	code.bdstatic.com
1	code.bdstatic.com	895829.com
1	bet895222222.com	1 redirects
33	11

This site contains links to these domains. Also see Links.

Domain
psowoexvd.mvqkc0aww1o.com

Subject Issuer	Validity	Valid
895829.com R11	`2024-11-09` - `2025-02-07`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2024-07-08` - `2025-08-09`	a year	crt.sh
115895.com ZeroSSL RSA Domain Secure Site CA	`2024-09-09` - `2024-12-08`	3 months	crt.sh
182895.com R11	`2024-11-24` - `2025-02-22`	3 months	crt.sh
268895.com R11	`2024-09-20` - `2024-12-19`	3 months	crt.sh
166895.com R11	`2024-09-04` - `2024-12-03`	3 months	crt.sh
img2.thethsdnadagvx.com WE1	`2024-10-13` - `2025-01-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://921895.com/r/895829.com
Frame ID: 198EA908A5D726DB5D162B15E72B756A
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bet895222222.com/ HTTP 307
https://bet895222222.com/ HTTP 307
http://bet895222222.com/ HTTP 307
http://895829.com/ HTTP 307
https://895829.com/ Page URL
https://921895.com/r/895829.com Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

100 %
HTTPS

10 %
IPv6

11
Domains

11
Subdomains

9
IPs

5
Countries

923 kB
Transfer

985 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://psowoexvd.mvqkc0aww1o.com/chatwindow.aspx?siteId=65001356&planId=2fe05ed5-608b-4089-974c-76d20898de62
Title: 联系客服

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bet895222222.com/ HTTP 307
https://bet895222222.com/ HTTP 307
http://bet895222222.com/ HTTP 307
http://895829.com/ HTTP 307
https://895829.com/ Page URL
https://921895.com/r/895829.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://bet895222222.com/ HTTP 307
https://bet895222222.com/ HTTP 307
http://bet895222222.com/ HTTP 307
http://895829.com/ HTTP 307
https://895829.com/

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
895829.com/
Redirect Chain

http://bet895222222.com/
https://bet895222222.com/
http://bet895222222.com/
http://895829.com/
https://895829.com/

9 KB
4 KB

1016ms
204ms

Document
text/html

43.199.118.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://895829.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.199.118.118 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-199-118-118.ap-east-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 47f122608040eb89ee6356acaec2f42c70887ecb48f7c43122b1b2468cf9e114

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 29 Nov 2024 13:24:40 GMT
ETag: W/"e1ac6c5f38d68791b48c8bd928551a4e"
Expires: 0
Last-Modified: Thu, 28 Nov 2024 23:32:01 GMT
Pragma: no-cache
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: sF1DHUbU04cHSsDQh2oHW93njfnaB5ShSXNcTzM7FRrvjzY3YDuAimiI48wCMAV31+7LKZuuF1bZaxzX3pCeoOo04hjrCwhK
x-amz-request-id: TZVBT5Q861Q4YNC5
x-amz-server-side-encryption: AES256

Redirect headers

Location: https://895829.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 jquery.min.js Show response
code.bdstatic.com/npm/jquery@3.6.0/dist/ 87 KB
32 KB 2904ms
270ms Script
application/javascript 104.193.90.94
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://code.bdstatic.com/npm/jquery@3.6.0/dist/jquery.min.js

Requested by

Host: 895829.com
URL: https://895829.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.193.90.94 , United States, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

JSP3/2.0.14 / Express

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://895829.com/

Response headers

content-md5: j7j+5PzDzIb/bHJBVMScQg==
access-control-expose-headers: *
content-encoding: br
etag: 8fb8fee4fcc3cc86ff6c724154c49c42
age: 103534
ohc-cache-hit: iad01-sys-jomo2.iad01.baidu.com [2]
x-content-type-options: nosniff
date: Fri, 29 Nov 2024 13:24:43 GMT
content-type: application/javascript; charset=utf-8
x-storage-trace-id: fd284f7e-8bae-47b9-8c86-7d7b77fda102
ohc-file-size: 89501
x-cache-status: HIT
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
ohc-global-saved-time: Tue, 19 Nov 2024 13:59:02 GMT
x-powered-by: Express
server: JSP3/2.0.14

GET
H2 200 check Show response
115895.com/ 2 B
97 B 1045ms
180ms Script
text/plain 154.198.53.47
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to

Full URL: https://115895.com/check?callback=OK&_=1732886683910
Requested by: Host: code.bdstatic.com
URL: https://code.bdstatic.com/npm/jquery@3.6.0/dist/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.198.53.47 , Seychelles, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://895829.com/

Response headers

access-control-allow-origin: *
x-cache: BYPASS
content-length: 2
date: Fri, 29 Nov 2024 13:24:44 GMT
content-type: text/plain;charset=UTF-8
server: openresty

GET
H2 200 check Show response
622895.com/ 2 B
97 B 1041ms
181ms Script
text/plain 103.244.226.202
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to

Full URL: https://622895.com/check?callback=OK&_=1732886683911
Requested by: Host: code.bdstatic.com
URL: https://code.bdstatic.com/npm/jquery@3.6.0/dist/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.244.226.202 Hong Kong, Hong Kong, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS: undefined.hostname.localhost
Software: openresty /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://895829.com/

Response headers

access-control-allow-origin: *
x-cache: BYPASS
content-length: 2
date: Fri, 29 Nov 2024 13:24:44 GMT
content-type: text/plain;charset=UTF-8
server: openresty

GET
H2 200 check Show response
268895.com/ 2 B
97 B 1055ms
178ms Script
text/plain 27.0.235.49
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to

Full URL: https://268895.com/check?callback=OK&_=1732886683912
Requested by: Host: code.bdstatic.com
URL: https://code.bdstatic.com/npm/jquery@3.6.0/dist/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.49 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://895829.com/

Response headers

access-control-allow-origin: *
x-cache: BYPASS
content-length: 2
date: Fri, 29 Nov 2024 13:24:44 GMT
content-type: text/plain;charset=UTF-8
server: openresty

GET
H2 200 check Show response
182895.com/ 2 B
97 B 1016ms
182ms Script
text/plain 45.194.36.61
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to

Full URL: https://182895.com/check?callback=OK&_=1732886683913
Requested by: Host: code.bdstatic.com
URL: https://code.bdstatic.com/npm/jquery@3.6.0/dist/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.194.36.61 Ashburn, United States, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://895829.com/

Response headers

access-control-allow-origin: *
x-cache: BYPASS
content-length: 2
date: Fri, 29 Nov 2024 13:24:44 GMT
content-type: text/plain;charset=UTF-8
server: openresty

GET
H2 200 check Show response
166895.com/ 2 B
97 B 1015ms
181ms Script
text/plain 27.0.235.160
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to

Full URL: https://166895.com/check?callback=OK&_=1732886683914
Requested by: Host: code.bdstatic.com
URL: https://code.bdstatic.com/npm/jquery@3.6.0/dist/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.160 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://895829.com/

Response headers

access-control-allow-origin: *
x-cache: BYPASS
content-length: 2
date: Fri, 29 Nov 2024 13:24:44 GMT
content-type: text/plain;charset=UTF-8
server: openresty

GET
H2 200 check Show response
895116.com/ 2 B
97 B 1023ms
182ms Script
text/plain 27.0.235.55
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to

Full URL: https://895116.com/check?callback=OK&_=1732886683915
Requested by: Host: code.bdstatic.com
URL: https://code.bdstatic.com/npm/jquery@3.6.0/dist/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.55 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://895829.com/

Response headers

access-control-allow-origin: *
x-cache: BYPASS
content-length: 2
date: Fri, 29 Nov 2024 13:24:44 GMT
content-type: text/plain;charset=UTF-8
server: openresty

GET
H2 200 check Show response
921895.com/ 2 B
97 B 951ms
181ms Script
text/plain 27.0.235.49
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to

Full URL: https://921895.com/check?callback=OK&_=1732886683916
Requested by: Host: code.bdstatic.com
URL: https://code.bdstatic.com/npm/jquery@3.6.0/dist/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.49 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://895829.com/

Response headers

access-control-allow-origin: *
x-cache: BYPASS
content-length: 2
date: Fri, 29 Nov 2024 13:24:44 GMT
content-type: text/plain;charset=UTF-8
server: openresty

GET
H/1.1 200
OK favicon.ico
895829.com/ 9 KB
4 KB 202ms
202ms Other
text/html 43.199.118.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://895829.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.199.118.118 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-199-118-118.ap-east-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 47f122608040eb89ee6356acaec2f42c70887ecb48f7c43122b1b2468cf9e114

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://895829.com/

Response headers

Transfer-Encoding: chunked
x-amz-server-side-encryption: AES256
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Content-Encoding: gzip
ETag: W/"e1ac6c5f38d68791b48c8bd928551a4e"
Pragma: no-cache
Connection: keep-alive
x-amz-request-id: D72X3BEBJF91DYRQ
Expires: 0
Date: Fri, 29 Nov 2024 13:24:45 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: openresty
Last-Modified: Thu, 28 Nov 2024 23:32:01 GMT
x-amz-id-2: 30rVxtoWKCYaL7MW9EnuX20mI8E+qK8Ajtomjj5P3yO6VD+aYB3VC/S2xiHuoXUVg+p7UEoWwLA=

GET
H2 200 Primary Request 895829.com Show response
921895.com/r/ 7 KB
7 KB 543ms
194ms Document
text/html 27.0.235.160
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to

Full URL: https://921895.com/r/895829.com
Requested by: Host: 895829.com
URL: https://895829.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.160 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: cb9d6a550433ad8f22e2846b686a9f80013e9a50362cfb92d523f2b272bcbe95

Request headers

Referer: https://895829.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
content-language: en-NZ
content-type: text/html;charset=utf-8
date: Fri, 29 Nov 2024 13:24:46 GMT
server: openresty
x-cache: BYPASS

GET
H2 200 reset.css
921895.com/xss/download/tp04/css/ 1 KB
1 KB 174ms
172ms Stylesheet
text/css 27.0.235.160
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to

Full URL: https://921895.com/xss/download/tp04/css/reset.css?v=2024045
Requested by: Host: 921895.com
URL: https://921895.com/r/895829.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.160 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 5abbd993158cc7b1771bad5fac9ca41e20eb31059297d88c6d5d51dba7c175e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://921895.com/r/895829.com

Response headers

cache-control: max-age=86400
etag: "1732883043"
expires: Sat, 30 Nov 2024 12:24:03 GMT
accept-ranges: bytes
x-proxy-cache: HIT
x-cache: HIT, policy, disk
content-length: 1220
date: Fri, 29 Nov 2024 12:24:03 GMT
content-type: text/css
last-modified: Fri, 29 Nov 2024 12:24:03 GMT
server: openresty
vary: Access-Control-Request-Headers

GET
H2 200 style.css
921895.com/xss/download/tp04/css/ 16 KB
16 KB 172ms
171ms Stylesheet
text/css 27.0.235.160
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to

Full URL: https://921895.com/xss/download/tp04/css/style.css?v=2024045
Requested by: Host: 921895.com
URL: https://921895.com/r/895829.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.160 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: a2101dd92784f4ec4a2dfa17f66663135a121ca3fdf4a6011718ac7ea8b607d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://921895.com/r/895829.com

Response headers

cache-control: max-age=86400
etag: "1732883043"
expires: Sat, 30 Nov 2024 12:24:03 GMT
accept-ranges: bytes
x-proxy-cache: HIT
x-cache: HIT, policy, disk
content-length: 16651
date: Fri, 29 Nov 2024 12:24:03 GMT
content-type: text/css
last-modified: Fri, 29 Nov 2024 12:24:03 GMT
server: openresty
vary: Access-Control-Request-Headers

GET
H2 200 loading.css
921895.com/xss/css/ 2 KB
2 KB 174ms
173ms Stylesheet
text/css 27.0.235.160
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to

Full URL: https://921895.com/xss/css/loading.css?v=2024045
Requested by: Host: 921895.com
URL: https://921895.com/r/895829.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.160 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 1af6febf41f3039f9ed004994d6fe85e4c7e3e0949c3a006caf74138d20ebbd0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://921895.com/r/895829.com

Response headers

cache-control: max-age=86400
etag: "1732883043"
expires: Sat, 30 Nov 2024 12:24:03 GMT
accept-ranges: bytes
x-proxy-cache: HIT
x-cache: HIT, policy, disk
content-length: 1876
date: Fri, 29 Nov 2024 12:24:03 GMT
content-type: text/css
last-modified: Fri, 29 Nov 2024 12:24:03 GMT
server: openresty
vary: Access-Control-Request-Headers

GET
H2 200 d75549f2-45f2-481d-bfa8-b647490109bd.png
img2.thethsdnadagvx.com/gameplat-cms/ 186 KB
186 KB 384ms
308ms Image
image/png 2606:4700:3030::ac43:c221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.thethsdnadagvx.com/gameplat-cms/d75549f2-45f2-481d-bfa8-b647490109bd.png
Requested by: Host: 921895.com
URL: https://921895.com/r/895829.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b02e55e70982d8dbaf11f9743d36d69bef68fd35b89db2823018d04831d11151

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://921895.com/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "dcbcd83fb275c2fc2f29359116a70b03"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FQqYx%2FVZrzLbHN4cKLWgh8mKVqnCX7FLTr%2Fyx05MHmd6YPgIAnRJOFp3FIe%2FfPlQFYE9t9dbv1%2BCCbA2BSBfHhx%2B5fohgUCaE%2Fg6Idp2OjGGI8rBKhMX0ULZBzZvFdEIvfV7PrXCJiRimTbiz%2F%2FC6EK2GiSGlw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ea2eb81e83cd9b3-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=30882&min_rtt=29888&rtt_var=1903&sent=83&recv=29&lost=0&retrans=0&sent_bytes=87542&recv_bytes=2514&delivery_rate=845978&cwnd=257&unsent_bytes=12899&cid=c332883083147b5e&ts=301&x=0"
content-length: 190160
date: Fri, 29 Nov 2024 13:24:47 GMT
content-type: image/png
last-modified: Tue, 27 Aug 2024 20:14:43 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 9f6c90f7-83a5-40f9-961a-f3c60e568c8c.png
img2.thethsdnadagvx.com/gameplat-cms/ 18 KB
19 KB 325ms
249ms Image
image/png 2606:4700:3030::ac43:c221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.thethsdnadagvx.com/gameplat-cms/9f6c90f7-83a5-40f9-961a-f3c60e568c8c.png
Requested by: Host: 921895.com
URL: https://921895.com/r/895829.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 288f049894425abb4adcf32e8a08fce507ce91f76a41ed8a80ea118712814bc3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://921895.com/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "e7cb5ee9f30672a53b2f7495d4e42630"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ElwKUFd8GGP9M%2BbR3GOk21Cu8qsB%2BwtQOLRGc5M5B10U56srN12oEkbaKDVfmkSn%2BZ7LRJM%2BtZ6BRcu1TjGtL89PdQlJ9OZPsr%2BQaeY99c284cEiuJ%2Bi%2F9gl1qUpBB4wCoGmkCNDCAYp7LBu1ixPj5AxUUu3vg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ea2eb81e83ed9b3-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=35098&min_rtt=29904&rtt_var=13904&sent=10&recv=16&lost=0&retrans=0&sent_bytes=3961&recv_bytes=2514&delivery_rate=134840&cwnd=254&unsent_bytes=0&cid=c332883083147b5e&ts=254&x=0"
content-length: 18386
date: Fri, 29 Nov 2024 13:24:47 GMT
content-type: image/png
last-modified: Tue, 27 Aug 2024 20:14:09 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 left_line.png
921895.com/xss/download/tp04/img/ 3 KB
3 KB 173ms
170ms Image
image/png 27.0.235.160
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://921895.com/xss/download/tp04/img/left_line.png
Requested by: Host: 921895.com
URL: https://921895.com/r/895829.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.160 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: c5cd42d7bc1a4b250a85976272f6054fc3e1a59ad89734c472f35dc686aa1f30

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://921895.com/r/895829.com

Response headers

cache-control: max-age=86400
etag: "1732883043"
expires: Sat, 30 Nov 2024 12:24:03 GMT
accept-ranges: bytes
x-proxy-cache: HIT
x-cache: HIT, policy, disk
content-length: 3369
date: Fri, 29 Nov 2024 12:24:03 GMT
content-type: image/png
last-modified: Fri, 29 Nov 2024 12:24:03 GMT
server: openresty
vary: Access-Control-Request-Headers

GET
H2 200 right_line.png
921895.com/xss/download/tp04/img/ 3 KB
3 KB 322ms
319ms Image
image/png 27.0.235.160
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://921895.com/xss/download/tp04/img/right_line.png
Requested by: Host: 921895.com
URL: https://921895.com/r/895829.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.160 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: cd0fd6677c39cd6d11213811c376598e7efd0e7ba8060508d8de5ba232aabe11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://921895.com/r/895829.com

Response headers

cache-control: max-age=86400
etag: "1732883043"
expires: Sat, 30 Nov 2024 12:24:03 GMT
accept-ranges: bytes
x-proxy-cache: HIT
x-cache: HIT, policy, disk
content-length: 3500
date: Fri, 29 Nov 2024 12:24:03 GMT
content-type: image/png
last-modified: Fri, 29 Nov 2024 12:24:03 GMT
server: openresty
vary: Access-Control-Request-Headers

GET
H2 200 btn_home.png
921895.com/xss/download/tp04/img/green/ 3 KB
3 KB 323ms
320ms Image
image/png 27.0.235.160
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://921895.com/xss/download/tp04/img/green/btn_home.png
Requested by: Host: 921895.com
URL: https://921895.com/r/895829.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.160 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 6fc744842c9a353156834990bcc8bf934f9191cd32b560dee11e583cbe916fa2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://921895.com/r/895829.com

Response headers

cache-control: max-age=86400
etag: "1732883043"
expires: Sat, 30 Nov 2024 12:24:03 GMT
accept-ranges: bytes
x-proxy-cache: HIT
x-cache: HIT, policy, disk
content-length: 3037
date: Fri, 29 Nov 2024 12:24:03 GMT
content-type: image/png
last-modified: Fri, 29 Nov 2024 12:24:03 GMT
server: openresty
vary: Access-Control-Request-Headers

GET
H2 200 btn_down.png
921895.com/xss/download/tp04/img/green/ 2 KB
2 KB 553ms
551ms Image
image/png 27.0.235.160
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://921895.com/xss/download/tp04/img/green/btn_down.png
Requested by: Host: 921895.com
URL: https://921895.com/r/895829.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.160 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 67063829354c1637b30b3c690b40199c9794a0552ead5d5351d0b25c05aaafd9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://921895.com/r/895829.com

Response headers

cache-control: max-age=86400
etag: "1732883043"
expires: Sat, 30 Nov 2024 12:24:03 GMT
accept-ranges: bytes
x-proxy-cache: HIT
x-cache: HIT, policy, disk
content-length: 2243
date: Fri, 29 Nov 2024 12:24:03 GMT
content-type: image/png
last-modified: Fri, 29 Nov 2024 12:24:03 GMT
server: openresty
vary: Access-Control-Request-Headers

GET
H2 200 btn_cs.png
921895.com/xss/download/tp04/img/green/ 3 KB
3 KB 555ms
553ms Image
image/png 27.0.235.160
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://921895.com/xss/download/tp04/img/green/btn_cs.png
Requested by: Host: 921895.com
URL: https://921895.com/r/895829.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.160 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: fe95f1f6d406da91e3d1757c94ae9a5df2c0be7127fba8229f5e2c083397b804

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://921895.com/r/895829.com

Response headers

cache-control: max-age=86400
etag: "1732883043"
expires: Sat, 30 Nov 2024 12:24:03 GMT
accept-ranges: bytes
x-proxy-cache: HIT
x-cache: HIT, policy, disk
content-length: 2913
date: Fri, 29 Nov 2024 12:24:03 GMT
content-type: image/png
last-modified: Fri, 29 Nov 2024 12:24:03 GMT
server: openresty
vary: Access-Control-Request-Headers

GET
H2 200 ab80663a-70ea-4a96-ba7d-2f60c1b1c65f.png
img2.thethsdnadagvx.com/gameplat-cms/ 97 KB
98 KB 333ms
277ms Image
image/png 2606:4700:3030::ac43:c221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img2.thethsdnadagvx.com/gameplat-cms/ab80663a-70ea-4a96-ba7d-2f60c1b1c65f.png
Requested by: Host: 921895.com
URL: https://921895.com/r/895829.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab6bd6dcdac23be4f9d2e6e73fb592e380b39cc191a8647ecf99a1ce1b06a306

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://921895.com/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "f09094a8e991320891def0f6fcdbdf62"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p8D%2BhhBIBa3ctkHYfu6pj0%2FoKpvhMpTOQ89E%2B%2F9mx0qViA5GaIBWuT5neiyc%2BjNy6dhILRxTBTy4MtM8xgt4YgZOgA3lYkJ7p5AWAFbmJ1s8li5IrzTqjUyjoz%2BB5BTyS60V1xu%2Bnp%2Ff66SYfFH5MJ8u7%2B4OQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ea2eb81e83fd9b3-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=35098&min_rtt=29904&rtt_var=13904&sent=29&recv=16&lost=0&retrans=0&sent_bytes=23414&recv_bytes=2514&delivery_rate=134840&cwnd=254&unsent_bytes=0&cid=c332883083147b5e&ts=283&x=0"
content-length: 99682
date: Fri, 29 Nov 2024 13:24:47 GMT
content-type: image/png
last-modified: Tue, 27 Aug 2024 20:14:16 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery.min.js Show response
921895.com/xss/script/ 94 KB
94 KB 323ms
320ms Script
application/javascript 27.0.235.160
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to

Full URL: https://921895.com/xss/script/jquery.min.js?v=2024045
Requested by: Host: 921895.com
URL: https://921895.com/r/895829.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.160 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://921895.com/r/895829.com

Response headers

cache-control: max-age=86400
etag: "1732883043"
expires: Sat, 30 Nov 2024 12:24:03 GMT
accept-ranges: bytes
x-proxy-cache: HIT
x-cache: HIT, policy, disk
content-length: 95992
date: Fri, 29 Nov 2024 12:24:03 GMT
content-type: application/javascript
last-modified: Fri, 29 Nov 2024 12:24:03 GMT
server: openresty
vary: Access-Control-Request-Headers

GET
H2 200 jquery.i18n.properties.js Show response
921895.com/xss/script/ 21 KB
22 KB 323ms
320ms Script
application/javascript 27.0.235.160
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to

Full URL: https://921895.com/xss/script/jquery.i18n.properties.js?v=2024045
Requested by: Host: 921895.com
URL: https://921895.com/r/895829.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.160 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 1c76de73bdf9aaecef3518c7353a990c557b9fa7f95aca2f8130c6cd2740195d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://921895.com/r/895829.com

Response headers

cache-control: max-age=86400
etag: "1732883043"
expires: Sat, 30 Nov 2024 12:24:03 GMT
accept-ranges: bytes
x-proxy-cache: HIT
x-cache: HIT, policy, disk
content-length: 21972
date: Fri, 29 Nov 2024 12:24:03 GMT
content-type: application/javascript
last-modified: Fri, 29 Nov 2024 12:24:03 GMT
server: openresty
vary: Access-Control-Request-Headers

GET
H2 200 tempo.min.js Show response
921895.com/xss/download/common/ 12 KB
12 KB 323ms
321ms Script
application/javascript 27.0.235.160
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to

Full URL: https://921895.com/xss/download/common/tempo.min.js?v=2024045
Requested by: Host: 921895.com
URL: https://921895.com/r/895829.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.160 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 532e68f1b7b852ee680366a68910bb5318ed801b28b6dee1904c6be30c09ddb9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://921895.com/r/895829.com

Response headers

cache-control: max-age=86400
etag: "1732883043"
expires: Sat, 30 Nov 2024 12:24:03 GMT
accept-ranges: bytes
x-proxy-cache: HIT
x-cache: HIT, policy, disk
content-length: 12204
date: Fri, 29 Nov 2024 12:24:03 GMT
content-type: application/javascript
last-modified: Fri, 29 Nov 2024 12:24:03 GMT
server: openresty
vary: Access-Control-Request-Headers

GET
H2 200 utils.js Show response
921895.com/xss/download/common/ 6 KB
6 KB 661ms
658ms Script
application/javascript 27.0.235.160
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to

Full URL: https://921895.com/xss/download/common/utils.js?v=2024045
Requested by: Host: 921895.com
URL: https://921895.com/r/895829.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.160 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 4e2e7641ffa68169a53f9634fdb30c468492ffe61e5521e19c32dbfdb6a5cd81

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://921895.com/r/895829.com

Response headers

cache-control: max-age=86400
etag: "1732883043"
expires: Sat, 30 Nov 2024 12:24:03 GMT
accept-ranges: bytes
x-proxy-cache: HIT
x-cache: HIT, policy, disk
content-length: 6201
date: Fri, 29 Nov 2024 12:24:03 GMT
content-type: application/javascript
last-modified: Fri, 29 Nov 2024 12:24:03 GMT
server: openresty
vary: Access-Control-Request-Headers

GET
H2 200 pageHook.js Show response
921895.com/xss/download/tp04/js/ 2 KB
2 KB 661ms
659ms Script
application/javascript 27.0.235.160
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to

Full URL: https://921895.com/xss/download/tp04/js/pageHook.js?v=2024045
Requested by: Host: 921895.com
URL: https://921895.com/r/895829.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.160 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: c241c7ff4beb37e947e124b866df14356bc5fd459a309acc544fe54eeee35ffb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://921895.com/r/895829.com

Response headers

cache-control: max-age=86400
etag: "1732883043"
expires: Sat, 30 Nov 2024 12:24:03 GMT
accept-ranges: bytes
x-proxy-cache: HIT
x-cache: HIT, policy, disk
content-length: 1901
date: Fri, 29 Nov 2024 12:24:03 GMT
content-type: application/javascript
last-modified: Fri, 29 Nov 2024 12:24:03 GMT
server: openresty
vary: Access-Control-Request-Headers

GET
H2 200 main.js Show response
921895.com/xss/download/tp04/js/ 1 KB
1 KB 661ms
659ms Script
application/javascript 27.0.235.160
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to

Full URL: https://921895.com/xss/download/tp04/js/main.js?v=2024045
Requested by: Host: 921895.com
URL: https://921895.com/r/895829.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.160 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 507da1be223e4d40dbb80d7375bdcd25daa8ec77d705712ccf8f8b59529e425c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://921895.com/r/895829.com

Response headers

cache-control: max-age=86400
etag: "1732883043"
expires: Sat, 30 Nov 2024 12:24:03 GMT
accept-ranges: bytes
x-proxy-cache: HIT
x-cache: HIT, policy, disk
content-length: 1210
date: Fri, 29 Nov 2024 12:24:03 GMT
content-type: application/javascript
last-modified: Fri, 29 Nov 2024 12:24:03 GMT
server: openresty
vary: Access-Control-Request-Headers

GET
H2 200 bg.png
921895.com/xss/download/tp04/img/ 396 KB
396 KB 398ms
397ms Image
image/png 27.0.235.160
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://921895.com/xss/download/tp04/img/bg.png
Requested by: Host: 921895.com
URL: https://921895.com/r/895829.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.160 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: ca2784354984e8f864ca55597ae67aa3a358f321f21f3e9e4cd95c9f65aa2ee4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://921895.com/r/895829.com

Response headers

cache-control: max-age=86400
etag: "1732883043"
expires: Sat, 30 Nov 2024 12:24:03 GMT
accept-ranges: bytes
x-proxy-cache: HIT
x-cache: HIT, policy, disk
content-length: 405446
date: Fri, 29 Nov 2024 12:24:03 GMT
content-type: image/png
last-modified: Fri, 29 Nov 2024 12:24:03 GMT
server: openresty
vary: Access-Control-Request-Headers

GET
H2 200 getDownloadInfo Show response
921895.com/api/download/ 866 B
918 B 230ms
230ms XHR
application/json 27.0.235.160
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to

Full URL: https://921895.com/api/download/getDownloadInfo?recommendCode=921895.com&mark=1
Requested by: Host: 921895.com
URL: https://921895.com/xss/script/jquery.min.js?v=2024045
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.160 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: de3519b6739a11ef5da743fdb3aa09600a4276e12870f294f2669ea030b14ccb

Request headers

Referer: https://921895.com/r/895829.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*

Response headers

access-control-allow-origin: *
x-cache: BYPASS
content-length: 866
date: Fri, 29 Nov 2024 13:24:47 GMT
content-type: application/json;charset=UTF-8
server: openresty

GET
H2 404 messages.properties Show response
921895.com/r/xss/download/tp04/i18n/ 643 B
695 B 188ms
187ms XHR
text/html 27.0.235.160
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to

Full URL: https://921895.com/r/xss/download/tp04/i18n/messages.properties?_=1732886687616
Requested by: Host: 921895.com
URL: https://921895.com/xss/script/jquery.min.js?v=2024045
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.160 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 166753318b067df017a6d0d562ef2e0c0acdd7a2a4cba2d98cac715020533c73

Request headers

Referer: https://921895.com/r/895829.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: text/plain, */*; q=0.01

Response headers

x-cache: BYPASS
content-length: 643
date: Fri, 29 Nov 2024 13:24:47 GMT
content-language: en-NZ
content-type: text/html;charset=utf-8
server: openresty

GET
H2 404 messages_zh.properties Show response
921895.com/r/xss/download/tp04/i18n/ 643 B
668 B 185ms
185ms XHR
text/html 27.0.235.160
ANTBOX1-AS-AP Ant...

General

Check archive.org

Show headers Download Go to

Full URL: https://921895.com/r/xss/download/tp04/i18n/messages_zh.properties?_=1732886687617
Requested by: Host: 921895.com
URL: https://921895.com/xss/script/jquery.min.js?v=2024045
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 27.0.235.160 Noida, India, ASN138995 (ANTBOX1-AS-AP Antbox Networks Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 166753318b067df017a6d0d562ef2e0c0acdd7a2a4cba2d98cac715020533c73

Request headers

Referer: https://921895.com/r/895829.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: text/plain, */*; q=0.01

Response headers

x-cache: BYPASS
content-length: 643
date: Fri, 29 Nov 2024 13:24:47 GMT
content-language: en-NZ
content-type: text/html;charset=utf-8
server: openresty

GET
H2 200 da6ca97e-6aa2-41d1-a1c4-1b708afedeac.png
img2.thethsdnadagvx.com/gameplat-cms/ 4 KB
4 KB 309ms
309ms Other
image/png 2606:4700:3030::ac43:c221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img2.thethsdnadagvx.com/gameplat-cms/da6ca97e-6aa2-41d1-a1c4-1b708afedeac.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c19664d4ebefc56d8ac9077403838ca2b26b8968ac2a0ebed81fcb1488171be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://921895.com/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "0ef62107b2f6c16bc0468cd9b62d791f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8yZEhJdeCZdhhFnOi1xwZ5F1RmS96pqA9RwIr692TXi0aWwP7ILi52HUX3P5uqALCYCB%2Fa%2F%2F3dre%2BspRnBN0zApQ7OP8c9R7MwDhxbyqBiU9uBQEDmiYjQNcgpyS2o%2FdKzouA2Z%2FCUgTfcLYY%2Fpv5IPi9meUkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ea2eb884d8ad9b3-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=30085&min_rtt=29761&rtt_var=137&sent=260&recv=231&lost=0&retrans=0&sent_bytes=316201&recv_bytes=2608&delivery_rate=5539965&cwnd=366&unsent_bytes=0&cid=c332883083147b5e&ts=1329&x=0"
content-length: 3691
date: Fri, 29 Nov 2024 13:24:48 GMT
content-type: image/png
last-modified: Tue, 27 Aug 2024 20:14:46 GMT
vary: Accept-Encoding
server: cloudflare

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			921895.com/	1970-01-21 01:22:53	Name: rcCode Value: 895829.com

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://921895.com/xss/script/jquery.min.js?v=2024045(Line 4) Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://921895.com/xss/script/jquery.min.js?v=2024045(Line 4) Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

115895.com
166895.com
182895.com
268895.com
622895.com
895116.com
895829.com
921895.com
bet895222222.com
code.bdstatic.com
img2.thethsdnadagvx.com
103.244.226.202
104.193.90.94
144.48.83.25
154.198.53.47
2606:4700:3030::ac43:c221
27.0.235.160
27.0.235.49
27.0.235.55
43.199.118.118
45.194.36.61
0c19664d4ebefc56d8ac9077403838ca2b26b8968ac2a0ebed81fcb1488171be
166753318b067df017a6d0d562ef2e0c0acdd7a2a4cba2d98cac715020533c73
1af6febf41f3039f9ed004994d6fe85e4c7e3e0949c3a006caf74138d20ebbd0
1c76de73bdf9aaecef3518c7353a990c557b9fa7f95aca2f8130c6cd2740195d
288f049894425abb4adcf32e8a08fce507ce91f76a41ed8a80ea118712814bc3
47f122608040eb89ee6356acaec2f42c70887ecb48f7c43122b1b2468cf9e114
4e2e7641ffa68169a53f9634fdb30c468492ffe61e5521e19c32dbfdb6a5cd81
507da1be223e4d40dbb80d7375bdcd25daa8ec77d705712ccf8f8b59529e425c
532e68f1b7b852ee680366a68910bb5318ed801b28b6dee1904c6be30c09ddb9
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5abbd993158cc7b1771bad5fac9ca41e20eb31059297d88c6d5d51dba7c175e1
67063829354c1637b30b3c690b40199c9794a0552ead5d5351d0b25c05aaafd9
6fc744842c9a353156834990bcc8bf934f9191cd32b560dee11e583cbe916fa2
a2101dd92784f4ec4a2dfa17f66663135a121ca3fdf4a6011718ac7ea8b607d3
ab6bd6dcdac23be4f9d2e6e73fb592e380b39cc191a8647ecf99a1ce1b06a306
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b02e55e70982d8dbaf11f9743d36d69bef68fd35b89db2823018d04831d11151
c241c7ff4beb37e947e124b866df14356bc5fd459a309acc544fe54eeee35ffb
c5cd42d7bc1a4b250a85976272f6054fc3e1a59ad89734c472f35dc686aa1f30
ca2784354984e8f864ca55597ae67aa3a358f321f21f3e9e4cd95c9f65aa2ee4
cb9d6a550433ad8f22e2846b686a9f80013e9a50362cfb92d523f2b272bcbe95
cd0fd6677c39cd6d11213811c376598e7efd0e7ba8060508d8de5ba232aabe11
de3519b6739a11ef5da743fdb3aa09600a4276e12870f294f2669ea030b14ccb
fe95f1f6d406da91e3d1757c94ae9a5df2c0be7127fba8229f5e2c083397b804
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

921895.com Open in urlscan Pro 27.0.235.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

100 %HTTPS

10 %IPv6

11 Domains

11 Subdomains

9 IPs

5 Countries

923 kBTransfer

985 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

921895.com Open in urlscan Pro
27.0.235.160 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

100 %
HTTPS

10 %
IPv6

11
Domains

11
Subdomains

9
IPs

5
Countries

923 kB
Transfer

985 kB
Size

1
Cookies

33 HTTP transactions
0 data transactions