urlscan.io logo urlscan.io
SecurityTrails logo

xn--0trw50k.pddh168.xyz Open in urlscan Pro Puny
和谐.pddh168.xyz IDN
172.67.136.185  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xn--0trw50k.pddh168.xyz/
Effective URL: https://xn--0trw50k.pddh168.xyz/
Submission: On December 18 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 172.67.136.185, located in United States and belongs to CLOUDFLARENET, US. The main domain is xn--0trw50k.pddh168.xyz.
TLS certificate: Issued by WE1 on December 7th 2024. Valid for: 3 months.
This is the only time xn--0trw50k.pddh168.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 172.67.136.185 13335 (CLOUDFLAR...)
1 104.21.80.1 13335 (CLOUDFLAR...)
6 3
Apex Domain
Subdomains		 Transfer
3 pddh168.xyz
xn--0trw50k.pddh168.xyz
99 KB
1 m1996.cc
tongji.m1996.cc
25 KB
0 pddh3.sbs Failed
xn--1cts3f.pddh3.sbs Failed
6 3
Domain Requested by
3 xn--0trw50k.pddh168.xyz xn--0trw50k.pddh168.xyz
1 tongji.m1996.cc xn--0trw50k.pddh168.xyz
tongji.m1996.cc
0 xn--1cts3f.pddh3.sbs Failed xn--0trw50k.pddh168.xyz
6 3

This site contains no links.

Subject Issuer Validity Valid
pddh168.xyz
WE1		 2024-12-07 -
2025-03-07		 3 months crt.sh
m1996.cc
WE1		 2024-11-28 -
2025-02-26		 3 months crt.sh

This page contains 1 frames:

Frame: https://xn--1cts3f.pddh3.sbs/
Frame ID: 8DF216E6084C1A79768F98B6EDECFFA3
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

自强 爱国

Page URL History Show full URLs

  1. http://xn--0trw50k.pddh168.xyz/ HTTP 307
    https://xn--0trw50k.pddh168.xyz/ Page URL

Page Statistics

6
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

124 kB
Transfer

376 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xn--0trw50k.pddh168.xyz/ HTTP 307
    https://xn--0trw50k.pddh168.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xn--0trw50k.pddh168.xyz/
Redirect Chain
  • http://xn--0trw50k.pddh168.xyz/
  • https://xn--0trw50k.pddh168.xyz/
29 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xn--0trw50k.pddh168.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.136.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9466207016ba98183ceb521a9b6f23ad8a006e79a8734f27ae1cb685c8ba3c2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f3f8eb92fde8cc8-EWR
content-encoding
zstd
content-type
text/html
date
Wed, 18 Dec 2024 13:39:11 GMT
last-modified
Sun, 08 Dec 2024 09:11:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2X%2BX5lUSVl9XaYCWX6S93xfJ6vUZeOauc8O%2FgK4UEKQtL8qleh4LDVetgHmg1vbzUKcF%2BrXg2%2FBlHLjrlIYQ1Qa%2BLU1jqMqWZm1fxcgHanTMqqKyiwRnT725FwqTagv1UG0F74ijVZQRwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=10328&min_rtt=8783&rtt_var=5552&sent=6&recv=7&lost=0&retrans=0&sent_bytes=4247&recv_bytes=2295&delivery_rate=489987&cwnd=247&unsent_bytes=0&cid=847aca8c510b7610&ts=189&x=0"
vary
Accept-Encoding

Redirect headers

Location
https://xn--0trw50k.pddh168.xyz/
Non-Authoritative-Reason
HttpsUpgrades
btwaf_aes_forge_6d7584ebbc8099962ec31133b1a1bdde.js
xn--0trw50k.pddh168.xyz/ 		275 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--0trw50k.pddh168.xyz/btwaf_aes_forge_6d7584ebbc8099962ec31133b1a1bdde.js
Requested by
Host: xn--0trw50k.pddh168.xyz
URL: https://xn--0trw50k.pddh168.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.136.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
508027e127fee8ef0cc6fd68846a1726b8fbf1ea3f3a876c12f101d896e12852

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--0trw50k.pddh168.xyz/

Response headers

cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
age
34068
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yklMtnqZuBZYJgApCvNRn4EFFoWwa7ysel81w1G2mhi2DltR3zEpJG4GBXtneEvAdkyrsBJhGMrwzKVcixe%2FgKCw5GqQ9vQCtB5PQDYTXkQ%2BDD%2BkuLqIKNsaX9BLbzPqVdUh4H%2B0ABYpzw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3f8eba69918cc8-EWR
expires
Wed, 18 Dec 2024 16:11:23 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=13762&min_rtt=8739&rtt_var=9912&sent=22&recv=13&lost=0&retrans=0&sent_bytes=18236&recv_bytes=2439&delivery_rate=2155436&cwnd=249&unsent_bytes=0&cid=847aca8c510b7610&ts=245&x=0"
date
Wed, 18 Dec 2024 13:39:11 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
last-modified
Wed, 18 Dec 2024 04:11:23 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6f8aa7172b69e423bde1fb5138b3a584a4a05f058c4e299680fd3938c893534

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
favicon.ico
xn--0trw50k.pddh168.xyz/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xn--0trw50k.pddh168.xyz/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.136.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
045978f5728e20e9347ae97cd1f973f2c5f800afa0ad811ca918f6a3b0ed2586

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--0trw50k.pddh168.xyz/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67147bf6-10be"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9HOoFRczUTTmbaivsUTG6VuQ3LsGuH6HSbaQUN%2BuC4QtGf6%2FzZS4Hy8PmrOvhYBxR8A%2BWCNqjZfJR5LqRovGZBa%2Bek9H5dRp6tCIRtX1iUW4kIPobiRVm1ohWbG3Z2XcLZVu1cEjFTRGXw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f3f8ebb0a628cc8-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=15577&min_rtt=8722&rtt_var=13048&sent=86&recv=29&lost=0&retrans=0&sent_bytes=104348&recv_bytes=2649&delivery_rate=9195449&cwnd=272&unsent_bytes=0&cid=847aca8c510b7610&ts=499&x=0"
date
Wed, 18 Dec 2024 13:39:11 GMT
content-type
image/x-icon
last-modified
Sun, 20 Oct 2024 03:41:42 GMT
vary
Accept-Encoding
server
cloudflare
matomo.js
tongji.m1996.cc/ 		66 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tongji.m1996.cc/matomo.js
Requested by
Host: xn--0trw50k.pddh168.xyz
URL: https://xn--0trw50k.pddh168.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89e35b18e2ddd93f040839eb32f71a22a7781f27fca6e294f9405d5fb0ea2cc3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xn--0trw50k.pddh168.xyz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"675a530e-107aa"
age
21959
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VphRK%2Bi80e6aMoRmPVfldf2WRP7Pd1ET49i8wFCphRrQ3WHYZGsoqjG5YJYhENREqqJ5Jgn%2FvYjAlVF5%2Fn1%2BKtAT6N%2F8govD68As5Hs%2FvATHiDzf%2BzCbaUY1UHNa5qxQ7%2FM%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 18 Dec 2024 19:33:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=8603&min_rtt=8566&rtt_var=2433&sent=6&recv=7&lost=0&retrans=0&sent_bytes=3933&recv_bytes=2143&delivery_rate=511323&cwnd=253&unsent_bytes=0&cid=c7d9ee47b32d6b7f&ts=50&x=0"
date
Wed, 18 Dec 2024 13:39:14 GMT
content-type
application/javascript
last-modified
Thu, 12 Dec 2024 03:05:50 GMT
vary
Accept-Encoding
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3f8ed04a480f93-EWR
server
cloudflare
/
xn--1cts3f.pddh3.sbs/ 		0
0
matomo.php
tongji.m1996.cc/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xn--1cts3f.pddh3.sbs
URL
https://xn--1cts3f.pddh3.sbs/
Domain
tongji.m1996.cc
URL
https://tongji.m1996.cc/matomo.php?action_name=%E8%87%AA%E5%BC%BA%20%E7%88%B1%E5%9B%BD&idsite=7&rec=1&r=472625&h=3&m=39&s=14&url=https%3A%2F%2Fxn--0trw50k.pddh168.xyz%2F&_id=12303128f808c70d&_idn=1&send_image=0&_refts=0&pv_id=QmRiqE&pf_net=431&pf_srv=180&pf_tfr=27&pf_dm1=84&pf_dm2=1&pf_onl=9&uadata=%7B%22formFactors%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| forge function| raoction function| f1 function| f2 function| oncheck object| _0x21c0 function| _0x3065 string| time object| checkF object| checkR object| raw_key object| encrypted object| tag object| iv function| getlogdock function| lenkout function| readload function| initget object| _0x5a4a function| _0x5269 function| _0x32d161 function| _0xedd55d function| _0x14c177 function| _0x57124a function| t number| framesToPop function| dial object| _paq object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

3 Cookies

Domain/Path Name / Value
xn--0trw50k.pddh168.xyz/ Name: btwaf-21cb7f37099ce405e82768674d54a499-0711fc5487872cd6
Value: c5b76ff6062b0afb2f75e5962e1e7278ba143dcc568a478cf7024995a4b46575
xn--0trw50k.pddh168.xyz/ Name: _pk_id.7.6809
Value: 12303128f808c70d.1734529155.
xn--0trw50k.pddh168.xyz/ Name: _pk_ses.7.6809
Value: 1