qazc84.cc Open in urlscan Pro
194.53.53.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://znsm22.cc/
Effective URL:
https://qazc84.cc/?dwxmxi=jxcf03
Submission: On December 17 via api (December 17th 2024, 1:08:13 pm UTC) from US — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 9 HTTP transactions. The main IP is 194.53.53.254, located in Moscow Oblast, Russian Federation and belongs to CLOUDFLARESPECTRUM Cloudflare London, LLC, US. The main domain is qazc84.cc.
TLS certificate: Issued by WE1 on October 27th 2024. Valid for: 3 months.

This is the only time qazc84.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	194.53.53.7 194.53.53.7	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare London)
1	194.53.53.254 194.53.53.254	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare London)
3	180.163.146.89 180.163.146.89	4812 (CHINANET-...) (CHINANET-SH-AP China Telecom Group)
1	8.219.174.235 8.219.174.235	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
9	5

3 194.53.53.7 (Moscow Oblast, Russian Federation) 2 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)

znsm22.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.53.53.254 (Moscow Oblast, Russian Federation)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)

qazc84.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 180.163.146.89 (China)

ASN4812 (CHINANET-SH-AP China Telecom Group, CN)

su.abbws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.219.174.235 (Singapore)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

baidutongji.baidutongj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	abbws.com su.abbws.com Failed	84 KB
3	znsm22.cc 2 redirects znsm22.cc	2 KB
1	baidutongj.com baidutongji.baidutongj.com	244 B
1	qazc84.cc qazc84.cc	3 KB
0	googletagmanager.com Failed www.googletagmanager.com Failed
9	5

	Domain	Requested by
3	su.abbws.com	qazc84.cc
3	znsm22.cc	2 redirects
1	baidutongji.baidutongj.com	qazc84.cc
1	qazc84.cc	znsm22.cc
0	www.googletagmanager.com Failed	qazc84.cc
9	5

This site contains no links.

Subject Issuer	Validity	Valid
znsm22.cc WE1	`2024-10-27` - `2025-01-25`	3 months	crt.sh
qazc84.cc WE1	`2024-10-27` - `2025-01-25`	3 months	crt.sh
su.abbws.com Sectigo RSA Domain Validation Secure Server CA	`2024-12-04` - `2025-12-04`	a year	crt.sh
baidutongji.baidutongj.com TrustAsia RSA DV TLS CA G2	`2024-03-02` - `2025-03-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://qazc84.cc/?dwxmxi=jxcf03
Frame ID: B8AFDD66D70421F03508423DC1C14CFF
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

91TV

Page URL History Show full URLs

http://znsm22.cc/ HTTP 307
https://znsm22.cc/ Page URL
https://znsm22.cc/?dwxmxi=jxcf03 HTTP 307
https://znsm22.cc/?dwxmxi=jxcf03 HTTP 301
https://qazc84.cc/?dwxmxi=jxcf03 Page URL

Page Statistics

9
Requests

67 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

88 kB
Transfer

357 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://znsm22.cc/ HTTP 307
https://znsm22.cc/ Page URL
https://znsm22.cc/?dwxmxi=jxcf03 HTTP 307
https://znsm22.cc/?dwxmxi=jxcf03 HTTP 301
https://qazc84.cc/?dwxmxi=jxcf03 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://znsm22.cc/ HTTP 307
https://znsm22.cc/

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response znsm22.cc/ Redirect Chain http://znsm22.cc/ https://znsm22.cc/	887 B 1 KB	360ms 322ms	Document text/html	194.53.53.7 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://znsm22.cc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.53.53.7 Moscow Oblast, Russian Federation, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US), Reverse DNS Software cloudflare / Resource Hash `34c4bfd85a3cb6a7c2ac47e645f00b5523df0d4a70e71d74b0c69134bd6e0bde` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store cf-cache-status DYNAMIC cf-ray 8f372302bc5ad9d4-FRA content-encoding zstd content-type text/html date Tue, 17 Dec 2024 13:07:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AEobEdhLXQ0w7DLYSrEBi2OHL58HFuMW55Nu%2FDNMBbTNprHTCbseowk3CDvvsflwy2Lc3LOBwcxn45Dv7I60ERPDw7r%2Bjyct1QDrW45jRLY4NJSCiNtUuAlIfGA%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=11892&min_rtt=6318&rtt_var=11612&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4022&recv_bytes=2339&delivery_rate=558050&cwnd=245&unsent_bytes=0&cid=e9b426964e9fd814&ts=328&x=0" Redirect headers Location https://znsm22.cc/ Non-Authoritative-Reason HttpsUpgrades
GET H3	200	Primary Request / Show response qazc84.cc/ Redirect Chain https://znsm22.cc/?dwxmxi=jxcf03 https://znsm22.cc/?dwxmxi=jxcf03 https://qazc84.cc/?dwxmxi=jxcf03	8 KB 3 KB	414ms 388ms	Document text/html	194.53.53.254 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Full URL https://qazc84.cc/?dwxmxi=jxcf03 Requested by Host: znsm22.cc URL: https://znsm22.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 194.53.53.254 Moscow Oblast, Russian Federation, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US), Reverse DNS Software cloudflare / Resource Hash `4871c15d82d34494a56379384fabc99534dd4a9d306f1c9fcc6fd7d2c325abdc` Request headers Referer https://znsm22.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-headers X-Requested-With,content-type,app_type,sign,did,time access-control-allow-methods GET,POST,PUT,DELETE,OPTIONS access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f3723082d6ad298-FRA content-encoding zstd content-type text/html date Tue, 17 Dec 2024 13:07:34 GMT last-modified Wed, 04 Dec 2024 13:43:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vn%2FfW4B9CZag4XqbZID7zWLoFEE%2F1w6Pk%2Fdb25SS96fnGh7kVhCRu8CWU8FdrlFb1fi3NAp9ovrFCkYCnoVDyrzx418fCpCajaX2G0AUbihWl%2F57sw%2FdaMnNMQ4%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=8165&min_rtt=6394&rtt_var=3520&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4259&recv_bytes=4544&delivery_rate=1284&cwnd=12000&unsent_bytes=0&cid=ab44b5d4eed41ed1&ts=384&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f372305ef2c37fd-FRA content-type text/html date Tue, 17 Dec 2024 13:07:33 GMT location https://qazc84.cc/?dwxmxi=jxcf03 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IN0xoE8TijUVuU%2FM6G9tqEX2ENsdhEKa5VU4gNGes9iwT%2BtnfHvYbbps8dSyeDAljfNRVBgQtyyUDLsbIrvVR7paAS%2Btkn9lJ3KGp1S8lwItfgsH9rY%2FFkWLDJ8%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=10195&min_rtt=6837&rtt_var=7553&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4284&recv_bytes=4550&delivery_rate=889&cwnd=12000&unsent_bytes=0&cid=c4c196b971d7144d&ts=490&x=1" cfExtPri cfHdrFlush;dur=0
GET		hls.min.js su.abbws.com/json/js/	0 0

GET H/1.1	200 OK	DPlayer.min.js Show response su.abbws.com/json/js/	213 KB 57 KB	12868ms 624ms	Script application/javascript	180.163.146.89 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Full URL https://su.abbws.com/json/js/DPlayer.min.js Requested by Host: qazc84.cc URL: https://qazc84.cc/?dwxmxi=jxcf03 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 180.163.146.89 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN), Reverse DNS Software Tengine / Resource Hash `199d8d25d8114dcbd9df360e1303a1f9ecbfd66b71424bb4f9f2bf630da5087b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://qazc84.cc/ Response headers Content-Encoding br ETag W/"675027c2-3531d" Age 1130048 Access-Control-Allow-Methods GET,POST,PUT,DELETE,OPTIONS X-Cache HIT TCP_MEM_HIT dirn:-2:-2 Date Wed, 04 Dec 2024 11:13:38 GMT Content-Type application/javascript Vary Accept-Encoding, Accept-Encoding Last-Modified Wed, 04 Dec 2024 09:58:26 GMT Access-Control-Allow-Headers X-Requested-With,content-type,app_type,sign,did,time Transfer-Encoding chunked X-Swift-CacheTime 2160061 Timing-Allow-Origin * Connection keep-alive Via ens-cache37.l2cn7656[0,0,200-0,H], ens-cache45.l2cn7656[1,0], kunlun5.cn7174[0,0,200-0,H], kunlun6.cn7174[4,0] Ali-Swift-Global-Savetime 1733310818 X-Swift-SaveTime Mon, 09 Dec 2024 11:12:37 GMT Access-Control-Allow-Origin * EagleId b4a3921a17344408665067570e Server Tengine
GET H/1.1	200 OK	fullscreen.min.js Show response su.abbws.com/json/js/	3 KB 2 KB	11181ms 1489ms	Script application/javascript	180.163.146.89 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Full URL https://su.abbws.com/json/js/fullscreen.min.js Requested by Host: qazc84.cc URL: https://qazc84.cc/?dwxmxi=jxcf03 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 180.163.146.89 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN), Reverse DNS Software Tengine / Resource Hash `0a4a57a2a1e2adba25cfc5e12cde7a8e759aeb9c8b56082aff943e457c28d31e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://qazc84.cc/ Response headers Content-Encoding br ETag W/"675027c2-c19" Age 1130045 Access-Control-Allow-Methods GET,POST,PUT,DELETE,OPTIONS X-Cache HIT TCP_MEM_HIT dirn:-2:-2 Date Wed, 04 Dec 2024 11:13:38 GMT Content-Type application/javascript Vary Accept-Encoding, Accept-Encoding Last-Modified Wed, 04 Dec 2024 09:58:26 GMT Access-Control-Allow-Headers X-Requested-With,content-type,app_type,sign,did,time Transfer-Encoding chunked X-Swift-CacheTime 2160061 Timing-Allow-Origin * Connection keep-alive Via cache19.l2cn7831[0,0,200-0,H], cache40.l2cn7831[2,0], kunlun3.cn7174[0,0,200-0,H], kunlun10.cn7174[3,0] Ali-Swift-Global-Savetime 1733310818 X-Swift-SaveTime Mon, 09 Dec 2024 11:12:37 GMT Access-Control-Allow-Origin * EagleId b4a3921e17344408639551604e Server Tengine
GET H/1.1	200	bootstrap Show response baidutongji.baidutongj.com/	91 B 244 B	721ms 394ms	Script text/plain	8.219.174.235 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://baidutongji.baidutongj.com/bootstrap Requested by Host: qazc84.cc URL: https://qazc84.cc/?dwxmxi=jxcf03 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.219.174.235 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash `31291f4783da8fe55eb45f7e8be26aba12176c7d2179b4d9c7aa5a65514ca9c3` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://qazc84.cc/ Response headers Content-Length 91 Date Tue, 17 Dec 2024 13:07:34 GMT Content-Type text/plain;charset=UTF-8 Server nginx Connection keep-alive
GET		js www.googletagmanager.com/gtag/	0 0

GET H/1.1	200 OK	umi.2b583632.css su.abbws.com/json/	132 KB 25 KB	9994ms 921ms	Stylesheet text/css	180.163.146.89 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Full URL https://su.abbws.com/json/umi.2b583632.css Requested by Host: qazc84.cc URL: https://qazc84.cc/?dwxmxi=jxcf03 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 180.163.146.89 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN), Reverse DNS Software Tengine / Resource Hash `084f0b067a0e1535035005db856918cb8808830604c6e722242439f253ddaac7` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://qazc84.cc/ Response headers Content-Encoding br ETag W/"675027c2-20ec3" Age 1130045 Access-Control-Allow-Methods GET,POST,PUT,DELETE,OPTIONS X-Cache HIT TCP_MEM_HIT dirn:-2:-2 Date Wed, 04 Dec 2024 11:13:38 GMT Content-Type text/css Vary Accept-Encoding, Accept-Encoding Last-Modified Wed, 04 Dec 2024 09:58:26 GMT Access-Control-Allow-Headers X-Requested-With,content-type,app_type,sign,did,time Transfer-Encoding chunked X-Swift-CacheTime 2160061 Timing-Allow-Origin * Connection keep-alive Via cache25.l2cn1823[0,0,200-0,H], cache26.l2cn1823[1,0], kunlun10.cn7174[0,0,200-0,H], kunlun6.cn7174[5,0] Ali-Swift-Global-Savetime 1733310818 X-Swift-SaveTime Mon, 09 Dec 2024 11:12:37 GMT Access-Control-Allow-Origin * EagleId b4a3921a17344408633426020e Server Tengine
GET		umi.3fecdc1a.js su.abbws.com/json/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: su.abbws.com
URL: https://su.abbws.com/json/js/hls.min.js

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-165362072-4

Domain: su.abbws.com
URL: https://su.abbws.com/json/umi.3fecdc1a.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

baidutongji.baidutongj.com
qazc84.cc
su.abbws.com
www.googletagmanager.com
znsm22.cc
su.abbws.com
www.googletagmanager.com
180.163.146.89
194.53.53.254
194.53.53.7
8.219.174.235
084f0b067a0e1535035005db856918cb8808830604c6e722242439f253ddaac7
0a4a57a2a1e2adba25cfc5e12cde7a8e759aeb9c8b56082aff943e457c28d31e
199d8d25d8114dcbd9df360e1303a1f9ecbfd66b71424bb4f9f2bf630da5087b
31291f4783da8fe55eb45f7e8be26aba12176c7d2179b4d9c7aa5a65514ca9c3
34c4bfd85a3cb6a7c2ac47e645f00b5523df0d4a70e71d74b0c69134bd6e0bde
4871c15d82d34494a56379384fabc99534dd4a9d306f1c9fcc6fd7d2c325abdc

qazc84.cc Open in urlscan Pro 194.53.53.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

9 Requests

67 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

88 kBTransfer

357 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

qazc84.cc Open in urlscan Pro
194.53.53.254 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

67 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

88 kB
Transfer

357 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions