27.106.99.192 Open in urlscan Pro
27.106.99.192 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bdfdwyqrqsc.xyz/
Effective URL:
https://27.106.99.192:1085/
Submission: On October 02 via api (October 2nd 2024, 12:21:55 am UTC) from TW — Scanned from DE

Summary HTTP 66 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 31 domains to perform 66 HTTP transactions. The main IP is 27.106.99.192, located in Hong Kong, Hong Kong and belongs to HWCLOUDS-AS-AP HUAWEI CLOUDS, HK. The main domain is 27.106.99.192.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on September 28th 2024. Valid for: a year.

This is the only time 27.106.99.192 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	54.67.42.145 54.67.42.145	16509 (AMAZON-02) (AMAZON-02)
1 1	121.41.98.191 121.41.98.191	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
4	185.232.59.135 185.232.59.135	135391 (AOFEI-HK ...) (AOFEI-HK AOFEI DATA INTERNATIONAL COMPANY LIMITED)
7	27.106.99.192 27.106.99.192	136907 (HWCLOUDS-...) (HWCLOUDS-AS-AP HUAWEI CLOUDS)
26	20.2.16.163 20.2.16.163	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	49.12.234.183 49.12.234.183	24940 (HETZNER-AS) (HETZNER-AS)
66	5

2 54.67.42.145 (San Jose, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-67-42-145.us-west-1.compute.amazonaws.com

bdfdwyqrqsc.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 121.41.98.191 (Hangzhou, China) 1 redirects

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

cwurl.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.232.59.135 (Frankfurt am Main, Germany)

ASN135391 (AOFEI-HK AOFEI DATA INTERNATIONAL COMPANY LIMITED, HK)

tx.youdou.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 27.106.99.192 (Hong Kong, Hong Kong)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)

27.106.99.192	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 20.2.16.163 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

df168aa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168bb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168cc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168dd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168ee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168ff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168gg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168hh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168ii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168jj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168kk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168ll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168mm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168nn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168oo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168pp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168rr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168ss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168tt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168uu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168vv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168ww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168xx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168yy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168zz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.234.183 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: v4.ident.me

v4.ident.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	youdou.mobi tx.youdou.mobi	562 KB
2	bdfdwyqrqsc.xyz 2 redirects bdfdwyqrqsc.xyz	563 B
1	df168zz.com df168zz.com Failed
1	df168yy.com df168yy.com Failed
1	df168xx.com df168xx.com Failed
1	df168ww.com df168ww.com Failed
1	df168vv.com df168vv.com Failed
1	df168uu.com df168uu.com Failed
1	df168tt.com df168tt.com Failed
1	df168ss.com df168ss.com
1	ident.me v4.ident.me — Cisco Umbrella Rank: 212210	135 B
1	df168rr.com df168rr.com
1	df168qq.com df168qq.com
1	df168pp.com df168pp.com
1	df168oo.com df168oo.com
1	df168nn.com df168nn.com
1	df168mm.com df168mm.com
1	df168ll.com df168ll.com
1	df168kk.com df168kk.com
1	df168jj.com df168jj.com
1	df168ii.com df168ii.com
1	df168hh.com df168hh.com
1	df168gg.com df168gg.com
1	df168ff.com df168ff.com
1	df168ee.com df168ee.com
1	df168dd.com df168dd.com
1	df168cc.com df168cc.com
1	df168bb.com df168bb.com
1	df168aa.com df168aa.com
1	cwurl.cn 1 redirects cwurl.cn	132 B
0	ydglxt.xyz Failed ehflhcdf20.ydglxt.xyz Failed
66	31

	Domain	Requested by
4	tx.youdou.mobi	tx.youdou.mobi
2	bdfdwyqrqsc.xyz	2 redirects
1	df168zz.com	tx.youdou.mobi
1	df168yy.com	tx.youdou.mobi
1	df168xx.com	tx.youdou.mobi
1	df168ww.com	tx.youdou.mobi
1	df168vv.com	tx.youdou.mobi
1	df168uu.com	tx.youdou.mobi
1	df168tt.com	tx.youdou.mobi
1	df168ss.com	tx.youdou.mobi
1	v4.ident.me	tx.youdou.mobi
1	df168rr.com	tx.youdou.mobi
1	df168qq.com	tx.youdou.mobi
1	df168pp.com	tx.youdou.mobi
1	df168oo.com	tx.youdou.mobi
1	df168nn.com	tx.youdou.mobi
1	df168mm.com	tx.youdou.mobi
1	df168ll.com	tx.youdou.mobi
1	df168kk.com	tx.youdou.mobi
1	df168jj.com	tx.youdou.mobi
1	df168ii.com	tx.youdou.mobi
1	df168hh.com	tx.youdou.mobi
1	df168gg.com	tx.youdou.mobi
1	df168ff.com	tx.youdou.mobi
1	df168ee.com	tx.youdou.mobi
1	df168dd.com	tx.youdou.mobi
1	df168cc.com	tx.youdou.mobi
1	df168bb.com	tx.youdou.mobi
1	df168aa.com	tx.youdou.mobi
1	cwurl.cn	1 redirects
0	ehflhcdf20.ydglxt.xyz Failed	tx.youdou.mobi
66	31

This site contains links to these domains. Also see Links.

Domain
gitee.com
github.com

Subject Issuer	Validity	Valid
*.youdou.mobi R10	`2024-08-19` - `2024-11-17`	3 months	crt.sh
27.106.99.192 Certum Domain Validation CA SHA2	`2024-09-28` - `2025-10-28`	a year	crt.sh
im1-dafa168.com Certum Domain Validation CA SHA2	`2024-02-26` - `2025-02-25`	a year	crt.sh
any.ident.me R11	`2024-08-11` - `2024-11-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://27.106.99.192:1085/
Frame ID: F5AE1337A8BA8C777C3DE41A35122513
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

滑块验证

Page URL History Show full URLs

http://bdfdwyqrqsc.xyz/ HTTP 307
https://bdfdwyqrqsc.xyz/ HTTP 301
https://cwurl.cn/7GFQz6 HTTP 307
http://bdfdwyqrqsc.xyz/ HTTP 301
https://cwurl.cn/7GFQz6 HTTP 302
https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Page URL
https://27.106.99.192:1085/ Page URL

Page Statistics

66
Requests

58 %
HTTPS

0 %
IPv6

31
Domains

31
Subdomains

5
IPs

4
Countries

722 kB
Transfer

1352 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://gitee.com/langlanglang/poster
Title: gitee

Search URL Search Domain Scan URL

URL: https://github.com/kkokk/poster
Title: github

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bdfdwyqrqsc.xyz/ HTTP 307
https://bdfdwyqrqsc.xyz/ HTTP 301
https://cwurl.cn/7GFQz6 HTTP 307
http://bdfdwyqrqsc.xyz/ HTTP 301
https://cwurl.cn/7GFQz6 HTTP 302
https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Page URL
https://27.106.99.192:1085/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://bdfdwyqrqsc.xyz/ HTTP 307
https://bdfdwyqrqsc.xyz/ HTTP 301
https://cwurl.cn/7GFQz6 HTTP 307
http://bdfdwyqrqsc.xyz/ HTTP 301
https://cwurl.cn/7GFQz6 HTTP 302
https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20

66 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

index.html Show response
tx.youdou.mobi/jump/
Redirect Chain

http://bdfdwyqrqsc.xyz/
https://bdfdwyqrqsc.xyz/
https://cwurl.cn/7GFQz6
http://bdfdwyqrqsc.xyz/
https://cwurl.cn/7GFQz6
https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20

516 B
826 B

3615ms
48ms

Document
text/html

185.232.59.135
AOFEI-HK AOFEI DA...

General

Check archive.org

Show headers Download Go to

Full URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.232.59.135 Frankfurt am Main, Germany, ASN135391 (AOFEI-HK AOFEI DATA INTERNATIONAL COMPANY LIMITED, HK),
Reverse DNS
Software: marco/3.2 /
Resource Hash: 7d21a0b0d02215603618755e41981d85d3d5bf821276533d5867da47ce28403d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 61628
cache-control: max-age=691200
content-encoding: br
content-type: text/html
date: Wed, 02 Oct 2024 00:21:38 GMT
etag: W/"ebe3b9c9cc7268656d2442e185577462"
expires: Wed, 09 Oct 2024 07:14:30 GMT
last-modified: Tue, 01 Oct 2024 07:14:29 GMT
server: marco/3.2
vary: Accept-Encoding
via: T.204.H, V.403-zj-fud-202, S.pcw-cn-hkg-167, T.167.H, V.pcw-cn-hkg-165, T.133.H, M.gtt-de-fra3-133
x-request-id: f95c10ea11ebba12b9a5e8f0600ed3f1; fed48da21e13e53bdbcaa7a6c58ab53d; 61bfd8cd40cb94f2e1ca156af7592b17; e3a7c48955bd7e848cef703915784bf8
x-source: U/200
x-upyun-content-length: 516
x-upyun-content-type: text/html

Redirect headers

cache-control: no-cache
date: Wed, 02 Oct 2024 00:21:34 GMT
location: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20
server: nginx

GET
H2 200 app.1a3699a9.js Show response
tx.youdou.mobi/jump/js/ 885 KB
448 KB 72ms
71ms Script
application/javascript 185.232.59.135
AOFEI-HK AOFEI DA...

General

Check archive.org

Show headers Download Go to

Full URL: https://tx.youdou.mobi/jump/js/app.1a3699a9.js
Requested by: Host: tx.youdou.mobi
URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.232.59.135 Frankfurt am Main, Germany, ASN135391 (AOFEI-HK AOFEI DATA INTERNATIONAL COMPANY LIMITED, HK),
Reverse DNS
Software: marco/3.2 /
Resource Hash: 0a560bd68140d0c0a7797ac2f72c3b5f4832435614b1c1cb8c0b105676af2dd9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20

Response headers

x-request-id: 453d5fd91d13634c54eb88b8ef7f4aca; 99adf0df115885b6310b3bd34d803327
x-upyun-content-length: 906297
cache-control: max-age=691200
content-encoding: br
etag: W/"a89a264256787ba40dca1e0edbc3b3bd"
age: 61541
x-source: U/200
via: T.208.M, V.403-zj-fud-200, S.pcw-cn-hkg-167, T.167.M, V.pcw-cn-hkg-167, T.133.H, M.gtt-de-fra3-133
expires: Wed, 09 Oct 2024 07:15:57 GMT
x-upyun-content-type: application/javascript
date: Wed, 02 Oct 2024 00:21:38 GMT
content-type: application/javascript
vary: Accept-Encoding
server: marco/3.2
last-modified: Tue, 01 Oct 2024 07:14:29 GMT

GET
H2 200 chunk-vendors.9c8469ab.js Show response
tx.youdou.mobi/jump/js/ 280 KB
111 KB 212ms
212ms Script
application/javascript 185.232.59.135
AOFEI-HK AOFEI DA...

General

Check archive.org

Show headers Download Go to

Full URL: https://tx.youdou.mobi/jump/js/chunk-vendors.9c8469ab.js
Requested by: Host: tx.youdou.mobi
URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.232.59.135 Frankfurt am Main, Germany, ASN135391 (AOFEI-HK AOFEI DATA INTERNATIONAL COMPANY LIMITED, HK),
Reverse DNS
Software: marco/3.2 /
Resource Hash: 635f4d8024965f395bdaa5eb32c8697d0d55b43f294d1ceb25ae12d787b02bd6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20

Response headers

x-request-id: d5d612c87cf427c97e3563ddf7f60968; 3986f16e57e2bb35c3df9f574849f0dd; 66ee29e143498b9e1c60982d87ad9ed1; e8f8c1c4ee3691effb97cb5150c69c79
x-upyun-content-length: 286691
cache-control: max-age=691200
content-encoding: br
etag: W/"735a9efbf2f05947236c46bd3f8ce9a0"
age: 61627
x-source: U/200
via: T.209.H, V.403-zj-fud-205, S.pcw-cn-hkg-167, T.167.H, V.pcw-cn-hkg-163, T.133.H, M.gtt-de-fra3-133
expires: Wed, 09 Oct 2024 07:14:31 GMT
x-upyun-content-type: application/javascript
date: Wed, 02 Oct 2024 00:21:38 GMT
content-type: application/javascript
vary: Accept-Encoding
server: marco/3.2
last-modified: Tue, 01 Oct 2024 07:14:29 GMT

OPTIONS
H/1.1 200 heartbeat
27.106.99.192/melody/api/v1/base/ 0
0 809ms
335ms Preflight 27.106.99.192
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL

https://27.106.99.192/melody/api/v1/base/heartbeat

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

27.106.99.192 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),

Reverse DNS

Software

openresty/1.21.4.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-auth-sign, x-auth-uu
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://tx.youdou.mobi
Access-Control-Expose-Headers: x-auth-token
Connection: keep-alive
Content-Length: 0
Date: Wed, 02 Oct 2024 00:21:39 GMT
Server: openresty/1.21.4.3
Strict-Transport-Security: max-age=31536000
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS heartbeat
ehflhcdf20.ydglxt.xyz/melody/api/v1/base/ 0
0

OPTIONS
H2 604 heartbeat
df168aa.com/melody/api/v1/base/ 0
0 1532ms
225ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168aa.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168bb.com/melody/api/v1/base/ 0
0 1502ms
223ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168bb.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168cc.com/melody/api/v1/base/ 0
0 1423ms
393ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168cc.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168dd.com/melody/api/v1/base/ 0
0 1576ms
224ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168dd.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168ee.com/melody/api/v1/base/ 0
0 1439ms
389ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168ee.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168ff.com/melody/api/v1/base/ 0
0 1217ms
223ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168ff.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168gg.com/melody/api/v1/base/ 0
0 1407ms
379ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168gg.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168hh.com/melody/api/v1/base/ 0
0 1221ms
225ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168hh.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168ii.com/melody/api/v1/base/ 0
0 1573ms
223ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168ii.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168jj.com/melody/api/v1/base/ 0
0 1236ms
223ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168jj.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168kk.com/melody/api/v1/base/ 0
0 1508ms
232ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168kk.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168ll.com/melody/api/v1/base/ 0
0 1579ms
222ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168ll.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168mm.com/melody/api/v1/base/ 0
0 1241ms
225ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168mm.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168nn.com/melody/api/v1/base/ 0
0 1320ms
223ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168nn.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168oo.com/melody/api/v1/base/ 0
0 1373ms
412ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168oo.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168pp.com/melody/api/v1/base/ 0
0 1228ms
224ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168pp.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168qq.com/melody/api/v1/base/ 0
0 1181ms
243ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168qq.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168rr.com/melody/api/v1/base/ 0
0 1195ms
258ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168rr.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

GET
H2 200 / Show response
v4.ident.me/ 12 B
135 B 123ms
37ms XHR
text/plain 49.12.234.183
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v4.ident.me/
Requested by: Host: tx.youdou.mobi
URL: https://tx.youdou.mobi/jump/js/chunk-vendors.9c8469ab.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 49.12.234.183 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: v4.ident.me
Software: nginx /
Resource Hash: aaf0c4933011cfa8e7ac69f2f53a850751cd1f7e832bae41b1c9401b37707197

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://tx.youdou.mobi/

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 12
date: Wed, 02 Oct 2024 00:21:39 GMT
content-type: text/plain
server: nginx

POST
H/1.1 200 heartbeat
27.106.99.192/melody/api/v1/base/ 16 B
546 B 339ms
338ms XHR
application/json 27.106.99.192
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL

https://27.106.99.192/melody/api/v1/base/heartbeat

Requested by

Host: tx.youdou.mobi
URL: https://tx.youdou.mobi/jump/js/chunk-vendors.9c8469ab.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

27.106.99.192 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),

Reverse DNS

Software

openresty/1.21.4.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

x-auth-sign: A1E5A9E1D41613297E9B85F248C48DC8
Referer: https://tx.youdou.mobi/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-auth-uu: 9b73941b-37b5-34fa-438c-ff7036ec41dc

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Access-Control-Expose-Headers: x-auth-token
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://tx.youdou.mobi
Date: Wed, 02 Oct 2024 00:21:40 GMT
Content-Type: application/json;charset=UTF-8
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Server: openresty/1.21.4.3

POST heartbeat
ehflhcdf20.ydglxt.xyz/melody/api/v1/base/ 0
0

POST heartbeat
df168aa.com/melody/api/v1/base/ 0
0

POST heartbeat
df168bb.com/melody/api/v1/base/ 0
0

POST heartbeat
df168cc.com/melody/api/v1/base/ 0
0

POST heartbeat
df168dd.com/melody/api/v1/base/ 0
0

POST heartbeat
df168ee.com/melody/api/v1/base/ 0
0

POST heartbeat
df168ff.com/melody/api/v1/base/ 0
0

POST heartbeat
df168gg.com/melody/api/v1/base/ 0
0

POST heartbeat
df168hh.com/melody/api/v1/base/ 0
0

POST heartbeat
df168ii.com/melody/api/v1/base/ 0
0

POST heartbeat
df168jj.com/melody/api/v1/base/ 0
0

POST heartbeat
df168kk.com/melody/api/v1/base/ 0
0

POST heartbeat
df168ll.com/melody/api/v1/base/ 0
0

POST heartbeat
df168mm.com/melody/api/v1/base/ 0
0

POST heartbeat
df168nn.com/melody/api/v1/base/ 0
0

POST heartbeat
df168oo.com/melody/api/v1/base/ 0
0

POST heartbeat
df168pp.com/melody/api/v1/base/ 0
0

POST heartbeat
df168qq.com/melody/api/v1/base/ 0
0

POST heartbeat
df168rr.com/melody/api/v1/base/ 0
0

OPTIONS
H2 604 heartbeat
df168ss.com/melody/api/v1/base/ 0
0 1210ms
273ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168ss.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

POST heartbeat
df168ss.com/melody/api/v1/base/ 0
0

POST heartbeat
df168tt.com/melody/api/v1/base/ 0
0

POST heartbeat
df168uu.com/melody/api/v1/base/ 0
0

POST heartbeat
df168vv.com/melody/api/v1/base/ 0
0

POST heartbeat
df168ww.com/melody/api/v1/base/ 0
0

POST heartbeat
df168xx.com/melody/api/v1/base/ 0
0

POST heartbeat
df168yy.com/melody/api/v1/base/ 0
0

POST heartbeat
df168zz.com/melody/api/v1/base/ 0
0

OPTIONS
H2 604 heartbeat
df168tt.com/melody/api/v1/base/ 0
0 1243ms
225ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168tt.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168uu.com/melody/api/v1/base/ 0
0 1386ms
403ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168uu.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168vv.com/melody/api/v1/base/ 0
0 1285ms
223ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168vv.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168ww.com/melody/api/v1/base/ 0
0 1146ms
226ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168ww.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168xx.com/melody/api/v1/base/ 0
0 1224ms
284ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168xx.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168yy.com/melody/api/v1/base/ 0
0 1464ms
404ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168yy.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168zz.com/melody/api/v1/base/ 0
0 1560ms
222ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168zz.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 02 Oct 2024 00:21:40 GMT
platform: polestarcloud.com
server: nginx

GET
H2 200 favicon.ico
tx.youdou.mobi/jump/ 17 KB
3 KB 48ms
47ms Other
image/x-icon 185.232.59.135
AOFEI-HK AOFEI DA...

General

Check archive.org

Show headers Download Go to

Full URL: https://tx.youdou.mobi/jump/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.232.59.135 Frankfurt am Main, Germany, ASN135391 (AOFEI-HK AOFEI DATA INTERNATIONAL COMPANY LIMITED, HK),
Reverse DNS
Software: marco/3.2 /
Resource Hash: 8f627721af159728b217a7531702e14fc2d21cdb39336ae595b58e49fd884f99

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20

Response headers

x-request-id: bf9f23899f1032000387aad56400545c; 9abc850a1d87ac25f21ccbc4ce11289b; d428f3a2bfdeaa5180fc05654bf7b556; ea2ac1c6d0d78dc59403fff251bfeb8a
x-upyun-content-length: 16958
cache-control: max-age=691200
content-encoding: br
etag: W/"67db5cdd3d73513556bd207d179eb96b"
age: 61628
x-source: U/200
via: T.208.H, V.403-zj-fud-200, S.pcw-cn-hkg-167, T.167.H, V.pcw-cn-hkg-166, T.133.H, M.gtt-de-fra3-133
expires: Wed, 09 Oct 2024 07:14:31 GMT
x-upyun-content-type: image/x-icon
date: Wed, 02 Oct 2024 00:21:39 GMT
content-type: image/x-icon
vary: Accept-Encoding
server: marco/3.2
last-modified: Tue, 01 Oct 2024 07:14:29 GMT

GET
H/1.1 200
OK Primary Request / Show response
27.106.99.192/ 1 KB
2 KB 677ms
227ms Document
text/html 27.106.99.192
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL

https://27.106.99.192:1085/

Requested by

Host: tx.youdou.mobi
URL: https://tx.youdou.mobi/jump/js/app.1a3699a9.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

27.106.99.192 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),

Reverse DNS

Software

openresty/1.21.4.3 /

Resource Hash

ad1288487806fd0d17bbf990e59e52c6f2705375d4be4c0be5da16d9cfc52a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://tx.youdou.mobi/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 1501
Content-Type: text/html
Date: Wed, 02 Oct 2024 00:21:40 GMT
ETag: "663c34e9-5dd"
Last-Modified: Thu, 09 May 2024 02:28:57 GMT
Server: openresty/1.21.4.3
Strict-Transport-Security: max-age=31536000

GET
H/1.1 200
OK slider-min.js Show response
27.106.99.192/slider/ 28 KB
28 KB 455ms
453ms Script
application/javascript 27.106.99.192
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL

https://27.106.99.192:1085/slider/slider-min.js

Requested by

Host: 27.106.99.192
URL: https://27.106.99.192:1085/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

27.106.99.192 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),

Reverse DNS

Software

openresty/1.21.4.3 /

Resource Hash

338d05f78c12a8c2f4c2f3f50a47400fdd9a8e8d76a417742447cefc7d341c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://27.106.99.192:1085/

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "663c34eb-7091"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28817
Date: Wed, 02 Oct 2024 00:21:41 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 May 2024 02:28:59 GMT
Server: openresty/1.21.4.3

GET
H/1.1 200
OK index.js Show response
27.106.99.192/slider/ 5 KB
5 KB 658ms
220ms Script
application/javascript 27.106.99.192
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL

https://27.106.99.192:1085/slider/index.js

Requested by

Host: 27.106.99.192
URL: https://27.106.99.192:1085/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

27.106.99.192 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),

Reverse DNS

Software

openresty/1.21.4.3 /

Resource Hash

4c1b40d6956bbefb575c3d662d1f2654a0628fb1b2fe979e2f0a56e56767fa6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://27.106.99.192:1085/

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "663c34eb-1304"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4868
Date: Wed, 02 Oct 2024 00:21:41 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 May 2024 02:28:59 GMT
Server: openresty/1.21.4.3

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02a58e6412f474b7393c5bfbad51a827a857cb5a51c9e281132a258755eb3db7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07131d9f1f0e99cb17f2535be96d96bacd6e91d39c7ccf9e44422d0be5c1f4f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df8beb4ef505f691e502f07b2c2912e13f8c4e1d31c3a34bdbe2b1bd4ecec9e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5364fa6823567959a41816ee2c4d6574173a5c7f959dee316c3986377f5f034d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b128ab68072cf9c4ea46e2572966b4f41d9055a6032161883e5db4861051ccfd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H/1.1 404
Not Found favicon.ico
27.106.99.192/ 561 B
722 B 220ms
220ms Other
text/html 27.106.99.192
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://27.106.99.192:1085/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 27.106.99.192 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
Software: openresty/1.21.4.3 /
Resource Hash: 0205965f6eab82334d4f810423055204eebcf2c5c81e0d3eea261788227ad52c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://27.106.99.192:1085/

Response headers

Content-Length: 561
Date: Wed, 02 Oct 2024 00:21:41 GMT
Content-Type: text/html
Server: openresty/1.21.4.3
Connection: keep-alive

GET
H/1.1 200
OK slider.png
27.106.99.192/img/ 123 KB
124 KB 440ms
439ms Image
image/png 27.106.99.192
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://27.106.99.192:1085/img/slider.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

27.106.99.192 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),

Reverse DNS

Software

openresty/1.21.4.3 /

Resource Hash

59c86a7438fc46cf71c90cd563cd32f5cce0432253050e1bca3b41d7a3d7a4e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://27.106.99.192:1085/

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "663c34eb-1ed22"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 126242
Date: Wed, 02 Oct 2024 00:21:42 GMT
Content-Type: image/png
Last-Modified: Thu, 09 May 2024 02:28:59 GMT
Server: openresty/1.21.4.3

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ehflhcdf20.ydglxt.xyz
URL: https://ehflhcdf20.ydglxt.xyz/melody/api/v1/base/heartbeat

Domain: ehflhcdf20.ydglxt.xyz
URL: https://ehflhcdf20.ydglxt.xyz/melody/api/v1/base/heartbeat

Domain: df168aa.com
URL: https://df168aa.com/melody/api/v1/base/heartbeat

Domain: df168bb.com
URL: https://df168bb.com/melody/api/v1/base/heartbeat

Domain: df168cc.com
URL: https://df168cc.com/melody/api/v1/base/heartbeat

Domain: df168dd.com
URL: https://df168dd.com/melody/api/v1/base/heartbeat

Domain: df168ee.com
URL: https://df168ee.com/melody/api/v1/base/heartbeat

Domain: df168ff.com
URL: https://df168ff.com/melody/api/v1/base/heartbeat

Domain: df168gg.com
URL: https://df168gg.com/melody/api/v1/base/heartbeat

Domain: df168hh.com
URL: https://df168hh.com/melody/api/v1/base/heartbeat

Domain: df168ii.com
URL: https://df168ii.com/melody/api/v1/base/heartbeat

Domain: df168jj.com
URL: https://df168jj.com/melody/api/v1/base/heartbeat

Domain: df168kk.com
URL: https://df168kk.com/melody/api/v1/base/heartbeat

Domain: df168ll.com
URL: https://df168ll.com/melody/api/v1/base/heartbeat

Domain: df168mm.com
URL: https://df168mm.com/melody/api/v1/base/heartbeat

Domain: df168nn.com
URL: https://df168nn.com/melody/api/v1/base/heartbeat

Domain: df168oo.com
URL: https://df168oo.com/melody/api/v1/base/heartbeat

Domain: df168pp.com
URL: https://df168pp.com/melody/api/v1/base/heartbeat

Domain: df168qq.com
URL: https://df168qq.com/melody/api/v1/base/heartbeat

Domain: df168rr.com
URL: https://df168rr.com/melody/api/v1/base/heartbeat

Domain: df168ss.com
URL: https://df168ss.com/melody/api/v1/base/heartbeat

Domain: df168tt.com
URL: https://df168tt.com/melody/api/v1/base/heartbeat

Domain: df168uu.com
URL: https://df168uu.com/melody/api/v1/base/heartbeat

Domain: df168vv.com
URL: https://df168vv.com/melody/api/v1/base/heartbeat

Domain: df168ww.com
URL: https://df168ww.com/melody/api/v1/base/heartbeat

Domain: df168xx.com
URL: https://df168xx.com/melody/api/v1/base/heartbeat

Domain: df168yy.com
URL: https://df168yy.com/melody/api/v1/base/heartbeat

Domain: df168zz.com
URL: https://df168zz.com/melody/api/v1/base/heartbeat

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0x3518 function| _0x5727 function| captcha object| Slider

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

54 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ehflhcdf20.ydglxt.xyz/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_SSL_UNRECOGNIZED_NAME_ALERT
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168ww.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168ww.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168qq.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168qq.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168rr.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168rr.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168ss.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168ss.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168ff.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168ff.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168hh.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168hh.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168xx.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168xx.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168pp.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168pp.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168jj.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168jj.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168mm.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168mm.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168tt.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168tt.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168vv.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168vv.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168nn.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168nn.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168oo.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168oo.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168uu.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168uu.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168gg.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168gg.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168cc.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168cc.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168ee.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168ee.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168yy.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168yy.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168bb.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168bb.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168kk.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168kk.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168aa.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168aa.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168zz.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168zz.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168ii.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168ii.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168dd.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168dd.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168ll.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168ll.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://27.106.99.192:1085/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bdfdwyqrqsc.xyz
cwurl.cn
df168aa.com
df168bb.com
df168cc.com
df168dd.com
df168ee.com
df168ff.com
df168gg.com
df168hh.com
df168ii.com
df168jj.com
df168kk.com
df168ll.com
df168mm.com
df168nn.com
df168oo.com
df168pp.com
df168qq.com
df168rr.com
df168ss.com
df168tt.com
df168uu.com
df168vv.com
df168ww.com
df168xx.com
df168yy.com
df168zz.com
ehflhcdf20.ydglxt.xyz
tx.youdou.mobi
v4.ident.me
df168aa.com
df168bb.com
df168cc.com
df168dd.com
df168ee.com
df168ff.com
df168gg.com
df168hh.com
df168ii.com
df168jj.com
df168kk.com
df168ll.com
df168mm.com
df168nn.com
df168oo.com
df168pp.com
df168qq.com
df168rr.com
df168ss.com
df168tt.com
df168uu.com
df168vv.com
df168ww.com
df168xx.com
df168yy.com
df168zz.com
ehflhcdf20.ydglxt.xyz
121.41.98.191
185.232.59.135
20.2.16.163
27.106.99.192
49.12.234.183
54.67.42.145
0205965f6eab82334d4f810423055204eebcf2c5c81e0d3eea261788227ad52c
02a58e6412f474b7393c5bfbad51a827a857cb5a51c9e281132a258755eb3db7
07131d9f1f0e99cb17f2535be96d96bacd6e91d39c7ccf9e44422d0be5c1f4f5
0a560bd68140d0c0a7797ac2f72c3b5f4832435614b1c1cb8c0b105676af2dd9
338d05f78c12a8c2f4c2f3f50a47400fdd9a8e8d76a417742447cefc7d341c76
4c1b40d6956bbefb575c3d662d1f2654a0628fb1b2fe979e2f0a56e56767fa6f
5364fa6823567959a41816ee2c4d6574173a5c7f959dee316c3986377f5f034d
59c86a7438fc46cf71c90cd563cd32f5cce0432253050e1bca3b41d7a3d7a4e3
635f4d8024965f395bdaa5eb32c8697d0d55b43f294d1ceb25ae12d787b02bd6
7d21a0b0d02215603618755e41981d85d3d5bf821276533d5867da47ce28403d
8f627721af159728b217a7531702e14fc2d21cdb39336ae595b58e49fd884f99
aaf0c4933011cfa8e7ac69f2f53a850751cd1f7e832bae41b1c9401b37707197
ad1288487806fd0d17bbf990e59e52c6f2705375d4be4c0be5da16d9cfc52a7f
b128ab68072cf9c4ea46e2572966b4f41d9055a6032161883e5db4861051ccfd
df8beb4ef505f691e502f07b2c2912e13f8c4e1d31c3a34bdbe2b1bd4ecec9e0

27.106.99.192 Open in urlscan Pro 27.106.99.192 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

66 Requests

58 %HTTPS

0 %IPv6

31 Domains

31 Subdomains

5 IPs

4 Countries

722 kBTransfer

1352 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

27.106.99.192 Open in urlscan Pro
27.106.99.192 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

58 %
HTTPS

0 %
IPv6

31
Domains

31
Subdomains

5
IPs

4
Countries

722 kB
Transfer

1352 kB
Size

0
Cookies

66 HTTP transactions
5 data transactions