wxllq.gz01.bdysite.com Open in urlscan Pro
240e:ff:e020:32:0:ff:b07e:45cd Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://accountspubg.com/
Effective URL:
http://wxllq.gz01.bdysite.com/gotopc.html
Submission: On May 12 via api (May 12th 2020, 6:55:15 pm UTC) from US

Summary HTTP 17 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 17 HTTP transactions. The main IP is 240e:ff:e020:32:0:ff:b07e:45cd, located in China and belongs to CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN. The main domain is wxllq.gz01.bdysite.com.

This is the only time wxllq.gz01.bdysite.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	103.121.92.140 103.121.92.140	136160 (BSYNTCL-A...) (BSYNTCL-AS-AP Beijing Shijihulian Yuntong Network Technology Co.)
3	240e:ff:e020:... 240e:ff:e020:32:0:ff:b07e:45cd	58466 (CT-GUANGZ...) (CT-GUANGZHOU-IDC CHINANET Guangdong province network)
4	120.222.213.209 120.222.213.209	24444 (CMNET-V4S...) (CMNET-V4SHANDONG-AS-AP Shandong Mobile Communication Company Limited)
4	101.89.124.234 101.89.124.234	4812 (CHINANET-...) (CHINANET-SH-AP China Telecom (Group))
2	2401:b180:200... 2401:b180:2000:20::23	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
1	104.192.108.17 104.192.108.17	55992 (QIHOO Bei...) (QIHOO Beijing Qihu Technology Company Limited)
1	198.11.132.221 198.11.132.221	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
17	7

2 103.121.92.140 (China)

ASN136160 (BSYNTCL-AS-AP Beijing Shijihulian Yuntong Network Technology Co., Ltd., CN)

accountspubg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 240e:ff:e020:32:0:ff:b07e:45cd (China)

ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN)

wxllq.gz01.bdysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 120.222.213.209 (China)

ASN24444 (CMNET-V4SHANDONG-AS-AP Shandong Mobile Communication Company Limited, CN)

liulanqi.bj01.bdysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 101.89.124.234 (China)

ASN4812 (CHINANET-SH-AP China Telecom (Group), CN)

s95.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s23.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2401:b180:2000:20::23 (China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

z4.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z5.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.192.108.17 (United States)

ASN55992 (QIHOO Beijing Qihu Technology Company Limited, CN)

dl.360safe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.11.132.221 (San Mateo, United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

cnzz.mmstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	bdysite.com wxllq.gz01.bdysite.com liulanqi.bj01.bdysite.com	134 KB
6	cnzz.com s95.cnzz.com c.cnzz.com z4.cnzz.com s23.cnzz.com z5.cnzz.com	11 KB
2	accountspubg.com accountspubg.com	1 KB
1	mmstat.com cnzz.mmstat.com	381 B
1	360safe.com dl.360safe.com
17	5

	Domain	Requested by
4	liulanqi.bj01.bdysite.com	wxllq.gz01.bdysite.com
3	wxllq.gz01.bdysite.com	accountspubg.com wxllq.gz01.bdysite.com
2	c.cnzz.com	s95.cnzz.com s23.cnzz.com
2	accountspubg.com	accountspubg.com
1	z5.cnzz.com	wxllq.gz01.bdysite.com
1	s23.cnzz.com	wxllq.gz01.bdysite.com
1	cnzz.mmstat.com	wxllq.gz01.bdysite.com
1	dl.360safe.com	wxllq.gz01.bdysite.com
1	z4.cnzz.com	wxllq.gz01.bdysite.com
1	s95.cnzz.com	wxllq.gz01.bdysite.com
17	10

This site contains links to these domains. Also see Links.

Domain
192.168.0.1
192.168.1.1
www.cnzz.com

Subject Issuer	Validity	Valid
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-02-04` - `2021-02-04`	a year	crt.sh
*.mmstat.com GlobalSign Organization Validation CA - SHA256 - G2	`2019-07-29` - `2020-07-29`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://wxllq.gz01.bdysite.com/gotopc.html
Frame ID: 190C006164BCAC51F119460F06AB7723
Requests: 15 HTTP requests in this frame

Frame: http://dl.360safe.com/netunion/20140425/360safe+251289+n7ddbb65c96.exe
Frame ID: 61F7C2835D209B9AA039D8EE134EBC12
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://accountspubg.com/ Page URL
http://wxllq.gz01.bdysite.com/gotopc.html Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

17
Requests

35 %
HTTPS

29 %
IPv6

5
Domains

10
Subdomains

7
IPs

2
Countries

147 kB
Transfer

160 kB
Size

2
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://192.168.0.1/
Title: 192.168.0.1

Search URL Search Domain Scan URL

URL: http://192.168.1.1/
Title: 192.168.1.1

Search URL Search Domain Scan URL

URL: https://www.cnzz.com/stat/website.php?web_id=1254433810
Title: 站长统计

Search URL Search Domain Scan URL

URL: https://www.cnzz.com/stat/website.php?web_id=1276082832
Title: 站长统计

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://accountspubg.com/ Page URL
http://wxllq.gz01.bdysite.com/gotopc.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response accountspubg.com/	91 B 480 B	1421ms 428ms	Document text/html	103.121.92.140 BSYNTCL-AS-AP Bei...
General Check archive.org Show headers Download Go to Full URL http://accountspubg.com/ Protocol HTTP/1.1 Server 103.121.92.140 , China, ASN136160 (BSYNTCL-AS-AP Beijing Shijihulian Yuntong Network Technology Co., Ltd., CN), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `78fef8a399b2a3d0f210c3e9037b79735d28383c97a6ad937517866d6ac815a2` Request headers Host accountspubg.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type text/html Content-Encoding gzip Last-Modified Sun, 22 Mar 2020 15:09:52 GMT Accept-Ranges bytes ETag "5e4641f05b0d61:0" Vary Accept-Encoding Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Date Tue, 12 May 2020 18:53:28 GMT Content-Length 187
GET H/1.1	200 OK	goto.js Show response accountspubg.com/	1 KB 990 B	224ms 223ms	Script application/javascript	103.121.92.140 BSYNTCL-AS-AP Bei...
General Check archive.org Show headers Download Go to Full URL http://accountspubg.com/goto.js Requested by Host: accountspubg.com URL: http://accountspubg.com/ Protocol HTTP/1.1 Server 103.121.92.140 , China, ASN136160 (BSYNTCL-AS-AP Beijing Shijihulian Yuntong Network Technology Co., Ltd., CN), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `e428238c8cb72e44ec6d063f53b9e20920486d00f5806c2039a7c55732eeca82` Request headers Referer http://accountspubg.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 12 May 2020 18:53:29 GMT Content-Encoding gzip Last-Modified Fri, 10 Jan 2020 05:59:45 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "6c991287bc7d51:0" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 684
GET H/1.1	200 OK	Primary Request Cookie set gotopc.html Show response wxllq.gz01.bdysite.com/	4 KB 2 KB	739ms 261ms	Document text/html	240e:ff:e020:32:0:ff:b07e:45cd CT-GUANGZHOU-IDC ...
General Check archive.org Show headers Download Go to Full URL http://wxllq.gz01.bdysite.com/gotopc.html Requested by Host: accountspubg.com URL: http://accountspubg.com/goto.js Protocol HTTP/1.1 Server 240e:ff:e020:32:0:ff:b07e:45cd , China, ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN), Reverse DNS Software openresty / Resource Hash `76003c4e9328106fb6745d83e94d8a13656f1e301f181ee921a880032f7dc76e` Request headers Host wxllq.gz01.bdysite.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://accountspubg.com/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://accountspubg.com/ Response headers Server openresty Date Tue, 12 May 2020 18:54:51 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Last-Modified Tue, 05 May 2020 10:40:46 GMT Vary Accept-Encoding ETag W/"5eb142ae-e82" Content-Encoding gzip Set-Cookie BAEID=6D00F28528FDF1F44570CFCF3784CB19; expires=Wed, 12-May-21 18:54:51 GMT; max-age=31536000; path=/; version=1
GET H/1.1	200 OK	goto.js Show response wxllq.gz01.bdysite.com/	1 KB 1 KB	994ms 993ms	Script application/javascript	240e:ff:e020:32:0:ff:b07e:45cd CT-GUANGZHOU-IDC ...
General Check archive.org Show headers Download Go to Full URL http://wxllq.gz01.bdysite.com/goto.js Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol HTTP/1.1 Server 240e:ff:e020:32:0:ff:b07e:45cd , China, ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN), Reverse DNS Software openresty / Resource Hash `2bd907d420a4ab5b3455ed79b0c89d4cf54241d0ea18dd38f24131c6ac1de05e` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 12 May 2020 18:54:52 GMT Last-Modified Fri, 05 Jul 2019 02:37:51 GMT Server openresty ETag "5d1eb7ff-460" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1120
GET H/1.1	200 OK	2.jpg liulanqi.bj01.bdysite.com/pic/	27 KB 28 KB	789ms 472ms	Image image/jpeg	120.222.213.209 CMNET-V4SHANDONG-...
General Check archive.org Show headers Download Go to Show image Full URL http://liulanqi.bj01.bdysite.com/pic/2.jpg Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol HTTP/1.1 Server 120.222.213.209 , China, ASN24444 (CMNET-V4SHANDONG-AS-AP Shandong Mobile Communication Company Limited, CN), Reverse DNS Software openresty / Resource Hash `09a47e303a29d37249377e762cc636239b5dfd24a5ff9e7a4a20e8f5a76da9c1` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 12 May 2020 18:54:52 GMT Last-Modified Sat, 29 Feb 2020 12:57:02 GMT Server openresty ETag "5e5a5f9e-6d9b" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 28059
GET H/1.1	200 OK	2-2.jpg liulanqi.bj01.bdysite.com/pic/	22 KB 22 KB	287ms 285ms	Image image/jpeg	120.222.213.209 CMNET-V4SHANDONG-...
General Check archive.org Show headers Download Go to Show image Full URL http://liulanqi.bj01.bdysite.com/pic/2-2.jpg Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol HTTP/1.1 Server 120.222.213.209 , China, ASN24444 (CMNET-V4SHANDONG-AS-AP Shandong Mobile Communication Company Limited, CN), Reverse DNS Software openresty / Resource Hash `c154505bfbe11cb832ccdec8952202cca437956c78568fcbd2ea585b816bc0f0` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 12 May 2020 18:54:53 GMT Last-Modified Sat, 29 Feb 2020 12:57:02 GMT Server openresty ETag "5e5a5f9e-56ce" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 22222
GET H/1.1	200 OK	kuaishou.png liulanqi.bj01.bdysite.com/pic/	11 KB 11 KB	260ms 240ms	Image image/png	120.222.213.209 CMNET-V4SHANDONG-...
General Check archive.org Show headers Download Go to Show image Full URL http://liulanqi.bj01.bdysite.com/pic/kuaishou.png Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol HTTP/1.1 Server 120.222.213.209 , China, ASN24444 (CMNET-V4SHANDONG-AS-AP Shandong Mobile Communication Company Limited, CN), Reverse DNS Software openresty / Resource Hash `9f32ddfe0c9315c45615cef343d590260dabcff5e1b4832add4e0715709e77c5` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 12 May 2020 18:54:53 GMT Last-Modified Wed, 15 Apr 2020 09:30:42 GMT Server openresty ETag "5e96d442-2a04" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 10756
GET H/1.1	200 OK	douyin.jpg liulanqi.bj01.bdysite.com/pic/	69 KB 69 KB	511ms 248ms	Image image/jpeg	120.222.213.209 CMNET-V4SHANDONG-...
General Check archive.org Show headers Download Go to Show image Full URL http://liulanqi.bj01.bdysite.com/pic/douyin.jpg Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol HTTP/1.1 Server 120.222.213.209 , China, ASN24444 (CMNET-V4SHANDONG-AS-AP Shandong Mobile Communication Company Limited, CN), Reverse DNS Software openresty / Resource Hash `4acf631693b8ed95e482e866ace749a8955282375d6147dedfdf2ddae8bd3b19` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 12 May 2020 18:54:53 GMT Last-Modified Thu, 26 Mar 2020 06:21:08 GMT Server openresty ETag "5e7c49d4-11455" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 70741
GET H2	200	z_stat.php Show response s95.cnzz.com/	12 KB 4 KB	201ms 199ms	Script application/javascript	101.89.124.234 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Full URL https://s95.cnzz.com/z_stat.php?id=1254433810&web_id=1254433810 Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 101.89.124.234 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN), Reverse DNS Software Tengine / PHP/5.5.25 Resource Hash `9caf54010c3f5fc364af7ee63c6ee2b485e5a98b55bc7afe9a40b1ae9430a1e7` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 12 May 2020 18:00:47 GMT content-encoding gzip age 3246 x-powered-by PHP/5.5.25 x-cache HIT TCP_MEM_HIT dirn:12:52908957 status 200 x-swift-cachetime 5400 x-swift-savetime Tue, 12 May 2020 18:00:47 GMT content-length 4082 last-modified Tue, 12 May 2020 18:00:47 GMT server Tengine vary Accept-Encoding ali-swift-global-savetime 1589306447 content-type application/javascript via cache26.l2cn1807[42,200-0,M], cache14.l2cn1807[42,0], cache20.cn1401[0,200-0,H], cache13.cn1401[1,0] cache-control max-age=5400,s-maxage=5400 timing-allow-origin * eagleid 65597c2115893096930593482e
GET H/1.1	200 OK	apk.html Show response wxllq.gz01.bdysite.com/ Frame 61F7	601 B 836 B	256ms 255ms	Document text/html	240e:ff:e020:32:0:ff:b07e:45cd CT-GUANGZHOU-IDC ...
General Check archive.org Show headers Download Go to Full URL http://wxllq.gz01.bdysite.com/apk.html Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol HTTP/1.1 Server 240e:ff:e020:32:0:ff:b07e:45cd , China, ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN), Reverse DNS Software openresty / Resource Hash `7ccdd1ca2762ce9200fb640e34c9ef80ccdbbbecd40b6a418ccaac1490e9a4bc` Request headers Host wxllq.gz01.bdysite.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://wxllq.gz01.bdysite.com/gotopc.html Accept-Encoding gzip, deflate Accept-Language en-US Cookie BAEID=6D00F28528FDF1F44570CFCF3784CB19 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://wxllq.gz01.bdysite.com/gotopc.html Response headers Server openresty Date Tue, 12 May 2020 18:54:53 GMT Content-Type text/html Content-Length 601 Connection keep-alive Last-Modified Mon, 04 May 2020 12:53:16 GMT ETag "5eb0103c-259" Accept-Ranges bytes
GET H2	200	core.php Show response c.cnzz.com/	969 B 874 B	212ms 211ms	Script application/javascript	101.89.124.234 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Full URL https://c.cnzz.com/core.php?web_id=1254433810&t=z Requested by Host: s95.cnzz.com URL: https://s95.cnzz.com/z_stat.php?id=1254433810&web_id=1254433810 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 101.89.124.234 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN), Reverse DNS Software Tengine / PHP/5.5.25 Resource Hash `ec6eaf9eb1698f45187862b1b4ac96b92f75c590e3e23df9b7473ba4ad7743c6` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Tue, 12 May 2020 18:53:33 GMT content-encoding gzip age 80 x-powered-by PHP/5.5.25 x-cache HIT TCP_MEM_HIT dirn:-2:-2 status 200 x-swift-cachetime 900 x-swift-savetime Tue, 12 May 2020 18:53:33 GMT content-length 619 last-modified Tue, 12 May 2020 18:53:33 GMT server Tengine vary Accept-Encoding ali-swift-global-savetime 1568525800 content-type application/javascript via cache28.l2cn1807[0,200-0,H], cache31.l2cn1807[0,0], cache19.cn1401[0,200-0,H], cache13.cn1401[0,0] timing-allow-origin * eagleid 65597c2115893096932803726e expires Tue, 12 May 2020 19:08:33 GMT
GET H2	200	stat.htm z4.cnzz.com/	2 B 112 B	1557ms 699ms	Image text/html	2401:b180:2000:20::23 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Show image Full URL https://z4.cnzz.com/stat.htm?id=1254433810&r=http%3A%2F%2Faccountspubg.com%2F&lg=en-us&ntime=none&cnzz_eid=675043927-1589306447-null&showp=1600x1200&p=http%3A%2F%2Fwxllq.gz01.bdysite.com%2Fgotopc.html&t=%E6%8A%96%E9%9F%B3%E5%BF%AB%E6%89%8B%E7%A6%8F%E5%88%A9%EF%BC%8C%E6%8A%96%E9%9F%B3%E5%8F%B7%EF%BC%9A228822%EF%BC%9B%E5%BF%AB%E6%89%8B%E5%8F%B7%EF%BC%9A999123456&umuuid=1720a3d5ce7a21-09c1431ffd362f-37647e03-1d4c00-1720a3d5ce8a02&h=1&rnd=710913233 Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2401:b180:2000:20::23 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Tue, 12 May 2020 18:54:54 GMT content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=utf-8
GET H/1.1	200 OK	360safe+251289+n7ddbb65c96.exe dl.360safe.com/netunion/20140425/ Frame 61F7	0 0	735ms 283ms	Document application/octet-stream	104.192.108.17 QIHOO Beijing Qih...
General Check archive.org Show headers Download Go to Full URL http://dl.360safe.com/netunion/20140425/360safe+251289+n7ddbb65c96.exe Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/apk.html Protocol HTTP/1.1 Server 104.192.108.17 , United States, ASN55992 (QIHOO Beijing Qihu Technology Company Limited, CN), Reverse DNS Software nginx / Resource Hash Request headers Host dl.360safe.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://wxllq.gz01.bdysite.com/apk.html Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://wxllq.gz01.bdysite.com/apk.html Response headers Server nginx Date Tue, 12 May 2020 18:54:53 GMT Content-Type application/octet-stream Content-Length 90427024 Last-Modified Fri, 08 May 2020 08:48:35 GMT Connection close Expires Wed, 13 May 2020 02:54:53 GMT Cache-Control max-age=28800 Accept-Ranges bytes
GET H2	200	9.gif cnzz.mmstat.com/	43 B 381 B	445ms 150ms	Image image/gif	198.11.132.221 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://cnzz.mmstat.com/9.gif?abc=1&rnd=684668790 Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.11.132.221 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash `cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Tue, 12 May 2020 18:54:53 GMT server nginx p3p CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV" status 200 cache-control no-cache content-type image/gif content-length 43 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	z_stat.php Show response s23.cnzz.com/	12 KB 5 KB	399ms 383ms	Script application/javascript	101.89.124.234 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Full URL http://s23.cnzz.com/z_stat.php?id=1276082832 Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol HTTP/1.1 Server 101.89.124.234 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN), Reverse DNS Software Tengine / PHP/5.5.25 Resource Hash `e32adbfd88a7cd02bcb666d0c1a75696ab83273cc48bc2cde32a1c82009fbe98` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Tue, 12 May 2020 17:31:07 GMT Content-Encoding gzip Age 5026 X-Powered-By PHP/5.5.25 X-Cache HIT TCP_MEM_HIT dirn:13:497209969 X-Swift-CacheTime 5146 Connection keep-alive Content-Length 4082 Last-Modified Tue, 12 May 2020 17:31:07 GMT Server Tengine Vary Accept-Encoding Ali-Swift-Global-Savetime 1565857824 Content-Type application/javascript Via cache37.l2cn1807[0,200-0,H], cache41.l2cn1807[0,0], cache13.cn1401[0,200-0,H], cache5.cn1401[0,0] Cache-Control max-age=5400,s-maxage=5400 Timing-Allow-Origin * EagleId 65597c1915893096936811164e X-Swift-SaveTime Tue, 12 May 2020 17:35:21 GMT
GET H2	200	core.php Show response c.cnzz.com/	969 B 877 B	200ms 199ms	Script application/javascript	101.89.124.234 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Full URL https://c.cnzz.com/core.php?web_id=1276082832&t=z Requested by Host: s23.cnzz.com URL: http://s23.cnzz.com/z_stat.php?id=1276082832 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 101.89.124.234 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN), Reverse DNS Software Tengine / PHP/5.5.25 Resource Hash `c3e5c85d059df961a01d4700dc8ec680ddd25b6cf1ce9bb3e7b3a3ac2b193979` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Tue, 12 May 2020 18:43:07 GMT content-encoding gzip age 706 x-powered-by PHP/5.5.25 x-cache HIT TCP_MEM_HIT dirn:-2:-2 status 200 x-swift-cachetime 900 x-swift-savetime Tue, 12 May 2020 18:43:07 GMT content-length 620 last-modified Tue, 12 May 2020 18:43:07 GMT server Tengine vary Accept-Encoding ali-swift-global-savetime 1589308987 content-type application/javascript via cache17.l2cn1807[60,200-0,M], cache17.l2cn1807[61,0], cache6.cn1401[0,200-0,H], cache13.cn1401[1,0] timing-allow-origin * eagleid 65597c2115893096938884403e expires Tue, 12 May 2020 18:58:07 GMT
GET H2	200	stat.htm z5.cnzz.com/	2 B 46 B	936ms 685ms	Image text/html	2401:b180:2000:20::23 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Show image Full URL https://z5.cnzz.com/stat.htm?id=1276082832&r=http%3A%2F%2Faccountspubg.com%2F&lg=en-us&ntime=none&cnzz_eid=1426036645-1589304667-null&showp=1600x1200&p=http%3A%2F%2Fwxllq.gz01.bdysite.com%2Fgotopc.html&t=%E6%8A%96%E9%9F%B3%E5%BF%AB%E6%89%8B%E7%A6%8F%E5%88%A9%EF%BC%8C%E6%8A%96%E9%9F%B3%E5%8F%B7%EF%BC%9A228822%EF%BC%9B%E5%BF%AB%E6%89%8B%E5%8F%B7%EF%BC%9A999123456&umuuid=1720a3d5f549e6-05ddcacfe46553-37647e03-1d4c00-1720a3d5f5599e&h=1&rnd=216414297 Requested by Host: wxllq.gz01.bdysite.com URL: http://wxllq.gz01.bdysite.com/gotopc.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2401:b180:2000:20::23 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://wxllq.gz01.bdysite.com/gotopc.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Tue, 12 May 2020 18:54:54 GMT content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			wxllq.gz01.bdysite.com/	1970-01-19 13:50:34	Name: CNZZDATA1276082832 Value: 1426036645-1589304667-null%7C1589304667
			.bdysite.com/	1970-01-19 13:50:34	Name: UM_distinctid Value: 1720a3d5f549e6-05ddcacfe46553-37647e03-1d4c00-1720a3d5f5599e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accountspubg.com
c.cnzz.com
cnzz.mmstat.com
dl.360safe.com
liulanqi.bj01.bdysite.com
s23.cnzz.com
s95.cnzz.com
wxllq.gz01.bdysite.com
z4.cnzz.com
z5.cnzz.com
101.89.124.234
103.121.92.140
104.192.108.17
120.222.213.209
198.11.132.221
2401:b180:2000:20::23
240e:ff:e020:32:0:ff:b07e:45cd
09a47e303a29d37249377e762cc636239b5dfd24a5ff9e7a4a20e8f5a76da9c1
2bd907d420a4ab5b3455ed79b0c89d4cf54241d0ea18dd38f24131c6ac1de05e
4acf631693b8ed95e482e866ace749a8955282375d6147dedfdf2ddae8bd3b19
76003c4e9328106fb6745d83e94d8a13656f1e301f181ee921a880032f7dc76e
78fef8a399b2a3d0f210c3e9037b79735d28383c97a6ad937517866d6ac815a2
7ccdd1ca2762ce9200fb640e34c9ef80ccdbbbecd40b6a418ccaac1490e9a4bc
9caf54010c3f5fc364af7ee63c6ee2b485e5a98b55bc7afe9a40b1ae9430a1e7
9f32ddfe0c9315c45615cef343d590260dabcff5e1b4832add4e0715709e77c5
c154505bfbe11cb832ccdec8952202cca437956c78568fcbd2ea585b816bc0f0
c3e5c85d059df961a01d4700dc8ec680ddd25b6cf1ce9bb3e7b3a3ac2b193979
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e32adbfd88a7cd02bcb666d0c1a75696ab83273cc48bc2cde32a1c82009fbe98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e428238c8cb72e44ec6d063f53b9e20920486d00f5806c2039a7c55732eeca82
ec6eaf9eb1698f45187862b1b4ac96b92f75c590e3e23df9b7473ba4ad7743c6

wxllq.gz01.bdysite.com Open in urlscan Pro 240e:ff:e020:32:0:ff:b07e:45cd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

35 %HTTPS

29 %IPv6

5 Domains

10 Subdomains

7 IPs

2 Countries

147 kBTransfer

160 kBSize

2 Cookies

4 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

2 Cookies

Indicators

wxllq.gz01.bdysite.com Open in urlscan Pro
240e:ff:e020:32:0:ff:b07e:45cd Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

35 %
HTTPS

29 %
IPv6

5
Domains

10
Subdomains

7
IPs

2
Countries

147 kB
Transfer

160 kB
Size

2
Cookies

17 HTTP transactions
0 data transactions