urlscan.io logo urlscan.io
SecurityTrails logo

eegghhdd.aabbccde.otjloutj1018.xyz Open in urlscan Pro
156.247.11.196  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xx686.vip/
Effective URL: https://eegghhdd.aabbccde.otjloutj1018.xyz/?inviteCode=125547
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On October 31 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 9 domains to perform 22 HTTP transactions. The main IP is 156.247.11.196, located in Seychelles and belongs to SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK. The main domain is eegghhdd.aabbccde.otjloutj1018.xyz.
TLS certificate: Issued by R10 on October 18th 2024. Valid for: 3 months.
This is the only time eegghhdd.aabbccde.otjloutj1018.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 152.32.214.136 135377 (UCLOUD-HK...)
6 206.119.178.23 133199 (SONDERCLO...)
10 156.247.11.196 133199 (SONDERCLO...)
22 3
Apex Domain
Subdomains		 Transfer
10 otjloutj1018.xyz
eegghhdd.aabbccde.otjloutj1018.xyz
60 KB
6 xsj0000.xyz
xsj0000.xyz
312 KB
1 xsj0000.com
xsj0000.com
136 B
1 xx686.vip
xx686.vip
795 B
0 dwwxv.cn Failed
wb689.dwwxv.cn Failed
0 rjmrel.cn Failed
kwnn.rjmrel.cn Failed
kwnm.rjmrel.cn Failed
0 rstzx.cn Failed
nwtest.rstzx.cn Failed
0 tiandengsheng.com Failed
abc.tiandengsheng.com Failed
0 mczyee.cn Failed
kwop.mczyee.cn Failed
22 9
Domain Requested by
10 eegghhdd.aabbccde.otjloutj1018.xyz xsj0000.xyz
eegghhdd.aabbccde.otjloutj1018.xyz
6 xsj0000.xyz xsj0000.xyz
1 xsj0000.com 1 redirects
1 xx686.vip 1 redirects
0 wb689.dwwxv.cn Failed eegghhdd.aabbccde.otjloutj1018.xyz
0 kwnm.rjmrel.cn Failed eegghhdd.aabbccde.otjloutj1018.xyz
0 kwnn.rjmrel.cn Failed eegghhdd.aabbccde.otjloutj1018.xyz
0 nwtest.rstzx.cn Failed eegghhdd.aabbccde.otjloutj1018.xyz
0 abc.tiandengsheng.com Failed eegghhdd.aabbccde.otjloutj1018.xyz
0 kwop.mczyee.cn Failed eegghhdd.aabbccde.otjloutj1018.xyz
22 10

This site contains no links.

Subject Issuer Validity Valid
xsj0000.xyz
R11		 2024-10-25 -
2025-01-23		 3 months crt.sh
eegghhdd.aabbccde.otjloutj1018.xyz
R10		 2024-10-18 -
2025-01-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://eegghhdd.aabbccde.otjloutj1018.xyz/?inviteCode=125547
Frame ID: 1548AA7B637B5A6E37D5491D0A854201
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NEW WORLD 百度一下,你就知道

Page URL History Show full URLs

  1. http://xx686.vip/ HTTP 307
    https://xx686.vip/ HTTP 301
    https://xsj0000.com/?inviteCode=125547 HTTP 302
    https://xsj0000.xyz/?inviteCode=125547 Page URL
  2. https://eegghhdd.aabbccde.otjloutj1018.xyz/?inviteCode=125547 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

73 %
HTTPS

25 %
IPv6

9
Domains

10
Subdomains

3
IPs

3
Countries

377 kB
Transfer

1069 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xx686.vip/ HTTP 307
    https://xx686.vip/ HTTP 301
    https://xsj0000.com/?inviteCode=125547 HTTP 302
    https://xsj0000.xyz/?inviteCode=125547 Page URL
  2. https://eegghhdd.aabbccde.otjloutj1018.xyz/?inviteCode=125547 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://xx686.vip/ HTTP 307
  • https://xx686.vip/ HTTP 301
  • https://xsj0000.com/?inviteCode=125547 HTTP 302
  • https://xsj0000.xyz/?inviteCode=125547

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
xsj0000.xyz/
Redirect Chain
  • http://xx686.vip/
  • https://xx686.vip/
  • https://xsj0000.com/?inviteCode=125547
  • https://xsj0000.xyz/?inviteCode=125547
781 B
935 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xsj0000.xyz/?inviteCode=125547
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.119.178.23 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
dacc6706344cf57b1105ce356fa61337384fd24aaec83d5e4a7c37d6468dcdee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
781
content-type
text/html
date
Thu, 31 Oct 2024 03:44:51 GMT
etag
"66d9eaf9-30d"
last-modified
Thu, 05 Sep 2024 17:31:37 GMT
server
nginx
strict-transport-security
max-age=31536000

Redirect headers

content-type
text/html; charset=UTF-8
date
Thu, 31 Oct 2024 03:44:50 GMT
location
https://xsj0000.xyz?inviteCode=125547
server
nginx
strict-transport-security
max-age=31536000
index.2da1efab.css
xsj0000.xyz/static/ 		94 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xsj0000.xyz/static/index.2da1efab.css
Requested by
Host: xsj0000.xyz
URL: https://xsj0000.xyz/?inviteCode=125547
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.119.178.23 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
e97de9a247807f12d74101e9f736250b2410be4e1ed3d17ed875e4b08cf66c83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xsj0000.xyz/?inviteCode=125547

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6695d3b4-178f9"
expires
Thu, 31 Oct 2024 15:44:51 GMT
date
Thu, 31 Oct 2024 03:44:51 GMT
content-type
text/css
last-modified
Tue, 16 Jul 2024 01:58:12 GMT
server
nginx
vary
Accept-Encoding
chunk-vendors.fbe855ac.js
xsj0000.xyz/static/js/ 		776 KB
271 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsj0000.xyz/static/js/chunk-vendors.fbe855ac.js
Requested by
Host: xsj0000.xyz
URL: https://xsj0000.xyz/?inviteCode=125547
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.119.178.23 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
682be307a78601bb96350809a7cf9016fd686a21dfdfae4ecd4d6a77b8d53676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xsj0000.xyz/?inviteCode=125547

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6695d3b4-c1f99"
expires
Thu, 31 Oct 2024 15:44:51 GMT
date
Thu, 31 Oct 2024 03:44:51 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 01:58:12 GMT
server
nginx
vary
Accept-Encoding
index.bd93c33d.js
xsj0000.xyz/static/js/ 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsj0000.xyz/static/js/index.bd93c33d.js
Requested by
Host: xsj0000.xyz
URL: https://xsj0000.xyz/?inviteCode=125547
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.119.178.23 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
0a9aad4ac9a2e3f98adaf548e47a79fbdc0d773af8806f8d65ec2186c9cc7c80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xsj0000.xyz/?inviteCode=125547

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6695d3b4-9531"
expires
Thu, 31 Oct 2024 15:44:51 GMT
date
Thu, 31 Oct 2024 03:44:51 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 01:58:12 GMT
server
nginx
vary
Accept-Encoding
pages-index-index.d82a81a4.js
xsj0000.xyz/static/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsj0000.xyz/static/js/pages-index-index.d82a81a4.js
Requested by
Host: xsj0000.xyz
URL: https://xsj0000.xyz/static/js/index.bd93c33d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.119.178.23 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
82ad2f408831882c21f42b26277582a0d3dc770583b8fd10cdc1a96d16f1a0cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xsj0000.xyz/?inviteCode=125547

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6695d3b4-b9f"
expires
Thu, 31 Oct 2024 15:44:52 GMT
date
Thu, 31 Oct 2024 03:44:52 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 01:58:12 GMT
server
nginx
vary
Accept-Encoding
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
urllist.php
xsj0000.xyz/api/v1/url/ 		280 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xsj0000.xyz/api/v1/url/urllist.php
Requested by
Host: xsj0000.xyz
URL: https://xsj0000.xyz/static/js/chunk-vendors.fbe855ac.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
206.119.178.23 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
5d763374f027314844fe855c26ee3df9a29c214b10a6cdfd52c66727b59de075
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://xsj0000.xyz/?inviteCode=125547

Response headers

strict-transport-security
max-age=31536000
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
expires
Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin
*
date
Thu, 31 Oct 2024 03:44:52 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx
access-control-allow-headers
Content-Type
ping.json
eegghhdd.aabbccde.otjloutj1018.xyz/ 		42 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eegghhdd.aabbccde.otjloutj1018.xyz/ping.json?t=0.8415019872836702
Requested by
Host: xsj0000.xyz
URL: https://xsj0000.xyz/static/js/chunk-vendors.fbe855ac.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.247.11.196 , Seychelles, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://xsj0000.xyz/

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-origin
*
content-length
42
date
Thu, 31 Oct 2024 03:44:53 GMT
content-type
application/json
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
Primary Request /
eegghhdd.aabbccde.otjloutj1018.xyz/ 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eegghhdd.aabbccde.otjloutj1018.xyz/?inviteCode=125547
Requested by
Host: xsj0000.xyz
URL: https://xsj0000.xyz/static/js/pages-index-index.d82a81a4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.247.11.196 , Seychelles, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
771e112e10d450c0487668e30a8fbf823ea8c0a14daf4e09095cfe1c4641e9c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://xsj0000.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 31 Oct 2024 03:44:53 GMT
etag
W/"66c86b74-3c55"
last-modified
Fri, 23 Aug 2024 10:59:00 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
common.css
eegghhdd.aabbccde.otjloutj1018.xyz/style/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eegghhdd.aabbccde.otjloutj1018.xyz/style/common.css
Requested by
Host: eegghhdd.aabbccde.otjloutj1018.xyz
URL: https://eegghhdd.aabbccde.otjloutj1018.xyz/?inviteCode=125547
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.247.11.196 , Seychelles, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
868a6072f81a9338a831bba1c8abdbc40cadf0d42af3220c29fbc8aea596e828
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eegghhdd.aabbccde.otjloutj1018.xyz/?inviteCode=125547

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"66c573be-90e"
expires
Thu, 31 Oct 2024 15:44:54 GMT
date
Thu, 31 Oct 2024 03:44:54 GMT
content-type
text/css
last-modified
Wed, 21 Aug 2024 04:57:34 GMT
server
nginx
vary
Accept-Encoding
Polyfill.js
eegghhdd.aabbccde.otjloutj1018.xyz/js/ 		636 B
849 B 		Script
General
Check archive.org
Download Go to
Full URL
https://eegghhdd.aabbccde.otjloutj1018.xyz/js/Polyfill.js
Requested by
Host: eegghhdd.aabbccde.otjloutj1018.xyz
URL: https://eegghhdd.aabbccde.otjloutj1018.xyz/?inviteCode=125547
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.247.11.196 , Seychelles, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
348240587278e97d1c588dec7cce132481228f7f2a42077c6c406cfa8fb8b2a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eegghhdd.aabbccde.otjloutj1018.xyz/?inviteCode=125547

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
etag
"66c57950-27c"
expires
Thu, 31 Oct 2024 15:44:54 GMT
accept-ranges
bytes
content-length
636
date
Thu, 31 Oct 2024 03:44:54 GMT
content-type
application/javascript
last-modified
Wed, 21 Aug 2024 05:21:20 GMT
server
nginx
rem.js
eegghhdd.aabbccde.otjloutj1018.xyz/js/ 		311 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://eegghhdd.aabbccde.otjloutj1018.xyz/js/rem.js
Requested by
Host: eegghhdd.aabbccde.otjloutj1018.xyz
URL: https://eegghhdd.aabbccde.otjloutj1018.xyz/?inviteCode=125547
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.247.11.196 , Seychelles, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
bde1e5d9ba98f2da108be1f5ab0b25b5c7e0708baa51c211dc564fa915064480
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eegghhdd.aabbccde.otjloutj1018.xyz/?inviteCode=125547

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
etag
"662e51f2-137"
expires
Thu, 31 Oct 2024 15:44:54 GMT
accept-ranges
bytes
content-length
311
date
Thu, 31 Oct 2024 03:44:54 GMT
content-type
application/javascript
last-modified
Sun, 28 Apr 2024 13:41:06 GMT
server
nginx
jquery-1.10.1.min.js
eegghhdd.aabbccde.otjloutj1018.xyz/Swiper-2.7.6/demos/js/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eegghhdd.aabbccde.otjloutj1018.xyz/Swiper-2.7.6/demos/js/jquery-1.10.1.min.js
Requested by
Host: eegghhdd.aabbccde.otjloutj1018.xyz
URL: https://eegghhdd.aabbccde.otjloutj1018.xyz/?inviteCode=125547
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.247.11.196 , Seychelles, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eegghhdd.aabbccde.otjloutj1018.xyz/?inviteCode=125547

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"54dba14e-16b88"
expires
Thu, 31 Oct 2024 15:44:54 GMT
date
Thu, 31 Oct 2024 03:44:54 GMT
content-type
application/javascript
last-modified
Wed, 11 Feb 2015 18:37:02 GMT
server
nginx
vary
Accept-Encoding
global.js
eegghhdd.aabbccde.otjloutj1018.xyz/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eegghhdd.aabbccde.otjloutj1018.xyz/js/global.js?_ift=j9n2tt2led84a2rgjljovijqq
Requested by
Host: eegghhdd.aabbccde.otjloutj1018.xyz
URL: https://eegghhdd.aabbccde.otjloutj1018.xyz/?inviteCode=125547
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.247.11.196 , Seychelles, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
4f0e35cf65bfb6f761ee1d59fcedc4fe747a03d9ab5d6fe25f9b956985604be2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eegghhdd.aabbccde.otjloutj1018.xyz/?inviteCode=125547

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6711beee-187d"
expires
Thu, 31 Oct 2024 15:44:54 GMT
date
Thu, 31 Oct 2024 03:44:54 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 01:50:38 GMT
server
nginx
vary
Accept-Encoding
layer.js
eegghhdd.aabbccde.otjloutj1018.xyz/3.1.1/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eegghhdd.aabbccde.otjloutj1018.xyz/3.1.1/layer.js
Requested by
Host: eegghhdd.aabbccde.otjloutj1018.xyz
URL: https://eegghhdd.aabbccde.otjloutj1018.xyz/?inviteCode=125547
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.247.11.196 , Seychelles, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
1ce6649d82d2db0f8e4823f701ddfcfd9c7f107cb446c907e46ec7e57171a2a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eegghhdd.aabbccde.otjloutj1018.xyz/?inviteCode=125547

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"5a261924-5664"
expires
Thu, 31 Oct 2024 15:44:54 GMT
date
Thu, 31 Oct 2024 03:44:54 GMT
content-type
application/javascript
last-modified
Tue, 05 Dec 2017 03:57:24 GMT
server
nginx
vary
Accept-Encoding
truncated
/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3b812720c532be020fff8ed451ce81c5bdcad52993cf88b0e0385fbdae1b2bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://eegghhdd.aabbccde.otjloutj1018.xyz
Referer

Response headers

Content-Type
application/octet-stream
layer.css
eegghhdd.aabbccde.otjloutj1018.xyz/3.1.1/theme/default/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eegghhdd.aabbccde.otjloutj1018.xyz/3.1.1/theme/default/layer.css?v=3.1.1
Requested by
Host: eegghhdd.aabbccde.otjloutj1018.xyz
URL: https://eegghhdd.aabbccde.otjloutj1018.xyz/3.1.1/layer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.247.11.196 , Seychelles, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eegghhdd.aabbccde.otjloutj1018.xyz/?inviteCode=125547

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"5a261924-381f"
expires
Thu, 31 Oct 2024 15:44:54 GMT
date
Thu, 31 Oct 2024 03:44:54 GMT
content-type
text/css
last-modified
Tue, 05 Dec 2017 03:57:24 GMT
server
nginx
vary
Accept-Encoding
ping
kwop.mczyee.cn/livegameapi/ 		0
0
ping
abc.tiandengsheng.com/livegameapi/ 		0
0
ping
nwtest.rstzx.cn/livegameapi/ 		0
0
ping
kwnn.rjmrel.cn/livegameapi/ 		0
0
ping
kwnm.rjmrel.cn/livegameapi/ 		0
0
ping
wb689.dwwxv.cn/livegameapi/ 		0
0
favicon.ico
eegghhdd.aabbccde.otjloutj1018.xyz/ 		548 B
611 B 		Other
General
Check archive.org
Download Go to
Full URL
https://eegghhdd.aabbccde.otjloutj1018.xyz/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.247.11.196 , Seychelles, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eegghhdd.aabbccde.otjloutj1018.xyz/?inviteCode=125547

Response headers

content-length
548
date
Thu, 31 Oct 2024 03:44:54 GMT
content-type
text/html
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kwop.mczyee.cn
URL
https://kwop.mczyee.cn/livegameapi/ping?t=653274
Domain
abc.tiandengsheng.com
URL
https://abc.tiandengsheng.com/livegameapi/ping?t=632259
Domain
nwtest.rstzx.cn
URL
https://nwtest.rstzx.cn/livegameapi/ping?t=609152
Domain
kwnn.rjmrel.cn
URL
https://kwnn.rjmrel.cn/livegameapi/ping?t=22903
Domain
kwnm.rjmrel.cn
URL
https://kwnm.rjmrel.cn/livegameapi/ping?t=799880
Domain
wb689.dwwxv.cn
URL
https://wb689.dwwxv.cn/livegameapi/ping?t=158122

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| layer function| isProxyWords function| isProxy

1 Cookies

Domain/Path Name / Value
xsj0000.xyz/ Name: PHPSESSID
Value: toi42mumgv4eje15g9i3eeuehq

1 Console Messages

Source Level URL
Text
network error URL: https://eegghhdd.aabbccde.otjloutj1018.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abc.tiandengsheng.com
eegghhdd.aabbccde.otjloutj1018.xyz
kwnm.rjmrel.cn
kwnn.rjmrel.cn
kwop.mczyee.cn
nwtest.rstzx.cn
wb689.dwwxv.cn
xsj0000.com
xsj0000.xyz
xx686.vip
abc.tiandengsheng.com
kwnm.rjmrel.cn
kwnn.rjmrel.cn
kwop.mczyee.cn
nwtest.rstzx.cn
wb689.dwwxv.cn
152.32.214.136
156.247.11.196
206.119.178.23
2606:4700:3032::6815:dd2
0a9aad4ac9a2e3f98adaf548e47a79fbdc0d773af8806f8d65ec2186c9cc7c80
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3
1ce6649d82d2db0f8e4823f701ddfcfd9c7f107cb446c907e46ec7e57171a2a3
348240587278e97d1c588dec7cce132481228f7f2a42077c6c406cfa8fb8b2a2
4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79
4f0e35cf65bfb6f761ee1d59fcedc4fe747a03d9ab5d6fe25f9b956985604be2
5d763374f027314844fe855c26ee3df9a29c214b10a6cdfd52c66727b59de075
682be307a78601bb96350809a7cf9016fd686a21dfdfae4ecd4d6a77b8d53676
771e112e10d450c0487668e30a8fbf823ea8c0a14daf4e09095cfe1c4641e9c8
82ad2f408831882c21f42b26277582a0d3dc770583b8fd10cdc1a96d16f1a0cd
868a6072f81a9338a831bba1c8abdbc40cadf0d42af3220c29fbc8aea596e828
b3b812720c532be020fff8ed451ce81c5bdcad52993cf88b0e0385fbdae1b2bd
bde1e5d9ba98f2da108be1f5ab0b25b5c7e0708baa51c211dc564fa915064480
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
dacc6706344cf57b1105ce356fa61337384fd24aaec83d5e4a7c37d6468dcdee
e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc
e97de9a247807f12d74101e9f736250b2410be4e1ed3d17ed875e4b08cf66c83