urlscan.io logo urlscan.io
SecurityTrails logo

bkgseatqdwck.zderg.com Open in urlscan Pro
1.94.32.235  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://6ewqf.com/
Effective URL: https://bkgseatqdwck.zderg.com/XB-A021.html?channelCode=xbhu2
Submission: On December 12 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 19 HTTP transactions. The main IP is 1.94.32.235, located in China and belongs to HWCSNET Huawei Cloud Service data center, CN. The main domain is bkgseatqdwck.zderg.com.
TLS certificate: Issued by R11 on December 12th 2024. Valid for: 3 months.
This is the only time bkgseatqdwck.zderg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 20.2.172.71 8075 (MICROSOFT...)
1 1.94.32.235 55990 (HWCSNET H...)
16 8.25.82.164 24429 (TAOBAO Zh...)
1 8.25.82.178 24429 (TAOBAO Zh...)
19 4
Domain Requested by
16 twk8vpmpdx.aodaiq.com bkgseatqdwck.zderg.com
twk8vpmpdx.aodaiq.com
1 biw4vowyhgms6iw.zhenchangm.com twk8vpmpdx.aodaiq.com
1 bkgseatqdwck.zderg.com
1 6ewqf.com 1 redirects
19 4

This site contains no links.

Subject Issuer Validity Valid
zderg.com
R11		 2024-12-12 -
2025-03-12		 3 months crt.sh
aodaiq.com
R11		 2024-11-10 -
2025-02-08		 3 months crt.sh
zhenchangm.com
R10		 2024-10-22 -
2025-01-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bkgseatqdwck.zderg.com/XB-A021.html?channelCode=xbhu2
Frame ID: 30364B3B473A448B0131164B1EAB8C1A
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

欢迎访问

Page URL History Show full URLs

  1. https://6ewqf.com/ HTTP 301
    https://bkgseatqdwck.zderg.com/XB-A021.html?channelCode=xbhu2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

95 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1180 kB
Transfer

1289 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://6ewqf.com/ HTTP 301
    https://bkgseatqdwck.zderg.com/XB-A021.html?channelCode=xbhu2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request XB-A021.html
bkgseatqdwck.zderg.com/
Redirect Chain
  • https://6ewqf.com/
  • https://bkgseatqdwck.zderg.com/XB-A021.html?channelCode=xbhu2
618 B
805 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bkgseatqdwck.zderg.com/XB-A021.html?channelCode=xbhu2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
1.94.32.235 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-1-94-32-235.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
53d7200b1b3f9b8f27217aa76b0e095d8c859d775be14d09eb4da53bd4a04394
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
618
content-type
text/html
date
Thu, 12 Dec 2024 13:06:27 GMT
etag
"67593d0e-26a"
last-modified
Wed, 11 Dec 2024 07:19:42 GMT
server
nginx
strict-transport-security
max-age=31536000
x-cache
EXPIRED

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
86
content-type
text/html; charset=utf-8
date
Thu, 12 Dec 2024 13:06:26 GMT
edge
19024-hk-4
location
https://bkgseatqdwck.zderg.com/XB-A021.html?channelCode=xbhu2
server
openresty
x-powered-by
Power301
xb.lib.min.js
twk8vpmpdx.aodaiq.com/assets/js/v1/ 		1 KB
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://twk8vpmpdx.aodaiq.com/assets/js/v1/xb.lib.min.js
Requested by
Host: bkgseatqdwck.zderg.com
URL: https://bkgseatqdwck.zderg.com/XB-A021.html?channelCode=xbhu2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.25.82.164 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e56a2b1edd01b2ce5c55c4025bf517e3c42e9b11d01fd6006678d5fffd2966f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bkgseatqdwck.zderg.com/

Response headers

Content-Encoding
gzip
ETag
W/"673d8b2f-426"
Age
41304
X-Cache
HIT TCP_HIT dirn:11:103043732
Date
Thu, 12 Dec 2024 01:38:03 GMT
Content-Type
application/javascript
Last-Modified
Wed, 20 Nov 2024 07:09:35 GMT
Vary
Accept-Encoding
X-Swift-CacheTime
86400
Timing-Allow-Origin
*
Connection
keep-alive
Via
cache24.l2us2[311,311,200-0,M], cache14.l2us2[313,0], ens-cache7.us26[0,0,200-0,H], ens-cache9.us26[1,0]
Ali-Swift-Global-Savetime
1733967483
X-Swift-SaveTime
Thu, 12 Dec 2024 01:38:03 GMT
EagleId
0819529d17340087876458381e
Content-Length
410
Server
Tengine
xb-a021.min.js
twk8vpmpdx.aodaiq.com/assets/js/v1/xb/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://twk8vpmpdx.aodaiq.com/assets/js/v1/xb/xb-a021.min.js
Requested by
Host: twk8vpmpdx.aodaiq.com
URL: https://twk8vpmpdx.aodaiq.com/assets/js/v1/xb.lib.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.25.82.164 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
69a14b0a7afa6ac5b58e6593343ff1db888171f897b990f25bfc59de25f25b5b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bkgseatqdwck.zderg.com/

Response headers

Content-Encoding
gzip
ETag
W/"67516e13-343a"
Age
41303
X-Cache
HIT TCP_HIT dirn:7:1311361035
Date
Thu, 12 Dec 2024 01:38:04 GMT
Content-Type
application/javascript
Last-Modified
Thu, 05 Dec 2024 09:10:43 GMT
Vary
Accept-Encoding
X-Swift-CacheTime
86400
Timing-Allow-Origin
*
Connection
keep-alive
Via
cache35.l2us2[313,313,200-0,M], cache35.l2us2[314,0], ens-cache6.us26[0,6,200-0,H], ens-cache9.us26[8,0]
Ali-Swift-Global-Savetime
1733967484
X-Swift-SaveTime
Thu, 12 Dec 2024 01:38:04 GMT
EagleId
0819529d17340087876868448e
Content-Length
5820
Server
Tengine
appinstall.js
twk8vpmpdx.aodaiq.com/assets/js/ 		47 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://twk8vpmpdx.aodaiq.com/assets/js/appinstall.js
Requested by
Host: twk8vpmpdx.aodaiq.com
URL: https://twk8vpmpdx.aodaiq.com/assets/js/v1/xb.lib.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.25.82.164 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d980d5024163e4cf29354de4878cf8b3666a9ba37e3e3fbacbdd13a0b66d60ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bkgseatqdwck.zderg.com/

Response headers

Content-Encoding
gzip
ETag
W/"66d6b4e2-bc8a"
Age
37549
X-Cache
HIT TCP_HIT dirn:11:253110696
Date
Thu, 12 Dec 2024 02:40:39 GMT
Content-Type
application/javascript
Last-Modified
Tue, 03 Sep 2024 07:04:02 GMT
Vary
Accept-Encoding
X-Swift-CacheTime
77926
Timing-Allow-Origin
*
Connection
keep-alive
Via
ens-cache34.l2us3[0,0,304-0,H], ens-cache22.l2us3[1,0], ens-cache12.us26[0,0,200-0,H], ens-cache9.us26[2,0]
Ali-Swift-Global-Savetime
1733971239
X-Swift-SaveTime
Thu, 12 Dec 2024 05:01:53 GMT
EagleId
0819529d17340087881551228e
Content-Length
19031
Server
Tengine
qrcode.min.js
twk8vpmpdx.aodaiq.com/assets/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://twk8vpmpdx.aodaiq.com/assets/js/qrcode.min.js
Requested by
Host: twk8vpmpdx.aodaiq.com
URL: https://twk8vpmpdx.aodaiq.com/assets/js/v1/xb.lib.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.25.82.164 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bkgseatqdwck.zderg.com/

Response headers

Content-Encoding
gzip
ETag
W/"66d6b4e2-4dd7"
Age
1815
X-Cache
HIT TCP_HIT dirn:11:814527879
Date
Thu, 12 Dec 2024 12:36:13 GMT
Content-Type
application/javascript
Last-Modified
Tue, 03 Sep 2024 07:04:02 GMT
Vary
Accept-Encoding
X-Swift-CacheTime
85557
Timing-Allow-Origin
*
Connection
keep-alive
Via
ens-cache11.l2us3[0,0,304-0,H], ens-cache26.l2us3[1,0], ens-cache3.us26[0,0,200-0,H], ens-cache10.us26[2,0]
Ali-Swift-Global-Savetime
1734006973
X-Swift-SaveTime
Thu, 12 Dec 2024 12:50:16 GMT
EagleId
0819529e17340087882262384e
Content-Length
7723
Server
Tengine
landingPage-xb-tool.min.js
twk8vpmpdx.aodaiq.com/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://twk8vpmpdx.aodaiq.com/assets/js/landingPage-xb-tool.min.js
Requested by
Host: twk8vpmpdx.aodaiq.com
URL: https://twk8vpmpdx.aodaiq.com/assets/js/v1/xb.lib.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.25.82.164 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
889fcaea52bf15a17fdc9d422b6ccc6a636f775efb77e667b6f1d6952f635d89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bkgseatqdwck.zderg.com/

Response headers

Content-Encoding
gzip
ETag
W/"675830bb-1bdb"
Age
41303
X-Cache
HIT TCP_HIT dirn:11:88776800
Date
Thu, 12 Dec 2024 01:38:05 GMT
Content-Type
application/javascript
Last-Modified
Tue, 10 Dec 2024 12:14:51 GMT
Vary
Accept-Encoding
X-Swift-CacheTime
57687
Timing-Allow-Origin
*
Connection
keep-alive
Via
ens-cache17.l2us3[0,0,200-0,H], ens-cache21.l2us3[2,0], ens-cache14.us26[0,0,200-0,H], ens-cache12.us26[4,0]
Ali-Swift-Global-Savetime
1733967485
X-Swift-SaveTime
Thu, 12 Dec 2024 09:36:38 GMT
EagleId
081952a017340087882291908e
Content-Length
2332
Server
Tengine
jquery-3.5.1.min.js
twk8vpmpdx.aodaiq.com/assets/js/ 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://twk8vpmpdx.aodaiq.com/assets/js/jquery-3.5.1.min.js
Requested by
Host: twk8vpmpdx.aodaiq.com
URL: https://twk8vpmpdx.aodaiq.com/assets/js/v1/xb.lib.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.25.82.164 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bkgseatqdwck.zderg.com/

Response headers

Content-Encoding
gzip
ETag
W/"66d6b4e2-15d86"
Age
31999
X-Cache
HIT TCP_HIT dirn:11:442726424
Date
Thu, 12 Dec 2024 04:13:09 GMT
Content-Type
application/javascript
Last-Modified
Tue, 03 Sep 2024 07:04:02 GMT
Vary
Accept-Encoding
X-Swift-CacheTime
83449
Timing-Allow-Origin
*
Connection
keep-alive
Via
ens-cache3.l2us3[0,0,304-0,H], ens-cache15.l2us3[1,0], ens-cache10.us26[0,1,200-0,H], ens-cache6.us26[7,0]
Ali-Swift-Global-Savetime
1733976789
X-Swift-SaveTime
Thu, 12 Dec 2024 05:02:20 GMT
EagleId
0819529a17340087882331170e
Content-Length
34806
Server
Tengine
xb-a02.css
twk8vpmpdx.aodaiq.com/assets/css/xb/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://twk8vpmpdx.aodaiq.com/assets/css/xb/xb-a02.css
Requested by
Host: twk8vpmpdx.aodaiq.com
URL: https://twk8vpmpdx.aodaiq.com/assets/js/v1/xb.lib.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.25.82.164 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
bb820a9531bd97a50fa3c712fb4c72d3719d48694c4a6e682b266297a9a6c314

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bkgseatqdwck.zderg.com/

Response headers

Content-Encoding
gzip
ETag
W/"6751767a-d46"
Age
41303
X-Cache
HIT TCP_HIT dirn:11:812067986
Date
Thu, 12 Dec 2024 01:38:05 GMT
Content-Type
text/css
Last-Modified
Thu, 05 Dec 2024 09:46:34 GMT
Vary
Accept-Encoding
X-Swift-CacheTime
86400
Timing-Allow-Origin
*
Connection
keep-alive
Via
cache11.l2us2[309,308,200-0,M], cache2.l2us2[311,0], ens-cache7.us26[0,0,200-0,H], ens-cache9.us26[2,0]
Ali-Swift-Global-Savetime
1733967485
X-Swift-SaveTime
Thu, 12 Dec 2024 01:38:05 GMT
EagleId
0819529d17340087882051311e
Content-Length
1152
Server
Tengine
xb.ico
twk8vpmpdx.aodaiq.com/assets/img/ 		0
0
img-header.js
twk8vpmpdx.aodaiq.com/assets/img/v1/xb-a02/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twk8vpmpdx.aodaiq.com/assets/img/v1/xb-a02/img-header.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.25.82.164 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
158146f19d1e9234623bb8d492b454351ef9c1d48c14a6ee0af607cbaad821ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bkgseatqdwck.zderg.com/

Response headers

Content-Encoding
gzip
ETag
W/"674ec9ff-f941"
Age
34118
X-Cache
HIT TCP_HIT dirn:11:271047534
Date
Thu, 12 Dec 2024 03:37:50 GMT
Content-Type
application/javascript
Last-Modified
Tue, 03 Dec 2024 09:06:07 GMT
Vary
Accept-Encoding
X-Swift-CacheTime
64871
Timing-Allow-Origin
*
Connection
keep-alive
Via
ens-cache2.l2us3[0,0,200-0,H], ens-cache1.l2us3[1,0], ens-cache3.us26[0,0,200-0,H], ens-cache12.us26[3,0]
Ali-Swift-Global-Savetime
1733974670
X-Swift-SaveTime
Thu, 12 Dec 2024 09:36:39 GMT
EagleId
081952a017340087883592146e
Content-Length
63247
Server
Tengine
title01.js
twk8vpmpdx.aodaiq.com/assets/img/v1/xb-a02/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twk8vpmpdx.aodaiq.com/assets/img/v1/xb-a02/title01.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.25.82.164 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e3ca80995f98d31072489b9147a2809c2a2e2452676c5950b0e69d23a7f4a035

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bkgseatqdwck.zderg.com/

Response headers

Content-Encoding
gzip
ETag
W/"6745b7b4-1024f"
Age
41302
X-Cache
MISS TCP_MISS dirn:12:251776387
Date
Thu, 12 Dec 2024 01:38:06 GMT
Content-Type
application/javascript
Last-Modified
Tue, 26 Nov 2024 11:57:40 GMT
Vary
Accept-Encoding
X-Swift-CacheTime
45098
Timing-Allow-Origin
*
Connection
keep-alive
Via
ens-cache30.l2us3[0,0,200-0,H], ens-cache9.l2us3[2,0], ens-cache7.us26[20,20,200-0,M], ens-cache10.us26[22,0]
Ali-Swift-Global-Savetime
1733967486
X-Swift-SaveTime
Thu, 12 Dec 2024 13:06:28 GMT
EagleId
0819529e17340087883572598e
Content-Length
65540
Server
Tengine
title02.js
twk8vpmpdx.aodaiq.com/assets/img/v1/xb-a02/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twk8vpmpdx.aodaiq.com/assets/img/v1/xb-a02/title02.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.25.82.164 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
20f3abb31a161df941c62630845e120c894c197980ab9fc9073371e648653304

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bkgseatqdwck.zderg.com/

Response headers

Content-Encoding
gzip
ETag
W/"6745b7b4-d3c0"
Age
34240
X-Cache
HIT TCP_HIT dirn:12:508594506
Date
Thu, 12 Dec 2024 03:35:48 GMT
Content-Type
application/javascript
Last-Modified
Tue, 26 Nov 2024 11:57:40 GMT
Vary
Accept-Encoding
X-Swift-CacheTime
64750
Timing-Allow-Origin
*
Connection
keep-alive
Via
ens-cache2.l2us3[0,0,200-0,H], ens-cache1.l2us3[1,0], ens-cache9.us26[0,0,200-0,H], ens-cache9.us26[2,0]
Ali-Swift-Global-Savetime
1733974548
X-Swift-SaveTime
Thu, 12 Dec 2024 09:36:38 GMT
EagleId
0819529d17340087883631590e
Content-Length
53519
Server
Tengine
mn.js
twk8vpmpdx.aodaiq.com/assets/img/v1/xb-a02/ 		433 KB
433 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twk8vpmpdx.aodaiq.com/assets/img/v1/xb-a02/mn.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.25.82.164 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
90dcd89a757b912166cd5c9bd8ff47a13c2d95797ad6afed8f7e3ca052465943

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bkgseatqdwck.zderg.com/

Response headers

Content-Encoding
gzip
ETag
W/"6745b7b4-6c47a"
Age
41298
X-Cache
HIT TCP_HIT dirn:5:1317777532
Date
Thu, 12 Dec 2024 01:38:10 GMT
Content-Type
application/javascript
Last-Modified
Tue, 26 Nov 2024 11:57:40 GMT
Vary
Accept-Encoding
X-Swift-CacheTime
78261
Timing-Allow-Origin
*
Connection
keep-alive
Via
ens-cache6.l2us3[0,59,200-0,H], ens-cache20.l2us3[60,0], ens-cache6.us26[0,8,200-0,H], ens-cache7.us26[12,0]
Ali-Swift-Global-Savetime
1733967490
X-Swift-SaveTime
Thu, 12 Dec 2024 03:53:49 GMT
EagleId
0819529b17340087883594596e
Content-Length
442970
Server
Tengine
mn-text.js
twk8vpmpdx.aodaiq.com/assets/img/v1/xb-a02/ 		159 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twk8vpmpdx.aodaiq.com/assets/img/v1/xb-a02/mn-text.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.25.82.164 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
184498166bfedec82d39fecc57d6250b605f2caf1919412afa6cd8be263a8c72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bkgseatqdwck.zderg.com/

Response headers

Content-Encoding
gzip
ETag
W/"6745b7b3-27a4c"
Age
41302
X-Cache
HIT TCP_HIT dirn:11:804876348
Date
Thu, 12 Dec 2024 01:38:06 GMT
Content-Type
application/javascript
Last-Modified
Tue, 26 Nov 2024 11:57:39 GMT
Vary
Accept-Encoding
X-Swift-CacheTime
86400
Timing-Allow-Origin
*
Connection
keep-alive
Via
cache38.l2us2[340,339,200-0,M], cache14.l2us2[341,0], ens-cache2.us26[0,0,200-0,H], ens-cache10.us26[1,0]
Ali-Swift-Global-Savetime
1733967486
X-Swift-SaveTime
Thu, 12 Dec 2024 01:38:06 GMT
EagleId
0819529e17340087884612784e
Content-Length
160251
Server
Tengine
btn-ios.js
twk8vpmpdx.aodaiq.com/assets/img/v1/xb-a02/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twk8vpmpdx.aodaiq.com/assets/img/v1/xb-a02/btn-ios.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.25.82.164 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2e6139f41cb171d5a529df3ae223edd2076f24335145605e3cda1b958c91d4d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bkgseatqdwck.zderg.com/

Response headers

Content-Encoding
gzip
ETag
W/"6745b7b3-3963"
Age
34240
X-Cache
HIT TCP_HIT dirn:12:605364268
Date
Thu, 12 Dec 2024 03:35:48 GMT
Content-Type
application/javascript
Last-Modified
Tue, 26 Nov 2024 11:57:39 GMT
Vary
Accept-Encoding
X-Swift-CacheTime
64749
Timing-Allow-Origin
*
Connection
keep-alive
Via
ens-cache16.l2us3[0,10,200-0,H], ens-cache16.l2us3[26,0], ens-cache3.us26[0,0,200-0,H], ens-cache9.us26[2,0]
Ali-Swift-Global-Savetime
1733974548
X-Swift-SaveTime
Thu, 12 Dec 2024 09:36:39 GMT
EagleId
0819529d17340087884501759e
Content-Length
14468
Server
Tengine
btn-android.js
twk8vpmpdx.aodaiq.com/assets/img/v1/xb-a02/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twk8vpmpdx.aodaiq.com/assets/img/v1/xb-a02/btn-android.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.25.82.164 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
cd41a48d3242d232c4f48a8e40f4c1ba3409e536ab40458dc212fbddcd0e23e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bkgseatqdwck.zderg.com/

Response headers

Content-Encoding
gzip
ETag
W/"6745b7b3-3943"
Age
34118
X-Cache
HIT TCP_HIT dirn:11:145034242
Date
Thu, 12 Dec 2024 03:37:50 GMT
Content-Type
application/javascript
Last-Modified
Tue, 26 Nov 2024 11:57:39 GMT
Vary
Accept-Encoding
X-Swift-CacheTime
64871
Timing-Allow-Origin
*
Connection
keep-alive
Via
ens-cache34.l2us3[0,1,200-0,H], ens-cache34.l2us3[6,0], ens-cache6.us26[0,0,200-0,H], ens-cache12.us26[2,0]
Ali-Swift-Global-Savetime
1733974670
X-Swift-SaveTime
Thu, 12 Dec 2024 09:36:39 GMT
EagleId
081952a017340087884482358e
Content-Length
14443
Server
Tengine
qr-title.js
twk8vpmpdx.aodaiq.com/assets/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twk8vpmpdx.aodaiq.com/assets/img/qr-title.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.25.82.164 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
264b6ece96301653d7c8031872fade09009a1fdc5f27ae01f8ff3f9d5b5eb563

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bkgseatqdwck.zderg.com/

Response headers

Content-Encoding
gzip
ETag
W/"66f60dc3-b14"
Age
83605
X-Cache
HIT TCP_HIT dirn:11:428871312
Date
Wed, 11 Dec 2024 13:53:03 GMT
Content-Type
application/javascript
Last-Modified
Fri, 27 Sep 2024 01:43:31 GMT
Vary
Accept-Encoding
X-Swift-CacheTime
82087
Timing-Allow-Origin
*
Connection
keep-alive
Via
ens-cache15.l2us3[0,0,304-0,H], ens-cache33.l2us3[2,0], ens-cache12.us26[0,0,200-0,H], ens-cache9.us26[1,0]
Ali-Swift-Global-Savetime
1733925183
X-Swift-SaveTime
Wed, 11 Dec 2024 15:04:56 GMT
EagleId
0819529d17340087885051879e
Content-Length
2864
Server
Tengine
img-bg.js
twk8vpmpdx.aodaiq.com/assets/img/v1/xb-a02/ 		301 KB
300 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twk8vpmpdx.aodaiq.com/assets/img/v1/xb-a02/img-bg.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.25.82.164 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
84a8f6c228ec1a943c58d20775b90409c08a00be4e09ebabdcdcf181b0796dab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bkgseatqdwck.zderg.com/

Response headers

Content-Encoding
gzip
ETag
W/"6745b7b3-4b465"
Age
41302
X-Cache
HIT TCP_HIT dirn:4:1311268377
Date
Thu, 12 Dec 2024 01:38:06 GMT
Content-Type
application/javascript
Last-Modified
Tue, 26 Nov 2024 11:57:39 GMT
Vary
Accept-Encoding
X-Swift-CacheTime
86400
Timing-Allow-Origin
*
Connection
keep-alive
Via
cache10.l2us2[312,313,200-0,H], cache24.l2us2[314,0], ens-cache6.us26[0,15,200-0,H], ens-cache4.us26[17,0]
Ali-Swift-Global-Savetime
1733967486
X-Swift-SaveTime
Thu, 12 Dec 2024 01:38:06 GMT
EagleId
0819529817340087884377098e
Content-Length
306973
Server
Tengine
init
biw4vowyhgms6iw.zhenchangm.com/web/iksda9au/xbhu2/ 		727 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://biw4vowyhgms6iw.zhenchangm.com/web/iksda9au/xbhu2/init?channelCode=xbhu2&av=0&cv=0&hash=&server=biw4vowyhgms6iw.zhenchangm.com&sw=p6Cmpg&sh=p6Smpg&sp=1&li=p6GkuKehuKa4og
Requested by
Host: twk8vpmpdx.aodaiq.com
URL: https://twk8vpmpdx.aodaiq.com/assets/js/appinstall.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.25.82.178 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
52643be686aa0cc7acd8132112530bd3f8cf228ae52d73fa0a14fe5b56995146

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://bkgseatqdwck.zderg.com/

Response headers

X-Cache
MISS TCP_MISS dirn:-2:-2
Date
Thu, 12 Dec 2024 13:06:29 GMT
Content-Type
application/json;charset=utf-8
Vary
Origin
Cache-Control
no-cache
X-Swift-CacheTime
0
Timing-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Credentials
true
Via
ens-cache13.l2us3[464,463,200-0,M], ens-cache13.l2us3[465,0], ens-cache3.us26[485,485,200-0,M], ens-cache3.us26[487,0]
Ali-Swift-Global-Savetime
1734008789
X-Swift-SaveTime
Thu, 12 Dec 2024 13:06:29 GMT
Access-Control-Allow-Origin
https://bkgseatqdwck.zderg.com
EagleId
0819529717340087887962406e
Content-Length
727
Server
Tengine
truncated
/ 		85 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48da2e971de0c80912df848bc4f942bca59111d3eff853f5d7c41404263b3446

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
twk8vpmpdx.aodaiq.com
URL
https://twk8vpmpdx.aodaiq.com/assets/img/xb.ico

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| source_js_domain string| source_css_domain string| source_ico_domain string| source_img_domain string| seo_title function| load_js function| load_css function| load_ico object| _0x91c3 function| _0x1e75 function| _0x5c265c function| _0x444468 function| _0x25f8a8 function| _0x4333df function| lightYear function| QRCode object| opTool function| $ function| jQuery string| characters number| randomIndex

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6ewqf.com
biw4vowyhgms6iw.zhenchangm.com
bkgseatqdwck.zderg.com
twk8vpmpdx.aodaiq.com
twk8vpmpdx.aodaiq.com
1.94.32.235
20.2.172.71
8.25.82.164
8.25.82.178
158146f19d1e9234623bb8d492b454351ef9c1d48c14a6ee0af607cbaad821ca
184498166bfedec82d39fecc57d6250b605f2caf1919412afa6cd8be263a8c72
20f3abb31a161df941c62630845e120c894c197980ab9fc9073371e648653304
264b6ece96301653d7c8031872fade09009a1fdc5f27ae01f8ff3f9d5b5eb563
2e6139f41cb171d5a529df3ae223edd2076f24335145605e3cda1b958c91d4d4
48da2e971de0c80912df848bc4f942bca59111d3eff853f5d7c41404263b3446
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
52643be686aa0cc7acd8132112530bd3f8cf228ae52d73fa0a14fe5b56995146
53d7200b1b3f9b8f27217aa76b0e095d8c859d775be14d09eb4da53bd4a04394
69a14b0a7afa6ac5b58e6593343ff1db888171f897b990f25bfc59de25f25b5b
84a8f6c228ec1a943c58d20775b90409c08a00be4e09ebabdcdcf181b0796dab
889fcaea52bf15a17fdc9d422b6ccc6a636f775efb77e667b6f1d6952f635d89
90dcd89a757b912166cd5c9bd8ff47a13c2d95797ad6afed8f7e3ca052465943
bb820a9531bd97a50fa3c712fb4c72d3719d48694c4a6e682b266297a9a6c314
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
cd41a48d3242d232c4f48a8e40f4c1ba3409e536ab40458dc212fbddcd0e23e4
d980d5024163e4cf29354de4878cf8b3666a9ba37e3e3fbacbdd13a0b66d60ff
e3ca80995f98d31072489b9147a2809c2a2e2452676c5950b0e69d23a7f4a035
e56a2b1edd01b2ce5c55c4025bf517e3c42e9b11d01fd6006678d5fffd2966f4
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b