ml80620mlt.oftwtja.cn Open in urlscan Pro
122.228.95.166 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://apple-43.in/
Effective URL:
https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
Submission Tags: @phishunt_io
Submission: On April 06 via api (April 6th 2023, 12:10:51 pm UTC) from DE — Scanned from DE

Summary HTTP 17 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 9 domains to perform 17 HTTP transactions. The main IP is 122.228.95.166, located in China and belongs to CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN. The main domain is ml80620mlt.oftwtja.cn.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on April 5th 2023. Valid for: 3 months.

This is the only time ml80620mlt.oftwtja.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.229.82.50 67.229.82.50	35908 (VPLSNET) (VPLSNET)
1 1	43.135.61.112 43.135.61.112	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
10	122.228.95.166 122.228.95.166	134771 (CHINATELE...) (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU)
1	221.194.141.173 221.194.141.173	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
1	59.110.117.124 59.110.117.124	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	47.253.50.2 47.253.50.2	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	104.237.62.211 104.237.62.211	18450 (WEBNX) (WEBNX)
1	79.133.177.234 79.133.177.234	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	103.143.19.103 103.143.19.103	134760 (CHINANET-...) (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network)
17	8

1 67.229.82.50 (United States) 1 redirects

ASN35908 (VPLSNET, US)
PTR: mail-ee0-f74.cinquefoilanna.com

apple-43.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.135.61.112 (Central, Hong Kong) 1 redirects

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

qdff.gzievzm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 122.228.95.166 (China)

ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN)

ml80620mlt.oftwtja.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 221.194.141.173 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

cdn.bootcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 59.110.117.124 (Beijing, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

qa2js38.oss-cn-beijing.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.253.50.2 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.237.62.211 (El Segundo, United States)

ASN18450 (WEBNX, US)
PTR: hosted-by.racknerd.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.133.177.234 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

www.taobao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.143.19.103 (China)

ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN)

collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	oftwtja.cn ml80620mlt.oftwtja.cn	864 KB
2	51.la sdk.51.la — Cisco Umbrella Rank: 50464 collect-v6.51.la — Cisco Umbrella Rank: 46123	13 KB
1	taobao.com www.taobao.com — Cisco Umbrella Rank: 12438	158 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2603	115 B
1	aliyuncs.com qa2js38.oss-cn-beijing.aliyuncs.com	791 B
1	bootcdn.net cdn.bootcdn.net — Cisco Umbrella Rank: 99519	32 KB
1	gzievzm.com 1 redirects qdff.gzievzm.com	117 B
1	apple-43.in 1 redirects apple-43.in	130 B
0	yygs777.cn Failed web1.yygs777.cn Failed
17	9

	Domain	Requested by
10	ml80620mlt.oftwtja.cn	ml80620mlt.oftwtja.cn
1	collect-v6.51.la	sdk.51.la
1	www.taobao.com	ml80620mlt.oftwtja.cn
1	api.ipify.org	ml80620mlt.oftwtja.cn
1	sdk.51.la	ml80620mlt.oftwtja.cn
1	qa2js38.oss-cn-beijing.aliyuncs.com	ml80620mlt.oftwtja.cn
1	cdn.bootcdn.net	ml80620mlt.oftwtja.cn
1	qdff.gzievzm.com	1 redirects
1	apple-43.in	1 redirects
0	web1.yygs777.cn Failed	ml80620mlt.oftwtja.cn
17	10

This site contains links to these domains. Also see Links.

Domain
api03.tline03.win

Subject Issuer	Validity	Valid
*.oftwtja.cn ZeroSSL RSA Domain Secure Site CA	`2023-04-05` - `2023-07-04`	3 months	crt.sh
cdn.bootcdn.net TrustAsia RSA DV TLS CA G2	`2022-06-06` - `2023-06-06`	a year	crt.sh
*.oss-cn-beijing.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G3	`2023-02-15` - `2024-03-18`	a year	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-04-19` - `2023-05-21`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
*.tbcdn.cn GlobalSign Organization Validation CA - SHA256 - G2	`2022-07-22` - `2023-08-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
Frame ID: 9241AC271665BB876D9C7B54554981B6
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

千爱

Page URL History Show full URLs

https://apple-43.in/ HTTP 302
https://qdff.gzievzm.com:85/36/50085.html HTTP 302
https://ml80620mlt.oftwtja.cn/36/?channelCode=50085 Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

94 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

8
IPs

4
Countries

910 kB
Transfer

982 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://api03.tline03.win/standalone.html?appId=a2b8b144864e4434a381b8a14ce3abab

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://apple-43.in/ HTTP 302
https://qdff.gzievzm.com:85/36/50085.html HTTP 302
https://ml80620mlt.oftwtja.cn/36/?channelCode=50085 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ml80620mlt.oftwtja.cn/36/
Redirect Chain

https://apple-43.in/
https://qdff.gzievzm.com:85/36/50085.html
https://ml80620mlt.oftwtja.cn/36/?channelCode=50085

6 KB
3 KB

2445ms
460ms

Document
text/html

122.228.95.166
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.95.166 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 09daeb1e6b91bb037bb68310480978e842928a1310a0d54b890608137bf6c64e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Ali-Swift-Global-Savetime: 1680783034
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2722
Content-Type: text/html; charset=UTF-8
Date: Thu, 06 Apr 2023 12:10:33 GMT
EagleId: 7ae45f9c16807830337973294e
Server: Tengine
Timing-Allow-Origin: *
Vary: Accept-Encoding
Via: cache9.l2cn1823[210,209,200-0,M], cache46.l2cn1823[211,0], kunlun6.cn250[227,226,200-0,M], kunlun6.cn250[229,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-CacheTime: 21600
X-Swift-SaveTime: Thu, 06 Apr 2023 12:10:34 GMT

Redirect headers

content-type: text/html; charset=UTF-8
date: Thu, 06 Apr 2023 12:10:31 GMT
location: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
server: nginx

GET
H/1.1 200
OK zb.css
ml80620mlt.oftwtja.cn/36/images/ 1 KB
2 KB 256ms
255ms Stylesheet
text/css 122.228.95.166
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml80620mlt.oftwtja.cn/36/images/zb.css
Requested by: Host: ml80620mlt.oftwtja.cn
URL: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.95.166 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 73349ae60e94749dae11956b177e69c5edd29cf4f81380c0c5e9ed0208f21398

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 06 Apr 2023 12:03:45 GMT
Via: cache36.l2cn1823[0,0,200-0,H], cache25.l2cn1823[1,0], kunlun7.cn250[18,17,200-0,M], kunlun6.cn250[20,0]
Age: 0
X-Swift-CacheTime: 21191
X-Cache: MISS TCP_MISS dirn:-2:-2
Connection: keep-alive
X-Swift-SaveTime: Thu, 06 Apr 2023 12:10:34 GMT
Content-Length: 1230
Last-Modified: Sat, 25 Feb 2023 16:27:32 GMT
Server: Tengine
ETag: "63fa36f4-4ce"
Vary: Accept-Encoding
Ali-Swift-Global-Savetime: 1680782625
Content-Type: text/css
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
EagleId: 7ae45f9c16807830342663863e
Expires: Sat, 06 May 2023 12:03:45 GMT

GET
H2 200 jquery.min.js Show response
cdn.bootcdn.net/ajax/libs/jquery/3.6.3/ 88 KB
32 KB 4468ms
1890ms Script
application/javascript 221.194.141.173
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bootcdn.net/ajax/libs/jquery/3.6.3/jquery.min.js

Requested by

Host: ml80620mlt.oftwtja.cn
URL: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

221.194.141.173 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),

Reverse DNS

Software

openresty /

Resource Hash

a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml80620mlt.oftwtja.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

nginx-hit: 1
date: Thu, 06 Apr 2023 12:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
via: CHN-HElangfang-AREACUCC2-CACHE1[2],CHN-HElangfang-AREACUCC2-CACHE2[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE166[14],CHN-SH-GLOBAL1-CACHE166[0,TCP_HIT,12],EA-SGP-GLOBAL1-CACHE30[15],EA-SGP-GLOBAL1-CACHE25[12,TCP_MISS,13]
age: 8811224
x-ccdn-cachettl: 31536000
cross-origin-resource-policy: cross-origin
nginx-vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31191
last-modified: Wed, 21 Dec 2022 00:05:47 GMT
server: openresty
cf-cdnjs-via: cfworker/kv
etag: "63a24ddb-79d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxFktVZPC4Rcy5q1z%2Bun6a9uXFnIzkmyqWJmwDxI2FnkN9pBqygd5cGtBVVDh1tAq7ef45p0PnCvbzqRW6OxmJz4lZSD8Lb%2BW0zNNM1XCp0MrPmHQ5KFfccTY%2FQlxM3%2F1%2BMf%2BPLn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
x-ccdn-expires: 23208680
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77f0e5664f7a91c0-SIN
x-hcs-proxy-type: 1
expires: Fri, 15 Dec 2023 10:29:31 GMT

GET
H/1.1 200
OK download.gif
ml80620mlt.oftwtja.cn/36/images/ 59 KB
60 KB 261ms
260ms Image
image/gif 122.228.95.166
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml80620mlt.oftwtja.cn/36/images/download.gif
Requested by: Host: ml80620mlt.oftwtja.cn
URL: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.95.166 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 90d75b8759190c35c4e577315b17ec5698605f4c1c3482a0cf4798015dd94524

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 06 Apr 2023 12:03:48 GMT
Via: cache42.l2cn1823[0,0,200-0,H], cache21.l2cn1823[0,0], kunlun6.cn250[18,17,200-0,M], kunlun6.cn250[29,0]
Age: 409
X-Swift-CacheTime: 21191
X-Cache: MISS TCP_MISS dirn:-2:-2
Connection: keep-alive
X-Swift-SaveTime: Thu, 06 Apr 2023 12:10:37 GMT
Content-Length: 60788
Last-Modified: Tue, 04 Apr 2023 07:42:02 GMT
Server: Tengine
ETag: "642bd4ca-ed74"
Ali-Swift-Global-Savetime: 1680782628
Content-Type: image/gif
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
EagleId: 7ae45f9c16807830379361330e
Expires: Sat, 06 May 2023 12:03:48 GMT

GET
H/1.1 200
OK a1.gif
ml80620mlt.oftwtja.cn/36/xx/ 237 KB
237 KB 248ms
248ms Image
image/gif 122.228.95.166
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml80620mlt.oftwtja.cn/36/xx/a1.gif
Requested by: Host: ml80620mlt.oftwtja.cn
URL: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.95.166 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 0d18aca4341e70ac9a13a400a1a8f2a27873df10248cc51098ceb6b248e10036

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 06 Apr 2023 12:03:48 GMT
Via: cache47.l2cn1823[0,0,200-0,H], cache43.l2cn1823[0,0], kunlun10.cn250[13,13,200-0,M], kunlun6.cn250[15,0]
Age: 410
X-Swift-CacheTime: 21190
X-Cache: MISS TCP_MISS dirn:-2:-2
Connection: keep-alive
X-Swift-SaveTime: Thu, 06 Apr 2023 12:10:38 GMT
Content-Length: 242523
Last-Modified: Sat, 25 Feb 2023 13:10:08 GMT
Server: Tengine
ETag: "63fa08b0-3b35b"
Ali-Swift-Global-Savetime: 1680782628
Content-Type: image/gif
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
EagleId: 7ae45f9c16807830384332142e
Expires: Sat, 06 May 2023 12:03:48 GMT

GET
H/1.1 200
OK a2.gif
ml80620mlt.oftwtja.cn/36/xx/ 215 KB
215 KB 250ms
249ms Image
image/gif 122.228.95.166
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml80620mlt.oftwtja.cn/36/xx/a2.gif
Requested by: Host: ml80620mlt.oftwtja.cn
URL: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.95.166 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: ab2480ef84af109e201dbd5c36585289dc595bac632f94d928d4480053b55739

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 06 Apr 2023 12:03:48 GMT
Via: cache45.l2cn1823[0,0,200-0,H], cache44.l2cn1823[0,0], kunlun6.cn250[13,13,200-0,M], kunlun4.cn250[15,0]
Age: 410
X-Swift-CacheTime: 21190
X-Cache: MISS TCP_MISS dirn:-2:-2
Connection: keep-alive
X-Swift-SaveTime: Thu, 06 Apr 2023 12:10:38 GMT
Content-Length: 219897
Last-Modified: Sat, 25 Feb 2023 13:10:08 GMT
Server: Tengine
ETag: "63fa08b0-35af9"
Ali-Swift-Global-Savetime: 1680782628
Content-Type: image/gif
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
EagleId: 7ae45f9a16807830388293244e
Expires: Sat, 06 May 2023 12:03:48 GMT

GET
H/1.1 200
OK a3.gif
ml80620mlt.oftwtja.cn/36/xx/ 187 KB
187 KB 326ms
251ms Image
image/gif 122.228.95.166
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml80620mlt.oftwtja.cn/36/xx/a3.gif
Requested by: Host: ml80620mlt.oftwtja.cn
URL: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.95.166 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: c9440cfdc125beab17ea5c973e88301d78421b828c3c98a07d9d35d22e45acd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 06 Apr 2023 12:03:48 GMT
Via: cache35.l2cn1823[0,0,200-0,H], cache43.l2cn1823[0,0], kunlun9.cn250[14,13,200-0,M], kunlun6.cn250[16,0]
Age: 410
X-Swift-CacheTime: 21190
X-Cache: MISS TCP_MISS dirn:-2:-2
Connection: keep-alive
X-Swift-SaveTime: Thu, 06 Apr 2023 12:10:38 GMT
Content-Length: 191140
Last-Modified: Sat, 25 Feb 2023 13:10:08 GMT
Server: Tengine
ETag: "63fa08b0-2eaa4"
Ali-Swift-Global-Savetime: 1680782628
Content-Type: image/gif
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
EagleId: 7ae45f9c16807830389152979e
Expires: Sat, 06 May 2023 12:03:48 GMT

GET
H/1.1 200
OK a4.gif
ml80620mlt.oftwtja.cn/36/xx/ 78 KB
79 KB 577ms
249ms Image
image/gif 122.228.95.166
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml80620mlt.oftwtja.cn/36/xx/a4.gif
Requested by: Host: ml80620mlt.oftwtja.cn
URL: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.95.166 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: c5bfcf6f0d16a225812a507e7eb2e5cc94a44dc7124cc411be1b55c81e180909

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 06 Apr 2023 12:03:48 GMT
Via: cache22.l2cn1823[0,0,200-0,H], cache10.l2cn1823[0,0], kunlun3.cn250[14,13,200-0,M], kunlun6.cn250[17,0]
Age: 411
X-Swift-CacheTime: 21189
X-Cache: MISS TCP_MISS dirn:-2:-2
Connection: keep-alive
X-Swift-SaveTime: Thu, 06 Apr 2023 12:10:39 GMT
Content-Length: 79827
Last-Modified: Sat, 25 Feb 2023 13:10:08 GMT
Server: Tengine
ETag: "63fa08b0-137d3"
Ali-Swift-Global-Savetime: 1680782628
Content-Type: image/gif
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
EagleId: 7ae45f9c16807830391663407e
Expires: Sat, 06 May 2023 12:03:48 GMT

GET
H/1.1 200
OK kf.png
ml80620mlt.oftwtja.cn/36/images/ 39 KB
39 KB 857ms
439ms Image
image/png 122.228.95.166
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml80620mlt.oftwtja.cn/36/images/kf.png
Requested by: Host: ml80620mlt.oftwtja.cn
URL: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.95.166 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 5d3ab8cc59a5c6fe139f9db901c8af55e77ba2c997903d55d25e0fbe9991a5df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 06 Apr 2023 12:03:48 GMT
Via: cache9.l2cn1823[0,0,200-0,H], cache34.l2cn1823[1,0], kunlun4.cn250[11,10,200-0,M], kunlun9.cn250[18,0]
Age: 411
X-Swift-CacheTime: 21189
X-Cache: MISS TCP_MISS dirn:-2:-2
Connection: keep-alive
X-Swift-SaveTime: Thu, 06 Apr 2023 12:10:39 GMT
Content-Length: 39655
Last-Modified: Sat, 25 Feb 2023 16:27:32 GMT
Server: Tengine
ETag: "63fa36f4-9ae7"
Ali-Swift-Global-Savetime: 1680782628
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
EagleId: 7ae45f9f16807830392601644e
Expires: Sat, 06 May 2023 12:03:48 GMT

GET
H/1.1 200
OK xz.js Show response
ml80620mlt.oftwtja.cn/36/js/ 2 KB
3 KB 1531ms
1531ms Script
application/javascript 122.228.95.166
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml80620mlt.oftwtja.cn/36/js/xz.js
Requested by: Host: ml80620mlt.oftwtja.cn
URL: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.95.166 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 5a9230bae03d3a18db1912b8a8c3b4d8da4bb423427f1c61cecdfd6fd2af41b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 06 Apr 2023 12:10:35 GMT
Via: cache8.l2cn1823[192,192,200-0,M], cache28.l2cn1823[192,0], kunlun4.cn250[1289,1289,200-0,M], kunlun6.cn250[1297,0]
Age: 0
X-Swift-CacheTime: 21600
X-Cache: MISS TCP_MISS dirn:-2:-2
Connection: keep-alive
X-Swift-SaveTime: Thu, 06 Apr 2023 12:10:35 GMT
Content-Length: 2140
Last-Modified: Sat, 25 Feb 2023 16:27:32 GMT
Server: Tengine
ETag: "63fa36f4-85c"
Vary: Accept-Encoding
Ali-Swift-Global-Savetime: 1680783035
Content-Type: application/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
EagleId: 7ae45f9c16807830345234253e
Expires: Sat, 06 May 2023 12:10:35 GMT

GET
H/1.1 200
OK yk.js Show response
qa2js38.oss-cn-beijing.aliyuncs.com/ 147 B
791 B 963ms
179ms Script
application/javascript 59.110.117.124
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://qa2js38.oss-cn-beijing.aliyuncs.com/yk.js
Requested by: Host: ml80620mlt.oftwtja.cn
URL: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.117.124 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: a3d544d725a0f9bbb45e48b3fccf2a96cebf42f1b814fade025fe06aee30b6a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml80620mlt.oftwtja.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 06 Apr 2023 12:10:36 GMT
x-oss-request-id: 642EB6BC9849B43336D9D1C4
Content-MD5: /tP06nw9a6zgoo1ZKTcFZw==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 147
x-oss-object-type: Normal
Last-Modified: Fri, 17 Mar 2023 16:14:44 GMT
Server: AliyunOSS
ETag: "FED3F4EA7C3D6BACE0A28D5929370567"
x-oss-version-id: CAEQGBiBgMC_pLTBtxgiIDI1OTFkNzgxNWU4MDRhNjNiNDcwYzAwY2ZjOTllYjZh
Content-Type: application/javascript
x-oss-ec: 0048-00000113
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 2615332731906365784
x-oss-server-time: 3

GET
H/1.1 200
OK OpenInstall.js Show response
ml80620mlt.oftwtja.cn/36/js/ 37 KB
38 KB 489ms
488ms Script
application/javascript 122.228.95.166
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml80620mlt.oftwtja.cn/36/js/OpenInstall.js
Requested by: Host: ml80620mlt.oftwtja.cn
URL: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 122.228.95.166 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: a771c744e2ac4867655f293a54b953c6840364055fb9ac817b94ed4258da9953

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 06 Apr 2023 12:03:47 GMT
Via: cache2.l2cn1823[0,0,200-0,H], cache43.l2cn1823[0,0], kunlun7.cn250[15,14,200-0,M], kunlun6.cn250[23,0]
Age: 0
X-Swift-CacheTime: 21190
X-Cache: MISS TCP_MISS dirn:-2:-2
Connection: keep-alive
X-Swift-SaveTime: Thu, 06 Apr 2023 12:10:37 GMT
Content-Length: 38385
Last-Modified: Fri, 17 Mar 2023 17:55:21 GMT
Server: Tengine
ETag: "6414a989-95f1"
Vary: Accept-Encoding
Ali-Swift-Global-Savetime: 1680782627
Content-Type: application/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
EagleId: 7ae45f9c16807830370217766e
Expires: Sat, 06 May 2023 12:03:47 GMT

GET
H/1.1 200
OK js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 380ms
184ms Script
application/javascript 47.253.50.2
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: ml80620mlt.oftwtja.cn
URL: https://ml80620mlt.oftwtja.cn/36/?channelCode=50085
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.253.50.2 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: openresty /
Resource Hash: d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml80620mlt.oftwtja.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Thu, 06 Apr 2023 12:10:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 04:34:55 GMT
Server: openresty
ETag: W/"63bceaef-861a"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1296000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 / Show response
api.ipify.org/ 22 B
115 B 606ms
144ms Fetch
application/json 104.237.62.211
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: ml80620mlt.oftwtja.cn
URL: https://ml80620mlt.oftwtja.cn/36/js/OpenInstall.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.237.62.211 El Segundo, United States, ASN18450 (WEBNX, US),
Reverse DNS: hosted-by.racknerd.com
Software: /
Resource Hash: 6e5997508718c7d2604fc494ffd66bcd8d056b60dd44c3aea274972f14b139f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml80620mlt.oftwtja.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin: https://ml80620mlt.oftwtja.cn
date: Thu, 06 Apr 2023 12:10:39 GMT
content-length: 22
vary: Origin
content-type: application/json

GET
H2 200 getip.php Show response
www.taobao.com/help/ 32 B
158 B 502ms
7ms Script
text/html 79.133.177.234
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.taobao.com/help/getip.php?callback=ipCallback
Requested by: Host: ml80620mlt.oftwtja.cn
URL: https://ml80620mlt.oftwtja.cn/36/js/OpenInstall.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 79.133.177.234 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 2e9811242ab6fb9a10432954c393b26732fb9e32193ae8139089a0b35173ff77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml80620mlt.oftwtja.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 12:10:39 GMT
via: cache1.de3[,0]
server: Tengine
timing-allow-origin: *
content-length: 32
eagleid: 4f85b19516807830392971439e
content-type: text/html

POST
H/1.1 200 collect Show response
collect-v6.51.la/v6/ 0
405 B 1012ms
237ms XHR
text/plain 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ml80620mlt.oftwtja.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://ml80620mlt.oftwtja.cn
Date: Thu, 06 Apr 2023 12:10:39 GMT
Access-Control-Allow-Credentials: true
Server: CloudWAF
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST init
web1.yygs777.cn/browse/web/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: web1.yygs777.cn
URL: https://web1.yygs777.cn/browse/web/init?channelCode=50085&av=0&cv=0&hash=&sw=paCm&sh=oaKm&sp=4

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ml80620mlt.oftwtja.cn/	1969-12-31 23:59:59	Name: __vtins__K1bXi7hW7qyrVql8 Value: %7B%22sid%22%3A%20%223bda4f3b-7939-5efd-ba66-46cc17c4df5c%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201680784838806%2C%20%22ct%22%3A%201680783038806%7D
ml80620mlt.oftwtja.cn/	1970-01-20 20:29:03	Name: __51uvsct__K1bXi7hW7qyrVql8 Value: 1
ml80620mlt.oftwtja.cn/	1970-01-20 20:29:03	Name: __51vcke__K1bXi7hW7qyrVql8 Value: 38e6be90-c7d5-5905-b040-4603baea8efb
ml80620mlt.oftwtja.cn/	1970-01-20 20:29:03	Name: __51vuft__K1bXi7hW7qyrVql8 Value: 1680783038809

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
apple-43.in
cdn.bootcdn.net
collect-v6.51.la
ml80620mlt.oftwtja.cn
qa2js38.oss-cn-beijing.aliyuncs.com
qdff.gzievzm.com
sdk.51.la
web1.yygs777.cn
www.taobao.com
web1.yygs777.cn
103.143.19.103
104.237.62.211
122.228.95.166
221.194.141.173
43.135.61.112
47.253.50.2
59.110.117.124
67.229.82.50
79.133.177.234
09daeb1e6b91bb037bb68310480978e842928a1310a0d54b890608137bf6c64e
0d18aca4341e70ac9a13a400a1a8f2a27873df10248cc51098ceb6b248e10036
2e9811242ab6fb9a10432954c393b26732fb9e32193ae8139089a0b35173ff77
5a9230bae03d3a18db1912b8a8c3b4d8da4bb423427f1c61cecdfd6fd2af41b0
5d3ab8cc59a5c6fe139f9db901c8af55e77ba2c997903d55d25e0fbe9991a5df
6e5997508718c7d2604fc494ffd66bcd8d056b60dd44c3aea274972f14b139f2
73349ae60e94749dae11956b177e69c5edd29cf4f81380c0c5e9ed0208f21398
90d75b8759190c35c4e577315b17ec5698605f4c1c3482a0cf4798015dd94524
a3d544d725a0f9bbb45e48b3fccf2a96cebf42f1b814fade025fe06aee30b6a7
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
a771c744e2ac4867655f293a54b953c6840364055fb9ac817b94ed4258da9953
ab2480ef84af109e201dbd5c36585289dc595bac632f94d928d4480053b55739
c5bfcf6f0d16a225812a507e7eb2e5cc94a44dc7124cc411be1b55c81e180909
c9440cfdc125beab17ea5c973e88301d78421b828c3c98a07d9d35d22e45acd5
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

ml80620mlt.oftwtja.cn Open in urlscan Pro 122.228.95.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

94 %HTTPS

0 %IPv6

9 Domains

10 Subdomains

8 IPs

4 Countries

910 kBTransfer

982 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

4 Cookies

Indicators

ml80620mlt.oftwtja.cn Open in urlscan Pro
122.228.95.166 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

8
IPs

4
Countries

910 kB
Transfer

982 kB
Size

4
Cookies

17 HTTP transactions
0 data transactions