urlscan.io logo urlscan.io
SecurityTrails logo

xqesvpsjozix.e8je.liqian-x.top Open in urlscan Pro
107.163.19.60  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://63n8.com/
Effective URL: https://xqesvpsjozix.e8je.liqian-x.top/acnrhax/?channelCode=5366
Submission: On December 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 20 HTTP transactions. The main IP is 107.163.19.60, located in United States and belongs to HKGATEWAY-ASN1 Hong Kong Gateway Limited, HK. The main domain is xqesvpsjozix.e8je.liqian-x.top.
TLS certificate: Issued by R10 on December 5th 2024. Valid for: 3 months.
This is the only time xqesvpsjozix.e8je.liqian-x.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 118.194.249.241 135377 (UCLOUD-HK...)
2 107.163.19.60 132721 (HKGATEWAY...)
8 183.66.100.32 134420 (CHINATELE...)
4 113.194.51.102 4837 (CHINA169-...)
2 90.84.161.22 2285 (OCB_HONEY...)
2 106.225.241.95 134238 (CT-JIANGX...)
1 223.109.148.173 56046 (CMNET-JIA...)
20 7
1    118.194.249.241 (Seoul, Korea, Republic Of)

ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK)
63n8.com
2    107.163.19.60 (United States)

ASN132721 (HKGATEWAY-ASN1 Hong Kong Gateway Limited, HK)
xqesvpsjozix.e8je.liqian-x.top
8    183.66.100.32 (China)

ASN134420 (CHINATELECOM-CHONGQING-IDC Chongqing Telecom, CN)
vs6hgrlvucw-aax0-1324140427.cos.ap-chengdu.myqcloud.com
4    113.194.51.102 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
6nwi3bhkv8.r1xk.gskgyy.cn
2    90.84.161.22 (France)

ASN2285 (OCB_HONEY_CDN_ASN Orange S.A., FR)
haehsvsehjdvts.dou8.top
2    106.225.241.95 (China)

ASN134238 (CT-JIANGXI-IDC CHINANET Jiangx province IDC network, CN)
v1.cnzz.com
c.cnzz.com
1    223.109.148.173 (Tianjin, China)

ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN)
z6.cnzz.com
Apex Domain
Subdomains		 Transfer
8 myqcloud.com
vs6hgrlvucw-aax0-1324140427.cos.ap-chengdu.myqcloud.com
1 MB
4 gskgyy.cn
6nwi3bhkv8.r1xk.gskgyy.cn
20 KB
3 cnzz.com
v1.cnzz.com — Cisco Umbrella Rank: 116715
z6.cnzz.com — Cisco Umbrella Rank: 180826
c.cnzz.com — Cisco Umbrella Rank: 91025
5 KB
2 dou8.top
haehsvsehjdvts.dou8.top
2 KB
2 liqian-x.top
xqesvpsjozix.e8je.liqian-x.top
1 KB
1 63n8.com
63n8.com
141 B
0 djzmbhet.xyz Failed
avdudhagdnlahdn9.djzmbhet.xyz Failed
20 7
Domain Requested by
8 vs6hgrlvucw-aax0-1324140427.cos.ap-chengdu.myqcloud.com xqesvpsjozix.e8je.liqian-x.top
4 6nwi3bhkv8.r1xk.gskgyy.cn xqesvpsjozix.e8je.liqian-x.top
2 haehsvsehjdvts.dou8.top 6nwi3bhkv8.r1xk.gskgyy.cn
2 xqesvpsjozix.e8je.liqian-x.top
1 c.cnzz.com v1.cnzz.com
1 z6.cnzz.com v1.cnzz.com
1 v1.cnzz.com 6nwi3bhkv8.r1xk.gskgyy.cn
1 63n8.com 1 redirects
0 avdudhagdnlahdn9.djzmbhet.xyz Failed 6nwi3bhkv8.r1xk.gskgyy.cn
20 9

This site contains no links.

Subject Issuer Validity Valid
1kj434z206bi.tqux.liqian-x.top
R10		 2024-12-05 -
2025-03-05		 3 months crt.sh
*.cos.ap-chengdu.myqcloud.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-03-19 -
2025-04-20		 a year crt.sh
6nwi3bhkv8.r1xk.gskgyy.cn
TrustAsia RSA DV TLS CA G2		 2024-12-13 -
2025-03-13		 3 months crt.sh
haehsvsehjdvts.dou8.top
ZeroSSL RSA Domain Secure Site CA		 2024-12-12 -
2025-03-12		 3 months crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-02-17 -
2025-03-20		 a year crt.sh

This page contains 1 frames:

Frame: https://avdudhagdnlahdn9.djzmbhet.xyz:8888/kdiaodlknic/1229.apk
Frame ID: 376852E3636C251B1896E1AAC41DCA63
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://63n8.com/ HTTP 301
    https://xqesvpsjozix.e8je.liqian-x.top/acnrhax/?channelCode=5366 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

95 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

7
IPs

4
Countries

1230 kB
Transfer

1266 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://63n8.com/ HTTP 301
    https://xqesvpsjozix.e8je.liqian-x.top/acnrhax/?channelCode=5366 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://haehsvsehjdvts.dou8.top/page/vi3sm9el/install/c/eyJjIjoiNTM2NiIsIm0iOiJEOEhPQUxQWTIwd0FBQUdUejRLZFdrRlNBalhXWU1laXhnVzJrUjdPNVJ4N3U0UU9DS3hoaHQ4N254cEM2SWhldmlqSDNGWEhsU3RWLVMwM2VOSWZGQXZhaXpURGhFMXhweWkyT1hma1BUSSJ9?p=0 HTTP 302
  • https://avdudhagdnlahdn9.djzmbhet.xyz:8888/kdiaodlknic/1229.apk

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xqesvpsjozix.e8je.liqian-x.top/acnrhax/
Redirect Chain
  • https://63n8.com/
  • https://xqesvpsjozix.e8je.liqian-x.top/acnrhax/?channelCode=5366
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xqesvpsjozix.e8je.liqian-x.top/acnrhax/?channelCode=5366
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.163.19.60 , United States, ASN132721 (HKGATEWAY-ASN1 Hong Kong Gateway Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
73d23c8bb9031f1b7996055d19bfd6c97ccd8efd5e06837fc29542c5d8258a02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 16 Dec 2024 12:47:33 GMT
etag
W/"675c88d4-cb9"
last-modified
Fri, 13 Dec 2024 19:19:48 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

content-length
162
content-type
text/html
date
Mon, 16 Dec 2024 12:47:18 GMT
location
https://xqesvpsjozix.e8je.liqian-x.top/acnrhax/?channelCode=5366
server
nginx
strict-transport-security
max-age=31536000
index.css
vs6hgrlvucw-aax0-1324140427.cos.ap-chengdu.myqcloud.com/xin-bb/assets/css/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vs6hgrlvucw-aax0-1324140427.cos.ap-chengdu.myqcloud.com/xin-bb/assets/css/index.css
Requested by
Host: xqesvpsjozix.e8je.liqian-x.top
URL: https://xqesvpsjozix.e8je.liqian-x.top/acnrhax/?channelCode=5366
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.66.100.32 , China, ASN134420 (CHINATELECOM-CHONGQING-IDC Chongqing Telecom, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
f03514d4f7116f8b98d89e3b9013f642583630e1e0630731f337604ebaa7565e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xqesvpsjozix.e8je.liqian-x.top/

Response headers

ETag
"e5528441fd8f2ebf9b69ca6aa6783832"
x-cos-request-id
Njc2MDIxNmJfMTgyMDYzNjRfZjgxNF8xOGMxZjE3
Connection
keep-alive
x-cos-force-download
true
x-cos-hash-crc64ecma
10463543784223471512
Accept-Ranges
bytes
Content-Length
4381
Date
Mon, 16 Dec 2024 12:47:39 GMT
Content-Type
text/css
Content-Disposition
attachment
Server
tencent-cos
Last-Modified
Mon, 09 Dec 2024 12:46:49 GMT
jquery-3.5.1.min.js
vs6hgrlvucw-aax0-1324140427.cos.ap-chengdu.myqcloud.com/xin-bb/assets/js/ 		88 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vs6hgrlvucw-aax0-1324140427.cos.ap-chengdu.myqcloud.com/xin-bb/assets/js/jquery-3.5.1.min.js
Requested by
Host: xqesvpsjozix.e8je.liqian-x.top
URL: https://xqesvpsjozix.e8je.liqian-x.top/acnrhax/?channelCode=5366
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.66.100.32 , China, ASN134420 (CHINATELECOM-CHONGQING-IDC Chongqing Telecom, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
7ba6275fcf7142c7e0d066de9adbe2998b02e9d73eab1ec363f1c87fcb813372

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xqesvpsjozix.e8je.liqian-x.top/

Response headers

ETag
"1a887f0404ac808b17d4b73388cbc3d7"
x-cos-request-id
Njc2MDIxNmJfZTMyMTYzNjRfYjI3NV8xN2I3NmYz
Connection
keep-alive
x-cos-force-download
true
x-cos-hash-crc64ecma
15680222513759161151
Accept-Ranges
bytes
Content-Length
90333
Date
Mon, 16 Dec 2024 12:47:39 GMT
Content-Type
text/javascript
Content-Disposition
attachment
Server
tencent-cos
Last-Modified
Mon, 09 Dec 2024 12:46:54 GMT
qrcode.min.js
vs6hgrlvucw-aax0-1324140427.cos.ap-chengdu.myqcloud.com/xin-bb/assets/js/ 		19 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vs6hgrlvucw-aax0-1324140427.cos.ap-chengdu.myqcloud.com/xin-bb/assets/js/qrcode.min.js
Requested by
Host: xqesvpsjozix.e8je.liqian-x.top
URL: https://xqesvpsjozix.e8je.liqian-x.top/acnrhax/?channelCode=5366
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.66.100.32 , China, ASN134420 (CHINATELECOM-CHONGQING-IDC Chongqing Telecom, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xqesvpsjozix.e8je.liqian-x.top/

Response headers

ETag
"517b55d3688ce9ef1085a3d9632bcb97"
x-cos-request-id
Njc2MDIxNmJfYTNhOTYzNjRfZDczNF8xNzM4MTU4
Connection
keep-alive
x-cos-force-download
true
x-cos-hash-crc64ecma
17632674935737242381
Accept-Ranges
bytes
Content-Length
19927
Date
Mon, 16 Dec 2024 12:47:39 GMT
Content-Type
text/javascript
Content-Disposition
attachment
Server
tencent-cos
Last-Modified
Mon, 09 Dec 2024 12:46:53 GMT
head.123
vs6hgrlvucw-aax0-1324140427.cos.ap-chengdu.myqcloud.com/xin-bb/assets/img/ 		149 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vs6hgrlvucw-aax0-1324140427.cos.ap-chengdu.myqcloud.com/xin-bb/assets/img/head.123
Requested by
Host: xqesvpsjozix.e8je.liqian-x.top
URL: https://xqesvpsjozix.e8je.liqian-x.top/acnrhax/?channelCode=5366
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.66.100.32 , China, ASN134420 (CHINATELECOM-CHONGQING-IDC Chongqing Telecom, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
dc5494616cf0f0adb75370ef610438050eb2cdc8dc8d29454fcc96862e86667a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xqesvpsjozix.e8je.liqian-x.top/

Response headers

ETag
"d9a8f51218760f993b862cd04f171820"
x-cos-request-id
Njc2MDIxNmNfMTgyMDYzNjRfZjdlZF8xODlmYWRl
Connection
keep-alive
x-cos-force-download
true
x-cos-hash-crc64ecma
4485264170805723502
Accept-Ranges
bytes
Content-Length
152858
Date
Mon, 16 Dec 2024 12:47:40 GMT
Content-Type
application/octet-stream
Content-Disposition
attachment
Server
tencent-cos
Last-Modified
Mon, 09 Dec 2024 12:46:51 GMT
bg.123
vs6hgrlvucw-aax0-1324140427.cos.ap-chengdu.myqcloud.com/xin-bb/assets/img/ 		641 KB
641 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vs6hgrlvucw-aax0-1324140427.cos.ap-chengdu.myqcloud.com/xin-bb/assets/img/bg.123
Requested by
Host: xqesvpsjozix.e8je.liqian-x.top
URL: https://xqesvpsjozix.e8je.liqian-x.top/acnrhax/?channelCode=5366
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.66.100.32 , China, ASN134420 (CHINATELECOM-CHONGQING-IDC Chongqing Telecom, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
030fb2a51f915c20430596ee1a178625d7a1db3d06d965dd03ed446bdd10522c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xqesvpsjozix.e8je.liqian-x.top/

Response headers

ETag
"5cbdbd28826c4dddbfa92dd6f01e7082"
x-cos-request-id
Njc2MDIxNmJfNzBkM2UwYl9lMWNiXzE4Nzk4MTU=
Connection
keep-alive
x-cos-force-download
true
x-cos-hash-crc64ecma
5181926202603824043
Accept-Ranges
bytes
Content-Length
656370
Date
Mon, 16 Dec 2024 12:47:39 GMT
Content-Type
application/octet-stream
Content-Disposition
attachment
Server
tencent-cos
Last-Modified
Mon, 09 Dec 2024 12:46:55 GMT
page-img1.123
vs6hgrlvucw-aax0-1324140427.cos.ap-chengdu.myqcloud.com/xin-bb/assets/img/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vs6hgrlvucw-aax0-1324140427.cos.ap-chengdu.myqcloud.com/xin-bb/assets/img/page-img1.123
Requested by
Host: xqesvpsjozix.e8je.liqian-x.top
URL: https://xqesvpsjozix.e8je.liqian-x.top/acnrhax/?channelCode=5366
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.66.100.32 , China, ASN134420 (CHINATELECOM-CHONGQING-IDC Chongqing Telecom, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
8a03693a04c6edfbb0a743a970cc7153469eba0e07c07ca4f1b438a42fad2ff6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xqesvpsjozix.e8je.liqian-x.top/

Response headers

ETag
"17db65c5640c81d66d692995bda49cd7"
x-cos-request-id
Njc2MDIxNmNfZTMyMTYzNjRfYjI3OV8xN2JmN2Yw
Connection
keep-alive
x-cos-force-download
true
x-cos-hash-crc64ecma
13514122192716567931
Accept-Ranges
bytes
Content-Length
45418
Date
Mon, 16 Dec 2024 12:47:40 GMT
Content-Type
application/octet-stream
Content-Disposition
attachment
Server
tencent-cos
Last-Modified
Mon, 09 Dec 2024 12:46:52 GMT
page-img2.123
vs6hgrlvucw-aax0-1324140427.cos.ap-chengdu.myqcloud.com/xin-bb/assets/img/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vs6hgrlvucw-aax0-1324140427.cos.ap-chengdu.myqcloud.com/xin-bb/assets/img/page-img2.123
Requested by
Host: xqesvpsjozix.e8je.liqian-x.top
URL: https://xqesvpsjozix.e8je.liqian-x.top/acnrhax/?channelCode=5366
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.66.100.32 , China, ASN134420 (CHINATELECOM-CHONGQING-IDC Chongqing Telecom, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
33a37cc3dfd18900f0f953b4c0ced157154ab55216387cc21609654f1da76d86

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xqesvpsjozix.e8je.liqian-x.top/

Response headers

ETag
"b1189a0904f3f8f81b65ece065941c75"
x-cos-request-id
Njc2MDIxNmNfYTNhOTYzNjRfZDczYV8xNzI0NjYx
Connection
keep-alive
x-cos-force-download
true
x-cos-hash-crc64ecma
13417237289844759577
Accept-Ranges
bytes
Content-Length
136474
Date
Mon, 16 Dec 2024 12:47:40 GMT
Content-Type
application/octet-stream
Content-Disposition
attachment
Server
tencent-cos
Last-Modified
Mon, 09 Dec 2024 12:46:53 GMT
foot.123
vs6hgrlvucw-aax0-1324140427.cos.ap-chengdu.myqcloud.com/xin-bb/assets/img/ 		117 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vs6hgrlvucw-aax0-1324140427.cos.ap-chengdu.myqcloud.com/xin-bb/assets/img/foot.123
Requested by
Host: xqesvpsjozix.e8je.liqian-x.top
URL: https://xqesvpsjozix.e8je.liqian-x.top/acnrhax/?channelCode=5366
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.66.100.32 , China, ASN134420 (CHINATELECOM-CHONGQING-IDC Chongqing Telecom, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
044de27ed7f9064cbdd8f96b1d5add06504a23b5324e14c155b9f8161864da84

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xqesvpsjozix.e8je.liqian-x.top/

Response headers

ETag
"79c5ae9591f334e39a1d061653406374"
x-cos-request-id
Njc2MDIxNmNfZTMyMTYzNjRfYjI3Ml8xNzg1MjJj
Connection
keep-alive
x-cos-force-download
true
x-cos-hash-crc64ecma
12164696399897426265
Accept-Ranges
bytes
Content-Length
120135
Date
Mon, 16 Dec 2024 12:47:40 GMT
Content-Type
application/octet-stream
Content-Disposition
attachment
Server
tencent-cos
Last-Modified
Mon, 09 Dec 2024 12:46:52 GMT
tsinstall.js
6nwi3bhkv8.r1xk.gskgyy.cn/common/js/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://6nwi3bhkv8.r1xk.gskgyy.cn/common/js/tsinstall.js
Requested by
Host: xqesvpsjozix.e8je.liqian-x.top
URL: https://xqesvpsjozix.e8je.liqian-x.top/acnrhax/?channelCode=5366
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
113.194.51.102 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
926749e001bda240af84fa38edc2039a429d225a0205a726d374b31996949bce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xqesvpsjozix.e8je.liqian-x.top/

Response headers

EO-Cache-Status
HIT
Content-Encoding
br
Etag
"57603992652c140aa7a2d4ff8136345e"
x-cos-request-id
Njc1Yzg4ZDZfNjBkM2UwYl8xMzMxMl8xM2MyMzUx
EO-LOG-UUID
3986757990651367070
Connection
keep-alive
x-cos-hash-crc64ecma
15404598733812162035
Accept-Ranges
bytes
Content-Length
17727
Date
Mon, 16 Dec 2024 12:47:41 GMT
Last-Modified
Fri, 29 Nov 2024 10:24:24 GMT
Content-Type
text/javascript
Server
tencent-cos
server.js
6nwi3bhkv8.r1xk.gskgyy.cn/Universal/js/ 		39 B
460 B 		Script
General
Check archive.org
Download Go to
Full URL
https://6nwi3bhkv8.r1xk.gskgyy.cn/Universal/js/server.js
Requested by
Host: xqesvpsjozix.e8je.liqian-x.top
URL: https://xqesvpsjozix.e8je.liqian-x.top/acnrhax/?channelCode=5366
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
113.194.51.102 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
eeb87ee423dbcd4e838e1df4bd9438a6b364b19711163d00b0f6918510dfda39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xqesvpsjozix.e8je.liqian-x.top/

Response headers

EO-Cache-Status
HIT
Etag
"9d8d2a6e3ff983284db72aeba806fed3"
x-cos-request-id
Njc1Yzg4ZGRfNGQwZTNlMGJfNDZlMV8xNDM4MTFk
EO-LOG-UUID
9464945901334042747
Connection
keep-alive
x-cos-hash-crc64ecma
4559912776239059817
Accept-Ranges
bytes
Content-Length
39
Date
Mon, 16 Dec 2024 12:47:41 GMT
Last-Modified
Thu, 12 Dec 2024 13:32:07 GMT
Content-Type
text/javascript
Server
tencent-cos
ax-77.js
6nwi3bhkv8.r1xk.gskgyy.cn/T-different/js/ 		1 KB
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://6nwi3bhkv8.r1xk.gskgyy.cn/T-different/js/ax-77.js
Requested by
Host: xqesvpsjozix.e8je.liqian-x.top
URL: https://xqesvpsjozix.e8je.liqian-x.top/acnrhax/?channelCode=5366
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
113.194.51.102 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
82ba2afa7258538417d4eb3377e0fb52d23c506b1cb360f2c017ec83785a7b93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xqesvpsjozix.e8je.liqian-x.top/

Response headers

EO-Cache-Status
HIT
Content-Encoding
br
Etag
"10ed140575878fddff46aa05122e56bd"
x-cos-request-id
Njc1Yzg4ZGVfYzgyNTYzNjRfYTFkZl8xNDJmMzkz
EO-LOG-UUID
17996931849685060373
Connection
keep-alive
x-cos-hash-crc64ecma
16850884056480190258
Accept-Ranges
bytes
Content-Length
500
Date
Mon, 16 Dec 2024 12:47:41 GMT
Last-Modified
Fri, 29 Nov 2024 10:24:18 GMT
Content-Type
text/javascript
Server
tencent-cos
statistics-a.js
6nwi3bhkv8.r1xk.gskgyy.cn/xin-so/assets/js/ 		141 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://6nwi3bhkv8.r1xk.gskgyy.cn/xin-so/assets/js/statistics-a.js
Requested by
Host: xqesvpsjozix.e8je.liqian-x.top
URL: https://xqesvpsjozix.e8je.liqian-x.top/acnrhax/?channelCode=5366
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
113.194.51.102 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
010dd0a35d8f76a0826026af36f3251ac7875adb5dedc16c93514cd21d10f8eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xqesvpsjozix.e8je.liqian-x.top/

Response headers

EO-Cache-Status
HIT
Etag
"66775fb131dff528084e67a5cb8f5a86"
x-cos-request-id
Njc1Yzg4ZDdfMWUyNjYzNjRfMTM4NDJfMTQxMTAwYg==
EO-LOG-UUID
5668803796813480696
Connection
keep-alive
x-cos-hash-crc64ecma
3768697754762057141
Accept-Ranges
bytes
Content-Length
141
Date
Mon, 16 Dec 2024 12:47:41 GMT
Last-Modified
Fri, 29 Nov 2024 10:24:29 GMT
Content-Type
text/javascript
Server
tencent-cos
truncated
/ 		85 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb0564d454ff5e58e5fc40828c87d04a07e9f10a303e89c21ccc67a947dbc5e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
init
haehsvsehjdvts.dou8.top/web/vi3sm9el/5366/ 		683 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://haehsvsehjdvts.dou8.top/web/vi3sm9el/5366/init?channelCode=5366&av=0&cv=0&hash=&server=haehsvsehjdvts.dou8.top&sw=p6Cmpg&sh=p6Smpg&sp=1&li=p6GkuKehuKa4p64
Requested by
Host: 6nwi3bhkv8.r1xk.gskgyy.cn
URL: https://6nwi3bhkv8.r1xk.gskgyy.cn/common/js/tsinstall.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN Orange S.A., FR),
Reverse DNS
Software
openresty /
Resource Hash
d00e7af299d6a3ef506df5e337d6e6a948c551f1bca24b9b836886f6a84383b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://xqesvpsjozix.e8je.liqian-x.top/

Response headers

X-CCDN-Origin-Time
362
x-hcs-proxy-type
0
Connection
keep-alive
Access-Control-Allow-Credentials
true
X-CCDN-CacheTTL
2592000
via
EU-GER-frankfurt-EDGE5-CACHE3[584],EU-GER-frankfurt-EDGE5-CACHE4[578,TCP_MISS,581],EU-FRA-paris-GLOBAL1-CACHE5[566],EU-FRA-paris-GLOBAL1-CACHE4[362,TCP_MISS,563]
Accept-Ranges
bytes
Access-Control-Allow-Origin
https://xqesvpsjozix.e8je.liqian-x.top
X-CCDN-REQ-ID-46B1
1a29618c5ec72e1e1adc22b521031d58
Content-Length
683
Date
Mon, 16 Dec 2024 12:47:44 GMT
Content-Type
application/json;charset=utf-8
Vary
Origin
Server
openresty
z.js
v1.cnzz.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.cnzz.com/z.js?id=1281334663&async=1
Requested by
Host: 6nwi3bhkv8.r1xk.gskgyy.cn
URL: https://6nwi3bhkv8.r1xk.gskgyy.cn/xin-so/assets/js/statistics-a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
106.225.241.95 , China, ASN134238 (CT-JIANGXI-IDC CHINANET Jiangx province IDC network, CN),
Reverse DNS
Software
Tengine /
Resource Hash
5da1188906e58630623ebee250e4aacd2ee98e0e86402f4df437659710a88eed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://xqesvpsjozix.e8je.liqian-x.top/

Response headers

content-encoding
br
etag
W/"17552435623606516064"
age
245
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
date
Mon, 16 Dec 2024 12:43:38 GMT
content-type
application/javascript
vary
accept-encoding
cache-control
public, max-age=300
x-swift-cachetime
300
timing-allow-origin
*
via
cache38.l2cn7828[74,76,304-0,H], cache52.l2cn7828[78,0], cache6.cn3693[0,0,200-0,H], cache7.cn3693[5,0]
ali-swift-global-savetime
1734353018
x-swift-savetime
Mon, 16 Dec 2024 12:43:38 GMT
eagleid
6ae1f19b17343532635631438e
content-length
3888
server
Tengine
stat.htm
z6.cnzz.com/ 		2 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://z6.cnzz.com/stat.htm?id=1281334663&r=&lg=de-de&ntime=none&cnzz_eid=1357142722-1734353264-&showp=1600x1200&p=https%3A%2F%2Fxqesvpsjozix.e8je.liqian-x.top%2Facnrhax%2F%3FchannelCode%3D5366&t=&umuuid=193cf829c99582-0582e7493735e7-16462c6e-1d4c00-193cf829c9a844&h=1
Requested by
Host: v1.cnzz.com
URL: https://v1.cnzz.com/z.js?id=1281334663&async=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
223.109.148.173 Tianjin, China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xqesvpsjozix.e8je.liqian-x.top/

Response headers

content-encoding
gzip
date
Mon, 16 Dec 2024 12:47:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
Tengine
c.js
c.cnzz.com/ 		906 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.cnzz.com/c.js?web_id=1281334663&t=z
Requested by
Host: v1.cnzz.com
URL: https://v1.cnzz.com/z.js?id=1281334663&async=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
106.225.241.95 , China, ASN134238 (CT-JIANGXI-IDC CHINANET Jiangx province IDC network, CN),
Reverse DNS
Software
Tengine /
Resource Hash
56fb254f9464faad900848011417478f2353690722d00107f4721a07e6a7c53a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xqesvpsjozix.e8je.liqian-x.top/

Response headers

cache-control
public, max-age=321
x-swift-cachetime
321
timing-allow-origin
*
etag
W/"4843387006892891622"
age
12
via
cache35.l2cn7828[60,74,304-0,H], cache33.l2cn7828[76,0], cache5.cn3693[0,0,200-0,H], cache7.cn3693[1,0]
ali-swift-global-savetime
1734353252
x-swift-savetime
Mon, 16 Dec 2024 12:47:32 GMT
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
content-length
906
date
Mon, 16 Dec 2024 12:47:32 GMT
content-type
application/javascript
eagleid
6ae1f19b17343532647496762e
server
Tengine
favicon.ico
xqesvpsjozix.e8je.liqian-x.top/ 		148 B
228 B 		Other
General
Check archive.org
Download Go to
Full URL
https://xqesvpsjozix.e8je.liqian-x.top/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.163.19.60 , United States, ASN132721 (HKGATEWAY-ASN1 Hong Kong Gateway Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
9cad3cff676946810a81047247f12e4e51faccc01df4134edfd871aee8ba0956

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xqesvpsjozix.e8je.liqian-x.top/acnrhax/?channelCode=5366

Response headers

content-length
148
date
Mon, 16 Dec 2024 12:47:45 GMT
etag
"675c88d4-94"
content-type
text/html
server
nginx
eyJjIjoiNTM2NiIsIm0iOiJzbWZrLTZuNkpKMEFBQUdUejRLZFd1WldkQkxRZUt3MDZJMk1ZUFVydnZncEVVWm9JTktReUJqX2hoUldxTTFncXU2Slg1YmFyTm03cV9UZDdscjdlOTB0WTJPRzBaX0JRMFNtak5nd1dmOCJ9
haehsvsehjdvts.dou8.top/web/vi3sm9el/5366/clicked/c/ 		0
795 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://haehsvsehjdvts.dou8.top/web/vi3sm9el/5366/clicked/c/eyJjIjoiNTM2NiIsIm0iOiJzbWZrLTZuNkpKMEFBQUdUejRLZFd1WldkQkxRZUt3MDZJMk1ZUFVydnZncEVVWm9JTktReUJqX2hoUldxTTFncXU2Slg1YmFyTm03cV9UZDdscjdlOTB0WTJPRzBaX0JRMFNtak5nd1dmOCJ9?p=0&ref=https%3A%2F%2Fxqesvpsjozix.e8je.liqian-x.top%2Facnrhax%2F%3FchannelCode%3D5366&ac=0&cc=0&channelCode=5366
Requested by
Host: 6nwi3bhkv8.r1xk.gskgyy.cn
URL: https://6nwi3bhkv8.r1xk.gskgyy.cn/common/js/tsinstall.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN Orange S.A., FR),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://xqesvpsjozix.e8je.liqian-x.top/

Response headers

X-CCDN-Origin-Time
365
x-hcs-proxy-type
0
Connection
keep-alive
Access-Control-Allow-Credentials
true
X-CCDN-CacheTTL
2592000
via
EU-GER-frankfurt-EDGE5-CACHE3[391],EU-GER-frankfurt-EDGE5-CACHE2[384,TCP_MISS,389],EU-FRA-paris-GLOBAL1-CACHE14[371],EU-FRA-paris-GLOBAL1-CACHE23[365,TCP_MISS,367]
Accept-Ranges
bytes
Access-Control-Allow-Origin
https://xqesvpsjozix.e8je.liqian-x.top
X-CCDN-REQ-ID-46B1
4bccaaf3a6c9c6ba4ccbefe5330c22b3
Content-Length
0
Date
Mon, 16 Dec 2024 12:47:49 GMT
Vary
Origin
Server
openresty
1229.apk
avdudhagdnlahdn9.djzmbhet.xyz/kdiaodlknic/
Redirect Chain
  • https://haehsvsehjdvts.dou8.top/page/vi3sm9el/install/c/eyJjIjoiNTM2NiIsIm0iOiJEOEhPQUxQWTIwd0FBQUdUejRLZFdrRlNBalhXWU1laXhnVzJrUjdPNVJ4N3U0UU9DS3hoaHQ4N254cEM2SWhldmlqSDNGWEhsU3RWLVMwM2VOSWZGQXZha...
  • https://avdudhagdnlahdn9.djzmbhet.xyz:8888/kdiaodlknic/1229.apk
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
avdudhagdnlahdn9.djzmbhet.xyz
URL
https://avdudhagdnlahdn9.djzmbhet.xyz:8888/kdiaodlknic/1229.apk

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| generateRandomString function| $ function| jQuery object| link function| QRCode object| qrcode function| closeQR function| TechSpark object| data object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1281334663 object| buttons

2 Cookies

Domain/Path Name / Value
.liqian-x.top/ Name: UM_distinctid
Value: 193cf829c99582-0582e7493735e7-16462c6e-1d4c00-193cf829c9a844
xqesvpsjozix.e8je.liqian-x.top/ Name: CNZZDATA1281334663
Value: 1357142722-1734353264-%7C1734353264

3 Console Messages

Source Level URL
Text
javascript warning URL: https://6nwi3bhkv8.r1xk.gskgyy.cn/xin-so/assets/js/statistics-a.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://v1.cnzz.com/z.js?id=1281334663&async=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://6nwi3bhkv8.r1xk.gskgyy.cn/xin-so/assets/js/statistics-a.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://v1.cnzz.com/z.js?id=1281334663&async=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://xqesvpsjozix.e8je.liqian-x.top/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

63n8.com
6nwi3bhkv8.r1xk.gskgyy.cn
avdudhagdnlahdn9.djzmbhet.xyz
c.cnzz.com
haehsvsehjdvts.dou8.top
v1.cnzz.com
vs6hgrlvucw-aax0-1324140427.cos.ap-chengdu.myqcloud.com
xqesvpsjozix.e8je.liqian-x.top
z6.cnzz.com
avdudhagdnlahdn9.djzmbhet.xyz
106.225.241.95
107.163.19.60
113.194.51.102
118.194.249.241
183.66.100.32
223.109.148.173
90.84.161.22
010dd0a35d8f76a0826026af36f3251ac7875adb5dedc16c93514cd21d10f8eb
030fb2a51f915c20430596ee1a178625d7a1db3d06d965dd03ed446bdd10522c
044de27ed7f9064cbdd8f96b1d5add06504a23b5324e14c155b9f8161864da84
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
33a37cc3dfd18900f0f953b4c0ced157154ab55216387cc21609654f1da76d86
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
56fb254f9464faad900848011417478f2353690722d00107f4721a07e6a7c53a
5da1188906e58630623ebee250e4aacd2ee98e0e86402f4df437659710a88eed
73d23c8bb9031f1b7996055d19bfd6c97ccd8efd5e06837fc29542c5d8258a02
7ba6275fcf7142c7e0d066de9adbe2998b02e9d73eab1ec363f1c87fcb813372
82ba2afa7258538417d4eb3377e0fb52d23c506b1cb360f2c017ec83785a7b93
8a03693a04c6edfbb0a743a970cc7153469eba0e07c07ca4f1b438a42fad2ff6
926749e001bda240af84fa38edc2039a429d225a0205a726d374b31996949bce
9cad3cff676946810a81047247f12e4e51faccc01df4134edfd871aee8ba0956
bb0564d454ff5e58e5fc40828c87d04a07e9f10a303e89c21ccc67a947dbc5e3
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
d00e7af299d6a3ef506df5e337d6e6a948c551f1bca24b9b836886f6a84383b9
dc5494616cf0f0adb75370ef610438050eb2cdc8dc8d29454fcc96862e86667a
eeb87ee423dbcd4e838e1df4bd9438a6b364b19711163d00b0f6918510dfda39
f03514d4f7116f8b98d89e3b9013f642583630e1e0630731f337604ebaa7565e