hq.36880.xyz Open in urlscan Pro
193.3.191.220  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response hq.36880.xyz/	33 KB 13 KB	1777ms 1021ms	Document text/html	193.3.191.220 EDGENAP
General Check archive.org Show headers Download Go to Full URL https://hq.36880.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 193.3.191.220 , United Kingdom, ASN61414 (EDGENAP, GB), Reverse DNS Software nginx / Resource Hash f1c81311e88e5d7709db20e6ca5cdeab6f798f79b3d3df7a60abd9ca685ac05f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-GB,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-type text/html;charset=UTF-8 date Mon, 10 Jun 2024 19:29:43 GMT server nginx strict-transport-security max-age=31536000 vary Accept-Encoding
GET H/1.1	200 OK	cc.png Show response wssa-321.zhlvdun.com/	332 B 793 B	1535ms 972ms	XHR image/png	170.33.9.227 ASEPL-AS-AP Aliba...
General Check archive.org Show headers Download Go to Full URL https://wssa-321.zhlvdun.com:1386/cc.png?v=5745805623 Requested by Host: hq.36880.xyz URL: https://hq.36880.xyz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.33.9.227 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG), Reverse DNS Software Tengine/2.3.2 / Resource Hash a26a53cfbfbf7cae14898ac89ee39558cd9ed81d4e1d86ff2e5d17b6c185dc1f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://hq.36880.xyz/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 10 Jun 2024 19:29:44 GMT Last-Modified Wed, 27 Oct 2021 04:46:16 GMT Server Tengine/2.3.2 ETag "6178d998-14c" Content-Type image/png Access-Control-Allow-Origin * X-Via 1.1 aws:jp (Cdn Cache Server V2.0), 1.1 ocsapi:00 (Cdn Cache Server V2.0) Connection keep-alive Accept-Ranges bytes Content-Length 332
GET		cc.png ali-z1-xy802.garour.com/	0 0
GET H/1.1	200 OK	cc.png Show response lc-ocsxy.itkingk.com/	332 B 793 B	1289ms 744ms	XHR image/png	170.33.9.227 ASEPL-AS-AP Aliba...
General Check archive.org Show headers Download Go to Full URL https://lc-ocsxy.itkingk.com/cc.png?v=7627443208 Requested by Host: hq.36880.xyz URL: https://hq.36880.xyz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.33.9.227 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG), Reverse DNS Software Tengine/2.3.0 / Resource Hash a26a53cfbfbf7cae14898ac89ee39558cd9ed81d4e1d86ff2e5d17b6c185dc1f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://hq.36880.xyz/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 10 Jun 2024 19:29:44 GMT Last-Modified Thu, 27 Feb 2020 08:02:29 GMT Server Tengine/2.3.0 ETag "5e577795-14c" Content-Type image/png Access-Control-Allow-Origin * X-Via 1.1 aws:jp (Cdn Cache Server V2.0), 1.1 ocsapi:00 (Cdn Cache Server V2.0) Connection keep-alive Accept-Ranges bytes Content-Length 332
GET H2	404	favicon.ico hq.36880.xyz/	548 B 611 B	278ms 278ms	Other text/html	193.3.191.220 EDGENAP
General Check archive.org Show headers Download Go to Full URL https://hq.36880.xyz/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 193.3.191.220 , United Kingdom, ASN61414 (EDGENAP, GB), Reverse DNS Software nginx / Resource Hash d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://hq.36880.xyz/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 19:29:43 GMT server nginx content-length 548 content-type text/html
GET H/1.1	200 OK	cbw Show response lc-ocsxy.itkingk.com/ocs/	677 B 848 B	213ms 212ms	XHR text/plain	170.33.9.227 ASEPL-AS-AP Aliba...
General Check archive.org Show headers Download Go to Full URL https://lc-ocsxy.itkingk.com/ocs/cbw?ts=1718047784525 Requested by Host: hq.36880.xyz URL: https://hq.36880.xyz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 170.33.9.227 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG), Reverse DNS Software Tengine/2.3.0 / Resource Hash 66f5ea35df0a485da711171331e2931b9734cb8581f6ce5f524ee5ee2f58b441 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://hq.36880.xyz/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 10 Jun 2024 19:29:44 GMT Content-Encoding gzip Server Tengine/2.3.0 Api-Elapsed 0.0000 Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin * X-Via 1.1 aws:jp (Cdn Cache Server V2.0), 1.1 ocsapi:00 (Cdn Cache Server V2.0) Connection keep-alive X-Node outer
GET		cc.png zb-ali.ityuryur.com/	0 0
GET		cc.png zb1-hw.zvjspjsm.com/	0 0
GET		cc.png zb-hw.czwygs.com/	0 0
GET H2	200	cc.png Show response xy-hw.rbbgou.com/	98 B 530 B	2499ms 307ms	XHR image/png	23.90.149.106 ZEN-ECN
General Check archive.org Show headers Download Go to Full URL https://xy-hw.rbbgou.com/cc.png?v=7412240973 Requested by Host: hq.36880.xyz URL: https://hq.36880.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.90.149.106 Frankfurt am Main, Germany, ASN21859 (ZEN-ECN, US), Reverse DNS Software openresty / Resource Hash d5c956bffb7565a9df0e1b3c80afba091a617944474243fe8c90d606d75090ec Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://hq.36880.xyz/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 19:29:47 GMT via EU-GER-frankfurt-EDGE4-CACHE2[238],EU-GER-frankfurt-EDGE4-CACHE2[19,TCP_MISS,236],EU-FRA-paris-GLOBAL1-CACHE5[10],EU-FRA-paris-GLOBAL1-CACHE23[0,TCP_HIT,8],1.1 google x-ccdn-cachettl 2592000 last-modified Wed, 08 Jan 2020 12:19:17 GMT server openresty age 1 etag "5e15c8c5-62" content-type image/png access-control-allow-origin * x-ccdn-req-id-46b1 2ffb28fc44a37074c18a37d4aca18e4a x-ccdn-expires 425632 accept-ranges bytes alt-svc h3=":443"; ma=2592000 content-length 98 x-hcs-proxy-type 1
GET H2	200	cc.png Show response xy-ali.xuyawei.com/	98 B 477 B	391ms 115ms	XHR image/png	163.181.92.246 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://xy-ali.xuyawei.com/cc.png?v=8593589715 Requested by Host: hq.36880.xyz URL: https://hq.36880.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 163.181.92.246 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash d5c956bffb7565a9df0e1b3c80afba091a617944474243fe8c90d606d75090ec Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://hq.36880.xyz/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 20 May 2024 02:31:07 GMT via 1.1 google, cache25.l2de2[0,0,304-0,H], cache6.l2de2[0,0], ens-cache1.de5[0,0,200-0,H], ens-cache2.de5[0,0] age 1875518 x-swift-cachetime 2587712 x-cache HIT TCP_HIT dirn:12:604349579 x-swift-savetime Mon, 20 May 2024 03:42:35 GMT content-length 98 last-modified Wed, 08 Jan 2020 12:19:17 GMT server Tengine etag "5e15c8c5-62" ali-swift-global-savetime 1716172267 content-type image/png access-control-allow-origin * accept-ranges bytes timing-allow-origin * eagleid a3b55c9617180477850572953e
GET H2	200	stat.php Show response hq.36880.xyz/web/	2 KB 807 B	677ms 677ms	XHR text/html	193.3.191.220 EDGENAP
General Check archive.org Show headers Download Go to Full URL https://hq.36880.xyz/web/stat.php?url=https://ali-z1-xy802.metaavatargames.com&pv=ajax&pa=host.info&domain=hqg33.com&terminal=1 Requested by Host: hq.36880.xyz URL: https://hq.36880.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 193.3.191.220 , United Kingdom, ASN61414 (EDGENAP, GB), Reverse DNS Software nginx / Resource Hash 2351ebc34bd497171beb18a3bc59241cf48e9188a2ce8e073598e77a5cdc5621 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://hq.36880.xyz/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 19:29:45 GMT strict-transport-security max-age=31536000 content-encoding gzip server nginx vary Accept-Encoding content-type text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ali-z1-xy802.garour.com

URL

https://ali-z1-xy802.garour.com/cc.png?v=2969626963

Domain

zb-ali.ityuryur.com

URL

https://zb-ali.ityuryur.com/cc.png?v=9881031792

Domain

zb1-hw.zvjspjsm.com

URL

https://zb1-hw.zvjspjsm.com/cc.png?v=2081814978

Domain

zb-hw.czwygs.com

URL

https://zb-hw.czwygs.com/cc.png?v=9249776777

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dpc94kc2 function| a4vjeuue object| nanoajax object| Tools object| $_cookie boolean| INIT_MASK boolean| IS_MOBILE number| TIME_OUT object| OCS_INFO string| DLL_VERSION string| CURRENT_VERSION undefined| SKINS_VERSION undefined| WEB_TITLES string| COMMON_PROTOCOL string| URL_APP_DOWNLOAD string| WASM_TOOL_VER object| COMMON_DOMAIN boolean| INIT_DONE undefined| LOTTO_DOMAINS object| API_DOMAINS object| API_DOMAINS_GROUP string| UPLOAD_HOST string| CDN_PATH

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hq.36880.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ali-z1-xy802.garour.com/cc.png?v=2969626963 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://zb-ali.ityuryur.com/cc.png?v=9881031792 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://zb1-hw.zvjspjsm.com/cc.png?v=2081814978 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ali-z1-xy802.garour.com
hq.36880.xyz
lc-ocsxy.itkingk.com
wssa-321.zhlvdun.com
xy-ali.xuyawei.com
xy-hw.rbbgou.com
zb-ali.ityuryur.com
zb-hw.czwygs.com
zb1-hw.zvjspjsm.com
ali-z1-xy802.garour.com
zb-ali.ityuryur.com
zb-hw.czwygs.com
zb1-hw.zvjspjsm.com
163.181.92.246
170.33.9.227
193.3.191.220
23.90.149.106
2351ebc34bd497171beb18a3bc59241cf48e9188a2ce8e073598e77a5cdc5621
66f5ea35df0a485da711171331e2931b9734cb8581f6ce5f524ee5ee2f58b441
a26a53cfbfbf7cae14898ac89ee39558cd9ed81d4e1d86ff2e5d17b6c185dc1f
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d5c956bffb7565a9df0e1b3c80afba091a617944474243fe8c90d606d75090ec
f1c81311e88e5d7709db20e6ca5cdeab6f798f79b3d3df7a60abd9ca685ac05f