urlscan.io logo urlscan.io
SecurityTrails logo

app1.saamfzk.xyz Open in urlscan Pro
212.24.127.53  Public Scan

Go To Rescan Add Verdict Report
URL: https://app1.saamfzk.xyz/
Submission Tags: @phishunt_io
Submission: On October 13 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 18 domains to perform 38 HTTP transactions. The main IP is 212.24.127.53, located in Frankfurt (Oder), Germany and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is app1.saamfzk.xyz.
TLS certificate: Issued by R3 on October 13th 2023. Valid for: 3 months.
This is the only time app1.saamfzk.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 212.24.127.53 209242 (CLOUDFLAR...)
1 45.60.64.140 19551 (INCAPSULA)
6 43.251.112.223 132825 (MYTEK-AS-...)
3 103.22.158.43 45504 (SPLUNKNET...)
1 212.24.127.34 209242 (CLOUDFLAR...)
2 45.158.56.21 209242 (CLOUDFLAR...)
38 7
20    212.24.127.53 (Frankfurt (Oder), Germany)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
app1.saamfzk.xyz
1    45.60.64.140 (United States)

ASN19551 (INCAPSULA, US)
xyuncdn.o4iht.xyz
6    43.251.112.223 (Australia)

ASN132825 (MYTEK-AS-AP MYTEK TRADING PTY LTD, AU)
www.tianyun38.com
www.xtlyzyjxc.com
www.whshuyi.com
www.zsjunya.com
www.xylykj.com
www.zrkampoon.com
3    103.22.158.43 (Philippines)

ASN45504 (SPLUNKNET-PH MCPO Box 1906, PH)
www.yeyangjj.com
www.wanyao1.com
www.xylgmc.com
1    212.24.127.34 (Frankfurt (Oder), Germany)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.zsdixiong.com
2    45.158.56.21 (Singapore)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.zshujia.com
www.whxjda.com

This site contains links to these domains. Also see Links.

Domain
www.manycai.com
www.lopa1k9.xyz
www.jdcfwealth.com
www.manycai.club
Subject Issuer Validity Valid
app1.saamfzk.xyz
R3		 2023-10-13 -
2024-01-11		 3 months crt.sh
*.awu3e.xyz
R3		 2023-10-03 -
2024-01-01		 3 months crt.sh
www.xylykj.com
R3		 2023-08-01 -
2023-10-30		 3 months crt.sh
www.xylgmc.com
R3		 2023-09-18 -
2023-12-17		 3 months crt.sh
www.zsdixiong.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
www.zshujia.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
www.whxjda.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app1.saamfzk.xyz/
Frame ID: F651225F02B46257B0A53BC58F01B6B6
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

XYUN Loto

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

38
Requests

87 %
HTTPS

0 %
IPv6

18
Domains

18
Subdomains

7
IPs

5
Countries

1241 kB
Transfer

4728 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app1.saamfzk.xyz/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app1.saamfzk.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.53 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
06924694150b156e2313838d8bc8b1f8303e89d69f1de13b3afdf441a0b97b1e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers
Authorization, Set-Cookie
access-control-max-age
86400
cache-control
private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 13 Oct 2023 22:04:12 GMT
server
****
vary
Accept-Encoding
x-cache
BYPASS
x-ratelimit-limit
300
x-ratelimit-remaining
299
x-request-id
31e86351a1a011b6bd375a31c2c51ace
0.d9774650b057c3fe85c0.css
app1.saamfzk.xyz/webx/xy6/desktop/styles/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app1.saamfzk.xyz/webx/xy6/desktop/styles/0.d9774650b057c3fe85c0.css?v=23.08.19.14532
Requested by
Host: app1.saamfzk.xyz
URL: https://app1.saamfzk.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.53 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
7879bdfa80b78ef49786bc8e66f3bdd0174ee05b02d0ade6f0a9fcf3f53c1057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 12 Sep 2023 18:03:17 GMT
server
****
etag
W/"6500a7e5-2421"
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
cache-control
max-age=1800
x-xss-protection
1
x-request-id
ea1a36b7b9ee8c9415d6d98c767abc29
expires
Fri, 20 Oct 2023 22:04:13 GMT
index.d977.css
app1.saamfzk.xyz/webx/xy6/desktop/styles/ 		1 MB
245 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app1.saamfzk.xyz/webx/xy6/desktop/styles/index.d977.css?v=23.08.19.14532
Requested by
Host: app1.saamfzk.xyz
URL: https://app1.saamfzk.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.53 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
83eb460c8267b42d7e1c65f4e69048bc6555a9c3223fcef857b10be256444044
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 12 Sep 2023 18:03:17 GMT
server
****
etag
W/"6500a7e5-118847"
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
cache-control
max-age=1800
x-xss-protection
1
x-request-id
838ddd2f08fb13ab4a5accbd4089c0d7
expires
Fri, 20 Oct 2023 22:04:13 GMT
chunk.vendor.083f.js
app1.saamfzk.xyz/webx/xy6/desktop/javascript/ 		768 KB
272 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.saamfzk.xyz/webx/xy6/desktop/javascript/chunk.vendor.083f.js?v=23.08.19.14532
Requested by
Host: app1.saamfzk.xyz
URL: https://app1.saamfzk.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.53 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
8de9d86e0b39100ff0ebfb8724984b1709737a5c42185ed0f96a9f138941ac6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 14 Aug 2023 11:04:27 GMT
server
****
etag
W/"64da0a3b-c009b"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
683a146ba6be8f6371b9279322a50dc8
expires
Fri, 20 Oct 2023 22:04:13 GMT
base.d977.js
app1.saamfzk.xyz/webx/xy6/desktop/javascript/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.saamfzk.xyz/webx/xy6/desktop/javascript/base.d977.js?v=23.08.19.14532
Requested by
Host: app1.saamfzk.xyz
URL: https://app1.saamfzk.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.53 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
92f636c1270b299cafa6149e46d7edfed13ba1c5e7247d640a849d9767e489e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 12 Sep 2023 18:03:17 GMT
server
****
etag
W/"6500a7e5-26b1"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
2af2f46c72f55a297ff56258b477077d
expires
Fri, 20 Oct 2023 22:04:13 GMT
bootstrap.d977.js
app1.saamfzk.xyz/webx/xy6/desktop/javascript/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.saamfzk.xyz/webx/xy6/desktop/javascript/bootstrap.d977.js?v=23.08.19.14532
Requested by
Host: app1.saamfzk.xyz
URL: https://app1.saamfzk.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.53 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
00e2cfd9dc7399a9169fc3866365628593b6d216ab40dafe30810c8089032c0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 12 Sep 2023 18:03:17 GMT
server
****
etag
W/"6500a7e5-2511"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
448abe36d993dfeb60645e7dda20e389
expires
Fri, 20 Oct 2023 22:04:13 GMT
index.d977.js
app1.saamfzk.xyz/webx/xy6/desktop/javascript/ 		910 KB
255 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.saamfzk.xyz/webx/xy6/desktop/javascript/index.d977.js?v=23.08.19.14532
Requested by
Host: app1.saamfzk.xyz
URL: https://app1.saamfzk.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.53 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
26095be390a00396b042d2902233bcb085f84707d5af2d8448c79e1905e8f2bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 12 Sep 2023 18:03:17 GMT
server
****
etag
W/"6500a7e5-e3618"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
d153d67aa2b5eb5a3108c6ae40a055fc
expires
Fri, 20 Oct 2023 22:04:13 GMT
/
app1.saamfzk.xyz/api/settings/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app1.saamfzk.xyz/api/settings/?fields=
Requested by
Host: app1.saamfzk.xyz
URL: https://app1.saamfzk.xyz/webx/xy6/desktop/javascript/chunk.vendor.083f.js?v=23.08.19.14532
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.53 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
0d507f3ef0206705261e207a9040914ba5d52396264cd66ef1bd99fe47e5dc21

Request headers

Accept
application/json, text/plain, */*
Referer
https://app1.saamfzk.xyz/
Accept-Language
de-DE,de;q=0.9
Authorization
bearer undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Accept-Currency
cny
Content-Type
application/vnd.sc-api.v1.json

Response headers

date
Fri, 13 Oct 2023 22:04:15 GMT
content-encoding
gzip
x-cache
BYPASS
x-request-id
5c8208f43423246e25b33a92c7f7ab9b
x-runtime
0.078
server
****
vary
Accept-Encoding
x-ratelimit-remaining
299
content-type
application/json
access-control-max-age
86400
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers
Authorization, Set-Cookie
cache-control
max-age=0, no-cache, no-store, private
access-control-allow-credentials
true
x-ratelimit-limit
300
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
methods.js
app1.saamfzk.xyz/webx/xy6/static/ 		2 MB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.saamfzk.xyz/webx/xy6/static/methods.js?95a3bc64
Requested by
Host: app1.saamfzk.xyz
URL: https://app1.saamfzk.xyz/webx/xy6/desktop/javascript/index.d977.js?v=23.08.19.14532
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.53 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
47e2730ccb9e07928c685ab984d587e111fe437fdcbad14a6557882232b8d4cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 06 Jun 2023 18:20:18 GMT
server
****
etag
W/"647f78e2-18b186"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
07f80564feef07edb84cb76b6afcc930
expires
Fri, 20 Oct 2023 22:04:15 GMT
truncated
/ 		663 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5109f7cf9ffe5ae6b48ec10d1717c72d4cfe0f3e7fcffa880d13f78a13c03fd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
b01f9e.png
app1.saamfzk.xyz/webx/xy6/desktop/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.saamfzk.xyz/webx/xy6/desktop/images/b01f9e.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.53 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
09c8430f441968be1a763e4d0b0b4035da0e06f9170697acf2ffdb39cd69c202
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:15 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 08:51:34 GMT
server
****
etag
"644a3796-1a51"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
6737
x-xss-protection
1
x-request-id
614c692e3c4e2ceddf4ae22fdd40c048
expires
Fri, 20 Oct 2023 22:04:15 GMT
qr_code_auto.png
xyuncdn.o4iht.xyz/xyun/ 		0
0
truncated
/ 		616 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
746ce85c1199c6bf7fce9461d0df0234de19a17d4eb818d5b749accd1ac9f649

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f617ffdb896e58702cb973494ede2d5d5d5d68e8eb3510696993154aca7c1d99

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
qr_code.png
xyuncdn.o4iht.xyz/xyun/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xyuncdn.o4iht.xyz/xyun/qr_code.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.64.140 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
51d365.jpg
app1.saamfzk.xyz/webx/xy6/desktop/images/ 		228 KB
227 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.saamfzk.xyz/webx/xy6/desktop/images/51d365.jpg
Requested by
Host: app1.saamfzk.xyz
URL: https://app1.saamfzk.xyz/webx/xy6/desktop/styles/index.d977.css?v=23.08.19.14532
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.53 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
8a335ca2723e4f3dd122ba8c407829cea16191c46f137db866c9f065dfac5a37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/webx/xy6/desktop/styles/index.d977.css?v=23.08.19.14532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:15 GMT
strict-transport-security
max-age=31536000; includeSubdomains
content-encoding
gzip
last-modified
Mon, 14 Jun 2021 18:11:19 GMT
server
****
etag
W/"60c79bc7-38fb4"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
cache-control
max-age=1800
x-xss-protection
1
x-request-id
51a6e53e011c11d949e1ef622af9fc40
expires
Fri, 20 Oct 2023 22:04:15 GMT
eff832.png
app1.saamfzk.xyz/webx/xy6/desktop/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.saamfzk.xyz/webx/xy6/desktop/images/eff832.png
Requested by
Host: app1.saamfzk.xyz
URL: https://app1.saamfzk.xyz/webx/xy6/desktop/styles/index.d977.css?v=23.08.19.14532
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.53 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
93aae5bf9d59cc5991ad273591e8ceeb45df699a0120faea7dce43a73be82017
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/webx/xy6/desktop/styles/index.d977.css?v=23.08.19.14532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:15 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 08:01:39 GMT
server
****
etag
"644a2be3-2da9"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
11689
x-xss-protection
1
x-request-id
f2d1e39f30db3cb09210fc92c8176848
expires
Fri, 20 Oct 2023 22:04:15 GMT
a9b14d.png
app1.saamfzk.xyz/webx/xy6/desktop/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.saamfzk.xyz/webx/xy6/desktop/images/a9b14d.png
Requested by
Host: app1.saamfzk.xyz
URL: https://app1.saamfzk.xyz/webx/xy6/desktop/styles/index.d977.css?v=23.08.19.14532
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.53 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
288c96b9004e4d79f8cdea8144aa56651cafd3c1fe29ec9af9cf2f8b68c25aed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/webx/xy6/desktop/styles/index.d977.css?v=23.08.19.14532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:15 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 09:11:16 GMT
server
****
etag
"644a3c34-5777"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
22391
x-xss-protection
1
x-request-id
d87d135145a8b8ea1fd8ece4e3460ae2
expires
Fri, 20 Oct 2023 22:04:15 GMT
6ba544.png
app1.saamfzk.xyz/webx/xy6/desktop/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.saamfzk.xyz/webx/xy6/desktop/images/6ba544.png
Requested by
Host: app1.saamfzk.xyz
URL: https://app1.saamfzk.xyz/webx/xy6/desktop/styles/index.d977.css?v=23.08.19.14532
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.53 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
fce594f41d2e2076fc1a5280296af05687d792d5d0fc0fe25db61be612cef8c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/webx/xy6/desktop/styles/index.d977.css?v=23.08.19.14532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:15 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 08:01:37 GMT
server
****
etag
"644a2be1-3217"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
12823
x-xss-protection
1
x-request-id
36592959897aa9e8a4c2507747aead3d
expires
Fri, 20 Oct 2023 22:04:15 GMT
38b71c.png
app1.saamfzk.xyz/webx/xy6/desktop/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.saamfzk.xyz/webx/xy6/desktop/images/38b71c.png
Requested by
Host: app1.saamfzk.xyz
URL: https://app1.saamfzk.xyz/webx/xy6/desktop/styles/index.d977.css?v=23.08.19.14532
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.53 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/webx/xy6/desktop/styles/index.d977.css?v=23.08.19.14532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:15 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 14 Jun 2021 18:11:19 GMT
server
****
etag
"60c79bc7-3131"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
12593
x-xss-protection
1
x-request-id
05bd4f2f9ef63ae478ff249ec32ec8d3
expires
Fri, 20 Oct 2023 22:04:15 GMT
f5d57e.png
app1.saamfzk.xyz/webx/xy6/desktop/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.saamfzk.xyz/webx/xy6/desktop/images/f5d57e.png
Requested by
Host: app1.saamfzk.xyz
URL: https://app1.saamfzk.xyz/webx/xy6/desktop/styles/index.d977.css?v=23.08.19.14532
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.53 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
6d9c65eccff9b9bd0acea537683d93f7ce4838adfc7dc0e2f86b7818cc25f713
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/webx/xy6/desktop/styles/index.d977.css?v=23.08.19.14532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:15 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 14 Jun 2021 18:11:20 GMT
server
****
etag
"60c79bc8-2bfc"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
11260
x-xss-protection
1
x-request-id
b7b5c5ae3c32b59485580610af7dbf4e
expires
Fri, 20 Oct 2023 22:04:15 GMT
69e9a9.png
app1.saamfzk.xyz/webx/xy6/desktop/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.saamfzk.xyz/webx/xy6/desktop/images/69e9a9.png
Requested by
Host: app1.saamfzk.xyz
URL: https://app1.saamfzk.xyz/webx/xy6/desktop/styles/index.d977.css?v=23.08.19.14532
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.53 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
84cf6658edd92ba460e9e34bea1975f01364ae4ab57dd16663a3657566159911
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/webx/xy6/desktop/styles/index.d977.css?v=23.08.19.14532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:15 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 07:47:44 GMT
server
****
etag
"644a28a0-2aac"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
10924
x-xss-protection
1
x-request-id
9af0f7b6fbf2888a972868ddf74c55d4
expires
Fri, 20 Oct 2023 22:04:15 GMT
aed4e7.png
app1.saamfzk.xyz/webx/xy6/desktop/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.saamfzk.xyz/webx/xy6/desktop/images/aed4e7.png
Requested by
Host: app1.saamfzk.xyz
URL: https://app1.saamfzk.xyz/webx/xy6/desktop/styles/index.d977.css?v=23.08.19.14532
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.53 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
06093f2540e68155f7fff80dc0e7968ee9c222dda462cd2b55268b336faf9708
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/webx/xy6/desktop/styles/index.d977.css?v=23.08.19.14532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:15 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 08:51:33 GMT
server
****
etag
"644a3795-248c"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
9356
x-xss-protection
1
x-request-id
f5a4c700a814bc7acb4e32b9becf7a63
expires
Fri, 20 Oct 2023 22:04:15 GMT
speedtests
app1.saamfzk.xyz/api/domain/platform/ 		370 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app1.saamfzk.xyz/api/domain/platform/speedtests
Requested by
Host: app1.saamfzk.xyz
URL: https://app1.saamfzk.xyz/webx/xy6/desktop/javascript/chunk.vendor.083f.js?v=23.08.19.14532
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.53 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
17fc7912d1351ae63e6b6cfa9c775adbb43b5cffbf0792313573226f6d42b95b

Request headers

Accept
application/json, text/plain, */*
Referer
https://app1.saamfzk.xyz/
Accept-Language
de-DE,de;q=0.9
Authorization
bearer undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Accept-Currency
cny
Content-Type
application/vnd.sc-api.v1.json

Response headers

date
Fri, 13 Oct 2023 22:04:15 GMT
content-encoding
gzip
x-cache
BYPASS
x-request-id
7581398e1ee95e868c5ee85e5be4a919
x-runtime
0.046
server
****
vary
Accept-Encoding
x-ratelimit-remaining
299
content-type
application/json
access-control-max-age
86400
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers
Authorization, Set-Cookie
cache-control
max-age=0, no-cache, no-store, private
access-control-allow-credentials
true
x-ratelimit-limit
300
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
point.bmp
www.tianyun38.com/ 		68 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tianyun38.com/point.bmp?r=293899
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.251.112.223 , Australia, ASN132825 (MYTEK-AS-AP MYTEK TRADING PTY LTD, AU),
Reverse DNS
Software
nginx /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Fri, 13 Oct 2023 22:14:17 GMT
date
Fri, 13 Oct 2023 22:04:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 09:05:19 GMT
server
nginx
etag
"644a3acf-44"
content-type
image/x-ms-bmp
x-remote-addr
80.255.7.105
cache-control
max-age=600
http-geo-ipcountry
DE
accept-ranges
bytes
x-forwarded-port
443
content-length
68
x-xss-protection
1
x-proxy-cache
MISS
point.bmp
www.xalygps.com/ 		0
0
point.bmp
www.yeyangjj.com/ 		68 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yeyangjj.com/point.bmp?r=302668
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.22.158.43 , Philippines, ASN45504 (SPLUNKNET-PH MCPO Box 1906, PH),
Reverse DNS
Software
2.0.0 /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:16 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 09:32:59 GMT
server
2.0.0
etag
"644a414b-44"
content-type
image/x-ms-bmp
cache-control
max-age=604800
accept-ranges
bytes
content-length
68
x-xss-protection
1
expires
Fri, 20 Oct 2023 22:04:16 GMT
point.bmp
www.zsdixiong.com/ 		68 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zsdixiong.com/point.bmp?r=614856
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.34 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 08:45:42 GMT
server
****
etag
"644a3636-44"
x-cache
MISS
content-type
image/x-ms-bmp
cache-control
max-age=1800
accept-ranges
bytes
content-length
68
x-xss-protection
1
x-request-id
7c333110aec5b4fb3d9fea3d423b7f9d
expires
Fri, 20 Oct 2023 22:04:18 GMT
point.bmp
www.wanyao1.com/ 		68 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wanyao1.com/point.bmp?r=56877
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.22.158.43 , Philippines, ASN45504 (SPLUNKNET-PH MCPO Box 1906, PH),
Reverse DNS
Software
2.0.0 /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:16 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Wed, 18 Jul 2018 07:15:23 GMT
server
2.0.0
etag
"5b4ee90b-44"
content-type
image/x-ms-bmp
cache-control
max-age=604800
accept-ranges
bytes
content-length
68
x-xss-protection
1
expires
Fri, 20 Oct 2023 22:04:16 GMT
point.bmp
www.xtlyzyjxc.com/ 		68 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xtlyzyjxc.com/point.bmp?r=450177
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.251.112.223 , Australia, ASN132825 (MYTEK-AS-AP MYTEK TRADING PTY LTD, AU),
Reverse DNS
Software
nginx /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Fri, 13 Oct 2023 22:14:17 GMT
date
Fri, 13 Oct 2023 22:04:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 09:32:59 GMT
server
nginx
etag
"644a414b-44"
content-type
image/x-ms-bmp
x-remote-addr
80.255.7.105
cache-control
max-age=600
http-geo-ipcountry
DE
accept-ranges
bytes
x-forwarded-port
443
content-length
68
x-xss-protection
1
x-proxy-cache
MISS
point.bmp
www.zhytsty.com/ 		0
0
point.bmp
www.zshujia.com/ 		68 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zshujia.com/point.bmp?r=722642
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.21 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 09:32:59 GMT
server
****
etag
"644a414b-44"
x-cache
MISS
content-type
image/x-ms-bmp
cache-control
max-age=1800
accept-ranges
bytes
content-length
68
x-xss-protection
1
x-request-id
20771ce05a9e001fa7c31a590f786ded
expires
Fri, 20 Oct 2023 22:04:18 GMT
point.bmp
www.whshuyi.com/ 		68 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.whshuyi.com/point.bmp?r=575807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.251.112.223 , Australia, ASN132825 (MYTEK-AS-AP MYTEK TRADING PTY LTD, AU),
Reverse DNS
Software
nginx /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Fri, 13 Oct 2023 22:14:17 GMT
date
Fri, 13 Oct 2023 22:04:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 08:45:42 GMT
server
nginx
etag
"644a3636-44"
content-type
image/x-ms-bmp
x-remote-addr
80.255.7.105
cache-control
max-age=600
http-geo-ipcountry
DE
accept-ranges
bytes
x-forwarded-port
443
content-length
68
x-xss-protection
1
x-proxy-cache
MISS
point.bmp
www.xylgmc.com/ 		68 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xylgmc.com/point.bmp?r=519985
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.22.158.43 , Philippines, ASN45504 (SPLUNKNET-PH MCPO Box 1906, PH),
Reverse DNS
Software
2.0.0 /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:16 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 08:45:42 GMT
server
2.0.0
etag
"644a3636-44"
content-type
image/x-ms-bmp
cache-control
max-age=604800
accept-ranges
bytes
content-length
68
x-xss-protection
1
expires
Fri, 20 Oct 2023 22:04:16 GMT
point.bmp
www.zmjnmg.com/ 		0
0
point.bmp
www.zsjunya.com/ 		68 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zsjunya.com/point.bmp?r=914523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.251.112.223 , Australia, ASN132825 (MYTEK-AS-AP MYTEK TRADING PTY LTD, AU),
Reverse DNS
Software
nginx /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Fri, 13 Oct 2023 22:14:17 GMT
date
Fri, 13 Oct 2023 22:04:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 08:45:42 GMT
server
nginx
etag
"644a3636-44"
content-type
image/x-ms-bmp
x-remote-addr
80.255.7.105
cache-control
max-age=600
http-geo-ipcountry
DE
accept-ranges
bytes
x-forwarded-port
443
content-length
68
x-xss-protection
1
x-proxy-cache
MISS
point.bmp
www.whxjda.com/ 		68 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.whxjda.com/point.bmp?r=782746
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.21 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 09:05:19 GMT
server
****
etag
"644a3acf-44"
x-cache
MISS
content-type
image/x-ms-bmp
cache-control
max-age=1800
accept-ranges
bytes
content-length
68
x-xss-protection
1
x-request-id
2915d83ac649caddb11b5ae5fb52526f
expires
Fri, 20 Oct 2023 22:04:18 GMT
point.bmp
www.xylykj.com/ 		68 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xylykj.com/point.bmp?r=75809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.251.112.223 , Australia, ASN132825 (MYTEK-AS-AP MYTEK TRADING PTY LTD, AU),
Reverse DNS
Software
nginx /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Fri, 13 Oct 2023 22:14:17 GMT
date
Fri, 13 Oct 2023 22:04:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 09:05:19 GMT
server
nginx
etag
"644a3acf-44"
content-type
image/x-ms-bmp
x-remote-addr
80.255.7.105
cache-control
max-age=600
http-geo-ipcountry
DE
accept-ranges
bytes
x-forwarded-port
443
content-length
68
x-xss-protection
1
x-proxy-cache
MISS
point.bmp
www.zgyszysc.com/ 		0
0
point.bmp
www.zrkampoon.com/ 		68 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zrkampoon.com/point.bmp?r=72605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.251.112.223 , Australia, ASN132825 (MYTEK-AS-AP MYTEK TRADING PTY LTD, AU),
Reverse DNS
Software
nginx /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires
Fri, 13 Oct 2023 22:14:17 GMT
date
Fri, 13 Oct 2023 22:04:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Wed, 18 Jul 2018 07:15:23 GMT
server
nginx
etag
"5b4ee90b-44"
content-type
image/x-ms-bmp
x-remote-addr
80.255.7.105
cache-control
max-age=600
http-geo-ipcountry
DE
accept-ranges
bytes
x-forwarded-port
443
content-length
68
x-xss-protection
1
x-proxy-cache
MISS
point.bmp
app1.saamfzk.xyz// 		68 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.saamfzk.xyz//point.bmp?r=654368
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.53 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.saamfzk.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:04:15 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 09:05:19 GMT
server
****
etag
"644a3acf-44"
x-cache
MISS
content-type
image/x-ms-bmp
cache-control
max-age=1800
accept-ranges
bytes
content-length
68
x-xss-protection
1
x-request-id
3bc04a54208e6050e93043b1c8bf9ca0
expires
Fri, 20 Oct 2023 22:04:15 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xyuncdn.o4iht.xyz
URL
https://xyuncdn.o4iht.xyz/xyun/qr_code_auto.png
Domain
www.xalygps.com
URL
https://www.xalygps.com/point.bmp?r=274625
Domain
www.zhytsty.com
URL
https://www.zhytsty.com/point.bmp?r=424248
Domain
www.zmjnmg.com
URL
https://www.zmjnmg.com/point.bmp?r=820070
Domain
www.zgyszysc.com
URL
https://www.zgyszysc.com/point.bmp?r=836833

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __CDN_PUBLIC_PATH__ object| webpackJsonp function| webpackHotUpdate function| _ string| $LANG string| $CURRENCY object| i18nDebug function| PushStream object| PushStreamManager function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ number| 2f1acc6c3a606b082e5eef5e54414ffb object| Hex object| Base64 function| ASN1 function| loadStaticMethodData object| devConsole function| _i18n number| serverTime number| localTime number| during object| method-data

2 Cookies

Domain/Path Name / Value
app1.saamfzk.xyz/ Name: session_sslproxy_server
Value: 70a58d71-9fa2-445079ebe5d8efdd16130d37540ee07d3f5c
app1.saamfzk.xyz/ Name: currency
Value: cny

6 Console Messages

Source Level URL
Text
network error URL: https://xyuncdn.o4iht.xyz/xyun/qr_code.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://xyuncdn.o4iht.xyz/xyun/qr_code_auto.png
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://www.xalygps.com/point.bmp?r=274625
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.zhytsty.com/point.bmp?r=424248
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.zmjnmg.com/point.bmp?r=820070
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.zgyszysc.com/point.bmp?r=836833
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app1.saamfzk.xyz
www.tianyun38.com
www.wanyao1.com
www.whshuyi.com
www.whxjda.com
www.xalygps.com
www.xtlyzyjxc.com
www.xylgmc.com
www.xylykj.com
www.yeyangjj.com
www.zgyszysc.com
www.zhytsty.com
www.zmjnmg.com
www.zrkampoon.com
www.zsdixiong.com
www.zshujia.com
www.zsjunya.com
xyuncdn.o4iht.xyz
www.xalygps.com
www.zgyszysc.com
www.zhytsty.com
www.zmjnmg.com
xyuncdn.o4iht.xyz
103.22.158.43
212.24.127.34
212.24.127.53
43.251.112.223
45.158.56.21
45.60.64.140
00e2cfd9dc7399a9169fc3866365628593b6d216ab40dafe30810c8089032c0c
06093f2540e68155f7fff80dc0e7968ee9c222dda462cd2b55268b336faf9708
06924694150b156e2313838d8bc8b1f8303e89d69f1de13b3afdf441a0b97b1e
09c8430f441968be1a763e4d0b0b4035da0e06f9170697acf2ffdb39cd69c202
0d507f3ef0206705261e207a9040914ba5d52396264cd66ef1bd99fe47e5dc21
17fc7912d1351ae63e6b6cfa9c775adbb43b5cffbf0792313573226f6d42b95b
26095be390a00396b042d2902233bcb085f84707d5af2d8448c79e1905e8f2bd
288c96b9004e4d79f8cdea8144aa56651cafd3c1fe29ec9af9cf2f8b68c25aed
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
47e2730ccb9e07928c685ab984d587e111fe437fdcbad14a6557882232b8d4cd
5109f7cf9ffe5ae6b48ec10d1717c72d4cfe0f3e7fcffa880d13f78a13c03fd8
6d9c65eccff9b9bd0acea537683d93f7ce4838adfc7dc0e2f86b7818cc25f713
746ce85c1199c6bf7fce9461d0df0234de19a17d4eb818d5b749accd1ac9f649
7879bdfa80b78ef49786bc8e66f3bdd0174ee05b02d0ade6f0a9fcf3f53c1057
83eb460c8267b42d7e1c65f4e69048bc6555a9c3223fcef857b10be256444044
84cf6658edd92ba460e9e34bea1975f01364ae4ab57dd16663a3657566159911
8a335ca2723e4f3dd122ba8c407829cea16191c46f137db866c9f065dfac5a37
8de9d86e0b39100ff0ebfb8724984b1709737a5c42185ed0f96a9f138941ac6c
92f636c1270b299cafa6149e46d7edfed13ba1c5e7247d640a849d9767e489e5
93aae5bf9d59cc5991ad273591e8ceeb45df699a0120faea7dce43a73be82017
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f617ffdb896e58702cb973494ede2d5d5d5d68e8eb3510696993154aca7c1d99
fce594f41d2e2076fc1a5280296af05687d792d5d0fc0fe25db61be612cef8c5