urlscan.io logo urlscan.io
SecurityTrails logo

app1.eftfs.xyz Open in urlscan Pro
212.24.127.35  Public Scan

Go To Rescan Add Verdict Report
URL: https://app1.eftfs.xyz/
Submission Tags: @phishunt_io
Submission: On July 27 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 21 HTTP transactions. The main IP is 212.24.127.35, located in Frankfurt (Oder), Germany and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is app1.eftfs.xyz.
TLS certificate: Issued by R3 on July 27th 2023. Valid for: 3 months.
This is the only time app1.eftfs.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 212.24.127.35 209242 (CLOUDFLAR...)
2 43.132.136.8 132203 (TENCENT-N...)
21 3
Apex Domain
Subdomains		 Transfer
19 eftfs.xyz
app1.eftfs.xyz
1 MB
2 szqrzx.com
tcdn.szqrzx.com
8 KB
21 2
Domain Requested by
19 app1.eftfs.xyz app1.eftfs.xyz
2 tcdn.szqrzx.com
21 2

This site contains links to these domains. Also see Links.

Domain
www.manycai.com
www.lopa1k9.xyz
www.jdcfwealth.com
www.manycai.club
Subject Issuer Validity Valid
app1.eftfs.xyz
R3		 2023-07-27 -
2023-10-25		 3 months crt.sh
tcdn.sioe4t.xyz
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app1.eftfs.xyz/
Frame ID: 6DEF018F4D5C28FEFDA351C0A74F33C5
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

杏盛

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1475 kB
Transfer

4923 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app1.eftfs.xyz/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app1.eftfs.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.35 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
1280fdce8ab9df62570ec2b2d83356c1d82bd4bc03257e81315ea946b6739503

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers
Authorization, Set-Cookie
access-control-max-age
86400
cache-control
private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 27 Jul 2023 04:40:00 GMT
server
****
vary
Accept-Encoding
x-cache
BYPASS
x-ratelimit-limit
300
x-ratelimit-remaining
299
x-request-id
8b249537b73af9e857afa8564c900788
0.47ddf105ad1d7724cbf6.css
app1.eftfs.xyz/webx/xy3/desktop/styles/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app1.eftfs.xyz/webx/xy3/desktop/styles/0.47ddf105ad1d7724cbf6.css?v=23.07.25.92346
Requested by
Host: app1.eftfs.xyz
URL: https://app1.eftfs.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.35 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
7879bdfa80b78ef49786bc8e66f3bdd0174ee05b02d0ade6f0a9fcf3f53c1057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.eftfs.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 04:40:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 24 Jul 2023 17:58:43 GMT
server
****
etag
W/"64bebbd3-2421"
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
cache-control
max-age=1800
x-xss-protection
1
x-request-id
6b0c3fe3fa54e4a6c3ee400421050314
expires
Thu, 03 Aug 2023 04:40:01 GMT
index.47dd.css
app1.eftfs.xyz/webx/xy3/desktop/styles/ 		1 MB
261 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app1.eftfs.xyz/webx/xy3/desktop/styles/index.47dd.css?v=23.07.25.92346
Requested by
Host: app1.eftfs.xyz
URL: https://app1.eftfs.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.35 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
aa55a6826b124dd1b517a6fbce2eef948a5cf2f79b6ce5eecf631df6c1b9a73a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.eftfs.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 04:40:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 24 Jul 2023 17:58:43 GMT
server
****
etag
W/"64bebbd3-11caff"
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
cache-control
max-age=1800
x-xss-protection
1
x-request-id
c93c5d2a6088e9cba379084c811cf0fa
expires
Thu, 03 Aug 2023 04:40:00 GMT
chunk.vendor.536c.js
app1.eftfs.xyz/webx/xy3/desktop/javascript/ 		768 KB
272 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.eftfs.xyz/webx/xy3/desktop/javascript/chunk.vendor.536c.js?v=23.07.25.92346
Requested by
Host: app1.eftfs.xyz
URL: https://app1.eftfs.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.35 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
a98d3fe9af22892f5b90b50226e2db6338dc300df3b75c2fa5ec43239035455b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.eftfs.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 04:40:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 24 Jul 2023 17:58:43 GMT
server
****
etag
W/"64bebbd3-bfffe"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
844c0784a95869cafd00cc377ec366fc
expires
Thu, 03 Aug 2023 04:40:01 GMT
base.47dd.js
app1.eftfs.xyz/webx/xy3/desktop/javascript/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.eftfs.xyz/webx/xy3/desktop/javascript/base.47dd.js?v=23.07.25.92346
Requested by
Host: app1.eftfs.xyz
URL: https://app1.eftfs.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.35 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
6d9a8e5af7af32d41d326cb64e7fe5fc68f36805d7ff7e0d052b2e96d8d3c52a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.eftfs.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 04:40:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 24 Jul 2023 17:58:43 GMT
server
****
etag
W/"64bebbd3-26b1"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
67fb3b11d2583571c368910c96dbf962
expires
Thu, 03 Aug 2023 04:40:01 GMT
bootstrap.47dd.js
app1.eftfs.xyz/webx/xy3/desktop/javascript/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.eftfs.xyz/webx/xy3/desktop/javascript/bootstrap.47dd.js?v=23.07.25.92346
Requested by
Host: app1.eftfs.xyz
URL: https://app1.eftfs.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.35 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
f360d23102eccd7baf04520fd53b4d39caa2bfbb820b09fbf49c4ef68126bcdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.eftfs.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 04:40:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 24 Jul 2023 17:58:43 GMT
server
****
etag
W/"64bebbd3-2511"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
b7b9096417328eb36dfa0e02f67828cf
expires
Thu, 03 Aug 2023 04:40:01 GMT
index.47dd.js
app1.eftfs.xyz/webx/xy3/desktop/javascript/ 		904 KB
256 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.eftfs.xyz/webx/xy3/desktop/javascript/index.47dd.js?v=23.07.25.92346
Requested by
Host: app1.eftfs.xyz
URL: https://app1.eftfs.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.35 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
353d5da2c29bb1af5b063c32b9fcc560b030b529a78af1c340ad322998ecafc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.eftfs.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 04:40:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 24 Jul 2023 17:58:43 GMT
server
****
etag
W/"64bebbd3-e1fa9"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
c1547de0d06b68d3c73c84b9c3492c5a
expires
Thu, 03 Aug 2023 04:40:01 GMT
/
app1.eftfs.xyz/api/settings/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app1.eftfs.xyz/api/settings/?fields=
Requested by
Host: app1.eftfs.xyz
URL: https://app1.eftfs.xyz/webx/xy3/desktop/javascript/chunk.vendor.536c.js?v=23.07.25.92346
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.35 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
0a72c1f59470e91a2ac3dcbbd77357ed345dbec097c7c5f66c15f070b88dd28f

Request headers

Accept
application/json, text/plain, */*
Referer
https://app1.eftfs.xyz/
Accept-Language
de-DE,de;q=0.9
Authorization
bearer undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Accept-Currency
cny
Content-Type
application/vnd.sc-api.v1.json

Response headers

date
Thu, 27 Jul 2023 04:40:03 GMT
content-encoding
gzip
x-cache
BYPASS
x-request-id
b1c961ae77c64c7fc31a8129230d1ef0
x-runtime
0.083
server
****
vary
Accept-Encoding
x-ratelimit-remaining
299
content-type
application/json
access-control-max-age
86400
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers
Authorization, Set-Cookie
cache-control
max-age=0, no-cache, no-store, private
access-control-allow-credentials
true
x-ratelimit-limit
300
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
methods.js
app1.eftfs.xyz/webx/xy3/static/ 		2 MB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.eftfs.xyz/webx/xy3/static/methods.js?ea196bb0
Requested by
Host: app1.eftfs.xyz
URL: https://app1.eftfs.xyz/webx/xy3/desktop/javascript/index.47dd.js?v=23.07.25.92346
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.35 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
192ff1cc2f62b3e1b0aa0127bd95a09d76fa3ab075329facb0d16f19f6063878
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.eftfs.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 04:40:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 06 Jun 2023 18:20:18 GMT
server
****
etag
W/"647f78e2-1805e0"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
29e31883cc390bf12cd4339df06023a2
expires
Thu, 03 Aug 2023 04:40:03 GMT
ac53e8.png
app1.eftfs.xyz/webx/xy3/desktop/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.eftfs.xyz/webx/xy3/desktop/images/ac53e8.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.35 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
9a49366674d7ed2cf7c2348c0982931a71542018086adee86fb01ff6f78d94e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.eftfs.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 04:40:03 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 09:37:15 GMT
server
****
etag
"644a424b-2505"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
9477
x-xss-protection
1
x-request-id
705470779731f8a471b63e0206c74e0b
expires
Thu, 03 Aug 2023 04:40:03 GMT
1008bc.png
app1.eftfs.xyz/webx/xy3/desktop/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.eftfs.xyz/webx/xy3/desktop/images/1008bc.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.35 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
80070d63b04f3a81e6f2cdd537236058f948231d1a104d176c40ad3e0538f4b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.eftfs.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 04:40:03 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 09:37:16 GMT
server
****
etag
"644a424c-2317"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
8983
x-xss-protection
1
x-request-id
b5e15d7f2017e3c0386ed6f1a25c0dda
expires
Thu, 03 Aug 2023 04:40:03 GMT
35beff.png
app1.eftfs.xyz/webx/xy3/desktop/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.eftfs.xyz/webx/xy3/desktop/images/35beff.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.35 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
9fc3b24f60a8f8d3b7d4f290a2486fcf482b6ca3ec25697a34ded738802e3f91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.eftfs.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 04:40:03 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 07:46:07 GMT
server
****
etag
"644a283f-2810"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
10256
x-xss-protection
1
x-request-id
cbef076e9a56e6a38fbd3ffa9f7d3512
expires
Thu, 03 Aug 2023 04:40:03 GMT
4dcf69.png
app1.eftfs.xyz/webx/xy3/desktop/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.eftfs.xyz/webx/xy3/desktop/images/4dcf69.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.35 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
55a86e26d540454d58f95facd2529a81558a04ccf3245894574756712679f6e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.eftfs.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 04:40:03 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Wed, 25 May 2022 17:59:38 GMT
server
****
etag
"628e6e8a-218c"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
8588
x-xss-protection
1
x-request-id
acfdc2f0bcaa13a82091d53ed03adea9
expires
Thu, 03 Aug 2023 04:40:03 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f32dc328bba9c3cb281e336e3dab8f1fa43d219454e0b3f2c0e59ffe48b044c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		663 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5109f7cf9ffe5ae6b48ec10d1717c72d4cfe0f3e7fcffa880d13f78a13c03fd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
0f51b8.png
app1.eftfs.xyz/webx/xy3/desktop/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.eftfs.xyz/webx/xy3/desktop/images/0f51b8.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.35 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
49aac1defaca09caf07ee3d9bac16f2fb068af08818019422e4d8ce7b6145240
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.eftfs.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 04:40:03 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Sat, 13 Mar 2021 18:10:33 GMT
server
****
etag
"604d0019-14f6"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
5366
x-xss-protection
1
x-request-id
4281060fcb62669e5db38ffb6bf72e47
expires
Thu, 03 Aug 2023 04:40:03 GMT
qr_code_auto.png
tcdn.szqrzx.com/xs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tcdn.szqrzx.com/xs/qr_code_auto.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.132.136.8 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
b37916f5bf44212e3acbf4443eb1ad084fcec67811694ff8794e8a6c3b5dde44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.eftfs.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires
Thu, 27 Jul 2023 04:50:04 GMT
date
Thu, 27 Jul 2023 04:40:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Sat, 03 Jul 2021 12:45:03 GMT
server
nginx
etag
"60e05bcf-e31"
content-type
image/png
x-remote-addr
84.19.175.183
cache-control
max-age=600
http-geo-ipcountry
DE
accept-ranges
bytes
x-forwarded-port
443
content-length
3633
x-xss-protection
1
x-proxy-cache
HIT
truncated
/ 		616 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
746ce85c1199c6bf7fce9461d0df0234de19a17d4eb818d5b749accd1ac9f649

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f617ffdb896e58702cb973494ede2d5d5d5d68e8eb3510696993154aca7c1d99

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
qr_code.png
tcdn.szqrzx.com/xs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tcdn.szqrzx.com/xs/qr_code.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.132.136.8 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
24fb767e5f778be9fa18cd10c93ff0270e16a92cf27a9a44fc4e9fb57a514e95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.eftfs.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires
Thu, 27 Jul 2023 04:50:04 GMT
date
Thu, 27 Jul 2023 04:40:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Sat, 03 Jul 2021 12:45:03 GMT
server
nginx
etag
"60e05bcf-e26"
content-type
image/png
x-remote-addr
84.19.175.183
cache-control
max-age=600
http-geo-ipcountry
DE
accept-ranges
bytes
x-forwarded-port
443
content-length
3622
x-xss-protection
1
x-proxy-cache
HIT
51bb55.jpg
app1.eftfs.xyz/webx/xy3/desktop/images/ 		460 KB
460 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.eftfs.xyz/webx/xy3/desktop/images/51bb55.jpg
Requested by
Host: app1.eftfs.xyz
URL: https://app1.eftfs.xyz/webx/xy3/desktop/styles/index.47dd.css?v=23.07.25.92346
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.35 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
6fc8d34a6568132adce68d491d8e39061ae15b10b0afa555622283e9e6c9c009
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.eftfs.xyz/webx/xy3/desktop/styles/index.47dd.css?v=23.07.25.92346
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 04:40:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
content-encoding
gzip
last-modified
Sat, 13 Mar 2021 18:10:33 GMT
server
****
etag
W/"604d0019-72e4a"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
cache-control
max-age=1800
x-xss-protection
1
x-request-id
cd12b9ba796cca9a8a0f284f7328626a
expires
Thu, 03 Aug 2023 04:40:03 GMT
65b388.png
app1.eftfs.xyz/webx/xy3/desktop/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.eftfs.xyz/webx/xy3/desktop/images/65b388.png
Requested by
Host: app1.eftfs.xyz
URL: https://app1.eftfs.xyz/webx/xy3/desktop/styles/index.47dd.css?v=23.07.25.92346
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.35 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
113647827abd5974bbac29608c830a53ec382459ac6a1b0f3ac8f9c3dade6540
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.eftfs.xyz/webx/xy3/desktop/styles/index.47dd.css?v=23.07.25.92346
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 04:40:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 09:09:23 GMT
server
****
etag
"644a3bc3-1ebf"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
7871
x-xss-protection
1
x-request-id
9ed63e6adef1f93a214300d2f7565dfb
expires
Thu, 03 Aug 2023 04:40:04 GMT
54b5a0.png
app1.eftfs.xyz/webx/xy3/desktop/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.eftfs.xyz/webx/xy3/desktop/images/54b5a0.png
Requested by
Host: app1.eftfs.xyz
URL: https://app1.eftfs.xyz/webx/xy3/desktop/styles/index.47dd.css?v=23.07.25.92346
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.35 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
8d31c0560b452caec62027746bb43dea70650281e2a6f686f3d7540330d2bec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.eftfs.xyz/webx/xy3/desktop/styles/index.47dd.css?v=23.07.25.92346
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 04:40:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 08:49:50 GMT
server
****
etag
"644a372e-4f99"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
20377
x-xss-protection
1
x-request-id
5117c09c6ee9b8cd37713a420b25892a
expires
Thu, 03 Aug 2023 04:40:03 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b605588adf2ce40c0720f21bfd06fda973b26fb06a92fa3a69a470da156e8a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
speedtests
app1.eftfs.xyz/api/domain/platform/ 		80 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app1.eftfs.xyz/api/domain/platform/speedtests
Requested by
Host: app1.eftfs.xyz
URL: https://app1.eftfs.xyz/webx/xy3/desktop/javascript/chunk.vendor.536c.js?v=23.07.25.92346
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.35 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
1873bb70addf6778925fae6683ac046a66beb6414bb9c67c5d0707c777ec481e

Request headers

Accept
application/json, text/plain, */*
Referer
https://app1.eftfs.xyz/
Accept-Language
de-DE,de;q=0.9
Authorization
bearer undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Accept-Currency
cny
Content-Type
application/vnd.sc-api.v1.json

Response headers

date
Thu, 27 Jul 2023 04:40:04 GMT
content-encoding
gzip
x-cache
BYPASS
x-request-id
91ff18175a29c77d6a65b1b211c99097
x-runtime
0.102
server
****
vary
Accept-Encoding
x-ratelimit-remaining
299
content-type
application/json
access-control-max-age
86400
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers
Authorization, Set-Cookie
cache-control
max-age=0, no-cache, no-store, private
access-control-allow-credentials
true
x-ratelimit-limit
300
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
point.bmp
app1.eftfs.xyz// 		68 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.eftfs.xyz//point.bmp?r=528398
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.35 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.eftfs.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 04:40:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Wed, 18 Jul 2018 07:15:23 GMT
server
****
etag
"5b4ee90b-44"
x-cache
MISS
content-type
image/x-ms-bmp
cache-control
max-age=1800
accept-ranges
bytes
content-length
68
x-xss-protection
1
x-request-id
b35c1cbf09d57366e150d0840a5ecfa8
expires
Thu, 03 Aug 2023 04:40:04 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __CDN_PUBLIC_PATH__ object| webpackJsonp function| webpackHotUpdate function| _ string| $LANG string| $CURRENCY object| i18nDebug function| PushStream object| PushStreamManager function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ number| 2f1acc6c3a606b082e5eef5e54414ffb object| Hex object| Base64 function| ASN1 function| loadStaticMethodData object| devConsole function| _i18n number| serverTime number| localTime number| during object| method-data

2 Cookies

Domain/Path Name / Value
app1.eftfs.xyz/ Name: session_sslproxy_server
Value: 747dac46-de9a-4f7ef9ce6b8438e8d89a6b671a12f0e232da
app1.eftfs.xyz/ Name: currency
Value: cny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app1.eftfs.xyz
tcdn.szqrzx.com
212.24.127.35
43.132.136.8
0a72c1f59470e91a2ac3dcbbd77357ed345dbec097c7c5f66c15f070b88dd28f
113647827abd5974bbac29608c830a53ec382459ac6a1b0f3ac8f9c3dade6540
1280fdce8ab9df62570ec2b2d83356c1d82bd4bc03257e81315ea946b6739503
1873bb70addf6778925fae6683ac046a66beb6414bb9c67c5d0707c777ec481e
192ff1cc2f62b3e1b0aa0127bd95a09d76fa3ab075329facb0d16f19f6063878
1b605588adf2ce40c0720f21bfd06fda973b26fb06a92fa3a69a470da156e8a9
24fb767e5f778be9fa18cd10c93ff0270e16a92cf27a9a44fc4e9fb57a514e95
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
353d5da2c29bb1af5b063c32b9fcc560b030b529a78af1c340ad322998ecafc6
49aac1defaca09caf07ee3d9bac16f2fb068af08818019422e4d8ce7b6145240
5109f7cf9ffe5ae6b48ec10d1717c72d4cfe0f3e7fcffa880d13f78a13c03fd8
55a86e26d540454d58f95facd2529a81558a04ccf3245894574756712679f6e8
6d9a8e5af7af32d41d326cb64e7fe5fc68f36805d7ff7e0d052b2e96d8d3c52a
6fc8d34a6568132adce68d491d8e39061ae15b10b0afa555622283e9e6c9c009
746ce85c1199c6bf7fce9461d0df0234de19a17d4eb818d5b749accd1ac9f649
7879bdfa80b78ef49786bc8e66f3bdd0174ee05b02d0ade6f0a9fcf3f53c1057
80070d63b04f3a81e6f2cdd537236058f948231d1a104d176c40ad3e0538f4b7
8d31c0560b452caec62027746bb43dea70650281e2a6f686f3d7540330d2bec1
9a49366674d7ed2cf7c2348c0982931a71542018086adee86fb01ff6f78d94e7
9fc3b24f60a8f8d3b7d4f290a2486fcf482b6ca3ec25697a34ded738802e3f91
a98d3fe9af22892f5b90b50226e2db6338dc300df3b75c2fa5ec43239035455b
aa55a6826b124dd1b517a6fbce2eef948a5cf2f79b6ce5eecf631df6c1b9a73a
b37916f5bf44212e3acbf4443eb1ad084fcec67811694ff8794e8a6c3b5dde44
f32dc328bba9c3cb281e336e3dab8f1fa43d219454e0b3f2c0e59ffe48b044c3
f360d23102eccd7baf04520fd53b4d39caa2bfbb820b09fbf49c4ef68126bcdc
f617ffdb896e58702cb973494ede2d5d5d5d68e8eb3510696993154aca7c1d99