hlthm-qrm.n.hvctyklk.top Open in urlscan Pro
23.224.75.29 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://jp29.cc/
Effective URL:
https://hlthm-qrm.n.hvctyklk.top/543/w-m6.html?channelCode=1668
Submission: On April 03 via api (April 3rd 2024, 7:20:06 pm UTC) from US — Scanned from US

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 6 domains to perform 20 HTTP transactions. The main IP is 23.224.75.29, located in United States and belongs to CNSERVERS, US. The main domain is hlthm-qrm.n.hvctyklk.top.
TLS certificate: Issued by R3 on April 2nd 2024. Valid for: 3 months.

This is the only time hlthm-qrm.n.hvctyklk.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete 529.apk 42 MB

Size: 42 MB (43697755 bytes, 46% done)

Downloaded from: https://xinbsdxy-adsa.tianyua.top:8888/kdiaodlknic/529.apk

Domain & IP information

	IP Address	AS Autonomous System
1 1	47.238.198.61 47.238.198.61	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	23.224.75.29 23.224.75.29	40065 (CNSERVERS) (CNSERVERS)
11	47.110.23.138 47.110.23.138	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	47.253.30.170 47.253.30.170	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	121.199.204.179 121.199.204.179	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
2	240e:f7:7c00:... 240e:f7:7c00:10a:3::3f2	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
1 3	43.152.138.53 43.152.138.53	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
1	223.109.148.174 223.109.148.174	56046 (CMNET-JIA...) (CMNET-JIANGSU-AP China Mobile communications corporation)
1	58.220.33.215 58.220.33.215	() ()
20	8

1 47.238.198.61 (Hong Kong, Hong Kong) 1 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

jp29.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.224.75.29 (United States)

ASN40065 (CNSERVERS, US)

hlthm-qrm.n.hvctyklk.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 47.110.23.138 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

xin-wm.oss-cn-hangzhou.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.253.30.170 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

speed-address.oss-accelerate.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 121.199.204.179 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

tal-xin.oss-cn-hangzhou.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 240e:f7:7c00:10a:3::3f2 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

v1.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 43.152.138.53 (Singapore) 1 redirects

ASN139341 (ACE-AS-AP ACE, SG)

sdk.cklmnzy.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app-up7a03lk.cklmnzy.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 223.109.148.174 (China)

ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN)

z6.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 58.220.33.215 (None, )

ASN- ()

xinbsdxy-adsa.tianyua.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	aliyuncs.com xin-wm.oss-cn-hangzhou.aliyuncs.com speed-address.oss-accelerate.aliyuncs.com tal-xin.oss-cn-hangzhou.aliyuncs.com	4 MB
3	cklmnzy.cn 1 redirects sdk.cklmnzy.cn app-up7a03lk.cklmnzy.cn	2 KB
3	cnzz.com v1.cnzz.com — Cisco Umbrella Rank: 106758 z6.cnzz.com — Cisco Umbrella Rank: 175827 c.cnzz.com — Cisco Umbrella Rank: 87668	6 KB
1	tianyua.top xinbsdxy-adsa.tianyua.top
1	hvctyklk.top hlthm-qrm.n.hvctyklk.top	2 KB
1	jp29.cc 1 redirects jp29.cc	140 B
20	6

	Domain	Requested by
11	xin-wm.oss-cn-hangzhou.aliyuncs.com	hlthm-qrm.n.hvctyklk.top
2	sdk.cklmnzy.cn	speed-address.oss-accelerate.aliyuncs.com
1	xinbsdxy-adsa.tianyua.top	speed-address.oss-accelerate.aliyuncs.com
1	app-up7a03lk.cklmnzy.cn	1 redirects
1	c.cnzz.com	v1.cnzz.com
1	z6.cnzz.com	v1.cnzz.com
1	v1.cnzz.com	tal-xin.oss-cn-hangzhou.aliyuncs.com
1	tal-xin.oss-cn-hangzhou.aliyuncs.com	hlthm-qrm.n.hvctyklk.top
1	speed-address.oss-accelerate.aliyuncs.com	hlthm-qrm.n.hvctyklk.top
1	hlthm-qrm.n.hvctyklk.top
1	jp29.cc	1 redirects
20	11

This site contains no links.

Subject Issuer	Validity	Valid
hlthm-qrm.n.hvctyklk.top R3	`2024-04-02` - `2024-07-01`	3 months	crt.sh
cn-hangzhou.oss.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G3	`2024-02-19` - `2025-03-22`	a year	crt.sh
oss-us-east-1.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G3	`2023-11-24` - `2024-05-24`	6 months	crt.sh
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G3	`2024-02-17` - `2025-03-20`	a year	crt.sh
*.cklmnzy.cn vTrus DV SSL CA G2	`2024-03-25` - `2025-03-25`	a year	crt.sh
xinbsdxy-adsa.tianyua.top ZeroSSL RSA Domain Secure Site CA	`2024-04-01` - `2024-06-30`	3 months	crt.sh

This page contains 1 frames:

Frame: https://xinbsdxy-adsa.tianyua.top:8888/kdiaodlknic/529.apk
Frame ID: 9C773EB52E09078C2BC11EC25504CF87
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

完美直播

Page URL History Show full URLs

https://jp29.cc/ HTTP 301
https://hlthm-qrm.n.hvctyklk.top/543/w-m6.html?channelCode=1668 Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

11 %
IPv6

6
Domains

11
Subdomains

8
IPs

4
Countries

4140 kB
Transfer

4249 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://jp29.cc/ HTTP 301
https://hlthm-qrm.n.hvctyklk.top/543/w-m6.html?channelCode=1668 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://app-up7a03lk.cklmnzy.cn/page/up7a03lk/install/c/eyJjIjoiMTY2OCIsIm0iOiJRYjJiYXpWT0xwY0FBQUdPcFdkRFRVNnV4QjZZay1SYktyclBHT0VWUEdtVHFHNk1zSjBlZFJYcEJkMDQ3T0pFa1BXRWtobFUifQ==?p=0 HTTP 302
https://xinbsdxy-adsa.tianyua.top:8888/kdiaodlknic/529.apk

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request w-m6.html Show response
hlthm-qrm.n.hvctyklk.top/543/
Redirect Chain

https://jp29.cc/
https://hlthm-qrm.n.hvctyklk.top/543/w-m6.html?channelCode=1668

5 KB
2 KB

894ms
273ms

Document
text/html

23.224.75.29
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://hlthm-qrm.n.hvctyklk.top/543/w-m6.html?channelCode=1668
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.224.75.29 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: IIS7.0 /
Resource Hash: d9b63bfebff06a660196c768366510109384305d718cafaf7f28ada390782ab4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 03 Apr 2024 19:19:49 GMT
ETag: W/"660b9503-1446"
Last-Modified: Tue, 02 Apr 2024 05:17:55 GMT
Server: IIS7.0
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

content-length: 162
content-type: text/html
date: Wed, 03 Apr 2024 19:19:48 GMT
location: https://hlthm-qrm.n.hvctyklk.top/543/w-m6.html?channelCode=1668
server: nginx
strict-transport-security: max-age=31536000

GET
H/1.1 200
OK index.css
xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/css/ 27 KB
5 KB 685ms
214ms Stylesheet
text/css 47.110.23.138
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/css/index.css
Requested by: Host: hlthm-qrm.n.hvctyklk.top
URL: https://hlthm-qrm.n.hvctyklk.top/543/w-m6.html?channelCode=1668
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.110.23.138 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 8ee8aae7882dbf0377b99f1ea53bc6c146913469dbf636947b5682c9b7b95b0b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hlthm-qrm.n.hvctyklk.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 19:19:50 GMT
Content-Encoding: gzip
x-oss-request-id: 660DABD6E20C8C3736809BB7
Content-MD5: 2ijG6fuGRNwKYLktW8630w==
Transfer-Encoding: chunked
Content-Disposition: attachment
Connection: keep-alive
x-oss-object-type: Normal
Last-Modified: Sat, 27 Jan 2024 08:39:42 GMT
Server: AliyunOSS
Vary: Accept-Encoding
Content-Type: text/css
x-oss-ec: 0048-00000113
x-oss-force-download: true
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 14185031966586589041
x-oss-server-time: 1

GET
H/1.1 200
OK jquery-3.js Show response
xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/js/ 86 KB
31 KB 694ms
224ms Script
application/javascript 47.110.23.138
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/js/jquery-3.js
Requested by: Host: hlthm-qrm.n.hvctyklk.top
URL: https://hlthm-qrm.n.hvctyklk.top/543/w-m6.html?channelCode=1668
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.110.23.138 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hlthm-qrm.n.hvctyklk.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 19:19:50 GMT
Content-Encoding: gzip
x-oss-request-id: 660DABD6DF7271363327B16B
Content-MD5: Igr9dD2elkOFLjGhNanzrg==
Transfer-Encoding: chunked
Content-Disposition: attachment
Connection: keep-alive
x-oss-object-type: Normal
Last-Modified: Sat, 27 Jan 2024 08:39:45 GMT
Server: AliyunOSS
Vary: Accept-Encoding
Content-Type: application/javascript
x-oss-ec: 0048-00000113
x-oss-force-download: true
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 7140207208985271372
x-oss-server-time: 0

GET
H/1.1 200
OK flexible.js Show response
xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/js/ 2 KB
2 KB 695ms
225ms Script
application/javascript 47.110.23.138
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/js/flexible.js
Requested by: Host: hlthm-qrm.n.hvctyklk.top
URL: https://hlthm-qrm.n.hvctyklk.top/543/w-m6.html?channelCode=1668
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.110.23.138 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 4fb38a8ec69704a9999aa8902d961bc31a6e924a9e3773125f9f90fe8c976f9d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hlthm-qrm.n.hvctyklk.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 19:19:50 GMT
Content-Encoding: gzip
x-oss-request-id: 660DABD66A91E53734DFD1B2
Content-MD5: xStiLYWGHeQSs25mu0m/4g==
Transfer-Encoding: chunked
Content-Disposition: attachment
Connection: keep-alive
x-oss-object-type: Normal
Last-Modified: Sat, 27 Jan 2024 08:39:45 GMT
Server: AliyunOSS
Vary: Accept-Encoding
Content-Type: application/javascript
x-oss-ec: 0048-00000113
x-oss-force-download: true
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 6231984596528586936
x-oss-server-time: 3

GET
H/1.1 200
OK tgtd.png
xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/wm/ 158 KB
159 KB 696ms
224ms Image
image/png 47.110.23.138
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/wm/tgtd.png
Requested by: Host: hlthm-qrm.n.hvctyklk.top
URL: https://hlthm-qrm.n.hvctyklk.top/543/w-m6.html?channelCode=1668
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.110.23.138 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 3fea983c358cdced80cf215d951805e88d4082d175b71ad28570692993a5a892

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hlthm-qrm.n.hvctyklk.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 19:19:50 GMT
x-oss-request-id: 660DABD6716A9C34364D3BB1
Content-MD5: 51I7efGDFWEDYiDyDPu/AA==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 162117
x-oss-object-type: Normal
Last-Modified: Sun, 24 Mar 2024 07:41:33 GMT
Server: AliyunOSS
ETag: "E7523B79F1831561036220F20CFBBF00"
Content-Type: image/png
x-oss-ec: 0048-00000105
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 8511661392537836816
x-oss-server-time: 2

GET
H/1.1 200
OK lgindex.abc
xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/ty/ 1 MB
1 MB 720ms
249ms Image
application/octet-stream 47.110.23.138
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/ty/lgindex.abc
Requested by: Host: hlthm-qrm.n.hvctyklk.top
URL: https://hlthm-qrm.n.hvctyklk.top/543/w-m6.html?channelCode=1668
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.110.23.138 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 255060940a13c104c5bc10017e06840f755f1a8384bb4147c5024650197c5a7a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hlthm-qrm.n.hvctyklk.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 19:19:50 GMT
x-oss-request-id: 660DABD61AFF653535BE8DBD
Content-MD5: S9wozwt0q/x595JnwWPThw==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 1284488
x-oss-object-type: Normal
Last-Modified: Sat, 27 Jan 2024 08:39:42 GMT
Server: AliyunOSS
ETag: "4BDC28CF0B74ABFC79F79267C163D387"
Content-Type: application/octet-stream
x-oss-ec: 0048-00000113
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 3952304509250792464
x-oss-server-time: 19

GET
H/1.1 200
OK 2.gif
xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/wm/ 17 KB
17 KB 226ms
220ms Image
image/gif 47.110.23.138
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/wm/2.gif
Requested by: Host: hlthm-qrm.n.hvctyklk.top
URL: https://hlthm-qrm.n.hvctyklk.top/543/w-m6.html?channelCode=1668
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.110.23.138 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: d6d81b032729d422ba1f9742f0a1317b12a81f98b8d725e2be6ae5a8111fe79d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hlthm-qrm.n.hvctyklk.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 19:19:50 GMT
x-oss-request-id: 660DABD6DF727136336BB16B
Content-MD5: 3p8XBh7jI5RHEQ8w8P5TRQ==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 17363
x-oss-object-type: Normal
Last-Modified: Sun, 24 Mar 2024 07:41:34 GMT
Server: AliyunOSS
ETag: "DE9F17061EE3239447110F30F0FE5345"
Content-Type: image/gif
x-oss-ec: 0048-00000105
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 4987702070037233184
x-oss-server-time: 1

GET
H/1.1 200
OK s.abc
xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/ty/ 104 KB
105 KB 233ms
226ms Image
application/octet-stream 47.110.23.138
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/ty/s.abc
Requested by: Host: hlthm-qrm.n.hvctyklk.top
URL: https://hlthm-qrm.n.hvctyklk.top/543/w-m6.html?channelCode=1668
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.110.23.138 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: fcfbafb860935767cc8812cad9fcdc8086aebd226faa1bce9bb698aee61bc512

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hlthm-qrm.n.hvctyklk.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 19:19:50 GMT
x-oss-request-id: 660DABD66A91E5373433D2B2
Content-MD5: 7kaEC0cAL8/XrDXkZCxeiA==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 106669
x-oss-object-type: Normal
Last-Modified: Sat, 27 Jan 2024 08:39:43 GMT
Server: AliyunOSS
ETag: "EE46840B47002FCFD7AC35E4642C5E88"
Content-Type: application/octet-stream
x-oss-ec: 0048-00000113
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 16233723993844021981
x-oss-server-time: 3

GET
H/1.1 200
OK x.abc
xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/ty/ 2 MB
2 MB 223ms
216ms Image
application/octet-stream 47.110.23.138
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/ty/x.abc
Requested by: Host: hlthm-qrm.n.hvctyklk.top
URL: https://hlthm-qrm.n.hvctyklk.top/543/w-m6.html?channelCode=1668
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.110.23.138 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 7b3825ad5aabe0bd9ed9927d509464d2872f692e03bacb00ed46394e71814a1d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hlthm-qrm.n.hvctyklk.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 19:19:50 GMT
x-oss-request-id: 660DABD6E20C8C3736DC9BB7
Content-MD5: oozDQTwyzxe7ojEtVUlENg==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 2393995
x-oss-object-type: Normal
Last-Modified: Sat, 27 Jan 2024 08:39:44 GMT
Server: AliyunOSS
ETag: "A28CC3413C32CF17BBA2312D55494436"
Content-Type: application/octet-stream
x-oss-ec: 0048-00000113
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 1263957793629678752
x-oss-server-time: 2

GET
H/1.1 200
OK tsinstall.js Show response
speed-address.oss-accelerate.aliyuncs.com/common/js/ 47 KB
18 KB 678ms
308ms Script
application/javascript 47.253.30.170
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://speed-address.oss-accelerate.aliyuncs.com/common/js/tsinstall.js
Requested by: Host: hlthm-qrm.n.hvctyklk.top
URL: https://hlthm-qrm.n.hvctyklk.top/543/w-m6.html?channelCode=1668
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.253.30.170 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: d0d5c1d60319ef19841382f3719218db07d3601ed6107ca9ac692d8e03cb2f92

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hlthm-qrm.n.hvctyklk.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 19:19:51 GMT
Content-Encoding: gzip
x-oss-request-id: 660DABD66CF4DEC3EF0A11A7
Content-MD5: Q2r1bNYoMHM8XIRT4aoH7A==
Transfer-Encoding: chunked
Content-Disposition: attachment
Connection: keep-alive
x-oss-object-type: Normal
Last-Modified: Mon, 25 Mar 2024 16:57:48 GMT
Server: AliyunOSS
Vary: Accept-Encoding
Content-Type: application/javascript
x-oss-ec: 0048-00000113
x-oss-force-download: true
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 12503256665539650773
x-oss-server-time: 3

GET
H/1.1 200
OK statistics-a.js Show response
tal-xin.oss-cn-hangzhou.aliyuncs.com/xin-so/assets/js/ 141 B
701 B 725ms
234ms Script
application/javascript 121.199.204.179
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://tal-xin.oss-cn-hangzhou.aliyuncs.com/xin-so/assets/js/statistics-a.js
Requested by: Host: hlthm-qrm.n.hvctyklk.top
URL: https://hlthm-qrm.n.hvctyklk.top/543/w-m6.html?channelCode=1668
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.199.204.179 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 010dd0a35d8f76a0826026af36f3251ac7875adb5dedc16c93514cd21d10f8eb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hlthm-qrm.n.hvctyklk.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 19:19:51 GMT
x-oss-request-id: 660DABD73849223034651386
Content-MD5: ZndfsTHf9SgITmely49ahg==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 141
x-oss-object-type: Normal
Last-Modified: Thu, 22 Feb 2024 07:06:07 GMT
Server: AliyunOSS
ETag: "66775FB131DFF528084E67A5CB8F5A86"
Content-Type: application/javascript
x-oss-ec: 0048-00000113
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 3768697754762057141
x-oss-server-time: 1

GET
H/1.1 200
OK tgtd.png
xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/wm/ 158 KB
159 KB 454ms
223ms Image
image/png 47.110.23.138
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/wm/tgtd.png
Requested by: Host: hlthm-qrm.n.hvctyklk.top
URL: https://hlthm-qrm.n.hvctyklk.top/543/w-m6.html?channelCode=1668
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.110.23.138 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 3fea983c358cdced80cf215d951805e88d4082d175b71ad28570692993a5a892

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hlthm-qrm.n.hvctyklk.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 19:19:50 GMT
x-oss-request-id: 660DABD6DF72713633B1B16B
Content-MD5: 51I7efGDFWEDYiDyDPu/AA==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 162117
x-oss-object-type: Normal
Last-Modified: Sun, 24 Mar 2024 07:41:33 GMT
Server: AliyunOSS
ETag: "E7523B79F1831561036220F20CFBBF00"
Content-Type: image/png
x-oss-ec: 0048-00000105
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 8511661392537836816
x-oss-server-time: 1

GET
H2 200 z.js Show response
v1.cnzz.com/ 10 KB
5 KB 1168ms
248ms Script
application/javascript 240e:f7:7c00:10a:3::3f2
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.cnzz.com/z.js?id=1281334663&async=1
Requested by: Host: tal-xin.oss-cn-hangzhou.aliyuncs.com
URL: https://tal-xin.oss-cn-hangzhou.aliyuncs.com/xin-so/assets/js/statistics-a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 240e:f7:7c00:10a:3::3f2 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: b17d9728b7b657a95bfabd23d0d262b2d2750e450952e59a83d1ab50c40d2b13

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hlthm-qrm.n.hvctyklk.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:18:39 GMT
via: cache26.l2cn3130[65,65,304-0,M], cache10.l2cn3130[66,0], cache13.cn4101[0,0,200-0,H], cache15.cn4101[0,0]
content-encoding: gzip
age: 72
x-swift-cachetime: 300
x-cache: HIT TCP_MEM_HIT dirn:12:551868654
x-swift-savetime: Wed, 03 Apr 2024 19:18:40 GMT
content-length: 4390
server: Tengine
etag: W/"4647466065368437738"
vary: accept-encoding
ali-swift-global-savetime: 1712171920
content-type: application/javascript
cache-control: public, max-age=300
timing-allow-origin: *
eagleid: dcb9a8a317121719922181855e

POST
H/1.1 200
OK init Show response
sdk.cklmnzy.cn/web/up7a03lk/1668/ 586 B
1 KB 773ms
258ms XHR
application/json 43.152.138.53
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.cklmnzy.cn/web/up7a03lk/1668/init?channelCode=1668&av=0&cv=0&hash=&sw=rqam&sh=oKam&sp=1&li=p6GkuKehuKa4pA
Requested by: Host: speed-address.oss-accelerate.aliyuncs.com
URL: https://speed-address.oss-accelerate.aliyuncs.com/common/js/tsinstall.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.53 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: nginx /
Resource Hash: 9f7d9bb1f51af833696dab86654b2c2ab34b7595c580387f9b869487d3fb36bb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://hlthm-qrm.n.hvctyklk.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 03 Apr 2024 19:19:51 GMT
Server: nginx
EO-Cache-Status: MISS
Vary: Origin
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://hlthm-qrm.n.hvctyklk.top
Access-Control-Allow-Credentials: true
EO-LOG-UUID: 5021087477517701699
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 586

POST
H2 200 stat.htm
z6.cnzz.com/ 2 B
123 B 1518ms
284ms Ping
text/html 223.109.148.174
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://z6.cnzz.com/stat.htm?id=1281334663&r=&lg=en-us&ntime=none&cnzz_eid=134961762-1712171992-&showp=800x600&p=https%3A%2F%2Fhlthm-qrm.n.hvctyklk.top%2F543%2Fw-m6.html%3FchannelCode%3D1668&t=%E5%AE%8C%E7%BE%8E%E7%9B%B4%E6%92%AD&umuuid=18ea5674529581-08ed6514822535-26001a51-75300-18ea567452a684&h=1
Requested by: Host: v1.cnzz.com
URL: https://v1.cnzz.com/z.js?id=1281334663&async=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 223.109.148.174 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hlthm-qrm.n.hvctyklk.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:19:53 GMT
content-encoding: gzip
server: Tengine
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 c.js Show response
c.cnzz.com/ 906 B
839 B 225ms
223ms Script
application/javascript 240e:f7:7c00:10a:3::3f2
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.cnzz.com/c.js?web_id=1281334663&t=z
Requested by: Host: v1.cnzz.com
URL: https://v1.cnzz.com/z.js?id=1281334663&async=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 240e:f7:7c00:10a:3::3f2 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 56fb254f9464faad900848011417478f2353690722d00107f4721a07e6a7c53a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hlthm-qrm.n.hvctyklk.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 19:18:40 GMT
via: cache7.l2cn3130[83,83,304-0,M], cache30.l2cn3130[84,0], cache13.cn4101[0,0,200-0,H], cache15.cn4101[0,0]
content-encoding: gzip
age: 72
x-swift-cachetime: 321
x-cache: HIT TCP_MEM_HIT dirn:12:526081183
x-swift-savetime: Wed, 03 Apr 2024 19:18:40 GMT
content-length: 591
server: Tengine
etag: W/"4843387006892891622"
vary: accept-encoding
ali-swift-global-savetime: 1712171920
content-type: application/javascript
cache-control: public, max-age=321
timing-allow-origin: *
eagleid: dcb9a8a317121719924862737e

GET
H/1.1 200
OK favicon.ico
xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/wm/ 15 KB
16 KB 217ms
215ms Other
image/x-icon 47.110.23.138
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/wm/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.110.23.138 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: b44534e356a982015911cfa3323333feb40ca96450be15435e19aec0d22621ad

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hlthm-qrm.n.hvctyklk.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 19:19:53 GMT
x-oss-request-id: 660DABD9E20C8C37364E9FB7
Content-MD5: jfOCY5vCtJ55wuIA0y2odA==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 15406
x-oss-object-type: Normal
Last-Modified: Sun, 24 Mar 2024 07:41:37 GMT
Server: AliyunOSS
ETag: "8DF382639BC2B49E79C2E200D32DA874"
Content-Type: image/x-icon
x-oss-ec: 0048-00000105
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 3573126310679673314
x-oss-server-time: 1

GET
H/1.1 200
OK sample.png
xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/wm/ 25 KB
26 KB 320ms
223ms Image
image/png 47.110.23.138
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xin-wm.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/wm/sample.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.110.23.138 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: f7366e9e6e0deba9e352f2e10deba15edb0338d35040dfe42274b69252dd9742

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hlthm-qrm.n.hvctyklk.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 19:19:53 GMT
x-oss-request-id: 660DABD9E20C8C37360DA0B7
Content-MD5: d4lAVg9hLadoqswAs9n/ug==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 25682
x-oss-object-type: Normal
Last-Modified: Sun, 24 Mar 2024 07:41:35 GMT
Server: AliyunOSS
ETag: "778940560F612DA768AACC00B3D9FFBA"
Content-Type: image/png
x-oss-ec: 0048-00000105
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 17086803193400978938
x-oss-server-time: 5

POST
H/1.1 200
OK eyJjIjoiMTY2OCIsIm0iOiJJamJrRTdMX0M3TUFBQUdPcFdkRFRUbEtiaTVFbk91TEJOX2oxRzlUd3lYUDRudzNfVGJlVDlZVUZCVGhWbkdpOUpsekVrcl8ifQ==
sdk.cklmnzy.cn/web/up7a03lk/1668/clicked/c/ 0
566 B 258ms
257ms Ping
text/plain 43.152.138.53
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.cklmnzy.cn/web/up7a03lk/1668/clicked/c/eyJjIjoiMTY2OCIsIm0iOiJJamJrRTdMX0M3TUFBQUdPcFdkRFRUbEtiaTVFbk91TEJOX2oxRzlUd3lYUDRudzNfVGJlVDlZVUZCVGhWbkdpOUpsekVrcl8ifQ==?p=0&ref=https%3A%2F%2Fhlthm-qrm.n.hvctyklk.top%2F543%2Fw-m6.html%3FchannelCode%3D1668&ac=0&cc=0&channelCode=1668
Requested by: Host: speed-address.oss-accelerate.aliyuncs.com
URL: https://speed-address.oss-accelerate.aliyuncs.com/common/js/tsinstall.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.138.53 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://hlthm-qrm.n.hvctyklk.top/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 19:19:55 GMT
Server: nginx
EO-Cache-Status: MISS
Vary: Origin
Access-Control-Allow-Origin: https://hlthm-qrm.n.hvctyklk.top
Access-Control-Allow-Credentials: true
EO-LOG-UUID: 7823651791790317135
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0

GET
H/1.1

200
OK

529.apk
xinbsdxy-adsa.tianyua.top/kdiaodlknic/
Redirect Chain

https://app-up7a03lk.cklmnzy.cn/page/up7a03lk/install/c/eyJjIjoiMTY2OCIsIm0iOiJRYjJiYXpWT0xwY0FBQUdPcFdkRFRVNnV4QjZZay1SYktyclBHT0VWUEdtVHFHNk1zSjBlZFJYcEJkMDQ3T0pFa1BXRWtobFUifQ==?p=0
https://xinbsdxy-adsa.tianyua.top:8888/kdiaodlknic/529.apk

0
0

1231ms
205ms

Document
application/octet-stream

58.220.33.215

General

Check archive.org

Show headers Download Go to

Full URL

https://xinbsdxy-adsa.tianyua.top:8888/kdiaodlknic/529.apk

Requested by

Host: speed-address.oss-accelerate.aliyuncs.com
URL: https://speed-address.oss-accelerate.aliyuncs.com/common/js/tsinstall.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

58.220.33.215 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hlthm-qrm.n.hvctyklk.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Content-Length: 43697755
Content-Type: application/octet-stream
Date: Wed, 03 Apr 2024 19:01:01 GMT
Etag: "98a1c9be6d70ace8c6bcce2b67a05673-5"
Last-Modified: Wed, 03 Apr 2024 19:01:32 GMT
Server: nginx
Vary: Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C2DA53B8615A88
X-Cache: HIT, server, disk
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Wed, 03 Apr 2024 19:19:56 GMT
EO-Cache-Status: MISS
EO-LOG-UUID: 1131005611464514565
Keep-Alive: timeout=10
Location: https://xinbsdxy-adsa.tianyua.top:8888/kdiaodlknic/529.apk
Server: nginx

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hvctyklk.top/	1970-01-20 23:58:16	Name: UM_distinctid Value: 18ea5674529581-08ed6514822535-26001a51-75300-18ea567452a684
			hlthm-qrm.n.hvctyklk.top/	1970-01-20 23:58:16	Name: CNZZDATA1281334663 Value: 134961762-1712171992-%7C1712171992

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://tal-xin.oss-cn-hangzhou.aliyuncs.com/xin-so/assets/js/statistics-a.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://v1.cnzz.com/z.js?id=1281334663&async=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tal-xin.oss-cn-hangzhou.aliyuncs.com/xin-so/assets/js/statistics-a.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://v1.cnzz.com/z.js?id=1281334663&async=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-up7a03lk.cklmnzy.cn
c.cnzz.com
hlthm-qrm.n.hvctyklk.top
jp29.cc
sdk.cklmnzy.cn
speed-address.oss-accelerate.aliyuncs.com
tal-xin.oss-cn-hangzhou.aliyuncs.com
v1.cnzz.com
xin-wm.oss-cn-hangzhou.aliyuncs.com
xinbsdxy-adsa.tianyua.top
z6.cnzz.com
121.199.204.179
223.109.148.174
23.224.75.29
240e:f7:7c00:10a:3::3f2
43.152.138.53
47.110.23.138
47.238.198.61
47.253.30.170
58.220.33.215
010dd0a35d8f76a0826026af36f3251ac7875adb5dedc16c93514cd21d10f8eb
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
255060940a13c104c5bc10017e06840f755f1a8384bb4147c5024650197c5a7a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3fea983c358cdced80cf215d951805e88d4082d175b71ad28570692993a5a892
4fb38a8ec69704a9999aa8902d961bc31a6e924a9e3773125f9f90fe8c976f9d
56fb254f9464faad900848011417478f2353690722d00107f4721a07e6a7c53a
7b3825ad5aabe0bd9ed9927d509464d2872f692e03bacb00ed46394e71814a1d
8ee8aae7882dbf0377b99f1ea53bc6c146913469dbf636947b5682c9b7b95b0b
9f7d9bb1f51af833696dab86654b2c2ab34b7595c580387f9b869487d3fb36bb
b17d9728b7b657a95bfabd23d0d262b2d2750e450952e59a83d1ab50c40d2b13
b44534e356a982015911cfa3323333feb40ca96450be15435e19aec0d22621ad
d0d5c1d60319ef19841382f3719218db07d3601ed6107ca9ac692d8e03cb2f92
d6d81b032729d422ba1f9742f0a1317b12a81f98b8d725e2be6ae5a8111fe79d
d9b63bfebff06a660196c768366510109384305d718cafaf7f28ada390782ab4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7366e9e6e0deba9e352f2e10deba15edb0338d35040dfe42274b69252dd9742
fcfbafb860935767cc8812cad9fcdc8086aebd226faa1bce9bb698aee61bc512

hlthm-qrm.n.hvctyklk.top Open in urlscan Pro 23.224.75.29 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

11 %IPv6

6 Domains

11 Subdomains

8 IPs

4 Countries

4140 kBTransfer

4249 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

hlthm-qrm.n.hvctyklk.top Open in urlscan Pro
23.224.75.29 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

11 %
IPv6

6
Domains

11
Subdomains

8
IPs

4
Countries

4140 kB
Transfer

4249 kB
Size

2
Cookies

20 HTTP transactions
0 data transactions