Submitted URL: https://3115uu.com/
Effective URL: http://3115nn.top/
Submission: On September 10 via automatic, source openphish — Scanned from JP

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 7 HTTP transactions. The main IP is 154.89.10.34, located in Hong Kong, Hong Kong and belongs to CHGPL-AS-AP Korea, HK. The main domain is 3115nn.top.
This is the only time 3115nn.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 54.250.6.178 16509 (AMAZON-02)
1 4 154.89.10.34 133448 (CHGPL-AS-...)
1 103.151.139.204 138915 (KAOPU-HK ...)
7 4
Apex Domain
Subdomains
Transfer
4 3115nn.top
3115nn.top
7 KB
1 51.la
js.users.51.la — Cisco Umbrella Rank: 99472
ia.51.la Failed
5 KB
1 3115uu.com
3115uu.com
568 B
7 3
Domain Requested by
4 3115nn.top 1 redirects 54.250.6.178
3115nn.top
1 js.users.51.la 3115nn.top
1 3115uu.com
0 ia.51.la Failed 3115nn.top
7 4

This site contains no links.

Subject Issuer Validity Valid
3115uu.com
R11
2024-06-10 -
2024-09-08
3 months crt.sh
js.users.51.la
Sectigo RSA Domain Validation Secure Server CA
2024-05-20 -
2025-05-20
a year crt.sh

This page contains 1 frames:

Primary Page: http://3115nn.top/
Frame ID: 3178B19475CC44FD3936A7962C092D80
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

bet365官网365P.com-亚洲最佳娱乐公司

Page URL History Show full URLs

  1. https://3115uu.com/ Page URL
  2. http://54.250.6.178:886/?u=aHR0cHM6Ly8zMTE1dXUuY29tLw==&p=Lw== HTTP 307
    https://54.250.6.178:886/?u=aHR0cHM6Ly8zMTE1dXUuY29tLw==&p=Lw== HTTP 307
    http://54.250.6.178:886/?u=aHR0cHM6Ly8zMTE1dXUuY29tLw==&p=Lw== Page URL
  3. http://3115nn.top/ HTTP 307
    https://3115nn.top/ HTTP 302
    http://3115nn.top/ HTTP 307
    http://3115nn.top/ Page URL

Page Statistics

7
Requests

14 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

13 kB
Transfer

14 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://3115uu.com/ Page URL
  2. http://54.250.6.178:886/?u=aHR0cHM6Ly8zMTE1dXUuY29tLw==&p=Lw== HTTP 307
    https://54.250.6.178:886/?u=aHR0cHM6Ly8zMTE1dXUuY29tLw==&p=Lw== HTTP 307
    http://54.250.6.178:886/?u=aHR0cHM6Ly8zMTE1dXUuY29tLw==&p=Lw== Page URL
  3. http://3115nn.top/ HTTP 307
    https://3115nn.top/ HTTP 302
    http://3115nn.top/ HTTP 307
    http://3115nn.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://54.250.6.178:886/?u=aHR0cHM6Ly8zMTE1dXUuY29tLw==&p=Lw== HTTP 307
  • https://54.250.6.178:886/?u=aHR0cHM6Ly8zMTE1dXUuY29tLw==&p=Lw== HTTP 307
  • http://54.250.6.178:886/?u=aHR0cHM6Ly8zMTE1dXUuY29tLw==&p=Lw==

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
3115uu.com/
591 B
568 B
Document
General
Full URL
https://3115uu.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.250.6.178 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-250-6-178.ap-northeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=600
Connection
keep-alive
Content-Encoding
br
Content-Length
336
Content-Type
text/html;charset=utf-8
Date
Tue, 10 Sep 2024 14:17:20 GMT
Server
openresty
Vary
Accept-Encoding
/
54.250.6.178/
Redirect Chain
  • http://54.250.6.178:886/?u=aHR0cHM6Ly8zMTE1dXUuY29tLw==&p=Lw==
  • https://54.250.6.178:886/?u=aHR0cHM6Ly8zMTE1dXUuY29tLw==&p=Lw==
  • http://54.250.6.178:886/?u=aHR0cHM6Ly8zMTE1dXUuY29tLw==&p=Lw==
320 B
459 B
Document
General
Full URL
http://54.250.6.178:886/?u=aHR0cHM6Ly8zMTE1dXUuY29tLw==&p=Lw==
Requested by
Host: 3115uu.com
URL: https://3115uu.com/
Protocol
HTTP/1.1
Server
54.250.6.178 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-250-6-178.ap-northeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 10 Sep 2024 14:17:20 GMT
Server
openresty
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Location
http://54.250.6.178:886/?u=aHR0cHM6Ly8zMTE1dXUuY29tLw==&p=Lw==
Non-Authoritative-Reason
HttpsUpgrades
Primary Request /
3115nn.top/
Redirect Chain
  • http://3115nn.top/
  • https://3115nn.top/
  • http://3115nn.top/
  • http://3115nn.top/
5 KB
2 KB
Document
General
Full URL
http://3115nn.top/
Requested by
Host: 54.250.6.178
URL: http://54.250.6.178:886/?u=aHR0cHM6Ly8zMTE1dXUuY29tLw==&p=Lw==
Protocol
HTTP/1.1
Server
154.89.10.34 Hong Kong, Hong Kong, ASN133448 (CHGPL-AS-AP Korea, HK),
Reverse DNS
Software
/
Resource Hash
51134d023c5e44c335900f1b22dd6512803f90e3982f9232865883fd269be29e

Request headers

Referer
http://54.250.6.178:886/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 10 Sep 2024 14:17:21 GMT
Transfer-Encoding
chunked

Redirect headers

Location
http://3115nn.top/
Non-Authoritative-Reason
HttpsUpgrades
md5.min.js
3115nn.top/js/
0
0
Script
General
Full URL
http://3115nn.top/js/md5.min.js
Requested by
Host: 3115nn.top
URL: http://3115nn.top/
Protocol
HTTP/1.1
Server
154.89.10.34 Hong Kong, Hong Kong, ASN133448 (CHGPL-AS-AP Korea, HK),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://3115nn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 14:17:21 GMT
Connection
keep-alive
Content-Length
552
Content-Type
text/html; charset=utf-8
logo_240819.jpg
3115nn.top/img/
4 KB
4 KB
Image
General
Full URL
http://3115nn.top/img/logo_240819.jpg
Requested by
Host: 3115nn.top
URL: http://3115nn.top/
Protocol
HTTP/1.1
Server
154.89.10.34 Hong Kong, Hong Kong, ASN133448 (CHGPL-AS-AP Korea, HK),
Reverse DNS
Software
/
Resource Hash
d5cce5fa680a1b371f6be11f0a858d98a22be5641878a14e137228f73db08fd8

Request headers

Referer
http://3115nn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 14:17:21 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3818
Content-Type
image/jpeg
19713195.js
js.users.51.la/
5 KB
5 KB
Script
General
Full URL
https://js.users.51.la/19713195.js
Requested by
Host: 3115nn.top
URL: http://3115nn.top/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.151.139.204 , China, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
6f7c2b2401ad9b8648afe8c6d3e4fe6199a80131e510811fad680baa40e4ea13

Request headers

Referer
http://3115nn.top/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 14:17:21 GMT
via
EA-JPN-tokyo-EDGE2-CACHE5[85],EA-JPN-tokyo-EDGE2-CACHE5[ovl,84],EA-HKG-GLOBAL1-CACHE12[ovl,32]
Server
openresty
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Access-Control-Allow-Credentials
true
X-CCDN-REQ-ID-46B1
5c1979cef0846e76cae324e2dfe364f0
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
go1
ia.51.la/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ia.51.la
URL
http://ia.51.la/go1?id=19713195&rt=1725977841833&rl=1600*1200&lang=ja-JP&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=bet365%252C%25E6%25B2%2599%25E5%25B7%25B4%25E4%25BD%2593%25E8%2582%25B2%252C%25E7%259A%2587%25E5%2586%25A0%25E4%25BD%2593%25E8%2582%25B2%252C188%25E4%25BD%2593%25E8%2582%25B2%252CIM%25E4%25BD%2593%25E8%2582%25B2%252CFB&ing=1&ekc=&sid=1725977841833&tt=bet365%25E5%25AE%2598%25E7%25BD%2591365P.com-%25E4%25BA%259A%25E6%25B4%25B2%25E6%259C%2580%25E4%25BD%25B3%25E5%25A8%25B1%25E4%25B9%2590%25E5%2585%25AC%25E5%258F%25B8&kw=&cu=http%253A%252F%252F3115nn.top%252F&pu=http%253A%252F%252F54.250.6.178%253A886%252F

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| _ object| u number| j function| openUrl1 string| uu string| _2 object| u2 function| openUrl2 string| uu2 string| _3 object| u3 function| openUrl3 string| uu3

3 Cookies

Domain/Path Name / Value
3115nn.top/ Name: __tins__19713195
Value: %7B%22sid%22%3A%201725977841833%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201725979641833%7D
3115nn.top/ Name: __51cke__
Value:
3115nn.top/ Name: __51laig__
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: http://3115nn.top/js/md5.min.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3115nn.top
3115uu.com
ia.51.la
js.users.51.la
ia.51.la
103.151.139.204
154.89.10.34
54.250.6.178
51134d023c5e44c335900f1b22dd6512803f90e3982f9232865883fd269be29e
6f7c2b2401ad9b8648afe8c6d3e4fe6199a80131e510811fad680baa40e4ea13
d5cce5fa680a1b371f6be11f0a858d98a22be5641878a14e137228f73db08fd8