assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com Open in urlscan Pro
118.25.202.149 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.bing.com/ck/a?!&&p=d8d93b58a9bdf2b5JmltdHM9MTcwNzI2NDAwMCZpZ3VpZD0zM2RlMTAyOS1jYWQ5LTYyMmQtMjIzNS0wMjlmY2...
Effective URL:
https://assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com/Dependency/Data/4g/prod/appsource/home/central/Outgoing/Request/intweb/appvsc.htm
Submission: On February 12 via manual (February 12th 2024, 12:39:59 pm UTC) from EC — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 6 domains to perform 9 HTTP transactions. The main IP is 118.25.202.149, located in and belongs to . The main domain is assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com.
TLS certificate: Issued by GlobalSign Organization Validation CA... on March 6th 2023. Valid for: a year.

This is the only time assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a02:26f0:480... 2a02:26f0:480:22::1726:62db	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2606:4700:20:... 2606:4700:20::681a:dc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	54.92.10.154 54.92.10.154	() ()
1	118.25.202.149 118.25.202.149	() ()
9	3

1 2a02:26f0:480:22::1726:62db (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:dc9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.92.10.154 (Tokyo, Japan) 1 redirects

ASN- ()
PTR: ec2-54-92-10-154.ap-northeast-1.compute.amazonaws.com

qrtn.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 118.25.202.149 (None, )

ASN- ()

assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	myqcloud.com assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com
1	qrtn.jp 1 redirects qrtn.jp	666 B
1	t.ly 1 redirects t.ly — Cisco Umbrella Rank: 140399	1 KB
1	bing.com www.bing.com — Cisco Umbrella Rank: 60	2 KB
0	msftauth.net Failed aadcdn.msftauth.net Failed
0	cloudflare.com Failed cdnjs.cloudflare.com Failed
9	6

	Domain	Requested by
1	assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com	www.bing.com assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com
1	qrtn.jp	1 redirects
1	t.ly	1 redirects
1	www.bing.com
0	aadcdn.msftauth.net Failed	assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com
0	cdnjs.cloudflare.com Failed	assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com
9	6

This site contains no links.

Subject Issuer	Validity	Valid
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
*.cos.ap-shenzhen-fsi.myqcloud.com GlobalSign Organization Validation CA - SHA256 - G3	`2023-03-06` - `2024-04-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com/Dependency/Data/4g/prod/appsource/home/central/Outgoing/Request/intweb/appvsc.htm
Frame ID: C50AC2DE5B2DC7B76DB46B6597CF1FCE
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.bing.com/ck/a?!&&p=d8d93b58a9bdf2b5JmltdHM9MTcwNzI2NDAwMCZpZ3VpZD0zM2RlMTAyOS1jYWQ5LT... Page URL
https://t.ly/QKW2 HTTP 302
https://qrtn.jp/ukcardw HTTP 301
https://assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com/Dependency/Data/4g/prod/appsource/home/central/Outgoing/Request/intweb/appvs... Page URL

Page Statistics

9
Requests

22 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

3
IPs

3
Countries

2 kB
Transfer

9 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.bing.com/ck/a?!&&p=d8d93b58a9bdf2b5JmltdHM9MTcwNzI2NDAwMCZpZ3VpZD0zM2RlMTAyOS1jYWQ5LTYyMmQtMjIzNS0wMjlmY2VkOTYwNmImaW5zaWQ9NTE4Ng&ptn=3&ver=2&hsh=3&fclid=33de1029-cad9-622d-2235-029fced9606b&psq=site%3at.ly&u=a1aHR0cHM6Ly90Lmx5L1FLVzI&ntb=1qpbzrnwtyi Page URL
https://t.ly/QKW2 HTTP 302
https://qrtn.jp/ukcardw HTTP 301
https://assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com/Dependency/Data/4g/prod/appsource/home/central/Outgoing/Request/intweb/appvsc.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	a Show response www.bing.com/ck/	2 KB 2 KB	86ms 48ms	Document text/html	2a02:26f0:480:22::1726:62db AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.bing.com/ck/a?!&&p=d8d93b58a9bdf2b5JmltdHM9MTcwNzI2NDAwMCZpZ3VpZD0zM2RlMTAyOS1jYWQ5LTYyMmQtMjIzNS0wMjlmY2VkOTYwNmImaW5zaWQ9NTE4Ng&ptn=3&ver=2&hsh=3&fclid=33de1029-cad9-622d-2235-029fced9606b&psq=site%3at.ly&u=a1aHR0cHM6Ly90Lmx5L1FLVzI&ntb=1qpbzrnwtyi Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:22::1726:62db Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `26ca3874eeb9a705102c02fcfae252faef75a83074a85267b67613c3973604f0` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-origin * alt-svc h3=":443"; ma=93600 cache-control no-cache, must-revalidate content-encoding gzip content-length 1178 content-type text/html; charset=UTF-8 date Mon, 12 Feb 2024 12:39:53 GMT expires Fri, 01 Jan 1990 00:00:00 GMT pragma no-cache vary Accept-Encoding x-cdn-traceid 0.1bd53e17.1707741593.102cfdf6 x-msedge-ref Ref A: 19F8A7C5BFAF425F84A4F9730432BCCC Ref B: FRA31EDGE0822 Ref C: 2024-02-12T12:39:53Z
GET H/1.1	200 OK	Primary Request appvsc.htm assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com/Dependency/Data/4g/prod/appsource/home/central/Outgoing/Request/intweb/ Redirect Chain https://t.ly/QKW2 https://qrtn.jp/ukcardw https://assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com/Dependency/Data/4g/prod/appsource/home/central/Outgoing/Request/intweb/appvsc.htm	8 KB 0	3865ms 320ms	Document text/html	118.25.202.149
General Check archive.org Show headers Download Go to Full URL https://assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com/Dependency/Data/4g/prod/appsource/home/central/Outgoing/Request/intweb/appvsc.htm Requested by Host: www.bing.com URL: https://www.bing.com/ck/a?!&&p=d8d93b58a9bdf2b5JmltdHM9MTcwNzI2NDAwMCZpZ3VpZD0zM2RlMTAyOS1jYWQ5LTYyMmQtMjIzNS0wMjlmY2VkOTYwNmImaW5zaWQ9NTE4Ng&ptn=3&ver=2&hsh=3&fclid=33de1029-cad9-622d-2235-029fced9606b&psq=site%3at.ly&u=a1aHR0cHM6Ly90Lmx5L1FLVzI&ntb=1qpbzrnwtyi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 118.25.202.149 -, , ASN (), Reverse DNS Software tencent-cos / Resource Hash Request headers Referer https://www.bing.com/ck/a?!&&p=d8d93b58a9bdf2b5JmltdHM9MTcwNzI2NDAwMCZpZ3VpZD0zM2RlMTAyOS1jYWQ5LTYyMmQtMjIzNS0wMjlmY2VkOTYwNmImaW5zaWQ9NTE4Ng&ptn=3&ver=2&hsh=3&fclid=33de1029-cad9-622d-2235-029fced9606b&psq=site%3at.ly&u=a1aHR0cHM6Ly90Lmx5L1FLVzI&ntb=1qpbzrnwtyi Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Length 26666 Content-Type text/html Date Mon, 12 Feb 2024 12:39:58 GMT ETag "c8c3946edd530f3ffd2d874cea2a3967" Last-Modified Wed, 07 Feb 2024 13:10:07 GMT Server tencent-cos x-cos-hash-crc64ecma 18161577734543812058 x-cos-request-id NjVjYTExOWVfYmFhODUzNjRfMTZjY19iNTliY2Y= Redirect headers cache-control no-store, no-cache, must-revalidate content-length 331 content-security-policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests content-type text/html; charset=utf-8 date Mon, 12 Feb 2024 12:39:55 GMT expect-ct max-age=0 expires 0 location https://assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com/Dependency/Data/4g/prod/appsource/home/central/Outgoing/Request/intweb/appvsc.htm pragma no-cache referrer-policy no-referrer strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-frame-options SAMEORIGIN x-permitted-cross-domain-policies none x-xss-protection 0
GET		font-awesome.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	0 0

GET		styles.css assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com/Dependency/Data/4g/prod/appsource/home/central/Outgoing/Request/intweb/	0 0

GET		microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg aadcdn.msftauth.net/ests/2.1/content/images/	0 0

GET		picker_account_aad_9de70d1c5191d1852a0d5aac28b44a6c.svg aadcdn.msftauth.net/ests/2.1/content/images/	0 0

GET		picker_more_7568a43cf440757c55d2e7f51557ae1f.svg aadcdn.msftauth.net/ests/2.1/content/images/	0 0

GET		picker_account_add_56e73414003cdb676008ff7857343074.svg aadcdn.msftauth.net/ests/2.1/content/images/	0 0

GET		arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg aadcdn.msftauth.net/ests/2.1/content/images/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css

Domain: assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com
URL: https://assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com/Dependency/Data/4g/prod/appsource/home/central/Outgoing/Request/intweb/styles.css

Domain: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg

Domain: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/ests/2.1/content/images/picker_account_aad_9de70d1c5191d1852a0d5aac28b44a6c.svg

Domain: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/ests/2.1/content/images/picker_more_7568a43cf440757c55d2e7f51557ae1f.svg

Domain: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/ests/2.1/content/images/picker_account_add_56e73414003cdb676008ff7857343074.svg

Domain: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/ests/2.1/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			t.ly/	1970-01-20 18:42:31	Name: XSRF-TOKEN Value: eyJpdiI6IjgzL21kMkJsQk83RTJZWlhIcEdaNUE9PSIsInZhbHVlIjoiYjVTVENBS3pUSVkvZ0RJZ3BPRktEUUNJei9KL3NjQUR4UHkzaWVVTUsya3FGMXZrRTVtY0RuNThZZXBjUkh5a0drZ3M5bTNUVUtWeTJWaERabWRZbThQRlVpcWRkek1ldjhtUFZONmVleWRmSTVGM0JZajdDKytQS256dDdXRngiLCJtYWMiOiIyYzdiMjJlYTA3N2QxZDFjZGM0MWMwOTRhZmZiNzUxNzkwNDc3YzdmZGU0ODIzZTRjMzliNGNjMDZmYTEyZjVhIiwidGFnIjoiIn0%3D
			t.ly/	1970-01-20 18:42:31	Name: tly_session Value: eyJpdiI6IkdmQTQyLzRQRFhqWURoNVNPSWN4Z3c9PSIsInZhbHVlIjoiUW51cFB5UmlEcXZnQ3BaSVN5SDAvd3BsQXNqTHNiVFFZb3ZINkVkRUJ3MmVOcGNtNXZSYldVd2RwckgwSkgzSWpYYTFGem1SYm5GWWlqM0R0RkZvc2ROV1ZXakNKLzNVQ0FYbmhpQ1praEcxbnMzdnRFQmNsK08zQmI0Mno2OU4iLCJtYWMiOiI0ZTk1YThiNTA1YzBjYjQxZTc2ZGZlM2ExM2QzNzlhNzViYjJiNTgxZDA2MWI3OThlMDdmMjAwMjZkYmQ1YWJiIiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com
cdnjs.cloudflare.com
qrtn.jp
t.ly
www.bing.com
aadcdn.msftauth.net
assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com
cdnjs.cloudflare.com
118.25.202.149
2606:4700:20::681a:dc9
2a02:26f0:480:22::1726:62db
54.92.10.154
26ca3874eeb9a705102c02fcfae252faef75a83074a85267b67613c3973604f0

assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com Open in urlscan Pro 118.25.202.149 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

9 Requests

22 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

3 IPs

3 Countries

2 kBTransfer

9 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Indicators

assistance-terms-1318427319.cos.ap-shenzhen-fsi.myqcloud.com Open in urlscan Pro
118.25.202.149 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

22 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

3
IPs

3
Countries

2 kB
Transfer

9 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions