baabccdd.eeffgghh.rvgkdcra717s.xyz Open in urlscan Pro
206.119.172.113 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://xsj088.com/?inviteCode=124278
Effective URL:
https://baabccdd.eeffgghh.rvgkdcra717s.xyz/?inviteCode=124278
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On November 06 via api (November 6th 2024, 4:16:45 pm UTC) from IT — Scanned from IT

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 8 domains to perform 23 HTTP transactions. The main IP is 206.119.172.113, located in Los Angeles, United States and belongs to SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK. The main domain is baabccdd.eeffgghh.rvgkdcra717s.xyz.
TLS certificate: Issued by R11 on October 17th 2024. Valid for: 3 months.

This is the only time baabccdd.eeffgghh.rvgkdcra717s.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	152.32.214.136 152.32.214.136	135377 (UCLOUD-HK...) (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED)
7	206.119.178.23 206.119.178.23	133199 (SONDERCLO...) (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited)
10	206.119.172.113 206.119.172.113	133199 (SONDERCLO...) (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited)
23	3

1 152.32.214.136 (Hong Kong, Hong Kong) 1 redirects

ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK)

xsj088.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 206.119.178.23 (Los Angeles, United States)

ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK)

xsj088.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 206.119.172.113 (Los Angeles, United States)

ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK)

baabccdd.eeffgghh.rvgkdcra717s.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	rvgkdcra717s.xyz baabccdd.eeffgghh.rvgkdcra717s.xyz	60 KB
7	xsj088.xyz xsj088.xyz	312 KB
1	xsj088.com 1 redirects xsj088.com	135 B
0	rjmrel.cn Failed kwnn.rjmrel.cn Failed kwnm.rjmrel.cn Failed
0	rstzx.cn Failed nwtest.rstzx.cn Failed
0	tiandengsheng.com Failed abc.tiandengsheng.com Failed
0	mczyee.cn Failed kwop.mczyee.cn Failed
0	dcloud.net.cn Failed cdn.dcloud.net.cn Failed
23	8

	Domain	Requested by
10	baabccdd.eeffgghh.rvgkdcra717s.xyz	xsj088.xyz baabccdd.eeffgghh.rvgkdcra717s.xyz
7	xsj088.xyz	xsj088.xyz
1	xsj088.com	1 redirects
0	kwnm.rjmrel.cn Failed	baabccdd.eeffgghh.rvgkdcra717s.xyz
0	kwnn.rjmrel.cn Failed	baabccdd.eeffgghh.rvgkdcra717s.xyz
0	nwtest.rstzx.cn Failed	baabccdd.eeffgghh.rvgkdcra717s.xyz
0	abc.tiandengsheng.com Failed	baabccdd.eeffgghh.rvgkdcra717s.xyz
0	kwop.mczyee.cn Failed	baabccdd.eeffgghh.rvgkdcra717s.xyz
0	cdn.dcloud.net.cn Failed	xsj088.xyz
23	9

This site contains no links.

Subject Issuer	Validity	Valid
xsj088.xyz R10	`2024-10-25` - `2025-01-23`	3 months	crt.sh
baabccdd.eeffgghh.rvgkdcra717s.xyz R11	`2024-10-17` - `2025-01-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://baabccdd.eeffgghh.rvgkdcra717s.xyz/?inviteCode=124278
Frame ID: 3C46E5C1B544867EE90E8A507BA078C9
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NEW WORLD 百度一下，你就知道

Page URL History Show full URLs

https://xsj088.com/?inviteCode=124278 HTTP 302
https://xsj088.xyz/?inviteCode=124278 Page URL
https://baabccdd.eeffgghh.rvgkdcra717s.xyz/?inviteCode=124278 Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

74 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

3
IPs

2
Countries

377 kB
Transfer

1069 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://xsj088.com/?inviteCode=124278 HTTP 302
https://xsj088.xyz/?inviteCode=124278 Page URL
https://baabccdd.eeffgghh.rvgkdcra717s.xyz/?inviteCode=124278 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://xsj088.com/?inviteCode=124278 HTTP 302
https://xsj088.xyz/?inviteCode=124278

23 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
xsj088.xyz/
Redirect Chain

https://xsj088.com/?inviteCode=124278
https://xsj088.xyz/?inviteCode=124278

781 B
935 B

922ms
274ms

Document
text/html

206.119.178.23
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://xsj088.xyz/?inviteCode=124278

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.23 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

dacc6706344cf57b1105ce356fa61337384fd24aaec83d5e4a7c37d6468dcdee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 781
content-type: text/html
date: Wed, 06 Nov 2024 16:16:38 GMT
etag: "6695d3b4-30d"
last-modified: Tue, 16 Jul 2024 01:58:12 GMT
server: nginx
strict-transport-security: max-age=31536000

Redirect headers

content-type: text/html; charset=UTF-8
date: Wed, 06 Nov 2024 16:16:37 GMT
location: https://xsj088.xyz?inviteCode=124278
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 index.2da1efab.css
xsj088.xyz/static/ 94 KB
29 KB 531ms
530ms Stylesheet
text/css 206.119.178.23
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://xsj088.xyz/static/index.2da1efab.css

Requested by

Host: xsj088.xyz
URL: https://xsj088.xyz/?inviteCode=124278

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.23 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

e97de9a247807f12d74101e9f736250b2410be4e1ed3d17ed875e4b08cf66c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xsj088.xyz/?inviteCode=124278

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"6695d3b4-178f9"
expires: Thu, 07 Nov 2024 04:16:39 GMT
date: Wed, 06 Nov 2024 16:16:39 GMT
content-type: text/css
last-modified: Tue, 16 Jul 2024 01:58:12 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 chunk-vendors.fbe855ac.js Show response
xsj088.xyz/static/js/ 776 KB
271 KB 797ms
796ms Script
application/javascript 206.119.178.23
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://xsj088.xyz/static/js/chunk-vendors.fbe855ac.js

Requested by

Host: xsj088.xyz
URL: https://xsj088.xyz/?inviteCode=124278

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.23 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

682be307a78601bb96350809a7cf9016fd686a21dfdfae4ecd4d6a77b8d53676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xsj088.xyz/?inviteCode=124278

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"6695d3b4-c1f99"
expires: Thu, 07 Nov 2024 04:16:39 GMT
date: Wed, 06 Nov 2024 16:16:39 GMT
content-type: application/javascript
last-modified: Tue, 16 Jul 2024 01:58:12 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 index.bd93c33d.js Show response
xsj088.xyz/static/js/ 37 KB
9 KB 824ms
824ms Script
application/javascript 206.119.178.23
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://xsj088.xyz/static/js/index.bd93c33d.js

Requested by

Host: xsj088.xyz
URL: https://xsj088.xyz/?inviteCode=124278

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.23 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

0a9aad4ac9a2e3f98adaf548e47a79fbdc0d773af8806f8d65ec2186c9cc7c80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xsj088.xyz/?inviteCode=124278

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"6695d3b4-9531"
expires: Thu, 07 Nov 2024 04:16:39 GMT
date: Wed, 06 Nov 2024 16:16:39 GMT
content-type: application/javascript
last-modified: Tue, 16 Jul 2024 01:58:12 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 pages-index-index.d82a81a4.js Show response
xsj088.xyz/static/js/ 3 KB
1 KB 280ms
280ms Script
application/javascript 206.119.178.23
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://xsj088.xyz/static/js/pages-index-index.d82a81a4.js

Requested by

Host: xsj088.xyz
URL: https://xsj088.xyz/static/js/index.bd93c33d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.23 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

82ad2f408831882c21f42b26277582a0d3dc770583b8fd10cdc1a96d16f1a0cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xsj088.xyz/?inviteCode=124278

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"6695d3b4-b9f"
expires: Thu, 07 Nov 2024 04:16:40 GMT
date: Wed, 06 Nov 2024 16:16:40 GMT
content-type: application/javascript
last-modified: Tue, 16 Jul 2024 01:58:12 GMT
server: nginx
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

POST
H2 200 urllist.php Show response
xsj088.xyz/api/v1/url/ 282 B
549 B 279ms
279ms XHR
application/json 206.119.178.23
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://xsj088.xyz/api/v1/url/urllist.php

Requested by

Host: xsj088.xyz
URL: https://xsj088.xyz/static/js/chunk-vendors.fbe855ac.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.23 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

2cfe8ad03c652bc8c186890f430d83f07928ac2d8e7aef9aeced88762bc4788c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://xsj088.xyz/?inviteCode=124278

Response headers

strict-transport-security: max-age=31536000
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
expires: Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin: *
date: Wed, 06 Nov 2024 16:16:40 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx
access-control-allow-headers: Content-Type

GET
H2 404 favicon.ico
xsj088.xyz/ 148 B
228 B 275ms
275ms Other
text/html 206.119.178.23
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL: https://xsj088.xyz/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.119.178.23 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 9cad3cff676946810a81047247f12e4e51faccc01df4134edfd871aee8ba0956

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xsj088.xyz/?inviteCode=124278

Response headers

content-length: 148
date: Wed, 06 Nov 2024 16:16:41 GMT
etag: "67194aa3-94"
content-type: text/html
server: nginx

GET
H2 200 ping.json
baabccdd.eeffgghh.rvgkdcra717s.xyz/ 42 B
239 B 798ms
255ms XHR
application/json 206.119.172.113
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL: https://baabccdd.eeffgghh.rvgkdcra717s.xyz/ping.json?t=0.12495890475107774
Requested by: Host: xsj088.xyz
URL: https://xsj088.xyz/static/js/chunk-vendors.fbe855ac.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.119.172.113 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://xsj088.xyz/

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-origin: *
content-length: 42
date: Wed, 06 Nov 2024 16:16:41 GMT
content-type: application/json
server: nginx
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 Primary Request / Show response
baabccdd.eeffgghh.rvgkdcra717s.xyz/ 15 KB
7 KB 773ms
258ms Document
text/html 206.119.172.113
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://baabccdd.eeffgghh.rvgkdcra717s.xyz/?inviteCode=124278

Requested by

Host: xsj088.xyz
URL: https://xsj088.xyz/static/js/pages-index-index.d82a81a4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.172.113 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

8ddaa146b92a8dd3dbcc5b2ff36af39b67f725e37b23d8359b124ee6a792fa4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://xsj088.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 06 Nov 2024 16:16:42 GMT
etag: W/"66c57ec8-3d1f"
last-modified: Wed, 21 Aug 2024 05:44:40 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET shadow-grey.png
cdn.dcloud.net.cn/img/ 0
0

GET
H2 200 common.css
baabccdd.eeffgghh.rvgkdcra717s.xyz/style/ 2 KB
1 KB 269ms
266ms Stylesheet
text/css 206.119.172.113
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://baabccdd.eeffgghh.rvgkdcra717s.xyz/style/common.css

Requested by

Host: baabccdd.eeffgghh.rvgkdcra717s.xyz
URL: https://baabccdd.eeffgghh.rvgkdcra717s.xyz/?inviteCode=124278

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.172.113 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

868a6072f81a9338a831bba1c8abdbc40cadf0d42af3220c29fbc8aea596e828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://baabccdd.eeffgghh.rvgkdcra717s.xyz/?inviteCode=124278

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"66c573be-90e"
expires: Thu, 07 Nov 2024 04:16:42 GMT
date: Wed, 06 Nov 2024 16:16:42 GMT
content-type: text/css
last-modified: Wed, 21 Aug 2024 04:57:34 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 Polyfill.js Show response
baabccdd.eeffgghh.rvgkdcra717s.xyz/js/ 636 B
849 B 268ms
266ms Script
application/javascript 206.119.172.113
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://baabccdd.eeffgghh.rvgkdcra717s.xyz/js/Polyfill.js

Requested by

Host: baabccdd.eeffgghh.rvgkdcra717s.xyz
URL: https://baabccdd.eeffgghh.rvgkdcra717s.xyz/?inviteCode=124278

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.172.113 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

348240587278e97d1c588dec7cce132481228f7f2a42077c6c406cfa8fb8b2a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://baabccdd.eeffgghh.rvgkdcra717s.xyz/?inviteCode=124278

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
etag: "66c57950-27c"
expires: Thu, 07 Nov 2024 04:16:42 GMT
accept-ranges: bytes
content-length: 636
date: Wed, 06 Nov 2024 16:16:42 GMT
content-type: application/javascript
last-modified: Wed, 21 Aug 2024 05:21:20 GMT
server: nginx

GET
H2 200 rem.js Show response
baabccdd.eeffgghh.rvgkdcra717s.xyz/js/ 311 B
524 B 269ms
267ms Script
application/javascript 206.119.172.113
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://baabccdd.eeffgghh.rvgkdcra717s.xyz/js/rem.js

Requested by

Host: baabccdd.eeffgghh.rvgkdcra717s.xyz
URL: https://baabccdd.eeffgghh.rvgkdcra717s.xyz/?inviteCode=124278

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.172.113 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

bde1e5d9ba98f2da108be1f5ab0b25b5c7e0708baa51c211dc564fa915064480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://baabccdd.eeffgghh.rvgkdcra717s.xyz/?inviteCode=124278

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
etag: "662e51f2-137"
expires: Thu, 07 Nov 2024 04:16:42 GMT
accept-ranges: bytes
content-length: 311
date: Wed, 06 Nov 2024 16:16:42 GMT
content-type: application/javascript
last-modified: Sun, 28 Apr 2024 13:41:06 GMT
server: nginx

GET
H2 200 jquery-1.10.1.min.js Show response
baabccdd.eeffgghh.rvgkdcra717s.xyz/Swiper-2.7.6/demos/js/ 91 KB
36 KB 296ms
294ms Script
application/javascript 206.119.172.113
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://baabccdd.eeffgghh.rvgkdcra717s.xyz/Swiper-2.7.6/demos/js/jquery-1.10.1.min.js

Requested by

Host: baabccdd.eeffgghh.rvgkdcra717s.xyz
URL: https://baabccdd.eeffgghh.rvgkdcra717s.xyz/?inviteCode=124278

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.172.113 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://baabccdd.eeffgghh.rvgkdcra717s.xyz/?inviteCode=124278

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"54dba14e-16b88"
expires: Thu, 07 Nov 2024 04:16:42 GMT
date: Wed, 06 Nov 2024 16:16:42 GMT
content-type: application/javascript
last-modified: Wed, 11 Feb 2015 18:37:02 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 global.js Show response
baabccdd.eeffgghh.rvgkdcra717s.xyz/js/ 6 KB
2 KB 574ms
573ms Script
application/javascript 206.119.172.113
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://baabccdd.eeffgghh.rvgkdcra717s.xyz/js/global.js?_ift=j9n2tt2led84a2rgjljovijqq

Requested by

Host: baabccdd.eeffgghh.rvgkdcra717s.xyz
URL: https://baabccdd.eeffgghh.rvgkdcra717s.xyz/?inviteCode=124278

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.172.113 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

90abe52375c41fab900a72c7a9f342feae15ee4c0d68b0d7e2af8d44597eded1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://baabccdd.eeffgghh.rvgkdcra717s.xyz/?inviteCode=124278

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"66c57702-1825"
expires: Thu, 07 Nov 2024 04:16:42 GMT
date: Wed, 06 Nov 2024 16:16:42 GMT
content-type: application/javascript
last-modified: Wed, 21 Aug 2024 05:11:30 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 layer.js Show response
baabccdd.eeffgghh.rvgkdcra717s.xyz/3.1.1/ 22 KB
8 KB 592ms
591ms Script
application/javascript 206.119.172.113
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://baabccdd.eeffgghh.rvgkdcra717s.xyz/3.1.1/layer.js

Requested by

Host: baabccdd.eeffgghh.rvgkdcra717s.xyz
URL: https://baabccdd.eeffgghh.rvgkdcra717s.xyz/?inviteCode=124278

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.172.113 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

1ce6649d82d2db0f8e4823f701ddfcfd9c7f107cb446c907e46ec7e57171a2a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://baabccdd.eeffgghh.rvgkdcra717s.xyz/?inviteCode=124278

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"5a261924-5664"
expires: Thu, 07 Nov 2024 04:16:42 GMT
date: Wed, 06 Nov 2024 16:16:42 GMT
content-type: application/javascript
last-modified: Tue, 05 Dec 2017 03:57:24 GMT
server: nginx
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 5 KB
5 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3b812720c532be020fff8ed451ce81c5bdcad52993cf88b0e0385fbdae1b2bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://baabccdd.eeffgghh.rvgkdcra717s.xyz
Referer

Response headers

Content-Type: application/octet-stream

GET
H2 200 layer.css
baabccdd.eeffgghh.rvgkdcra717s.xyz/3.1.1/theme/default/ 14 KB
3 KB 271ms
271ms Stylesheet
text/css 206.119.172.113
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://baabccdd.eeffgghh.rvgkdcra717s.xyz/3.1.1/theme/default/layer.css?v=3.1.1

Requested by

Host: baabccdd.eeffgghh.rvgkdcra717s.xyz
URL: https://baabccdd.eeffgghh.rvgkdcra717s.xyz/3.1.1/layer.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.172.113 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://baabccdd.eeffgghh.rvgkdcra717s.xyz/?inviteCode=124278

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"5a261924-381f"
expires: Thu, 07 Nov 2024 04:16:43 GMT
date: Wed, 06 Nov 2024 16:16:43 GMT
content-type: text/css
last-modified: Tue, 05 Dec 2017 03:57:24 GMT
server: nginx
vary: Accept-Encoding

GET ping
kwop.mczyee.cn/livegameapi/ 0
0

GET ping
abc.tiandengsheng.com/livegameapi/ 0
0

GET ping
nwtest.rstzx.cn/livegameapi/ 0
0

GET ping
kwnn.rjmrel.cn/livegameapi/ 0
0

GET ping
kwnm.rjmrel.cn/livegameapi/ 0
0

GET
H2 404 favicon.ico
baabccdd.eeffgghh.rvgkdcra717s.xyz/ 548 B
611 B 276ms
275ms Other
text/html 206.119.172.113
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL: https://baabccdd.eeffgghh.rvgkdcra717s.xyz/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.119.172.113 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://baabccdd.eeffgghh.rvgkdcra717s.xyz/?inviteCode=124278

Response headers

content-length: 548
date: Wed, 06 Nov 2024 16:16:43 GMT
content-type: text/html
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.dcloud.net.cn
URL: https://cdn.dcloud.net.cn/img/shadow-grey.png

Domain: kwop.mczyee.cn
URL: https://kwop.mczyee.cn/livegameapi/ping?t=15113

Domain: abc.tiandengsheng.com
URL: https://abc.tiandengsheng.com/livegameapi/ping?t=473159

Domain: nwtest.rstzx.cn
URL: https://nwtest.rstzx.cn/livegameapi/ping?t=344140

Domain: kwnn.rjmrel.cn
URL: https://kwnn.rjmrel.cn/livegameapi/ping?t=885833

Domain: kwnm.rjmrel.cn
URL: https://kwnm.rjmrel.cn/livegameapi/ping?t=959806

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			xsj088.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6t794ah7qasj49aqhq5hm8ntnr

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://xsj088.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://baabccdd.eeffgghh.rvgkdcra717s.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abc.tiandengsheng.com
baabccdd.eeffgghh.rvgkdcra717s.xyz
cdn.dcloud.net.cn
kwnm.rjmrel.cn
kwnn.rjmrel.cn
kwop.mczyee.cn
nwtest.rstzx.cn
xsj088.com
xsj088.xyz
abc.tiandengsheng.com
cdn.dcloud.net.cn
kwnm.rjmrel.cn
kwnn.rjmrel.cn
kwop.mczyee.cn
nwtest.rstzx.cn
152.32.214.136
206.119.172.113
206.119.178.23
0a9aad4ac9a2e3f98adaf548e47a79fbdc0d773af8806f8d65ec2186c9cc7c80
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3
1ce6649d82d2db0f8e4823f701ddfcfd9c7f107cb446c907e46ec7e57171a2a3
2cfe8ad03c652bc8c186890f430d83f07928ac2d8e7aef9aeced88762bc4788c
348240587278e97d1c588dec7cce132481228f7f2a42077c6c406cfa8fb8b2a2
4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79
682be307a78601bb96350809a7cf9016fd686a21dfdfae4ecd4d6a77b8d53676
82ad2f408831882c21f42b26277582a0d3dc770583b8fd10cdc1a96d16f1a0cd
868a6072f81a9338a831bba1c8abdbc40cadf0d42af3220c29fbc8aea596e828
8ddaa146b92a8dd3dbcc5b2ff36af39b67f725e37b23d8359b124ee6a792fa4b
90abe52375c41fab900a72c7a9f342feae15ee4c0d68b0d7e2af8d44597eded1
9cad3cff676946810a81047247f12e4e51faccc01df4134edfd871aee8ba0956
b3b812720c532be020fff8ed451ce81c5bdcad52993cf88b0e0385fbdae1b2bd
bde1e5d9ba98f2da108be1f5ab0b25b5c7e0708baa51c211dc564fa915064480
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
dacc6706344cf57b1105ce356fa61337384fd24aaec83d5e4a7c37d6468dcdee
e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc
e97de9a247807f12d74101e9f736250b2410be4e1ed3d17ed875e4b08cf66c83

baabccdd.eeffgghh.rvgkdcra717s.xyz Open in urlscan Pro 206.119.172.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

74 %HTTPS

0 %IPv6

8 Domains

9 Subdomains

3 IPs

2 Countries

377 kBTransfer

1069 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

1 Cookies

2 Console Messages

Security Headers

Indicators

baabccdd.eeffgghh.rvgkdcra717s.xyz Open in urlscan Pro
206.119.172.113 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

74 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

3
IPs

2
Countries

377 kB
Transfer

1069 kB
Size

1
Cookies

23 HTTP transactions
2 data transactions