urlscan.io logo urlscan.io
SecurityTrails logo

2wbv7z39vfdwpxc9.immrp.com Open in urlscan Pro
222.186.180.167  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t63.fun/
Effective URL: https://2wbv7z39vfdwpxc9.immrp.com/XB-A021.html?md5=5fc829400008fa9b086bd9068e6705b1&expires=1736370050&channelCode=xbworldtalk
Submission: On January 08 via api from US — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 8 HTTP transactions. The main IP is 222.186.180.167, located in China and belongs to CHINANET-BACKBONE No.31,Jin-rong Street, CN. The main domain is 2wbv7z39vfdwpxc9.immrp.com.
TLS certificate: Issued by R11 on January 7th 2025. Valid for: 3 months.
This is the only time 2wbv7z39vfdwpxc9.immrp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 20.2.165.72 8075 (MICROSOFT...)
1 2 222.186.180.167 4134 (CHINANET-...)
6 163.181.131.170 24429 (TAOBAO Zh...)
8 3
Apex Domain
Subdomains		 Transfer
6 zhfcs.com
vu4187iwxgu.zhfcs.com
39 KB
2 immrp.com
2wbv7z39vfdwpxc9.immrp.com
1 KB
1 t63.fun
t63.fun
298 B
8 3
Domain Requested by
6 vu4187iwxgu.zhfcs.com 2wbv7z39vfdwpxc9.immrp.com
vu4187iwxgu.zhfcs.com
2 2wbv7z39vfdwpxc9.immrp.com 1 redirects
1 t63.fun 1 redirects
8 3

This site contains no links.

Subject Issuer Validity Valid
immrp.com
R11		 2025-01-07 -
2025-04-07		 3 months crt.sh
zhfcs.com
R11		 2024-12-19 -
2025-03-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://2wbv7z39vfdwpxc9.immrp.com/XB-A021.html?md5=5fc829400008fa9b086bd9068e6705b1&expires=1736370050&channelCode=xbworldtalk
Frame ID: E47908E373FA62CD78167CD99E69D6CF
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

欢迎访问

Page URL History Show full URLs

  1. https://t63.fun/ HTTP 301
    https://2wbv7z39vfdwpxc9.immrp.com/middle?t=XB-A021&c=xbworldtalk HTTP 302
    https://2wbv7z39vfdwpxc9.immrp.com/XB-A021.html?md5=5fc829400008fa9b086bd9068e6705b1&expires=1736370050&channel... Page URL

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

40 kB
Transfer

92 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t63.fun/ HTTP 301
    https://2wbv7z39vfdwpxc9.immrp.com/middle?t=XB-A021&c=xbworldtalk HTTP 302
    https://2wbv7z39vfdwpxc9.immrp.com/XB-A021.html?md5=5fc829400008fa9b086bd9068e6705b1&expires=1736370050&channelCode=xbworldtalk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request XB-A021.html
2wbv7z39vfdwpxc9.immrp.com/
Redirect Chain
  • https://t63.fun/
  • https://2wbv7z39vfdwpxc9.immrp.com/middle?t=XB-A021&c=xbworldtalk
  • https://2wbv7z39vfdwpxc9.immrp.com/XB-A021.html?md5=5fc829400008fa9b086bd9068e6705b1&expires=1736370050&channelCode=xbworldtalk
618 B
822 B 		Document
General
Check archive.org
Download Go to
Full URL
https://2wbv7z39vfdwpxc9.immrp.com/XB-A021.html?md5=5fc829400008fa9b086bd9068e6705b1&expires=1736370050&channelCode=xbworldtalk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
222.186.180.167 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
nginx /
Resource Hash
14318f94f6b4a8ac2a3dfba01118c15405f1412783bb91bc1a486d27d709b7c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
618
content-type
text/html
date
Wed, 08 Jan 2025 20:55:50 GMT
etag
"677ed967-26a"
last-modified
Wed, 08 Jan 2025 20:00:39 GMT
server
nginx
strict-transport-security
max-age=31536000 max-age=31536000

Redirect headers

content-length
138
content-type
text/html
date
Wed, 08 Jan 2025 20:55:50 GMT
location
/XB-A021.html?md5=5fc829400008fa9b086bd9068e6705b1&expires=1736370050&channelCode=xbworldtalk
server
nginx
strict-transport-security
max-age=31536000
xb.lib.min.js
vu4187iwxgu.zhfcs.com/assets/js/v1/ 		1 KB
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vu4187iwxgu.zhfcs.com/assets/js/v1/xb.lib.min.js
Requested by
Host: 2wbv7z39vfdwpxc9.immrp.com
URL: https://2wbv7z39vfdwpxc9.immrp.com/XB-A021.html?md5=5fc829400008fa9b086bd9068e6705b1&expires=1736370050&channelCode=xbworldtalk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
163.181.131.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
9ef8744f6079b4ae6ccac3d3a80db4e1b86a435c67ae97e9c1bd6c0a3a048d92

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2wbv7z39vfdwpxc9.immrp.com/

Response headers

Content-Encoding
gzip
ETag
W/"677ed953-426"
X-Cache
MISS TCP_MISS dirn:-2:-2
Date
Wed, 08 Jan 2025 20:55:53 GMT
Content-Type
application/javascript
Last-Modified
Wed, 08 Jan 2025 20:00:19 GMT
Vary
Accept-Encoding
X-Swift-CacheTime
333
Timing-Allow-Origin
*
Connection
keep-alive
Via
ens-cache2.l2de3[517,516,200-0,M], ens-cache7.l2de3[518,0], ens-cache2.de7[1609,1609,200-0,M], ens-cache6.de7[1614,0]
Ali-Swift-Global-Savetime
1736369753
X-Swift-SaveTime
Wed, 08 Jan 2025 20:55:53 GMT
EagleId
a3b5839a17363697521134686e
Content-Length
407
Server
Tengine
xb-a021.min.js
vu4187iwxgu.zhfcs.com/assets/js/v1/xb/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vu4187iwxgu.zhfcs.com/assets/js/v1/xb/xb-a021.min.js
Requested by
Host: vu4187iwxgu.zhfcs.com
URL: https://vu4187iwxgu.zhfcs.com/assets/js/v1/xb.lib.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
163.181.131.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
69a14b0a7afa6ac5b58e6593343ff1db888171f897b990f25bfc59de25f25b5b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2wbv7z39vfdwpxc9.immrp.com/

Response headers

Content-Encoding
gzip
ETag
W/"67516e13-343a"
X-Cache
MISS TCP_MISS dirn:-2:-2
Date
Wed, 08 Jan 2025 20:55:54 GMT
Content-Type
application/javascript
Last-Modified
Thu, 05 Dec 2024 09:10:43 GMT
Vary
Accept-Encoding
Transfer-Encoding
chunked
X-Swift-CacheTime
3600
Timing-Allow-Origin
*
Connection
keep-alive
Via
ens-cache11.l2de3[543,543,200-0,M], ens-cache1.l2de3[544,0], ens-cache1.de7[1114,1113,200-0,M], ens-cache6.de7[1115,0]
Ali-Swift-Global-Savetime
1736369754
X-Swift-SaveTime
Wed, 08 Jan 2025 20:55:54 GMT
EagleId
a3b5839a17363697538202307e
Server
Tengine
appinstall.js
vu4187iwxgu.zhfcs.com/assets/js/ 		47 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vu4187iwxgu.zhfcs.com/assets/js/appinstall.js
Requested by
Host: vu4187iwxgu.zhfcs.com
URL: https://vu4187iwxgu.zhfcs.com/assets/js/v1/xb.lib.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
163.181.131.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d980d5024163e4cf29354de4878cf8b3666a9ba37e3e3fbacbdd13a0b66d60ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2wbv7z39vfdwpxc9.immrp.com/

Response headers

Content-Encoding
gzip
ETag
W/"66d6b4e2-bc8a"
X-Cache
MISS TCP_MISS dirn:-2:-2
Date
Wed, 08 Jan 2025 20:55:55 GMT
Content-Type
application/javascript
Last-Modified
Tue, 03 Sep 2024 07:04:02 GMT
Vary
Accept-Encoding
Transfer-Encoding
chunked
X-Swift-CacheTime
3600
Timing-Allow-Origin
*
Connection
keep-alive
Via
ens-cache1.l2de3[714,714,200-0,M], ens-cache2.l2de3[716,0], ens-cache3.de7[723,723,200-0,M], ens-cache6.de7[726,0]
Ali-Swift-Global-Savetime
1736369755
X-Swift-SaveTime
Wed, 08 Jan 2025 20:55:55 GMT
EagleId
a3b5839a17363697550186574e
Server
Tengine
qrcode.min.js
vu4187iwxgu.zhfcs.com/assets/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vu4187iwxgu.zhfcs.com/assets/js/qrcode.min.js
Requested by
Host: vu4187iwxgu.zhfcs.com
URL: https://vu4187iwxgu.zhfcs.com/assets/js/v1/xb.lib.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
163.181.131.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2wbv7z39vfdwpxc9.immrp.com/

Response headers

Content-Encoding
gzip
ETag
W/"66d6b4e2-4dd7"
X-Cache
MISS TCP_MISS dirn:-2:-2
Date
Wed, 08 Jan 2025 20:55:55 GMT
Content-Type
application/javascript
Last-Modified
Tue, 03 Sep 2024 07:04:02 GMT
Vary
Accept-Encoding
Transfer-Encoding
chunked
X-Swift-CacheTime
3600
Timing-Allow-Origin
*
Connection
keep-alive
Via
ens-cache4.l2de3[528,528,200-0,M], ens-cache7.l2de3[530,0], ens-cache2.de7[531,531,200-0,M], ens-cache7.de7[541,0]
Ali-Swift-Global-Savetime
1736369755
X-Swift-SaveTime
Wed, 08 Jan 2025 20:55:55 GMT
EagleId
a3b5839b17363697551371745e
Server
Tengine
landingPage-xb-tool.min.js
vu4187iwxgu.zhfcs.com/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vu4187iwxgu.zhfcs.com/assets/js/landingPage-xb-tool.min.js
Requested by
Host: vu4187iwxgu.zhfcs.com
URL: https://vu4187iwxgu.zhfcs.com/assets/js/v1/xb.lib.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
163.181.131.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2cac73d3cd4692036a652e573cb59dcba5fd4a8783e26df6531d70ef5af2629e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2wbv7z39vfdwpxc9.immrp.com/

Response headers

Content-Encoding
gzip
ETag
W/"677ed950-1bec"
X-Cache
MISS TCP_MISS dirn:-2:-2
Date
Wed, 08 Jan 2025 20:55:55 GMT
Content-Type
application/javascript
Last-Modified
Wed, 08 Jan 2025 20:00:16 GMT
Vary
Accept-Encoding
Transfer-Encoding
chunked
X-Swift-CacheTime
333
Timing-Allow-Origin
*
Connection
keep-alive
Via
ens-cache2.l2de3[518,518,200-0,M], ens-cache18.l2de3[523,0], ens-cache2.de7[525,525,200-0,M], ens-cache1.de7[536,0]
Ali-Swift-Global-Savetime
1736369755
X-Swift-SaveTime
Wed, 08 Jan 2025 20:55:55 GMT
EagleId
a3b5839517363697551471194e
Server
Tengine
jquery-3.5.1.min.js
vu4187iwxgu.zhfcs.com/assets/js/ 		0
0
xb-a02.css
vu4187iwxgu.zhfcs.com/assets/css/xb/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vu4187iwxgu.zhfcs.com/assets/css/xb/xb-a02.css
Requested by
Host: vu4187iwxgu.zhfcs.com
URL: https://vu4187iwxgu.zhfcs.com/assets/js/v1/xb.lib.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
163.181.131.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
bb820a9531bd97a50fa3c712fb4c72d3719d48694c4a6e682b266297a9a6c314

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://2wbv7z39vfdwpxc9.immrp.com/

Response headers

Content-Encoding
gzip
ETag
W/"6751767a-d46"
X-Cache
MISS TCP_MISS dirn:-2:-2
Date
Wed, 08 Jan 2025 20:55:55 GMT
Content-Type
text/css
Last-Modified
Thu, 05 Dec 2024 09:46:34 GMT
Vary
Accept-Encoding
X-Swift-CacheTime
3600
Timing-Allow-Origin
*
Connection
keep-alive
Via
ens-cache7.l2de3[709,708,200-0,M], ens-cache1.l2de3[711,0], ens-cache4.de7[717,717,200-0,M], ens-cache3.de7[723,0]
Ali-Swift-Global-Savetime
1736369755
X-Swift-SaveTime
Wed, 08 Jan 2025 20:55:55 GMT
EagleId
a3b5839717363697551372413e
Content-Length
1152
Server
Tengine

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vu4187iwxgu.zhfcs.com
URL
https://vu4187iwxgu.zhfcs.com/assets/js/jquery-3.5.1.min.js

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| source_js_domain string| source_css_domain string| source_ico_domain string| source_img_domain string| seo_title function| load_js function| load_css function| load_ico object| _0x91c3 function| _0x1e75 function| _0x5c265c function| _0x444468 function| _0x25f8a8 function| _0x4333df object| opTool function| QRCode function| lightYear

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 max-age=31536000