qxingfuduanxinloudpcdn.com
Open in
urlscan Pro
38.145.220.16
Public Scan
Submitted URL: https://536225.cc/
Effective URL: https://qxingfuduanxinloudpcdn.com:10300/v9/?a=530096&t=1736096063.326
Submission: On January 05 via api from BE — Scanned from DE
Effective URL: https://qxingfuduanxinloudpcdn.com:10300/v9/?a=530096&t=1736096063.326
Submission: On January 05 via api from BE — Scanned from DE
Summary
This website contacted 7 IPs
in 4 countries
across 7 domains to perform 11 HTTP transactions.
The main IP is 38.145.220.16, located in
Chicago, United States and
belongs to ENZUINC-, US.
The main domain is qxingfuduanxinloudpcdn.com.
TLS certificate: Issued by E6 on January 5th 2025. Valid for: 3 months.
This is the only time qxingfuduanxinloudpcdn.com was scanned on urlscan.io!
TLS certificate: Issued by E6 on January 5th 2025. Valid for: 3 months.
This is the only time qxingfuduanxinloudpcdn.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 23.167.152.26 23.167.152.26 | 209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare London) | |
| 2 | 38.145.220.16 38.145.220.16 | 18978 (ENZUINC-) (ENZUINC-) | |
| 1 | 47.254.187.182 47.254.187.182 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
| 1 | 47.254.187.72 47.254.187.72 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
| 3 | 170.106.97.208 170.106.97.208 | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
| 1 | 38.181.79.146 38.181.79.146 | 138997 (EDCL-AS-A...) (EDCL-AS-AP Eons Data Communications Limited) | |
| 2 | 170.33.12.233 170.33.12.233 | 134963 (ASEPL-AS-...) (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited) | |
| 11 | 7 |
2
38.145.220.16
(Chicago, United States)
ASN18978 (ENZUINC-, US)
PTR: 16.220-145-38.rdns.scalabledns.com
ASN18978 (ENZUINC-, US)
PTR: 16.220-145-38.rdns.scalabledns.com
| qxingfuduanxinloudpcdn.com |
1
47.254.187.182
(Frankfurt am Main, Germany)
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
| xingfuapp.oss-accelerate.aliyuncs.com |
1
47.254.187.72
(Frankfurt am Main, Germany)
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
| zhibojs.oss-accelerate.aliyuncs.com |
3
170.106.97.208
(United States)
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
| xfv9-1330047784.cos.accelerate.myqcloud.com |
1
38.181.79.146
(Ha Kwai Chung, Hong Kong)
ASN138997 (EDCL-AS-AP Eons Data Communications Limited, HK)
ASN138997 (EDCL-AS-AP Eons Data Communications Limited, HK)
| cdn.sxccn.cn |
2
170.33.12.233
(Singapore)
ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG)
ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG)
| 7rhgud8s.chuangxiangjiaoyu.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 3 |
myqcloud.com
xfv9-1330047784.cos.accelerate.myqcloud.com |
506 KB |
| 2 |
chuangxiangjiaoyu.com
7rhgud8s.chuangxiangjiaoyu.com |
1 KB |
| 2 |
aliyuncs.com
xingfuapp.oss-accelerate.aliyuncs.com zhibojs.oss-accelerate.aliyuncs.com |
57 KB |
| 2 |
qxingfuduanxinloudpcdn.com
qxingfuduanxinloudpcdn.com |
7 KB |
| 1 |
sxccn.cn
cdn.sxccn.cn |
261 B |
| 1 |
536225.cc
1 redirects
536225.cc |
292 B |
| 0 |
njjykj.top
Failed
osd23.njjykj.top Failed |
|
| 11 | 7 |
| Domain | Requested by | |
|---|---|---|
| 3 | xfv9-1330047784.cos.accelerate.myqcloud.com |
qxingfuduanxinloudpcdn.com
|
| 2 | 7rhgud8s.chuangxiangjiaoyu.com |
zhibojs.oss-accelerate.aliyuncs.com
|
| 2 | qxingfuduanxinloudpcdn.com | |
| 1 | cdn.sxccn.cn |
xingfuapp.oss-accelerate.aliyuncs.com
|
| 1 | zhibojs.oss-accelerate.aliyuncs.com |
qxingfuduanxinloudpcdn.com
|
| 1 | xingfuapp.oss-accelerate.aliyuncs.com |
qxingfuduanxinloudpcdn.com
|
| 1 | 536225.cc | 1 redirects |
| 0 | osd23.njjykj.top Failed |
zhibojs.oss-accelerate.aliyuncs.com
|
| 11 | 8 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| qxingfuduanxinloudpcdn.com E6 |
2025-01-05 - 2025-04-05 |
3 months | crt.sh |
| *.oss-eu-central-1.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G3 |
2024-01-26 - 2025-02-26 |
a year | crt.sh |
| *.cos.na-siliconvalley.myqcloud.com GlobalSign Organization Validation CA - SHA256 - G3 |
2024-03-11 - 2025-04-12 |
a year | crt.sh |
| *.sxccn.cn E5 |
2024-12-11 - 2025-03-11 |
3 months | crt.sh |
| *.chuangxiangjiaoyu.com E6 |
2024-12-19 - 2025-03-19 |
3 months | crt.sh |
This page contains 1 frames:
Frame:
https://osd23.njjykj.top/f7d7eff3e1d271bf
Frame ID: E44D488BD30248964B843709D5829512
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
DocumentPage URL History Show full URLs
-
https://536225.cc/
HTTP 302
https://qxingfuduanxinloudpcdn.com:10300/v9/?a=530096&t=1736096063.326 Page URL
Detected technologies
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://536225.cc/
HTTP 302
https://qxingfuduanxinloudpcdn.com:10300/v9/?a=530096&t=1736096063.326 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://7rhgud8s.chuangxiangjiaoyu.com:6443/page/e7ytmkvc/install/c/eyJjIjoiNTMwMDk2IiwiZCI6eyJhIjoiNTMwMDk2IiwidCI6IjE3MzYwOTYwNjMuMzI2In0sIm0iOiJvQW5ITndyY2xpd0FBQUdVTjJPMlRHdU5aMlEtcDllbDEybmhOSTN5UnhFSE4tdTNhUFptQ0NENVc4a2ZKbktLYUhuVWJPd1RfUzBXdlVIck53S25lT18wQXg3SjY0aTJQMy1FV2paaDNQYVBsM3BaeG94T1Zid3JRdjV4Q2cifQ==?p=0 HTTP 302
- https://osd23.njjykj.top/f7d7eff3e1d271bf
11 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
qxingfuduanxinloudpcdn.com/v9/ Redirect Chain
|
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-3.5.1.min.js
xingfuapp.oss-accelerate.aliyuncs.com/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
appinstall2.js
zhibojs.oss-accelerate.aliyuncs.com/ |
66 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
01.js
xfv9-1330047784.cos.accelerate.myqcloud.com/ |
466 KB 466 KB |
Image
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
top-buttom-null.js
xfv9-1330047784.cos.accelerate.myqcloud.com/ |
2 KB 2 KB |
Image
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
top.js
xfv9-1330047784.cos.accelerate.myqcloud.com/ |
37 KB 38 KB |
Image
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
push
cdn.sxccn.cn/ |
4 B 261 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
init
7rhgud8s.chuangxiangjiaoyu.com/web/e7ytmkvc/530096/ |
873 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.ico
qxingfuduanxinloudpcdn.com/ |
548 B 750 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
eyJjIjoiNTMwMDk2IiwiZCI6eyJhIjoiNTMwMDk2IiwidCI6IjE3MzYwOTYwNjMuMzI2In0sIm0iOiJjc3lvMjBlUlUyTUFBQUdVTjJPMlRJMDNNM0VHM3JmWEhDWS05enF2MEVTM1BVVXRNS0FNamxnNkZtczNkNldicGItSnVmb1k0RE5rX1BDeHA4ZTJjeldoN...
7rhgud8s.chuangxiangjiaoyu.com/web/e7ytmkvc/530096/clicked/c/ |
0 394 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
f7d7eff3e1d271bf
osd23.njjykj.top/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- osd23.njjykj.top
- URL
- https://osd23.njjykj.top/f7d7eff3e1d271bf
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| generateRandomString string| appserver object| data string| code number| abc string| _0xodU function| _0x123ae7 function| _0x1989c6 function| _0x34bb49 function| _0x45a352 function| _0x334a function| _0x27cf66 function| _0x5e7389 number| _0x4614e3 function| _0x9405 function| _0x52c81a string| version_ function| AppInstall function| initApp0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
536225.cc
7rhgud8s.chuangxiangjiaoyu.com
cdn.sxccn.cn
osd23.njjykj.top
qxingfuduanxinloudpcdn.com
xfv9-1330047784.cos.accelerate.myqcloud.com
xingfuapp.oss-accelerate.aliyuncs.com
zhibojs.oss-accelerate.aliyuncs.com
osd23.njjykj.top
170.106.97.208
170.33.12.233
23.167.152.26
38.145.220.16
38.181.79.146
47.254.187.182
47.254.187.72
0fa0d6b97126c8c583d7c8a97cd03b7e9255f432fd7d9831b48bd338c79cea5e
64808e8e17607eb2f464469884eb1b6ff5309772b5107b0f260f1cafc36dada9
741afb2abc724265dc096d7dbee5078610e5c768b0abd18fe42897bbccecc915
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
a184ea670f0e25ca446fb4c59c46287c56dae218519d19bda06426e289b9c468
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb43546451dd878cc843754cd19d5da5e8d12b50ad5e715014a92d8effb90b50
f6316f87d6e0ff6e4c192a4119c6180c08a6f3bc179f0f8aceccce58f0475fba
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d