urlscan.io logo urlscan.io
SecurityTrails logo

tax33qi.qpwue5.cc Open in urlscan Pro
43.251.57.205  Public Scan

Go To Rescan Add Verdict Report
URL: https://tax33qi.qpwue5.cc/
Submission: On December 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 17 HTTP transactions. The main IP is 43.251.57.205, located in Taiwan and belongs to SKYCLOUD-NET Skycloud Computing co., Ltd., TW. The main domain is tax33qi.qpwue5.cc.
TLS certificate: Issued by R11 on December 12th 2024. Valid for: 3 months.
This is the only time tax33qi.qpwue5.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete h8uxljzl.apk 77 MB
Size: 77 MB (80317142 bytes, 0% done)
Downloaded from: https://7057781.uosreewdfvv.dmkepu.com/b21ab8c6427eb79941f9f7c2ae4d6f1f3/h8uxljzl.apk

Domain & IP information

IP Address AS Autonomous System
11 43.251.57.205 7483 (SKYCLOUD-...)
2 240e:cf:8800:... 134238 (CT-JIANGX...)
1 223.109.148.174 56046 (CMNET-JIA...)
1 3 170.33.12.233 134963 (ASEPL-AS-...)
1 1 180.163.146.93 ()
1 116.153.4.95 ()
17 5
11    43.251.57.205 (Taiwan)

ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)
tax33qi.qpwue5.cc
2    240e:cf:8800:53:3::7ea (China)

ASN134238 (CT-JIANGXI-IDC CHINANET Jiangx province IDC network, CN)
v1.cnzz.com
c.cnzz.com
1    223.109.148.174 (Tianjin, China)

ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN)
z6.cnzz.com
3    170.33.12.233 (Singapore)

ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG)
ccjqooxb2wasbbs4.unitedcoasts.com
1    180.163.146.93 (None, )

ASN- ()
utd8h8n1rxqavh.mvkseiowuyqe22.klhck.com
1    116.153.4.95 (None, )

ASN- ()
7057781.uosreewdfvv.dmkepu.com
Apex Domain
Subdomains		 Transfer
11 qpwue5.cc
tax33qi.qpwue5.cc
3 MB
3 unitedcoasts.com
ccjqooxb2wasbbs4.unitedcoasts.com
2 KB
3 cnzz.com
v1.cnzz.com — Cisco Umbrella Rank: 116715
z6.cnzz.com — Cisco Umbrella Rank: 180826
c.cnzz.com — Cisco Umbrella Rank: 91025
5 KB
1 dmkepu.com
7057781.uosreewdfvv.dmkepu.com
1 klhck.com
utd8h8n1rxqavh.mvkseiowuyqe22.klhck.com
782 B
17 5
Domain Requested by
11 tax33qi.qpwue5.cc tax33qi.qpwue5.cc
3 ccjqooxb2wasbbs4.unitedcoasts.com 1 redirects tax33qi.qpwue5.cc
1 7057781.uosreewdfvv.dmkepu.com tax33qi.qpwue5.cc
1 utd8h8n1rxqavh.mvkseiowuyqe22.klhck.com 1 redirects
1 c.cnzz.com v1.cnzz.com
1 z6.cnzz.com v1.cnzz.com
1 v1.cnzz.com tax33qi.qpwue5.cc
17 7

This site contains links to these domains. Also see Links.

Domain
www.cnzz.com
Subject Issuer Validity Valid
tax33qi.qpwue5.cc
R11		 2024-12-12 -
2025-03-12		 3 months crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-02-17 -
2025-03-20		 a year crt.sh
*.unitedcoasts.com
E5		 2024-12-03 -
2025-03-03		 3 months crt.sh
*.uosreewdfvv.dmkepu.com
R10		 2024-12-13 -
2025-03-13		 3 months crt.sh

This page contains 1 frames:

Frame: https://7057781.uosreewdfvv.dmkepu.com/b21ab8c6427eb79941f9f7c2ae4d6f1f3/h8uxljzl.apk
Frame ID: F529C88CC39BA81E2F9EC585C549E6E0
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

爱春直播

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

7
Subdomains

5
IPs

3
Countries

2978 kB
Transfer

3069 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://ccjqooxb2wasbbs4.unitedcoasts.com:6443/page/w6x148bp/install/c/eyJjIjoibmFuZ2VfMjUiLCJtIjoiR042dnAtRkJjeEFBQUFHVHdXN1dPaEZFZkE4UG9McHcyMzFmMFpVYURDX1RCTXRUajRRa2VwRVNNX1p6TFJLaGpkT3NUaEtObG5tMVZydi1SSm5zcFhHSGdoTDVnY1RlNG5ESFRreWJBUmRGTjZ5YzFscEZ2VnJfMzFYMVpfM25NWDJaOGZOUkZnIn0=?p=0 HTTP 302
  • https://utd8h8n1rxqavh.mvkseiowuyqe22.klhck.com/afab4bdd007f550c HTTP 302
  • https://7057781.uosreewdfvv.dmkepu.com/b21ab8c6427eb79941f9f7c2ae4d6f1f3/h8uxljzl.apk

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tax33qi.qpwue5.cc/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tax33qi.qpwue5.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.251.57.205 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software
CDN /
Resource Hash
ae7c0b711355f957b85d9bf529665689ab31b26da4b05f6143931b3e477f1c40

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 13 Dec 2024 19:11:24 GMT
etag
W/"675c5d28-9e4"
last-modified
Fri, 13 Dec 2024 16:13:28 GMT
server
CDN
vary
Accept-Encoding
z.js
v1.cnzz.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.cnzz.com/z.js?id=1281397698
Requested by
Host: tax33qi.qpwue5.cc
URL: https://tax33qi.qpwue5.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:cf:8800:53:3::7ea , China, ASN134238 (CT-JIANGXI-IDC CHINANET Jiangx province IDC network, CN),
Reverse DNS
Software
Tengine /
Resource Hash
9bcb2a0f844538b6142f8b26c9700e149b2b078bfce80067d14dbc04b08226a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tax33qi.qpwue5.cc/

Response headers

content-encoding
br
etag
W/"8555688352986622599"
age
0
x-cache
HIT TCP_REFRESH_HIT dirn:9:447122965
date
Fri, 13 Dec 2024 19:11:25 GMT
content-type
application/javascript
vary
accept-encoding
cache-control
public, max-age=300
x-swift-cachetime
300
timing-allow-origin
*
via
cache56.l2cn7828[68,68,304-0,H], cache35.l2cn7828[70,0], cache8.cn3693[83,83,200-0,H], cache7.cn3693[85,0]
ali-swift-global-savetime
1734117085
x-swift-savetime
Fri, 13 Dec 2024 19:11:25 GMT
eagleid
6ae1f19b17341170854008413e
content-length
3889
server
Tengine
index.css
tax33qi.qpwue5.cc/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tax33qi.qpwue5.cc/css/index.css
Requested by
Host: tax33qi.qpwue5.cc
URL: https://tax33qi.qpwue5.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.251.57.205 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software
CDN /
Resource Hash
7027ff07e42fa0767303d5980104bb4b6b891e4877b239a0e2f2b7ccb5efe87b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tax33qi.qpwue5.cc/

Response headers

cache-control
max-age=43200
content-encoding
gzip
etag
W/"67501c9e-9ba"
expires
Sat, 14 Dec 2024 07:11:24 GMT
date
Fri, 13 Dec 2024 19:11:24 GMT
content-type
text/css
last-modified
Wed, 04 Dec 2024 09:10:54 GMT
vary
Accept-Encoding
server
CDN
top-img.js
tax33qi.qpwue5.cc/img/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tax33qi.qpwue5.cc/img/top-img.js
Requested by
Host: tax33qi.qpwue5.cc
URL: https://tax33qi.qpwue5.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.251.57.205 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software
CDN /
Resource Hash
745469e79bde141d2535efc842804b88757bc4c878316af0685082df5b94ed5d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tax33qi.qpwue5.cc/

Response headers

cache-control
max-age=43200
content-encoding
gzip
etag
W/"67501c9f-10159"
expires
Sat, 14 Dec 2024 07:11:24 GMT
date
Fri, 13 Dec 2024 19:11:24 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 09:10:55 GMT
vary
Accept-Encoding
server
CDN
top-null.js
tax33qi.qpwue5.cc/img/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tax33qi.qpwue5.cc/img/top-null.js
Requested by
Host: tax33qi.qpwue5.cc
URL: https://tax33qi.qpwue5.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.251.57.205 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software
CDN /
Resource Hash
39e1ebb3e6215808319040d0a54beee355e02500c52392c989ebd94182a3b60c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tax33qi.qpwue5.cc/

Response headers

cache-control
max-age=43200
content-encoding
gzip
etag
W/"67501ca0-166de"
expires
Sat, 14 Dec 2024 07:11:24 GMT
date
Fri, 13 Dec 2024 19:11:24 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 09:10:56 GMT
vary
Accept-Encoding
server
CDN
banner.js
tax33qi.qpwue5.cc/img/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tax33qi.qpwue5.cc/img/banner.js
Requested by
Host: tax33qi.qpwue5.cc
URL: https://tax33qi.qpwue5.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.251.57.205 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software
CDN /
Resource Hash
c10f00e31e044c2b74f19411ef0b069db86f24e6286c61b8895281ad8a7add21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tax33qi.qpwue5.cc/

Response headers

cache-control
max-age=43200
content-encoding
gzip
etag
W/"67501c9f-1266f1"
expires
Sat, 14 Dec 2024 07:11:24 GMT
date
Fri, 13 Dec 2024 19:11:24 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 09:10:55 GMT
vary
Accept-Encoding
server
CDN
content.js
tax33qi.qpwue5.cc/img/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tax33qi.qpwue5.cc/img/content.js
Requested by
Host: tax33qi.qpwue5.cc
URL: https://tax33qi.qpwue5.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.251.57.205 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software
CDN /
Resource Hash
1d550a8b6aeb7854f9135e61649e7f978c15d455eacc6a87974e1874103da171

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tax33qi.qpwue5.cc/

Response headers

cache-control
max-age=43200
content-encoding
gzip
etag
W/"67501c9f-17b497"
expires
Sat, 14 Dec 2024 07:11:24 GMT
date
Fri, 13 Dec 2024 19:11:24 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 09:10:55 GMT
vary
Accept-Encoding
server
CDN
null-img.js
tax33qi.qpwue5.cc/img/ 		1 KB
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tax33qi.qpwue5.cc/img/null-img.js
Requested by
Host: tax33qi.qpwue5.cc
URL: https://tax33qi.qpwue5.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.251.57.205 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software
CDN /
Resource Hash
81ff7c488d1cf0930a01a119e28844ce362cd8a3be2c0db019d2c2c67f15e53a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tax33qi.qpwue5.cc/

Response headers

cache-control
max-age=43200
content-encoding
gzip
etag
W/"67501c9f-5a7"
expires
Sat, 14 Dec 2024 07:11:24 GMT
date
Fri, 13 Dec 2024 19:11:24 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 09:10:55 GMT
vary
Accept-Encoding
server
CDN
bottom-img.js
tax33qi.qpwue5.cc/img/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tax33qi.qpwue5.cc/img/bottom-img.js
Requested by
Host: tax33qi.qpwue5.cc
URL: https://tax33qi.qpwue5.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.251.57.205 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software
CDN /
Resource Hash
15fb057455cd61f9b71814c4e471eb4dc47df86b79dca291f9a6155b314d53cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tax33qi.qpwue5.cc/

Response headers

cache-control
max-age=43200
content-encoding
gzip
etag
W/"67501c9f-10d66"
expires
Sat, 14 Dec 2024 07:11:24 GMT
date
Fri, 13 Dec 2024 19:11:24 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 09:10:55 GMT
vary
Accept-Encoding
server
CDN
jquery-3.5.1.min.js
tax33qi.qpwue5.cc/js/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tax33qi.qpwue5.cc/js/jquery-3.5.1.min.js
Requested by
Host: tax33qi.qpwue5.cc
URL: https://tax33qi.qpwue5.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.251.57.205 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software
CDN /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tax33qi.qpwue5.cc/

Response headers

cache-control
max-age=43200
content-encoding
gzip
etag
W/"67501ca0-15d84"
expires
Sat, 14 Dec 2024 07:11:24 GMT
date
Fri, 13 Dec 2024 19:11:24 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 09:10:56 GMT
vary
Accept-Encoding
server
CDN
appinstall.js
tax33qi.qpwue5.cc/js/ 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tax33qi.qpwue5.cc/js/appinstall.js
Requested by
Host: tax33qi.qpwue5.cc
URL: https://tax33qi.qpwue5.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.251.57.205 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software
CDN /
Resource Hash
7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tax33qi.qpwue5.cc/

Response headers

cache-control
max-age=43200
content-encoding
gzip
etag
W/"67501ca0-b9e1"
expires
Sat, 14 Dec 2024 07:11:24 GMT
date
Fri, 13 Dec 2024 19:11:24 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 09:10:56 GMT
vary
Accept-Encoding
server
CDN
stat.htm
z6.cnzz.com/ 		2 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://z6.cnzz.com/stat.htm?id=1281397698&r=&lg=de-de&ntime=none&cnzz_eid=709593688-1734117086-&showp=1600x1200&p=https%3A%2F%2Ftax33qi.qpwue5.cc%2F&t=&umuuid=193c16ed19d11f1-0761e3b4b6ab9b-16462c6e-1d4c00-193c16ed19e9e2&h=1
Requested by
Host: v1.cnzz.com
URL: https://v1.cnzz.com/z.js?id=1281397698
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
223.109.148.174 Tianjin, China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tax33qi.qpwue5.cc/

Response headers

content-encoding
gzip
date
Fri, 13 Dec 2024 19:11:27 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
Tengine
c.js
c.cnzz.com/ 		906 B
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.cnzz.com/c.js?web_id=1281397698&t=z
Requested by
Host: v1.cnzz.com
URL: https://v1.cnzz.com/z.js?id=1281397698
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:cf:8800:53:3::7ea , China, ASN134238 (CT-JIANGXI-IDC CHINANET Jiangx province IDC network, CN),
Reverse DNS
Software
Tengine /
Resource Hash
f754d66c4925498e6094a36694339ab33e00483b8962b7d84aa51ad816c1f0dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://tax33qi.qpwue5.cc/

Response headers

content-encoding
br
etag
W/"12980049938083339131"
age
0
x-cache
HIT TCP_REFRESH_HIT dirn:6:182523271
date
Fri, 13 Dec 2024 19:11:26 GMT
content-type
application/javascript
vary
accept-encoding
cache-control
public, max-age=321
x-swift-cachetime
321
timing-allow-origin
*
via
cache12.l2cn7828[62,62,304-0,H], cache60.l2cn7828[64,0], cache10.cn3693[75,75,200-0,H], cache7.cn3693[77,0]
ali-swift-global-savetime
1734117086
x-swift-savetime
Fri, 13 Dec 2024 19:11:26 GMT
eagleid
6ae1f19b17341170860028805e
content-length
584
server
Tengine
init
ccjqooxb2wasbbs4.unitedcoasts.com/web/w6x148bp/nange_2/ 		810 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ccjqooxb2wasbbs4.unitedcoasts.com:6443/web/w6x148bp/nange_2/init?channelCode=nange_25&av=0&cv=0&hash=&server=https%3A%2F%2Fccjqooxb2wasbbs4.unitedcoasts.com%3A6443&sw=p6Cmpg&sh=p6Smpg&sp=1&li=p6GkuKehuKa4pA
Requested by
Host: tax33qi.qpwue5.cc
URL: https://tax33qi.qpwue5.cc/js/appinstall.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.33.12.233 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),
Reverse DNS
Software
NgxFence /
Resource Hash
cd0bcb72539b1cc70bc672e060220fbaaba3327447154cb0d01bde440042c90e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://tax33qi.qpwue5.cc/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
access-control-allow-credentials
true
access-control-allow-origin
https://tax33qi.qpwue5.cc
date
Fri, 13 Dec 2024 19:11:26 GMT
content-type
application/json;charset=utf-8
vary
Origin, Origin
server
NgxFence
favicon.ico
tax33qi.qpwue5.cc/ 		548 B
616 B 		Other
General
Check archive.org
Download Go to
Full URL
https://tax33qi.qpwue5.cc/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.251.57.205 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software
CDN /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tax33qi.qpwue5.cc/

Response headers

content-length
548
date
Fri, 13 Dec 2024 19:11:26 GMT
content-type
text/html
server
CDN
eyJjIjoibmFuZ2VfMjUiLCJtIjoiOU1MQzltaWJ2dUlBQUFHVHdXN1dPdlZZMHgtWTVxNXBkb2JWS21SV0lISWhMU0ZuanRTZHNvWXRTQ01IM1dJWHFhd0FncUdmYnd3MjZTVU15RGFPNjVFR0FJVEFwTWRwWExTYldnYUZIS0RaRlROeUN1OVlCc3dHa3J6cm54b...
ccjqooxb2wasbbs4.unitedcoasts.com/web/w6x148bp/nange_2/clicked/c/ 		0
384 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ccjqooxb2wasbbs4.unitedcoasts.com:6443/web/w6x148bp/nange_2/clicked/c/eyJjIjoibmFuZ2VfMjUiLCJtIjoiOU1MQzltaWJ2dUlBQUFHVHdXN1dPdlZZMHgtWTVxNXBkb2JWS21SV0lISWhMU0ZuanRTZHNvWXRTQ01IM1dJWHFhd0FncUdmYnd3MjZTVU15RGFPNjVFR0FJVEFwTWRwWExTYldnYUZIS0RaRlROeUN1OVlCc3dHa3J6cm54b2owck9Gb0RhaU9RIn0=?p=0&ref=https%3A%2F%2Ftax33qi.qpwue5.cc%2F&ac=0&cc=0&channelCode=nange_25
Requested by
Host: tax33qi.qpwue5.cc
URL: https://tax33qi.qpwue5.cc/js/appinstall.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.33.12.233 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),
Reverse DNS
Software
NgxFence /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tax33qi.qpwue5.cc/

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-origin
https://tax33qi.qpwue5.cc
content-length
0
date
Fri, 13 Dec 2024 19:11:31 GMT
vary
Origin, Origin
server
NgxFence
h8uxljzl.apk
7057781.uosreewdfvv.dmkepu.com/b21ab8c6427eb79941f9f7c2ae4d6f1f3/
Redirect Chain
  • https://ccjqooxb2wasbbs4.unitedcoasts.com:6443/page/w6x148bp/install/c/eyJjIjoibmFuZ2VfMjUiLCJtIjoiR042dnAtRkJjeEFBQUFHVHdXN1dPaEZFZkE4UG9McHcyMzFmMFpVYURDX1RCTXRUajRRa2VwRVNNX1p6TFJLaGpkT3NUaEtObG...
  • https://utd8h8n1rxqavh.mvkseiowuyqe22.klhck.com/afab4bdd007f550c
  • https://7057781.uosreewdfvv.dmkepu.com/b21ab8c6427eb79941f9f7c2ae4d6f1f3/h8uxljzl.apk
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://7057781.uosreewdfvv.dmkepu.com/b21ab8c6427eb79941f9f7c2ae4d6f1f3/h8uxljzl.apk
Requested by
Host: tax33qi.qpwue5.cc
URL: https://tax33qi.qpwue5.cc/js/appinstall.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
116.153.4.95 -, , ASN (),
Reverse DNS
Software
tencent-cos /
Resource Hash

Request headers

Referer
https://tax33qi.qpwue5.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
80317142
Content-Type
application/vnd.android.package-archive
Date
Fri, 13 Dec 2024 19:11:34 GMT
EO-Cache-Status
MISS
EO-LOG-UUID
11396595839506884534
ETag
"9591d1151b8b108febb9840ca4f3c091"
Last-Modified
Fri, 13 Dec 2024 19:11:25 GMT
Server
tencent-cos
x-cos-hash-crc64ecma
16695003792710327848
x-cos-request-id
Njc1Yzg2ZTZfYTVjZDNjMDlfMmQwOGRfYTdlMjU0MA==

Redirect headers

Ali-Swift-Global-Savetime
1734117093
Cache-Control
no-cache, no-store, must-revalidate no-cache
Connection
keep-alive
Content-Length
0
Date
Fri, 13 Dec 2024 19:11:33 GMT
EagleId
b4a3921917341170936631071e
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://7057781.uosreewdfvv.dmkepu.com/b21ab8c6427eb79941f9f7c2ae4d6f1f3/h8uxljzl.apk
Pragma
no-cache
Server
Tengine
Timing-Allow-Origin
*
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
Via
ens-cache12.l2cn7656[71,70,302-0,M], ens-cache33.l2cn7656[72,0], kunlun5.cn7174[97,96,302-0,M], kunlun5.cn7174[101,0]
X-Cache
MISS TCP_MISS dirn:-2:-2
X-Swift-CacheTime
0
X-Swift-SaveTime
Fri, 13 Dec 2024 19:11:33 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1281397698 function| $ function| jQuery function| AppInstall object| data function| getSystemInfo

2 Cookies

Domain/Path Name / Value
.qpwue5.cc/ Name: UM_distinctid
Value: 193c16ed19d11f1-0761e3b4b6ab9b-16462c6e-1d4c00-193c16ed19e9e2
tax33qi.qpwue5.cc/ Name: CNZZDATA1281397698
Value: 709593688-1734117086-%7C1734117086

3 Console Messages

Source Level URL
Text
javascript warning URL: https://v1.cnzz.com/z.js?id=1281397698
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/c.js?web_id=1281397698&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://v1.cnzz.com/z.js?id=1281397698
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/c.js?web_id=1281397698&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://tax33qi.qpwue5.cc/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()