www.dfh1.one
Open in
urlscan Pro
45.156.221.36
Public Scan
Effective URL: https://www.dfh1.one/
Submission: On May 11 via api from US — Scanned from DE
Summary
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on March 22nd 2024. Valid for: 3 months.
This is the only time www.dfh1.one was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 45.156.221.102 45.156.221.102 | 216047 (XDPCLOUD-NET) (XDPCLOUD-NET) | |
1 1 | 103.140.8.30 103.140.8.30 | 216047 (XDPCLOUD-NET) (XDPCLOUD-NET) | |
1 5 | 45.156.221.36 45.156.221.36 | 216047 (XDPCLOUD-NET) (XDPCLOUD-NET) | |
7 | 3 |
ASN216047 (XDPCLOUD-NET, GB)
PTR: ddos.xdpcloud.com
web.app.dfh-app.me | |
mat-tj.beiming22.xyz | |
www.dfh1.one |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
dfh-app.me
1 redirects
web.app.dfh-app.me |
2 KB |
1 |
dfh1.one
www.dfh1.one |
4 KB |
1 |
beiming22.xyz
mat-tj.beiming22.xyz |
24 KB |
1 |
xdpcloud.cc
1 redirects
vipurl.xdpcloud.cc |
484 B |
1 |
dfhvip7.cc
dfhvip7.cc |
3 KB |
7 | 5 |
Domain | Requested by | |
---|---|---|
3 | web.app.dfh-app.me |
1 redirects
dfhvip7.cc
web.app.dfh-app.me |
1 | www.dfh1.one |
web.app.dfh-app.me
|
1 | mat-tj.beiming22.xyz |
web.app.dfh-app.me
mat-tj.beiming22.xyz www.dfh1.one |
1 | vipurl.xdpcloud.cc | 1 redirects |
1 | dfhvip7.cc | |
7 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
dfhvip7.cc R3 |
2024-04-30 - 2024-07-29 |
3 months | crt.sh |
web.app.dfh-app.me R3 |
2024-04-19 - 2024-07-18 |
3 months | crt.sh |
mat-tj.beiming22.xyz R3 |
2024-04-05 - 2024-07-04 |
3 months | crt.sh |
dfh1.one ZeroSSL RSA Domain Secure Site CA |
2024-03-22 - 2024-06-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.dfh1.one/
Frame ID: DE2D9F16443644A5F5A0F0C54E5BC7D2
Requests: 7 HTTP requests in this frame
Screenshot
Page Title
前往导航页···Page URL History Show full URLs
-
http://dfhvip7.cc/
HTTP 307
https://dfhvip7.cc/ Page URL
-
https://vipurl.xdpcloud.cc:2087/.js?__tls=ZGZodmlwNy5jYw==
HTTP 302
https://web.app.dfh-app.me/ Page URL
- https://web.app.dfh-app.me/ Page URL
-
https://web.app.dfh-app.me/redirect.php?url=aHR0cHM6Ly93d3cuZGZoMS5vbmU%3D
HTTP 302
https://www.dfh1.one/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://dfhvip7.cc/
HTTP 307
https://dfhvip7.cc/ Page URL
-
https://vipurl.xdpcloud.cc:2087/.js?__tls=ZGZodmlwNy5jYw==
HTTP 302
https://web.app.dfh-app.me/ Page URL
- https://web.app.dfh-app.me/ Page URL
-
https://web.app.dfh-app.me/redirect.php?url=aHR0cHM6Ly93d3cuZGZoMS5vbmU%3D
HTTP 302
https://www.dfh1.one/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://dfhvip7.cc/ HTTP 307
- https://dfhvip7.cc/
- https://vipurl.xdpcloud.cc:2087/.js?__tls=ZGZodmlwNy5jYw== HTTP 302
- https://web.app.dfh-app.me/
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
dfhvip7.cc/ Redirect Chain
|
2 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
web.app.dfh-app.me/ Redirect Chain
|
47 B 425 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
web.app.dfh-app.me/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
matomo.js
mat-tj.beiming22.xyz/ |
65 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
www.dfh1.one/ Redirect Chain
|
8 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
matomo.php
mat-tj.beiming22.xyz/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
matomo.js
mat-tj.beiming22.xyz/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- mat-tj.beiming22.xyz
- URL
- https://mat-tj.beiming22.xyz/matomo.php?action_name=%E8%B7%B3%E8%BD%AC%E4%B8%AD---&idsite=50&rec=1&r=520082&h=8&m=41&s=52&url=https%3A%2F%2Fweb.app.dfh-app.me%2F&urlref=https%3A%2F%2Fweb.app.dfh-app.me%2F&_id=a9c9e606d6fc6687&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=m9htIB&devicePixelRatio=1&pf_net=0&pf_srv=463&pf_tfr=1&pf_dm1=9&pf_dm2=501&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.118%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.118%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
- Domain
- mat-tj.beiming22.xyz
- URL
- https://mat-tj.beiming22.xyz/matomo.js
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| checkurl object| _paq function| showPopup function| closePopup string| key number| totalTime string| str1 string| str2 string| completedTitle string| pcon string| btnText number| bodyWidth number| boxWidth object| btn number| num object| span1 object| span2 object| span3 number| t5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
vipurl.xdpcloud.cc/ | Name: X-XDPCLOUD-WAF-R-C Value: 0001675204 |
|
web.app.dfh-app.me/ | Name: X-XDPCLOUD-WAF-R-C Value: 0001675204 |
|
web.app.dfh-app.me/ | Name: _pk_id.50.1bc3 Value: a9c9e606d6fc6687.1715409713. |
|
web.app.dfh-app.me/ | Name: _pk_ses.50.1bc3 Value: 1 |
|
www.dfh1.one/ | Name: X-XDPCLOUD-WAF-R-C Value: 0001675204 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dfhvip7.cc
mat-tj.beiming22.xyz
vipurl.xdpcloud.cc
web.app.dfh-app.me
www.dfh1.one
mat-tj.beiming22.xyz
103.140.8.30
45.156.221.102
45.156.221.36
988f45b1395174e7b58d29f82aab4556ff2da56b424757d8485a3a547eaf20a0
dc4585a68e5acd657b166b9552f47579ce44616a104cdbdf6f81b6346127d358