35pqzptbxqgucti.xyz Open in urlscan Pro
20.6.179.140 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://35pqzptbxqgucti.xyz/
Submission: On October 31 via api (October 31st 2024, 4:48:25 pm UTC) from BE — Scanned from US

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 20.6.179.140, located in Hong Kong, Hong Kong and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is 35pqzptbxqgucti.xyz.
TLS certificate: Issued by E5 on October 31st 2024. Valid for: 3 months.

This is the only time 35pqzptbxqgucti.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	20.6.179.140 20.6.179.140	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	172.67.147.124 172.67.147.124	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	3

6 20.6.179.140 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

35pqzptbxqgucti.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.147.124 (United States)

ASN13335 (CLOUDFLARENET, US)

api.nb737a0aljsmu5rs.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	35pqzptbxqgucti.xyz 35pqzptbxqgucti.xyz	904 KB
2	nb737a0aljsmu5rs.xyz api.nb737a0aljsmu5rs.xyz	2 KB
0	1ekzvviufbybdjk.xyz Failed 1ekzvviufbybdjk.xyz Failed
9	3

	Domain	Requested by
6	35pqzptbxqgucti.xyz	35pqzptbxqgucti.xyz
2	api.nb737a0aljsmu5rs.xyz	35pqzptbxqgucti.xyz
0	1ekzvviufbybdjk.xyz Failed	35pqzptbxqgucti.xyz
9	3

This site contains no links.

Subject Issuer	Validity	Valid
nspnifl3io17krw.xyz E5	`2024-10-31` - `2025-01-29`	3 months	crt.sh
nb737a0aljsmu5rs.xyz WE1	`2024-10-01` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Frame: https://1ekzvviufbybdjk.xyz/?domain=35pqzptbxqgucti.xyz
Frame ID: A27187458AF92152469F8AC8E93B8A1C
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

9
Requests

89 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

906 kB
Transfer

1047 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response 35pqzptbxqgucti.xyz/	1 KB 631 B	1493ms 385ms	Document text/html	20.6.179.140 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://35pqzptbxqgucti.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 20.6.179.140 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.17.6 / Resource Hash `6606ac348228a61c7c93ca28436c6081e67f27f3a80cb4107e80c6a39a3a89d3` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers content-encoding gzip content-length 489 content-type text/html date Thu, 31 Oct 2024 16:48:18 GMT etag W/"670633ba-49b" last-modified Wed, 09 Oct 2024 07:41:46 GMT server nginx/1.17.6 vary Accept-Encoding x-cache BYPASS
GET H2	200	chunk-vendors.css 35pqzptbxqgucti.xyz/static/20241009130516/css/	194 KB 52 KB	911ms 909ms	Stylesheet text/css	20.6.179.140 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://35pqzptbxqgucti.xyz/static/20241009130516/css/chunk-vendors.css Requested by Host: 35pqzptbxqgucti.xyz URL: https://35pqzptbxqgucti.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 20.6.179.140 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.17.6 / Resource Hash `7daa57e8b7ae49d4922ed9868771ce9ab2c1048beadb0bb43595be5115fee42f` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://35pqzptbxqgucti.xyz/ Response headers content-encoding gzip etag W/"670633ba-30732" x-cache UPDATING date Thu, 31 Oct 2024 16:48:19 GMT content-type text/css last-modified Wed, 09 Oct 2024 07:41:46 GMT server nginx/1.17.6 vary Accept-Encoding
GET H2	200	share_301.css 35pqzptbxqgucti.xyz/static/20241009130516/css/	149 B 225 B	684ms 683ms	Stylesheet text/css	20.6.179.140 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://35pqzptbxqgucti.xyz/static/20241009130516/css/share_301.css Requested by Host: 35pqzptbxqgucti.xyz URL: https://35pqzptbxqgucti.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 20.6.179.140 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.17.6 / Resource Hash `8715e0f57448cc89e41f74253161f9025f17f1bc0152e578d400066f5be22ca5` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://35pqzptbxqgucti.xyz/ Response headers content-encoding gzip etag W/"670633ba-95" x-cache UPDATING content-length 141 date Thu, 31 Oct 2024 16:48:19 GMT content-type text/css last-modified Wed, 09 Oct 2024 07:41:46 GMT server nginx/1.17.6 vary Accept-Encoding
GET H2	200	chunk-vendors.js Show response 35pqzptbxqgucti.xyz/static/20241009130516/js/	822 KB 823 KB	456ms 455ms	Script application/javascript	20.6.179.140 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://35pqzptbxqgucti.xyz/static/20241009130516/js/chunk-vendors.js Requested by Host: 35pqzptbxqgucti.xyz URL: https://35pqzptbxqgucti.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 20.6.179.140 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.17.6 / Resource Hash `571abc19ab2343a1c82768ea1633de3d6925c70fad93a3129972e064502c469f` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://35pqzptbxqgucti.xyz/ Response headers etag "670633ba-cd9cd" accept-ranges bytes x-cache HIT, policy, disk content-length 842189 date Thu, 31 Oct 2024 15:38:10 GMT content-type application/javascript last-modified Thu, 31 Oct 2024 15:38:11 GMT server nginx/1.17.6
GET H2	200	share_301.js Show response 35pqzptbxqgucti.xyz/static/20241009130516/js/	27 KB 27 KB	229ms 228ms	Script application/javascript	20.6.179.140 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://35pqzptbxqgucti.xyz/static/20241009130516/js/share_301.js Requested by Host: 35pqzptbxqgucti.xyz URL: https://35pqzptbxqgucti.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 20.6.179.140 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.17.6 / Resource Hash `844b0d9c7fb22143e48f52d16651036f2f9870db4d59377085e8eed788ac6f2a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://35pqzptbxqgucti.xyz/ Response headers etag "670633ba-6aed" accept-ranges bytes x-cache HIT, policy, disk content-length 27373 date Thu, 31 Oct 2024 16:47:54 GMT content-type application/javascript last-modified Thu, 31 Oct 2024 16:47:54 GMT server nginx/1.17.6
POST H3	200	request Show response api.nb737a0aljsmu5rs.xyz/fast-endecode/main/	2 KB 2 KB	3032ms 3031ms	XHR application/json	172.67.147.124 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.nb737a0aljsmu5rs.xyz/fast-endecode/main/request Requested by Host: 35pqzptbxqgucti.xyz URL: https://35pqzptbxqgucti.xyz/static/20241009130516/js/chunk-vendors.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.147.124 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a59521780ba9eb4b7db58727162a6ced40cf2b2258a2b92dd81165912ef55878` Request headers Referer https://35pqzptbxqgucti.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/plain, / Content-Type application/json Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sxFMSUbE0ua9ltaRsxiFLV8nxTtAsB%2BljZUBCNOacfoc7xurSDNQbmPBIqqooaPAahf%2FIlf2tHknmtrIXk1PxollWSYFSdOj74rHAEA%2BgT%2F6fDdFPoNPA2kxAj22D6BQBmf5rtw0WiTvFtc%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8db521d6eb5f227d-MIA access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=31711&sent=14&recv=12&lost=0&retrans=0&sent_bytes=4927&recv_bytes=4960&delivery_rate=21044&cwnd=12000&unsent_bytes=0&cid=ac9b5ba8d72da84b&ts=1444&x=1", cfHdrFlush;dur=0 date Thu, 31 Oct 2024 16:48:22 GMT content-type application/json;charset=UTF-8 vary Origin server cloudflare
OPTIONS H3	200	request api.nb737a0aljsmu5rs.xyz/fast-endecode/main/	0 0	895ms 820ms	Preflight	172.67.147.124 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.nb737a0aljsmu5rs.xyz/fast-endecode/main/request Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.147.124 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://35pqzptbxqgucti.xyz Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization access-control-allow-methods POST GET, POST, OPTIONS access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8db521d1ce32227d-MIA content-length 0 date Thu, 31 Oct 2024 16:48:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hsd5s6iroyi9HC7UbnCQ2Ja3djsPFCZh%2FUy3%2BO8N25WphAwyTbzAOJWsBoPs8Ao3ct2E1IHVssjm%2FsU%2Fzyvyy1OFi06henmttY1zb24uAdpOuaS3D4RIcUT2XGM8T4TgUyhay7Zv3Y7qro8%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=31251&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4169&recv_bytes=4446&delivery_rate=488&cwnd=12000&unsent_bytes=0&cid=ac9b5ba8d72da84b&ts=841&x=1" cfHdrFlush;dur=0 vary Origin
GET H2	200	favicon.ico 35pqzptbxqgucti.xyz/	784 B 860 B	384ms 383ms	Other image/x-icon	20.6.179.140 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://35pqzptbxqgucti.xyz/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 20.6.179.140 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.17.6 / Resource Hash `d1a6467455a3522674023766194f6629c36ca79020d9b8ee0c2ae93de5c0bee7` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://35pqzptbxqgucti.xyz/ Response headers etag "670633ba-310" accept-ranges bytes x-cache UPDATING content-length 784 date Thu, 31 Oct 2024 16:48:20 GMT content-type image/x-icon last-modified Wed, 09 Oct 2024 07:41:46 GMT server nginx/1.17.6
GET		/ 1ekzvviufbybdjk.xyz/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 1ekzvviufbybdjk.xyz
URL: https://1ekzvviufbybdjk.xyz/?domain=35pqzptbxqgucti.xyz

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1ekzvviufbybdjk.xyz
35pqzptbxqgucti.xyz
api.nb737a0aljsmu5rs.xyz
1ekzvviufbybdjk.xyz
172.67.147.124
20.6.179.140
571abc19ab2343a1c82768ea1633de3d6925c70fad93a3129972e064502c469f
6606ac348228a61c7c93ca28436c6081e67f27f3a80cb4107e80c6a39a3a89d3
7daa57e8b7ae49d4922ed9868771ce9ab2c1048beadb0bb43595be5115fee42f
844b0d9c7fb22143e48f52d16651036f2f9870db4d59377085e8eed788ac6f2a
8715e0f57448cc89e41f74253161f9025f17f1bc0152e578d400066f5be22ca5
a59521780ba9eb4b7db58727162a6ced40cf2b2258a2b92dd81165912ef55878
d1a6467455a3522674023766194f6629c36ca79020d9b8ee0c2ae93de5c0bee7

35pqzptbxqgucti.xyz Open in urlscan Pro 20.6.179.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

9 Requests

89 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

906 kBTransfer

1047 kBSize

0 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

0 Cookies

Indicators

35pqzptbxqgucti.xyz Open in urlscan Pro
20.6.179.140 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

906 kB
Transfer

1047 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions