dfwdfw5.com Open in urlscan Pro
150.129.40.40 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://123123dfw.com/
Effective URL:
https://dfwdfw5.com/?rj=001&shareName=dfwdfw5.com&proxyAccount=
Submission: On March 09 via api (March 9th 2023, 7:39:03 am UTC) from US — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 5 domains to perform 22 HTTP transactions. The main IP is 150.129.40.40, located in and belongs to . The main domain is dfwdfw5.com.
TLS certificate: Issued by R3 on March 7th 2023. Valid for: 3 months.

This is the only time dfwdfw5.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	18.167.63.164 18.167.63.164	16509 (AMAZON-02) (AMAZON-02)
1 2	150.129.40.40 150.129.40.40	() ()
22	3

5 18.167.63.164 (Hong Kong) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-167-63-164.ap-east-1.compute.amazonaws.com

123123dfw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dfwxiazai1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dfwxiazai2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 150.129.40.40 (None, ) 1 redirects

ASN- ()

dfwdfw5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	dfwxiazai1.com 1 redirects dfwxiazai1.com	2 KB
2	dfwdfw5.com 1 redirects dfwdfw5.com	208 B
1	dfwxiazai2.com dfwxiazai2.com	193 B
1	123123dfw.com 123123dfw.com	362 B
0	sdwok.cn Failed os.sdwok.cn Failed
22	5

	Domain	Requested by
3	dfwxiazai1.com	1 redirects 123123dfw.com dfwxiazai1.com
2	dfwdfw5.com	1 redirects dfwdfw5.com
1	dfwxiazai2.com
1	123123dfw.com
0	os.sdwok.cn Failed	dfwdfw5.com
22	5

This site contains no links.

Subject Issuer	Validity	Valid
dfwxiazai1.com R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
dfwxiazai2.com R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
dfwdfw5.com R3	`2023-03-07` - `2023-06-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://dfwdfw5.com/?rj=001&shareName=dfwdfw5.com&proxyAccount=
Frame ID: 1C9262F2FB7B56799CF43E31EA0D9518
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://123123dfw.com/ Page URL
http://dfwxiazai1.com/?uri=dfwxiazai2.com/proxyAccount.php&proxyAccount= HTTP 301
https://dfwxiazai1.com/?uri=dfwxiazai2.com/proxyAccount.php&proxyAccount= Page URL
https://dfwdfw5.com/?proxyAccount= HTTP 302
https://dfwdfw5.com/?rj=001&shareName=dfwdfw5.com&proxyAccount= Page URL

Page Statistics

22
Requests

18 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

1
Countries

3 kB
Transfer

18 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://123123dfw.com/ Page URL
http://dfwxiazai1.com/?uri=dfwxiazai2.com/proxyAccount.php&proxyAccount= HTTP 301
https://dfwxiazai1.com/?uri=dfwxiazai2.com/proxyAccount.php&proxyAccount= Page URL
https://dfwdfw5.com/?proxyAccount= HTTP 302
https://dfwdfw5.com/?rj=001&shareName=dfwdfw5.com&proxyAccount= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://dfwxiazai1.com/?uri=dfwxiazai2.com/proxyAccount.php&proxyAccount= HTTP 301
https://dfwxiazai1.com/?uri=dfwxiazai2.com/proxyAccount.php&proxyAccount=

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
123123dfw.com/ 112 B
362 B 1011ms
207ms Document
text/html 18.167.63.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://123123dfw.com/
Protocol: HTTP/1.1
Server: 18.167.63.164 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-167-63-164.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 09 Mar 2023 07:38:55 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2

200

/ Show response
dfwxiazai1.com/
Redirect Chain

http://dfwxiazai1.com/?uri=dfwxiazai2.com/proxyAccount.php&proxyAccount=
https://dfwxiazai1.com/?uri=dfwxiazai2.com/proxyAccount.php&proxyAccount=

332 B
466 B

593ms
196ms

Document
text/html

18.167.63.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dfwxiazai1.com/?uri=dfwxiazai2.com/proxyAccount.php&proxyAccount=

Requested by

Host: 123123dfw.com
URL: http://123123dfw.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.167.63.164 , Hong Kong, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-167-63-164.ap-east-1.compute.amazonaws.com

Software

nginx /

Resource Hash

839e3dbdcdfe06e5a49cd390adc1f29e39d2222b0f35d6c4894a112a9caf0ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://123123dfw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 07:38:58 GMT
refresh: 1; url=https://dfwxiazai2.com/proxyAccount.php?proxyAccount=
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Thu, 09 Mar 2023 07:38:57 GMT
Location: https://dfwxiazai1.com/?uri=dfwxiazai2.com/proxyAccount.php&proxyAccount=
Server: nginx
Strict-Transport-Security: max-age=31536000

GET
H2 200 load.gif
dfwxiazai1.com/ 1 KB
2 KB 196ms
196ms Image
image/gif 18.167.63.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dfwxiazai1.com/load.gif

Requested by

Host: dfwxiazai1.com
URL: https://dfwxiazai1.com/?uri=dfwxiazai2.com/proxyAccount.php&proxyAccount=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.167.63.164 , Hong Kong, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-167-63-164.ap-east-1.compute.amazonaws.com

Software

nginx /

Resource Hash

73bcee10f5df45ffb3eb6a7e9344cdffb7560415cffd2914229f4511c223e904

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dfwxiazai1.com/?uri=dfwxiazai2.com/proxyAccount.php&proxyAccount=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:38:58 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 01 May 2019 10:25:30 GMT
server: nginx
etag: "5cc9741a-5f2"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1522
expires: Sat, 08 Apr 2023 07:38:58 GMT

GET
H2 200 proxyAccount.php Show response
dfwxiazai2.com/ 0
193 B 1589ms
208ms Document
text/html 18.167.63.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dfwxiazai2.com/proxyAccount.php?proxyAccount=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.167.63.164 , Hong Kong, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-167-63-164.ap-east-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://dfwxiazai1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 07:39:01 GMT
refresh: 0.1; url=https://dfwdfw5.com/?proxyAccount=
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2

200

Primary Request /
dfwdfw5.com/
Redirect Chain

https://dfwdfw5.com/?proxyAccount=
https://dfwdfw5.com/?rj=001&shareName=dfwdfw5.com&proxyAccount=

16 KB
0

203ms
203ms

Document
text/html

150.129.40.40

General

Check archive.org

Show headers Download Go to

Full URL

https://dfwdfw5.com/?rj=001&shareName=dfwdfw5.com&proxyAccount=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.129.40.40 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://dfwxiazai2.com/proxyAccount.php?proxyAccount=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html
date: Thu, 09 Mar 2023 07:23:26 GMT
etag: W/"6406ee5d-3ea7"
expires: Sat, 08 Apr 2023 07:23:26 GMT
last-modified: Tue, 07 Mar 2023 07:57:17 GMT
nginx-ddos-cache: EXPIRED
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

cache-control: max-age=2592000
content-length: 138
content-type: text/html
date: Thu, 09 Mar 2023 07:23:26 GMT
expires: Sat, 08 Apr 2023 07:23:26 GMT
location: ?rj=001&shareName=dfwdfw5.com&proxyAccount=
nginx-ddos-cache: EXPIRED
server: nginx
strict-transport-security: max-age=31536000

GET content.js
dfwdfw5.com/static/js/ 0
0

GET plug.css
dfwdfw5.com/jsp/ 0
0

GET plug.js
dfwdfw5.com/jsp/ 0
0

GET doc.css
dfwdfw5.com/ 0
0

GET doc_close.png
dfwdfw5.com/static/doc/ 0
0

GET doc_kefu.png
dfwdfw5.com/static/doc/ 0
0

GET doc_info.jpg
dfwdfw5.com/static/doc/ 0
0

GET btn.png
dfwdfw5.com/static/images/ 0
0

GET kefu.png
dfwdfw5.com/static/images/ 0
0

GET footer.png
dfwdfw5.com/static/images/ 0
0

GET xz_bownload1.png
dfwdfw5.com/static/images/ 0
0

GET footer2bg.png
dfwdfw5.com/static/images/ 0
0

GET hand2.png
dfwdfw5.com/static/images/ 0
0

GET kefu2.png
dfwdfw5.com/static/images/ 0
0

GET jquery.min_1.8.js
dfwdfw5.com/static/js/ 0
0

GET doc.js
dfwdfw5.com/ 0
0

GET os2.js
os.sdwok.cn/open/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dfwdfw5.com
URL: https://dfwdfw5.com/static/js/content.js

Domain: dfwdfw5.com
URL: https://dfwdfw5.com/jsp/plug.css?v=2

Domain: dfwdfw5.com
URL: https://dfwdfw5.com/jsp/plug.js?v=2

Domain: dfwdfw5.com
URL: https://dfwdfw5.com/doc.css

Domain: dfwdfw5.com
URL: https://dfwdfw5.com/static/doc/doc_close.png

Domain: dfwdfw5.com
URL: https://dfwdfw5.com/static/doc/doc_kefu.png

Domain: dfwdfw5.com
URL: https://dfwdfw5.com/static/doc/doc_info.jpg

Domain: dfwdfw5.com
URL: https://dfwdfw5.com/static/images/btn.png

Domain: dfwdfw5.com
URL: https://dfwdfw5.com/static/images/kefu.png

Domain: dfwdfw5.com
URL: https://dfwdfw5.com/static/images/footer.png

Domain: dfwdfw5.com
URL: https://dfwdfw5.com/static/images/xz_bownload1.png

Domain: dfwdfw5.com
URL: https://dfwdfw5.com/static/images/footer2bg.png

Domain: dfwdfw5.com
URL: https://dfwdfw5.com/static/images/hand2.png

Domain: dfwdfw5.com
URL: https://dfwdfw5.com/static/images/kefu2.png

Domain: dfwdfw5.com
URL: https://dfwdfw5.com/static/js/jquery.min_1.8.js

Domain: dfwdfw5.com
URL: https://dfwdfw5.com/doc.js

Domain: os.sdwok.cn
URL: https://os.sdwok.cn/open/os2.js?v=aa729c585c10a5489e7f670d180b6be9

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

123123dfw.com
dfwdfw5.com
dfwxiazai1.com
dfwxiazai2.com
os.sdwok.cn
dfwdfw5.com
os.sdwok.cn
150.129.40.40
18.167.63.164
73bcee10f5df45ffb3eb6a7e9344cdffb7560415cffd2914229f4511c223e904
839e3dbdcdfe06e5a49cd390adc1f29e39d2222b0f35d6c4894a112a9caf0ac4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

dfwdfw5.com Open in urlscan Pro 150.129.40.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

22 Requests

18 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

3 IPs

1 Countries

3 kBTransfer

18 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

dfwdfw5.com Open in urlscan Pro
150.129.40.40 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

18 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

1
Countries

3 kB
Transfer

18 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions