urlscan.io logo urlscan.io
SecurityTrails logo

jszaq.com Open in urlscan Pro
45.148.131.80  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.jszaq.com/
Effective URL: https://jszaq.com/dj.php
Submission Tags: krdprod
Submission: On September 24 via api from JP — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 9 HTTP transactions. The main IP is 45.148.131.80, located in Austria and belongs to NETWORK-TRANSIT Network-Transit, CN. The main domain is jszaq.com.
TLS certificate: Issued by R3 on September 24th 2021. Valid for: 3 months.
This is the only time jszaq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 45.148.131.80 64021 (NETWORK-T...)
3 103.118.241.205 55933 (CLOUDIE-A...)
4 103.235.46.191 55967 (BAIDU Bei...)
9 4
Apex Domain
Subdomains		 Transfer
4 baidu.com
hm.baidu.com
30 KB
3 leisu.fun
www.leisu.fun
10 KB
3 jszaq.com
www.jszaq.com
jszaq.com
1 KB
0 51.la Failed
sdk.51.la Failed
9 4
Domain Requested by
4 hm.baidu.com www.leisu.fun
jszaq.com
3 www.leisu.fun jszaq.com
www.leisu.fun
2 jszaq.com 1 redirects
1 www.jszaq.com 1 redirects
0 sdk.51.la Failed jszaq.com
9 5

This site contains no links.

Subject Issuer Validity Valid
www.jszaq.com
R3		 2021-09-24 -
2021-12-23		 3 months crt.sh
leisu.fun
R3		 2021-08-17 -
2021-11-15		 3 months crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2021-07-01 -
2022-08-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://jszaq.com/dj.php
Frame ID: 2BE3FBA1370BD4CD31EF5B5C710B6E5B
Requests: 4 HTTP requests in this frame

Frame: https://www.leisu.fun/nt/
Frame ID: A7402316702FDD653C03572A7B7EF3EF
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

环球app最新下载地址-环球官方网站首页

Page URL History Show full URLs

  1. https://www.jszaq.com/ HTTP 302
    http://jszaq.com/dj.php HTTP 301
    https://jszaq.com/dj.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Page Statistics

9
Requests

89 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

41 kB
Transfer

104 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.jszaq.com/ HTTP 302
    http://jszaq.com/dj.php HTTP 301
    https://jszaq.com/dj.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request dj.php
jszaq.com/
Redirect Chain
  • https://www.jszaq.com/
  • http://jszaq.com/dj.php
  • https://jszaq.com/dj.php
916 B
748 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jszaq.com/dj.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.148.131.80 , Austria, ASN64021 (NETWORK-TRANSIT Network-Transit, CN),
Reverse DNS
Software
nginx /
Resource Hash
ff89aa15aaaf6975899b50cdbe23003d843d3a85242c80e25925519a2fc7ff03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
jszaq.com
:scheme
https
:path
/dj.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Fri, 24 Sep 2021 17:05:19 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-request-id
7783a489d7b8e0b8000130bcdc68c6a2
x-protected-by
OpenRASP
strict-transport-security
max-age=31536000
content-encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 24 Sep 2021 17:05:18 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://jszaq.com/dj.php
Strict-Transport-Security
max-age=31536000
nt.js
www.leisu.fun/nt/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.leisu.fun/nt/nt.js
Requested by
Host: jszaq.com
URL: https://jszaq.com/dj.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.118.241.205 , China, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
4698cac54c30e8674355665d7171b4527fd4d112ced64f51fca269cae7736a89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jszaq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 17:04:37 GMT
content-encoding
gzip
last-modified
Thu, 16 Sep 2021 17:12:22 GMT
server
nginx
etag
W/"61437af6-1a9e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Sat, 25 Sep 2021 05:04:37 GMT
hm.js
hm.baidu.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?b26fbb1dd3c6045a5803cdd50e43a43e
Requested by
Host: www.leisu.fun
URL: https://www.leisu.fun/nt/nt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
4f7dd345d9b300dc5ee8a2e2503daa31b1a940befa67b4acd40897bed8b797ac
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jszaq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 24 Sep 2021 17:04:38 GMT
Content-Encoding
gzip
Server
apache
Etag
6967478f8c8e5e93566ac2b7d6ce7d81
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
13946
/
www.leisu.fun/nt/ Frame A740 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.leisu.fun/nt/
Requested by
Host: www.leisu.fun
URL: https://www.leisu.fun/nt/nt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.118.241.205 , China, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
1b8d950784d40246302a6dc5c75f656c490b21d31b22576b7d6174f195a39847
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
www.leisu.fun
:scheme
https
:path
/nt/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jszaq.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://jszaq.com/

Response headers

server
nginx
date
Fri, 24 Sep 2021 17:04:37 GMT
content-type
text/html
last-modified
Fri, 17 Sep 2021 13:30:03 GMT
vary
Accept-Encoding
etag
W/"6144985b-3bc6"
strict-transport-security
max-age=31536000
content-encoding
gzip
tj.js
www.leisu.fun/ Frame A740 		555 B
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.leisu.fun/tj.js
Requested by
Host: www.leisu.fun
URL: https://www.leisu.fun/nt/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.118.241.205 , China, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
98744df41997aa324a3cc793ccf061368dbff7a2bea837ba90071db5bd1be2b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.leisu.fun/nt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 17:04:38 GMT
last-modified
Tue, 20 Apr 2021 09:01:50 GMT
server
nginx
etag
"607e987e-22b"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
555
expires
Sat, 25 Sep 2021 05:04:38 GMT
js-sdk-pro.min.js
sdk.51.la/ Frame A740 		0
0
hm.js
hm.baidu.com/ Frame A740 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?2f2f361117832acaf6533ed9823f7668
Requested by
Host: www.leisu.fun
URL: https://www.leisu.fun/nt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
b62999a50e8607397e8662c4229359e1504d129b06a7ec85724678b5c000a9e9
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.leisu.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 24 Sep 2021 17:04:39 GMT
Content-Encoding
gzip
Server
apache
Etag
e05896264d36d940e4effe3808ccfcbe
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
15272
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1845221580&si=b26fbb1dd3c6045a5803cdd50e43a43e&v=1.2.85&lv=1&sn=26229&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fjszaq.com%2Fdj.php&tt=%E7%8E%AF%E7%90%83app%E6%9C%80%E6%96%B0%E4%B8%8B%E8%BD%BD%E5%9C%B0%E5%9D%80-%E7%8E%AF%E7%90%83%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99%E9%A6%96%E9%A1%B5
Requested by
Host: jszaq.com
URL: https://jszaq.com/dj.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://jszaq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Sep 2021 17:04:39 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ Frame A740 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1486374795&si=2f2f361117832acaf6533ed9823f7668&su=https%3A%2F%2Fjszaq.com%2F&v=1.2.85&lv=1&sn=26230&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww.leisu.fun%2Fnt%2F&tt=%E7%81%AB%E7%8B%90%26%E6%AC%A7%E5%AE%9DVIP%E9%80%9A%E9%81%93
Requested by
Host: www.leisu.fun
URL: https://www.leisu.fun/nt/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.leisu.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Sep 2021 17:04:40 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sdk.51.la
URL
https://sdk.51.la/js-sdk-pro.min.js

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster string| encode_version string| zjjir object| __0xccaae function| _0x1fcb object| _hmt string| sUserAgent boolean| bIsIphoneOs boolean| bIsSymb boolean| bIsIpad boolean| bIsIpod boolean| bIsAndroid boolean| bIsCE boolean| bIsWM boolean| bIsWP boolean| isBDAPP boolean| isBDBrowser boolean| isM object| str string| aric_a boolean| _bdhm_loaded_b26fbb1dd3c6045a5803cdd50e43a43e object| mini_tangram_log_2uj55b

3 Cookies

Domain/Path Name / Value
.jszaq.com/ Name: Hm_lvt_b26fbb1dd3c6045a5803cdd50e43a43e
Value: 1632503079
.jszaq.com/ Name: Hm_lpvt_b26fbb1dd3c6045a5803cdd50e43a43e
Value: 1632503079
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: AA0930D1E3D25DE2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000