urlscan.io logo urlscan.io
SecurityTrails logo

fkntpu.bou1.shop Open in urlscan Pro
122.10.68.102  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://3119qs.cc/
Effective URL: https://fkntpu.bou1.shop/10505.html
Submission: On September 16 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 14 domains to perform 21 HTTP transactions. The main IP is 122.10.68.102, located in Korea, Republic Of and belongs to DXTL-HK DXTL Tseung Kwan O Service, HK. The main domain is fkntpu.bou1.shop.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on July 27th 2024. Valid for: 3 months.
This is the only time fkntpu.bou1.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 122.10.110.26 134548 (DXTL-HK D...)
3 23.224.75.126 40065 (CNSERVERS)
3 122.10.18.20 134548 (DXTL-HK D...)
4 122.10.68.102 134548 (DXTL-HK D...)
21 5
Domain Requested by
4 fkntpu.bou1.shop blr2cu3m.a0202.shop
fkntpu.bou1.shop
3 blr2cu3m.a0202.shop 3119qs.cc
3 tj.a30691.shop 3119qs.cc
blr2cu3m.a0202.shop
fkntpu.bou1.shop
1 3119qs.cc
0 qs2024qs.xn--ndc2bbb3b4eyax4czad0ff4f.xn--gecrj9c Failed fkntpu.bou1.shop
0 qerbbfdgbdds.31224.pro Failed fkntpu.bou1.shop
0 ocvbvwebgntbr.987655.photos Failed fkntpu.bou1.shop
0 muynts.909011.photos Failed fkntpu.bou1.shop
0 ntebrsfwe.886789.pics Failed fkntpu.bou1.shop
0 ntewsbfzgdzd.883456.pics Failed fkntpu.bou1.shop
0 e91cqdjb.a0207.shop Failed blr2cu3m.a0202.shop
0 qvrw5g2u.ai00370.shop Failed blr2cu3m.a0202.shop
0 u13vvnpf.a0203.shop Failed blr2cu3m.a0202.shop
0 ajylzwli.0215004.xyz Failed 3119qs.cc
21 14
Subject Issuer Validity Valid
*.3119qs.cc
ZeroSSL RSA Domain Secure Site CA		 2024-09-05 -
2024-12-04		 3 months crt.sh
tj.a30691.shop
R10		 2024-06-17 -
2024-09-15		 3 months crt.sh
*.a0202.shop
ZeroSSL RSA Domain Secure Site CA		 2024-09-13 -
2024-12-12		 3 months crt.sh
*.bou1.shop
ZeroSSL RSA Domain Secure Site CA		 2024-07-27 -
2024-10-25		 3 months crt.sh

This page contains 1 frames:

Frame: https://qs2024qs.xn--ndc2bbb3b4eyax4czad0ff4f.xn--gecrj9c/r/jtc8f
Frame ID: 1DD9AF1E8CE131B4EC5E81166BC00D36
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

网址导航大全

Page URL History Show full URLs

  1. https://3119qs.cc/ Page URL
  2. https://blr2cu3m.a0202.shop/10505.html Page URL
  3. https://fkntpu.bou1.shop/10505.html Page URL

Page Statistics

21
Requests

38 %
HTTPS

0 %
IPv6

14
Domains

14
Subdomains

5
IPs

3
Countries

26 kB
Transfer

65 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://3119qs.cc/ Page URL
  2. https://blr2cu3m.a0202.shop/10505.html Page URL
  3. https://fkntpu.bou1.shop/10505.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
3119qs.cc/ 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3119qs.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.110.26 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
4bdf42c2f8b991271e4fd56729f46050e019feb38e615fe2fe184e249a70f1fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Sep 2024 10:01:23 GMT
expires
0
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
/
tj.a30691.shop/ 		0
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tj.a30691.shop/?param=58sZAXe8UG5z7+hYnvaHRfaWQ9cXMmdHlwZT0xNCZwYWdlPWh0dHBzOi8vMzExOXFzLmNjJndlYl9pZD0xMDUwNSZ1dj04M2QyNzk2YTcyNWI1MWE3ODIzMmM2MTMwYWJiYjYzZCZpcD04NC4xOS4xNzUuMTg0IadbqXPmd3qM/D+HYdFsn/lsm1VkmNau
Requested by
Host: 3119qs.cc
URL: https://3119qs.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.75.126 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://3119qs.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 10:01:24 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
10505.html
ajylzwli.0215004.xyz/ 		0
0
10505.html
blr2cu3m.a0202.shop/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://blr2cu3m.a0202.shop/10505.html
Requested by
Host: 3119qs.cc
URL: https://3119qs.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.18.20 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://3119qs.cc/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 10:01:23 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
expires
0
10505.html
blr2cu3m.a0202.shop/ 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blr2cu3m.a0202.shop/10505.html
Requested by
Host: 3119qs.cc
URL: https://3119qs.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.18.20 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
0f50ec2293228301cde8ec8bef80b845e2e286a8e5e7f34be4d5c75748abf3de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://3119qs.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Sep 2024 10:01:24 GMT
expires
0
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
/
tj.a30691.shop/ 		0
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tj.a30691.shop/?param=jlu1PfL2gkx7C8WFGJaHRfaWQ9cXMmdHlwZT0xMiZwYWdlPWh0dHBzOi8vYmxyMmN1M20uYTAyMDIuc2hvcC8xMDUwNS5odG1sJndlYl9pZD0xMDUwNSZ1dj01N2U3NWZjNGMxODdlODM0N2U3YzkyZDBjZTJhYTNmMSZpcD04NC4xOS4xNzUuMTg0cSp47ayufOZWaQKM5383j/fbMpdyKL11
Requested by
Host: blr2cu3m.a0202.shop
URL: https://blr2cu3m.a0202.shop/10505.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.75.126 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://blr2cu3m.a0202.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 10:01:25 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
10505.html
u13vvnpf.a0203.shop/ 		0
0
10505.html
qvrw5g2u.ai00370.shop/ 		0
0
10505.html
e91cqdjb.a0207.shop/ 		0
0
10505.html
fkntpu.bou1.shop/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fkntpu.bou1.shop/10505.html
Requested by
Host: blr2cu3m.a0202.shop
URL: https://blr2cu3m.a0202.shop/10505.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.68.102 , Korea, Republic Of, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://blr2cu3m.a0202.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 10:01:25 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
expires
0
favicon.ico
blr2cu3m.a0202.shop/ 		12 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://blr2cu3m.a0202.shop/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.18.20 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
0b0e339a2a5ac84a16baeadc9b5543bc0e79f9f36283719a8ac6a22495ea7215

Request headers

Referer
https://blr2cu3m.a0202.shop/10505.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 10:01:25 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
expires
0
Primary Request 10505.html
fkntpu.bou1.shop/ 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fkntpu.bou1.shop/10505.html
Requested by
Host: blr2cu3m.a0202.shop
URL: https://blr2cu3m.a0202.shop/10505.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.68.102 , Korea, Republic Of, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
cab0a4a9d504f70caba7bec4c7cd1a472475b2e06819ec9671e75d6443fde19f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://blr2cu3m.a0202.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 16 Sep 2024 10:01:26 GMT
expires
0
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
/
tj.a30691.shop/ 		0
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tj.a30691.shop/?param=3Umh1/OpwPKvVoVtfbaHRfaWQ9cXMmdHlwZT0xMCZwYWdlPWh0dHBzOi8vZmtudHB1LmJvdTEuc2hvcC8xMDUwNS5odG1sJndlYl9pZD0xMDUwNSZ1dj0yMzAxMGYxYjM2YWJlOTAwYTI1N2ViNzA3MzQwYzQ5ZSZpcD04NC4xOS4xNzUuMTg0P0MAkAgUOPVz+pY+ZYkBKvj9VXB8JZ4/
Requested by
Host: fkntpu.bou1.shop
URL: https://fkntpu.bou1.shop/10505.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.75.126 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fkntpu.bou1.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 10:01:27 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
jtc8f
ntewsbfzgdzd.883456.pics/r/ 		0
0
jtc8f
ntebrsfwe.886789.pics/r/ 		0
0
jtc8f
muynts.909011.photos/r/ 		0
0
jtc8f
ocvbvwebgntbr.987655.photos/r/ 		0
0
jtc8f
qerbbfdgbdds.31224.pro/r/ 		0
0
favicon.ico
fkntpu.bou1.shop/ 		14 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://fkntpu.bou1.shop/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.68.102 , Korea, Republic Of, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
9536eb46c6dd4c136862a09ec51145b97ae4308fb7f7d035ad1cdc9e1dc71a00

Request headers

Referer
https://fkntpu.bou1.shop/10505.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 10:01:27 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
expires
0
log.php
fkntpu.bou1.shop/ 		1 B
152 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fkntpu.bou1.shop/log.php?action=addErroLog
Requested by
Host: fkntpu.bou1.shop
URL: https://fkntpu.bou1.shop/10505.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.68.102 , Korea, Republic Of, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fkntpu.bou1.shop/10505.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 16 Sep 2024 10:01:29 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
jtc8f
qs2024qs.xn--ndc2bbb3b4eyax4czad0ff4f.xn--gecrj9c/r/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ajylzwli.0215004.xyz
URL
https://ajylzwli.0215004.xyz/10505.html
Domain
u13vvnpf.a0203.shop
URL
https://u13vvnpf.a0203.shop/10505.html
Domain
qvrw5g2u.ai00370.shop
URL
https://qvrw5g2u.ai00370.shop/10505.html
Domain
e91cqdjb.a0207.shop
URL
https://e91cqdjb.a0207.shop/10505.html
Domain
ntewsbfzgdzd.883456.pics
URL
https://ntewsbfzgdzd.883456.pics/r/jtc8f
Domain
ntebrsfwe.886789.pics
URL
https://ntebrsfwe.886789.pics/r/jtc8f
Domain
muynts.909011.photos
URL
https://muynts.909011.photos/r/jtc8f
Domain
ocvbvwebgntbr.987655.photos
URL
https://ocvbvwebgntbr.987655.photos/r/jtc8f
Domain
qerbbfdgbdds.31224.pro
URL
https://qerbbfdgbdds.31224.pro/r/jtc8f
Domain
qs2024qs.xn--ndc2bbb3b4eyax4czad0ff4f.xn--gecrj9c
URL
https://qs2024qs.xn--ndc2bbb3b4eyax4czad0ff4f.xn--gecrj9c/r/jtc8f

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| siteList string| fangList string| jumpData string| defaultUrl string| httpstatus string| zy2jump string| zy2jump_time string| pzy2jump string| pzy2jump_time function| _0x4d1522 string| apiUrl function| mainRedirectLogic function| parseSites function| fetchWithTimeout function| _0x37a4 function| validateDomains function| _0x4b1a function| logDomainFailure

6 Cookies

Domain/Path Name / Value
3119qs.cc/ Name: PHPSESSID
Value: i8871q2gs4idgkcff5rifdfca4
3119qs.cc/ Name: visitor_id
Value: 83d2796a725b51a78232c6130abbb63d
blr2cu3m.a0202.shop/ Name: PHPSESSID
Value: 948ngkar3ajovl0ie6q8kmm90v
blr2cu3m.a0202.shop/ Name: visitor_id
Value: 57e75fc4c187e8347e7c92d0ce2aa3f1
fkntpu.bou1.shop/ Name: PHPSESSID
Value: nkh4d48vojqdchgv2d7m8flamv
fkntpu.bou1.shop/ Name: visitor_id
Value: 23010f1b36abe900a257eb707340c49e

8 Console Messages

Source Level URL
Text
network error URL: https://blr2cu3m.a0202.shop/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://fkntpu.bou1.shop/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://fkntpu.bou1.shop/10505.html
Message:
Access to fetch at 'https://ocvbvwebgntbr.987655.photos/r/jtc8f' from origin 'https://fkntpu.bou1.shop' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values 'https://fkntpu.bou1.shop, *', but only one is allowed. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://ocvbvwebgntbr.987655.photos/r/jtc8f
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://fkntpu.bou1.shop/10505.html
Message:
Access to fetch at 'https://qerbbfdgbdds.31224.pro/r/jtc8f' from origin 'https://fkntpu.bou1.shop' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values 'https://fkntpu.bou1.shop, *', but only one is allowed. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://qerbbfdgbdds.31224.pro/r/jtc8f
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://fkntpu.bou1.shop/10505.html
Message:
Access to fetch at 'https://ntewsbfzgdzd.883456.pics/r/jtc8f' from origin 'https://fkntpu.bou1.shop' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values 'https://fkntpu.bou1.shop, *', but only one is allowed. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://ntewsbfzgdzd.883456.pics/r/jtc8f
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000