l6xjvg.top Open in urlscan Pro
20.2.136.38 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://l6xjvg.top/
Effective URL:
https://l6xjvg.top/
Submission: On December 10 via api (December 10th 2024, 8:10:29 pm UTC) from US — Scanned from US

Summary HTTP 18 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 18 HTTP transactions. The main IP is 20.2.136.38, located in Hong Kong, Hong Kong and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is l6xjvg.top.
TLS certificate: Issued by R10 on December 5th 2024. Valid for: 3 months.

This is the only time l6xjvg.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	20.2.136.38 20.2.136.38	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	43.152.134.54 43.152.134.54	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
3	8.45.52.229 8.45.52.229	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	170.33.12.233 170.33.12.233	134963 (ASEPL-AS-...) (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited)
18	5

8 20.2.136.38 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

l6xjvg.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kyt62.obs-zb8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jzkw5.st3t45.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 43.152.134.54 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

u1-000.ecukwai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.45.52.229 (United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

u2-000.ecukwai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 170.33.12.233 (Singapore)

ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG)

wi2k0.unionchemicar-sh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	ecukwai.com u1-000.ecukwai.com — Cisco Umbrella Rank: 58783 u2-000.ecukwai.com — Cisco Umbrella Rank: 57583	2 MB
4	l6xjvg.top l6xjvg.top	88 KB
3	obs-zb8.com kyt62.obs-zb8.com	54 KB
2	unionchemicar-sh.com wi2k0.unionchemicar-sh.com	1 KB
1	st3t45.cc jzkw5.st3t45.cc	429 B
18	5

	Domain	Requested by
4	u1-000.ecukwai.com	l6xjvg.top
4	l6xjvg.top	l6xjvg.top
3	u2-000.ecukwai.com	l6xjvg.top
3	kyt62.obs-zb8.com	l6xjvg.top
2	wi2k0.unionchemicar-sh.com	kyt62.obs-zb8.com
1	jzkw5.st3t45.cc	l6xjvg.top
18	6

This site contains links to these domains. Also see Links.

Domain
kefu.obs-zb8.com

Subject Issuer	Validity	Valid
l6xjvg.top R10	`2024-12-05` - `2025-03-05`	3 months	crt.sh
*.obs-zb8.com R11	`2024-11-03` - `2025-02-01`	3 months	crt.sh
*.ecukwai.com GlobalSign GCC R3 DV TLS CA 2020	`2024-04-01` - `2025-05-03`	a year	crt.sh
*.st3t45.cc R11	`2024-11-15` - `2025-02-13`	3 months	crt.sh
*.unionchemicar-sh.com E6	`2024-11-20` - `2025-02-18`	3 months	crt.sh

This page contains 1 frames:

Frame: https://wi2k0.unionchemicar-sh.com:6443/page/b7cyabjb/install/c/eyJjIjoibW0yOCIsIm0iOiJqM0hzQUYteGYta0FBQUdUc2pIQ2VMMHJpT19iVExEQVN1Y2tHZVM0X0Y1WEE1MFFxWGk0OTRlQVJhOTFlZTNiZzlaTk4zcFVJcWlLYjgxZmptWGF4VFZKTkdhaGU4LUkxSWtCb0V0eV9Vc2YxUzdFOGxqVGl6U0VZcENac3JrUiJ9?p=0
Frame ID: 2187E48B1FA2D3C6131E39A828599DFC
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://l6xjvg.top/ HTTP 307
https://l6xjvg.top/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

94 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

2512 kB
Transfer

2697 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://kefu.obs-zb8.com/v1/kefu/index.html

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://l6xjvg.top/ HTTP 307
https://l6xjvg.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
l6xjvg.top/
Redirect Chain

http://l6xjvg.top/
https://l6xjvg.top/

685 B
808 B

1926ms
306ms

Document
text/html

20.2.136.38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l6xjvg.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.2.136.38 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 2d57b84383e844731ee514fa0f9e12307b6c5e16a7c4c0598860db3b31612977

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 685
content-type: text/html
date: Tue, 10 Dec 2024 20:10:20 GMT
etag: "67589dc2-2ad"
last-modified: Tue, 10 Dec 2024 20:00:02 GMT
server: nginx
x-cache: BYPASS

Redirect headers

Location: https://l6xjvg.top/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 index-DIyCfY-7.js Show response
l6xjvg.top/assets/ 192 KB
82 KB 311ms
308ms Script
application/javascript 20.2.136.38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l6xjvg.top/assets/index-DIyCfY-7.js
Requested by: Host: l6xjvg.top
URL: https://l6xjvg.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.2.136.38 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 34c5f4d696f03248c1197a32f81bf38877141eb2aae47132785be87c731021bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://l6xjvg.top
Referer: https://l6xjvg.top/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: W/"6726389d-2ff87"
expires: Wed, 11 Dec 2024 08:10:21 GMT
x-cache: UPDATING
date: Tue, 10 Dec 2024 20:10:21 GMT
content-type: application/javascript
last-modified: Sat, 02 Nov 2024 14:35:09 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 index-CKlh9YV4.css
l6xjvg.top/assets/ 2 KB
1011 B 309ms
307ms Stylesheet
text/css 20.2.136.38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l6xjvg.top/assets/index-CKlh9YV4.css
Requested by: Host: l6xjvg.top
URL: https://l6xjvg.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.2.136.38 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 36212fb1b4b61064ee81d8de44037e6ca20d71d32d68c761c312cee738bc2959

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://l6xjvg.top
Referer: https://l6xjvg.top/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: W/"6726389d-925"
expires: Wed, 11 Dec 2024 08:10:21 GMT
x-cache: UPDATING
content-length: 851
date: Tue, 10 Dec 2024 20:10:21 GMT
content-type: text/css
last-modified: Sat, 02 Nov 2024 14:35:09 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 jquery-3.5.1.min.js Show response
kyt62.obs-zb8.com/v1/js/ 87 KB
34 KB 1623ms
595ms Script
application/javascript 20.2.136.38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://kyt62.obs-zb8.com/v1/js/jquery-3.5.1.min.js
Requested by: Host: l6xjvg.top
URL: https://l6xjvg.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.2.136.38 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://l6xjvg.top/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: W/"673da9cb-15d83"
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
expires: Wed, 11 Dec 2024 08:00:40 GMT
x-cache: HIT, server, disk
date: Tue, 10 Dec 2024 20:00:40 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 20:00:40 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 op-28.js Show response
kyt62.obs-zb8.com/v1/tongji/ 133 B
263 B 1919ms
892ms Script
application/javascript 20.2.136.38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://kyt62.obs-zb8.com/v1/tongji/op-28.js
Requested by: Host: l6xjvg.top
URL: https://l6xjvg.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.2.136.38 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 4a6c85d8670f9cc5775e29fd61023b563ce3198b8e00d08bc1a2dba5385dda15

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://l6xjvg.top/

Response headers

cache-control: max-age=43200
etag: "67589dc2-a9"
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
expires: Wed, 11 Dec 2024 08:10:22 GMT
accept-ranges: bytes
x-cache: UPDATING
content-length: 133
date: Tue, 10 Dec 2024 20:10:22 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 20:00:02 GMT
server: nginx

GET
H2 200 appinstall.js Show response
kyt62.obs-zb8.com/v1/tongji/ 46 KB
20 KB 1325ms
298ms Script
application/javascript 20.2.136.38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://kyt62.obs-zb8.com/v1/tongji/appinstall.js
Requested by: Host: l6xjvg.top
URL: https://l6xjvg.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.2.136.38 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: d933b7bfeb113380cdf24ab37496e61c512a2b371143192c339e3b4f20fa18ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://l6xjvg.top/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: W/"674e742c-b9e6"
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
expires: Wed, 11 Dec 2024 08:00:40 GMT
x-cache: HIT, server, disk
date: Tue, 10 Dec 2024 20:00:40 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 20:00:40 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 dXBsb2FkLXF1YWxpZmljYXRpb24tY2VudGVyOlRIRU1TX0lURU1fUVVBTElGSUNBVElPTl9VUExPQUQ6MjI5MTIxNTA2MDpNRVJDSEFOVDpbQkA3ZDkxYjViOjQ2MDU3MjYyMTAwNjA%3D.jpg
u1-000.ecukwai.com/bs2/upload-qualification-center/ 2 MB
2 MB 899ms
132ms Image
image/jpeg 43.152.134.54
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u1-000.ecukwai.com/bs2/upload-qualification-center/dXBsb2FkLXF1YWxpZmljYXRpb24tY2VudGVyOlRIRU1TX0lURU1fUVVBTElGSUNBVElPTl9VUExPQUQ6MjI5MTIxNTA2MDpNRVJDSEFOVDpbQkA3ZDkxYjViOjQ2MDU3MjYyMTAwNjA%3D.jpg
Requested by: Host: l6xjvg.top
URL: https://l6xjvg.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.134.54 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: tencent-cos /
Resource Hash: bb3f4ee35785b7998efb575608448d6f3b4c9033746f70f3d143e6c962298d58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://l6xjvg.top/

Response headers

x-ks-client-ip: 162.245.206.246
etag: "6ad7163c30c422d984df1a749004cd8d-1"
kwaisign: NULL
x-amz-storage-class: MULTIZONE_STANDARD
expires: Sat, 09 Nov 2024 14:31:43 GMT
x-bs-object-status: 0
date: Sat, 02 Nov 2024 14:31:43 GMT
last-modified: Sat, 02 Nov 2024 14:31:37 GMT
content-type: image/jpeg
x-amz-id-2: cW9ze91yHpEluOpJSdcLxpvuyf2mxACmdJqOU2UtdfIB5RlyblfH74hUN6dY/plo
x-cos-origin-request-id: NjcyNjM3Y2ZfMWU3NmE0MDlfNjdiXzg0NDE4Mg==
x-ks-http-first-data: 3
cache-control: no-cache
x-nws-log-uuid: 14320136102415870099
x-cos-request-id: NjcyNjM3Y2ZfODVjOTQ1MWVfMTNiODdfMzg1ZjZkNQ==
x-kslogid: 730557903403042025
x-ks-cache: Hit from 43.152.134.54
x-amz-request-id: e3fac23fcbb24a109aaf8456596155df
accept-ranges: bytes
x-ks-request-id: 14320136102415870099
access-control-allow-origin: *
content-length: 1599205
x-bs-hash-crc64ecma: 10895176540396936537
x-cache-lookup: Cache Hit
x-bs-cache: HIT
server: tencent-cos

GET
H2 200 dXBsb2FkLXF1YWxpZmljYXRpb24tY2VudGVyOlRIRU1TX0lURU1fUVVBTElGSUNBVElPTl9VUExPQUQ6MjI5MTIxNTA2MDpNRVJDSEFOVDpbQkA1YjFkYjNiYTo0NjA5NDc4ODI2MDYw.png
u1-000.ecukwai.com/bs2/upload-qualification-center/ 33 KB
34 KB 1327ms
561ms Image
image/png 43.152.134.54
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u1-000.ecukwai.com/bs2/upload-qualification-center/dXBsb2FkLXF1YWxpZmljYXRpb24tY2VudGVyOlRIRU1TX0lURU1fUVVBTElGSUNBVElPTl9VUExPQUQ6MjI5MTIxNTA2MDpNRVJDSEFOVDpbQkA1YjFkYjNiYTo0NjA5NDc4ODI2MDYw.png
Requested by: Host: l6xjvg.top
URL: https://l6xjvg.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.134.54 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: tencent-cos /
Resource Hash: 2e64592e2afd616762eb204dbe8823b9452cb0bbcfc038a76ecd01b8b8a809c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://l6xjvg.top/

Response headers

x-ks-client-ip: 162.245.206.246
etag: "3cf223905af74885110ae981e97be001-1"
kwaisign: NULL
x-cos-hash-crc64ecma: 4790195105256084822
expires: Sat, 09 Nov 2024 14:32:45 GMT
date: Sat, 02 Nov 2024 14:51:32 GMT
last-modified: Sat, 02 Nov 2024 14:32:45 GMT
content-type: image/png
x-ks-http-first-data: 5
cache-control: no-cache
x-nws-log-uuid: 15307517350879668018
x-cos-request-id: NjcyNjNjNzRfMjQ1MzlhMWVfMTFjNTBfNmZiYzBkMA==
x-ks-cache: Hit from 43.152.134.54
accept-ranges: bytes
x-ks-request-id: 15307517350879668018
access-control-allow-origin: *
content-length: 34133
x-cache-lookup: Cache Hit
server: tencent-cos

GET
H2 200 dXBsb2FkLXF1YWxpZmljYXRpb24tY2VudGVyOlRIRU1TX0lURU1fUVVBTElGSUNBVElPTl9VUExPQUQ6MjI5MTIxNTA2MDpNRVJDSEFOVDpbQkAyY2QxMTJjMzo0NjA5NDc3NjA4MDYw.jpg
u2-000.ecukwai.com/bs2/upload-qualification-center/ 2 KB
2 KB 515ms
329ms Image
image/jpeg 8.45.52.229
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u2-000.ecukwai.com/bs2/upload-qualification-center/dXBsb2FkLXF1YWxpZmljYXRpb24tY2VudGVyOlRIRU1TX0lURU1fUVVBTElGSUNBVElPTl9VUExPQUQ6MjI5MTIxNTA2MDpNRVJDSEFOVDpbQkAyY2QxMTJjMzo0NjA5NDc3NjA4MDYw.jpg
Requested by: Host: l6xjvg.top
URL: https://l6xjvg.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.45.52.229 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 0fa0d6b97126c8c583d7c8a97cd03b7e9255f432fd7d9831b48bd338c79cea5e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://l6xjvg.top/

Response headers

x-oss-cdn-auth: success
access-control-expose-headers: x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class: Standard
x-ks-client-ip: 162.245.206.246
age: 3303458
x-oss-object-type: Normal
kwaisign: null
expires: Sat, 09 Nov 2024 14:32:45 GMT
x-oss-expiration: expiry-date="Mon, 18 Nov 2024 00:00:00 GMT", rule-id="cb4819a2-d66c-456d-a350-32535113e51d"
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
date: Sat, 02 Nov 2024 14:32:45 GMT
x-oss-server-time: 67
content-type: image/jpeg
last-modified: Sat, 02 Nov 2024 14:32:45 GMT
cache-control: max-age=2592000
x-swift-cachetime: 4517650
timing-allow-origin: *
x-ks-cache: HIT from 8.45.52.229
via: cache36.l2ea118-2[0,0,206-0,H], cache43.l2ea118-2[0,0], cache36.l2us2[0,0,206-0,H], cache2.l2us2[1,0], ens-cache17.us19[0,0,200-0,H], ens-cache17.us19[4,0]
ali-swift-global-savetime: 1730557965
x-swift-savetime: Tue, 10 Dec 2024 07:38:35 GMT
accept-ranges: bytes
x-ks-request-id: 082d34a517338614235011865e
access-control-allow-origin: *
content-length: 2001
x-oss-request-id: 6726380D4B19C63936922CAC
eagleid: 082d34a517338614235011865e
server: Tengine

GET
H2 200 dXBsb2FkLXF1YWxpZmljYXRpb24tY2VudGVyOlRIRU1TX0lURU1fUVVBTElGSUNBVElPTl9VUExPQUQ6MjI5MTIxNTA2MDpNRVJDSEFOVDpbQkAzNmZmN2E0YTo0NjA5NDc1Mzc1MDYw.jpg
u2-000.ecukwai.com/bs2/upload-qualification-center/ 464 KB
464 KB 416ms
229ms Image
image/jpeg 8.45.52.229
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u2-000.ecukwai.com/bs2/upload-qualification-center/dXBsb2FkLXF1YWxpZmljYXRpb24tY2VudGVyOlRIRU1TX0lURU1fUVVBTElGSUNBVElPTl9VUExPQUQ6MjI5MTIxNTA2MDpNRVJDSEFOVDpbQkAzNmZmN2E0YTo0NjA5NDc1Mzc1MDYw.jpg
Requested by: Host: l6xjvg.top
URL: https://l6xjvg.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.45.52.229 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 653607aad77dbd09f26082eba4c430eeadc70400c05ff84890885ba984e25b90

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://l6xjvg.top/

Response headers

x-oss-cdn-auth: success
access-control-expose-headers: x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class: Standard
x-ks-client-ip: 162.245.206.246
age: 3303677
x-oss-object-type: Normal
kwaisign: null
expires: Sat, 09 Nov 2024 14:29:06 GMT
x-oss-expiration: expiry-date="Mon, 18 Nov 2024 00:00:00 GMT", rule-id="cb4819a2-d66c-456d-a350-32535113e51d"
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
date: Sat, 02 Nov 2024 14:29:06 GMT
x-oss-server-time: 49
content-type: image/jpeg
last-modified: Sat, 02 Nov 2024 14:29:06 GMT
cache-control: max-age=2592000
x-swift-cachetime: 4517431
timing-allow-origin: *
x-ks-cache: HIT from 8.45.52.229
via: cache5.l2ea118-1[0,0,206-0,H], cache31.l2ea118-1[1,0], cache38.l2us2[0,11,206-0,H], cache8.l2us2[13,0], ens-cache10.us19[0,0,200-0,H], ens-cache17.us19[2,0]
ali-swift-global-savetime: 1730557746
x-swift-savetime: Tue, 10 Dec 2024 07:38:35 GMT
accept-ranges: bytes
x-ks-request-id: 082d34a517338614235011861e
access-control-allow-origin: *
content-length: 474681
x-oss-request-id: 67263732BFA6443030F9F4C2
eagleid: 082d34a517338614235011861e
server: Tengine

GET
H2 200 dXBsb2FkLXF1YWxpZmljYXRpb24tY2VudGVyOlRIRU1TX0lURU1fUVVBTElGSUNBVElPTl9VUExPQUQ6MjI5MTIxNTA2MDpNRVJDSEFOVDpbQkAyNjlhYmY2Yjo0NjA1NzIzOTgwMDYw.jpg
u2-000.ecukwai.com/bs2/upload-qualification-center/ 99 KB
100 KB 267ms
81ms Image
image/jpeg 8.45.52.229
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u2-000.ecukwai.com/bs2/upload-qualification-center/dXBsb2FkLXF1YWxpZmljYXRpb24tY2VudGVyOlRIRU1TX0lURU1fUVVBTElGSUNBVElPTl9VUExPQUQ6MjI5MTIxNTA2MDpNRVJDSEFOVDpbQkAyNjlhYmY2Yjo0NjA1NzIzOTgwMDYw.jpg
Requested by: Host: l6xjvg.top
URL: https://l6xjvg.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.45.52.229 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 5a60bd9bf745e0ca8b630063559fb10ed9dac0481d62454d4ce5bceaf155a3e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://l6xjvg.top/

Response headers

x-oss-cdn-auth: success
access-control-expose-headers: x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class: Standard
x-ks-client-ip: 162.245.206.246
age: 3303458
x-oss-object-type: Normal
kwaisign: null
expires: Sat, 09 Nov 2024 14:32:45 GMT
x-oss-expiration: expiry-date="Mon, 18 Nov 2024 00:00:00 GMT", rule-id="cb4819a2-d66c-456d-a350-32535113e51d"
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
date: Sat, 02 Nov 2024 14:32:45 GMT
x-oss-server-time: 469
content-type: image/jpeg
last-modified: Sat, 02 Nov 2024 14:32:45 GMT
cache-control: max-age=2592000
x-swift-cachetime: 4517650
timing-allow-origin: *
x-ks-cache: HIT from 8.45.52.229
via: cache3.l2eu95-3[0,15,206-0,H], cache2.l2eu95-3[16,0], cache40.l2us2[0,38,206-0,H], cache9.l2us2[40,0], ens-cache4.us19[0,0,200-0,H], ens-cache17.us19[3,0]
ali-swift-global-savetime: 1730557965
x-swift-savetime: Tue, 10 Dec 2024 07:38:35 GMT
accept-ranges: bytes
x-ks-request-id: 082d34a517338614235001859e
access-control-allow-origin: *
content-length: 101084
x-oss-request-id: 6726380DA7307F3532E17DD8
eagleid: 082d34a517338614235001859e
server: Tengine

GET
H2 200 dXBsb2FkLXF1YWxpZmljYXRpb24tY2VudGVyOlRIRU1TX0lURU1fUVVBTElGSUNBVElPTl9VUExPQUQ6MjI5MTIxNTA2MDpNRVJDSEFOVDpbQkAyNWUzY2E1Njo0NjA5NDc2NDAyMDYw.jpg
u1-000.ecukwai.com/bs2/upload-qualification-center/ 98 KB
99 KB 897ms
132ms Image
image/jpeg 43.152.134.54
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u1-000.ecukwai.com/bs2/upload-qualification-center/dXBsb2FkLXF1YWxpZmljYXRpb24tY2VudGVyOlRIRU1TX0lURU1fUVVBTElGSUNBVElPTl9VUExPQUQ6MjI5MTIxNTA2MDpNRVJDSEFOVDpbQkAyNWUzY2E1Njo0NjA5NDc2NDAyMDYw.jpg
Requested by: Host: l6xjvg.top
URL: https://l6xjvg.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.134.54 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: tencent-cos /
Resource Hash: 9d2ef80c90f37bdf28c57df5e7ee04af5e5e86720dcecfe7cc78b71a51f0c47e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://l6xjvg.top/

Response headers

x-ks-client-ip: 162.245.206.246
etag: "d1acc33d39827d82d41463f3d9747533-1"
kwaisign: NULL
x-cos-hash-crc64ecma: 5420176170098055446
expires: Sat, 09 Nov 2024 14:32:45 GMT
date: Mon, 02 Dec 2024 06:41:13 GMT
x-cos-storage-class: STANDARD_IA
last-modified: Sat, 02 Nov 2024 14:32:45 GMT
content-type: image/jpeg
x-ks-http-first-data: 3
cache-control: no-cache
x-nws-log-uuid: 9750483734809677095
x-cos-request-id: Njc0ZDU2ODlfOGRiNWMyMDlfNjM1Nl9hY2E2MDI5
x-ks-cache: Hit from 43.152.134.54
accept-ranges: bytes
x-ks-request-id: 9750483734809677095
access-control-allow-origin: *
content-length: 100829
x-cache-lookup: Cache Hit
server: tencent-cos

GET
H2 200 dXBsb2FkLXF1YWxpZmljYXRpb24tY2VudGVyOlRIRU1TX0lURU1fUVVBTElGSUNBVElPTl9VUExPQUQ6MjI5MTIxNTA2MDpNRVJDSEFOVDpbQkA3OWU3YmJlOTo0NjA5NDc3MTMyMDYw.jpg
u1-000.ecukwai.com/bs2/upload-qualification-center/ 105 KB
106 KB 898ms
133ms Image
image/jpeg 43.152.134.54
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u1-000.ecukwai.com/bs2/upload-qualification-center/dXBsb2FkLXF1YWxpZmljYXRpb24tY2VudGVyOlRIRU1TX0lURU1fUVVBTElGSUNBVElPTl9VUExPQUQ6MjI5MTIxNTA2MDpNRVJDSEFOVDpbQkA3OWU3YmJlOTo0NjA5NDc3MTMyMDYw.jpg
Requested by: Host: l6xjvg.top
URL: https://l6xjvg.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.134.54 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: tencent-cos /
Resource Hash: 4c8cb6d465b2ab6f75f00aedfea4bff136e4d7c5e21fb0d20275b5badd85c89e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://l6xjvg.top/

Response headers

x-ks-client-ip: 162.245.206.246
etag: "70e55e8860fef2b9854456921fb19183-1"
kwaisign: NULL
x-cos-hash-crc64ecma: 7783758382885514763
expires: Sat, 09 Nov 2024 14:32:45 GMT
date: Mon, 09 Dec 2024 13:17:57 GMT
x-cos-storage-class: STANDARD_IA
last-modified: Sat, 02 Nov 2024 14:32:45 GMT
content-type: image/jpeg
x-ks-http-first-data: 2
cache-control: no-cache
x-nws-log-uuid: 18103883138377474337
x-cos-request-id: Njc1NmVlMDVfZGZmMjdkMDlfZGVjYV83MWI0ZTIw
x-ks-cache: Hit from 43.152.134.54
accept-ranges: bytes
x-ks-request-id: 18103883138377474337
access-control-allow-origin: *
content-length: 107877
x-cache-lookup: Cache Hit
server: tencent-cos

GET
H2 200 api.php Show response
jzkw5.st3t45.cc/v1/ 60 B
429 B 1922ms
307ms Fetch
application/json 20.2.136.38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://jzkw5.st3t45.cc/v1/api.php?ccccode=mm28
Requested by: Host: l6xjvg.top
URL: https://l6xjvg.top/assets/index-DIyCfY-7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.2.136.38 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e97d605eb933601db48d5b33d8938aead32eb5797150dd742fe3fc04abc7bf23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://l6xjvg.top/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
access-control-allow-origin: https://l6xjvg.top
x-cache: BYPASS
content-length: 75
date: Tue, 10 Dec 2024 20:10:24 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization, Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 favicon.ico
l6xjvg.top/ 4 KB
4 KB 304ms
304ms Other
image/x-icon 20.2.136.38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l6xjvg.top/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.2.136.38 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ad94bfbeb8f9729309860381d1a6354a8a3029417f3c3f735ff3cde4403e93a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://l6xjvg.top/

Response headers

etag: "66bde8fb-10be"
accept-ranges: bytes
x-cache: UPDATING
content-length: 4286
date: Tue, 10 Dec 2024 20:10:24 GMT
content-type: image/x-icon
last-modified: Thu, 15 Aug 2024 11:39:39 GMT
server: nginx

POST
H2 200 init Show response
wi2k0.unionchemicar-sh.com/web/b7cyabjb/mm28/ 749 B
994 B 727ms
229ms XHR
application/json 170.33.12.233
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://wi2k0.unionchemicar-sh.com:6443/web/b7cyabjb/mm28/init?channelCode=mm28&av=0&cv=0&hash=%23%2F&server=https%3A%2F%2Fwi2k0.unionchemicar-sh.com%3A6443&sw=p6Cmpg&sh=p6Smpg&sp=1&li=p6GkuKehuKa4pA

Requested by

Host: kyt62.obs-zb8.com
URL: https://kyt62.obs-zb8.com/v1/tongji/appinstall.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

170.33.12.233 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),

Reverse DNS

Software

NgxFence /

Resource Hash

a621de6278f7d1df50beda7c5de9b8f690bc7f553eafdcb905dee1efe52461a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://l6xjvg.top/

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
access-control-allow-credentials: true
access-control-allow-origin: https://l6xjvg.top
date: Tue, 10 Dec 2024 20:10:25 GMT
content-type: application/json;charset=utf-8
vary: Origin, Origin
server: NgxFence

POST
H2 200 eyJjIjoibW0yOCIsIm0iOiJEdXp1MHYzMDJSWUFBQUdUc2pIQ2VIcHRYSWhGT0E2ZFpXb05JZDNIWVhLRmVqV0F2enFCdzlJd0hBNmZFbWhMZWhDVDZqNTd0NlBJNzRGMkN2Mm5MaDlmVmZEbThaRWdNbndya29nSzRrTDM4U0dDXzJlWV9NWnBra3g1eG9LOSJ9
wi2k0.unionchemicar-sh.com/web/b7cyabjb/mm28/clicked/c/ 0
377 B 229ms
227ms Ping
text/plain 170.33.12.233
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://wi2k0.unionchemicar-sh.com:6443/web/b7cyabjb/mm28/clicked/c/eyJjIjoibW0yOCIsIm0iOiJEdXp1MHYzMDJSWUFBQUdUc2pIQ2VIcHRYSWhGT0E2ZFpXb05JZDNIWVhLRmVqV0F2enFCdzlJd0hBNmZFbWhMZWhDVDZqNTd0NlBJNzRGMkN2Mm5MaDlmVmZEbThaRWdNbndya29nSzRrTDM4U0dDXzJlWV9NWnBra3g1eG9LOSJ9?p=0&ref=https%3A%2F%2Fl6xjvg.top%2F%23%2F&ac=0&cc=0&channelCode=mm28

Requested by

Host: kyt62.obs-zb8.com
URL: https://kyt62.obs-zb8.com/v1/tongji/appinstall.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

170.33.12.233 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),

Reverse DNS

Software

NgxFence /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://l6xjvg.top/

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: https://l6xjvg.top
content-length: 0
date: Tue, 10 Dec 2024 20:10:28 GMT
vary: Origin, Origin
server: NgxFence

GET eyJjIjoibW0yOCIsIm0iOiJqM0hzQUYteGYta0FBQUdUc2pIQ2VMMHJpT19iVExEQVN1Y2tHZVM0X0Y1WEE1MFFxWGk0OTRlQVJhOTFlZTNiZzlaTk4zcFVJcWlLYjgxZmptWGF4VFZKTkdhaGU4LUkxSWtCb0V0eV9Vc2YxUzdFOGxqVGl6U0VZcENac3JrUiJ9
wi2k0.unionchemicar-sh.com/page/b7cyabjb/install/c/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wi2k0.unionchemicar-sh.com
URL: https://wi2k0.unionchemicar-sh.com:6443/page/b7cyabjb/install/c/eyJjIjoibW0yOCIsIm0iOiJqM0hzQUYteGYta0FBQUdUc2pIQ2VMMHJpT19iVExEQVN1Y2tHZVM0X0Y1WEE1MFFxWGk0OTRlQVJhOTFlZTNiZzlaTk4zcFVJcWlLYjgxZmptWGF4VFZKTkdhaGU4LUkxSWtCb0V0eV9Vc2YxUzdFOGxqVGl6U0VZcENac3JrUiJ9?p=0

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://l6xjvg.top/#/ Message: Mixed Content: The page at 'https://l6xjvg.top/#/' was loaded over HTTPS, but requested an insecure element 'http://u2-000.ecukwai.com/bs2/upload-qualification-center/dXBsb2FkLXF1YWxpZmljYXRpb24tY2VudGVyOlRIRU1TX0lURU1fUVVBTElGSUNBVElPTl9VUExPQUQ6MjI5MTIxNTA2MDpNRVJDSEFOVDpbQkAyY2QxMTJjMzo0NjA5NDc3NjA4MDYw.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

jzkw5.st3t45.cc
kyt62.obs-zb8.com
l6xjvg.top
u1-000.ecukwai.com
u2-000.ecukwai.com
wi2k0.unionchemicar-sh.com
wi2k0.unionchemicar-sh.com
170.33.12.233
20.2.136.38
43.152.134.54
8.45.52.229
0fa0d6b97126c8c583d7c8a97cd03b7e9255f432fd7d9831b48bd338c79cea5e
2d57b84383e844731ee514fa0f9e12307b6c5e16a7c4c0598860db3b31612977
2e64592e2afd616762eb204dbe8823b9452cb0bbcfc038a76ecd01b8b8a809c4
34c5f4d696f03248c1197a32f81bf38877141eb2aae47132785be87c731021bc
36212fb1b4b61064ee81d8de44037e6ca20d71d32d68c761c312cee738bc2959
4a6c85d8670f9cc5775e29fd61023b563ce3198b8e00d08bc1a2dba5385dda15
4c8cb6d465b2ab6f75f00aedfea4bff136e4d7c5e21fb0d20275b5badd85c89e
5a60bd9bf745e0ca8b630063559fb10ed9dac0481d62454d4ce5bceaf155a3e8
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
653607aad77dbd09f26082eba4c430eeadc70400c05ff84890885ba984e25b90
6ad94bfbeb8f9729309860381d1a6354a8a3029417f3c3f735ff3cde4403e93a
9d2ef80c90f37bdf28c57df5e7ee04af5e5e86720dcecfe7cc78b71a51f0c47e
a621de6278f7d1df50beda7c5de9b8f690bc7f553eafdcb905dee1efe52461a5
bb3f4ee35785b7998efb575608448d6f3b4c9033746f70f3d143e6c962298d58
d933b7bfeb113380cdf24ab37496e61c512a2b371143192c339e3b4f20fa18ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e97d605eb933601db48d5b33d8938aead32eb5797150dd742fe3fc04abc7bf23

l6xjvg.top Open in urlscan Pro 20.2.136.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

94 %HTTPS

0 %IPv6

5 Domains

6 Subdomains

5 IPs

3 Countries

2512 kBTransfer

2697 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

l6xjvg.top Open in urlscan Pro
20.2.136.38 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

94 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

2512 kB
Transfer

2697 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions