121.91.169.168 Open in urlscan Pro
121.91.169.168 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bdfdwyqrqsc.xyz/
Effective URL:
https://121.91.169.168:1085/
Submission: On October 22 via api (October 22nd 2024, 1:38:15 am UTC) from TW — Scanned from GB

Summary HTTP 66 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 31 domains to perform 66 HTTP transactions. The main IP is 121.91.169.168, located in Hong Kong, Hong Kong and belongs to HWCLOUDS-AS-AP HUAWEI CLOUDS, HK. The main domain is 121.91.169.168.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on October 15th 2024. Valid for: a year.

This is the only time 121.91.169.168 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	54.67.42.145 54.67.42.145	16509 (AMAZON-02) (AMAZON-02)
1 1	121.41.98.191 121.41.98.191	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
4	69.28.62.189 69.28.62.189	21859 (ZEN-ECN) (ZEN-ECN)
7	121.91.169.168 121.91.169.168	136907 (HWCLOUDS-...) (HWCLOUDS-AS-AP HUAWEI CLOUDS)
26	20.2.16.163 20.2.16.163	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	49.12.234.183 49.12.234.183	24940 (HETZNER-AS) (HETZNER-AS)
66	5

2 54.67.42.145 (San Jose, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-67-42-145.us-west-1.compute.amazonaws.com

bdfdwyqrqsc.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 121.41.98.191 (Hangzhou, China) 1 redirects

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

cwurl.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.28.62.189 (United States)

ASN21859 (ZEN-ECN, US)

tx.youdou.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 121.91.169.168 (Hong Kong, Hong Kong)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-121-91-169-168.compute.hwclouds-dns.com

121.91.169.168	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 20.2.16.163 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

df168aa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168bb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168cc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168dd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168ee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168ff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168gg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168hh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168ii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168jj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168kk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168ll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168mm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168nn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168oo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168pp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168rr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168ss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168tt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168uu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168vv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168ww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168xx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168yy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df168zz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.234.183 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: v4.ident.me

v4.ident.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	youdou.mobi tx.youdou.mobi	441 KB
2	bdfdwyqrqsc.xyz 2 redirects bdfdwyqrqsc.xyz	231 B
1	df168zz.com df168zz.com Failed
1	df168yy.com df168yy.com Failed
1	df168xx.com df168xx.com Failed
1	df168ww.com df168ww.com Failed
1	df168vv.com df168vv.com Failed
1	df168uu.com df168uu.com Failed
1	df168tt.com df168tt.com Failed
1	df168ss.com df168ss.com Failed
1	df168rr.com df168rr.com Failed
1	df168qq.com df168qq.com Failed
1	df168pp.com df168pp.com Failed
1	df168oo.com df168oo.com Failed
1	df168nn.com df168nn.com Failed
1	df168mm.com df168mm.com Failed
1	df168ll.com df168ll.com Failed
1	ident.me v4.ident.me — Cisco Umbrella Rank: 238588	136 B
1	df168kk.com df168kk.com
1	df168jj.com df168jj.com
1	df168ii.com df168ii.com
1	df168hh.com df168hh.com
1	df168gg.com df168gg.com
1	df168ff.com df168ff.com
1	df168ee.com df168ee.com
1	df168dd.com df168dd.com
1	df168cc.com df168cc.com
1	df168bb.com df168bb.com
1	df168aa.com df168aa.com
1	cwurl.cn 1 redirects cwurl.cn	132 B
0	ydglxt.xyz Failed ehflhcdf20.ydglxt.xyz Failed
66	31

	Domain	Requested by
4	tx.youdou.mobi	tx.youdou.mobi
2	bdfdwyqrqsc.xyz	2 redirects
1	df168zz.com	tx.youdou.mobi
1	df168yy.com	tx.youdou.mobi
1	df168xx.com	tx.youdou.mobi
1	df168ww.com	tx.youdou.mobi
1	df168vv.com	tx.youdou.mobi
1	df168uu.com	tx.youdou.mobi
1	df168tt.com	tx.youdou.mobi
1	df168ss.com	tx.youdou.mobi
1	df168rr.com	tx.youdou.mobi
1	df168qq.com	tx.youdou.mobi
1	df168pp.com	tx.youdou.mobi
1	df168oo.com	tx.youdou.mobi
1	df168nn.com	tx.youdou.mobi
1	df168mm.com	tx.youdou.mobi
1	df168ll.com	tx.youdou.mobi
1	v4.ident.me	tx.youdou.mobi
1	df168kk.com	tx.youdou.mobi
1	df168jj.com	tx.youdou.mobi
1	df168ii.com	tx.youdou.mobi
1	df168hh.com	tx.youdou.mobi
1	df168gg.com	tx.youdou.mobi
1	df168ff.com	tx.youdou.mobi
1	df168ee.com	tx.youdou.mobi
1	df168dd.com	tx.youdou.mobi
1	df168cc.com	tx.youdou.mobi
1	df168bb.com	tx.youdou.mobi
1	df168aa.com	tx.youdou.mobi
1	cwurl.cn	1 redirects
0	ehflhcdf20.ydglxt.xyz Failed	tx.youdou.mobi
66	31

This site contains links to these domains. Also see Links.

Domain
gitee.com
github.com

Subject Issuer	Validity	Valid
*.youdou.mobi R10	`2024-08-19` - `2024-11-17`	3 months	crt.sh
121.91.169.168 Certum Domain Validation CA SHA2	`2024-10-15` - `2025-11-14`	a year	crt.sh
im1-dafa168.com Certum Domain Validation CA SHA2	`2024-02-26` - `2025-02-25`	a year	crt.sh
any.ident.me R10	`2024-10-10` - `2025-01-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://121.91.169.168:1085/
Frame ID: DB1FB3B2C18271EF74CB8D75468F027C
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

滑块验证

Page URL History Show full URLs

http://bdfdwyqrqsc.xyz/ HTTP 307
https://bdfdwyqrqsc.xyz/ HTTP 301
https://cwurl.cn/7GFQz6 HTTP 307
http://bdfdwyqrqsc.xyz/ HTTP 307
https://bdfdwyqrqsc.xyz/ HTTP 301
https://cwurl.cn/7GFQz6 HTTP 302
https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Page URL
https://121.91.169.168:1085/ Page URL

Page Statistics

66
Requests

58 %
HTTPS

0 %
IPv6

31
Domains

31
Subdomains

5
IPs

4
Countries

601 kB
Transfer

1109 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://gitee.com/langlanglang/poster
Title: gitee

Search URL Search Domain Scan URL

URL: https://github.com/kkokk/poster
Title: github

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bdfdwyqrqsc.xyz/ HTTP 307
https://bdfdwyqrqsc.xyz/ HTTP 301
https://cwurl.cn/7GFQz6 HTTP 307
http://bdfdwyqrqsc.xyz/ HTTP 307
https://bdfdwyqrqsc.xyz/ HTTP 301
https://cwurl.cn/7GFQz6 HTTP 302
https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Page URL
https://121.91.169.168:1085/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://bdfdwyqrqsc.xyz/ HTTP 307
https://bdfdwyqrqsc.xyz/ HTTP 301
https://cwurl.cn/7GFQz6 HTTP 307
http://bdfdwyqrqsc.xyz/ HTTP 307
https://bdfdwyqrqsc.xyz/ HTTP 301
https://cwurl.cn/7GFQz6 HTTP 302
https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20

66 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

index.html Show response
tx.youdou.mobi/jump/
Redirect Chain

http://bdfdwyqrqsc.xyz/
https://bdfdwyqrqsc.xyz/
https://cwurl.cn/7GFQz6
http://bdfdwyqrqsc.xyz/
https://bdfdwyqrqsc.xyz/
https://cwurl.cn/7GFQz6
https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20

516 B
778 B

2685ms
291ms

Document
text/html

69.28.62.189
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.28.62.189 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: marco/3.2 /
Resource Hash: 4a524102b585b85d6bd4dcf0f53181a629a1c8e7fecf09345d5c6b871fb8fca4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 43347
cache-control: max-age=691200
content-encoding: br
content-type: text/html
date: Tue, 22 Oct 2024 01:38:07 GMT
etag: W/"592ea378ceb4273c828631ec1d590f7f"
expires: Tue, 29 Oct 2024 13:35:40 GMT
last-modified: Mon, 21 Oct 2024 13:35:38 GMT
server: marco/3.2
vary: Accept-Encoding
via: T.204.M, V.403-zj-fud-207, S.pcw-cn-hkg-167, T.167.M, V.pcw-cn-hkg-164, T.186.H, M.gtt-us-lax-186
x-request-id: 4bc8ed258e04da1d67e902faf9f5ccba; 545ca0f3ef85a930e9815e456a51101e
x-source: U/200
x-upyun-content-length: 516
x-upyun-content-type: text/html

Redirect headers

cache-control: no-cache
date: Tue, 22 Oct 2024 01:38:05 GMT
location: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20
server: nginx

GET
H2 200 app.f33020e4.js Show response
tx.youdou.mobi/jump/js/ 643 KB
327 KB 301ms
301ms Script
application/javascript 69.28.62.189
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://tx.youdou.mobi/jump/js/app.f33020e4.js
Requested by: Host: tx.youdou.mobi
URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.28.62.189 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: marco/3.2 /
Resource Hash: 468c621ed2f8fac68771bc5aa4df34ed9fb3c376e9cf518c217142fe3a9877e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20

Response headers

x-request-id: bb516900e23611b5555cb9cf719f67ac; 6ff301613ef194ac9aeb19205d8eff63
x-upyun-content-length: 658201
cache-control: max-age=691200
content-encoding: br
etag: W/"b02086d6ff406c0c72568663d32f3a64"
age: 43347
x-source: U/200
via: T.204.M, V.403-zj-fud-209, S.pcw-cn-hkg-167, T.167.M, V.pcw-cn-hkg-167, T.186.H, M.gtt-us-lax-186
expires: Tue, 29 Oct 2024 13:35:41 GMT
x-upyun-content-type: application/javascript
date: Tue, 22 Oct 2024 01:38:08 GMT
content-type: application/javascript
vary: Accept-Encoding
server: marco/3.2
last-modified: Mon, 21 Oct 2024 13:35:38 GMT

GET
H2 200 chunk-vendors.9c8469ab.js Show response
tx.youdou.mobi/jump/js/ 280 KB
111 KB 571ms
571ms Script
application/javascript 69.28.62.189
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://tx.youdou.mobi/jump/js/chunk-vendors.9c8469ab.js
Requested by: Host: tx.youdou.mobi
URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.28.62.189 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: marco/3.2 /
Resource Hash: 635f4d8024965f395bdaa5eb32c8697d0d55b43f294d1ceb25ae12d787b02bd6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20

Response headers

x-request-id: 6965aa672f1364f281c31c84be8635cf; 8f86e1da2950b214c2fcb8476eafd482
x-upyun-content-length: 286691
cache-control: max-age=691200
content-encoding: br
etag: W/"735a9efbf2f05947236c46bd3f8ce9a0"
age: 43348
x-source: U/200
via: T.209.M, V.403-zj-fud-209, S.pcw-cn-hkg-167, T.167.M, V.pcw-cn-hkg-165, T.186.H, M.gtt-us-lax-186
expires: Tue, 29 Oct 2024 13:35:40 GMT
x-upyun-content-type: application/javascript
date: Tue, 22 Oct 2024 01:38:08 GMT
content-type: application/javascript
vary: Accept-Encoding
server: marco/3.2
last-modified: Mon, 21 Oct 2024 13:35:38 GMT

OPTIONS
H/1.1 200 heartbeat
121.91.169.168/melody/api/v1/base/ 0
0 1488ms
758ms Preflight 121.91.169.168
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL

https://121.91.169.168/melody/api/v1/base/heartbeat

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

121.91.169.168 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),

Reverse DNS

ecs-121-91-169-168.compute.hwclouds-dns.com

Software

openresty/1.21.4.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-auth-sign, x-auth-uu
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://tx.youdou.mobi
Access-Control-Expose-Headers: x-auth-token
Connection: keep-alive
Content-Length: 0
Date: Tue, 22 Oct 2024 01:38:09 GMT
Server: openresty/1.21.4.3
Strict-Transport-Security: max-age=31536000
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS heartbeat
ehflhcdf20.ydglxt.xyz/melody/api/v1/base/ 0
0

OPTIONS
H2 604 heartbeat
df168aa.com/melody/api/v1/base/ 0
0 1157ms
398ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168aa.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168bb.com/melody/api/v1/base/ 0
0 1343ms
375ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168bb.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168cc.com/melody/api/v1/base/ 0
0 1159ms
400ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168cc.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168dd.com/melody/api/v1/base/ 0
0 1324ms
398ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168dd.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168ee.com/melody/api/v1/base/ 0
0 1557ms
397ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168ee.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:10 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168ff.com/melody/api/v1/base/ 0
0 1218ms
429ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168ff.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168gg.com/melody/api/v1/base/ 0
0 1371ms
403ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168gg.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168hh.com/melody/api/v1/base/ 0
0 1216ms
428ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168hh.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168ii.com/melody/api/v1/base/ 0
0 1302ms
397ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168ii.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168jj.com/melody/api/v1/base/ 0
0 1253ms
428ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168jj.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168kk.com/melody/api/v1/base/ 0
0 1200ms
428ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168kk.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

GET
H2 200 / Show response
v4.ident.me/ 13 B
136 B 270ms
111ms XHR
text/plain 49.12.234.183
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v4.ident.me/
Requested by: Host: tx.youdou.mobi
URL: https://tx.youdou.mobi/jump/js/chunk-vendors.9c8469ab.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 49.12.234.183 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: v4.ident.me
Software: nginx /
Resource Hash: ddbc92ac3f5a0c84874dbfb19afe7bfd86c9899af8a81b3ef21e2f876c6aa103

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://tx.youdou.mobi/

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 13
date: Tue, 22 Oct 2024 01:38:08 GMT
content-type: text/plain
server: nginx

POST
H/1.1 200 heartbeat
121.91.169.168/melody/api/v1/base/ 16 B
546 B 447ms
447ms XHR
application/json 121.91.169.168
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL

https://121.91.169.168/melody/api/v1/base/heartbeat

Requested by

Host: tx.youdou.mobi
URL: https://tx.youdou.mobi/jump/js/chunk-vendors.9c8469ab.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

121.91.169.168 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),

Reverse DNS

ecs-121-91-169-168.compute.hwclouds-dns.com

Software

openresty/1.21.4.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

x-auth-sign: 3C212DA54392BB358ECCEE2A5A1A5BD6
Referer: https://tx.youdou.mobi/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
x-auth-uu: 8add1de1-50bb-0a0d-4288-1bbaf9765c26

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Access-Control-Expose-Headers: x-auth-token
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://tx.youdou.mobi
Date: Tue, 22 Oct 2024 01:38:10 GMT
Content-Type: application/json;charset=UTF-8
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Server: openresty/1.21.4.3

POST heartbeat
ehflhcdf20.ydglxt.xyz/melody/api/v1/base/ 0
0

POST heartbeat
df168aa.com/melody/api/v1/base/ 0
0

POST heartbeat
df168bb.com/melody/api/v1/base/ 0
0

POST heartbeat
df168cc.com/melody/api/v1/base/ 0
0

POST heartbeat
df168dd.com/melody/api/v1/base/ 0
0

POST heartbeat
df168ee.com/melody/api/v1/base/ 0
0

POST heartbeat
df168ff.com/melody/api/v1/base/ 0
0

POST heartbeat
df168gg.com/melody/api/v1/base/ 0
0

POST heartbeat
df168hh.com/melody/api/v1/base/ 0
0

POST heartbeat
df168ii.com/melody/api/v1/base/ 0
0

POST heartbeat
df168jj.com/melody/api/v1/base/ 0
0

POST heartbeat
df168kk.com/melody/api/v1/base/ 0
0

POST heartbeat
df168ll.com/melody/api/v1/base/ 0
0

POST heartbeat
df168mm.com/melody/api/v1/base/ 0
0

POST heartbeat
df168nn.com/melody/api/v1/base/ 0
0

POST heartbeat
df168oo.com/melody/api/v1/base/ 0
0

POST heartbeat
df168pp.com/melody/api/v1/base/ 0
0

POST heartbeat
df168qq.com/melody/api/v1/base/ 0
0

POST heartbeat
df168rr.com/melody/api/v1/base/ 0
0

POST heartbeat
df168ss.com/melody/api/v1/base/ 0
0

POST heartbeat
df168tt.com/melody/api/v1/base/ 0
0

POST heartbeat
df168uu.com/melody/api/v1/base/ 0
0

POST heartbeat
df168vv.com/melody/api/v1/base/ 0
0

POST heartbeat
df168ww.com/melody/api/v1/base/ 0
0

POST heartbeat
df168xx.com/melody/api/v1/base/ 0
0

POST heartbeat
df168yy.com/melody/api/v1/base/ 0
0

POST heartbeat
df168zz.com/melody/api/v1/base/ 0
0

OPTIONS
H2 604 heartbeat
df168ll.com/melody/api/v1/base/ 0
0 1553ms
397ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168ll.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:10 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168mm.com/melody/api/v1/base/ 0
0 1171ms
399ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168mm.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168nn.com/melody/api/v1/base/ 0
0 1221ms
427ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168nn.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168oo.com/melody/api/v1/base/ 0
0 1373ms
427ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168oo.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168pp.com/melody/api/v1/base/ 0
0 1611ms
397ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168pp.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:10 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168qq.com/melody/api/v1/base/ 0
0 1202ms
427ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168qq.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168rr.com/melody/api/v1/base/ 0
0 1190ms
401ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168rr.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168ss.com/melody/api/v1/base/ 0
0 1373ms
428ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168ss.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168tt.com/melody/api/v1/base/ 0
0 1237ms
427ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168tt.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168uu.com/melody/api/v1/base/ 0
0 1413ms
429ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168uu.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168vv.com/melody/api/v1/base/ 0
0 1167ms
240ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168vv.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168ww.com/melody/api/v1/base/ 0
0 1366ms
394ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168ww.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168xx.com/melody/api/v1/base/ 0
0 1420ms
429ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168xx.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168yy.com/melody/api/v1/base/ 0
0 1603ms
428ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168yy.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:10 GMT
platform: polestarcloud.com
server: nginx

OPTIONS
H2 604 heartbeat
df168zz.com/melody/api/v1/base/ 0
0 1182ms
212ms Preflight
text/html 20.2.16.163
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://df168zz.com/melody/api/v1/base/heartbeat
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.2.16.163 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-auth-sign,x-auth-uu
Access-Control-Request-Method: POST
Origin: https://tx.youdou.mobi
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 01:38:09 GMT
platform: polestarcloud.com
server: nginx

GET
H2 200 favicon.ico
tx.youdou.mobi/jump/ 17 KB
3 KB 160ms
159ms Other
image/x-icon 69.28.62.189
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://tx.youdou.mobi/jump/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.28.62.189 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: marco/3.2 /
Resource Hash: 8f627721af159728b217a7531702e14fc2d21cdb39336ae595b58e49fd884f99

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20

Response headers

x-request-id: 52c87796d86acf8473ff9505b8473327; 72f3233f943dbe87b00b4f503169a4a8; a329911ef77a4aeb6e2df794792e75f4
x-upyun-content-length: 16958
cache-control: max-age=691200
content-encoding: br
etag: W/"67db5cdd3d73513556bd207d179eb96b"
age: 43347
x-source: U/200
via: T.208.M, V.403-zj-fud-204, S.pcw-cn-hkg-167, T.167.H, V.pcw-cn-hkg-164, T.186.H, M.gtt-us-lax-186
expires: Tue, 29 Oct 2024 13:35:41 GMT
x-upyun-content-type: image/x-icon
date: Tue, 22 Oct 2024 01:38:08 GMT
content-type: image/x-icon
vary: Accept-Encoding
server: marco/3.2
last-modified: Mon, 21 Oct 2024 13:35:38 GMT

GET
H/1.1 200
OK Primary Request / Show response
121.91.169.168/ 1 KB
2 KB 1073ms
350ms Document
text/html 121.91.169.168
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL

https://121.91.169.168:1085/

Requested by

Host: tx.youdou.mobi
URL: https://tx.youdou.mobi/jump/js/app.f33020e4.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

121.91.169.168 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),

Reverse DNS

ecs-121-91-169-168.compute.hwclouds-dns.com

Software

openresty/1.21.4.3 /

Resource Hash

ad1288487806fd0d17bbf990e59e52c6f2705375d4be4c0be5da16d9cfc52a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://tx.youdou.mobi/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 1501
Content-Type: text/html
Date: Tue, 22 Oct 2024 01:38:11 GMT
ETag: "663c34e9-5dd"
Last-Modified: Thu, 09 May 2024 02:28:57 GMT
Server: openresty/1.21.4.3
Strict-Transport-Security: max-age=31536000

GET
H/1.1 200
OK slider-min.js Show response
121.91.169.168/slider/ 28 KB
28 KB 646ms
646ms Script
application/javascript 121.91.169.168
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL

https://121.91.169.168:1085/slider/slider-min.js

Requested by

Host: 121.91.169.168
URL: https://121.91.169.168:1085/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

121.91.169.168 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),

Reverse DNS

ecs-121-91-169-168.compute.hwclouds-dns.com

Software

openresty/1.21.4.3 /

Resource Hash

338d05f78c12a8c2f4c2f3f50a47400fdd9a8e8d76a417742447cefc7d341c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://121.91.169.168:1085/

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "663c34eb-7091"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28817
Date: Tue, 22 Oct 2024 01:38:11 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 May 2024 02:28:59 GMT
Server: openresty/1.21.4.3

GET
H/1.1 200
OK index.js Show response
121.91.169.168/slider/ 5 KB
5 KB 986ms
336ms Script
application/javascript 121.91.169.168
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL

https://121.91.169.168:1085/slider/index.js

Requested by

Host: 121.91.169.168
URL: https://121.91.169.168:1085/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

121.91.169.168 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),

Reverse DNS

ecs-121-91-169-168.compute.hwclouds-dns.com

Software

openresty/1.21.4.3 /

Resource Hash

4c1b40d6956bbefb575c3d662d1f2654a0628fb1b2fe979e2f0a56e56767fa6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://121.91.169.168:1085/

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "663c34eb-1304"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4868
Date: Tue, 22 Oct 2024 01:38:12 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 May 2024 02:28:59 GMT
Server: openresty/1.21.4.3

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02a58e6412f474b7393c5bfbad51a827a857cb5a51c9e281132a258755eb3db7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07131d9f1f0e99cb17f2535be96d96bacd6e91d39c7ccf9e44422d0be5c1f4f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df8beb4ef505f691e502f07b2c2912e13f8c4e1d31c3a34bdbe2b1bd4ecec9e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5364fa6823567959a41816ee2c4d6574173a5c7f959dee316c3986377f5f034d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b128ab68072cf9c4ea46e2572966b4f41d9055a6032161883e5db4861051ccfd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H/1.1 404
Not Found favicon.ico
121.91.169.168/ 561 B
722 B 336ms
336ms Other
text/html 121.91.169.168
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://121.91.169.168:1085/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 121.91.169.168 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-121-91-169-168.compute.hwclouds-dns.com
Software: openresty/1.21.4.3 /
Resource Hash: 0205965f6eab82334d4f810423055204eebcf2c5c81e0d3eea261788227ad52c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://121.91.169.168:1085/

Response headers

Content-Length: 561
Date: Tue, 22 Oct 2024 01:38:12 GMT
Content-Type: text/html
Server: openresty/1.21.4.3
Connection: keep-alive

GET
H/1.1 200
OK slider.png
121.91.169.168/img/ 123 KB
124 KB 338ms
338ms Image
image/png 121.91.169.168
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://121.91.169.168:1085/img/slider.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

121.91.169.168 Hong Kong, Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),

Reverse DNS

ecs-121-91-169-168.compute.hwclouds-dns.com

Software

openresty/1.21.4.3 /

Resource Hash

59c86a7438fc46cf71c90cd563cd32f5cce0432253050e1bca3b41d7a3d7a4e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://121.91.169.168:1085/

Response headers

Strict-Transport-Security: max-age=31536000
ETag: "663c34eb-1ed22"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 126242
Date: Tue, 22 Oct 2024 01:38:13 GMT
Content-Type: image/png
Last-Modified: Thu, 09 May 2024 02:28:59 GMT
Server: openresty/1.21.4.3

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ehflhcdf20.ydglxt.xyz
URL: https://ehflhcdf20.ydglxt.xyz/melody/api/v1/base/heartbeat

Domain: ehflhcdf20.ydglxt.xyz
URL: https://ehflhcdf20.ydglxt.xyz/melody/api/v1/base/heartbeat

Domain: df168aa.com
URL: https://df168aa.com/melody/api/v1/base/heartbeat

Domain: df168bb.com
URL: https://df168bb.com/melody/api/v1/base/heartbeat

Domain: df168cc.com
URL: https://df168cc.com/melody/api/v1/base/heartbeat

Domain: df168dd.com
URL: https://df168dd.com/melody/api/v1/base/heartbeat

Domain: df168ee.com
URL: https://df168ee.com/melody/api/v1/base/heartbeat

Domain: df168ff.com
URL: https://df168ff.com/melody/api/v1/base/heartbeat

Domain: df168gg.com
URL: https://df168gg.com/melody/api/v1/base/heartbeat

Domain: df168hh.com
URL: https://df168hh.com/melody/api/v1/base/heartbeat

Domain: df168ii.com
URL: https://df168ii.com/melody/api/v1/base/heartbeat

Domain: df168jj.com
URL: https://df168jj.com/melody/api/v1/base/heartbeat

Domain: df168kk.com
URL: https://df168kk.com/melody/api/v1/base/heartbeat

Domain: df168ll.com
URL: https://df168ll.com/melody/api/v1/base/heartbeat

Domain: df168mm.com
URL: https://df168mm.com/melody/api/v1/base/heartbeat

Domain: df168nn.com
URL: https://df168nn.com/melody/api/v1/base/heartbeat

Domain: df168oo.com
URL: https://df168oo.com/melody/api/v1/base/heartbeat

Domain: df168pp.com
URL: https://df168pp.com/melody/api/v1/base/heartbeat

Domain: df168qq.com
URL: https://df168qq.com/melody/api/v1/base/heartbeat

Domain: df168rr.com
URL: https://df168rr.com/melody/api/v1/base/heartbeat

Domain: df168ss.com
URL: https://df168ss.com/melody/api/v1/base/heartbeat

Domain: df168tt.com
URL: https://df168tt.com/melody/api/v1/base/heartbeat

Domain: df168uu.com
URL: https://df168uu.com/melody/api/v1/base/heartbeat

Domain: df168vv.com
URL: https://df168vv.com/melody/api/v1/base/heartbeat

Domain: df168ww.com
URL: https://df168ww.com/melody/api/v1/base/heartbeat

Domain: df168xx.com
URL: https://df168xx.com/melody/api/v1/base/heartbeat

Domain: df168yy.com
URL: https://df168yy.com/melody/api/v1/base/heartbeat

Domain: df168zz.com
URL: https://df168zz.com/melody/api/v1/base/heartbeat

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0x3518 function| _0x5727 function| captcha object| Slider

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

53 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168aa.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168aa.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168cc.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168cc.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168vv.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168vv.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168mm.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168mm.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168zz.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168zz.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168rr.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168rr.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168kk.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168kk.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168qq.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168qq.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168hh.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168hh.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168ff.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168ff.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168nn.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168nn.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168tt.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168tt.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168jj.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168jj.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168ii.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168ii.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168dd.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168dd.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168bb.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168bb.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168gg.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168gg.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168ww.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168ww.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168oo.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168oo.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168ss.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168ss.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168uu.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168uu.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168xx.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168xx.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168ll.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168ll.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168ee.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168ee.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168yy.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168yy.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://tx.youdou.mobi/jump/index.html?siteCode=df20-web&token=lhcdf20 Message: Access to XMLHttpRequest at 'https://df168pp.com/melody/api/v1/base/heartbeat' from origin 'https://tx.youdou.mobi' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://df168pp.com/melody/api/v1/base/heartbeat Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://121.91.169.168:1085/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bdfdwyqrqsc.xyz
cwurl.cn
df168aa.com
df168bb.com
df168cc.com
df168dd.com
df168ee.com
df168ff.com
df168gg.com
df168hh.com
df168ii.com
df168jj.com
df168kk.com
df168ll.com
df168mm.com
df168nn.com
df168oo.com
df168pp.com
df168qq.com
df168rr.com
df168ss.com
df168tt.com
df168uu.com
df168vv.com
df168ww.com
df168xx.com
df168yy.com
df168zz.com
ehflhcdf20.ydglxt.xyz
tx.youdou.mobi
v4.ident.me
df168aa.com
df168bb.com
df168cc.com
df168dd.com
df168ee.com
df168ff.com
df168gg.com
df168hh.com
df168ii.com
df168jj.com
df168kk.com
df168ll.com
df168mm.com
df168nn.com
df168oo.com
df168pp.com
df168qq.com
df168rr.com
df168ss.com
df168tt.com
df168uu.com
df168vv.com
df168ww.com
df168xx.com
df168yy.com
df168zz.com
ehflhcdf20.ydglxt.xyz
121.41.98.191
121.91.169.168
20.2.16.163
49.12.234.183
54.67.42.145
69.28.62.189
0205965f6eab82334d4f810423055204eebcf2c5c81e0d3eea261788227ad52c
02a58e6412f474b7393c5bfbad51a827a857cb5a51c9e281132a258755eb3db7
07131d9f1f0e99cb17f2535be96d96bacd6e91d39c7ccf9e44422d0be5c1f4f5
338d05f78c12a8c2f4c2f3f50a47400fdd9a8e8d76a417742447cefc7d341c76
468c621ed2f8fac68771bc5aa4df34ed9fb3c376e9cf518c217142fe3a9877e3
4a524102b585b85d6bd4dcf0f53181a629a1c8e7fecf09345d5c6b871fb8fca4
4c1b40d6956bbefb575c3d662d1f2654a0628fb1b2fe979e2f0a56e56767fa6f
5364fa6823567959a41816ee2c4d6574173a5c7f959dee316c3986377f5f034d
59c86a7438fc46cf71c90cd563cd32f5cce0432253050e1bca3b41d7a3d7a4e3
635f4d8024965f395bdaa5eb32c8697d0d55b43f294d1ceb25ae12d787b02bd6
8f627721af159728b217a7531702e14fc2d21cdb39336ae595b58e49fd884f99
ad1288487806fd0d17bbf990e59e52c6f2705375d4be4c0be5da16d9cfc52a7f
b128ab68072cf9c4ea46e2572966b4f41d9055a6032161883e5db4861051ccfd
ddbc92ac3f5a0c84874dbfb19afe7bfd86c9899af8a81b3ef21e2f876c6aa103
df8beb4ef505f691e502f07b2c2912e13f8c4e1d31c3a34bdbe2b1bd4ecec9e0

121.91.169.168 Open in urlscan Pro 121.91.169.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

66 Requests

58 %HTTPS

0 %IPv6

31 Domains

31 Subdomains

5 IPs

4 Countries

601 kBTransfer

1109 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

121.91.169.168 Open in urlscan Pro
121.91.169.168 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

58 %
HTTPS

0 %
IPv6

31
Domains

31
Subdomains

5
IPs

4
Countries

601 kB
Transfer

1109 kB
Size

0
Cookies

66 HTTP transactions
5 data transactions