urlscan.io logo urlscan.io
SecurityTrails logo

f66u6ue.xn--ekr74ag4h.cn Open in urlscan Pro Puny
f66u6ue.大咖医.cn IDN
58.218.215.159  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bet365vip6.com/
Effective URL: https://f66u6ue.xn--ekr74ag4h.cn/7373/7373/index.html
Submission: On October 03 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 58.218.215.159, located in China and belongs to CHINANET-BACKBONE No.31,Jin-rong Street, CN. The main domain is f66u6ue.xn--ekr74ag4h.cn.
TLS certificate: Issued by R3 on September 28th 2023. Valid for: 3 months.
This is the only time f66u6ue.xn--ekr74ag4h.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 156.234.127.117 40065 (CNSERVERS)
3 58.218.215.159 4134 (CHINANET-...)
2 240e:95c:2002... 58563 (CHINATELE...)
1 240e:97b:500:... 4134 (CHINANET-...)
7 4
Apex Domain
Subdomains		 Transfer
3 cnzz.com
s9.cnzz.com — Cisco Umbrella Rank: 74817
z12.cnzz.com — Cisco Umbrella Rank: 120537
c.cnzz.com — Cisco Umbrella Rank: 64334
6 KB
3 xn--ekr74ag4h.cn
f66u6ue.xn--ekr74ag4h.cn
20 KB
1 bet365vip6.com
bet365vip6.com
319 B
7 3
Domain Requested by
3 f66u6ue.xn--ekr74ag4h.cn bet365vip6.com
f66u6ue.xn--ekr74ag4h.cn
1 c.cnzz.com s9.cnzz.com
1 z12.cnzz.com s9.cnzz.com
1 s9.cnzz.com f66u6ue.xn--ekr74ag4h.cn
1 bet365vip6.com
7 5

This site contains links to these domains. Also see Links.

Domain
www.cnzz.com
alb-nziqqkhs0uqzzm2lmu.cn-hongkong.alb.aliyuncs.com
Subject Issuer Validity Valid
f66u6ue.xn--ekr74ag4h.cn
R3		 2023-09-28 -
2023-12-27		 3 months crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G3		 2023-01-28 -
2024-02-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://f66u6ue.xn--ekr74ag4h.cn/7373/7373/index.html
Frame ID: 446FCA291326D1DDA0CCFDDEA560CCD9
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome

Page URL History Show full URLs

  1. http://bet365vip6.com/ Page URL
  2. https://f66u6ue.xn--ekr74ag4h.cn/7373/7373/index.html Page URL

Page Statistics

7
Requests

86 %
HTTPS

50 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

26 kB
Transfer

32 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bet365vip6.com/ Page URL
  2. https://f66u6ue.xn--ekr74ag4h.cn/7373/7373/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bet365vip6.com/ 		183 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
http://bet365vip6.com/
Protocol
HTTP/1.1
Server
156.234.127.117 Hong Kong, Hong Kong, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-Length
183
Date
Tue, 03 Oct 2023 09:21:31 GMT
Server
nginx
Primary Request index.html
f66u6ue.xn--ekr74ag4h.cn/7373/7373/ 		289 B
926 B 		Document
General
Check archive.org
Download Go to
Full URL
https://f66u6ue.xn--ekr74ag4h.cn/7373/7373/index.html
Requested by
Host: bet365vip6.com
URL: http://bet365vip6.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.218.215.159 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
966e6864ead883706e8b37118404e40055c2d524b342622679c3ca75d05a61f9
Security Headers
Name Value
Strict-Transport-Security max-age=5184000 max-age=31536000

Request headers

Referer
http://bet365vip6.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
1410
Ali-Swift-Global-Savetime
1696323480
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 03 Oct 2023 08:58:00 GMT
ETag
W/"651a6490-138"
EagleId
3adad01c16963248904064776e
Last-Modified
Mon, 02 Oct 2023 06:34:56 GMT
Server
Tengine
Strict-Transport-Security
max-age=5184000 max-age=31536000
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
cache22.l2cn2656[88,91,304-0,M], cache33.l2cn2656[92,0], kunlun8.cn192[0,0,200-0,H], kunlun8.cn192[1,0]
X-Cache
HIT TCP_MEM_HIT dirn:11:1045360056
X-Swift-CacheTime
3600
X-Swift-SaveTime
Tue, 03 Oct 2023 08:58:00 GMT
z.js
s9.cnzz.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s9.cnzz.com/z.js?id=1281304995
Requested by
Host: f66u6ue.xn--ekr74ag4h.cn
URL: https://f66u6ue.xn--ekr74ag4h.cn/7373/7373/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:95c:2002:4:3::3e1 , China, ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN),
Reverse DNS
Software
Tengine /
Resource Hash
457c8638da08755c1aa994e8fe09a830b9c001a01bd883098c1f29a3200aecd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f66u6ue.xn--ekr74ag4h.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 09:20:27 GMT
via
cache28.l2cn3115[0,0,304-0,H], cache79.l2cn3115[1,0], cache15.cn3425[0,0,200-0,H], cache3.cn3425[1,0]
content-encoding
gzip
age
67
x-swift-cachetime
279
x-cache
HIT TCP_MEM_HIT dirn:9:169832471
x-swift-savetime
Tue, 03 Oct 2023 09:20:48 GMT
content-length
4780
server
Tengine
etag
W/"2044387724223004868"
vary
accept-encoding
ali-swift-global-savetime
1696324827
content-type
application/javascript
cache-control
public, max-age=300
timing-allow-origin
*
eagleid
3a31c61716963248942261584e
index.js
f66u6ue.xn--ekr74ag4h.cn/7373/7373/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f66u6ue.xn--ekr74ag4h.cn/7373/7373/index.js
Requested by
Host: f66u6ue.xn--ekr74ag4h.cn
URL: https://f66u6ue.xn--ekr74ag4h.cn/7373/7373/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.218.215.159 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
172a5fb3f342e441b9c532190014d8dde8c97b6f0049ad1305a8de2a770bd717
Security Headers
Name Value
Strict-Transport-Security max-age=5184000, max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f66u6ue.xn--ekr74ag4h.cn/7373/7373/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Strict-Transport-Security
max-age=5184000, max-age=31536000
Date
Tue, 03 Oct 2023 06:57:56 GMT
Via
cache49.l2cn2656[83,82,200-0,M], cache24.l2cn2656[84,0], kunlun10.cn192[0,0,200-0,H], kunlun8.cn192[3,0]
Content-Encoding
gzip
Age
8614
X-Swift-CacheTime
43200
Transfer-Encoding
chunked
X-Cache
HIT TCP_MEM_HIT dirn:9:808584651
Connection
keep-alive
X-Swift-SaveTime
Tue, 03 Oct 2023 06:57:56 GMT
Last-Modified
Tue, 03 Oct 2023 06:57:18 GMT
Server
Tengine
ETag
W/"651bbb4e-162e"
Vary
Accept-Encoding, Accept-Encoding
Ali-Swift-Global-Savetime
1696316276
Content-Type
application/javascript
Cache-Control
max-age=43200
Timing-Allow-Origin
*
EagleId
3adad01c16963248906625464e
Expires
Tue, 03 Oct 2023 18:57:56 GMT
stat.htm
z12.cnzz.com/ 		2 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://z12.cnzz.com/stat.htm?id=1281304995&r=http%3A%2F%2Fbet365vip6.com%2F&lg=en-us&ntime=none&cnzz_eid=1481756100-1696324894-null&showp=1600x1200&p=https%3A%2F%2Ff66u6ue.xn--ekr74ag4h.cn%2F7373%2F7373%2Findex.html&t=&umuuid=18af4d7beb7975-0b583b7e2d88c4-6034535a-1d4c00-18af4d7beb8b2c&h=1
Requested by
Host: s9.cnzz.com
URL: https://s9.cnzz.com/z.js?id=1281304995
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
240e:97b:500:2000::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f66u6ue.xn--ekr74ag4h.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 09:21:37 GMT
content-encoding
gzip
server
Tengine
vary
Accept-Encoding
content-type
text/html; charset=utf-8
c.js
c.cnzz.com/ 		881 B
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.cnzz.com/c.js?web_id=1281304995&t=z
Requested by
Host: s9.cnzz.com
URL: https://s9.cnzz.com/z.js?id=1281304995
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:95c:2002:4:3::3e1 , China, ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN),
Reverse DNS
Software
Tengine /
Resource Hash
156f80680cdb03d18fd1a28260aba64de21993008d77416ac12ea5510dfff069

Request headers

Referer
https://f66u6ue.xn--ekr74ag4h.cn/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 03 Oct 2023 09:19:44 GMT
via
cache67.l2cn3115[0,0,304-0,H], cache78.l2cn3115[0,0], cache22.cn3425[0,0,200-0,H], cache3.cn3425[4,0]
content-encoding
gzip
age
109
x-swift-cachetime
305
x-cache
HIT TCP_MEM_HIT dirn:11:399244667
x-swift-savetime
Tue, 03 Oct 2023 09:20:01 GMT
content-length
574
server
Tengine
etag
W/"13476981285905921645"
vary
accept-encoding
ali-swift-global-savetime
1696324785
content-type
application/javascript
cache-control
public, max-age=321
timing-allow-origin
*
eagleid
3a31c61716963248945213377e
7373cc.png
f66u6ue.xn--ekr74ag4h.cn/7373/7373/assets/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f66u6ue.xn--ekr74ag4h.cn/7373/7373/assets/7373cc.png
Requested by
Host: f66u6ue.xn--ekr74ag4h.cn
URL: https://f66u6ue.xn--ekr74ag4h.cn/7373/7373/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.218.215.159 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
f9c2949d5133507a863e12e195a0fe5a464d4ac019a27c37229da2b95d1122bb
Security Headers
Name Value
Strict-Transport-Security max-age=5184000, max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f66u6ue.xn--ekr74ag4h.cn/7373/7373/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Strict-Transport-Security
max-age=5184000, max-age=31536000
Date
Tue, 03 Oct 2023 06:58:08 GMT
Via
cache22.l2cn2656[81,81,200-0,M], cache44.l2cn2656[83,0], kunlun4.cn192[0,0,200-0,H], kunlun8.cn192[1,0]
Age
8606
X-Swift-CacheTime
2592000
X-Cache
HIT TCP_MEM_HIT dirn:10:1083089726
Connection
keep-alive
X-Swift-SaveTime
Tue, 03 Oct 2023 06:58:08 GMT
Content-Length
14946
Last-Modified
Sun, 20 Aug 2023 06:30:16 GMT
Server
Tengine
ETag
"64e1b2f8-3a62"
Ali-Swift-Global-Savetime
1696316288
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
EagleId
3adad01c16963248948042424e
Expires
Thu, 02 Nov 2023 06:58:08 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1281304995 function| _0x42398c function| _0x4f85 function| _0x1a3c object| sites string| customer string| link string| htmlfile object| enter object| wait number| interval

2 Cookies

Domain/Path Name / Value
.xn--ekr74ag4h.cn/ Name: UM_distinctid
Value: 18af4d7beb7975-0b583b7e2d88c4-6034535a-1d4c00-18af4d7beb8b2c
f66u6ue.xn--ekr74ag4h.cn/ Name: CNZZDATA1281304995
Value: 1481756100-1696324894-null%7C1696324894

2 Console Messages

Source Level URL
Text
javascript warning URL: https://s9.cnzz.com/z.js?id=1281304995
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/c.js?web_id=1281304995&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://s9.cnzz.com/z.js?id=1281304995
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/c.js?web_id=1281304995&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.