kr.connection-test.oorz.net Open in urlscan Pro
152.67.221.209  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response kr.connection-test.oorz.net/	9 KB 3 KB	1361ms 238ms	Document text/html	152.67.221.209 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Full URL https://kr.connection-test.oorz.net/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 152.67.221.209 Chuncheon, Korea, Republic Of, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software Apache / Resource Hash a1ea338ad4ff427baefd06f527ab5fc6ca176f7c2c24c327a0fedbd48673f05b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Accept-Ranges bytes Content-Encoding gzip Content-Length 3238 Content-Type text/html Date Wed, 28 Feb 2024 11:44:09 GMT Etag "23e9-610c9c369bb79-gzip" Keep-Alive timeout=5, max=100 Last-Modified Wed, 28 Feb 2024 11:44:10 GMT Server Apache Vary Accept-Encoding X-Cache HIT, server, disk
GET H2	200	clipboard.min.js Show response 3gimg.qq.com/tele_safe/static/Lib/	11 KB 4 KB	3683ms 255ms	Script application/javascript	60.212.94.57 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://3gimg.qq.com/tele_safe/static/Lib/clipboard.min.js Requested by Host: kr.connection-test.oorz.net URL: https://kr.connection-test.oorz.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 60.212.94.57 Dengzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software TencentCOS / Resource Hash 1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44 Request headers accept-language en-US,en;q=0.9 Referer https://kr.connection-test.oorz.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Thu, 28 Dec 2023 09:19:58 GMT content-encoding gzip x-cos-object-type normal x-cache-lookup Cache Hit x-cos-storage-class STANDARD_IA content-length 3354 x-cos-hash-crc64ecma 1498481876398139834 last-modified Sat, 09 Apr 2022 00:33:32 GMT server TencentCOS etag "ee60ca5ba9401456105ef703a98092369b579c80" access-control-allow-methods * content-type application/javascript access-control-allow-origin * access-control-allow-credentials true x-nws-log-uuid 5028238274450007559 accept-ranges bytes ip 30.176.138.41 access-control-allow-headers *
GET DATA	200 OK	truncated /	422 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e3fa3f71f4db36e156dbb2a879da233eb69f9c46f921e5a821cd6cbb83adaa31 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	matomo.js Show response st.oorz.net/	64 KB 20 KB	1736ms 123ms	Script application/x-javascript	194.5.98.60 WEBHORIZON-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://st.oorz.net/matomo.js Requested by Host: kr.connection-test.oorz.net URL: https://kr.connection-test.oorz.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.5.98.60 , Norway, ASN149020 (WEBHORIZON-AS-AP WebHorizon Internet Services, SG), Reverse DNS static.60-98-5-194.webhorizon.net Software LiteSpeed / Resource Hash d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693 Request headers accept-language en-US,en;q=0.9 Referer https://kr.connection-test.oorz.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 28 Feb 2024 12:06:55 GMT content-encoding br last-modified Tue, 28 Nov 2023 10:11:46 GMT server LiteSpeed etag "10132-6565bce2-3a07a61;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=43200 accept-ranges bytes content-length 20481 expires Thu, 29 Feb 2024 00:06:55 GMT
GET		/ 2023.ipchaxun.com/	0 0
GET		/ hui.oorz.net/getip/	0 0
POST H2	204	matomo.php st.oorz.net/	0 110 B	513ms 510ms	Ping text/html	194.5.98.60 WEBHORIZON-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://st.oorz.net/matomo.php?action_name=&idsite=2&rec=1&r=158386&h=2&m=6&s=55&url=https%3A%2F%2Fkr.connection-test.oorz.net%2F&_id=0c79ed598ced99db&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=PamsPr&pf_net=1123&pf_srv=238&pf_tfr=1&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D Requested by Host: st.oorz.net URL: https://st.oorz.net/matomo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.5.98.60 , Norway, ASN149020 (WEBHORIZON-AS-AP WebHorizon Internet Services, SG), Reverse DNS static.60-98-5-194.webhorizon.net Software LiteSpeed / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://kr.connection-test.oorz.net/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers access-control-allow-origin https://kr.connection-test.oorz.net date Wed, 28 Feb 2024 12:06:56 GMT access-control-allow-credentials true server LiteSpeed content-type text/html; charset=UTF-8
GET		/ edgio.connection-test.oorz.net/ip/	0 0
GET H2	200	/ Show response edgio-1.connection-test.oorz.net/ip/	11 B 336 B	1020ms 278ms	XHR text/html	152.199.6.208
General Check archive.org Show headers Download Go to Full URL https://edgio-1.connection-test.oorz.net/ip/?iplocation=&isp= Requested by Host: kr.connection-test.oorz.net URL: https://kr.connection-test.oorz.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.6.208 -, , ASN (), Reverse DNS Software Apache / Resource Hash 0e9a678bee0b1da7040291d3984d94648836578c63a4b6240dc7964c98e9efd7 Request headers accept-language en-US,en;q=0.9 Referer https://kr.connection-test.oorz.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers pragma no-cache date Wed, 28 Feb 2024 12:07:01 GMT content-encoding gzip server Apache x-edg-version 4 4 4 NA 2024-01-06T08:46:16Z f563f5ae-f39a-44c5-91fb-e16a8d6e6934 vary Accept-Encoding access-control-allow-methods GET, POST, PUT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control no-cache,no-store,must-revalidate server-timing edgio_cache;desc=UNCACHEABLE,edgio_pop;desc=nyd,edgio_country;desc=US content-length 31 expires 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

2023.ipchaxun.com

URL

https://2023.ipchaxun.com/

Domain

hui.oorz.net

URL

https://hui.oorz.net/getip/?iplocation=&isp=

Domain

edgio.connection-test.oorz.net

URL

https://edgio.connection-test.oorz.net/ip/?iplocation=&isp=

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _paq function| getIPLocation object| apis number| timeout function| addRow function| addLoading function| deleteLastRow function| requestApi function| requestAllApis string| iplocation string| isp object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log function| ClipboardJS object| clipboard

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			kr.connection-test.oorz.net/	1970-01-21 04:11:17	Name: _pk_id.2.a142 Value: 0c79ed598ced99db.1709122016.
			kr.connection-test.oorz.net/	1970-01-20 18:45:23	Name: _pk_ses.2.a142 Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://kr.connection-test.oorz.net/ Message: Access to XMLHttpRequest at 'https://hui.oorz.net/getip/?iplocation=&isp=' from origin 'https://kr.connection-test.oorz.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://hui.oorz.net/getip/?iplocation=&isp= Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://2023.ipchaxun.com/ Message: Failed to load resource: net::ERR_CONNECTION_REFUSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2023.ipchaxun.com
3gimg.qq.com
edgio-1.connection-test.oorz.net
edgio.connection-test.oorz.net
hui.oorz.net
kr.connection-test.oorz.net
st.oorz.net
2023.ipchaxun.com
edgio.connection-test.oorz.net
hui.oorz.net
152.199.6.208
152.67.221.209
194.5.98.60
60.212.94.57
0e9a678bee0b1da7040291d3984d94648836578c63a4b6240dc7964c98e9efd7
1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44
a1ea338ad4ff427baefd06f527ab5fc6ca176f7c2c24c327a0fedbd48673f05b
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fa3f71f4db36e156dbb2a879da233eb69f9c46f921e5a821cd6cbb83adaa31