urlscan.io logo urlscan.io
SecurityTrails logo

image.manamana.net Open in urlscan Pro
2409:8c5c:100:18:3::3e7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://njkl.aqspw.com/
Effective URL: https://image.manamana.net/1695367235000_ZuEFUzEo?id=OU2S6%3D&s=khkzea&b=alert(1)&t=KVETZpnx3zr20
Submission: On October 14 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 10 HTTP transactions. The main IP is 2409:8c5c:100:18:3::3e7, located in China and belongs to CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN. The main domain is image.manamana.net.
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on February 11th 2023. Valid for: a year.
This is the only time image.manamana.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 149.104.32.246 40065 (CNSERVERS)
2 61.54.91.214 4837 (CHINA169-...)
2 2409:8c5c:100... 9808 (CHINAMOBI...)
10 4
Apex Domain
Subdomains		 Transfer
3 infutian.org
guj.infutian.org Failed
902 KB
2 manamana.net
image.manamana.net
3 KB
2 bootcdn.net
cdn.bootcdn.net — Cisco Umbrella Rank: 135454
46 KB
1 aqspw.com
njkl.aqspw.com
17 KB
0 qq.com Failed
qzone.qq.com Failed
10 5
Domain Requested by
3 guj.infutian.org image.manamana.net
2 image.manamana.net njkl.aqspw.com
guj.infutian.org
2 cdn.bootcdn.net njkl.aqspw.com
1 njkl.aqspw.com
0 qzone.qq.com Failed guj.infutian.org
10 5

This site contains no links.

Subject Issuer Validity Valid
njkl.aqspw.com
R3		 2023-10-11 -
2024-01-09		 3 months crt.sh
*.bootcdn.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-17 -
2024-08-17		 a year crt.sh
image.manamana.net
TrustAsia RSA DV TLS CA G2		 2023-02-11 -
2024-02-11		 a year crt.sh
guj.infutian.org
R3		 2023-08-15 -
2023-11-13		 3 months crt.sh

This page contains 1 frames:

Frame: https://qzone.qq.com/404.html
Frame ID: 4058A8ABF54D816271EACCEEC28EB8AB
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://njkl.aqspw.com/ Page URL
  2. https://image.manamana.net/1695367235000_ZuEFUzEo?hjhu677 Page URL
  3. https://image.manamana.net/1695367235000_ZuEFUzEo?id=OU2S6%3D&s=khkzea&b=alert(1)&t=KVETZpnx3zr20 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

80 %
HTTPS

33 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

967 kB
Transfer

1062 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://njkl.aqspw.com/ Page URL
  2. https://image.manamana.net/1695367235000_ZuEFUzEo?hjhu677 Page URL
  3. https://image.manamana.net/1695367235000_ZuEFUzEo?id=OU2S6%3D&s=khkzea&b=alert(1)&t=KVETZpnx3zr20 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://gnmsgl.singmwn53g.com/bbd_2.html&02733162jal HTTP 302
  • https://qzone.qq.com/404.html

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
njkl.aqspw.com/ 		43 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://njkl.aqspw.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.104.32.246 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx/onex /
Resource Hash
994fac5325f05809a17d679fde7f4f41da7d1d6d9e45788775bd96c97f7dcff4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 14 Oct 2023 09:42:09 GMT
ETag
W/"652656cd-ab5e"
Last-Modified
Wed, 11 Oct 2023 08:03:25 GMT
Server
nginx/onex
Transfer-Encoding
chunked
Vary
Accept-Encoding
fingerprint2.min.js
cdn.bootcdn.net/ajax/libs/fingerprintjs2/2.1.5/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/fingerprintjs2/2.1.5/fingerprint2.min.js
Requested by
Host: njkl.aqspw.com
URL: https://njkl.aqspw.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.54.91.214 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
hn.kd.dhcp
Software
nginx / PHP/7.4.19
Resource Hash
01e4e9d937625ad5af01149b9480d1e188782f0a389033a85cde22097a323294
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://njkl.aqspw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 09:43:15 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss, Cache Miss
strict-transport-security
max-age=63072000;
age
0
x-powered-by
PHP/7.4.19
server
nginx
vary
Accept-Encoding
access-control-max-age
1800
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
cache-control
max-age=31536000
access-control-allow-credentials
true
x-nws-log-uuid
17533566993117592627
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
expires
Sat, 14 Oct 2023 09:40:28 GMT
jquery.min.js
cdn.bootcdn.net/ajax/libs/jquery/3.6.0/ 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: njkl.aqspw.com
URL: https://njkl.aqspw.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.54.91.214 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
hn.kd.dhcp
Software
nginx / PHP/7.4.19
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://njkl.aqspw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 09:43:15 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss, Cache Miss
strict-transport-security
max-age=63072000;
age
0
x-powered-by
PHP/7.4.19
server
nginx
vary
Accept-Encoding
access-control-max-age
1800
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
cache-control
max-age=31536000
access-control-allow-credentials
true
x-nws-log-uuid
12572994458925755196
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
expires
Sat, 14 Oct 2023 09:42:01 GMT
1695367235000_ZuEFUzEo
image.manamana.net/ 		482 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://image.manamana.net/1695367235000_ZuEFUzEo?hjhu677
Requested by
Host: njkl.aqspw.com
URL: https://njkl.aqspw.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8c5c:100:18:3::3e7 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash
0af8193ea8a097e4c0a0cf0a9b8378c0b6c8ed7d7c9e0789438cd98b6e1ca28d

Request headers

Referer
https://njkl.aqspw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Access-Control-Max-Age
2592000
Age
0
Ali-Swift-Global-Savetime
1697276536
Cache-Control
public, max-age=31536000
Connection
keep-alive
Content-Disposition
inline; filename="1695367235000_ZuEFUzEo"; filename*=utf-8''1695367235000_ZuEFUzEo
Content-Encoding
gzip
Content-Length
370
Content-Md5
iLnYO+BHQ05NvYnU/T0BIw==
Content-Transfer-Encoding
binary
Content-Type
text/html
Date
Sat, 14 Oct 2023 09:42:16 GMT
EagleId
6f0c199f16972765367722792e
Etag
"FiltXxcLV91WP0sVWHRUthHBM7pD.gz"
Last-Modified
Fri, 22 Sep 2023 07:20:35 GMT
Server
Tengine
Timing-Allow-Origin
*
Vary
Accept-Encoding
Via
cache16.l2cn3125[62,62,200-0,M], cache9.l2cn3125[64,0], kunlun3.cn399[213,212,200-0,M], kunlun11.cn399[216,0]
X-Cache
MISS TCP_MISS dirn:-2:-2
X-Log
X-Log
X-M-Log
QNM:xs1171;QNM3
X-M-Reqid
7ZIAAFhvNY8E8I0X
X-Qiniu-Zone
0
X-Qnm-Cache
Hit
X-Reqid
P5sAAACPbU7awYkX
X-Svr
IO
X-Swift-CacheTime
31536000
X-Swift-SaveTime
Sat, 14 Oct 2023 09:42:16 GMT
1.jpg
guj.infutian.org/ciz/ 		0
0
index.js
guj.infutian.org/ciz/ 		1 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://guj.infutian.org/ciz/index.js
Requested by
Host: image.manamana.net
URL: https://image.manamana.net/1695367235000_ZuEFUzEo?hjhu677
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.104.32.246 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx/onex /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://image.manamana.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 09:42:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Oct 2023 11:00:59 GMT
Server
nginx/onex
ETag
W/"65252eeb-431"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 14 Oct 2023 21:42:18 GMT
Primary Request 1695367235000_ZuEFUzEo
image.manamana.net/ 		482 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://image.manamana.net/1695367235000_ZuEFUzEo?id=OU2S6%3D&s=khkzea&b=alert(1)&t=KVETZpnx3zr20
Requested by
Host: guj.infutian.org
URL: https://guj.infutian.org/ciz/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2409:8c5c:100:18:3::3e7 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash
0af8193ea8a097e4c0a0cf0a9b8378c0b6c8ed7d7c9e0789438cd98b6e1ca28d

Request headers

Referer
https://image.manamana.net/1695367235000_ZuEFUzEo?hjhu677
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Access-Control-Max-Age
2592000
Age
0
Ali-Swift-Global-Savetime
1697276539
Cache-Control
public, max-age=31536000
Connection
keep-alive
Content-Disposition
inline; filename="1695367235000_ZuEFUzEo"; filename*=utf-8''1695367235000_ZuEFUzEo
Content-Encoding
gzip
Content-Length
370
Content-Md5
iLnYO+BHQ05NvYnU/T0BIw==
Content-Transfer-Encoding
binary
Content-Type
text/html
Date
Sat, 14 Oct 2023 09:42:19 GMT
EagleId
6f0c199f16972765392446197e
Etag
"FiltXxcLV91WP0sVWHRUthHBM7pD.gz"
Last-Modified
Fri, 22 Sep 2023 07:20:35 GMT
Server
Tengine
Timing-Allow-Origin
*
Vary
Accept-Encoding
Via
cache29.l2cn3125[87,86,200-0,M], cache55.l2cn3125[89,0], kunlun11.cn399[251,250,200-0,M], kunlun11.cn399[252,0]
X-Cache
MISS TCP_MISS dirn:-2:-2
X-Log
X-Log
X-M-Log
QNM:xs1184;SRCPROXY:xs1751;SRC:5;SRCPROXY:5;QNM3:7
X-M-Reqid
OQcAAGNw7CIF8I0X
X-Qiniu-Zone
0
X-Qnm-Cache
Miss
X-Reqid
4O0AAAD3DCQF8I0X
X-Svr
IO
X-Swift-CacheTime
31536000
X-Swift-SaveTime
Sat, 14 Oct 2023 09:42:19 GMT
1.jpg
guj.infutian.org/ciz/ 		899 KB
900 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guj.infutian.org/ciz/1.jpg
Requested by
Host: image.manamana.net
URL: https://image.manamana.net/1695367235000_ZuEFUzEo?id=OU2S6%3D&s=khkzea&b=alert(1)&t=KVETZpnx3zr20
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.104.32.246 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx/onex /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://image.manamana.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 09:42:20 GMT
Last-Modified
Fri, 17 Feb 2023 05:22:11 GMT
Server
nginx/onex
ETag
"63ef0f03-e0d16"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
920854
Expires
Mon, 13 Nov 2023 09:42:20 GMT
index.js
guj.infutian.org/ciz/ 		1 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://guj.infutian.org/ciz/index.js
Requested by
Host: image.manamana.net
URL: https://image.manamana.net/1695367235000_ZuEFUzEo?id=OU2S6%3D&s=khkzea&b=alert(1)&t=KVETZpnx3zr20
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.104.32.246 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx/onex /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://image.manamana.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Sat, 14 Oct 2023 09:42:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Oct 2023 11:00:59 GMT
Server
nginx/onex
ETag
W/"65252eeb-431"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 14 Oct 2023 21:42:20 GMT
404.html
qzone.qq.com/
Redirect Chain
  • https://gnmsgl.singmwn53g.com/bbd_2.html&02733162jal
  • https://qzone.qq.com/404.html
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
guj.infutian.org
URL
https://guj.infutian.org/ciz/1.jpg
Domain
qzone.qq.com
URL
https://qzone.qq.com/404.html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

4 Console Messages

Source Level URL
Text
security warning URL: https://image.manamana.net/1695367235000_ZuEFUzEo?hjhu677
Message:
Mixed Content: The page at 'https://image.manamana.net/1695367235000_ZuEFUzEo?hjhu677' was loaded over HTTPS, but requested an insecure element 'http://guj.infutian.org/ciz/1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://image.manamana.net/1695367235000_ZuEFUzEo?hjhu677(Line 11)
Message:
Mixed Content: The page at 'https://image.manamana.net/1695367235000_ZuEFUzEo?hjhu677' was loaded over HTTPS, but requested an insecure element 'http://guj.infutian.org/ciz/1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://image.manamana.net/1695367235000_ZuEFUzEo?id=OU2S6%3D&s=khkzea&b=alert(1)&t=KVETZpnx3zr20
Message:
Mixed Content: The page at 'https://image.manamana.net/1695367235000_ZuEFUzEo?id=OU2S6%3D&s=khkzea&b=alert(1)&t=KVETZpnx3zr20' was loaded over HTTPS, but requested an insecure element 'http://guj.infutian.org/ciz/1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://image.manamana.net/1695367235000_ZuEFUzEo?id=OU2S6%3D&s=khkzea&b=alert(1)&t=KVETZpnx3zr20(Line 11)
Message:
Mixed Content: The page at 'https://image.manamana.net/1695367235000_ZuEFUzEo?id=OU2S6%3D&s=khkzea&b=alert(1)&t=KVETZpnx3zr20' was loaded over HTTPS, but requested an insecure element 'http://guj.infutian.org/ciz/1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html