fengyuejiji.uziuyuan.com Open in urlscan Pro
112.28.188.238 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://253808.app/
Effective URL:
https://fengyuejiji.uziuyuan.com/public/05350331ace933d80f924e88186d9c0a.apk
Submission: On July 27 via api (July 27th 2024, 2:04:17 am UTC) from BE — Scanned from US

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 8 domains to perform 17 HTTP transactions. The main IP is 112.28.188.238, located in and belongs to . The main domain is fengyuejiji.uziuyuan.com.
TLS certificate: Issued by R10 on June 20th 2024. Valid for: 3 months.

This is the only time fengyuejiji.uziuyuan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	182.16.88.179 182.16.88.179	45753 (NETSEC-HK...) (NETSEC-HK Netsec Limited)
2	154.212.144.81 154.212.144.81	136778 (AIJIASU-A...) (AIJIASU-AS-AP HONGKONG AI JIA SU NETWORK CO.)
6	170.106.97.208 170.106.97.208	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	49.51.131.121 49.51.131.121	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1 4	170.33.13.110 170.33.13.110	134963 (ASEPL-AS-...) (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited)
1 1	104.194.206.31 104.194.206.31	() ()
1 2	112.28.188.238 112.28.188.238	() ()
17	6

1 182.16.88.179 (Hong Kong) 1 redirects

ASN45753 (NETSEC-HK Netsec Limited, HK)

253808.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.212.144.81 (Hong Kong)

ASN136778 (AIJIASU-AS-AP HONGKONG AI JIA SU NETWORK CO.,LIMITED, HK)

yjc9ssgs.181286.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 170.106.97.208 (United States)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

8988m-1319002086.cos.accelerate.myqcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.51.131.121 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

appinstall-70fzjo84-1323046831.cos.accelerate.myqcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 170.33.13.110 (Singapore) 1 redirects

ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG)

foe5ix0fdis8wgpd.wisdomcounty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.194.206.31 (None, ) 1 redirects

ASN- ()

a2vuz3p.hongjishop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 112.28.188.238 (None, ) 1 redirects

ASN- ()

fengyuejiji.uziuyuan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	myqcloud.com 8988m-1319002086.cos.accelerate.myqcloud.com appinstall-70fzjo84-1323046831.cos.accelerate.myqcloud.com	869 KB
4	wisdomcounty.com 1 redirects foe5ix0fdis8wgpd.wisdomcounty.com	2 KB
2	uziuyuan.com 1 redirects fengyuejiji.uziuyuan.com	2 KB
2	181286.com yjc9ssgs.181286.com	2 KB
1	hongjishop.com a2vuz3p.hongjishop.com Failed	306 B
1	253808.app 1 redirects 253808.app	480 B
0	jshub.com Failed libs.jshub.com Failed
0	51.la Failed js.users.51.la Failed
17	8

	Domain	Requested by
6	8988m-1319002086.cos.accelerate.myqcloud.com	yjc9ssgs.181286.com
4	foe5ix0fdis8wgpd.wisdomcounty.com	1 redirects appinstall-70fzjo84-1323046831.cos.accelerate.myqcloud.com
2	fengyuejiji.uziuyuan.com	1 redirects appinstall-70fzjo84-1323046831.cos.accelerate.myqcloud.com
2	yjc9ssgs.181286.com
1	a2vuz3p.hongjishop.com	appinstall-70fzjo84-1323046831.cos.accelerate.myqcloud.com
1	appinstall-70fzjo84-1323046831.cos.accelerate.myqcloud.com	yjc9ssgs.181286.com
1	253808.app	1 redirects
0	libs.jshub.com Failed	fengyuejiji.uziuyuan.com
0	js.users.51.la Failed	yjc9ssgs.181286.com
17	9

This site contains no links.

Subject Issuer	Validity	Valid
689934.com R10	`2024-07-13` - `2024-10-11`	3 months	crt.sh
*.cos.na-siliconvalley.myqcloud.com GlobalSign Organization Validation CA - SHA256 - G3	`2024-03-11` - `2025-04-12`	a year	crt.sh
*.cos.eu-frankfurt.myqcloud.com GlobalSign Organization Validation CA - SHA256 - G3	`2024-03-06` - `2025-04-07`	a year	crt.sh
*.wisdomcounty.com Sectigo RSA Domain Validation Secure Server CA	`2024-06-16` - `2025-06-16`	a year	crt.sh
uziuyuan.com R10	`2024-06-20` - `2024-09-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://fengyuejiji.uziuyuan.com/public/05350331ace933d80f924e88186d9c0a.apk
Frame ID: 8F8AAE919D0DDC35BE091AB88C788AD6
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

风月直播

Page URL History Show full URLs

https://253808.app/ HTTP 302
https://yjc9ssgs.181286.com/mobie.html?channelCode=fydx2 Page URL
https://foe5ix0fdis8wgpd.wisdomcounty.com:6443/page/ni4sxb3b/install/c/eyJjIjoiZnlkeDIiLCJtIjoicklxRmpfbWk2VndBQUFHUThlNVRx... HTTP 302
https://a2vuz3p.hongjishop.com/ossapk/111edg95f608ed HTTP 302
https://fengyuejiji.uziuyuan.com/public/05350331ace933d80f924e88186d9c0a.apk?auth_key=1722045853-0-0-d2ae7dd6... HTTP 307
https://fengyuejiji.uziuyuan.com/public/05350331ace933d80f924e88186d9c0a.apk Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

76 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

6
IPs

4
Countries

874 kB
Transfer

874 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://253808.app/ HTTP 302
https://yjc9ssgs.181286.com/mobie.html?channelCode=fydx2 Page URL
https://foe5ix0fdis8wgpd.wisdomcounty.com:6443/page/ni4sxb3b/install/c/eyJjIjoiZnlkeDIiLCJtIjoicklxRmpfbWk2VndBQUFHUThlNVRxNjZTT3pPYW40TWZ5ZzVua1N6V2g4TzVNTHFxOHhJYng1ZVY4R2tTXzhGMzhWTGplYkdRSHRTYUw4VndCYmJwT2M5akF6Ynh3ZGJWSmZWQVh0MTlQb24wT2o3dHVPNl9xYUhmNnNEMjJHYnJObTIxbG5rNDdRIn0=?p=0 HTTP 302
https://a2vuz3p.hongjishop.com/ossapk/111edg95f608ed HTTP 302
https://fengyuejiji.uziuyuan.com/public/05350331ace933d80f924e88186d9c0a.apk?auth_key=1722045853-0-0-d2ae7dd68ef404e31680e6cda3a9c54a HTTP 307
https://fengyuejiji.uziuyuan.com/public/05350331ace933d80f924e88186d9c0a.apk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://253808.app/ HTTP 302
https://yjc9ssgs.181286.com/mobie.html?channelCode=fydx2

Request Chain 12

https://foe5ix0fdis8wgpd.wisdomcounty.com:6443/page/ni4sxb3b/install/c/eyJjIjoiZnlkeDIiLCJtIjoicklxRmpfbWk2VndBQUFHUThlNVRxNjZTT3pPYW40TWZ5ZzVua1N6V2g4TzVNTHFxOHhJYng1ZVY4R2tTXzhGMzhWTGplYkdRSHRTYUw4VndCYmJwT2M5akF6Ynh3ZGJWSmZWQVh0MTlQb24wT2o3dHVPNl9xYUhmNnNEMjJHYnJObTIxbG5rNDdRIn0=?p=0 HTTP 302
https://a2vuz3p.hongjishop.com/ossapk/111edg95f608ed

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

mobie.html Show response
yjc9ssgs.181286.com/
Redirect Chain

https://253808.app/
https://yjc9ssgs.181286.com/mobie.html?channelCode=fydx2

3 KB
1 KB

1243ms
244ms

Document
text/html

154.212.144.81
AIJIASU-AS-AP HON...

General

Check archive.org

Show headers Download Go to

Full URL

https://yjc9ssgs.181286.com/mobie.html?channelCode=fydx2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.212.144.81 , Hong Kong, ASN136778 (AIJIASU-AS-AP HONGKONG AI JIA SU NETWORK CO.,LIMITED, HK),

Reverse DNS

Software

nginx /

Resource Hash

8e6fb29ffc2c0673c790d0a1b5dfc4db7f2c2cf9fb098f222e048e8761b033a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Sat, 27 Jul 2024 02:04:02 GMT
etag: W/"669c8686-a32"
last-modified: Sun, 21 Jul 2024 03:54:46 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a990e6ae95c2114-HKG
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 27 Jul 2024 02:04:01 GMT
location: https://yJC9ssgs.181286.com/mobie.html?channelCode=fydx2
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qf5bjj2pTMXGomr6dXOqwcNDDgZVHhXg4GN%2FctEem1OFBi346BOWBNATGaPNl9FRRFfz%2FKkYhI0hJopm5sWXxEuAsc9MUtHY%2FqTJc%2B%2BuJ4zysInG0TfoWXVdV48kfILSPViNKskb8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-cache: BYPASS

GET
H/1.1 200
OK index.css
8988m-1319002086.cos.accelerate.myqcloud.com/tg13/css/ 1 KB
2 KB 1603ms
722ms Stylesheet
text/css 170.106.97.208
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://8988m-1319002086.cos.accelerate.myqcloud.com/tg13/css/index.css
Requested by: Host: yjc9ssgs.181286.com
URL: https://yjc9ssgs.181286.com/mobie.html?channelCode=fydx2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.106.97.208 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: 99cc065c841418ea47066f435fbdf0749db4e49f496110c39bbc3c649fd2a696

Request headers

Referer: https://yjc9ssgs.181286.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 02:04:04 GMT
x-cos-hash-crc64ecma: 6237874902783877363
Last-Modified: Wed, 10 Apr 2024 05:31:51 GMT
Server: tencent-cos
ETag: "6771e63437b85a11df1e495d35733aa6"
Content-Type: text/css
x-cos-request-id: NjZhNDU1OTNfMTM3N2U2MDlfMTBiNjhfMWM4ZDM3Yw==
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 1112

GET
H/1.1 200
OK 5657.js
8988m-1319002086.cos.accelerate.myqcloud.com/tg13/image/ 583 KB
583 KB 1606ms
724ms Image
application/javascript 170.106.97.208
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8988m-1319002086.cos.accelerate.myqcloud.com/tg13/image/5657.js
Requested by: Host: yjc9ssgs.181286.com
URL: https://yjc9ssgs.181286.com/mobie.html?channelCode=fydx2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.106.97.208 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: 8be877aa505895ee0b1b3f3baff601b25ac571aca9e82e6898fcfcc2aa75a4f9

Request headers

Referer: https://yjc9ssgs.181286.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 02:04:04 GMT
x-cos-hash-crc64ecma: 4947937493280480058
Last-Modified: Wed, 10 Apr 2024 05:31:52 GMT
Server: tencent-cos
ETag: "a1033d7c3204e2573052a63bca38f233"
Content-Type: application/javascript
x-cos-request-id: NjZhNDU1OTNfMzZmMDVlMGJfMjM5MzNfMWQyYjgyMQ==
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 596921

GET
H/1.1 200
OK 5656.png
8988m-1319002086.cos.accelerate.myqcloud.com/tg13/image/ 778 B
1 KB 1607ms
725ms Image
image/png 170.106.97.208
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8988m-1319002086.cos.accelerate.myqcloud.com/tg13/image/5656.png
Requested by: Host: yjc9ssgs.181286.com
URL: https://yjc9ssgs.181286.com/mobie.html?channelCode=fydx2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.106.97.208 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: d089d98b131aa49a390d51ae3a09014c865ccdd9415fe162eadeb16cbea7ec3a

Request headers

Referer: https://yjc9ssgs.181286.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 02:04:04 GMT
x-cos-hash-crc64ecma: 12489397935393994453
Last-Modified: Wed, 10 Apr 2024 05:31:52 GMT
Server: tencent-cos
ETag: "b4a3654e4ef4c909927c6e79527061ea"
Content-Type: image/png
x-cos-request-id: NjZhNDU1OTNfOTJmMDVlMGJfMjc1M2RfMWJmMjY3NA==
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 778

GET
H/1.1 200
OK txqp11.js
8988m-1319002086.cos.accelerate.myqcloud.com/tg13/image/ 78 KB
79 KB 1887ms
1025ms Image
application/javascript 170.106.97.208
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8988m-1319002086.cos.accelerate.myqcloud.com/tg13/image/txqp11.js
Requested by: Host: yjc9ssgs.181286.com
URL: https://yjc9ssgs.181286.com/mobie.html?channelCode=fydx2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.106.97.208 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: c4206b6e32107270409a0277a836af42fb3fa7cfe7c1e9e9d3e0151f98a7b815

Request headers

Referer: https://yjc9ssgs.181286.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 02:04:04 GMT
x-cos-hash-crc64ecma: 10258951659371648292
Last-Modified: Wed, 10 Apr 2024 05:31:52 GMT
Server: tencent-cos
ETag: "38ca596e4c3fe5b00550c65b7ec38d0c"
Content-Type: application/javascript
x-cos-request-id: NjZhNDU1OTNfNmM4N2Q4MWVfNzIzZF8xM2E3NTZj
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 80332

GET
H/1.1 200
OK kf.png
8988m-1319002086.cos.accelerate.myqcloud.com/tg13/image/ 69 KB
70 KB 1611ms
749ms Image
image/png 170.106.97.208
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8988m-1319002086.cos.accelerate.myqcloud.com/tg13/image/kf.png
Requested by: Host: yjc9ssgs.181286.com
URL: https://yjc9ssgs.181286.com/mobie.html?channelCode=fydx2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.106.97.208 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: 083289ecb888f1ab6781deed1f736375dc14d47b460a1706dffe9f1ac070f1f3

Request headers

Referer: https://yjc9ssgs.181286.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 02:04:04 GMT
x-cos-hash-crc64ecma: 7631126642759852666
Last-Modified: Wed, 10 Apr 2024 05:31:52 GMT
Server: tencent-cos
ETag: "6d48675f7de15a80d5ec525e77c33389"
Content-Type: image/png
x-cos-request-id: NjZhNDU1OTNfZjU3MDgwOV9jNTZiXzEzNGQ2MWU=
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 70753

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
8988m-1319002086.cos.accelerate.myqcloud.com/tg13/js/ 87 KB
88 KB 1861ms
1001ms Script
application/javascript 170.106.97.208
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://8988m-1319002086.cos.accelerate.myqcloud.com/tg13/js/jquery-3.5.1.min.js
Requested by: Host: yjc9ssgs.181286.com
URL: https://yjc9ssgs.181286.com/mobie.html?channelCode=fydx2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 170.106.97.208 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://yjc9ssgs.181286.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 02:04:04 GMT
x-cos-hash-crc64ecma: 4110229572790551004
Last-Modified: Wed, 10 Apr 2024 05:31:52 GMT
Server: tencent-cos
ETag: "dc5e7f18c8d36ac1d3d4753a87c98d0a"
Content-Type: application/javascript
x-cos-request-id: NjZhNDU1OTNfNjhjNTAwYl84MmQ3XzFiNzA3YzE=
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 89476

GET
H/1.1 200
OK appinstall.js Show response
appinstall-70fzjo84-1323046831.cos.accelerate.myqcloud.com/ 46 KB
47 KB 2531ms
1337ms Script
application/javascript 49.51.131.121
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://appinstall-70fzjo84-1323046831.cos.accelerate.myqcloud.com/appinstall.js
Requested by: Host: yjc9ssgs.181286.com
URL: https://yjc9ssgs.181286.com/mobie.html?channelCode=fydx2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.131.121 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: 7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd

Request headers

Referer: https://yjc9ssgs.181286.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 02:04:05 GMT
x-cos-hash-crc64ecma: 347442768461482610
Last-Modified: Mon, 11 Dec 2023 11:55:45 GMT
Server: tencent-cos
ETag: "8a14913360cd89f0812ea4971df5a16b"
Content-Type: application/javascript
x-cos-request-id: NjZhNDU1OTNfNTUxMDA2MDlfNTE5X2JkMzYxOA==
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47585

GET 21863121.js
js.users.51.la/ 0
0

GET
H2 404 favicon.ico
yjc9ssgs.181286.com/ 548 B
611 B 240ms
240ms Other
text/html 154.212.144.81
AIJIASU-AS-AP HON...

General

Check archive.org

Show headers Download Go to

Full URL: https://yjc9ssgs.181286.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.212.144.81 , Hong Kong, ASN136778 (AIJIASU-AS-AP HONGKONG AI JIA SU NETWORK CO.,LIMITED, HK),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://yjc9ssgs.181286.com/mobie.html?channelCode=fydx2
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 02:04:05 GMT
server: nginx
content-length: 548
content-type: text/html

POST
H2 200 init Show response
foe5ix0fdis8wgpd.wisdomcounty.com/web/ni4sxb3b/fydx2/ 797 B
1 KB 1233ms
289ms XHR
application/json 170.33.13.110
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://foe5ix0fdis8wgpd.wisdomcounty.com:6443/web/ni4sxb3b/fydx2/init?channelCode=fydx2&av=0&cv=0&hash=&server=https%3A%2F%2Ffoe5ix0fdis8wgpd.wisdomcounty.com%3A6443&sw=p6Cmpg&sh=p6Smpg&sp=1&li=p6GkuKehuKa4rg

Requested by

Host: appinstall-70fzjo84-1323046831.cos.accelerate.myqcloud.com
URL: https://appinstall-70fzjo84-1323046831.cos.accelerate.myqcloud.com/appinstall.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

170.33.13.110 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),

Reverse DNS

Software

NgxFence /

Resource Hash

88321e3dbec16cfdacf23fc0dedec56a30e1d8e6757db7cc6cac73c6ff232bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://yjc9ssgs.181286.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 27 Jul 2024 02:04:06 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
server: NgxFence
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://yjc9ssgs.181286.com
access-control-allow-credentials: true

POST
H2 200 eyJjIjoiZnlkeDIiLCJtIjoieGtWdk1GT3ZUU29BQUFHUThlNVRxNEUtZkdleUVob3psdVpFSTZrTU9aRFFfT1VScWVDcVZVMnNXY0Jzck1tSnJLNVBWX0RRVEZCTmYycFFtUExtSmplcmRsVVpaX2NabkFjQWdKdzFZYy1hcmJrR1BXLUJLcGt3c3F1UzU0YUdwd...
foe5ix0fdis8wgpd.wisdomcounty.com/web/ni4sxb3b/fydx2/clicked/c/ 0
384 B 282ms
281ms Ping
text/plain 170.33.13.110
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://foe5ix0fdis8wgpd.wisdomcounty.com:6443/web/ni4sxb3b/fydx2/clicked/c/eyJjIjoiZnlkeDIiLCJtIjoieGtWdk1GT3ZUU29BQUFHUThlNVRxNEUtZkdleUVob3psdVpFSTZrTU9aRFFfT1VScWVDcVZVMnNXY0Jzck1tSnJLNVBWX0RRVEZCTmYycFFtUExtSmplcmRsVVpaX2NabkFjQWdKdzFZYy1hcmJrR1BXLUJLcGt3c3F1UzU0YUdwdG12RFJLcGN3In0=?p=0&ref=https%3A%2F%2Fyjc9ssgs.181286.com%2Fmobie.html%3FchannelCode%3Dfydx2&ac=0&cc=0&channelCode=fydx2

Requested by

Host: appinstall-70fzjo84-1323046831.cos.accelerate.myqcloud.com
URL: https://appinstall-70fzjo84-1323046831.cos.accelerate.myqcloud.com/appinstall.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

170.33.13.110 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),

Reverse DNS

Software

NgxFence /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://yjc9ssgs.181286.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 02:04:11 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
server: NgxFence
vary: Origin, Origin
access-control-allow-origin: https://yjc9ssgs.181286.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0

GET

111edg95f608ed
a2vuz3p.hongjishop.com/ossapk/
Redirect Chain

https://foe5ix0fdis8wgpd.wisdomcounty.com:6443/page/ni4sxb3b/install/c/eyJjIjoiZnlkeDIiLCJtIjoicklxRmpfbWk2VndBQUFHUThlNVRxNjZTT3pPYW40TWZ5ZzVua1N6V2g4TzVNTHFxOHhJYng1ZVY4R2tTXzhGMzhWTGplYkdRSHRTYU...
https://a2vuz3p.hongjishop.com/ossapk/111edg95f608ed

0
0

POST
H2 200 eyJjIjoiZnlkeDIiLCJtIjoieGtWdk1GT3ZUU29BQUFHUThlNVRxNEUtZkdleUVob3psdVpFSTZrTU9aRFFfT1VScWVDcVZVMnNXY0Jzck1tSnJLNVBWX0RRVEZCTmYycFFtUExtSmplcmRsVVpaX2NabkFjQWdKdzFZYy1hcmJrR1BXLUJLcGt3c3F1UzU0YUdwd...
foe5ix0fdis8wgpd.wisdomcounty.com/web/ni4sxb3b/fydx2/clicked/c/ 0
384 B 282ms
282ms Ping
text/plain 170.33.13.110
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: appinstall-70fzjo84-1323046831.cos.accelerate.myqcloud.com
URL: https://appinstall-70fzjo84-1323046831.cos.accelerate.myqcloud.com/appinstall.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

170.33.13.110 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),

Reverse DNS

Software

NgxFence /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://yjc9ssgs.181286.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 02:04:12 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
server: NgxFence
vary: Origin, Origin
access-control-allow-origin: https://yjc9ssgs.181286.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0

GET
H2

403

Primary Request 05350331ace933d80f924e88186d9c0a.apk Show response
fengyuejiji.uziuyuan.com/public/
Redirect Chain

https://foe5ix0fdis8wgpd.wisdomcounty.com:6443/page/ni4sxb3b/install/c/eyJjIjoiZnlkeDIiLCJtIjoicklxRmpfbWk2VndBQUFHUThlNVRxNjZTT3pPYW40TWZ5ZzVua1N6V2g4TzVNTHFxOHhJYng1ZVY4R2tTXzhGMzhWTGplYkdRSHRTYU...
https://a2vuz3p.hongjishop.com/ossapk/111edg95f608ed
https://fengyuejiji.uziuyuan.com/public/05350331ace933d80f924e88186d9c0a.apk?auth_key=1722045853-0-0-d2ae7dd68ef404e31680e6cda3a9c54a
https://fengyuejiji.uziuyuan.com/public/05350331ace933d80f924e88186d9c0a.apk

4 KB
1 KB

291ms
290ms

Document
text/html

112.28.188.238

General

Check archive.org

Show headers Download Go to

Full URL: https://fengyuejiji.uziuyuan.com/public/05350331ace933d80f924e88186d9c0a.apk
Requested by: Host: appinstall-70fzjo84-1323046831.cos.accelerate.myqcloud.com
URL: https://appinstall-70fzjo84-1323046831.cos.accelerate.myqcloud.com/appinstall.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 112.28.188.238 -, , ASN (),
Reverse DNS
Software: NgxFence /
Resource Hash: 70ca1ca91472b32d0b78e95aebefdab77df6b6dae000df8bee46996882812e76

Request headers

Referer: https://yjc9ssgs.181286.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: text/html
date: Sat, 27 Jul 2024 02:04:16 GMT
server: NgxFence

Redirect headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 167
content-type: text/html
date: Sat, 27 Jul 2024 02:04:15 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: https://fengyuejiji.uziuyuan.com/public/05350331ace933d80f924e88186d9c0a.apk
server: NgxFence

GET fontawesome.min.css
libs.jshub.com/font-awesome/5.10.0-12/css/ 0
0

GET solid.min.css
libs.jshub.com/font-awesome/5.10.0-12/css/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.users.51.la
URL: https://js.users.51.la/21863121.js

Domain: a2vuz3p.hongjishop.com
URL: https://a2vuz3p.hongjishop.com/ossapk/111edg95f608ed

Domain: libs.jshub.com
URL: https://libs.jshub.com/font-awesome/5.10.0-12/css/fontawesome.min.css

Domain: libs.jshub.com
URL: https://libs.jshub.com/font-awesome/5.10.0-12/css/solid.min.css

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://yjc9ssgs.181286.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://fengyuejiji.uziuyuan.com/public/05350331ace933d80f924e88186d9c0a.apk Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

253808.app
8988m-1319002086.cos.accelerate.myqcloud.com
a2vuz3p.hongjishop.com
appinstall-70fzjo84-1323046831.cos.accelerate.myqcloud.com
fengyuejiji.uziuyuan.com
foe5ix0fdis8wgpd.wisdomcounty.com
js.users.51.la
libs.jshub.com
yjc9ssgs.181286.com
a2vuz3p.hongjishop.com
js.users.51.la
libs.jshub.com
104.194.206.31
112.28.188.238
154.212.144.81
170.106.97.208
170.33.13.110
182.16.88.179
49.51.131.121
083289ecb888f1ab6781deed1f736375dc14d47b460a1706dffe9f1ac070f1f3
70ca1ca91472b32d0b78e95aebefdab77df6b6dae000df8bee46996882812e76
7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd
88321e3dbec16cfdacf23fc0dedec56a30e1d8e6757db7cc6cac73c6ff232bb3
8be877aa505895ee0b1b3f3baff601b25ac571aca9e82e6898fcfcc2aa75a4f9
8e6fb29ffc2c0673c790d0a1b5dfc4db7f2c2cf9fb098f222e048e8761b033a8
99cc065c841418ea47066f435fbdf0749db4e49f496110c39bbc3c649fd2a696
c4206b6e32107270409a0277a836af42fb3fa7cfe7c1e9e9d3e0151f98a7b815
d089d98b131aa49a390d51ae3a09014c865ccdd9415fe162eadeb16cbea7ec3a
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

fengyuejiji.uziuyuan.com Open in urlscan Pro 112.28.188.238 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

76 %HTTPS

0 %IPv6

8 Domains

9 Subdomains

6 IPs

4 Countries

874 kBTransfer

874 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

Indicators

fengyuejiji.uziuyuan.com Open in urlscan Pro
112.28.188.238 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

76 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

6
IPs

4
Countries

874 kB
Transfer

874 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions