login.etolquz.cn Open in urlscan Pro
122.10.18.60 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://login.etolquz.cn/
Submission: On August 25 via automatic, source certstream-suspicious (August 25th 2023, 10:02:50 am UTC) — Scanned from DE

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 122.10.18.60, located in Hong Kong and belongs to DXTL-HK DXTL Tseung Kwan O Service, HK. The main domain is login.etolquz.cn.
TLS certificate: Issued by R3 on August 25th 2023. Valid for: 3 months.

This is the only time login.etolquz.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	122.10.18.60 122.10.18.60	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
1	120.26.45.243 120.26.45.243	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	120.26.15.84 120.26.15.84	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
7	4

5 122.10.18.60 (Hong Kong)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

login.etolquz.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 120.26.45.243 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

tongji.dcloud.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 120.26.15.84 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

cdn.dcloud.net.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	etolquz.cn login.etolquz.cn	221 KB
1	dcloud.net.cn cdn.dcloud.net.cn — Cisco Umbrella Rank: 75772	579 B
1	dcloud.io tongji.dcloud.io — Cisco Umbrella Rank: 374970	131 B
7	3

	Domain	Requested by
5	login.etolquz.cn	login.etolquz.cn
1	cdn.dcloud.net.cn	login.etolquz.cn
1	tongji.dcloud.io	login.etolquz.cn
7	3

This site contains no links.

Subject Issuer	Validity	Valid
login.etolquz.cn R3	`2023-08-25` - `2023-11-23`	3 months	crt.sh
*.dcloud.io Certum Domain Validation CA SHA2	`2022-10-17` - `2023-11-15`	a year	crt.sh
*.dcloud.net.cn Certum Domain Validation CA SHA2	`2023-08-07` - `2024-09-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.etolquz.cn/
Frame ID: 8D83B7743DDAB7357F0E6B10A506E00A
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

221 kB
Transfer

611 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response login.etolquz.cn/	783 B 1014 B	1938ms 229ms	Document text/html	122.10.18.60 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Full URL https://login.etolquz.cn/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 122.10.18.60 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash `627d9b00340e01ecbcba4de289f35e8b6cbe3eb0eecd501e71f1d1e1fc8ee99d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Length 783 Content-Type text/html Date Fri, 25 Aug 2023 10:02:41 GMT ETag "642fe593-30f" Last-Modified Fri, 07 Apr 2023 09:42:43 GMT Server nginx
GET H/1.1	200 OK	index.63b34199.css login.etolquz.cn/static/	94 KB 29 KB	454ms 454ms	Stylesheet text/css	122.10.18.60 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Full URL https://login.etolquz.cn/static/index.63b34199.css Requested by Host: login.etolquz.cn URL: https://login.etolquz.cn/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 122.10.18.60 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash `0cbe21cbd48de683ef65476d5eef01398e97cd11130758352c99f9eb5b266da6` Request headers accept-language de-DE,de;q=0.9 Referer https://login.etolquz.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Fri, 25 Aug 2023 10:02:41 GMT Content-Encoding gzip Last-Modified Fri, 07 Apr 2023 09:42:11 GMT Server nginx ETag W/"642fe573-17884" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Connection keep-alive
GET H/1.1	200 OK	chunk-vendors.5e33290b.js Show response login.etolquz.cn/static/js/	475 KB 176 KB	458ms 457ms	Script application/javascript	122.10.18.60 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Full URL https://login.etolquz.cn/static/js/chunk-vendors.5e33290b.js Requested by Host: login.etolquz.cn URL: https://login.etolquz.cn/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 122.10.18.60 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash `61a6f985cedbf892278bdb32f7d207d16ceac25c7475b4660b4365b75dcc5625` Request headers accept-language de-DE,de;q=0.9 Referer https://login.etolquz.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Fri, 25 Aug 2023 10:02:41 GMT Content-Encoding gzip Last-Modified Fri, 07 Apr 2023 09:42:12 GMT Server nginx ETag W/"642fe574-76a5c" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	index.50cc763a.js Show response login.etolquz.cn/static/js/	37 KB 13 KB	682ms 228ms	Script application/javascript	122.10.18.60 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Full URL https://login.etolquz.cn/static/js/index.50cc763a.js Requested by Host: login.etolquz.cn URL: https://login.etolquz.cn/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 122.10.18.60 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash `f47ee5d8d92f6a9ab737482a9fabf5d91207967233b35bd093d8dfeaa3d0d7c4` Request headers accept-language de-DE,de;q=0.9 Referer https://login.etolquz.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Fri, 25 Aug 2023 10:02:41 GMT Content-Encoding gzip Last-Modified Fri, 07 Apr 2023 09:42:12 GMT Server nginx ETag W/"642fe574-94c2" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	pages-index.065ed4ce.js Show response login.etolquz.cn/static/js/	2 KB 1 KB	227ms 227ms	Script application/javascript	122.10.18.60 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Full URL https://login.etolquz.cn/static/js/pages-index.065ed4ce.js Requested by Host: login.etolquz.cn URL: https://login.etolquz.cn/static/js/index.50cc763a.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 122.10.18.60 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash `e42c1525b19d3167313230db27004231de7f6ea8d8764c234c78e2ff49f3019f` Request headers accept-language de-DE,de;q=0.9 Referer https://login.etolquz.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Fri, 25 Aug 2023 10:02:42 GMT Content-Encoding gzip Last-Modified Fri, 16 Jun 2023 05:47:24 GMT Server nginx ETag W/"648bf76c-9b2" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive
GET H2	200	stat Show response tongji.dcloud.io/uni/	20 B 131 B	2956ms 1873ms	XHR application/json	120.26.45.243 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://tongji.dcloud.io/uni/stat?usv=3.7.3&conf=%7B%22ak%22%3A%22__UNI__E08AAE1%22%7D Requested by Host: login.etolquz.cn URL: https://login.etolquz.cn/static/js/chunk-vendors.5e33290b.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 120.26.45.243 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software / Resource Hash `7d062e5ee6458e05712fbac24cde5e05b7bfb6307dce943029051b2712b92056` Request headers accept-language de-DE,de;q=0.9 Referer https://login.etolquz.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers access-control-allow-origin * date Fri, 25 Aug 2023 10:02:45 GMT cache-control no-cache content-length 20 content-type application/json
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	shadow-grey.png cdn.dcloud.net.cn/img/	136 B 579 B	1394ms 311ms	Image image/png	120.26.15.84 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.dcloud.net.cn/img/shadow-grey.png Requested by Host: login.etolquz.cn URL: https://login.etolquz.cn/static/index.63b34199.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 120.26.15.84 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash `ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f` Request headers accept-language de-DE,de;q=0.9 Referer https://login.etolquz.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36 Response headers Date Fri, 25 Aug 2023 10:02:46 GMT Last-Modified Thu, 06 Jun 2019 06:42:07 GMT Server nginx ETag "5cf8b5bf-88" Content-Type image/png Cache-Control max-age=7200 Connection close Accept-Ranges bytes Content-Length 136 Expires Fri, 25 Aug 2023 12:02:46 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dcloud.net.cn/	1970-01-20 23:51:57	Name: __uni__uid Value: CgIBYGTofEYhfWq+himEAg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.dcloud.net.cn
login.etolquz.cn
tongji.dcloud.io
120.26.15.84
120.26.45.243
122.10.18.60
0cbe21cbd48de683ef65476d5eef01398e97cd11130758352c99f9eb5b266da6
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3
61a6f985cedbf892278bdb32f7d207d16ceac25c7475b4660b4365b75dcc5625
627d9b00340e01ecbcba4de289f35e8b6cbe3eb0eecd501e71f1d1e1fc8ee99d
7d062e5ee6458e05712fbac24cde5e05b7bfb6307dce943029051b2712b92056
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
e42c1525b19d3167313230db27004231de7f6ea8d8764c234c78e2ff49f3019f
f47ee5d8d92f6a9ab737482a9fabf5d91207967233b35bd093d8dfeaa3d0d7c4

login.etolquz.cn Open in urlscan Pro 122.10.18.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

221 kBTransfer

611 kBSize

1 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

1 Cookies

Indicators

login.etolquz.cn Open in urlscan Pro
122.10.18.60 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

221 kB
Transfer

611 kB
Size

1
Cookies

7 HTTP transactions
1 data transactions