urlscan.io logo urlscan.io
SecurityTrails logo

x119583zi6k5cgc1.com Open in urlscan Pro
172.247.94.250  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://19ser.com/
Effective URL: https://x119583zi6k5cgc1.com:58009/dh/index.html
Submission: On September 26 via manual from HK — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 10 HTTP transactions. The main IP is 172.247.94.250, located in United States and belongs to CNSERVERS, US. The main domain is x119583zi6k5cgc1.com.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on July 4th 2024. Valid for: a year.
This is the only time x119583zi6k5cgc1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 154.64.7.66 139646 (HKMTC-AS-...)
1 1 38.143.11.125 40065 (CNSERVERS)
4 172.247.94.250 40065 (CNSERVERS)
1 223.111.134.106 56046 (CMNET-JIA...)
1 36.158.237.92 56047 (CMNET-HUN...)
1 104.193.88.109 55967 (BAIDU Bei...)
1 104.21.233.159 13335 (CLOUDFLAR...)
1 172.247.94.194 40065 (CNSERVERS)
10 7
1    154.64.7.66 (San Jose, United States)

ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK)
19ser.com
1    38.143.11.125 (Los Angeles, United States)

ASN40065 (CNSERVERS, US)
ving.vingdnd.com
4    172.247.94.250 (United States)

ASN40065 (CNSERVERS, US)
x119583zi6k5cgc1.com
1    223.111.134.106 (China)

ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN)
files.shenqizhilv.com
1    36.158.237.92 (China)

ASN56047 (CMNET-HUNAN-AP China Mobile communications corporation, CN)
users.shenqizhilv.com
1    104.193.88.109 (United States)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
imgsrc.baidu.com
1    104.21.233.159 (None, )

ASN13335 (CLOUDFLARENET, US)
img.mresou.com
1    172.247.94.194 (United States)

ASN40065 (CNSERVERS, US)
www.asujp.com
Apex Domain
Subdomains		 Transfer
4 x119583zi6k5cgc1.com
x119583zi6k5cgc1.com
10 KB
2 shenqizhilv.com
files.shenqizhilv.com
users.shenqizhilv.com — Cisco Umbrella Rank: 896663
2 KB
1 asujp.com
www.asujp.com
1 mresou.com
img.mresou.com — Cisco Umbrella Rank: 684521
134 KB
1 baidu.com
imgsrc.baidu.com — Cisco Umbrella Rank: 96384
86 KB
1 vingdnd.com
ving.vingdnd.com
246 B
1 19ser.com
19ser.com
558 B
10 7
Domain Requested by
4 x119583zi6k5cgc1.com 19ser.com
x119583zi6k5cgc1.com
1 www.asujp.com files.shenqizhilv.com
1 img.mresou.com x119583zi6k5cgc1.com
1 imgsrc.baidu.com x119583zi6k5cgc1.com
1 users.shenqizhilv.com x119583zi6k5cgc1.com
1 files.shenqizhilv.com x119583zi6k5cgc1.com
1 ving.vingdnd.com 1 redirects
1 19ser.com
10 8

This site contains links to these domains. Also see Links.

Domain
932.ads4f6gf46.com
www.sjhfkhgut009.com
10w4rb9f.com
Subject Issuer Validity Valid
asia9.youporn.la
Certum Domain Validation CA SHA2		 2024-07-04 -
2025-08-03		 a year crt.sh
*.shenqizhilv.com
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-02-24 -
2025-03-27		 a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2024-07-08 -
2025-08-09		 a year crt.sh
mresou.com
WE1		 2024-08-26 -
2024-11-24		 3 months crt.sh
*.asujp.com
Certum Domain Validation CA SHA2		 2024-07-04 -
2025-08-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://x119583zi6k5cgc1.com:58009/dh/index.html
Frame ID: 259401CAB7AFF85612C1BA4D782CA3BF
Requests: 9 HTTP requests in this frame

Frame: https://www.asujp.com:58081/api.html
Frame ID: 92D41D8B6142B263B8D410CA22E8A68B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

x119583zi6k5cgc1.com

Page URL History Show full URLs

  1. http://19ser.com/ HTTP 307
    https://19ser.com/ HTTP 307
    http://19ser.com/ Page URL
  2. https://ving.vingdnd.com:2365/?u=http://19ser.com/&p=/ HTTP 302
    https://x119583zi6k5cgc1.com:58009/dh/index.html Page URL

Page Statistics

10
Requests

90 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

231 kB
Transfer

236 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://19ser.com/ HTTP 307
    https://19ser.com/ HTTP 307
    http://19ser.com/ Page URL
  2. https://ving.vingdnd.com:2365/?u=http://19ser.com/&p=/ HTTP 302
    https://x119583zi6k5cgc1.com:58009/dh/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://19ser.com/ HTTP 307
  • https://19ser.com/ HTTP 307
  • http://19ser.com/

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
19ser.com/
Redirect Chain
  • http://19ser.com/
  • https://19ser.com/
  • http://19ser.com/
429 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
http://19ser.com/
Protocol
HTTP/1.0
Server
154.64.7.66 San Jose, United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=259200
Connection
close
Content-Length
429
Content-Type
text/html;charset=utf-8

Redirect headers

Location
http://19ser.com/
Non-Authoritative-Reason
HttpsUpgrades
Primary Request index.html
x119583zi6k5cgc1.com/dh/
Redirect Chain
  • https://ving.vingdnd.com:2365/?u=http://19ser.com/&p=/
  • https://x119583zi6k5cgc1.com:58009/dh/index.html
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://x119583zi6k5cgc1.com:58009/dh/index.html
Requested by
Host: 19ser.com
URL: http://19ser.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.247.94.250 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
5b600074f76aa32e670207dd96db117cb5e6ec22e139e1f4df90e6ef8a9529bb

Request headers

Referer
http://19ser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=1689
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1230
Content-Type
text/html
Date
Thu, 26 Sep 2024 03:02:25 GMT
ETag
"66f4c8b3-aaf"
Expires
Thu, 26 Sep 2024 03:03:25 GMT
Last-Modified
Thu, 26 Sep 2024 02:36:35 GMT
Server
nginx
Vary
Accept-Encoding
X-Cache
HIT

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 26 Sep 2024 12:17:14 GMT
Location
https://x119583zi6k5cgc1.com:58009/dh/index.html
Server
nginx
X-Frame-Options
SAMEORIGIN
dh.css
x119583zi6k5cgc1.com/dh/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://x119583zi6k5cgc1.com:58009/dh/dh.css
Requested by
Host: x119583zi6k5cgc1.com
URL: https://x119583zi6k5cgc1.com:58009/dh/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.247.94.250 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
11759bdc3fa2e090a7012986f6f3d00d601450175159cbdcd7b3636ba9272298

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://x119583zi6k5cgc1.com:58009/dh/index.html

Response headers

Cache-Control
max-age=3463
Content-Encoding
gzip
ETag
"64eb82f9-17e6"
Connection
keep-alive
Expires
Sun, 22 Sep 2024 22:31:11 GMT
X-Cache
HIT
Content-Length
1497
Date
Sun, 22 Sep 2024 22:30:11 GMT
Content-Type
text/css
Last-Modified
Sun, 27 Aug 2023 17:08:09 GMT
Server
nginx
Vary
Accept-Encoding
link.png
x119583zi6k5cgc1.com/dh/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x119583zi6k5cgc1.com:58009/dh/link.png
Requested by
Host: x119583zi6k5cgc1.com
URL: https://x119583zi6k5cgc1.com:58009/dh/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.247.94.250 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
7f3ef832d89b914b86626a28bda611ad59ec0ca56d5d9147788c2ebaab70f199

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://x119583zi6k5cgc1.com:58009/dh/index.html

Response headers

Cache-Control
max-age=3472
ETag
"64eb82f9-1269"
Connection
keep-alive
Expires
Sun, 22 Sep 2024 22:31:12 GMT
Accept-Ranges
bytes
X-Cache
HIT
Content-Length
4713
Date
Sun, 22 Sep 2024 22:30:12 GMT
Content-Type
image/png
Last-Modified
Sun, 27 Aug 2023 17:08:09 GMT
Server
nginx
bk.png
x119583zi6k5cgc1.com/dh/ 		999 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x119583zi6k5cgc1.com:58009/dh/bk.png
Requested by
Host: x119583zi6k5cgc1.com
URL: https://x119583zi6k5cgc1.com:58009/dh/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.247.94.250 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
056829fe951fc1db4ad7c5e9d61f5d729a82b7419a9fd1f3cd5314e9bfd82649

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://x119583zi6k5cgc1.com:58009/dh/index.html

Response headers

Cache-Control
max-age=3490
ETag
"64eb82f8-3e7"
Connection
keep-alive
Expires
Sun, 22 Sep 2024 22:31:11 GMT
Accept-Ranges
bytes
X-Cache
HIT
Content-Length
999
Date
Sun, 22 Sep 2024 22:30:11 GMT
Content-Type
image/png
Last-Modified
Sun, 27 Aug 2023 17:08:08 GMT
Server
nginx
tj.js
files.shenqizhilv.com/js/ 		292 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://files.shenqizhilv.com:36666/js/tj.js
Requested by
Host: x119583zi6k5cgc1.com
URL: https://x119583zi6k5cgc1.com:58009/dh/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.111.134.106 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
1b97f997ba0aaf74b21a52aba026e8e702471a29069910c61e0a9831388c9ce5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://x119583zi6k5cgc1.com:58009/

Response headers

strict-transport-security
max-age=31536000
etag
"659be453-124"
accept-ranges
bytes
content-length
292
date
Thu, 26 Sep 2024 12:23:27 GMT
content-type
application/javascript
last-modified
Mon, 08 Jan 2024 12:02:27 GMT
server
nginx
dh.js
users.shenqizhilv.com/dh/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://users.shenqizhilv.com:59168/dh/dh.js?v=0.25111422092475455
Requested by
Host: x119583zi6k5cgc1.com
URL: https://x119583zi6k5cgc1.com:58009/dh/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
36.158.237.92 , China, ASN56047 (CMNET-HUNAN-AP China Mobile communications corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
9e52287486a040a0fb76b545d22fbc8b108248a6b68a1a2445dbf705d9da9cfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://x119583zi6k5cgc1.com:58009/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"66e29146-933"
date
Thu, 26 Sep 2024 12:17:15 GMT
content-type
application/javascript
last-modified
Thu, 12 Sep 2024 06:59:18 GMT
server
nginx
vary
Accept-Encoding
8601a18b87d6277f8f97b8026e381f30e924fc07.gif
imgsrc.baidu.com/forum/pic/item/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgsrc.baidu.com/forum/pic/item/8601a18b87d6277f8f97b8026e381f30e924fc07.gif
Requested by
Host: x119583zi6k5cgc1.com
URL: https://x119583zi6k5cgc1.com:58009/dh/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.193.88.109 , United States, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
22dd05e1e20dc6e652693a590b32d2d923d942b260652ccef4b1f1a7b53df846

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://x119583zi6k5cgc1.com:58009/

Response headers

etag
503896351ff6af77c6d4a13861c195f8
expires
Sat, 26 Oct 2024 12:17:19 GMT
access-control-allow-origin
*
content-length
87349
date
Thu, 26 Sep 2024 12:17:19 GMT
content-type
image/gif
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
JSP3/2.0.14
23112003.gif
img.mresou.com/img/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mresou.com/img/23112003.gif
Requested by
Host: x119583zi6k5cgc1.com
URL: https://x119583zi6k5cgc1.com:58009/dh/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.233.159 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e6a4649882b910cdadab83c2d4d2f6770325c63fa542e8e042d39c5549b9afd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://x119583zi6k5cgc1.com:58009/

Response headers

cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"655b66f7-2149a"
age
5386076
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Qgw%2FAQugcrUrKez7r6zcNYxjf6cY%2FaG0PqjzAmFcBLd1%2FVj25cUkwaoMx%2FLTxz1ljT9p%2BStZk21bVj7gHp%2BDw9HMTONeu7Q1VMWT3GOXnxWSSa8Itabh5QEwJblGTCc5g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c9330a05adea524-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
136346
date
Thu, 26 Sep 2024 12:17:16 GMT
content-type
image/gif
last-modified
Mon, 20 Nov 2023 14:02:31 GMT
vary
Accept-Encoding
server
cloudflare
api.html
www.asujp.com/ Frame 92D4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.asujp.com:58081/api.html
Requested by
Host: files.shenqizhilv.com
URL: https://files.shenqizhilv.com:36666/js/tj.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.247.94.194 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://x119583zi6k5cgc1.com:58009/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
292
content-type
text/html
date
Thu, 26 Sep 2024 12:17:34 GMT
etag
"64a5e1ca-124"
last-modified
Wed, 05 Jul 2023 21:34:02 GMT
server
nginx
strict-transport-security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| randomNum object| secdos string| secdotxt string| secdotxts string| domain function| IsPC function| myFunction object| dh_hf_1_sjurl object| dh_hf_1_sjimg number| dh_hf_1_sj object| dh_hf_2_sjurl object| dh_hf_2_sjimg number| dh_hf_2_sj object| iframe

1 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 2E1E8F433F886E17