urlscan.io logo urlscan.io
SecurityTrails logo

yjk4yzjj.jxhuadelai.com Open in urlscan Pro
154.91.91.50  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app678.top/
Effective URL: https://yjk4yzjj.jxhuadelai.com/0fdyrz?dab3c6=47414ca583537c754a9cad9d4e07dcd4
Submission Tags: @ecarlesi threat phishing Search All
Submission: On December 28 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 7 HTTP transactions. The main IP is 154.91.91.50, located in Seychelles and belongs to TERAEXCH, US. The main domain is yjk4yzjj.jxhuadelai.com.
TLS certificate: Issued by R11 on December 26th 2024. Valid for: 3 months.
This is the only time yjk4yzjj.jxhuadelai.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 47.83.223.210 45102 (ALIBABA-C...)
1 23.186.216.91 61368 (DaFeiYun_...)
3 154.91.91.50 399077 (TERAEXCH)
7 4
Apex Domain
Subdomains		 Transfer
3 jxhuadelai.com
yjk4yzjj.jxhuadelai.com
230 KB
1 rixinlife.com
yjq4y.rixinlife.com
393 B
1 app678.top
app678.top
1 KB
7 3
Domain Requested by
3 yjk4yzjj.jxhuadelai.com yjq4y.rixinlife.com
yjk4yzjj.jxhuadelai.com
1 yjq4y.rixinlife.com app678.top
1 app678.top
7 3

This site contains no links.

Subject Issuer Validity Valid
app678.top
R11		 2024-12-27 -
2025-03-27		 3 months crt.sh
*.rixinlife.com
R10		 2024-12-23 -
2025-03-23		 3 months crt.sh
jxhuadelai.com
R11		 2024-12-26 -
2025-03-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://yjk4yzjj.jxhuadelai.com/0fdyrz?dab3c6=47414ca583537c754a9cad9d4e07dcd4
Frame ID: C47DC15582832A94D08E344459229AEC
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://app678.top/ Page URL
  2. https://yjq4y.rixinlife.com/W8WY/ownin2u4nt Page URL
  3. https://yjk4yzjj.jxhuadelai.com/0fdyrz?dab3c6=47414ca583537c754a9cad9d4e07dcd4 Page URL

Page Statistics

7
Requests

71 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

232 kB
Transfer

1047 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app678.top/ Page URL
  2. https://yjq4y.rixinlife.com/W8WY/ownin2u4nt Page URL
  3. https://yjk4yzjj.jxhuadelai.com/0fdyrz?dab3c6=47414ca583537c754a9cad9d4e07dcd4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
app678.top/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app678.top/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
47.83.223.210 Ashburn, United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.20.1 / PHP/7.0.33
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 28 Dec 2024 03:26:31 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
X-Powered-By
PHP/7.0.33
ownin2u4nt
yjq4y.rixinlife.com/W8WY/ 		225 B
393 B 		Document
General
Check archive.org
Download Go to
Full URL
https://yjq4y.rixinlife.com/W8WY/ownin2u4nt
Requested by
Host: app678.top
URL: https://app678.top/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.186.216.91 -, , ASN61368 (DaFeiYun_AS DAFEIYUN LTD, GB),
Reverse DNS
ddos.dafeiyun.com
Software
Cracker /
Resource Hash
de267fb4b23c791ddf72c8ed41d79aabb752097374e20e5a11e3cc0edd91bb72

Request headers

Referer
https://app678.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
225
Content-Type
text/html
Date
Sat, 28 Dec 2024 03:26:33 GMT
Server
Cracker
Primary Request 0fdyrz
yjk4yzjj.jxhuadelai.com/ 		403 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://yjk4yzjj.jxhuadelai.com/0fdyrz?dab3c6=47414ca583537c754a9cad9d4e07dcd4
Requested by
Host: yjq4y.rixinlife.com
URL: https://yjq4y.rixinlife.com/W8WY/ownin2u4nt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.91.91.50 , Seychelles, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence /
Resource Hash
939224acfaa89c5e0c76b6da0ca756b5c1b8db8c0c23a7c21c0b3494dd294ed5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Referer
https://yjq4y.rixinlife.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html
date
Sat, 28 Dec 2024 03:26:33 GMT
last-modified
Sat, 28 Dec 2024 03:00:00 GMT
server
NgxFence
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-cache
DYNAMIC
425b1deda5850b77ceddb0f7d396fa2d.js
yjk4yzjj.jxhuadelai.com/static/ 		1021 KB
223 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yjk4yzjj.jxhuadelai.com/static/425b1deda5850b77ceddb0f7d396fa2d.js
Requested by
Host: yjk4yzjj.jxhuadelai.com
URL: https://yjk4yzjj.jxhuadelai.com/0fdyrz?dab3c6=47414ca583537c754a9cad9d4e07dcd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.91.91.50 , Seychelles, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence /
Resource Hash
239537cf402c6f20613d75d02452a2ca669fd8a42c48c1ac7b573f86b84752a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://yjk4yzjj.jxhuadelai.com
Referer
https://yjk4yzjj.jxhuadelai.com/0fdyrz?dab3c6=47414ca583537c754a9cad9d4e07dcd4

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
x-cache
HIT
content-encoding
br
date
Sat, 28 Dec 2024 03:26:33 GMT
content-type
application/javascript
last-modified
Sat, 28 Dec 2024 03:00:14 GMT
server
NgxFence
a211589b7559fb166acfe6a79bdedcb6.css
yjk4yzjj.jxhuadelai.com/static/ 		25 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yjk4yzjj.jxhuadelai.com/static/a211589b7559fb166acfe6a79bdedcb6.css
Requested by
Host: yjk4yzjj.jxhuadelai.com
URL: https://yjk4yzjj.jxhuadelai.com/0fdyrz?dab3c6=47414ca583537c754a9cad9d4e07dcd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.91.91.50 , Seychelles, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence /
Resource Hash
4c8f5d50501c3415162956de8b567e875a90e723a96cc81fcf63bca841ba9ad7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://yjk4yzjj.jxhuadelai.com
Referer
https://yjk4yzjj.jxhuadelai.com/0fdyrz?dab3c6=47414ca583537c754a9cad9d4e07dcd4

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
x-cache
HIT
content-encoding
br
date
Sat, 28 Dec 2024 03:26:33 GMT
content-type
text/css
last-modified
Sat, 28 Dec 2024 03:00:00 GMT
server
NgxFence
getinfo
yjk4yzjj.jxhuadelai.com/clientapi/app/ 		0
0
favicon.ico
yjk4yzjj.jxhuadelai.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
yjk4yzjj.jxhuadelai.com
URL
https://yjk4yzjj.jxhuadelai.com/clientapi/app/getinfo?appid=0fdyrz&android=true
Domain
yjk4yzjj.jxhuadelai.com
URL
https://yjk4yzjj.jxhuadelai.com/favicon.ico

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __reactRouterVersion

0 Cookies