90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com Open in urlscan Pro
2606:4700:3032::ac43:d5bd Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://25413.cc/
Effective URL:
https://90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com/cb1121241ac66f37f93ece910e95096b
Submission: On October 05 via api (October 5th 2024, 3:40:09 pm UTC) from BE — Scanned from US

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 9 HTTP transactions. The main IP is 2606:4700:3032::ac43:d5bd, located in United States and belongs to CLOUDFLARENET, US. The main domain is 90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com.
TLS certificate: Issued by WE1 on August 20th 2024. Valid for: 3 months.

This is the only time 90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	154.19.201.22 154.19.201.22	140224 (SGPL-AS-A...) (SGPL-AS-AP STARCLOUD GLOBAL PTE.)
1 1	172.67.176.178 172.67.176.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.67.128.18 172.67.128.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3032::ac43:d5bd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	3

1 154.19.201.22 (Hong Kong, Hong Kong) 1 redirects

ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG)

25413.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.176.178 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

8cd0a.dfhdh53.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.128.18 (United States)

ASN13335 (CLOUDFLARENET, US)

e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::ac43:d5bd (United States)

ASN13335 (CLOUDFLARENET, US)

90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	klliu8q.com 90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com	3 KB
4	866gusy.com e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com	4 KB
1	dfhdh53.com 1 redirects 8cd0a.dfhdh53.com	590 B
1	25413.cc 1 redirects 25413.cc	211 B
0	qqps4.com Failed qqps4.com Failed
9	5

	Domain	Requested by
4	90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com	e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com 90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com
4	e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com	e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com
1	8cd0a.dfhdh53.com	1 redirects
1	25413.cc	1 redirects
0	qqps4.com Failed	90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com
9	5

This site contains no links.

Subject Issuer	Validity	Valid
866gusy.com WE1	`2024-09-09` - `2024-12-08`	3 months	crt.sh
klliu8q.com WE1	`2024-08-20` - `2024-11-18`	3 months	crt.sh

This page contains 1 frames:

Frame: https://qqps4.com/?channel=34074146
Frame ID: C5CEFBFE1F6BB2B6B61BDC56319E105E
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Document

Page URL History Show full URLs

http://25413.cc/ HTTP 307
https://25413.cc/ HTTP 301
http://8cd0a.dfhdh53.com/Q9ejJ HTTP 307
https://8cd0a.dfhdh53.com/Q9ejJ HTTP 302
http://e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/cfedcae729a3d8c9ca5a6df9472a660b HTTP 307
https://e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/cfedcae729a3d8c9ca5a6df9472a660b Page URL
http://90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com/cb1121241ac66f37f93ece910e95096b HTTP 307
https://90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com/cb1121241ac66f37f93ece910e95096b Page URL

Page Statistics

9
Requests

89 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

7 kB
Transfer

6 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://25413.cc/ HTTP 307
https://25413.cc/ HTTP 301
http://8cd0a.dfhdh53.com/Q9ejJ HTTP 307
https://8cd0a.dfhdh53.com/Q9ejJ HTTP 302
http://e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/cfedcae729a3d8c9ca5a6df9472a660b HTTP 307
https://e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/cfedcae729a3d8c9ca5a6df9472a660b Page URL
http://90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com/cb1121241ac66f37f93ece910e95096b HTTP 307
https://90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com/cb1121241ac66f37f93ece910e95096b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://25413.cc/ HTTP 307
https://25413.cc/ HTTP 301
http://8cd0a.dfhdh53.com/Q9ejJ HTTP 307
https://8cd0a.dfhdh53.com/Q9ejJ HTTP 302
http://e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/cfedcae729a3d8c9ca5a6df9472a660b HTTP 307
https://e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/cfedcae729a3d8c9ca5a6df9472a660b

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	cfedcae729a3d8c9ca5a6df9472a660b Show response e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/ Redirect Chain http://25413.cc/ https://25413.cc/ http://8cd0a.dfhdh53.com/Q9ejJ https://8cd0a.dfhdh53.com/Q9ejJ http://e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/cfedcae729a3d8c9ca5a6df9472a660b https://e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/cfedcae729a3d8c9ca5a6df9472a660b	2 KB 1 KB	614ms 517ms	Document text/html	172.67.128.18 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/cfedcae729a3d8c9ca5a6df9472a660b Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.128.18 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash `6cc96b0b29ab341ff8e2292716361b4d1ff2312e4045b26b3b9d28384ac9f746` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-headers X-Requested-With,Content-Type access-control-allow-methods PUT,POST,GET,DELETE,OPTIONS access-control-allow-origin * cf-cache-status DYNAMIC cf-ray 8cde820eba94311c-LAX content-encoding br content-type text/html; charset=UTF-8 date Sat, 05 Oct 2024 15:40:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r89Xn9FXKkosazQ1e5y0vePzSf589qL9iZueNOORqxc3UOGdvUzKMyMDiCq4HQso%2BNQM6H5To4TBfLDpbzhGEPkdeTtZ9wupWkk7EPxCZI2A9P8xD65AWjVXkrs1Me2rAwhFDs07ZXIgvV4%2B8C1Jeaz6g%2BH0Ua2PxXwoT2Jm5g%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation" x-powered-by PHP/7.4.33 Redirect headers Location https://e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/cfedcae729a3d8c9ca5a6df9472a660b Non-Authoritative-Reason HttpsUpgrades
GET H3	200	speculation e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/cdn-cgi/	128 B 607 B	75ms 75ms	Other application/speculationrules+json	172.67.128.18 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/cdn-cgi/speculation Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.128.18 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com Referer https://e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/cfedcae729a3d8c9ca5a6df9472a660b Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2BF9L6F9IFHe%2FE2vqRhxcheSZ0l9qo07XlXM%2FbpJpZANy8GcTFc%2Bk6BkzFNtJnkzkx8ZQ5DQacOxdXb%2FFVgIBB%2B7FTpbW7xr%2F3hOEpGkplcBdIzfi1OUF80nxg%2Bvj96LU8BybvOHw%2FISjkrtz%2Fit9mDkO80i3%2B%2BxJe2JjC63vw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cde82120d59311c-LAX access-control-allow-origin https://e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com content-length 128 date Sat, 05 Oct 2024 15:40:04 GMT content-type application/speculationrules+json vary Origin, Accept-Encoding server cloudflare
GET H3	200	style.css e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/	5 B 575 B	523ms 523ms	Stylesheet text/html	172.67.128.18 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/style.css Requested by Host: e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com URL: https://e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/cfedcae729a3d8c9ca5a6df9472a660b Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.128.18 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash `cd863b9962b078502b714c99c17541079329ff04957c11956143a5a5c0cef952` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/cfedcae729a3d8c9ca5a6df9472a660b Response headers content-encoding br cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mxjWBN6iuQ7rA2WvLNGVn3mDTGPIgke3jxYD8gIfA5DzwsvjQuLgspQ60HtHFzgen241lRbh8H3loy4q2u9IXbZPyF6AuOxvV%2Bu22CA9i8EQ7HiyIQMonJu4jy4O2u49hjRleTVYOCoFC3jLQz66y1%2FYtR4T3pbTPswiSXVISQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods PUT,POST,GET,DELETE,OPTIONS date Sat, 05 Oct 2024 15:40:05 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding last-modified Sat, 05 Oct 2024 15:40:05 GMT access-control-allow-headers X-Requested-With,Content-Type cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} speculation-rules "/cdn-cgi/speculation" cf-ray 8cde82120d5c311c-LAX access-control-allow-origin * x-powered-by PHP/7.4.33 server cloudflare
GET H3	200	favicon.ico e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/	1 KB 1 KB	535ms 535ms	Other text/html	172.67.128.18 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.128.18 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash `0566dc21d3c0d4d900cdf3f546a8f0f621a01b9ddac6012002e279309b909f22` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/cfedcae729a3d8c9ca5a6df9472a660b Response headers content-encoding br cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EqBJBciv8QLVReIC4l44MaJhTscU2YIqYX7aCqw6Zz0DloHQ2rGEhlFIgCEuGFP62eYNeCWbe0TlDB%2F1JFBsS0ajehqg682wvA%2F6i0sa1r4UrzpH6bbpbU4rNY24RxrDHd0tApc89cVSIoG3rYEc9pseliIivEQKPL7XU4b6mg%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods PUT,POST,GET,DELETE,OPTIONS date Sat, 05 Oct 2024 15:40:05 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding last-modified Sat, 05 Oct 2024 15:40:05 GMT access-control-allow-headers X-Requested-With,Content-Type cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} speculation-rules "/cdn-cgi/speculation" cf-ray 8cde8215581b311c-LAX access-control-allow-origin * x-powered-by PHP/7.4.33 server cloudflare
GET H2	200	Primary Request cb1121241ac66f37f93ece910e95096b Show response 90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com/ Redirect Chain http://90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com/cb1121241ac66f37f93ece910e95096b https://90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com/cb1121241ac66f37f93ece910e95096b	1 KB 1 KB	701ms 526ms	Document text/html	2606:4700:3032::ac43:d5bd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com/cb1121241ac66f37f93ece910e95096b Requested by Host: e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com URL: https://e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com/cfedcae729a3d8c9ca5a6df9472a660b Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:d5bd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash `f08c02486786a835f74854e95c4c134b31055ac658816ea824c0b594cad0d43b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-headers X-Requested-With,Content-Type access-control-allow-methods PUT,POST,GET,DELETE,OPTIONS access-control-allow-origin * cf-cache-status DYNAMIC cf-ray 8cde821abe810ff9-LAX content-encoding br content-type text/html; charset=UTF-8 date Sat, 05 Oct 2024 15:40:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8shOi6DNsKFLZdQfv8jrWge8D%2B9N1SHu%2F1qIH2I%2FJzKrAZZeca0mdCVEOF07%2FUr62Qt7eylTnZpDTdp70gfkX5Fdkbywf5Xq4QZdnhiMROCAt24wOWOUuqgfjGFU92pmF%2BmuXLUwcg5g8zsBT6y6UsVXMSsDRv1zoojPegIk5DwLys4qtIgB9raCDw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation" x-powered-by PHP/7.4.33 Redirect headers Location https://90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com/cb1121241ac66f37f93ece910e95096b Non-Authoritative-Reason HttpsUpgrades
GET H2	200	speculation 90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com/cdn-cgi/	128 B 527 B	79ms 78ms	Other application/speculationrules+json	2606:4700:3032::ac43:d5bd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com/cdn-cgi/speculation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:d5bd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com Referer https://90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com/cb1121241ac66f37f93ece910e95096b Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n1C%2BIcfGG1elBACE2qSSiRYsslRNqOgzPRJYx5swaD86gPGeQpV5tr1cPQ%2FenHwUgq00ORWs0O%2BxdNG2jE%2BH5HDu0VgG3ry4EuyIpOOjC87F6rIypIfVsKQ5dhVaBfDkp1fxyPcEqzT%2FNlMyaDuv7nijs7UXsQpG3Q5rw65Zq3NEQY1TLwKXICD0Yw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cde821e1a840ff9-LAX access-control-allow-origin https://90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com content-length 128 date Sat, 05 Oct 2024 15:40:06 GMT content-type application/speculationrules+json vary Origin, Accept-Encoding server cloudflare
GET H2	200	style.css 90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com/	5 B 399 B	548ms 548ms	Stylesheet text/html	2606:4700:3032::ac43:d5bd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com/style.css Requested by Host: 90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com URL: https://90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com/cb1121241ac66f37f93ece910e95096b Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:d5bd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash `cd863b9962b078502b714c99c17541079329ff04957c11956143a5a5c0cef952` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com/cb1121241ac66f37f93ece910e95096b Response headers content-encoding br cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t4GfnpfqgIsGlIjPysZN6NBIIiRqVVSu0XL81oEcj431gatv6ZqxbUlL1cy%2FS%2B67iNpChUi8i0TUaFr8rhy6KRJRpvZfNzqgriaEnj2k317cJPuHoC6o4cNkVv4wuW0FHsMVtaBiccLcFw3C3T5XcT8osPczYwwMKkh5zZq2s%2BViQ2dKgJp0LHccUw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods PUT,POST,GET,DELETE,OPTIONS date Sat, 05 Oct 2024 15:40:07 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding last-modified Sat, 05 Oct 2024 15:40:07 GMT access-control-allow-headers X-Requested-With,Content-Type cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} speculation-rules "/cdn-cgi/speculation" cf-ray 8cde821e1a860ff9-LAX access-control-allow-origin * x-powered-by PHP/7.4.33 server cloudflare
GET H2	200	favicon.ico 90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com/	1 KB 969 B	552ms 551ms	Other text/html	2606:4700:3032::ac43:d5bd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:d5bd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash `dce6cdcd4743364174c7831c51e2ffe0f546965805d2da71d35de08a9973dccd` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com/cb1121241ac66f37f93ece910e95096b Response headers content-encoding br cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dodWj%2FRPpqXnZ3Tl8VJTDqOYuP3n5eMC%2Boh57Unx3%2Bag8sC5KGhCvpF15QTjZnqWF2zMZnVrUAm3aIND1Nqn6GkCHXEGF%2FdFaQVqee7PsqFMcPn57Q%2FZXvqQ7oPGPUUNt1f3%2FjXy1YBMQ6WmAhVJd%2BK6WxZhsWO18DHRzjbVH6IjzF2nDAAh%2BMu5iQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods PUT,POST,GET,DELETE,OPTIONS date Sat, 05 Oct 2024 15:40:07 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding last-modified Sat, 05 Oct 2024 15:40:07 GMT access-control-allow-headers X-Requested-With,Content-Type cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} speculation-rules "/cdn-cgi/speculation" cf-ray 8cde82219f880ff9-LAX access-control-allow-origin * x-powered-by PHP/7.4.33 server cloudflare
GET		/ qqps4.com/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: qqps4.com
URL: https://qqps4.com/?channel=34074146

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| frame

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

25413.cc
8cd0a.dfhdh53.com
90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com
e5f4a51b56f142eb6b9a2185ee27037b.866gusy.com
qqps4.com
qqps4.com
154.19.201.22
172.67.128.18
172.67.176.178
2606:4700:3032::ac43:d5bd
0566dc21d3c0d4d900cdf3f546a8f0f621a01b9ddac6012002e279309b909f22
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
6cc96b0b29ab341ff8e2292716361b4d1ff2312e4045b26b3b9d28384ac9f746
cd863b9962b078502b714c99c17541079329ff04957c11956143a5a5c0cef952
dce6cdcd4743364174c7831c51e2ffe0f546965805d2da71d35de08a9973dccd
f08c02486786a835f74854e95c4c134b31055ac658816ea824c0b594cad0d43b

90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com Open in urlscan Pro 2606:4700:3032::ac43:d5bd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

9 Requests

89 %HTTPS

25 %IPv6

5 Domains

5 Subdomains

3 IPs

2 Countries

7 kBTransfer

6 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

90e9690c119e745bd2a65a8b22d14ce8.klliu8q.com Open in urlscan Pro
2606:4700:3032::ac43:d5bd Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

7 kB
Transfer

6 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions