urlscan.io logo urlscan.io
SecurityTrails logo

hjwpa38uyi.ddtsrrf.com Open in urlscan Pro
154.12.60.234  Public Scan

Go To Rescan Add Verdict Report
URL: https://hjwpa38uyi.ddtsrrf.com/
Submission: On December 27 via api from US — Scanned from IS
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 9 HTTP transactions. The main IP is 154.12.60.234, located in Hong Kong, Hong Kong and belongs to NETLAB-SDN, US. The main domain is hjwpa38uyi.ddtsrrf.com.
TLS certificate: Issued by R11 on December 27th 2024. Valid for: 3 months.
This is the only time hjwpa38uyi.ddtsrrf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 154.12.60.234 979 (NETLAB-SDN)
1 43.152.29.72 139341 (ACE-AS-AP...)
1 163.181.131.208 24429 (TAOBAO Zh...)
9 4
Apex Domain
Subdomains		 Transfer
6 ddtsrrf.com
hjwpa38uyi.ddtsrrf.com
122 KB
1 openinstall.com
web-nb60ck.openinstall.com
1 KB
1 openinstall.io
web.cdn.openinstall.io — Cisco Umbrella Rank: 303810
20 KB
9 3
Domain Requested by
6 hjwpa38uyi.ddtsrrf.com hjwpa38uyi.ddtsrrf.com
1 web-nb60ck.openinstall.com web.cdn.openinstall.io
1 web.cdn.openinstall.io hjwpa38uyi.ddtsrrf.com
9 3

This site contains no links.

Subject Issuer Validity Valid
uhjpwki1ui.ddtsrrf.com
R11		 2024-12-27 -
2025-03-27		 3 months crt.sh
*.cdn.openinstall.io
Encryption Everywhere DV TLS CA - G1		 2024-09-05 -
2025-09-12		 a year crt.sh
*.openinstall.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2024-05-10 -
2025-05-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://hjwpa38uyi.ddtsrrf.com/
Frame ID: 7E338131106E25FE78A7425EA354E28D
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

海角禁区

Page Statistics

9
Requests

89 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

142 kB
Transfer

414 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hjwpa38uyi.ddtsrrf.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hjwpa38uyi.ddtsrrf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.12.60.234 Hong Kong, Hong Kong, ASN979 (NETLAB-SDN, US),
Reverse DNS
Software
nginx /
Resource Hash
5479419d989dcf748417152b1b1c178a96f15726cf97e374aa3b75419d4c87b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-methods
PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
content-encoding
gzip
content-length
1652
content-type
text/html
date
Fri, 27 Dec 2024 16:37:13 GMT
etag
W/"676144f0-f65"
last-modified
Tue, 17 Dec 2024 09:31:28 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache
BYPASS
openInstall.js
hjwpa38uyi.ddtsrrf.com/js/ 		1 KB
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hjwpa38uyi.ddtsrrf.com/js/openInstall.js
Requested by
Host: hjwpa38uyi.ddtsrrf.com
URL: https://hjwpa38uyi.ddtsrrf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.12.60.234 Hong Kong, Hong Kong, ASN979 (NETLAB-SDN, US),
Reverse DNS
Software
nginx /
Resource Hash
4c39fb1ab9bfa0877a885db98351021a445e21907cc6947567c22f49ec09f750
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hjwpa38uyi.ddtsrrf.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"673aafd3-492"
access-control-allow-credentials
true
access-control-allow-methods
PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
x-cache
UPDATING
content-length
520
date
Fri, 27 Dec 2024 16:37:14 GMT
content-type
application/javascript
last-modified
Mon, 18 Nov 2024 03:09:07 GMT
server
nginx
vary
Accept-Encoding
hls.js
hjwpa38uyi.ddtsrrf.com/js/ 		314 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hjwpa38uyi.ddtsrrf.com/js/hls.js
Requested by
Host: hjwpa38uyi.ddtsrrf.com
URL: https://hjwpa38uyi.ddtsrrf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.12.60.234 Hong Kong, Hong Kong, ASN979 (NETLAB-SDN, US),
Reverse DNS
Software
nginx /
Resource Hash
d30052e942167f1f7cc0b6b1268866a1d1c1ce2e543fd14faf6db97c16039aa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hjwpa38uyi.ddtsrrf.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"661f6c7a-4e9c9"
access-control-allow-credentials
true
access-control-allow-methods
PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
x-cache
UPDATING
date
Fri, 27 Dec 2024 16:37:14 GMT
content-type
application/javascript
last-modified
Wed, 17 Apr 2024 06:30:18 GMT
server
nginx
vary
Accept-Encoding
web_support.js
hjwpa38uyi.ddtsrrf.com/assets/packages/flutter_inappwebview_web/assets/web/ 		28 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hjwpa38uyi.ddtsrrf.com/assets/packages/flutter_inappwebview_web/assets/web/web_support.js
Requested by
Host: hjwpa38uyi.ddtsrrf.com
URL: https://hjwpa38uyi.ddtsrrf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.12.60.234 Hong Kong, Hong Kong, ASN979 (NETLAB-SDN, US),
Reverse DNS
Software
nginx /
Resource Hash
e506f90ca27a79387818c9c4fbb57e9662b362242cb06dbd1ac20ecf95c1f578
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hjwpa38uyi.ddtsrrf.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"675fd2aa-6ecf"
access-control-allow-credentials
true
access-control-allow-methods
PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
x-cache
UPDATING
content-length
4095
date
Fri, 27 Dec 2024 16:37:14 GMT
content-type
application/javascript
last-modified
Mon, 16 Dec 2024 07:11:38 GMT
server
nginx
vary
Accept-Encoding
flutter.js
hjwpa38uyi.ddtsrrf.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hjwpa38uyi.ddtsrrf.com/flutter.js
Requested by
Host: hjwpa38uyi.ddtsrrf.com
URL: https://hjwpa38uyi.ddtsrrf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.12.60.234 Hong Kong, Hong Kong, ASN979 (NETLAB-SDN, US),
Reverse DNS
Software
nginx /
Resource Hash
f08cc670287fca107c912449a9c503872f358b4e7e6ed80ed58fc8c7ba256e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hjwpa38uyi.ddtsrrf.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"676144cb-37f6"
access-control-allow-credentials
true
access-control-allow-methods
PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
x-cache
UPDATING
date
Fri, 27 Dec 2024 16:37:16 GMT
content-type
application/javascript
last-modified
Tue, 17 Dec 2024 09:30:51 GMT
server
nginx
vary
Accept-Encoding
openinstall.js
web.cdn.openinstall.io/ 		47 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.cdn.openinstall.io/openinstall.js
Requested by
Host: hjwpa38uyi.ddtsrrf.com
URL: https://hjwpa38uyi.ddtsrrf.com/js/openInstall.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.29.72 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
tencent-cos /
Resource Hash
cc057c6278e66b15450ad96f2ce1f7283b40a59620f6cd9ecd2d277a2ddd22bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hjwpa38uyi.ddtsrrf.com/

Response headers

cache-control
max-age=7200
x-nws-log-uuid
6325872975700576645
content-encoding
gzip
x-cos-request-id
Njc2ZTBhZTVfODlhYjViNjRfZTcwY182MzczNjkx
etag
"c3b756de1728004d8e01d61e427ee6e0"
x-cos-hash-crc64ecma
13809107253179360257
accept-ranges
bytes
content-length
19878
date
Fri, 27 Dec 2024 02:03:17 GMT
x-cache-lookup
Cache Hit
last-modified
Mon, 25 Nov 2024 09:30:42 GMT
content-type
application/javascript
server
tencent-cos
init2
web-nb60ck.openinstall.com/web/nb60ck/_/ 		716 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://web-nb60ck.openinstall.com/web/nb60ck/_/init2?av=0&cv=0&hash=&sw=p6Cmpg&sh=p6Smpg&sp=1&li=p6GkuKehuKa4og
Requested by
Host: web.cdn.openinstall.io
URL: https://web.cdn.openinstall.io/openinstall.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.181.131.208 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
96130692a94eae716788e4897c3451587da2ef6de5cbecad1f36a590d82cfaad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://hjwpa38uyi.ddtsrrf.com/

Response headers

timing-allow-origin
*
access-control-allow-credentials
true
via
ens-cache1.de7[442,0]
access-control-allow-origin
https://hjwpa38uyi.ddtsrrf.com
eagleid
a3b5839517353174373438234e
content-length
716
date
Fri, 27 Dec 2024 16:37:17 GMT
content-type
text/plain
vary
Origin
server
Tengine
favicon.png
hjwpa38uyi.ddtsrrf.com/ 		5 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hjwpa38uyi.ddtsrrf.com/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.12.60.234 Hong Kong, Hong Kong, ASN979 (NETLAB-SDN, US),
Reverse DNS
Software
nginx /
Resource Hash
164c3ccf4ceede511e934bf4c591c44ca507831e2014fb3eae807d8a17d6a7a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hjwpa38uyi.ddtsrrf.com/

Response headers

strict-transport-security
max-age=31536000
etag
"67062d7d-4893"
access-control-allow-credentials
true
access-control-allow-methods
PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
accept-ranges
bytes
x-cache
UPDATING
date
Fri, 27 Dec 2024 16:37:17 GMT
content-type
image/webp
last-modified
Wed, 09 Oct 2024 07:15:09 GMT
server
nginx
main.dart.js
hjwpa38uyi.ddtsrrf.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hjwpa38uyi.ddtsrrf.com
URL
https://hjwpa38uyi.ddtsrrf.com/main.dart.js?v=1735317437474

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| download function| Hls object| flutter_inappwebview function| OpenInstall object| newOpenInstall object| _flutter

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000