zimgf.fmqxf.com Open in urlscan Pro
45.121.144.197 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://adndisplay.com/
Effective URL:
https://zimgf.fmqxf.com/?channelCode=10037
Submission: On August 22 via manual (August 22nd 2023, 1:26:50 pm UTC) from DZ — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 19 HTTP transactions. The main IP is 45.121.144.197, located in Malaysia and belongs to GIGABIT-MY Gigabit Hosting Sdn Bhd, MY. The main domain is zimgf.fmqxf.com.
TLS certificate: Issued by R3 on July 31st 2023. Valid for: 3 months.

This is the only time zimgf.fmqxf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	103.44.89.79 103.44.89.79	136800 (MOACKCOLT...) (MOACKCOLTD-AS-AP MOACK.Co.LTD)
2	180.101.212.103 180.101.212.103	134770 (CHINANET-...) (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network)
2	47.246.46.206 47.246.46.206	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
4	203.107.86.226 203.107.86.226	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	45.121.144.197 45.121.144.197	55720 (GIGABIT-M...) (GIGABIT-MY Gigabit Hosting Sdn Bhd)
7	58.218.215.166 58.218.215.166	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
19	6

4 103.44.89.79 (Korea, Republic Of) 1 redirects

ASN136800 (MOACKCOLTD-AS-AP MOACK.Co.LTD, KR)

adndisplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.adndisplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 180.101.212.103 (China)

ASN134770 (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network, CN)

push.zhanzhang.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.share.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.246.46.206 (Milan, Italy)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 203.107.86.226 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.121.144.197 (Malaysia)

ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY)

zimgf.fmqxf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 58.218.215.166 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

cdn-fy2.mentheetsafran.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	mentheetsafran.com cdn-fy2.mentheetsafran.com	136 KB
6	51.la sdk.51.la — Cisco Umbrella Rank: 58070 collect-v6.51.la — Cisco Umbrella Rank: 53263	29 KB
4	adndisplay.com 1 redirects adndisplay.com www.adndisplay.com	3 KB
2	baidu.com push.zhanzhang.baidu.com — Cisco Umbrella Rank: 115191 api.share.baidu.com — Cisco Umbrella Rank: 83857	868 B
1	fmqxf.com zimgf.fmqxf.com	2 KB
19	5

	Domain	Requested by
7	cdn-fy2.mentheetsafran.com	zimgf.fmqxf.com
4	collect-v6.51.la	sdk.51.la
3	www.adndisplay.com	www.adndisplay.com
2	sdk.51.la	www.adndisplay.com zimgf.fmqxf.com
1	zimgf.fmqxf.com	www.adndisplay.com
1	api.share.baidu.com	www.adndisplay.com
1	push.zhanzhang.baidu.com	www.adndisplay.com
1	adndisplay.com	1 redirects
19	8

This site contains no links.

Subject Issuer	Validity	Valid
zimgf.fmqxf.com R3	`2023-07-31` - `2023-10-29`	3 months	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2023-04-20` - `2024-05-21`	a year	crt.sh
*.mentheetsafran.com AlphaSSL CA - SHA256 - G4	`2023-07-27` - `2024-08-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://zimgf.fmqxf.com/?channelCode=10037
Frame ID: 41C8FEECC22771D4AB68D786D4D154F5
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://adndisplay.com/ HTTP 301
http://www.adndisplay.com/ Page URL
https://zimgf.fmqxf.com/?channelCode=10037 Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

53 %
HTTPS

0 %
IPv6

5
Domains

8
Subdomains

6
IPs

4
Countries

169 kB
Transfer

348 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://adndisplay.com/ HTTP 301
http://www.adndisplay.com/ Page URL
https://zimgf.fmqxf.com/?channelCode=10037 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://adndisplay.com/ HTTP 301
http://www.adndisplay.com/

19 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response www.adndisplay.com/ Redirect Chain http://adndisplay.com/ http://www.adndisplay.com/	781 B 922 B	1245ms 238ms	Document text/html	103.44.89.79 MOACKCOLTD-AS-AP ...
General Check archive.org Show headers Download Go to Full URL http://www.adndisplay.com/ Protocol HTTP/1.1 Server 103.44.89.79 , Korea, Republic Of, ASN136800 (MOACKCOLTD-AS-AP MOACK.Co.LTD, KR), Reverse DNS Software nginx / Resource Hash `bc3ac41405f2a92633391d8e3e8f9b4acec466cb9d5760f39f9ad6243dfc93eb` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Length 781 Content-Type text/html Date Tue, 22 Aug 2023 13:26:36 GMT Server nginx Redirect headers Connection keep-alive Content-Length 0 Content-Type text/html Date Tue, 22 Aug 2023 13:26:35 GMT Location http://www.adndisplay.com/ Server nginx
GET H/1.1	200 OK	tj.js Show response www.adndisplay.com/	422 B 578 B	239ms 239ms	Script application/x-javascript	103.44.89.79 MOACKCOLTD-AS-AP ...
General Check archive.org Show headers Download Go to Full URL http://www.adndisplay.com/tj.js Requested by Host: www.adndisplay.com URL: http://www.adndisplay.com/ Protocol HTTP/1.1 Server 103.44.89.79 , Korea, Republic Of, ASN136800 (MOACKCOLTD-AS-AP MOACK.Co.LTD, KR), Reverse DNS Software nginx / Resource Hash `b834611399ed59b2482a3da14b3fcecae781d658c41c8943deb3a0cf69e94ef2` Request headers accept-language de-DE,de;q=0.9 Referer http://www.adndisplay.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Tue, 22 Aug 2023 13:26:37 GMT Server nginx Connection keep-alive Content-Length 422 Content-Type application/x-javascript
GET H/1.1	200 OK	common.js Show response www.adndisplay.com/	2 KB 910 B	240ms 239ms	Script application/x-javascript	103.44.89.79 MOACKCOLTD-AS-AP ...
General Check archive.org Show headers Download Go to Full URL http://www.adndisplay.com/common.js Requested by Host: www.adndisplay.com URL: http://www.adndisplay.com/ Protocol HTTP/1.1 Server 103.44.89.79 , Korea, Republic Of, ASN136800 (MOACKCOLTD-AS-AP MOACK.Co.LTD, KR), Reverse DNS Software nginx / Resource Hash `897e0a177ba1049c387e9f300ab34b7df510bccff2ebbdddb09f6aa7fa681234` Request headers accept-language de-DE,de;q=0.9 Referer http://www.adndisplay.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Tue, 22 Aug 2023 13:26:37 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript
GET H/1.1	200 OK	push.js Show response push.zhanzhang.baidu.com/	281 B 752 B	3109ms 1130ms	Script text/javascript	180.101.212.103 CHINANET-JIANGSU-...
General Check archive.org Show headers Download Go to Full URL http://push.zhanzhang.baidu.com/push.js Requested by Host: www.adndisplay.com URL: http://www.adndisplay.com/ Protocol HTTP/1.1 Server 180.101.212.103 , China, ASN134770 (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network, CN), Reverse DNS Software apache / Resource Hash `674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2` Request headers accept-language de-DE,de;q=0.9 Referer http://www.adndisplay.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Tue, 22 Aug 2023 13:26:44 GMT Content-Encoding gzip Last-Modified Wed, 25 Nov 2015 07:47:55 GMT Server apache Etag "4078521116" Vary Accept-Encoding Content-Type text/javascript P3p CP=" OTI DSP COR IVA OUR IND COM " Cache-Control max-age=31536000 Accept-Ranges bytes Content-Length 227 Expires Wed, 21 Aug 2024 13:26:44 GMT
GET H/1.1	200 OK	js-sdk-pro.min.js Show response sdk.51.la/	34 KB 13 KB	1683ms 31ms	Script application/javascript	47.246.46.206 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL http://sdk.51.la/js-sdk-pro.min.js Requested by Host: www.adndisplay.com URL: http://www.adndisplay.com/tj.js Protocol HTTP/1.1 Server 47.246.46.206 Milan, Italy, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27` Request headers Referer http://www.adndisplay.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Mon, 07 Aug 2023 16:07:26 GMT Via cache15.l2de2[0,0,304-0,H], cache8.l2de2[1,0], cache1.it2[0,0,200-0,H], cache5.it2[6,0] Content-Encoding gzip x-oss-request-id 64D116BEB4DCFB3835666C81 Content-MD5 JLtSDpUX8u0+2Ye0aur3Iw== Age 1286357 X-Swift-CacheTime 564737 X-Cache HIT TCP_MEM_HIT dirn:11:69109126 x-oss-cdn-auth success Connection keep-alive X-Swift-SaveTime Wed, 16 Aug 2023 03:15:09 GMT Content-Length 12846 x-oss-object-type Normal Last-Modified Thu, 08 Jun 2023 02:24:34 GMT Server Tengine ETag "24BB520E9517F2ED3ED987B46AEAF723" Vary Accept-Encoding Ali-Swift-Global-Savetime 1691424446 Content-Type application/javascript Access-Control-Allow-Origin * x-oss-storage-class Standard Accept-Ranges bytes Timing-Allow-Origin * x-oss-hash-crc64ecma 5143829838470429443 EagleId 2ff62e9916927108030091661e x-oss-server-time 3
POST H/1.1	200	collect collect-v6.51.la/v6/	0 517 B	3667ms 3103ms	XHR text/plain	203.107.86.226 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL http://collect-v6.51.la/v6/collect?dt=4 Requested by Host: sdk.51.la URL: http://sdk.51.la/js-sdk-pro.min.js Protocol HTTP/1.1 Server 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://www.adndisplay.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Access-Control-Allow-Origin http://www.adndisplay.com Date Tue, 22 Aug 2023 13:26:46 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Content-Length 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
POST H/1.1	200	collect Show response collect-v6.51.la/v6/	0 517 B	1574ms 1012ms	XHR text/plain	203.107.86.226 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL http://collect-v6.51.la/v6/collect?dt=4 Requested by Host: sdk.51.la URL: http://sdk.51.la/js-sdk-pro.min.js Protocol HTTP/1.1 Server 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer http://www.adndisplay.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Access-Control-Allow-Origin http://www.adndisplay.com Date Tue, 22 Aug 2023 13:26:44 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Content-Length 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
POST H/1.1	200	collect Show response collect-v6.51.la/v6/	0 517 B	2612ms 1044ms	XHR text/plain	203.107.86.226 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL http://collect-v6.51.la/v6/collect?dt=4 Requested by Host: sdk.51.la URL: http://sdk.51.la/js-sdk-pro.min.js Protocol HTTP/1.1 Server 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer http://www.adndisplay.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Access-Control-Allow-Origin http://www.adndisplay.com Date Tue, 22 Aug 2023 13:26:45 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Content-Length 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
GET H/1.1	200 OK	s.gif api.share.baidu.com/	0 116 B	2756ms 280ms	Image text/plain	180.101.212.103 CHINANET-JIANGSU-...
General Check archive.org Show headers Download Go to Show image Full URL http://api.share.baidu.com/s.gif?l=http://www.adndisplay.com/ Requested by Host: www.adndisplay.com URL: http://www.adndisplay.com/ Protocol HTTP/1.1 Server 180.101.212.103 , China, ASN134770 (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network, CN), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://www.adndisplay.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Tue, 22 Aug 2023 13:26:47 GMT Content-Length 0 Content-Type text/plain; charset=utf-8
GET H2	200	Primary Request / Show response zimgf.fmqxf.com/	5 KB 2 KB	1804ms 215ms	Document text/html	45.121.144.197 GIGABIT-MY Gigabi...
General Check archive.org Show headers Download Go to Full URL https://zimgf.fmqxf.com/?channelCode=10037 Requested by Host: www.adndisplay.com URL: http://www.adndisplay.com/common.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.121.144.197 , Malaysia, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY), Reverse DNS Software IIS7.0 / Resource Hash `38dcf5b179f9d1da2cfa097d44e52ce2c3da3bd64a784144ae023224ed6ffda1` Request headers Referer http://www.adndisplay.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html date Tue, 22 Aug 2023 13:26:47 GMT etag W/"64cdeaec-152e" last-modified Sat, 05 Aug 2023 06:23:40 GMT server IIS7.0 vary Accept-Encoding x-cache-status MISS
GET H2	200	js-sdk-pro.min.js Show response sdk.51.la/	34 KB 13 KB	75ms 24ms	Script application/javascript	47.246.46.206 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://sdk.51.la/js-sdk-pro.min.js Requested by Host: zimgf.fmqxf.com URL: https://zimgf.fmqxf.com/?channelCode=10037 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.246.46.206 Milan, Italy, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27` Request headers accept-language de-DE,de;q=0.9 Referer https://zimgf.fmqxf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 07 Aug 2023 16:07:28 GMT content-encoding gzip via cache15.l2de2[0,0,200-0,H], cache6.l2de2[1,0], cache1.it2[0,0,200-0,H], cache7.it2[2,0] x-oss-request-id 64D116C0B4DCFB3436187081 content-md5 JLtSDpUX8u0+2Ye0aur3Iw== age 1286359 x-swift-cachetime 564740 x-cache HIT TCP_MEM_HIT dirn:11:274404787 x-oss-cdn-auth success x-swift-savetime Wed, 16 Aug 2023 03:15:08 GMT content-length 12846 x-oss-object-type Normal last-modified Thu, 08 Jun 2023 02:24:34 GMT server Tengine etag "24BB520E9517F2ED3ED987B46AEAF723" vary Accept-Encoding ali-swift-global-savetime 1691424448 content-type application/javascript access-control-allow-origin * x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 5143829838470429443 eagleid 2ff62e9b16927108079586379e x-oss-server-time 3
GET H/1.1	200 OK	zb.css cdn-fy2.mentheetsafran.com/feiyuyuan/853/static/css/	2 KB 3 KB	1537ms 206ms	Stylesheet text/css	58.218.215.166 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://cdn-fy2.mentheetsafran.com/feiyuyuan/853/static/css/zb.css Requested by Host: zimgf.fmqxf.com URL: https://zimgf.fmqxf.com/?channelCode=10037 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 58.218.215.166 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Tengine / Resource Hash `8ecc94140a0c2ca8159977affbafe634b023842b6f9f1057953f94aec5e13d5f` Request headers accept-language de-DE,de;q=0.9 Referer https://zimgf.fmqxf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Tue, 22 Aug 2023 02:18:36 GMT Via cache42.l2ea120-6[0,0,304-0,H], cache29.l2ea120-6[1,0], kunlun2.cn192[0,0,200-0,H], kunlun9.cn192[1,0] Age 40088 X-Swift-CacheTime 43171 X-Cache HIT TCP_MEM_HIT dirn:10:1134436608 Connection keep-alive X-Swift-SaveTime Tue, 22 Aug 2023 02:19:10 GMT Content-Length 2010 Last-Modified Tue, 11 Apr 2023 11:57:22 GMT Server Tengine ETag "64354b22-7da" Vary Accept-Encoding Ali-Swift-Global-Savetime 1692670721 Content-Type text/css Cache-Control max-age=43200 Accept-Ranges bytes Timing-Allow-Origin * EagleId 3adad01d16927108093396990e Expires Tue, 22 Aug 2023 14:18:36 GMT
GET H/1.1	200 OK	foots2.gif cdn-fy2.mentheetsafran.com/feiyuyuan/853/static/picture/	37 KB 0	1576ms 274ms	Image image/gif	58.218.215.166 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-fy2.mentheetsafran.com/feiyuyuan/853/static/picture/foots2.gif Requested by Host: zimgf.fmqxf.com URL: https://zimgf.fmqxf.com/?channelCode=10037 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 58.218.215.166 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Tengine / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://zimgf.fmqxf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Sat, 05 Aug 2023 06:25:03 GMT Via cache9.l2ea120-6[0,0,200-0,H], cache11.l2ea120-6[2,0], kunlun5.cn192[0,0,200-0,H], kunlun10.cn192[2,0] Age 1494102 X-Swift-CacheTime 1654493 X-Cache HIT TCP_MEM_HIT dirn:9:1099772687 Connection keep-alive X-Swift-SaveTime Wed, 16 Aug 2023 02:50:14 GMT Content-Length 116063 Last-Modified Tue, 11 Apr 2023 11:57:26 GMT Server Tengine ETag "64354b26-1c55f" Ali-Swift-Global-Savetime 1691216707 Content-Type image/gif Cache-Control max-age=2592000 Accept-Ranges bytes Timing-Allow-Origin * EagleId 3adad01e16927108094363766e Expires Mon, 04 Sep 2023 06:25:03 GMT
GET H/1.1	200 OK	06e1c2876cb0d.js cdn-fy2.mentheetsafran.com/feiyuyuan/853/static/picture/	33 KB 0	1549ms 246ms	Image application/javascript	58.218.215.166 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-fy2.mentheetsafran.com/feiyuyuan/853/static/picture/06e1c2876cb0d.js Requested by Host: zimgf.fmqxf.com URL: https://zimgf.fmqxf.com/?channelCode=10037 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 58.218.215.166 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Tengine / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://zimgf.fmqxf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Tue, 22 Aug 2023 07:13:35 GMT Via cache59.l2ea120-6[0,0,304-0,H], cache10.l2ea120-6[2,0], kunlun1.cn192[0,0,200-0,H], kunlun8.cn192[2,0] Age 22389 X-Swift-CacheTime 43133 X-Cache HIT TCP_MEM_HIT dirn:10:1043893161 Connection keep-alive X-Swift-SaveTime Tue, 22 Aug 2023 07:14:47 GMT Content-Length 958151 Last-Modified Tue, 11 Apr 2023 11:57:23 GMT Server Tengine ETag "64354b23-e9ec7" Vary Accept-Encoding Ali-Swift-Global-Savetime 1692688420 Content-Type application/javascript Cache-Control max-age=43200 Accept-Ranges bytes Timing-Allow-Origin * EagleId 3adad01c16927108094376352e Expires Tue, 22 Aug 2023 19:13:35 GMT
GET H/1.1	200 OK	36d2a1ddd0b1f.js cdn-fy2.mentheetsafran.com/feiyuyuan/853/static/picture/	35 KB 0	1593ms 280ms	Image application/javascript	58.218.215.166 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-fy2.mentheetsafran.com/feiyuyuan/853/static/picture/36d2a1ddd0b1f.js Requested by Host: zimgf.fmqxf.com URL: https://zimgf.fmqxf.com/?channelCode=10037 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 58.218.215.166 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Tengine / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://zimgf.fmqxf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Tue, 22 Aug 2023 08:03:01 GMT Via cache40.l2ea120-6[62,64,304-0,M], cache8.l2ea120-6[65,0], kunlun5.cn192[0,0,200-0,H], kunlun6.cn192[1,0] Age 19423 X-Swift-CacheTime 43200 X-Cache HIT TCP_MEM_HIT dirn:9:1342262396 Connection keep-alive X-Swift-SaveTime Tue, 22 Aug 2023 08:03:06 GMT Content-Length 407103 Last-Modified Tue, 11 Apr 2023 11:57:24 GMT Server Tengine ETag "64354b24-6363f" Vary Accept-Encoding Ali-Swift-Global-Savetime 1692691386 Content-Type application/javascript Cache-Control max-age=43200 Accept-Ranges bytes Timing-Allow-Origin * EagleId 3adad01a16927108094545361e Expires Tue, 22 Aug 2023 20:03:01 GMT
GET H/1.1	200 OK	452a24210c066.js cdn-fy2.mentheetsafran.com/feiyuyuan/853/static/picture/	34 KB 0	227ms 226ms	Image application/javascript	58.218.215.166 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-fy2.mentheetsafran.com/feiyuyuan/853/static/picture/452a24210c066.js Requested by Host: zimgf.fmqxf.com URL: https://zimgf.fmqxf.com/?channelCode=10037 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 58.218.215.166 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Tengine / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://zimgf.fmqxf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Tue, 22 Aug 2023 07:27:56 GMT Via cache47.l2ea120-6[0,0,304-0,H], cache42.l2ea120-6[1,0], kunlun7.cn192[0,0,200-0,H], kunlun9.cn192[1,0] Age 21529 X-Swift-CacheTime 43164 X-Cache HIT TCP_MEM_HIT dirn:10:1374068923 Connection keep-alive X-Swift-SaveTime Tue, 22 Aug 2023 07:28:36 GMT Content-Length 295290 Last-Modified Tue, 11 Apr 2023 11:57:24 GMT Server Tengine ETag "64354b24-4817a" Vary Accept-Encoding Ali-Swift-Global-Savetime 1692689280 Content-Type application/javascript Cache-Control max-age=43200 Accept-Ranges bytes Timing-Allow-Origin * EagleId 3adad01d16927108095467588e Expires Tue, 22 Aug 2023 19:27:56 GMT
GET H/1.1	200 OK	jquery-3.4.1.min.js Show response cdn-fy2.mentheetsafran.com/feiyuyuan/853/static/js/	86 KB 87 KB	1734ms 465ms	Script application/javascript	58.218.215.166 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://cdn-fy2.mentheetsafran.com/feiyuyuan/853/static/js/jquery-3.4.1.min.js Requested by Host: zimgf.fmqxf.com URL: https://zimgf.fmqxf.com/?channelCode=10037 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 58.218.215.166 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Tengine / Resource Hash `0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a` Request headers accept-language de-DE,de;q=0.9 Referer https://zimgf.fmqxf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Tue, 22 Aug 2023 07:13:21 GMT Via cache25.l2ea120-6[0,0,304-0,H], cache25.l2ea120-6[1,0], kunlun1.cn192[0,0,200-0,H], kunlun4.cn192[2,0] Age 22404 X-Swift-CacheTime 43118 X-Cache HIT TCP_MEM_HIT dirn:11:1461423288 Connection keep-alive X-Swift-SaveTime Tue, 22 Aug 2023 07:14:47 GMT Content-Length 88145 Last-Modified Tue, 11 Apr 2023 11:57:23 GMT Server Tengine ETag "64354b23-15851" Vary Accept-Encoding Ali-Swift-Global-Savetime 1692688405 Content-Type application/javascript Cache-Control max-age=43200 Accept-Ranges bytes Timing-Allow-Origin * EagleId 3adad01816927108093941638e Expires Tue, 22 Aug 2023 19:13:21 GMT
GET H/1.1	200 OK	appinstall.js Show response cdn-fy2.mentheetsafran.com/feiyuyuan/853/static/js/	46 KB 46 KB	1523ms 259ms	Script application/javascript	58.218.215.166 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://cdn-fy2.mentheetsafran.com/feiyuyuan/853/static/js/appinstall.js Requested by Host: zimgf.fmqxf.com URL: https://zimgf.fmqxf.com/?channelCode=10037 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 58.218.215.166 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Tengine / Resource Hash `6870c7e0a59524d0e413a31c0fdbb462ae6211a6549f835ad7678f6ff4fc1ba7` Request headers accept-language de-DE,de;q=0.9 Referer https://zimgf.fmqxf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Date Tue, 22 Aug 2023 07:13:21 GMT Via cache46.l2ea120-6[0,0,304-0,H], cache11.l2ea120-6[1,0], kunlun10.cn192[0,0,200-0,H], kunlun3.cn192[1,0] Age 22404 X-Swift-CacheTime 43118 X-Cache HIT TCP_MEM_HIT dirn:9:152293051 Connection keep-alive X-Swift-SaveTime Tue, 22 Aug 2023 07:14:47 GMT Content-Length 46640 Last-Modified Tue, 11 Apr 2023 11:57:23 GMT Server Tengine ETag "64354b23-b630" Vary Accept-Encoding Ali-Swift-Global-Savetime 1692688405 Content-Type application/javascript Cache-Control max-age=43200 Accept-Ranges bytes Timing-Allow-Origin * EagleId 3adad01716927108093966814e Expires Tue, 22 Aug 2023 19:13:21 GMT
POST H/1.1	200	collect Show response collect-v6.51.la/v6/	0 515 B	891ms 341ms	XHR text/plain	203.107.86.226 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://collect-v6.51.la/v6/collect?dt=4 Requested by Host: sdk.51.la URL: https://sdk.51.la/js-sdk-pro.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://zimgf.fmqxf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Access-Control-Allow-Origin https://zimgf.fmqxf.com Date Tue, 22 Aug 2023 13:26:48 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Content-Length 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| LA number| laWaitTime

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.adndisplay.com/	1970-01-20 23:47:50	Name: __51uvsct__K1SdSGNyWGOiwaYi Value: 1
www.adndisplay.com/	1970-01-20 23:47:50	Name: __51vcke__K1SdSGNyWGOiwaYi Value: d0db51ce-7886-5b9e-9d52-7ca1c9fcf4b2
www.adndisplay.com/	1970-01-20 23:47:50	Name: __51vuft__K1SdSGNyWGOiwaYi Value: 1692710803071
www.adndisplay.com/	1969-12-31 23:59:59	Name: __vtins__K1SdSGNyWGOiwaYi Value: %7B%22sid%22%3A%20%2206095e22-0cff-51ed-a17b-274529c89386%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2012%2C%20%22dr%22%3A%2012%2C%20%22expires%22%3A%201692712603080%2C%20%22ct%22%3A%201692710803080%7D
www.adndisplay.com/	1969-12-31 23:59:59	Name: __vtins__K1SdffDOLncwRzRr Value: %7B%22sid%22%3A%20%22a889ef4f-bf68-5f70-aecb-6a541edcbe51%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201692712603086%2C%20%22ct%22%3A%201692710803086%7D
www.adndisplay.com/	1970-01-20 23:47:50	Name: __51uvsct__K1SdffDOLncwRzRr Value: 1
www.adndisplay.com/	1970-01-20 23:47:50	Name: __51vcke__K1SdffDOLncwRzRr Value: 46a5960c-189e-5e72-bae5-2d16329bd338
www.adndisplay.com/	1970-01-20 23:47:50	Name: __51vuft__K1SdffDOLncwRzRr Value: 1692710803089
zimgf.fmqxf.com/	1969-12-31 23:59:59	Name: __vtins__K3aHvQVp7x5YqmZy Value: %7B%22sid%22%3A%20%2238da8fdf-0a46-554c-8a2c-3fc80a6d04fc%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201692712608006%2C%20%22ct%22%3A%201692710808006%7D
zimgf.fmqxf.com/	1970-01-20 23:47:50	Name: __51uvsct__K3aHvQVp7x5YqmZy Value: 1
zimgf.fmqxf.com/	1970-01-20 23:47:50	Name: __51vcke__K3aHvQVp7x5YqmZy Value: 55c34f97-6ba5-513a-be58-46c1e0ef2937
zimgf.fmqxf.com/	1970-01-20 23:47:50	Name: __51vuft__K3aHvQVp7x5YqmZy Value: 1692710808009

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.adndisplay.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://sdk.51.la/js-sdk-pro.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.adndisplay.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://sdk.51.la/js-sdk-pro.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.adndisplay.com/tj.js(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://sdk.51.la/js-sdk-pro.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adndisplay.com
api.share.baidu.com
cdn-fy2.mentheetsafran.com
collect-v6.51.la
push.zhanzhang.baidu.com
sdk.51.la
www.adndisplay.com
zimgf.fmqxf.com
103.44.89.79
180.101.212.103
203.107.86.226
45.121.144.197
47.246.46.206
58.218.215.166
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
38dcf5b179f9d1da2cfa097d44e52ce2c3da3bd64a784144ae023224ed6ffda1
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
6870c7e0a59524d0e413a31c0fdbb462ae6211a6549f835ad7678f6ff4fc1ba7
897e0a177ba1049c387e9f300ab34b7df510bccff2ebbdddb09f6aa7fa681234
8ecc94140a0c2ca8159977affbafe634b023842b6f9f1057953f94aec5e13d5f
b834611399ed59b2482a3da14b3fcecae781d658c41c8943deb3a0cf69e94ef2
bc3ac41405f2a92633391d8e3e8f9b4acec466cb9d5760f39f9ad6243dfc93eb
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

zimgf.fmqxf.com Open in urlscan Pro 45.121.144.197 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

53 %HTTPS

0 %IPv6

5 Domains

8 Subdomains

6 IPs

4 Countries

169 kBTransfer

348 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

12 Cookies

3 Console Messages

Indicators

zimgf.fmqxf.com Open in urlscan Pro
45.121.144.197 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

53 %
HTTPS

0 %
IPv6

5
Domains

8
Subdomains

6
IPs

4
Countries

169 kB
Transfer

348 kB
Size

12
Cookies

19 HTTP transactions
0 data transactions