tfsq1.top Open in urlscan Pro
45.204.80.216 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tfsq1.top/
Effective URL:
http://tfsq1.top/indexPc.html
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On December 27 via api (December 27th 2024, 7:39:49 am UTC) from IT — Scanned from IT

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 25 HTTP transactions. The main IP is 45.204.80.216, located in Hong Kong and belongs to HQTC-AS-AP qlhost, TW. The main domain is tfsq1.top.

This is the only time tfsq1.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	45.204.80.216 45.204.80.216	142062 (HQTC-AS-A...) (HQTC-AS-AP qlhost)
1	111.231.169.247 111.231.169.247	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
25	3

6 45.204.80.216 (Hong Kong)

ASN142062 (HQTC-AS-AP qlhost, TW)

tfsq1.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 111.231.169.247 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

cdn.dcloud.net.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	tfsq1.top tfsq1.top	515 KB
1	dcloud.net.cn cdn.dcloud.net.cn — Cisco Umbrella Rank: 69293	420 B
25	2

	Domain	Requested by
6	tfsq1.top	tfsq1.top
1	cdn.dcloud.net.cn	tfsq1.top
25	2

This site contains no links.

Subject Issuer	Validity	Valid
*.dcloud.net.cn Certum Domain Validation CA SHA2	`2024-08-12` - `2025-09-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://tfsq1.top/indexPc.html
Frame ID: C8A931DF8B8CFDDBF546AF7EF1D04CD2
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://tfsq1.top/ HTTP 307
https://tfsq1.top/ HTTP 307
http://tfsq1.top/ Page URL
http://tfsq1.top/indexPc.html Page URL

Page Statistics

25
Requests

4 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

516 kB
Transfer

1624 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tfsq1.top/ HTTP 307
https://tfsq1.top/ HTTP 307
http://tfsq1.top/ Page URL
http://tfsq1.top/indexPc.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://tfsq1.top/ HTTP 307
https://tfsq1.top/ HTTP 307
http://tfsq1.top/

25 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response tfsq1.top/ Redirect Chain http://tfsq1.top/ https://tfsq1.top/ http://tfsq1.top/	777 B 1006 B	364ms 363ms	Document text/html	45.204.80.216 HQTC-AS-AP qlhost
General Check archive.org Show headers Download Go to Full URL http://tfsq1.top/ Protocol HTTP/1.1 Server 45.204.80.216 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW), Reverse DNS Software cdn / Resource Hash `42ae0382e204361e8761224fcde1630d3937f08420dfd452c329e38a974027ef` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Connection keep-alive Content-Length 777 Content-Type text/html Date Fri, 27 Dec 2024 07:39:13 GMT ETag "6746dcf8-309" Last-Modified Wed, 27 Nov 2024 08:48:56 GMT Server cdn Redirect headers Location http://tfsq1.top/ Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	200 OK	index.2da1efab.css tfsq1.top/static/	94 KB 29 KB	367ms 367ms	Stylesheet text/css	45.204.80.216 HQTC-AS-AP qlhost
General Check archive.org Show headers Download Go to Full URL http://tfsq1.top/static/index.2da1efab.css Requested by Host: tfsq1.top URL: http://tfsq1.top/ Protocol HTTP/1.1 Server 45.204.80.216 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW), Reverse DNS Software cdn / Resource Hash `e97de9a247807f12d74101e9f736250b2410be4e1ed3d17ed875e4b08cf66c83` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer http://tfsq1.top/ Response headers Transfer-Encoding chunked Content-Encoding gzip ETag W/"6746dcf8-178f9" Connection keep-alive Date Fri, 27 Dec 2024 07:39:13 GMT Content-Type text/css Last-Modified Wed, 27 Nov 2024 08:48:56 GMT Vary Accept-Encoding Server cdn
GET H/1.1	200 OK	chunk-vendors.1f6655b0.js Show response tfsq1.top/static/js/	1 MB 399 KB	926ms 716ms	Script application/javascript	45.204.80.216 HQTC-AS-AP qlhost
General Check archive.org Show headers Download Go to Full URL http://tfsq1.top/static/js/chunk-vendors.1f6655b0.js Requested by Host: tfsq1.top URL: http://tfsq1.top/ Protocol HTTP/1.1 Server 45.204.80.216 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW), Reverse DNS Software cdn / Resource Hash `8b3578bf1bdd5bd0e04dcb3c2735c52d0086a9913e6efcf439f4934c8fa8a011` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer http://tfsq1.top/ Response headers Transfer-Encoding chunked Content-Encoding gzip ETag W/"6746dcf8-10df5d" Connection keep-alive Date Fri, 27 Dec 2024 07:39:13 GMT Content-Type application/javascript Last-Modified Wed, 27 Nov 2024 08:48:56 GMT Vary Accept-Encoding Server cdn
GET H/1.1	200 OK	index.ea1e8377.js Show response tfsq1.top/static/js/	105 KB 21 KB	582ms 373ms	Script application/javascript	45.204.80.216 HQTC-AS-AP qlhost
General Check archive.org Show headers Download Go to Full URL http://tfsq1.top/static/js/index.ea1e8377.js Requested by Host: tfsq1.top URL: http://tfsq1.top/ Protocol HTTP/1.1 Server 45.204.80.216 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW), Reverse DNS Software cdn / Resource Hash `e63934b7118329eeae4cf8ac661f06eaba15c966c0dbddd3afdec6a82cf7c775` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer http://tfsq1.top/ Response headers Transfer-Encoding chunked Content-Encoding gzip ETag W/"6746dcf8-1a41e" Connection keep-alive Date Fri, 27 Dec 2024 07:39:13 GMT Content-Type application/javascript Last-Modified Wed, 27 Nov 2024 08:48:56 GMT Vary Accept-Encoding Server cdn
GET H2	200	shadow-grey.png cdn.dcloud.net.cn/img/	136 B 420 B	1106ms 268ms	Image image/png	111.231.169.247 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.dcloud.net.cn/img/shadow-grey.png Requested by Host: tfsq1.top URL: http://tfsq1.top/static/index.2da1efab.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 111.231.169.247 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software nginx / Resource Hash `ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer http://tfsq1.top/ Response headers cache-control max-age=28800 etag "5cf8b5bf-88" expires Fri, 27 Dec 2024 15:39:25 GMT accept-ranges bytes content-length 136 date Fri, 27 Dec 2024 07:39:25 GMT content-type image/png last-modified Thu, 06 Jun 2019 06:42:07 GMT server nginx
GET H/1.1	200 OK	Primary Request indexPc.html Show response tfsq1.top/	445 B 674 B	358ms 357ms	Document text/html	45.204.80.216 HQTC-AS-AP qlhost
General Check archive.org Show headers Download Go to Full URL http://tfsq1.top/indexPc.html Requested by Host: tfsq1.top URL: http://tfsq1.top/static/js/index.ea1e8377.js Protocol HTTP/1.1 Server 45.204.80.216 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW), Reverse DNS Software cdn / Resource Hash `8b90ce40381b54a2c13bc468208e3daeeefef7abe151821458c2cba60734a134` Request headers Referer http://tfsq1.top/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Connection keep-alive Content-Length 445 Content-Type text/html Date Fri, 27 Dec 2024 07:39:32 GMT ETag "67487132-1bd" Last-Modified Thu, 28 Nov 2024 13:33:38 GMT Server cdn
GET		pages-accountRecord-accountRecord~pages-car-car~pages-chat-chat~pages-class-class~pages-collect-coll~6896bd8f.cc6a565d.js tfsq1.top/static/js/	0 0

GET		pages-accountRecord-accountRecord~pages-class-class~pages-collect-collect~pages-commissionRecord-com~03c83993.7714aca7.js tfsq1.top/static/js/	0 0

GET		pages-chat-chat~pages-index-index~pages-offline-offline~pages-order-order~pages-question-question~pa~165b8128.154cc6c1.js tfsq1.top/static/js/	0 0

GET		pages-accountRecord-accountRecord~pages-commissionRecord-commissionRecord~pages-index-index~pages-kn~dddf8d3c.fd3c4e3f.js tfsq1.top/static/js/	0 0

GET		pages-index-index.d98b19f7.js tfsq1.top/static/js/	0 0

GET		pages-car-car~pages-class-class~pages-commissionBalance-commissionBalance~pages-commissionWithdrawal~79007254.baa6a176.js tfsq1.top/static/js/	0 0

GET		pages-car-car~pages-class-class~pages-commissionBalance-commissionBalance~pages-commissionWithdrawal~840b5b22.56958cdf.js tfsq1.top/static/js/	0 0

GET		pages-forgetPwd-forgetPwd~pages-login-login~pages-payWaySet-payWaySet~pages-register-register~pages-~cdf2d5af.3c9faf9e.js tfsq1.top/static/js/	0 0

GET		pages-login-login.5963c8a9.js tfsq1.top/static/js/	0 0

GET		home_s.png tfsq1.top/static/images/	0 0

GET		class.png tfsq1.top/static/images/	0 0

GET		order.png tfsq1.top/static/images/	0 0

GET		user.png tfsq1.top/static/images/	0 0

GET		getSys tfsq1.top/api/	0 0

GET		getSettings tfsq1.top/common/	0 0

GET		getSiteName tfsq1.top/admin/	0 0

GET		getSiteName tfsq1.top/admin/	0 0

GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer http://tfsq1.top/ Response headers Content-Type image/svg+xml
GET		index-0cd19637.js tfsq1.top/assetsPc/	0 0

GET H/1.1	200 OK	indexPc-d85e9c65.css tfsq1.top/assetsPc/	343 KB 64 KB	541ms 351ms	Stylesheet text/css	45.204.80.216 HQTC-AS-AP qlhost
General Check archive.org Show headers Download Go to Full URL http://tfsq1.top/assetsPc/indexPc-d85e9c65.css Requested by Host: tfsq1.top URL: http://tfsq1.top/indexPc.html Protocol HTTP/1.1 Server 45.204.80.216 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW), Reverse DNS Software cdn / Resource Hash `d85e9c65afb29ed10a8a6729d8fde40112cd48af3610818eaa8c93023b5ac0c7` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer http://tfsq1.top/indexPc.html Response headers Transfer-Encoding chunked Content-Encoding gzip ETag W/"67487132-55abc" Connection keep-alive Date Fri, 27 Dec 2024 07:39:33 GMT Content-Type text/css Last-Modified Thu, 28 Nov 2024 13:33:38 GMT Vary Accept-Encoding Server cdn

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tfsq1.top
URL: http://tfsq1.top/static/js/pages-accountRecord-accountRecord~pages-car-car~pages-chat-chat~pages-class-class~pages-collect-coll~6896bd8f.cc6a565d.js

Domain: tfsq1.top
URL: http://tfsq1.top/static/js/pages-accountRecord-accountRecord~pages-class-class~pages-collect-collect~pages-commissionRecord-com~03c83993.7714aca7.js

Domain: tfsq1.top
URL: http://tfsq1.top/static/js/pages-chat-chat~pages-index-index~pages-offline-offline~pages-order-order~pages-question-question~pa~165b8128.154cc6c1.js

Domain: tfsq1.top
URL: http://tfsq1.top/static/js/pages-accountRecord-accountRecord~pages-commissionRecord-commissionRecord~pages-index-index~pages-kn~dddf8d3c.fd3c4e3f.js

Domain: tfsq1.top
URL: http://tfsq1.top/static/js/pages-index-index.d98b19f7.js

Domain: tfsq1.top
URL: http://tfsq1.top/static/js/pages-car-car~pages-class-class~pages-commissionBalance-commissionBalance~pages-commissionWithdrawal~79007254.baa6a176.js

Domain: tfsq1.top
URL: http://tfsq1.top/static/js/pages-car-car~pages-class-class~pages-commissionBalance-commissionBalance~pages-commissionWithdrawal~840b5b22.56958cdf.js

Domain: tfsq1.top
URL: http://tfsq1.top/static/js/pages-forgetPwd-forgetPwd~pages-login-login~pages-payWaySet-payWaySet~pages-register-register~pages-~cdf2d5af.3c9faf9e.js

Domain: tfsq1.top
URL: http://tfsq1.top/static/js/pages-login-login.5963c8a9.js

Domain: tfsq1.top
URL: http://tfsq1.top/static/images/home_s.png

Domain: tfsq1.top
URL: http://tfsq1.top/static/images/class.png

Domain: tfsq1.top
URL: http://tfsq1.top/static/images/order.png

Domain: tfsq1.top
URL: http://tfsq1.top/static/images/user.png

Domain: tfsq1.top
URL: http://tfsq1.top/api/getSys

Domain: tfsq1.top
URL: http://tfsq1.top/common/getSettings?Key=tc_status,sstz,is_tx,is_yqm,is_register,up_app,header_html,zx_order,ms_status,wykf_status,down_html

Domain: tfsq1.top
URL: http://tfsq1.top/admin/getSiteName

Domain: tfsq1.top
URL: http://tfsq1.top/admin/getSiteName

Domain: tfsq1.top
URL: http://tfsq1.top/assetsPc/index-0cd19637.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dcloud.net.cn/	1970-01-21 11:37:25	Name: __uni__uid Value: rBEQUmduWa1MT0rDA6JVAg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.dcloud.net.cn
tfsq1.top
tfsq1.top
111.231.169.247
45.204.80.216
42ae0382e204361e8761224fcde1630d3937f08420dfd452c329e38a974027ef
8b3578bf1bdd5bd0e04dcb3c2735c52d0086a9913e6efcf439f4934c8fa8a011
8b90ce40381b54a2c13bc468208e3daeeefef7abe151821458c2cba60734a134
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
d85e9c65afb29ed10a8a6729d8fde40112cd48af3610818eaa8c93023b5ac0c7
e63934b7118329eeae4cf8ac661f06eaba15c966c0dbddd3afdec6a82cf7c775
e97de9a247807f12d74101e9f736250b2410be4e1ed3d17ed875e4b08cf66c83

tfsq1.top Open in urlscan Pro 45.204.80.216 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

25 Requests

4 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

516 kBTransfer

1624 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

Indicators

tfsq1.top Open in urlscan Pro
45.204.80.216 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

4 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

516 kB
Transfer

1624 kB
Size

1
Cookies

25 HTTP transactions
1 data transactions