c.65268.mobi Open in urlscan Pro
27.124.47.240 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://13997.net/
Effective URL:
https://c.65268.mobi/
Submission: On January 01 via api (January 1st 2025, 4:05:42 am UTC) from BE — Scanned from SG

Summary HTTP 22 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 22 HTTP transactions. The main IP is 27.124.47.240, located in Singapore and belongs to CTGSERVERLIMITED-AS-AP CTG Server Limited, HK. The main domain is c.65268.mobi.
TLS certificate: Issued by R11 on December 28th 2024. Valid for: 3 months.

This is the only time c.65268.mobi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete 2fkjuy6f.apk 76 MB

Size: 76 MB (80186155 bytes, 0% done)

Downloaded from: https://38405838.eyumvnbjdwqoirkj.whggjrg.com/b35f2b14e0d1f438b27203f445f002d50/2fkjuy6f.apk

Domain & IP information

	IP Address	AS Autonomous System
1	137.220.225.247 137.220.225.247	152194 (CTGSERVER...) (CTGSERVERLIMITED-AS-AP CTG Server Limited)
15	27.124.47.240 27.124.47.240	152194 (CTGSERVER...) (CTGSERVERLIMITED-AS-AP CTG Server Limited)
2	180.87.173.159 180.87.173.159	6453 (AS6453) (AS6453)
1 3	170.33.12.233 170.33.12.233	134963 (ASEPL-AS-...) (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited)
1	111.45.3.198 111.45.3.198	9808 (CHINAMOBI...) (CHINAMOBILE-CN China Mobile Communications Group Co.)
1 1	180.163.146.82 180.163.146.82	() ()
1	116.169.184.170 116.169.184.170	() ()
22	6

1 137.220.225.247 (Tokyo, Japan)

ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK)

13997.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 27.124.47.240 (Singapore)

ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK)

c.65268.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 180.87.173.159 (India)

ASN6453 (AS6453, US)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 170.33.12.233 (Singapore) 1 redirects

ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG)

sdk1oatp07vov2ks.chuangxiangjiaoyu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 111.45.3.198 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.163.146.82 (None, ) 1 redirects

ASN- ()

kelxh4bvh.turbinblackative.vethcraft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.169.184.170 (None, )

ASN- ()

38405838.eyumvnbjdwqoirkj.whggjrg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	65268.mobi c.65268.mobi	557 KB
3	chuangxiangjiaoyu.com 1 redirects sdk1oatp07vov2ks.chuangxiangjiaoyu.com	2 KB
2	51.la sdk.51.la — Cisco Umbrella Rank: 73455 collect-v6.51.la — Cisco Umbrella Rank: 78995	36 KB
1	whggjrg.com 38405838.eyumvnbjdwqoirkj.whggjrg.com
1	vethcraft.com 1 redirects kelxh4bvh.turbinblackative.vethcraft.com	792 B
1	baidu.com hm.baidu.com — Cisco Umbrella Rank: 12020	175 B
1	13997.net 13997.net	11 KB
22	7

	Domain	Requested by
15	c.65268.mobi	13997.net c.65268.mobi
3	sdk1oatp07vov2ks.chuangxiangjiaoyu.com	1 redirects c.65268.mobi
1	38405838.eyumvnbjdwqoirkj.whggjrg.com	c.65268.mobi
1	kelxh4bvh.turbinblackative.vethcraft.com	1 redirects
1	hm.baidu.com	c.65268.mobi
1	collect-v6.51.la	sdk.51.la
1	sdk.51.la	c.65268.mobi
1	13997.net
22	8

This site contains links to these domains. Also see Links.

Domain
vsgiuphb.khubnzkoszudupz.top

Subject Issuer	Validity	Valid
13997.net R10	`2024-12-28` - `2025-03-28`	3 months	crt.sh
a.65268.mobi R11	`2024-12-28` - `2025-03-28`	3 months	crt.sh
*.51.la GlobalSign RSA OV SSL CA 2018	`2024-03-19` - `2025-04-20`	a year	crt.sh
*.chuangxiangjiaoyu.com E6	`2024-12-19` - `2025-03-19`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2024-07-08` - `2025-08-09`	a year	crt.sh
*.ssoicjmgnjsdhew.whggjrg.com R10	`2024-12-26` - `2025-03-26`	3 months	crt.sh

This page contains 1 frames:

Frame: https://38405838.eyumvnbjdwqoirkj.whggjrg.com/b35f2b14e0d1f438b27203f445f002d50/2fkjuy6f.apk
Frame ID: 29D4491E6FDCED03B5C7277D75A8DBCC
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://13997.net/ Page URL
https://c.65268.mobi/ Page URL

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

6
IPs

4
Countries

606 kB
Transfer

744 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://vsgiuphb.khubnzkoszudupz.top/index?key=cd24902769ef49c541ba655e22c7aecd&gid=bbf3470a3ead165a8c7010f2cffb57ef&sa=5d031e5644f1d522f1e6572a0d65f338

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://13997.net/ Page URL
https://c.65268.mobi/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://sdk1oatp07vov2ks.chuangxiangjiaoyu.com:6443/page/aoku10lg/install/c/eyJjIjoiYzY1MjY4bW9iaSIsIm0iOiJOUHdjVWxtZ0x5QUFBQUdVSUFvNUtqY3BnME9YdS12aTBvYzUtbExPbVY3ZFJHYkgxXzVWRkZNU3FnNW95dTBETktwVXRVdjZ2N1RXaEUyTTBrV09xMWRmNUY4MXFfZnQtUXlfc0NneVN6RllFNzBkSlkyUGpBbUtGVy16QTU2cnRiWmUza054NlR0SVEyWUsifQ==?p=0 HTTP 302
https://kelxh4bvh.turbinblackative.vethcraft.com/83cbdb61a7c7fee2 HTTP 302
https://38405838.eyumvnbjdwqoirkj.whggjrg.com/b35f2b14e0d1f438b27203f445f002d50/2fkjuy6f.apk

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
13997.net/ 66 KB
11 KB 649ms
195ms Document
text/html 137.220.225.247
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://13997.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.220.225.247 Tokyo, Japan, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 01 Jan 2025 04:05:27 GMT
Etag: W/"677431fa-107bc"
Last-Modified: Tue, 31 Dec 2024 18:03:38 GMT
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache: BYPASS

GET
H/1.1 200
OK Primary Request / Show response
c.65268.mobi/ 4 KB
2 KB 497ms
46ms Document
text/html 27.124.47.240
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.65268.mobi/
Requested by: Host: 13997.net
URL: https://13997.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 27.124.47.240 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 85ceeceaec344534bdb054244dbed88e04d8efc28062070542de75faf5171107

Request headers

Referer: https://13997.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Content-Encoding: gzip
Content-Length: 1497
Content-Type: text/html
Date: Wed, 01 Jan 2025 04:05:28 GMT
Etag: W/"671de6da-e21"
Last-Modified: Sun, 27 Oct 2024 07:08:10 GMT
Server: openresty
Vary: Accept-Encoding
X-Cache: BYPASS

GET
H/1.1 200
OK conf.js Show response
c.65268.mobi/files/ 967 B
1 KB 44ms
41ms Script
application/javascript 27.124.47.240
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.65268.mobi/files/conf.js
Requested by: Host: c.65268.mobi
URL: https://c.65268.mobi/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 27.124.47.240 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: c0b382dba14d61084c4c3a976191fde672d9a12c141ad6248eb4813172891d71

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://c.65268.mobi/

Response headers

Cache-Control: max-age=2592000
ETag: "1735647525"
Expires: Thu, 30 Jan 2025 12:18:45 GMT
Accept-Ranges: bytes
X-Cache: HIT, policy, disk
Content-Length: 967
Date: Tue, 31 Dec 2024 12:18:45 GMT
Content-Type: application/javascript
Last-Modified: Tue, 31 Dec 2024 12:18:45 GMT
Server: openresty

GET
H/1.1 200
OK index.css
c.65268.mobi/files/ 7 KB
2 KB 91ms
45ms Stylesheet
text/css 27.124.47.240
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.65268.mobi/files/index.css
Requested by: Host: c.65268.mobi
URL: https://c.65268.mobi/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 27.124.47.240 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 35a2904ff2ddc952377fc77c03f6895e196aea441cbea37759fbbb2fb3547a9c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://c.65268.mobi/

Response headers

Cache-Control: max-age=2592000
Content-Encoding: gzip
Etag: W/"66968791-1c47"
Expires: Fri, 31 Jan 2025 04:05:28 GMT
X-Cache: UPDATING
Content-Length: 1673
Date: Wed, 01 Jan 2025 04:05:28 GMT
Content-Type: text/css
Last-Modified: Tue, 16 Jul 2024 14:45:37 GMT
Server: openresty
Vary: Accept-Encoding

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
c.65268.mobi/files/ 87 KB
34 KB 109ms
36ms Script
application/javascript 27.124.47.240
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.65268.mobi/files/jquery-3.5.1.min.js
Requested by: Host: c.65268.mobi
URL: https://c.65268.mobi/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 27.124.47.240 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://c.65268.mobi/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=2592000
Content-Encoding: gzip
ETag: "1735647525"
Expires: Thu, 30 Jan 2025 12:18:45 GMT
X-Cache: HIT, policy, disk
Date: Tue, 31 Dec 2024 12:18:45 GMT
Content-Type: application/javascript
Last-Modified: Tue, 31 Dec 2024 12:18:45 GMT
Server: openresty
Vary: Accept-Encoding

GET
H/1.1 200
OK appinstall.js Show response
c.65268.mobi/files/ 46 KB
20 KB 121ms
49ms Script
application/javascript 27.124.47.240
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.65268.mobi/files/appinstall.js
Requested by: Host: c.65268.mobi
URL: https://c.65268.mobi/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 27.124.47.240 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://c.65268.mobi/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=2592000
Content-Encoding: gzip
Etag: W/"65ed6366-b9e1"
Expires: Fri, 31 Jan 2025 04:05:28 GMT
X-Cache: UPDATING
Date: Wed, 01 Jan 2025 04:05:28 GMT
Content-Type: application/javascript
Last-Modified: Sun, 10 Mar 2024 07:38:14 GMT
Server: openresty
Vary: Accept-Encoding

GET
H/1.1 200
OK xzapp.js Show response
c.65268.mobi/ 2 KB
1 KB 118ms
44ms Script
application/javascript 27.124.47.240
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.65268.mobi/xzapp.js
Requested by: Host: c.65268.mobi
URL: https://c.65268.mobi/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 27.124.47.240 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: ea9eb20ebaa884323d032b1370204c60587466fa0a1283ce2c8ec1ee0d968f9c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://c.65268.mobi/

Response headers

Cache-Control: max-age=2592000
Content-Encoding: gzip
Etag: W/"6772a6ba-975"
Expires: Fri, 31 Jan 2025 04:05:28 GMT
X-Cache: UPDATING
Content-Length: 1162
Date: Wed, 01 Jan 2025 04:05:28 GMT
Content-Type: application/javascript
Last-Modified: Mon, 30 Dec 2024 13:57:14 GMT
Server: openresty
Vary: Accept-Encoding

GET
H/1.1 200
OK qrcode.min.html Show response
c.65268.mobi/files/ 150 B
377 B 117ms
42ms Script
text/html 27.124.47.240
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.65268.mobi/files/qrcode.min.html
Requested by: Host: c.65268.mobi
URL: https://c.65268.mobi/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 27.124.47.240 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://c.65268.mobi/

Response headers

Etag: "65ed6368-96"
Accept-Ranges: bytes
X-Cache: BYPASS
Content-Length: 150
Date: Wed, 01 Jan 2025 04:05:28 GMT
Content-Type: text/html
Last-Modified: Sun, 10 Mar 2024 07:38:16 GMT
Server: openresty

GET
H/1.1 200
OK logo.png
c.65268.mobi/tp/ 18 KB
18 KB 87ms
48ms Image
image/png 27.124.47.240
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.65268.mobi/tp/logo.png
Requested by: Host: c.65268.mobi
URL: https://c.65268.mobi/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 27.124.47.240 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: a923e41b38a0712f8a21a70b01baeac99e4d1157a536eafe384617476809eac4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://c.65268.mobi/

Response headers

Cache-Control: max-age=2592000
Etag: "66a730fc-4631"
Expires: Fri, 31 Jan 2025 04:05:28 GMT
Accept-Ranges: bytes
X-Cache: UPDATING
Content-Length: 17969
Date: Wed, 01 Jan 2025 04:05:28 GMT
Content-Type: image/png
Last-Modified: Mon, 29 Jul 2024 06:04:44 GMT
Server: openresty

GET
H/1.1 200
OK kf.png
c.65268.mobi/tp/ 44 KB
45 KB 49ms
48ms Image
image/png 27.124.47.240
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.65268.mobi/tp/kf.png
Requested by: Host: c.65268.mobi
URL: https://c.65268.mobi/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 27.124.47.240 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: afc26fa6d6167705b49ddee1f62867bcfe117edbec44760563be498b593ed9be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://c.65268.mobi/

Response headers

Cache-Control: max-age=2592000
Etag: "66a4503a-b1c2"
Expires: Fri, 31 Jan 2025 04:05:28 GMT
Accept-Ranges: bytes
X-Cache: UPDATING
Content-Length: 45506
Date: Wed, 01 Jan 2025 04:05:28 GMT
Content-Type: image/png
Last-Modified: Sat, 27 Jul 2024 01:41:14 GMT
Server: openresty

GET
H/1.1 200
OK left.png
c.65268.mobi/tp/ 179 KB
179 KB 48ms
47ms Image
image/png 27.124.47.240
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.65268.mobi/tp/left.png
Requested by: Host: c.65268.mobi
URL: https://c.65268.mobi/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 27.124.47.240 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: f3109346e79f61cd91e2c7ef974e5a73e1c2952c88f9f018faa9b3177ee5ec8b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://c.65268.mobi/

Response headers

Cache-Control: max-age=2592000
ETag: "1735647527"
Expires: Thu, 30 Jan 2025 12:18:46 GMT
Accept-Ranges: bytes
X-Cache: HIT, policy, disk
Content-Length: 183101
Date: Tue, 31 Dec 2024 12:18:46 GMT
Content-Type: image/png
Last-Modified: Tue, 31 Dec 2024 12:18:47 GMT
Server: openresty

GET
H/1.1 200
OK wenzi.png
c.65268.mobi/tp/ 123 KB
123 KB 63ms
61ms Image
image/png 27.124.47.240
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.65268.mobi/tp/wenzi.png
Requested by: Host: c.65268.mobi
URL: https://c.65268.mobi/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 27.124.47.240 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 676ff123856e151aa723787ea36f37ceb580d2644478d05ce820bbbadaa71fc9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://c.65268.mobi/

Response headers

Cache-Control: max-age=2592000
Etag: "66a730a0-1eadd"
Expires: Fri, 31 Jan 2025 04:05:28 GMT
Accept-Ranges: bytes
X-Cache: UPDATING
Content-Length: 125661
Date: Wed, 01 Jan 2025 04:05:28 GMT
Content-Type: image/png
Last-Modified: Mon, 29 Jul 2024 06:03:12 GMT
Server: openresty

GET
H/1.1 200
OK xiazai.png
c.65268.mobi/tp/ 65 KB
65 KB 48ms
46ms Image
image/png 27.124.47.240
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.65268.mobi/tp/xiazai.png
Requested by: Host: c.65268.mobi
URL: https://c.65268.mobi/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 27.124.47.240 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 88ceb9b09262b45859b14746b9a6121687b98f8265114d853982514e4afe87a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://c.65268.mobi/

Response headers

Cache-Control: max-age=2592000
ETag: "1735647526"
Expires: Thu, 30 Jan 2025 12:18:46 GMT
Accept-Ranges: bytes
X-Cache: HIT, policy, disk
Content-Length: 66337
Date: Tue, 31 Dec 2024 12:18:46 GMT
Content-Type: image/png
Last-Modified: Tue, 31 Dec 2024 12:18:46 GMT
Server: openresty

GET
H/1.1 200
OK android.png
c.65268.mobi/tp/ 34 KB
35 KB 52ms
51ms Image
image/png 27.124.47.240
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.65268.mobi/tp/android.png
Requested by: Host: c.65268.mobi
URL: https://c.65268.mobi/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 27.124.47.240 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 84d8ff077c369ac246cfe9720fb283c6ce87253bfe36dd846ed81f28afa19e70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://c.65268.mobi/

Response headers

Cache-Control: max-age=2592000
Etag: "66a4503a-890e"
Expires: Fri, 31 Jan 2025 04:05:28 GMT
Accept-Ranges: bytes
X-Cache: UPDATING
Content-Length: 35086
Date: Wed, 01 Jan 2025 04:05:28 GMT
Content-Type: image/png
Last-Modified: Sat, 27 Jul 2024 01:41:14 GMT
Server: openresty

GET
H/1.1 200
OK ios.png
c.65268.mobi/tp/ 31 KB
31 KB 57ms
56ms Image
image/png 27.124.47.240
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.65268.mobi/tp/ios.png
Requested by: Host: c.65268.mobi
URL: https://c.65268.mobi/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 27.124.47.240 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: 52d9cd6115c01c1ce289c32e78d31b38283ac59a8feb2765a5870ecd555534a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://c.65268.mobi/

Response headers

Cache-Control: max-age=2592000
Etag: "66a4503a-7c14"
Expires: Fri, 31 Jan 2025 04:05:28 GMT
Accept-Ranges: bytes
X-Cache: UPDATING
Content-Length: 31764
Date: Wed, 01 Jan 2025 04:05:28 GMT
Content-Type: image/png
Last-Modified: Sat, 27 Jul 2024 01:41:14 GMT
Server: openresty

GET
H2 200 js-sdk-pro.min.js Show response
sdk.51.la/ 35 KB
36 KB 89ms
74ms Script
text/plain 180.87.173.159
AS6453

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: c.65268.mobi
URL: https://c.65268.mobi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.87.173.159 , India, ASN6453 (AS6453, US),
Reverse DNS
Software: openresty /
Resource Hash: ab600bcb623360b5a87e5657495bb968325f0a47c3772fe3c1cc052ebd35f153

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://c.65268.mobi/

Response headers

cache-control: no-store
access-control-allow-credentials: true
via: EA-SGP-EDGE7-CACHE13[72],EA-SGP-EDGE7-CACHE13[ovl,69],EA-SGP-EDGE1-CACHE7[ovl,67],EA-HKG-GLOBAL1-CACHE39[ovl,32]
access-control-allow-origin: *
x-ccdn-req-id-46b1: f8fcef3a1079fa3034e08ca97a8a3f53
date: Wed, 01 Jan 2025 04:05:28 GMT
content-type: text/plain; charset=utf-8
server: openresty

POST
H2 200 init Show response
sdk1oatp07vov2ks.chuangxiangjiaoyu.com/web/aoku10lg/c65268m/ 846 B
1 KB 125ms
44ms XHR
application/json 170.33.12.233
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk1oatp07vov2ks.chuangxiangjiaoyu.com:6443/web/aoku10lg/c65268m/init?channelCode=c65268mobi&av=0&cv=0&hash=&server=https%3A%2F%2Fsdk1oatp07vov2ks.chuangxiangjiaoyu.com%3A6443&sw=p6Cmpg&sh=p6Smpg&sp=1&li=p6GkuKehuKa4pQ

Requested by

Host: c.65268.mobi
URL: https://c.65268.mobi/files/appinstall.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

170.33.12.233 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),

Reverse DNS

Software

NgxFence /

Resource Hash

bdee0b33f1a75689ef010039c35bf6eee92bfd275b5151cfd5b402709fe2c911

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://c.65268.mobi/

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
access-control-allow-credentials: true
access-control-allow-origin: https://c.65268.mobi
date: Wed, 01 Jan 2025 04:05:28 GMT
content-type: application/json;charset=utf-8
vary: Origin, Origin
server: NgxFence

POST
H2 200 collect Show response
collect-v6.51.la/v6/ 0
288 B 72ms
68ms XHR
text/plain 180.87.173.159
AS6453

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 180.87.173.159 , India, ASN6453 (AS6453, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://c.65268.mobi/

Response headers

via: EA-SGP-EDGE7-CACHE13[66],EA-SGP-EDGE7-CACHE13[ovl,63],EA-SGP-EDGE8-CACHE11[ovl,62]
access-control-allow-origin: https://c.65268.mobi
x-ccdn-req-id-46b1: ab272268cbff5c972bc6c2426cd23ef6
content-length: 0
date: Wed, 01 Jan 2025 04:05:28 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 0
175 B 266ms
155ms Script
text/plain 111.45.3.198
CHINAMOBILE-CN Ch...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?abecb1866a53f2659a40384811d14806

Requested by

Host: c.65268.mobi
URL: https://c.65268.mobi/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.3.198 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://c.65268.mobi/

Response headers

Strict-Transport-Security: max-age=172800
Content-Length: 0
Date: Wed, 01 Jan 2025 04:05:28 GMT
Content-Type: text/plain; charset=utf-8
Server: apache

GET
H/1.1 404
Not Found favicon.ico
c.65268.mobi/ 552 B
710 B 48ms
47ms Other
text/html 27.124.47.240
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.65268.mobi/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 27.124.47.240 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: openresty /
Resource Hash: a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://c.65268.mobi/

Response headers

X-Cache: BYPASS, Status: 404
Content-Length: 552
Date: Wed, 01 Jan 2025 04:05:28 GMT
Content-Type: text/html
Server: openresty

POST
H2 200 eyJjIjoiYzY1MjY4bW9iaSIsIm0iOiJRWG52S3NWVGdUSUFBQUdVSUFvNUtqUmRMemlXMFd5LUVsVTJ6dTZuaTJLNEdKZklaN2NlZTBFVWtaZFR3eTN1dGxzbW51R2VBdWp0ZkdJYVE3TUVrWWR0MWczRklUQUtmcnFNZjI2MC1rNDFWMFZXQVJDWU0xSDkwck40R...
sdk1oatp07vov2ks.chuangxiangjiaoyu.com/web/aoku10lg/c65268m/clicked/c/ 0
379 B 40ms
40ms Ping
text/plain 170.33.12.233
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk1oatp07vov2ks.chuangxiangjiaoyu.com:6443/web/aoku10lg/c65268m/clicked/c/eyJjIjoiYzY1MjY4bW9iaSIsIm0iOiJRWG52S3NWVGdUSUFBQUdVSUFvNUtqUmRMemlXMFd5LUVsVTJ6dTZuaTJLNEdKZklaN2NlZTBFVWtaZFR3eTN1dGxzbW51R2VBdWp0ZkdJYVE3TUVrWWR0MWczRklUQUtmcnFNZjI2MC1rNDFWMFZXQVJDWU0xSDkwck40RU9XY0lHVWFQUndWc3NTSUwzU3YifQ==?p=0&ref=https%3A%2F%2Fc.65268.mobi%2F&ac=0&cc=0&channelCode=c65268mobi

Requested by

Host: c.65268.mobi
URL: https://c.65268.mobi/files/appinstall.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

170.33.12.233 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),

Reverse DNS

Software

NgxFence /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://c.65268.mobi/

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: https://c.65268.mobi
content-length: 0
date: Wed, 01 Jan 2025 04:05:33 GMT
vary: Origin, Origin
server: NgxFence

GET
H/1.1

200
OK

2fkjuy6f.apk
38405838.eyumvnbjdwqoirkj.whggjrg.com/b35f2b14e0d1f438b27203f445f002d50/
Redirect Chain

https://sdk1oatp07vov2ks.chuangxiangjiaoyu.com:6443/page/aoku10lg/install/c/eyJjIjoiYzY1MjY4bW9iaSIsIm0iOiJOUHdjVWxtZ0x5QUFBQUdVSUFvNUtqY3BnME9YdS12aTBvYzUtbExPbVY3ZFJHYkgxXzVWRkZNU3FnNW95dTBETktwV...
https://kelxh4bvh.turbinblackative.vethcraft.com/83cbdb61a7c7fee2
https://38405838.eyumvnbjdwqoirkj.whggjrg.com/b35f2b14e0d1f438b27203f445f002d50/2fkjuy6f.apk

0
0

1216ms
486ms

Document
application/vnd.android.package-archive

116.169.184.170

General

Check archive.org

Show headers Download Go to

Full URL: https://38405838.eyumvnbjdwqoirkj.whggjrg.com/b35f2b14e0d1f438b27203f445f002d50/2fkjuy6f.apk
Requested by: Host: c.65268.mobi
URL: https://c.65268.mobi/files/appinstall.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.169.184.170 -, , ASN (),
Reverse DNS
Software: tencent-cos /
Resource Hash

Request headers

Referer: https://c.65268.mobi/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 80186155
Content-Type: application/vnd.android.package-archive
Date: Wed, 01 Jan 2025 04:05:37 GMT
EO-Cache-Status: MISS
EO-LOG-UUID: 13499627548428865592
ETag: "ec2f305adc00756d0c4ac7871983501d"
Last-Modified: Wed, 01 Jan 2025 04:04:39 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 11148282797028529687
x-cos-request-id: Njc3NGJmMTFfZDJmNTI3MDlfMzI0Nl8xMWJiNmIxMA==

Redirect headers

Ali-Swift-Global-Savetime: 1735704336
Cache-Control: no-cache, no-store, must-revalidate no-cache
Connection: keep-alive
Content-Length: 0
Date: Wed, 01 Jan 2025 04:05:36 GMT
EagleId: b4a3921717357043344126695e
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://38405838.eyumvnbjdwqoirkj.whggjrg.com/b35f2b14e0d1f438b27203f445f002d50/2fkjuy6f.apk
Pragma: no-cache
Server: Tengine
Timing-Allow-Origin: *
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Via: cache25.l2cn1823[70,70,302-0,M], cache64.l2cn1823[71,0], kunlun5.cn7174[1812,1835,302-0,M], kunlun3.cn7174[1837,0]
X-Cache: MISS TCP_MISS dirn:9:324722738
X-Swift-CacheTime: 0
X-Swift-SaveTime: Wed, 01 Jan 2025 04:05:36 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
c.65268.mobi/	1969-12-31 23:59:59	Name: __vtins__K2xRYKB2u2FWbgz3 Value: %7B%22sid%22%3A%20%22813593df-4f34-56ff-bced-6ec84cb71393%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201735706128496%2C%20%22ct%22%3A%201735704328496%7D
c.65268.mobi/	1970-01-21 11:44:24	Name: __51uvsct__K2xRYKB2u2FWbgz3 Value: 1
c.65268.mobi/	1970-01-21 11:44:24	Name: __51vcke__K2xRYKB2u2FWbgz3 Value: fb971997-d82d-577b-b7bb-012b960da344
c.65268.mobi/	1970-01-21 11:44:24	Name: __51vuft__K2xRYKB2u2FWbgz3 Value: 1735704328500

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://c.65268.mobi/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13997.net
38405838.eyumvnbjdwqoirkj.whggjrg.com
c.65268.mobi
collect-v6.51.la
hm.baidu.com
kelxh4bvh.turbinblackative.vethcraft.com
sdk.51.la
sdk1oatp07vov2ks.chuangxiangjiaoyu.com
111.45.3.198
116.169.184.170
137.220.225.247
170.33.12.233
180.163.146.82
180.87.173.159
27.124.47.240
35a2904ff2ddc952377fc77c03f6895e196aea441cbea37759fbbb2fb3547a9c
52d9cd6115c01c1ce289c32e78d31b38283ac59a8feb2765a5870ecd555534a0
676ff123856e151aa723787ea36f37ceb580d2644478d05ce820bbbadaa71fc9
7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd
84d8ff077c369ac246cfe9720fb283c6ce87253bfe36dd846ed81f28afa19e70
85ceeceaec344534bdb054244dbed88e04d8efc28062070542de75faf5171107
88ceb9b09262b45859b14746b9a6121687b98f8265114d853982514e4afe87a7
a923e41b38a0712f8a21a70b01baeac99e4d1157a536eafe384617476809eac4
a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb
ab600bcb623360b5a87e5657495bb968325f0a47c3772fe3c1cc052ebd35f153
afc26fa6d6167705b49ddee1f62867bcfe117edbec44760563be498b593ed9be
bdee0b33f1a75689ef010039c35bf6eee92bfd275b5151cfd5b402709fe2c911
c0b382dba14d61084c4c3a976191fde672d9a12c141ad6248eb4813172891d71
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea9eb20ebaa884323d032b1370204c60587466fa0a1283ce2c8ec1ee0d968f9c
ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6
f3109346e79f61cd91e2c7ef974e5a73e1c2952c88f9f018faa9b3177ee5ec8b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

c.65268.mobi Open in urlscan Pro 27.124.47.240 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

0 %IPv6

7 Domains

8 Subdomains

6 IPs

4 Countries

606 kBTransfer

744 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

4 Cookies

1 Console Messages

Indicators

c.65268.mobi Open in urlscan Pro
27.124.47.240 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

6
IPs

4
Countries

606 kB
Transfer

744 kB
Size

4
Cookies

22 HTTP transactions
0 data transactions