urlscan.io logo urlscan.io
SecurityTrails logo

qitx6cctv07.vip Open in urlscan Pro
2405:1c0:6411:447:b746:5e9c:cb8:345  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://33697.pm/
Effective URL: https://qitx6cctv07.vip:9900/web/?aff=100011200
Submission: On July 21 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 27 HTTP transactions. The main IP is 2405:1c0:6411:447:b746:5e9c:cb8:345, located in Malaysia and belongs to EAGLENET-AP 60 Market Square,P.O. Box 364, PH. The main domain is qitx6cctv07.vip.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 18th 2024. Valid for: a year.
This is the only time qitx6cctv07.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 23.224.75.106 40065 (CNSERVERS)
2 156.251.163.151 40065 (CNSERVERS)
1 163.181.131.209 24429 (TAOBAO Zh...)
1 76.76.21.142 16509 (AMAZON-02)
4 172.67.171.116 13335 (CLOUDFLAR...)
1 60.205.125.212 37963 (ALIBABA-C...)
2 6 2405:1c0:6411... 55303 (EAGLENET-...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
27 9
1    23.224.75.106 (United States)

ASN40065 (CNSERVERS, US)
33697.pm
2    156.251.163.151 (United States)

ASN40065 (CNSERVERS, US)
dxtz001.vip
1    163.181.131.209 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
res.openinstall.com
1    76.76.21.142 (Walnut, United States)

ASN16509 (AMAZON-02, US)
cloud.umami.is
4    172.67.171.116 (United States)

ASN13335 (CLOUDFLARENET, US)
api-gateway.umami.dev
1    60.205.125.212 (Beijing, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
web-uxuu9o.openinstall.com
6    2405:1c0:6411:447:b746:5e9c:cb8:345 (Malaysia)

ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH)
qitx6cctv07.vip
6    2606:4700::6812:ba2 (United States)

ASN13335 (CLOUDFLARENET, US)
g1.cfvn66.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
Apex Domain
Subdomains		 Transfer
6 cfvn66.com
g1.cfvn66.com
177 KB
6 qitx6cctv07.vip
qitx6cctv07.vip
289 KB
4 umami.dev
api-gateway.umami.dev — Cisco Umbrella Rank: 88435
2 KB
2 openinstall.com
res.openinstall.com — Cisco Umbrella Rank: 998426
web-uxuu9o.openinstall.com
22 KB
2 dxtz001.vip
dxtz001.vip
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
76 KB
1 umami.is
cloud.umami.is — Cisco Umbrella Rank: 363339
2 KB
1 33697.pm
33697.pm
291 B
0 iprhapsody.com Failed
www774838.ats.iprhapsody.com Failed
27 9
Domain Requested by
6 g1.cfvn66.com qitx6cctv07.vip
g1.cfvn66.com
6 qitx6cctv07.vip 2 redirects dxtz001.vip
g1.cfvn66.com
qitx6cctv07.vip
4 api-gateway.umami.dev cloud.umami.is
2 dxtz001.vip
1 www.googletagmanager.com qitx6cctv07.vip
1 web-uxuu9o.openinstall.com res.openinstall.com
1 cloud.umami.is dxtz001.vip
1 res.openinstall.com dxtz001.vip
1 33697.pm 1 redirects
0 www774838.ats.iprhapsody.com Failed qitx6cctv07.vip
27 10

This site contains no links.

Subject Issuer Validity Valid
dxtz001.vip
R10		 2024-06-30 -
2024-09-28		 3 months crt.sh
*.openinstall.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2024-05-10 -
2025-05-09		 a year crt.sh
cloud.umami.is
R11		 2024-07-16 -
2024-10-14		 3 months crt.sh
umami.dev
E6		 2024-06-25 -
2024-09-23		 3 months crt.sh
*.qitx6cctv07.vip
Sectigo RSA Domain Validation Secure Server CA		 2024-07-18 -
2025-07-20		 a year crt.sh
*.cfvn66.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-27 -
2024-10-27		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://qitx6cctv07.vip:9900/web/?aff=100011200
Frame ID: FA07D47C11D25CD8D6D36A192E098E09
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://33697.pm/ HTTP 301
    https://dxtz001.vip/nice.htm?100011200 Page URL
  2. https://qitx6cctv07.vip/?aff=100011200 HTTP 301
    https://qitx6cctv07.vip:9900/?aff=100011200 HTTP 302
    https://qitx6cctv07.vip:9900/web/?aff=100011200 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

27
Requests

74 %
HTTPS

33 %
IPv6

9
Domains

10
Subdomains

9
IPs

4
Countries

568 kB
Transfer

1129 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://33697.pm/ HTTP 301
    https://dxtz001.vip/nice.htm?100011200 Page URL
  2. https://qitx6cctv07.vip/?aff=100011200 HTTP 301
    https://qitx6cctv07.vip:9900/?aff=100011200 HTTP 302
    https://qitx6cctv07.vip:9900/web/?aff=100011200 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://33697.pm/ HTTP 301
  • https://dxtz001.vip/nice.htm?100011200

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
nice.htm
dxtz001.vip/
Redirect Chain
  • https://33697.pm/
  • https://dxtz001.vip/nice.htm?100011200
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dxtz001.vip/nice.htm?100011200
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
156.251.163.151 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
cdn /
Resource Hash
ff7202879f0fecc107fe4859adfbee4a63337d30146f058885342e0b6a30f41e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 21 Jul 2024 08:28:48 GMT
ETag
W/"669ca4c7-c1b"
Last-Modified
Sun, 21 Jul 2024 06:03:51 GMT
Server
cdn
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

content-length
162
content-type
text/html
date
Sun, 21 Jul 2024 08:28:46 GMT
location
https://dxtz001.vip/nice.htm?100011200
server
nginx
strict-transport-security
max-age=31536000
openinstall-uxuu9o.js
res.openinstall.com/ 		47 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.openinstall.com/openinstall-uxuu9o.js
Requested by
Host: dxtz001.vip
URL: https://dxtz001.vip/nice.htm?100011200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.131.209 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
c54f7c66910e9d3f7f1be9923fdcfece3b5896cacf18faa627ba4372f0a013c1

Request headers

Referer
https://dxtz001.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 08:28:49 GMT
content-encoding
br
via
cache38.l2fr1[514,515,200-0,M], cache30.l2fr1[516,0], ens-cache3.de7[534,534,200-0,M], ens-cache1.de7[535,0]
server
Tengine
x-swift-cachetime
3600
vary
Accept-Encoding
x-cache
MISS TCP_MISS dirn:11:16764132
ali-swift-global-savetime
1721550529
content-type
text/javascript;charset=utf-8
cache-control
max-age=7200
x-swift-savetime
Sun, 21 Jul 2024 08:28:49 GMT
timing-allow-origin
*
eagleid
a3b5839517215505289192185e
script.js
cloud.umami.is/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.umami.is/script.js
Requested by
Host: dxtz001.vip
URL: https://dxtz001.vip/nice.htm?100011200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ea5a81f5881bce2d303b820cd09d4a0a96981295b5161693e58942a1c7e59f28
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; connect-src *; frame-ancestors 'self';
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://dxtz001.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36

Response headers

content-security-policy
default-src 'self'; img-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; connect-src *; frame-ancestors 'self';
content-encoding
br
date
Sun, 21 Jul 2024 08:28:48 GMT
strict-transport-security
max-age=63072000
age
1679168
x-dns-prefetch-control
on
content-disposition
inline; filename="script.js"
server
Vercel
x-vercel-id
fra1:fra1:fra1::zc2n4-1721550528243-09af6d0d728f
x-matched-path
/script.js
etag
W/"a8b809821d04e40c5935471a8fe4be9a"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
send
api-gateway.umami.dev/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-gateway.umami.dev/api/send
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dxtz001.vip
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-placement
remote-EWR
cf-ray
8a69d1dbba8165bb-FRA
content-length
0
date
Sun, 21 Jul 2024 08:28:49 GMT
expect-ct
max-age=86400, enforce
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lr4CrZrPqy7bcHV1o10K37laJAymIqpojsIcpM6LWkXA3WxcECPy0xdi%2F%2BrTXQle0jW2ABVDSXueFpBH%2Ft96649x6zSCjVea50diFAJRpe%2BMV0jDL5ZEk2suTXfWqnmX8UUg7h7lGlM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
send
api-gateway.umami.dev/api/ 		477 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-gateway.umami.dev/api/send
Requested by
Host: cloud.umami.is
URL: https://cloud.umami.is/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c07ab77ae2114c18b57e9e34e93cbdeb4b2b924108c1f490e66ab9d9735c747e
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dxtz001.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Jul 2024 08:28:51 GMT
content-security-policy
default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-dns-prefetch-control
on
alt-svc
h3=":443"; ma=86400
cf-placement
remote-EWR
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
cloudflare
etag
W/"mih5i3rrwrd9"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
access-control-allow-methods
POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kFSZHd4gqF8oqfHCPrd4w1k%2BHlpBLHDKq0PeVyygketAp6lMaByx9Iz59l6Ej3L5Y4fKxf6KoIjhpypgHmTZLGGHt1n8gdkk4HyJfOGG2Nms5m7SJvAD5rlaT4TkQRNfdU9K%2FqJvbUM%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
x-frame-options
SAMEORIGIN
cf-ray
8a69d1dcab9f65bb-FRA
access-control-allow-headers
*
send
api-gateway.umami.dev/api/ 		477 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-gateway.umami.dev/api/send
Requested by
Host: cloud.umami.is
URL: https://cloud.umami.is/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3107f785de02f11094322e21724ceb019397fb686dca42c7baa6500332d6344d
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dxtz001.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Jul 2024 08:28:50 GMT
content-security-policy
default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-dns-prefetch-control
on
alt-svc
h3=":443"; ma=86400
cf-placement
remote-EWR
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
cloudflare
etag
W/"9st45dg0ebd9"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
access-control-allow-methods
POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HrnAEMZGtuKo3B2wm2wVSbnG%2FET7QoAD9NnDg5KMIgKfbHdnnOoRt51pBtj8PARxLNBUvfGxE2unis6yNsN4ruSyH0GPGGk%2B6z6hcjqSdhDAMZAv1P9abqxVFeoGAEainRDs%2FPxnW0w%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
x-frame-options
SAMEORIGIN
cf-ray
8a69d1dc9b8e65bb-FRA
access-control-allow-headers
*
send
api-gateway.umami.dev/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-gateway.umami.dev/api/send
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.171.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dxtz001.vip
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-placement
remote-EWR
cf-ray
8a69d1dbba7e65bb-FRA
content-length
0
date
Sun, 21 Jul 2024 08:28:49 GMT
expect-ct
max-age=86400, enforce
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rH23nRR49RfZtRMU%2BDoyGzYKERpeVsKv6eYgDfcOMRYFytz9nd2A2HGefqdlo%2BNK5XR5miU3bVue4ZyKr31FDDzxVQteWlzldrmh2V3HwgqaEqBWHiMbjixyJSU3ZKdprOUkzgijuJs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
favicon.ico
dxtz001.vip/ 		138 B
305 B 		Other
General
Check archive.org
Download Go to
Full URL
https://dxtz001.vip/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
156.251.163.151 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
cdn /
Resource Hash
301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f

Request headers

Referer
https://dxtz001.vip/nice.htm?100011200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 08:28:50 GMT
Server
cdn
Connection
keep-alive
ETag
"6688d0a4-8a"
Content-Length
138
Content-Type
text/html
init2
web-uxuu9o.openinstall.com/web/uxuu9o/_/ 		304 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web-uxuu9o.openinstall.com/web/uxuu9o/_/init2?av=0&cv=0&hash=&sw=p6Cmpg&sh=p6Smpg&sp=1&li=p6GkuKehuKa4ow
Requested by
Host: res.openinstall.com
URL: https://res.openinstall.com/openinstall-uxuu9o.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.205.125.212 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://dxtz001.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://dxtz001.vip
date
Sun, 21 Jul 2024 08:28:50 GMT
access-control-allow-credentials
true
content-length
304
vary
Origin
content-type
text/plain
Primary Request /
qitx6cctv07.vip/web/
Redirect Chain
  • https://qitx6cctv07.vip/?aff=100011200
  • https://qitx6cctv07.vip:9900/?aff=100011200
  • https://qitx6cctv07.vip:9900/web/?aff=100011200
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qitx6cctv07.vip:9900/web/?aff=100011200
Requested by
Host: dxtz001.vip
URL: https://dxtz001.vip/nice.htm?100011200
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2405:1c0:6411:447:b746:5e9c:cb8:345 , Malaysia, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
nginx CK6u06Vu4 /
Resource Hash
ef81411067a62b7a476b954b154b0eb3820fffbe134cfcc83145d429927e9cdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://dxtz001.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 Jul 2024 08:28:54 GMT
server
nginx CK6u06Vu4
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding

Redirect headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 Jul 2024 08:28:53 GMT
location
https://qitx6cctv07.vip:9900/web/?aff=100011200#/joinmember
server
nginx CK6u06Vu4
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
chunk-common.6a7ef085.css
g1.cfvn66.com/web/build/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g1.cfvn66.com/web/build/css/chunk-common.6a7ef085.css
Requested by
Host: qitx6cctv07.vip
URL: https://qitx6cctv07.vip:9900/web/?aff=100011200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2f6497ec5bc4857f00120ca9f258a197edf1f3928ce550701ce5a91b6e1d437
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://qitx6cctv07.vip:9900/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 08:28:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
256507
cf-bgj
minify
last-modified
Mon, 18 Dec 2023 03:05:07 GMT
server
cloudflare
etag
W/"657fb6e3-2903"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
timing-allow-origin
*
cf-ray
8a69d1f8bcf89f10-FRA
expires
Mon, 21 Jul 2025 08:28:54 GMT
chunk-vendors.8331f8b2.css
g1.cfvn66.com/web/build/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g1.cfvn66.com/web/build/css/chunk-vendors.8331f8b2.css
Requested by
Host: qitx6cctv07.vip
URL: https://qitx6cctv07.vip:9900/web/?aff=100011200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bd575b84f730e97ad38e388d0ac8ba88d1bf7ccf5b34a6796afd679d8217909
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://qitx6cctv07.vip:9900/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 08:28:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
256506
cf-bgj
minify
last-modified
Mon, 18 Dec 2023 03:05:08 GMT
server
cloudflare
etag
W/"657fb6e4-48ed"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
timing-allow-origin
*
cf-ray
8a69d1f8ccfe9f10-FRA
expires
Mon, 21 Jul 2025 08:28:54 GMT
chunk-common.5175931f.js
g1.cfvn66.com/web/build/js/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g1.cfvn66.com/web/build/js/chunk-common.5175931f.js
Requested by
Host: qitx6cctv07.vip
URL: https://qitx6cctv07.vip:9900/web/?aff=100011200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c85dedafbcd373860f6822940f6e1dabcd815e9cd9f97f7b11b884e16520c8d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://qitx6cctv07.vip:9900/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 08:28:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
256507
cf-bgj
minify
last-modified
Tue, 16 Jul 2024 03:12:57 GMT
server
cloudflare
etag
W/"6695e539-eb9b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
timing-allow-origin
*
cf-ray
8a69d1f8cd019f10-FRA
expires
Mon, 21 Jul 2025 08:28:54 GMT
chunk-vendors.b1f591cd.js
g1.cfvn66.com/web/build/js/ 		430 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g1.cfvn66.com/web/build/js/chunk-vendors.b1f591cd.js
Requested by
Host: qitx6cctv07.vip
URL: https://qitx6cctv07.vip:9900/web/?aff=100011200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12940d94d84e7cde863ec1a00dc300c104ddfea41a6373e510128fed7215572e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://qitx6cctv07.vip:9900/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 08:28:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
256507
cf-polished
origSize=441815
cf-bgj
minify
last-modified
Tue, 16 Jul 2024 03:12:58 GMT
server
cloudflare
etag
W/"6695e53a-6bdd7"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
timing-allow-origin
*
cf-ray
8a69d1f8cd039f10-FRA
expires
Mon, 21 Jul 2025 08:28:54 GMT
index.2eed6731.js
g1.cfvn66.com/web/build/js/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g1.cfvn66.com/web/build/js/index.2eed6731.js
Requested by
Host: qitx6cctv07.vip
URL: https://qitx6cctv07.vip:9900/web/?aff=100011200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0d386f3a52432bfc2ee8f20549545564546243b00c8bd10afc8098f213de876
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://qitx6cctv07.vip:9900/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 08:28:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
256507
cf-bgj
minify
last-modified
Tue, 16 Jul 2024 03:12:58 GMT
server
cloudflare
etag
W/"6695e53a-6be9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
timing-allow-origin
*
cf-ray
8a69d1f8cd059f10-FRA
expires
Mon, 21 Jul 2025 08:28:54 GMT
info
www774838.ats.iprhapsody.com/api/ 		0
0
gtm.js
www.googletagmanager.com/ 		225 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5PQDSQV
Requested by
Host: qitx6cctv07.vip
URL: https://qitx6cctv07.vip:9900/web/?aff=100011200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7d4c64352d8239a02f21cacda40c5245127fe1ac28362d238172a7aba97a6298
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://qitx6cctv07.vip:9900/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 08:28:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77098
x-xss-protection
0
last-modified
Sun, 21 Jul 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 21 Jul 2024 08:28:54 GMT
chunk-49785f7e.c538f634.js
g1.cfvn66.com/web/build/js/ 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://g1.cfvn66.com/web/build/js/chunk-49785f7e.c538f634.js
Requested by
Host: g1.cfvn66.com
URL: https://g1.cfvn66.com/web/build/js/index.2eed6731.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://qitx6cctv07.vip:9900/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 08:28:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
256505
cf-bgj
minify
last-modified
Mon, 20 Nov 2023 03:10:02 GMT
server
cloudflare
etag
W/"655ace0a-3a0e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
timing-allow-origin
*
cf-ray
8a69d1fa1e759f10-FRA
expires
Mon, 21 Jul 2025 08:28:54 GMT
chunk-2d0aa5b8.66495c0c.js
g1.cfvn66.com/web/build/js/ 		0
0
chunk-3d9dda58.cc09620e.css
g1.cfvn66.com/web/build/css/ 		0
0
chunk-3d9dda58.8d7f927e.js
g1.cfvn66.com/web/build/js/ 		0
0
chunk-2d0d0446.87db6c90.js
g1.cfvn66.com/web/build/js/ 		0
0
ver.json
qitx6cctv07.vip/game_picture/ 		0
0
main_loading.svg
g1.cfvn66.com/web/static/image/common/ 		0
0
api
qitx6cctv07.vip/entrance/ 		166 KB
161 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qitx6cctv07.vip:9900/entrance/api
Requested by
Host: qitx6cctv07.vip
URL: https://qitx6cctv07.vip:9900/web/?aff=100011200
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2405:1c0:6411:447:b746:5e9c:cb8:345 , Malaysia, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
nginx, CK6u06Vu4 /
Resource Hash
91c8839f0d1ee439464377b4be094f4e9e8fa538cc7e1a2d3c9a5ece01b6a33d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://qitx6cctv07.vip:9900/web/?aff=100011200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 21 Jul 2024 08:28:54 GMT
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx, CK6u06Vu4
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
api
qitx6cctv07.vip/entrance/ 		131 KB
122 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qitx6cctv07.vip:9900/entrance/api
Requested by
Host: qitx6cctv07.vip
URL: https://qitx6cctv07.vip:9900/web/?aff=100011200
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2405:1c0:6411:447:b746:5e9c:cb8:345 , Malaysia, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
nginx, CK6u06Vu4 /
Resource Hash
5ea4098dd354a0bcfa53c8a9cb0dd2df122332ba71b13e1522657cec92834199
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://qitx6cctv07.vip:9900/web/?aff=100011200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 21 Jul 2024 08:28:55 GMT
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx, CK6u06Vu4
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
api
qitx6cctv07.vip/entrance/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qitx6cctv07.vip:9900/entrance/api
Requested by
Host: qitx6cctv07.vip
URL: https://qitx6cctv07.vip:9900/web/?aff=100011200
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2405:1c0:6411:447:b746:5e9c:cb8:345 , Malaysia, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
nginx, CK6u06Vu4 /
Resource Hash
3583f040788a6860dd1222c6b5287aa262ea526a78d0ed5a58d2e638b1a6dde4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://qitx6cctv07.vip:9900/web/?aff=100011200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 21 Jul 2024 08:28:54 GMT
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx, CK6u06Vu4
vary
Accept-Encoding
content-type
text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www774838.ats.iprhapsody.com
URL
https://www774838.ats.iprhapsody.com:3637/api/info
Domain
g1.cfvn66.com
URL
https://g1.cfvn66.com/web/build/js/chunk-2d0aa5b8.66495c0c.js
Domain
g1.cfvn66.com
URL
https://g1.cfvn66.com/web/build/css/chunk-3d9dda58.cc09620e.css
Domain
g1.cfvn66.com
URL
https://g1.cfvn66.com/web/build/js/chunk-3d9dda58.8d7f927e.js
Domain
g1.cfvn66.com
URL
https://g1.cfvn66.com/web/build/js/chunk-2d0d0446.87db6c90.js
Domain
qitx6cctv07.vip
URL
https://qitx6cctv07.vip:9900/game_picture/ver.json?v=956416
Domain
g1.cfvn66.com
URL
https://g1.cfvn66.com/web/static/image/common/main_loading.svg

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __cdnUrl__ string| alias string| xrayUrl object| dataLayer object| google_tag_manager object| google_tag_data function| logEvent function| setUserProperty object| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| xhr

9 Cookies

Domain/Path Name / Value
qitx6cctv07.vip/ Name: lang
Value: zh-cn
qitx6cctv07.vip/ Name: langx
Value: zh-cn
.qitx6cctv07.vip/ Name: IBCACHE
Value: PtQuHfp0IuzjJEA_8gyN4fxTI1mR5ywFtr2cc-ZQT6qbstdrzf5ULR4YWrrs0HtnR21FWnQtdXdOVDZ2RndfTGFHX0MwcFJsSVRtTXY5UHAtNXRVeGlfOWpCSQ
.qitx6cctv07.vip/ Name: SESSION_ID
Value: guest
.qitx6cctv07.vip/ Name: ICCACHE
Value: 6EFxy07joywO%2BRKRygmaTdOWwjjsff6DAOl12ABqrUI3NThESGg2Y0ZqUDJ3M3o4
qitx6cctv07.vip/ Name: IntrCookie
Value: 100011200
qitx6cctv07.vip/ Name: page_site
Value: first
.cfvn66.com/ Name: __cf_bm
Value: qWBqUcLbOIiEzn9JiJKs2nv.MoNmZ6vub4UsoVD1IcQ-1721550534-1.0.1.1-VRcyEm4ye24dsTMm7vlX0whEPHeAyJbmJC8wLUpC.HzyjFXVvg_edzBllhkZ3zpmZBHMqwrms9Ni6szKSVNkww
.cfvn66.com/ Name: _cfuvid
Value: xoBqaVXSrnQkeEZiQFG7K.laHcV1VoZqDxI7rALyWGI-1721550534555-0.0.1.1-604800000

1 Console Messages

Source Level URL
Text
network error URL: https://dxtz001.vip/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33697.pm
api-gateway.umami.dev
cloud.umami.is
dxtz001.vip
g1.cfvn66.com
qitx6cctv07.vip
res.openinstall.com
web-uxuu9o.openinstall.com
www.googletagmanager.com
www774838.ats.iprhapsody.com
g1.cfvn66.com
qitx6cctv07.vip
www774838.ats.iprhapsody.com
156.251.163.151
163.181.131.209
172.67.171.116
23.224.75.106
2405:1c0:6411:447:b746:5e9c:cb8:345
2606:4700::6812:ba2
2a00:1450:4001:809::2008
60.205.125.212
76.76.21.142
12940d94d84e7cde863ec1a00dc300c104ddfea41a6373e510128fed7215572e
1c85dedafbcd373860f6822940f6e1dabcd815e9cd9f97f7b11b884e16520c8d
2bd575b84f730e97ad38e388d0ac8ba88d1bf7ccf5b34a6796afd679d8217909
301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f
3107f785de02f11094322e21724ceb019397fb686dca42c7baa6500332d6344d
3583f040788a6860dd1222c6b5287aa262ea526a78d0ed5a58d2e638b1a6dde4
5ea4098dd354a0bcfa53c8a9cb0dd2df122332ba71b13e1522657cec92834199
7d4c64352d8239a02f21cacda40c5245127fe1ac28362d238172a7aba97a6298
91c8839f0d1ee439464377b4be094f4e9e8fa538cc7e1a2d3c9a5ece01b6a33d
a0d386f3a52432bfc2ee8f20549545564546243b00c8bd10afc8098f213de876
a2f6497ec5bc4857f00120ca9f258a197edf1f3928ce550701ce5a91b6e1d437
c07ab77ae2114c18b57e9e34e93cbdeb4b2b924108c1f490e66ab9d9735c747e
c54f7c66910e9d3f7f1be9923fdcfece3b5896cacf18faa627ba4372f0a013c1
ea5a81f5881bce2d303b820cd09d4a0a96981295b5161693e58942a1c7e59f28
ef81411067a62b7a476b954b154b0eb3820fffbe134cfcc83145d429927e9cdb
ff7202879f0fecc107fe4859adfbee4a63337d30146f058885342e0b6a30f41e