e2d9255e69406.mstalk.cn Open in urlscan Pro
163.171.132.42  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://2268.site/ Page URL
2. https://e2d9255e69406.mstalk.cn/widget/standalone.html?eid=9c9c3c039ed3949e2b5e137939264bab Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response 2268.site/	4 KB 2 KB	412ms 193ms	Document text/html	206.119.105.23 SGPL-AS-AP STARCL...
General Check archive.org Show headers Download Go to Full URL http://2268.site/ Protocol HTTP/1.1 Server 206.119.105.23 , China, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG), Reverse DNS Software nginx / PHP/7.4.21 Resource Hash 777e091c7c1cd8ae26c1e6af68a39546b7404b5e8f31599ccaee84aeb40a2221 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Mon, 20 Nov 2023 19:34:58 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding X-Powered-By PHP/7.4.21
GET H2	200	Primary Request standalone.html Show response e2d9255e69406.mstalk.cn/widget/	6 KB 2 KB	430ms 48ms	Document text/html	163.171.132.42 ML-1432-54994
General Check archive.org Show headers Download Go to Full URL https://e2d9255e69406.mstalk.cn/widget/standalone.html?eid=9c9c3c039ed3949e2b5e137939264bab Requested by Host: 2268.site URL: http://2268.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 163.171.132.42 , Germany, ASN54994 (ML-1432-54994, CA), Reverse DNS Software AliyunOSS / Resource Hash 7c8f6ab115470bdaee6c4632ebd2a2df1cd4a593987d1b85ac9c7a6b2bbbd4f3 Request headers Referer http://2268.site/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * age 1651375 content-disposition inline content-encoding gzip content-md5 8qjq/yzhncryRb7HSgQKjA== content-type text/html date Mon, 20 Nov 2023 19:35:00 GMT last-modified Thu, 13 Jul 2023 07:50:17 GMT server AliyunOSS x-oss-ec 0048-00000001 x-oss-force-download true x-oss-hash-crc64ecma 16843752080378226944 x-oss-object-type Normal x-oss-request-id 651AB6A13A0C523937B79E24 x-oss-server-time 2 x-oss-storage-class Standard x-via 1.1 VM-FRA-0124V35:3 (Cdn Cache Server V2.0) x-ws-request-id 655bb4e4_VM-FRA-01T6Y27_25132-7139
GET H2	200	loader.js Show response e2d9255e69406.mstalk.cn/widget/	16 KB 6 KB	1011ms 1011ms	Script application/javascript	163.171.132.42 ML-1432-54994
General Check archive.org Show headers Download Go to Full URL https://e2d9255e69406.mstalk.cn/widget/loader.js Requested by Host: e2d9255e69406.mstalk.cn URL: https://e2d9255e69406.mstalk.cn/widget/standalone.html?eid=9c9c3c039ed3949e2b5e137939264bab Protocol H2 Security TLS 1.3, , AES_128_GCM Server 163.171.132.42 , Germany, ASN54994 (ML-1432-54994, CA), Reverse DNS Software AliyunOSS / Resource Hash 96173bf7bc411019007f9465054a53995014e8e4f19cd97880fab31084f3d191 Request headers accept-language de-DE,de;q=0.9 Referer https://e2d9255e69406.mstalk.cn/widget/standalone.html?eid=9c9c3c039ed3949e2b5e137939264bab User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-oss-object-type Normal date Mon, 20 Nov 2023 19:35:01 GMT content-encoding gzip x-oss-request-id 655BB4E5AD658C32354DDD7E last-modified Wed, 20 Sep 2023 08:20:24 GMT server AliyunOSS content-md5 OYVxn5Vdv30fJz3MBK3B7g== x-ws-request-id 655bb4e4_VM-FRA-01T6Y27_25132-7142 content-type application/javascript x-via 1.1 VM-FRA-01T6Y27:12 (Cdn Cache Server V2.0) access-control-allow-origin * x-oss-storage-class Standard x-oss-hash-crc64ecma 11254042694427723818 x-oss-server-time 13
OPTIONS H/1.1	200 OK	match edge-api.meiqia.com/summer/widget/route/	0 0	436ms 264ms	Preflight	43.159.119.217 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://edge-api.meiqia.com/summer/widget/route/match Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.159.119.217 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,x-ent-id Access-Control-Request-Method POST Origin https://e2d9255e69406.mstalk.cn Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Connection keep-alive Content-Length 0 Date Mon, 20 Nov 2023 19:35:01 GMT EO-Cache-Status MISS EO-LOG-UUID 18396093680065917513 Server nginx access-control-allow-credentials true access-control-allow-headers content-type,x-ent-id access-control-allow-methods GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH access-control-allow-origin https://e2d9255e69406.mstalk.cn access-control-expose-headers * access-control-max-age 86400
POST H/1.1	200 OK	match Show response edge-api.meiqia.com/summer/widget/route/	656 B 926 B	265ms 264ms	XHR application/json	43.159.119.217 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://edge-api.meiqia.com/summer/widget/route/match Requested by Host: e2d9255e69406.mstalk.cn URL: https://e2d9255e69406.mstalk.cn/widget/loader.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.159.119.217 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software nginx / Resource Hash c9d6250e909de291c7f99df310306bde6b8626154d78a29a6c04544e71bb8937 Request headers Referer https://e2d9255e69406.mstalk.cn/ accept-language de-DE,de;q=0.9 x-ent-id 9c9c3c039ed3949e2b5e137939264bab User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 content-type application/json Response headers Date Mon, 20 Nov 2023 19:35:01 GMT Content-Encoding gzip EO-Cache-Status MISS req-arrive-time 1700508901861 Transfer-Encoding chunked req-cost-time 3 x-envoy-upstream-service-time 3 Connection keep-alive Server nginx vary origin,access-control-request-method,access-control-request-headers,accept-encoding Content-Type application/json;charset=UTF-8 access-control-allow-origin https://e2d9255e69406.mstalk.cn access-control-expose-headers * access-control-allow-credentials true EO-LOG-UUID 3619070271059497248 resp-start-time 1700508901865
GET H2	200	entrypoint-v1.4.124.prod.20231117_83.js Show response static.meiqia.com/fe-widget/v1.4.124.prod.20231117_83/	172 KB 81 KB	109ms 7ms	Script text/javascript	163.171.128.148 ML-1432-54994
General Check archive.org Show headers Download Go to Full URL https://static.meiqia.com/fe-widget/v1.4.124.prod.20231117_83/entrypoint-v1.4.124.prod.20231117_83.js Requested by Host: e2d9255e69406.mstalk.cn URL: https://e2d9255e69406.mstalk.cn/widget/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 163.171.128.148 , Germany, ASN54994 (ML-1432-54994, CA), Reverse DNS Software AliyunOSS / Resource Hash 06739578b8c0d1d8029e792002a49ca067480a09d93b0184587ef839485484e1 Security Headers Name Value Strict-Transport-Security max-age=5184000;includeSubdomains Request headers accept-language de-DE,de;q=0.9 Referer https://e2d9255e69406.mstalk.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 19:35:02 GMT content-encoding br x-oss-request-id 6556CF4E9FB240A8CC5F6FDA content-md5 pPt6obAaZW0y2thg0c9jMw== age 1 strict-transport-security max-age=5184000;includeSubdomains x-via 1.1 PSdgflkfFRA1hb199:6 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:8 (Cdn Cache Server V2.0) x-oss-object-type Normal last-modified Fri, 17 Nov 2023 02:15:57 GMT server AliyunOSS etag "A4FB7AA1B01A656D32DAD860D1CF6333" x-ws-request-id 655bb4e6_PSdgflkfFRA1vg90_24971-38867 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * cache-control max-age= 2592000 x-oss-storage-class Standard accept-ranges bytes x-oss-hash-crc64ecma 1050918706024104144 x-oss-server-time 2
GET H/1.1	200 OK	chat_link_allowed Show response new-api.meiqia.com/visit/	54 B 689 B	387ms 346ms	XHR application/json	43.159.118.45 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://new-api.meiqia.com/visit/chat_link_allowed?ent_id=9c9c3c039ed3949e2b5e137939264bab&fingerprint=e52c2acf1e39ff94bfb52a996f769c4c&chat_link_url=https:%2F%2Fe2d9255e69406.mstalk.cn Requested by Host: static.meiqia.com URL: https://static.meiqia.com/fe-widget/v1.4.124.prod.20231117_83/entrypoint-v1.4.124.prod.20231117_83.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.159.118.45 , Singapore, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software nginx / Resource Hash 0e7558c564a0d6d89fc35b9fa79860537631ac6e038179e700c6a1afd24dee68 Request headers Accept application/json Referer https://e2d9255e69406.mstalk.cn/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Mon, 20 Nov 2023 19:35:02 GMT EO-Cache-Status MISS req-arrive-time 1700508902491 req-cost-time 4 x-envoy-upstream-service-time 4 Connection keep-alive Content-Length 54 Server nginx access-control-max-age 300 access-control-allow-methods GET,POST,PUT,PATCH,DELETE,OPTIONS Content-Type application/json; charset=utf-8 access-control-allow-origin https://e2d9255e69406.mstalk.cn access-control-expose-headers * vary Origin access-control-allow-credentials true EO-LOG-UUID 11497908675768887269 resp-start-time 1700508902496 Accept-Ranges bytes access-control-allow-headers *
GET H2	200	expired-chatlink.png static.meiqia.com/fe-widget/v1.4.124.prod.20231117_83/	255 KB 223 KB	8ms 8ms	Image image/png	163.171.128.148 ML-1432-54994
General Check archive.org Show headers Download Go to Show image Full URL https://static.meiqia.com/fe-widget/v1.4.124.prod.20231117_83/expired-chatlink.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 163.171.128.148 , Germany, ASN54994 (ML-1432-54994, CA), Reverse DNS Software AliyunOSS / Resource Hash 30093cd16c87f8a027fc7d52a64622247752e9cd15dce20376d1d388ba31387e Security Headers Name Value Strict-Transport-Security max-age=5184000;includeSubdomains Request headers accept-language de-DE,de;q=0.9 Referer https://e2d9255e69406.mstalk.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 19:35:02 GMT content-encoding br x-oss-request-id 6556E200C0346BD635C0F1F3 content-md5 uCzUADQ9pRs67moURoL7WA== age 1 strict-transport-security max-age=5184000;includeSubdomains x-via 1.1 PS-FRA-01E6z147:2 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:14 (Cdn Cache Server V2.0) content-disposition inline x-oss-object-type Normal last-modified Fri, 17 Nov 2023 02:15:58 GMT server AliyunOSS etag "B82CD400343DA51B3AEE6A144682FB58" x-ws-request-id 655bb4e6_PSdgflkfFRA1vg90_24971-38915 access-control-allow-methods GET content-type image/png x-oss-ec 0048-00000102 access-control-allow-origin * cache-control max-age= 2592000 x-oss-force-download true x-oss-storage-class Standard accept-ranges bytes x-oss-hash-crc64ecma 6909094054085962118 x-oss-server-time 25

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| parse function| init function| _MEIQIA object| SENTRY_RELEASE object| SENTRY_RELEASES object| __core-js_shared__ object| core string| _agent_chat_type object| _widgetBundleName string| backendApi string| widgetBffApi string| publicUrl string| socketUrl undefined| MQ_X_CA_KEY undefined| MQ_X_CA_SECRET object| regeneratorRuntime object| _CHAT_GLOBAL_API_CONFIG_ object| meiqia

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2268.site
e2d9255e69406.mstalk.cn
edge-api.meiqia.com
new-api.meiqia.com
static.meiqia.com
163.171.128.148
163.171.132.42
206.119.105.23
43.159.118.45
43.159.119.217
06739578b8c0d1d8029e792002a49ca067480a09d93b0184587ef839485484e1
0e7558c564a0d6d89fc35b9fa79860537631ac6e038179e700c6a1afd24dee68
30093cd16c87f8a027fc7d52a64622247752e9cd15dce20376d1d388ba31387e
777e091c7c1cd8ae26c1e6af68a39546b7404b5e8f31599ccaee84aeb40a2221
7c8f6ab115470bdaee6c4632ebd2a2df1cd4a593987d1b85ac9c7a6b2bbbd4f3
96173bf7bc411019007f9465054a53995014e8e4f19cd97880fab31084f3d191
c9d6250e909de291c7f99df310306bde6b8626154d78a29a6c04544e71bb8937