xycs2.top
Open in
urlscan Pro
172.67.149.115
Public Scan
Submission Tags: phishingrod
Submission: On September 14 via api from DE — Scanned from IT
Summary
TLS certificate: Issued by WE1 on September 13th 2024. Valid for: 3 months.
This is the only time xycs2.top was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 172.67.149.115 172.67.149.115 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 172.67.222.63 172.67.222.63 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 203.107.62.211 203.107.62.211 | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
2 | 148.153.240.75 148.153.240.75 | 63199 (CDSC-AS1) (CDSC-AS1) | |
1 | 118.123.207.191 118.123.207.191 | 38283 (CHINANET-...) (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center) | |
24 | 5 |
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
sdk.51.la |
ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN)
ia.51.la |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
xycs2.top
xycs2.top |
610 KB |
4 |
51.la
sdk.51.la — Cisco Umbrella Rank: 43764 js.users.51.la — Cisco Umbrella Rank: 143281 ia.51.la — Cisco Umbrella Rank: 145279 collect-v6.51.la — Cisco Umbrella Rank: 51304 |
19 KB |
2 |
lelifi.com
www.lelifi.com |
3 KB |
24 | 3 |
Domain | Requested by | |
---|---|---|
18 | xycs2.top |
xycs2.top
|
2 | www.lelifi.com |
xycs2.top
|
1 | collect-v6.51.la |
sdk.51.la
|
1 | ia.51.la |
xycs2.top
|
1 | js.users.51.la |
xycs2.top
|
1 | sdk.51.la |
xycs2.top
|
24 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
zjvip.top |
wap.dagee.top |
zfqhmall.top |
3g.3lf6ux9y2c.top |
m.uhwgtilmp.top |
Subject Issuer | Validity | Valid | |
---|---|---|---|
xycs2.top WE1 |
2024-09-13 - 2024-12-12 |
3 months | crt.sh |
lelifi.com WE1 |
2024-07-22 - 2024-10-20 |
3 months | crt.sh |
*.51.la GlobalSign RSA OV SSL CA 2018 |
2024-03-19 - 2025-04-20 |
a year | crt.sh |
js.users.51.la Sectigo RSA Domain Validation Secure Server CA |
2024-05-20 - 2025-05-20 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://xycs2.top/
Frame ID: A23C5B40679299DF3C1215B66E8A1E9D
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
67914_COM视频_67914COM视频_人人首頁Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Lightbox (JavaScript Libraries) Expand
Detected patterns
- <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
- lightbox(?:-plus-jquery)?.{0,32}\.js
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: ZJVIP.TOP
Search URL Search Domain Scan URL
Title: WAP.DAGEE.TOP
Search URL Search Domain Scan URL
Title: ZFQHMALL.TOP
Search URL Search Domain Scan URL
Title: 3G.3LF6UX9Y2C.TOP
Search URL Search Domain Scan URL
Title: M.UHWGTILMP.TOP
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
xycs2.top/ |
193 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
xycs2.top/template/3861/css/ |
98 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
xycs2.top/template/3861/css/ |
25 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lightbox.css
xycs2.top/template/3861/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Aquery.js
xycs2.top/ |
540 B 663 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
crocodile.jpg
xycs2.top/template/3861/images/ |
23 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alligator.jpg
xycs2.top/template/3861/images/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
caiman.jpg
xycs2.top/template/3861/images/ |
20 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gharial.jpg
xycs2.top/template/3861/images/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
expert.png
xycs2.top/template/3861/images/ |
324 KB 324 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
admin.png
xycs2.top/template/3861/images/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Baidu.js
xycs2.top/ |
650 B 717 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
www.lelifi.com/app/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
www.lelifi.com/app/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
caiman.jpg
xycs2.top/template/3861/images/ |
20 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js-sdk-pro.min.js
sdk.51.la/ |
34 KB 13 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
21600007.js
js.users.51.la/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-4.jpg
xycs2.top/template/3861/images/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-2.jpg
xycs2.top/template/3861/images/ |
78 KB 78 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
title-pattern.png
xycs2.top/template/3861/images/ |
952 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pattern3.png
xycs2.top/template/3861/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
go1
ia.51.la/ |
0 189 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
collect-v6.51.la/v6/ |
0 289 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
xycs2.top/ |
1 KB 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| LA number| laWaitTime7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
xycs2.top/ | Name: __tins__21600007 Value: %7B%22sid%22%3A%201726292795537%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201726294595537%7D |
|
xycs2.top/ | Name: __51cke__ Value: |
|
xycs2.top/ | Name: __51laig__ Value: 1 |
|
xycs2.top/ | Name: __vtins__K1vDZuadDgxTltmQ Value: %7B%22sid%22%3A%20%225567da45-92d3-59b2-858a-f62467927d34%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201726294596380%2C%20%22ct%22%3A%201726292796380%7D |
|
xycs2.top/ | Name: __51uvsct__K1vDZuadDgxTltmQ Value: 1 |
|
xycs2.top/ | Name: __51vcke__K1vDZuadDgxTltmQ Value: a5ce0c63-919b-5366-9964-a3e08a572c9f |
|
xycs2.top/ | Name: __51vuft__K1vDZuadDgxTltmQ Value: 1726292796385 |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
collect-v6.51.la
ia.51.la
js.users.51.la
sdk.51.la
www.lelifi.com
xycs2.top
118.123.207.191
148.153.240.75
172.67.149.115
172.67.222.63
203.107.62.211
02489c583c22b846bdf3da176c4a89a603e9dbe8de3d4efaef1c333883e78ac3
033bb81c2234e82871695606ba2d40afa5a5fea3470be11a9615608d35e5a4dd
0848fc2bccc34dfe7174627799f93b0318f2c8cdaa723e07011ab3b41d5bc379
1b82099a217c87651bfe861cdd00fc226d4566a11eeec1d3b120feabb95bf672
1f1f2bfe5e4049b4edb601c72f3d8486bd9657cf7d38dc7eac1ee53998417774
203c49682896b9f40664db81b14c7bf2326d8720b5213ed39bbe876e5f48d8fb
2cab8e512dc07af44384a4e2c0e7020b04e03331affaa96aa54d489d6274e4de
41a016318956946b52fd1361d4c36c0cb13390c3b8a84e2ce3ab838501ebaf8f
4bcd06d672ba120b5ee0dceead464240cb65e84eaaf7c216e3c7a6c159601c75
5fcc0caca451d304267bf961f8a147ce11b6465084035dd6a8ff0f719e920b71
62a8cd9fd127599e44f7fee5d07078e732ca4fc305ea2aac6d86288fc9639b41
687f5a5908097fa3fd0c6025c39a198e145626bf46e2d809843df5e594fefb86
77df749fb55ba3e90d667a7b456ca496ebf8d25e89fd4cb8eadae944fd99fc21
78ee984d9ba56c957f6870755c26bcf6cdbff105745d6cc4bf2bf2cabe7b030c
aa9796e704e0041318d199e7fc438847267ddf81bc485f8554310751fd86bb20
b0ecbe090dee3785239f61e517b53940af0df38185ae2c40270f0a2b0c18241c
b6516367a4082d9ff4d26b2e592acb604cbc4006c682bfdaa249ee1d3591c480
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d112f55c1cb75702e1b5abd7634c6e1a97ce467f6cf51e8946d54f4d9bde81
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b