urlscan.io logo urlscan.io
SecurityTrails logo

yidiandian.xyz Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://eruptioncleanse.top/5591BHcGCQMEfWgFe1JQJlpXOgoFVhIABwcFF3hGHjcmMSoOVioZNxUDSgMGDEAGPVp2BFcB?1717682130860
Effective URL: https://yidiandian.xyz/
Submission: On June 18 via manual from VE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 5 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is yidiandian.xyz.
TLS certificate: Issued by GTS CA 1P5 on May 29th 2024. Valid for: 3 months.
This is the only time yidiandian.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 3
Apex Domain
Subdomains		 Transfer
2 eruptioncleanse.top
eruptioncleanse.top
2 KB
1 yidiandian.xyz
yidiandian.xyz
608 B
0 kelpboat.com Failed
go.kelpboat.com Failed
0 baidu.com Failed
hm.baidu.com Failed
5 4
Domain Requested by
2 eruptioncleanse.top eruptioncleanse.top
1 yidiandian.xyz eruptioncleanse.top
0 go.kelpboat.com Failed yidiandian.xyz
0 hm.baidu.com Failed eruptioncleanse.top
5 4

This site contains no links.

Subject Issuer Validity Valid
eruptioncleanse.top
E1		 2024-04-26 -
2024-07-25		 3 months crt.sh
yidiandian.xyz
GTS CA 1P5		 2024-05-29 -
2024-08-27		 3 months crt.sh

This page contains 1 frames:

Frame: https://go.kelpboat.com/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=op24
Frame ID: 6833F65798BA570B792FEE27C6A603E8
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://eruptioncleanse.top/5591BHcGCQMEfWgFe1JQJlpXOgoFVhIABwcFF3hGHjcmMSoOVioZNxUDSgMGDEAGPVp2BFcB?171... Page URL
  2. https://eruptioncleanse.top/404/nfp.html Page URL
  3. https://yidiandian.xyz/ Page URL

Page Statistics

5
Requests

60 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

3 kB
Transfer

2 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://eruptioncleanse.top/5591BHcGCQMEfWgFe1JQJlpXOgoFVhIABwcFF3hGHjcmMSoOVioZNxUDSgMGDEAGPVp2BFcB?1717682130860 Page URL
  2. https://eruptioncleanse.top/404/nfp.html Page URL
  3. https://yidiandian.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
5591BHcGCQMEfWgFe1JQJlpXOgoFVhIABwcFF3hGHjcmMSoOVioZNxUDSgMGDEAGPVp2BFcB
eruptioncleanse.top/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eruptioncleanse.top/5591BHcGCQMEfWgFe1JQJlpXOgoFVhIABwcFF3hGHjcmMSoOVioZNxUDSgMGDEAGPVp2BFcB?1717682130860
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4ef9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
X-Requested-With,X_Requested_With,X-PINGOTHER,Content-Type
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
895ddc08aa9541d4-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 18 Jun 2024 19:59:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1NiB27yFj3PLxFHKbBDVS3RSMDy0p7DQblmpOJyLcRG8YhRQE1HPk9LIWvnsjzU5WzniCDs4iJ5bUigarM2eYSdoDi2m0MHhttSqKrur3REGk65KjK%2BGkArtTsnXsDbqBgGnRyxCGJJNYCVdVr58pFrj"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
nfp.html
eruptioncleanse.top/404/ 		827 B
833 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eruptioncleanse.top/404/nfp.html
Requested by
Host: eruptioncleanse.top
URL: https://eruptioncleanse.top/5591BHcGCQMEfWgFe1JQJlpXOgoFVhIABwcFF3hGHjcmMSoOVioZNxUDSgMGDEAGPVp2BFcB?1717682130860
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4ef9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a78059e3b4ae712da8b6c7d37826a18cf2f21e706853a3104a98782f71cc944

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
895ddc092b0f41d4-AMS
content-encoding
br
content-type
text/html
date
Tue, 18 Jun 2024 19:59:23 GMT
last-modified
Fri, 02 Feb 2024 07:20:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D828ZmNBEJdoEnZSMGaYnlbu6vLQTpkN6l6tcAhGvdya69%2Bh%2BtOOm6SK6qG9xMrLF7Z9qllPSy3bccY9bWG75%2BH2R%2Fw0WjpWZmtxaId7avDQ6czgZ96KTh1o4bEKjDhJzRjTQO4MAbp348SN3JCUqmI1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
hm.js
hm.baidu.com/ 		0
0
Primary Request /
yidiandian.xyz/ 		166 B
608 B 		Document
General
Check archive.org
Download Go to
Full URL
https://yidiandian.xyz/
Requested by
Host: eruptioncleanse.top
URL: https://eruptioncleanse.top/404/nfp.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://eruptioncleanse.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
895ddc0abcf06602-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 18 Jun 2024 19:59:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2BGGS7HsOGKBGm9qtmoDfP%2Bu163ydBsFgNzjAlr%2Bubxre10oiDlo0oGkTaNG%2Bkuj%2FAjya5xFGW9Fh2C%2FbCUixTZb52q4VKx4XZQLXRDkWruae2WrU37SUcCJHQMuWsMreewFLmIlNvEajLb3WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
go.kelpboat.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.js?e6d5c1513b650adee00ba52513a6c25c
Domain
go.kelpboat.com
URL
https://go.kelpboat.com/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=op24

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eruptioncleanse.top
go.kelpboat.com
hm.baidu.com
yidiandian.xyz
go.kelpboat.com
hm.baidu.com
2606:4700:3034::6815:4ef9
2a06:98c1:3120::3
2a78059e3b4ae712da8b6c7d37826a18cf2f21e706853a3104a98782f71cc944