etehadpirouzileilei.pages.dev Open in urlscan Pro
172.66.44.83  Malicious Activity! Public Scan

Submitted URL: http://etehadpirouzileilei.pages.dev/
Effective URL: https://etehadpirouzileilei.pages.dev/
Submission Tags: threatview.io malwar3ninja rule: suspected phishing scam automated-submission Search All
Submission: On November 26 via api from DE — Scanned from IT

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 52 HTTP transactions. The main IP is 172.66.44.83, located in United States and belongs to CLOUDFLARENET, US. The main domain is etehadpirouzileilei.pages.dev.
TLS certificate: Issued by WE1 on November 7th 2024. Valid for: 3 months.
This is the only time etehadpirouzileilei.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 6 172.66.44.83 13335 (CLOUDFLAR...)
1 111.48.138.116 9808 (CHINAMOBI...)
2 175.6.198.126 63838 (CT-HUNAN-...)
1 36.158.216.175 56047 (CMNET-HUN...)
2 1.194.172.138 139587 (CHINANET-...)
52 6
Domain Requested by
6 etehadpirouzileilei.pages.dev 1 redirects etehadpirouzileilei.pages.dev
2 osswc.pplive.cn etehadpirouzileilei.pages.dev
1 player.aplus.pptv.com etehadpirouzileilei.pages.dev
1 mmds.suning.com etehadpirouzileilei.pages.dev
1 dfp.suning.com etehadpirouzileilei.pages.dev
1 res.suning.cn etehadpirouzileilei.pages.dev
0 pagead2.googlesyndication.com Failed etehadpirouzileilei.pages.dev
0 ossup.suning.com Failed etehadpirouzileilei.pages.dev
0 sr4.pplive.cn Failed etehadpirouzileilei.pages.dev
0 sr2.pplive.cn Failed etehadpirouzileilei.pages.dev
0 static1.pplive.cn Failed etehadpirouzileilei.pages.dev
0 mediamax.suning.com Failed etehadpirouzileilei.pages.dev
0 sr1.pplive.cn Failed etehadpirouzileilei.pages.dev
0 ppwfs.pptv.com Failed etehadpirouzileilei.pages.dev
52 14

This site contains no links.

Subject Issuer Validity Valid
etehadpirouzileilei.pages.dev
WE1
2024-11-07 -
2025-02-05
3 months crt.sh
*.suning.cn
GlobalSign RSA OV SSL CA 2018
2024-07-10 -
2025-08-11
a year crt.sh
*.suning.com
GlobalSign RSA OV SSL CA 2018
2024-07-10 -
2025-08-11
a year crt.sh
*.aplus.pptv.com
SHECA OV Server CA G5
2024-08-30 -
2025-09-30
a year crt.sh
*.pptv.com
SHECA OV Server CA G5
2024-06-19 -
2025-07-19
a year crt.sh

This page contains 1 frames:

Primary Page: https://etehadpirouzileilei.pages.dev/
Frame ID: 161C8D046E1F602B80562B9B2AB4ADE2
Requests: 52 HTTP requests in this frame

Screenshot

Page Title

首页

Page URL History Show full URLs

  1. http://etehadpirouzileilei.pages.dev/ HTTP 307
    https://etehadpirouzileilei.pages.dev/ Page URL
  2. https://etehadpirouzileilei.pages.dev/cdn-cgi/phish-bypass?atok=NOsNbwmQlf4W18QObeTl1bv.EhTzH8ikp0LOTUCUTK0-173259... HTTP 301
    https://etehadpirouzileilei.pages.dev/ Page URL

Page Statistics

52
Requests

21 %
HTTPS

0 %
IPv6

6
Domains

14
Subdomains

6
IPs

2
Countries

194 kB
Transfer

921 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://etehadpirouzileilei.pages.dev/ HTTP 307
    https://etehadpirouzileilei.pages.dev/ Page URL
  2. https://etehadpirouzileilei.pages.dev/cdn-cgi/phish-bypass?atok=NOsNbwmQlf4W18QObeTl1bv.EhTzH8ikp0LOTUCUTK0-1732594472-0.0.1.1-%2F HTTP 301
    https://etehadpirouzileilei.pages.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://etehadpirouzileilei.pages.dev/ HTTP 307
  • https://etehadpirouzileilei.pages.dev/

52 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
etehadpirouzileilei.pages.dev/
Redirect Chain
  • http://etehadpirouzileilei.pages.dev/
  • https://etehadpirouzileilei.pages.dev/
4 KB
2 KB
Document
General
Full URL
https://etehadpirouzileilei.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.44.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86239b9d9f7e6b26c4fe15435e3eddbd6c95572f00234a3c6d0098cb4524d463
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-ray
8e870d5c69e7bb35-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 26 Nov 2024 04:14:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g7vPY2qYSTiVeQQjXRW3X3EoEajGr%2FOk11D4G6scPiSZAwy7PDKlw8p750oAK51iaeW3%2B%2FK6SbR7LrIryx6WzIJWE20mscM7tyVc3iHCnQ9%2Fw%2FqCaiGq4XYpCD5KkfqycufjPMPPxtaaZOuUkfDq%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://etehadpirouzileilei.pages.dev/
Non-Authoritative-Reason
HSTS
cf.errors.css
etehadpirouzileilei.pages.dev/cdn-cgi/styles/
23 KB
5 KB
Stylesheet
General
Full URL
https://etehadpirouzileilei.pages.dev/cdn-cgi/styles/cf.errors.css
Requested by
Host: etehadpirouzileilei.pages.dev
URL: https://etehadpirouzileilei.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.44.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://etehadpirouzileilei.pages.dev/

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
content-encoding
gzip
etag
W/"673dd3b7-5df3"
x-content-type-options
nosniff
cf-ray
8e870d5cda05bb35-FRA
expires
Tue, 26 Nov 2024 06:14:32 GMT
date
Tue, 26 Nov 2024 04:14:32 GMT
content-type
text/css
last-modified
Wed, 20 Nov 2024 12:19:03 GMT
server
cloudflare
x-frame-options
DENY
icon-exclamation.png
etehadpirouzileilei.pages.dev/cdn-cgi/images/
452 B
541 B
Image
General
Full URL
https://etehadpirouzileilei.pages.dev/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: etehadpirouzileilei.pages.dev
URL: https://etehadpirouzileilei.pages.dev/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.44.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://etehadpirouzileilei.pages.dev/cdn-cgi/styles/cf.errors.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"673dd3b7-1c4"
x-content-type-options
nosniff
cf-ray
8e870d5d2a22bb35-FRA
expires
Tue, 26 Nov 2024 06:14:32 GMT
accept-ranges
bytes
content-length
452
date
Tue, 26 Nov 2024 04:14:32 GMT
content-type
image/png
last-modified
Wed, 20 Nov 2024 12:19:03 GMT
server
cloudflare
x-frame-options
DENY
favicon.ico
etehadpirouzileilei.pages.dev/
9 KB
3 KB
Other
General
Full URL
https://etehadpirouzileilei.pages.dev/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.44.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c42f39c6e0254900256e70bb876eceacd0f5f2434ec6502d4e9d81de686a3da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://etehadpirouzileilei.pages.dev/

Response headers

content-encoding
br
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KngE4dGe49pb%2Fzreai7vVj83yS%2B9vKM1rnXaAR%2FHUTp4rYUyCFjwcYSp%2BKQgrJ9aKLCgMuNkwLo%2Fdk8MTx%2BNtWQzwNZ8qHOMC0RXJ1MRzDu4x6OogIzyKn6TAevip%2FeoJJ2Zx16mL8OSX3KSgGJ%2BGg%3D%3D"}],"group":"cf-nel","max_age":604800}
eagleeye-traceid
2130732e17325944736533132e9761, 2130732e17325944736533132e9761
alt-svc
h3=":443"; ma=86400
x-server-id
a46426e25423c4a199bb8ddb03f748e01e260c0402a4d45f936ce8e67d7838ddcb5aef15659983dc
server-timing
cfL4;desc="?proto=TCP&rtt=32822&sent=23&recv=17&lost=0&retrans=0&sent_bytes=11725&recv_bytes=2695&delivery_rate=311700&cwnd=254&unsent_bytes=0&cid=0783fdba96df3c76&ts=1662&x=0"
date
Tue, 26 Nov 2024 04:14:33 GMT
content-type
image/vnd.microsoft.icon
last-modified
Tue, 26 Nov 2024 04:14:33 GMT
vary
Origin, Accept-Encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=2592000
timing-allow-origin
*
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
s-rt
99
x-readtime
1
cf-ray
8e870d5d7a39bb35-FRA
access-control-allow-origin
*
server
cloudflare
Primary Request /
etehadpirouzileilei.pages.dev/
Redirect Chain
  • https://etehadpirouzileilei.pages.dev/cdn-cgi/phish-bypass?atok=NOsNbwmQlf4W18QObeTl1bv.EhTzH8ikp0LOTUCUTK0-1732594472-0.0.1.1-%2F
  • https://etehadpirouzileilei.pages.dev/
175 KB
29 KB
Document
General
Full URL
https://etehadpirouzileilei.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.44.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / SNMW-WEB1.0
Resource Hash
fce75be225e0ea35aef3a2db4ac0f60682b1a96b6ed00e683680d9c2363d6ff0

Request headers

Referer
https://etehadpirouzileilei.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
92
alt-svc
h3=":443"; ma=86400
cache-control
max-age=600,s-maxage=600
cf-cache-status
DYNAMIC
cf-ray
8e870d754bc2bb35-FRA
content-encoding
br
content-language
en-US
content-type
text/html;charset=utf-8
date
Tue, 26 Nov 2024 04:14:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Qg%2BPeodJZZeH1OCMLXWvqOlgEPDPEX0Q3Zr%2FLytaqEQen8AG1zJE%2BLWcT5SlYMfuiFl%2FK98J8I2Asy2sPIjhGJGdWW8q0dMZj2B2Dfv%2BLtxPGCiAyjf4tS3qDeBVkiezaPXgts8Zk0y7Tjcprdj%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=32634&sent=33&recv=22&lost=0&retrans=0&sent_bytes=14971&recv_bytes=2928&delivery_rate=311700&cwnd=254&unsent_bytes=0&cid=0783fdba96df3c76&ts=5329&x=0"
vary
Accept-Encoding
via
cache03.hbxiangyang-cu04
x-bdcdn-cache-status
TCP_HIT
x-powered-by
SNMW-WEB1.0
x-request-id
5253c39e33e0c8e1e51c3c50b85529dd
x-request-ip
172.70.242.15
x-response-cache
edge_hit
x-response-cinfo
172.70.242.15
x-tt-trace-tag
id=5

Redirect headers

cache-control
private, no-cache
cf-ray
8e870d749b9fbb35-FRA
content-length
167
content-type
text/html
date
Tue, 26 Nov 2024 04:14:36 GMT
location
https://etehadpirouzileilei.pages.dev/
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
bubblecss.css
ppwfs.pptv.com/public/hfcss/
0
0

polyfill.min.js
ppwfs.pptv.com/public/vendors/
0
0

jquery-1.7.2.min.js
ppwfs.pptv.com/public/vendors/
0
0

union_login.js
ppwfs.pptv.com/public/vendors/
0
0

ssa.js
res.suning.cn/project/ssa/script/2aaef4fe-a99f-49a3-9fc3-fbc9d024e566/
106 KB
32 KB
Script
General
Full URL
https://res.suning.cn/project/ssa/script/2aaef4fe-a99f-49a3-9fc3-fbc9d024e566/ssa.js
Requested by
Host: etehadpirouzileilei.pages.dev
URL: https://etehadpirouzileilei.pages.dev/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
111.48.138.116 Wuhan, China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
Byte-nginx /
Resource Hash
16e16f789bf9975bcb4d99c295a635127b9c849c6536f8c0bd4f39702d5a2c3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://etehadpirouzileilei.pages.dev/

Response headers

X-Request-Ip
185.198.62.7
X-Request-Id
6d79591256ef7080f9a6741e08db8521
X-Bdcdn-Cache-Status
TCP_HIT
Content-Encoding
gzip
Etag
W/"60d32337-1a7d4"
Age
101327
Expires
Thu, 28 Nov 2024 00:05:56 GMT
Date
Tue, 26 Nov 2024 04:14:43 GMT
Content-Type
application/javascript
Last-Modified
Wed, 23 Jun 2021 12:04:07 GMT
Vary
Accept-Encoding
Cache-Control
max-age=259200
Connection
keep-alive
X-Tt-Trace-Tag
id=5
via
cache07.whcm03
Access-Control-Allow-Origin
*
Content-Length
32002
X-Response-Cache
edge_hit
Server
Byte-nginx
X-Response-Cinfo
185.198.62.7
fp.js
dfp.suning.com/dfprs-collect/dist/
129 KB
42 KB
Script
General
Full URL
https://dfp.suning.com/dfprs-collect/dist/fp.js?appCode=SdExHA9Br9koxUwg
Requested by
Host: etehadpirouzileilei.pages.dev
URL: https://etehadpirouzileilei.pages.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
175.6.198.126 , China, ASN63838 (CT-HUNAN-HENGYANG-IDC Hengyang, CN),
Reverse DNS
Software
volc-dcdn / SNMW-WEB1.0
Resource Hash
9976c95fc61807696b2606a876291c4b073caa278f5d46a01533963d5d464ea0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://etehadpirouzileilei.pages.dev/

Response headers

x-request-ip
185.198.62.7
Content-Encoding
gzip
X-Dsa-Origin-Status
200
server-timing
cdn-cache;desc=HIT, origin;dur=0, edge;dur=2, cdn-cache;desc=HIT
Date
Tue, 26 Nov 2024 04:14:40 GMT
Content-Type
application/javascript;charset=UTF-8
Vary
Accept-Encoding
Cache-Via-Status
cache.n157-073-026.njmp(HIT),cache.n175-006-198-083.bdcdn-hyct(HIT)
X-Bdsa-Cache-Status
HIT
Transfer-Encoding
chunked
Cache-Control
max-age=86400
cache-via
cache.n157-073-026.njmp,cache.n175-006-198-083.bdcdn-hyct
Connection
keep-alive
x-tt-trace-tag
id=5
via
n157-088-155.njmp.ToB,n175-006-198-083.bdcdn-hyct.ToB
x-dsa-trace-id
173259448047cf1ebeeccb6a1decf48eec796bd64e
X-Bdsa-Cache-Tm
1732521198-13118
X-Powered-By
SNMW-WEB1.0
Server
volc-dcdn
mmds.js
mmds.suning.com/mmds/
422 KB
61 KB
Script
General
Full URL
https://mmds.suning.com/mmds/mmds.js?appCode=SdExHA9Br9koxUwg
Requested by
Host: etehadpirouzileilei.pages.dev
URL: https://etehadpirouzileilei.pages.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
175.6.198.126 , China, ASN63838 (CT-HUNAN-HENGYANG-IDC Hengyang, CN),
Reverse DNS
Software
volc-dcdn / SNMW-WEB1.0
Resource Hash
cb4c4636b97feb7ec7a6788ffbc94365b27f719baf0649eeb83866e98620acd1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://etehadpirouzileilei.pages.dev/

Response headers

x-request-ip
185.198.62.7
Content-Encoding
gzip
X-Dsa-Origin-Status
200
server-timing
cdn-cache;desc=HIT, origin;dur=0, edge;dur=1, cdn-cache;desc=HIT
Date
Tue, 26 Nov 2024 04:14:41 GMT
Last-Modified
Wed, 11 Sep 2024 18:48:18 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
X-Bdsa-Cache-Status
HIT
Cache-Via-Status
cache.n157-073-026.njmp(HIT),cache.n175-006-198-082.bdcdn-hyct(HIT)
Transfer-Encoding
chunked
Cache-Control
max-age=86400
cache-via
cache.n157-073-026.njmp,cache.n175-006-198-082.bdcdn-hyct
Connection
keep-alive
x-tt-trace-tag
id=5
via
n157-073-026.njmp.ToB,n175-006-198-083.bdcdn-hyct.ToB
x-dsa-trace-id
1732594481193074109065a395513361d7a8c3301d
X-Bdsa-Cache-Tm
1732571077-62996
X-Powered-By
SNMW-WEB1.0
Server
volc-dcdn
5803817.js
player.aplus.pptv.com/jsplayer/pid/
48 KB
17 KB
Script
General
Full URL
https://player.aplus.pptv.com/jsplayer/pid/5803817.js
Requested by
Host: etehadpirouzileilei.pages.dev
URL: https://etehadpirouzileilei.pages.dev/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
36.158.216.175 , China, ASN56047 (CMNET-HUNAN-AP China Mobile communications corporation, CN),
Reverse DNS
Software
Byte-nginx /
Resource Hash
c32120e10d30fb52477c451095c411c95bf943953669d27ace76c2bb8634f87e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://etehadpirouzileilei.pages.dev/

Response headers

X-Request-Ip
185.198.62.7
X-Request-Id
47627388e04c3f7c33262f5ff7ab76f4
X-Bdcdn-Cache-Status
TCP_HIT
Content-Encoding
gzip
Age
223
Expires
Tue, 26 Nov 2024 04:20:59 GMT
Date
Tue, 26 Nov 2024 04:14:43 GMT
Content-Type
application/x-javascript; charset=utf-8
Last-Modified
Tue, 26 Nov 2024 04:10:59 GMT
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Pragma
public
Connection
keep-alive
X-Tt-Trace-Tag
id=5
via
cache06.hncscm10
Content-Length
16335
X-Response-Cache
edge_hit
Server
Byte-nginx
X-Response-Cinfo
185.198.62.7
reset.css
osswc.pplive.cn/cccms/cc_static/ccces-web/static/css/
1 KB
2 KB
Stylesheet
General
Full URL
https://osswc.pplive.cn/cccms/cc_static/ccces-web/static/css/reset.css?v=2411261213055425274
Requested by
Host: etehadpirouzileilei.pages.dev
URL: https://etehadpirouzileilei.pages.dev/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
1.194.172.138 , China, ASN139587 (CHINANET-HENAN-ZHENGZHOU-SHUJUGANG-IDC China Telecom Henan Zhengzhou Shujugang IDC network, CN),
Reverse DNS
194.1.broad.ha.dynamic.163data.com.cn
Software
Byte-nginx /
Resource Hash
00e1d5792bdab26dcfce56f5b2e1dddb9b2c75fd94c6520101b4867efedfcf36
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://etehadpirouzileilei.pages.dev/

Response headers

X-Request-Ip
185.198.62.7
X-Request-Id
8257f4b71088616adb2f1d6e61f502ff
X-Bdcdn-Cache-Status
TCP_MISS,TCP_HIT
Content-Encoding
gzip
Age
99
X-Sdoss-Request-Id
MTAuOTYuNjYuMTg2Ojo4ODg4fDE3MzI1OTQzODd8OTAzMTY2NA==
Requestid
MTAuOTYuNjYuMTg2Ojo4ODg4fDE3MzI1OTQzODd8OTAzMTY2NA==
Date
Tue, 26 Nov 2024 04:14:46 GMT
Content-Type
text/css
Content-Disposition
filename="reset.css"
Vary
Accept-Encoding
Last-Modified
Thu, 02 Mar 2023 02:27:17 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300
Cache-Control
max-age=86400
Connection
keep-alive
X-Tt-Trace-Tag
id=5
Via
cache38.jnmp,cache12.hazhengzhou-ct29
Content-Length
729
X-Xss-Protection
1; mode=block
X-Sdoss-Expiration
X-Response-Cache
parent_hit
Server
Byte-nginx
X-Response-Cinfo
185.198.62.7
ccces-show.css
osswc.pplive.cn/cccms/cc_static/ccces-web/static/css/
2 KB
2 KB
Stylesheet
General
Full URL
https://osswc.pplive.cn/cccms/cc_static/ccces-web/static/css/ccces-show.css?v=2411261213055425274
Requested by
Host: etehadpirouzileilei.pages.dev
URL: https://etehadpirouzileilei.pages.dev/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
1.194.172.138 , China, ASN139587 (CHINANET-HENAN-ZHENGZHOU-SHUJUGANG-IDC China Telecom Henan Zhengzhou Shujugang IDC network, CN),
Reverse DNS
194.1.broad.ha.dynamic.163data.com.cn
Software
Byte-nginx /
Resource Hash
28a607cce0f167a7cdafe7a2bab5f5b6ec47ccf4aeaf6261c0a27d32ef68b8db
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://etehadpirouzileilei.pages.dev/

Response headers

X-Request-Ip
185.198.62.7
X-Request-Id
5523160ab2391b9f51f891f575320332
X-Bdcdn-Cache-Status
TCP_MISS,TCP_HIT
Content-Encoding
gzip
Age
99
X-Sdoss-Request-Id
MTAuOTQuODMuNDU6Ojg4ODh8MTczMjU5NDM4N3w5MDAwNjcx
Requestid
MTAuOTQuODMuNDU6Ojg4ODh8MTczMjU5NDM4N3w5MDAwNjcx
Date
Tue, 26 Nov 2024 04:14:46 GMT
Content-Type
text/css
Content-Disposition
filename="ccces-show.css"
Vary
Accept-Encoding
Last-Modified
Fri, 14 May 2021 08:46:56 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300
Cache-Control
max-age=86400
Connection
keep-alive
X-Tt-Trace-Tag
id=5
Via
cache102.sxmp,cache07.hazhengzhou-ct29
Content-Length
959
X-Xss-Protection
1; mode=block
X-Sdoss-Expiration
X-Response-Cache
parent_hit
Server
Byte-nginx
X-Response-Cinfo
185.198.62.7
hfbase.css
ppwfs.pptv.com/public/hfcss/
0
0

hfheaderfloat_prd.css
ppwfs.pptv.com/public/hfcss/
0
0

cms-logo.png
ppwfs.pptv.com/public/images/headerfooter/
0
0

cms-scuser.png
ppwfs.pptv.com/public/images/headerfooter/
0
0

cms-nomessage.png
ppwfs.pptv.com/public/images/headerfooter/
0
0

cms-userdefault.png
ppwfs.pptv.com/public/images/headerfooter/
0
0

cms-scshop.png
ppwfs.pptv.com/public/images/headerfooter/
0
0

57ff0cfdf5519df65358e8867e6d57f9.png
sr1.pplive.cn/cms/14/57/
0
0

cms-scvip.png
ppwfs.pptv.com/public/images/headerfooter/
0
0

pptv.header.js
ppwfs.pptv.com/public/hfjs/
0
0

addelv_player.min.js
mediamax.suning.com/adssp/sdk/
0
0

pptv.bubble.js
ppwfs.pptv.com/public/hfjs/
0
0

ssa.js
res.suning.cn/project/ssa/script/2aaef4fe-a99f-49a3-9fc3-fbc9d024e566/
0
0

swiperShow2208251652546396360.css
osswc.pplive.cn/cccms/cc_static/module/PW010023/css/
0
0

navShow2101150020410742575.css
osswc.pplive.cn/cccms/cc_static/module/PW010013/css/
0
0

groupImgShow2302091609233518572.css
osswc.pplive.cn/cccms/cc_static/module/PW010002/css/
0
0

show2208251652586433763.css
osswc.pplive.cn/cccms/cc_static/module/PW010006/css/
0
0

show2208251653016452729.css
osswc.pplive.cn/cccms/cc_static/module/PW010007/css/
0
0

ADShow2104191832034678795.css
osswc.pplive.cn/cccms/cc_static/module/PW010015/css/
0
0

1912271845346283782.png
osswc.pplive.cn/cccms/cc_static/images/
0
0

1912271735032082332.png
osswc.pplive.cn/cccms/cc_static/images/
0
0

jquery-1.7.2.min.js
osswc.pplive.cn/cccms/cc_static/ccces-web/static/js/
0
0

ccces-module-loader.js
osswc.pplive.cn/cccms/cc_static/ccces-web/static/js/
0
0

2c785d03a58cbf6c20f9d93f206c9fd3.png
static1.pplive.cn/cmsfile/38/16/
0
0

ad4ab7f8d4254d5dcc39e29e7dc18d92.jpg
sr2.pplive.cn/cms/28/59/
0
0

6637b51333c43c8831010b413288a5fb.png
static1.pplive.cn/cmsfile/31/91/
0
0

b95a28029bd461a0874bfdb787d6a01c.png
sr4.pplive.cn/cms/41/19/
0
0

c809726c6286f4b179bc4666fc5c33ac.png
sr1.pplive.cn/cms/30/35/
0
0

a5c01f1de60f33854b1b0cc7b20140f6.png
sr4.pplive.cn/cms/21/94/
0
0

0aabc6e9a1ae2d85aaa3a0fa751d2873.png
sr2.pplive.cn/cms/14/79/
0
0

4f61e6f03d81152371de73819147d2d4.png
sr4.pplive.cn/cms/26/59/
0
0

1508474366446.JPG
sr1.pplive.cn/mcms/footer/images/
0
0

1508474339188.JPG
sr1.pplive.cn/mcms/footer/images/
0
0

email-decode.min.js
etehadpirouzileilei.pages.dev/cdn-cgi/scripts/5c5dd728/cloudflare-static/
0
0

pptv.footer.js
ppwfs.pptv.com/public/hfjs/
0
0

probe.js
ossup.suning.com/ctbpm/ctbpm_probe/58148d4f0da44bf39d0f7d8046ea55a6/
0
0

adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ppwfs.pptv.com
URL
https://ppwfs.pptv.com/public/hfcss/bubblecss.css
Domain
ppwfs.pptv.com
URL
https://ppwfs.pptv.com/public/vendors/polyfill.min.js
Domain
ppwfs.pptv.com
URL
https://ppwfs.pptv.com/public/vendors/jquery-1.7.2.min.js
Domain
ppwfs.pptv.com
URL
https://ppwfs.pptv.com/public/vendors/union_login.js
Domain
ppwfs.pptv.com
URL
https://ppwfs.pptv.com/public/hfcss/hfbase.css?t=20241126
Domain
ppwfs.pptv.com
URL
https://ppwfs.pptv.com/public/hfcss/hfheaderfloat_prd.css?t=20241126
Domain
ppwfs.pptv.com
URL
https://ppwfs.pptv.com/public/images/headerfooter/cms-logo.png
Domain
ppwfs.pptv.com
URL
https://ppwfs.pptv.com/public/images/headerfooter/cms-scuser.png
Domain
ppwfs.pptv.com
URL
https://ppwfs.pptv.com/public/images/headerfooter/cms-nomessage.png
Domain
ppwfs.pptv.com
URL
https://ppwfs.pptv.com/public/images/headerfooter/cms-userdefault.png
Domain
ppwfs.pptv.com
URL
https://ppwfs.pptv.com/public/images/headerfooter/cms-scshop.png
Domain
sr1.pplive.cn
URL
https://sr1.pplive.cn/cms/14/57/57ff0cfdf5519df65358e8867e6d57f9.png
Domain
ppwfs.pptv.com
URL
https://ppwfs.pptv.com/public/images/headerfooter/cms-scvip.png
Domain
ppwfs.pptv.com
URL
https://ppwfs.pptv.com/public/hfjs/pptv.header.js?t=20241126
Domain
mediamax.suning.com
URL
https://mediamax.suning.com/adssp/sdk/addelv_player.min.js
Domain
ppwfs.pptv.com
URL
https://ppwfs.pptv.com/public/hfjs/pptv.bubble.js?t=20241126
Domain
res.suning.cn
URL
https://res.suning.cn/project/ssa/script/2aaef4fe-a99f-49a3-9fc3-fbc9d024e566/ssa.js?v=2411261213055425274
Domain
osswc.pplive.cn
URL
https://osswc.pplive.cn/cccms/cc_static/module/PW010023/css/swiperShow2208251652546396360.css
Domain
osswc.pplive.cn
URL
https://osswc.pplive.cn/cccms/cc_static/module/PW010013/css/navShow2101150020410742575.css
Domain
osswc.pplive.cn
URL
https://osswc.pplive.cn/cccms/cc_static/module/PW010002/css/groupImgShow2302091609233518572.css
Domain
osswc.pplive.cn
URL
https://osswc.pplive.cn/cccms/cc_static/module/PW010006/css/show2208251652586433763.css
Domain
osswc.pplive.cn
URL
https://osswc.pplive.cn/cccms/cc_static/module/PW010007/css/show2208251653016452729.css
Domain
osswc.pplive.cn
URL
https://osswc.pplive.cn/cccms/cc_static/module/PW010015/css/ADShow2104191832034678795.css
Domain
osswc.pplive.cn
URL
https://osswc.pplive.cn/cccms/cc_static/images/1912271845346283782.png
Domain
osswc.pplive.cn
URL
https://osswc.pplive.cn/cccms/cc_static/images/1912271735032082332.png
Domain
osswc.pplive.cn
URL
https://osswc.pplive.cn/cccms/cc_static/ccces-web/static/js/jquery-1.7.2.min.js?v=2411261213055425274
Domain
osswc.pplive.cn
URL
https://osswc.pplive.cn/cccms/cc_static/ccces-web/static/js/ccces-module-loader.js?v=2411261213055425274
Domain
static1.pplive.cn
URL
https://static1.pplive.cn/cmsfile/38/16/2c785d03a58cbf6c20f9d93f206c9fd3.png
Domain
sr2.pplive.cn
URL
https://sr2.pplive.cn/cms/28/59/ad4ab7f8d4254d5dcc39e29e7dc18d92.jpg
Domain
static1.pplive.cn
URL
https://static1.pplive.cn/cmsfile/31/91/6637b51333c43c8831010b413288a5fb.png
Domain
sr4.pplive.cn
URL
https://sr4.pplive.cn/cms/41/19/b95a28029bd461a0874bfdb787d6a01c.png
Domain
sr1.pplive.cn
URL
https://sr1.pplive.cn/cms/30/35/c809726c6286f4b179bc4666fc5c33ac.png
Domain
sr4.pplive.cn
URL
https://sr4.pplive.cn/cms/21/94/a5c01f1de60f33854b1b0cc7b20140f6.png
Domain
sr2.pplive.cn
URL
https://sr2.pplive.cn/cms/14/79/0aabc6e9a1ae2d85aaa3a0fa751d2873.png
Domain
sr4.pplive.cn
URL
https://sr4.pplive.cn/cms/26/59/4f61e6f03d81152371de73819147d2d4.png
Domain
sr1.pplive.cn
URL
https://sr1.pplive.cn/mcms/footer/images/1508474366446.JPG
Domain
sr1.pplive.cn
URL
https://sr1.pplive.cn/mcms/footer/images/1508474339188.JPG
Domain
etehadpirouzileilei.pages.dev
URL
https://etehadpirouzileilei.pages.dev/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Domain
ppwfs.pptv.com
URL
https://ppwfs.pptv.com/public/hfjs/pptv.footer.js?t=20241126
Domain
ossup.suning.com
URL
https://ossup.suning.com/ctbpm/ctbpm_probe/58148d4f0da44bf39d0f7d8046ea55a6/probe.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
.etehadpirouzileilei.pages.dev/ Name: __cf_mw_byp
Value: NOsNbwmQlf4W18QObeTl1bv.EhTzH8ikp0LOTUCUTK0-1732594472-0.0.1.1-/
etehadpirouzileilei.pages.dev/ Name: route
Value: fe118fcd5a245f2c8266bbfe374be7f4

1 Console Messages

Source Level URL
Text
network error URL: https://etehadpirouzileilei.pages.dev/
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN