urlscan.io logo urlscan.io
SecurityTrails logo

dfhc.gurert.xyz Open in urlscan Pro
194.41.59.97  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dfhc.gurert.xyz/
Effective URL: https://dfhc.gurert.xyz/index/user/login
Submission Tags: tweet @ap_zenmashi #phishing #フィッシング #aax #詐欺 #scam tweet Search All
Submission: On December 28 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 2 domains to perform 22 HTTP transactions. The main IP is 194.41.59.97, located in Hong Kong and belongs to SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK. The main domain is dfhc.gurert.xyz.
TLS certificate: Issued by R3 on December 28th 2022. Valid for: 3 months.
This is the only time dfhc.gurert.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 194.41.59.97 133199 (SONDERCLO...)
7 163.171.132.119 54994 (QUANTILNE...)
5 43.152.56.130 139341 (ACE-AS-AP...)
22 4
Apex Domain
Subdomains		 Transfer
12 meiqia.com
static.meiqia.com — Cisco Umbrella Rank: 203423
edge-api.meiqia.com — Cisco Umbrella Rank: 217994
new-api.meiqia.com — Cisco Umbrella Rank: 179400
camorope-client-a.meiqia.com Failed
828 KB
10 gurert.xyz
dfhc.gurert.xyz
360 KB
22 2
Domain Requested by
10 dfhc.gurert.xyz 1 redirects dfhc.gurert.xyz
7 static.meiqia.com dfhc.gurert.xyz
static.meiqia.com
3 new-api.meiqia.com static.meiqia.com
2 edge-api.meiqia.com static.meiqia.com
0 camorope-client-a.meiqia.com Failed static.meiqia.com
22 5

This site contains no links.

Subject Issuer Validity Valid
dfhc.gurert.xyz
R3		 2022-12-28 -
2023-03-28		 3 months crt.sh
*.meiqia.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-06-20 -
2023-07-21		 a year crt.sh

This page contains 3 frames:

Primary Page: https://dfhc.gurert.xyz/index/user/login
Frame ID: 2796EB48D145AF5745209639F4DF0843
Requests: 21 HTTP requests in this frame

Frame: https://static.meiqia.com/fe-widget/v1.4.8.20221226_1/app-v1.4.8.20221226_1.js
Frame ID: 3BE35E671B5EC15CA916FAB84A3E1848
Requests: 4 HTTP requests in this frame

Frame: https://static.meiqia.com/fe-widget/v1.4.8.20221226_1/static/icon-mq-round@2x.png
Frame ID: B7147150CD2ED665F83B6D9F1AB142CE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

登录

Page URL History Show full URLs

  1. https://dfhc.gurert.xyz/ HTTP 301
    https://dfhc.gurert.xyz/index/user/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

95 %
HTTPS

0 %
IPv6

2
Domains

5
Subdomains

4
IPs

3
Countries

1188 kB
Transfer

1726 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dfhc.gurert.xyz/ HTTP 301
    https://dfhc.gurert.xyz/index/user/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
dfhc.gurert.xyz/index/user/
Redirect Chain
  • https://dfhc.gurert.xyz/
  • https://dfhc.gurert.xyz/index/user/login
18 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dfhc.gurert.xyz/index/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.41.59.97 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
ef738c08ade74b77d2d5cd4976ae21f7318ebe302500c0ea602dae2f56f35093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 28 Dec 2022 04:35:57 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

cache-control
no-cache,must-revalidate
content-type
text/html; charset=utf-8
date
Wed, 28 Dec 2022 04:35:57 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/index/user/login
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
app.7b22fa66c2af28f12bf32977d4b82694.css
dfhc.gurert.xyz/static_new6/css/ 		725 KB
296 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dfhc.gurert.xyz/static_new6/css/app.7b22fa66c2af28f12bf32977d4b82694.css
Requested by
Host: dfhc.gurert.xyz
URL: https://dfhc.gurert.xyz/index/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.41.59.97 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
99c566b2953adf5e7af156a46a048115fd2627ff8de71436c7759b126fcba598
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://dfhc.gurert.xyz/index/user/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 04:35:57 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 01 Mar 2022 05:38:52 GMT
server
nginx
etag
W/"621db16c-b53ee"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Wed, 28 Dec 2022 16:35:57 GMT
public.css
dfhc.gurert.xyz/static_new/css/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dfhc.gurert.xyz/static_new/css/public.css
Requested by
Host: dfhc.gurert.xyz
URL: https://dfhc.gurert.xyz/index/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.41.59.97 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
2509b72d37e08bbb3d3107b1cf2a5412c2cd17ca5b2949857b37557e192152d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://dfhc.gurert.xyz/index/user/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 04:35:57 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 07:33:16 GMT
server
nginx
etag
W/"6148393c-3f5a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Wed, 28 Dec 2022 16:35:57 GMT
jquery.min.js
dfhc.gurert.xyz/static_new/js/ 		86 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dfhc.gurert.xyz/static_new/js/jquery.min.js
Requested by
Host: dfhc.gurert.xyz
URL: https://dfhc.gurert.xyz/index/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.41.59.97 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://dfhc.gurert.xyz/index/user/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 04:35:57 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 07:33:16 GMT
server
nginx
etag
W/"6148393c-15851"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Wed, 28 Dec 2022 16:35:57 GMT
dialog.min.js
dfhc.gurert.xyz/static_new/js/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dfhc.gurert.xyz/static_new/js/dialog.min.js
Requested by
Host: dfhc.gurert.xyz
URL: https://dfhc.gurert.xyz/index/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.41.59.97 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
0dfb1120bbd2ee5daf8f56a511ed5bf5368316663d5778aca4cf2d3815f695d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://dfhc.gurert.xyz/index/user/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 04:35:57 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 11:42:16 GMT
server
nginx
etag
W/"6149c518-6dfb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Wed, 28 Dec 2022 16:35:57 GMT
common.js
dfhc.gurert.xyz/static_new/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dfhc.gurert.xyz/static_new/js/common.js
Requested by
Host: dfhc.gurert.xyz
URL: https://dfhc.gurert.xyz/index/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.41.59.97 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
c086a692a01d650dccb602faf9fbea54f920546532821ad19cdefeb750eea586
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://dfhc.gurert.xyz/index/user/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 04:35:57 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 07:33:16 GMT
server
nginx
etag
W/"6148393c-84e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Wed, 28 Dec 2022 16:35:57 GMT
cityjson
dfhc.gurert.xyz/static_new6/css/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dfhc.gurert.xyz/static_new6/css/cityjson
Requested by
Host: dfhc.gurert.xyz
URL: https://dfhc.gurert.xyz/index/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.41.59.97 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://dfhc.gurert.xyz/index/user/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 04:35:57 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=utf-8
manifest.3ad1d5771e9b13dbdad2.js
dfhc.gurert.xyz/static_new6/js/ 		858 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dfhc.gurert.xyz/static_new6/js/manifest.3ad1d5771e9b13dbdad2.js
Requested by
Host: dfhc.gurert.xyz
URL: https://dfhc.gurert.xyz/index/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.41.59.97 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
0ccc5ee5b3895d4774462fda3e9598881a5fa985c5dfed5129249731bb26fc27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://dfhc.gurert.xyz/index/user/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 04:35:57 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 20 Sep 2021 07:33:30 GMT
server
nginx
etag
"6148394a-35a"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
858
expires
Wed, 28 Dec 2022 16:35:57 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d373b7d1135c61ce2bd7cfb4a87ffa871cb74896e5304050790b4fc8d8678a3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
404a564253f5f4b6ed82ff0859c1eb572e1edb097d98cf50d4bd2534f497e88b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		466 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3000f24322ffe634be4733ae0c033610c73f1bdc1275ec19770c67eed54a79a8

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		747 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6dcca6776bdeadb0f702bf66de47a3f82801c6e116cb53efe14ecbc585a5c5a6

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1c6514898667a2f590bd475da47288458e9b3acabbe9fab139ff192a2f69959

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
login-bg1.png
dfhc.gurert.xyz/static_new6/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dfhc.gurert.xyz/static_new6/img/login-bg1.png
Requested by
Host: dfhc.gurert.xyz
URL: https://dfhc.gurert.xyz/index/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.41.59.97 , Hong Kong, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
6168b20b7bca5b090d7d94dbab0ce4fa9dd2e53ed647e94fffc0d1c4ba7e6608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://dfhc.gurert.xyz/index/user/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 04:35:59 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 20 Sep 2021 07:33:30 GMT
server
nginx
etag
"6148394a-1a00"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6656
expires
Fri, 27 Jan 2023 04:35:59 GMT
meiqia.js
static.meiqia.com/dist/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/dist/meiqia.js?_=t
Requested by
Host: dfhc.gurert.xyz
URL: https://dfhc.gurert.xyz/index/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
9e7d8a474a88edcc8d707634588cb717b8271d1b81ebf7fc5116037a4e215d09
Security Headers
Name Value
Strict-Transport-Security max-age=5184000;includeSubdomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://dfhc.gurert.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 04:35:58 GMT
content-encoding
gzip
x-oss-request-id
63A1DFC89FB2409CA7778A07
content-md5
iN2q9daE1kbetuljDigTSQ==
age
1
strict-transport-security
max-age=5184000;includeSubdomains
x-via
1.1 PSdgflkfFRA1ox201:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:14 (Cdn Cache Server V2.0)
x-oss-object-type
Normal
last-modified
Thu, 21 Jul 2022 02:39:16 GMT
server
AliyunOSS
x-ws-request-id
63abc7ae_PSdgflkfFRA2lp71_16678-60873
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=360
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
4942505803677989402
x-oss-server-time
1
match
edge-api.meiqia.com/summer/widget/route/ 		559 B
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge-api.meiqia.com/summer/widget/route/match
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/dist/meiqia.js?_=t
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.152.56.130 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
TencentEdgeOne /
Resource Hash
179e1c36af5862bccd95bdddb89b0a506918b72f4924986f26e6607f287b475d

Request headers

Referer
https://dfhc.gurert.xyz/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
application/json

Response headers

date
Wed, 28 Dec 2022 04:36:00 GMT
content-encoding
gzip
eo-cache-status
MISS
req-arrive-time
1672202159977
req-cost-time
2
x-envoy-upstream-service-time
2
x-logid
0b8063abc7af57fa70eb
server
TencentEdgeOne
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
*
eo-log-uuid
9822673936762182997
resp-start-time
1672202159979
access-control-allow-headers
Alpha,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,usetemauthorization
x-cost
0.004
match
edge-api.meiqia.com/summer/widget/route/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://edge-api.meiqia.com/summer/widget/route/match
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.152.56.130 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
TencentEdgeOne /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dfhc.gurert.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Signature,Recaptcha-Token,Captcha-Token,Captcha-Value,X-Run-Env,X-Run-Version,Alpha,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Recaptcha-Token,Captcha-Value,X-Mac-Addr,X-App-Key,Captcha-Token,Captcha-Needed,Product,X-Message-Digest,usetemauthorization,x-env-qa,x-ca-key,x-ca-nonce,x-ca-signature-method,x-ca-signature,x-ca-signature-headers,x-ca-timestamp,Content-MD5,X-MQ-ENTERPRISE-TOKEN,X-MQ-PROJECT,X-MQ-VERSION
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://dfhc.gurert.xyz
access-control-max-age
1728000
content-length
0
date
Wed, 28 Dec 2022 04:35:59 GMT
eo-cache-status
MISS
eo-log-uuid
4337460639590239733
server
TencentEdgeOne
x-cost
0.000
x-logid
0cca63abc7af0c7f7919
entrypoint-v1.4.8.20221226_1.js
static.meiqia.com/fe-widget/v1.4.8.20221226_1/ 		117 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/fe-widget/v1.4.8.20221226_1/entrypoint-v1.4.8.20221226_1.js
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/dist/meiqia.js?_=t
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
6c2ff758d22b4d427329210c730b8588f5ec9633700ee33b9f44cad942810392
Security Headers
Name Value
Strict-Transport-Security max-age=5184000;includeSubdomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://dfhc.gurert.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 04:36:00 GMT
strict-transport-security
max-age=5184000;includeSubdomains
x-oss-request-id
63A93EAA485C4F136AE9C136
content-md5
WxAcZPF1HusmZlRbaf3T6w==
age
1
x-via
1.1 PSdgflkfFRA1ox201:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:13 (Cdn Cache Server V2.0)
content-length
119565
x-oss-object-type
Normal
last-modified
Mon, 26 Dec 2022 06:09:37 GMT
server
AliyunOSS
etag
"5B101C64F1751EEB2666545B69FDD3EB"
x-ws-request-id
63abc7b0_PSdgflkfFRA2lp71_16678-60888
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=360
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
1755201248434082597
x-oss-server-time
1
app-v1.4.8.20221226_1.js
static.meiqia.com/fe-widget/v1.4.8.20221226_1/ Frame 3BE3 		653 KB
655 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/fe-widget/v1.4.8.20221226_1/app-v1.4.8.20221226_1.js
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/fe-widget/v1.4.8.20221226_1/entrypoint-v1.4.8.20221226_1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
276d247506de1d95a2299d8f3bde74369e86a9c56dd90d98331a1da10a7f58f0
Security Headers
Name Value
Strict-Transport-Security max-age=5184000;includeSubdomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 04:36:00 GMT
strict-transport-security
max-age=5184000;includeSubdomains
x-oss-request-id
63A93EAF485C4F136AE9C810
content-md5
7cXuk+zF73h47WGoBSlNDA==
age
1
x-via
1.1 PSdgflkfFRA1ox201:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:1 (Cdn Cache Server V2.0)
content-length
668729
x-oss-object-type
Normal
last-modified
Mon, 26 Dec 2022 06:09:37 GMT
server
AliyunOSS
etag
"EDC5EE93ECC5EF7878ED61A805294D0C"
x-ws-request-id
63abc7b0_PSdgflkfFRA2lp71_16678-60893
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=360
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
5176740197633810671
x-oss-server-time
2
get_base_config
new-api.meiqia.com/visit/ 		1009 B
841 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://new-api.meiqia.com/visit/get_base_config?ent_id=06796c8cc09a9a69d37c2889e5440887
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/fe-widget/v1.4.8.20221226_1/entrypoint-v1.4.8.20221226_1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.152.56.130 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
TencentEdgeOne /
Resource Hash
f8ec054e64c9fcabfd3581094f0dafa705670657ef3c11a30be9302d630fca7f

Request headers

Accept
application/json
Referer
https://dfhc.gurert.xyz/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 04:36:01 GMT
content-encoding
gzip
eo-cache-status
MISS
x-logid
0b8063abc7b157fc9b1a
server
TencentEdgeOne
access-control-max-age
300
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cache-control
max-age=60
access-control-allow-credentials
true
eo-log-uuid
5187756605608689769
accept-ranges
bytes
access-control-allow-headers
*
x-cost
0.009
expires
Wed, 28 Dec 2022 04:37:01 GMT
start
new-api.meiqia.com/visit/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://new-api.meiqia.com/visit/start?ent_id=06796c8cc09a9a69d37c2889e5440887&track_id=&title=%E7%99%BB%E5%BD%95&referrer_url=&url=https:%2F%2Fdfhc.gurert.xyz%2Findex%2Fuser%2Flogin&is_standalone=false
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/fe-widget/v1.4.8.20221226_1/entrypoint-v1.4.8.20221226_1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.152.56.130 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
TencentEdgeOne /
Resource Hash
9b2545c7571651e4b17649bb39d93155b77c87c6088b8eab65c2607b1dc8c62b

Request headers

Accept
application/json
Referer
https://dfhc.gurert.xyz/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-logid
0b8063abc7b257fa7387
date
Wed, 28 Dec 2022 04:36:02 GMT
content-encoding
gzip
server
TencentEdgeOne
eo-cache-status
MISS
vary
Accept-Encoding
access-control-max-age
300
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
private, must-revalidate, max-age=0
eo-log-uuid
2673388163115230534
x-cost
0.058
x-request-id
FzTbAbV8aUqEFoku1hfi
497.js
static.meiqia.com/fe-widget/v1.4.8.20221226_1/ Frame 3BE3 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/fe-widget/v1.4.8.20221226_1/497.js
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/fe-widget/v1.4.8.20221226_1/app-v1.4.8.20221226_1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
afe1ed71bd3813dcda0234cc98c99b2b05f3e6ab7983fd377ac8608198ea56a6
Security Headers
Name Value
Strict-Transport-Security max-age=5184000;includeSubdomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 04:36:02 GMT
strict-transport-security
max-age=5184000;includeSubdomains
x-oss-request-id
63A93EBAC0346B82E4F77A19
content-md5
iQDZ75l0+lDqWQuFOG3IDg==
age
1
x-via
1.1 kf230:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2po75:10 (Cdn Cache Server V2.0)
content-length
11182
x-oss-object-type
Normal
last-modified
Mon, 26 Dec 2022 06:09:36 GMT
server
AliyunOSS
etag
"8900D9EF9974FA50EA590B85386DC80E"
x-ws-request-id
63abc7b2_PSdgflkfFRA2lp71_16678-60914
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=360
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
3442776299017230797
x-oss-server-time
1
893.js
static.meiqia.com/fe-widget/v1.4.8.20221226_1/ Frame 3BE3 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/fe-widget/v1.4.8.20221226_1/893.js
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/fe-widget/v1.4.8.20221226_1/app-v1.4.8.20221226_1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
65208d28ac6b449fa7cf5e03370a02f821d86c11f8bcc495f76ff2fbca6fcc76
Security Headers
Name Value
Strict-Transport-Security max-age=5184000;includeSubdomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 04:36:02 GMT
strict-transport-security
max-age=5184000;includeSubdomains
x-oss-request-id
63A93EBA523B0AA44FEF4F9E
content-md5
yGZApddxeIuWweO5QDI2NA==
age
1
x-via
1.1 PSdgflkfFRA1hb199:15 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2po75:21 (Cdn Cache Server V2.0)
content-length
12444
x-oss-object-type
Normal
last-modified
Mon, 26 Dec 2022 06:09:37 GMT
server
AliyunOSS
etag
"C86640A5D771788B96C1E3B940323634"
x-ws-request-id
63abc7b2_PSdgflkfFRA2lp71_16678-60915
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=360
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
8330549879576848227
x-oss-server-time
1
attr_configs
new-api.meiqia.com/unified-api/crm/v1/ 		3 KB
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://new-api.meiqia.com/unified-api/crm/v1/attr_configs?ent_id=351222
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/fe-widget/v1.4.8.20221226_1/entrypoint-v1.4.8.20221226_1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.152.56.130 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
TencentEdgeOne /
Resource Hash
aa6651b1322d64756616f4777604f5144e62ac7bfbeea120c1950ca751f91f36

Request headers

Accept
application/json
Referer
https://dfhc.gurert.xyz/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-logid
0b8063abc7b257fa746a
date
Wed, 28 Dec 2022 04:36:02 GMT
content-encoding
gzip
server
TencentEdgeOne
eo-cache-status
MISS
vary
Accept-Encoding, Origin
access-control-max-age
300
content-type
application/json; charset=utf-8
access-control-allow-origin
*
eo-log-uuid
17104390909861789925
accept-ranges
bytes
x-cost
0.004
info
camorope-client-a.meiqia.com/push/ Frame 3BE3 		0
0
icon-mq-round@2x.png
static.meiqia.com/fe-widget/v1.4.8.20221226_1/static/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.meiqia.com/fe-widget/v1.4.8.20221226_1/static/icon-mq-round@2x.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
df6e80ba7392005025919531597d0f64f8046eec8ee14bcdf3e05760264fe874
Security Headers
Name Value
Strict-Transport-Security max-age=5184000;includeSubdomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://dfhc.gurert.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 04:36:02 GMT
strict-transport-security
max-age=5184000;includeSubdomains
x-oss-request-id
63A93EB4485C4F136AE9CDBD
content-md5
eFJTC4zNbCVOLHJ7KGvTcA==
age
1
x-via
1.1 PSdgflkfFRA1hb199:15 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2lp71:13 (Cdn Cache Server V2.0)
content-disposition
inline
content-length
10613
x-oss-object-type
Normal
last-modified
Mon, 26 Dec 2022 06:09:37 GMT
server
AliyunOSS
etag
"7852530B8CCD6C254E2C727B286BD370"
x-ws-request-id
63abc7b2_PSdgflkfFRA2lp71_16678-60917
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=360
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
18155014595444198583
x-oss-server-time
2
icon-mq-round@2x.png
static.meiqia.com/fe-widget/v1.4.8.20221226_1/static/ Frame B714 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.meiqia.com/fe-widget/v1.4.8.20221226_1/static/icon-mq-round@2x.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
df6e80ba7392005025919531597d0f64f8046eec8ee14bcdf3e05760264fe874
Security Headers
Name Value
Strict-Transport-Security max-age=5184000;includeSubdomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 04:36:02 GMT
strict-transport-security
max-age=5184000;includeSubdomains
x-oss-request-id
63A93EB4485C4F136AE9CDBD
content-md5
eFJTC4zNbCVOLHJ7KGvTcA==
age
1
x-via
1.1 PSdgflkfFRA1hb199:15 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2lp71:13 (Cdn Cache Server V2.0)
content-disposition
inline
content-length
10613
x-oss-object-type
Normal
last-modified
Mon, 26 Dec 2022 06:09:37 GMT
server
AliyunOSS
etag
"7852530B8CCD6C254E2C727B286BD370"
x-ws-request-id
63abc7b2_PSdgflkfFRA2lp71_16678-60918
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=360
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
18155014595444198583
x-oss-server-time
2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
camorope-client-a.meiqia.com
URL
https://camorope-client-a.meiqia.com/push/info?browser_id=a96f1ccbca693542945c7a55574d57ed&ent_id=351222&track_id=2JWmMAv3ecZzElQQVmqXv7L84iw&visit_id=2JWmM9FHphPTeM187nS5bt5Br0Y&t=1672202162455

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange function| $ function| jQuery function| ssscode function| webpackJsonp function| show_cs function| _MEIQIA object| __core-js_shared__ object| core string| _agent_chat_type object| _widgetBundleName string| backendApi string| publicUrl string| socketUrl undefined| MQ_X_CA_KEY undefined| MQ_X_CA_SECRET object| regeneratorRuntime object| _CHAT_GLOBAL_API_CONFIG_ object| meiqia

3 Cookies

Domain/Path Name / Value
dfhc.gurert.xyz/ Name: s9f533cff
Value: npmregsl63vi4ig5lltuosatm3
.gurert.xyz/ Name: MEIQIA_TRACK_ID
Value: 2JWmMAv3ecZzElQQVmqXv7L84iw
.gurert.xyz/ Name: MEIQIA_VISIT_ID
Value: 2JWmM9FHphPTeM187nS5bt5Br0Y

1 Console Messages

Source Level URL
Text
network error URL: https://dfhc.gurert.xyz/static_new6/css/cityjson
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

camorope-client-a.meiqia.com
dfhc.gurert.xyz
edge-api.meiqia.com
new-api.meiqia.com
static.meiqia.com
camorope-client-a.meiqia.com
163.171.132.119
194.41.59.97
43.152.56.130
0ccc5ee5b3895d4774462fda3e9598881a5fa985c5dfed5129249731bb26fc27
0dfb1120bbd2ee5daf8f56a511ed5bf5368316663d5778aca4cf2d3815f695d4
179e1c36af5862bccd95bdddb89b0a506918b72f4924986f26e6607f287b475d
2509b72d37e08bbb3d3107b1cf2a5412c2cd17ca5b2949857b37557e192152d0
276d247506de1d95a2299d8f3bde74369e86a9c56dd90d98331a1da10a7f58f0
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
2d373b7d1135c61ce2bd7cfb4a87ffa871cb74896e5304050790b4fc8d8678a3
3000f24322ffe634be4733ae0c033610c73f1bdc1275ec19770c67eed54a79a8
404a564253f5f4b6ed82ff0859c1eb572e1edb097d98cf50d4bd2534f497e88b
6168b20b7bca5b090d7d94dbab0ce4fa9dd2e53ed647e94fffc0d1c4ba7e6608
65208d28ac6b449fa7cf5e03370a02f821d86c11f8bcc495f76ff2fbca6fcc76
6c2ff758d22b4d427329210c730b8588f5ec9633700ee33b9f44cad942810392
6dcca6776bdeadb0f702bf66de47a3f82801c6e116cb53efe14ecbc585a5c5a6
99c566b2953adf5e7af156a46a048115fd2627ff8de71436c7759b126fcba598
9b2545c7571651e4b17649bb39d93155b77c87c6088b8eab65c2607b1dc8c62b
9e7d8a474a88edcc8d707634588cb717b8271d1b81ebf7fc5116037a4e215d09
a1c6514898667a2f590bd475da47288458e9b3acabbe9fab139ff192a2f69959
aa6651b1322d64756616f4777604f5144e62ac7bfbeea120c1950ca751f91f36
afe1ed71bd3813dcda0234cc98c99b2b05f3e6ab7983fd377ac8608198ea56a6
c086a692a01d650dccb602faf9fbea54f920546532821ad19cdefeb750eea586
df6e80ba7392005025919531597d0f64f8046eec8ee14bcdf3e05760264fe874
ef738c08ade74b77d2d5cd4976ae21f7318ebe302500c0ea602dae2f56f35093
f8ec054e64c9fcabfd3581094f0dafa705670657ef3c11a30be9302d630fca7f