dalt8oyan8psz.cloudfront.net Open in urlscan Pro
54.230.244.185 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://35922.club/
Effective URL:
https://dalt8oyan8psz.cloudfront.net/fl/fl333-1723794667250.apk
Submission: On August 16 via api (August 16th 2024, 8:03:46 am UTC) from US — Scanned from CA

Summary HTTP 22 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 22 HTTP transactions. The main IP is 54.230.244.185, located in and belongs to . The main domain is dalt8oyan8psz.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on July 30th 2024. Valid for: a year.

This is the only time dalt8oyan8psz.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	147.92.35.171 147.92.35.171	59371 (DNC-AS Di...) (DNC-AS Dimension Network & Communication Limited)
2	156.225.111.13 156.225.111.13	139057 (LDPL-AS-A...) (LDPL-AS-AP LEGEND DYNASTY PTE. LTD.)
1 3	170.33.13.110 170.33.13.110	134963 (ASEPL-AS-...) (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited)
1	111.45.11.83 111.45.11.83	56040 (CMNET-GUA...) (CMNET-GUANGDONG-AP China Mobile communications corporation)
1 1	47.76.179.163 47.76.179.163	() ()
2	54.230.244.185 54.230.244.185	() ()
22	5

15 147.92.35.171 (Hong Kong, Hong Kong)

ASN59371 (DNC-AS Dimension Network & Communication Limited, HK)

35922.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 156.225.111.13 (Hong Kong)

ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 170.33.13.110 (Singapore) 1 redirects

ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG)

33z03lu0pj0s6.wisdomcounty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 111.45.11.83 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.76.179.163 (None, ) 1 redirects

ASN- ()

igl.fri.xl777.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.244.185 (None, )

ASN- ()

dalt8oyan8psz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	35922.club 35922.club	745 KB
3	wisdomcounty.com 1 redirects 33z03lu0pj0s6.wisdomcounty.com	2 KB
2	cloudfront.net dalt8oyan8psz.cloudfront.net	2 KB
2	51.la sdk.51.la — Cisco Umbrella Rank: 46121 collect-v6.51.la — Cisco Umbrella Rank: 35990	13 KB
1	xl777.club 1 redirects igl.fri.xl777.club	260 B
1	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8226	175 B
22	6

	Domain	Requested by
15	35922.club	35922.club
3	33z03lu0pj0s6.wisdomcounty.com	1 redirects 35922.club
2	dalt8oyan8psz.cloudfront.net	35922.club
1	igl.fri.xl777.club	1 redirects
1	hm.baidu.com	35922.club
1	collect-v6.51.la	sdk.51.la
1	sdk.51.la	35922.club
22	7

This site contains links to these domains. Also see Links.

Domain
6998kf.com

Subject Issuer	Validity	Valid
69905.club R10	`2024-08-06` - `2024-11-04`	3 months	crt.sh
*.51.la Sectigo RSA Domain Validation Secure Server CA	`2024-05-14` - `2025-05-14`	a year	crt.sh
*.wisdomcounty.com Sectigo RSA Domain Validation Secure Server CA	`2024-06-16` - `2025-06-16`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2024-07-08` - `2025-08-09`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dalt8oyan8psz.cloudfront.net/fl/fl333-1723794667250.apk
Frame ID: B4F8C5D1FDE929F5EA2D01CB9B7EFA79
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://35922.club/ Page URL
https://33z03lu0pj0s6.wisdomcounty.com:6443/page/m8aq3u6b/install/c/eyJjIjoiMzU5MjJjbHViIiwibSI6InAyakh4WE5ZdkRBQUFBR1JX... HTTP 302
https://igl.fri.xl777.club:5026/redirect/aws?s=fl333 HTTP 302
https://dalt8oyan8psz.cloudfront.net/fl/fl333-1723794667250.apk Page URL

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

5
IPs

3
Countries

762 kB
Transfer

867 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://6998kf.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://35922.club/ Page URL
https://33z03lu0pj0s6.wisdomcounty.com:6443/page/m8aq3u6b/install/c/eyJjIjoiMzU5MjJjbHViIiwibSI6InAyakh4WE5ZdkRBQUFBR1JXamFuWnMtVm8zMUlEWVRBOUNTRTVZb25OVjdnY01JZVBObEVyZ25pU0pqTTU0Vjl3ZFg2Z19fTUU4RWNYY1lhZFFjNXl1dlVHY3l0TXZneWFBVHJUVEhtLXJ6a0NIT1MyTXJ3QlNmVUlXdnV1eHdyVUJxQlNBIn0=?p=0 HTTP 302
https://igl.fri.xl777.club:5026/redirect/aws?s=fl333 HTTP 302
https://dalt8oyan8psz.cloudfront.net/fl/fl333-1723794667250.apk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
35922.club/ 3 KB
2 KB 1672ms
218ms Document
text/html 147.92.35.171
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to

Full URL: https://35922.club/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.92.35.171 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: 8080 /
Resource Hash: e6e42491dfd651d86323c2bf142885b21646737be2287914253f5455fd86626a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 16 Aug 2024 08:03:34 GMT
ETag: W/"66b1f661-d15"
Last-Modified: Tue, 06 Aug 2024 10:09:37 GMT
Server: 8080
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK conf.js Show response
35922.club/files/ 967 B
1 KB 218ms
215ms Script
application/javascript 147.92.35.171
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to

Full URL: https://35922.club/files/conf.js
Requested by: Host: 35922.club
URL: https://35922.club/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.92.35.171 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: 8080 /
Resource Hash: c0b382dba14d61084c4c3a976191fde672d9a12c141ad6248eb4813172891d71

Request headers

Referer: https://35922.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 08:03:35 GMT
Last-Modified: Thu, 21 Mar 2024 18:33:30 GMT
Server: 8080
ETag: "65fc7d7a-3c7"
X-Cache-Status: EXPIRED
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 967
Expires: Fri, 16 Aug 2024 20:03:35 GMT

GET
H/1.1 200
OK index.css
35922.club/files/ 7 KB
2 KB 441ms
222ms Stylesheet
text/css 147.92.35.171
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to

Full URL: https://35922.club/files/index.css
Requested by: Host: 35922.club
URL: https://35922.club/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.92.35.171 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: 8080 /
Resource Hash: 08ea7f632ad2985db8fbcd8064a0528e5c64d29e4cb23f78980e540890ee5230

Request headers

Referer: https://35922.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 08:03:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2024 10:36:26 GMT
Server: 8080
ETag: W/"66b1fcaa-1c47"
X-Cache-Status: EXPIRED
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 16 Aug 2024 20:03:35 GMT

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
35922.club/files/ 87 KB
34 KB 865ms
437ms Script
application/javascript 147.92.35.171
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to

Full URL: https://35922.club/files/jquery-3.5.1.min.js
Requested by: Host: 35922.club
URL: https://35922.club/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.92.35.171 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: 8080 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://35922.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 08:03:35 GMT
Content-Encoding: gzip
Last-Modified: Sun, 10 Mar 2024 07:38:14 GMT
Server: 8080
ETag: W/"65ed6366-15d84"
X-Cache-Status: EXPIRED
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 16 Aug 2024 20:03:35 GMT

GET
H/1.1 200
OK appinstall.js Show response
35922.club/files/ 46 KB
20 KB 867ms
439ms Script
application/javascript 147.92.35.171
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to

Full URL: https://35922.club/files/appinstall.js
Requested by: Host: 35922.club
URL: https://35922.club/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.92.35.171 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: 8080 /
Resource Hash: 7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd

Request headers

Referer: https://35922.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 08:03:35 GMT
Content-Encoding: gzip
Last-Modified: Sun, 10 Mar 2024 07:38:14 GMT
Server: 8080
ETag: W/"65ed6366-b9e1"
X-Cache-Status: EXPIRED
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 16 Aug 2024 20:03:35 GMT

GET
H/1.1 200
OK xzapp.js Show response
35922.club/ 2 KB
1 KB 651ms
222ms Script
application/javascript 147.92.35.171
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to

Full URL: https://35922.club/xzapp.js
Requested by: Host: 35922.club
URL: https://35922.club/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.92.35.171 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: 8080 /
Resource Hash: 5d9452defd89f198afa99697e603c16096969742f68c102b540adaed5779eb72

Request headers

Referer: https://35922.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 08:03:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Aug 2024 21:59:47 GMT
Server: 8080
ETag: W/"66be7a53-909"
X-Cache-Status: EXPIRED
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 16 Aug 2024 20:03:35 GMT

GET
H/1.1 200
OK qrcode.min.html Show response
35922.club/files/ 150 B
379 B 650ms
219ms Script
text/html 147.92.35.171
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to

Full URL: https://35922.club/files/qrcode.min.html
Requested by: Host: 35922.club
URL: https://35922.club/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.92.35.171 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: 8080 /
Resource Hash: ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6

Request headers

Referer: https://35922.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 08:03:35 GMT
Last-Modified: Sun, 10 Mar 2024 07:38:16 GMT
Server: 8080
ETag: "65ed6368-96"
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 150

GET
H/1.1 200
OK logo.png
35922.club/tp/ 78 KB
79 KB 642ms
428ms Image
image/png 147.92.35.171
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://35922.club/tp/logo.png
Requested by: Host: 35922.club
URL: https://35922.club/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.92.35.171 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: 8080 /
Resource Hash: de99afd44c9e3e237d4de7b8addf0bc9156f1f619be0964edc29c7a5e817b532

Request headers

Referer: https://35922.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 08:03:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2024 10:10:30 GMT
Server: 8080
ETag: W/"66b1f696-13897"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 08 Sep 2024 20:22:55 GMT

GET
H/1.1 200
OK kf.png
35922.club/tp/ 34 KB
35 KB 428ms
428ms Image
image/png 147.92.35.171
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://35922.club/tp/kf.png
Requested by: Host: 35922.club
URL: https://35922.club/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.92.35.171 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: 8080 /
Resource Hash: cb7d8890c5dba8a3f97c6fc15244f46ba3c80393f8d0a0d39d61d2fb312ea760

Request headers

Referer: https://35922.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 08:03:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2024 10:10:29 GMT
Server: 8080
ETag: W/"66b1f695-8894"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 08 Sep 2024 20:22:55 GMT

GET
H/1.1 200
OK left.png
35922.club/tp/ 223 KB
223 KB 217ms
217ms Image
image/png 147.92.35.171
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://35922.club/tp/left.png
Requested by: Host: 35922.club
URL: https://35922.club/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.92.35.171 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: 8080 /
Resource Hash: 2a88b9db6c0ac3680bb6f5890b9eb46ecb087d3ad35f65e15f8cbff41685d0b4

Request headers

Referer: https://35922.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 08:03:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2024 10:10:29 GMT
Server: 8080
ETag: W/"66b1f695-37c09"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 08 Sep 2024 20:22:55 GMT

GET
H/1.1 200
OK wenzi.png
35922.club/tp/ 213 KB
213 KB 232ms
229ms Image
image/png 147.92.35.171
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://35922.club/tp/wenzi.png
Requested by: Host: 35922.club
URL: https://35922.club/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.92.35.171 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: 8080 /
Resource Hash: d6367f41c907fb1647f07ba4e13ec9831ab02fee489f09e802d723e6a7bf1744

Request headers

Referer: https://35922.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 08:03:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2024 10:10:31 GMT
Server: 8080
ETag: W/"66b1f697-355fa"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 08 Sep 2024 20:22:55 GMT

GET
H/1.1 200
OK xiazai.png
35922.club/tp/ 55 KB
55 KB 230ms
229ms Image
image/png 147.92.35.171
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://35922.club/tp/xiazai.png
Requested by: Host: 35922.club
URL: https://35922.club/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.92.35.171 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: 8080 /
Resource Hash: 688aa53f372732962c330f766ac2b9f8b3d2e8976da0b5276c3a605ac5b024af

Request headers

Referer: https://35922.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 08:03:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2024 10:33:03 GMT
Server: 8080
ETag: W/"66b1fbdf-ddb4"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 08 Sep 2024 20:22:55 GMT

GET
H/1.1 200
OK android.png
35922.club/tp/ 39 KB
39 KB 433ms
432ms Image
image/png 147.92.35.171
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://35922.club/tp/android.png
Requested by: Host: 35922.club
URL: https://35922.club/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.92.35.171 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: 8080 /
Resource Hash: 37e0d4b5f86202ae5c4e2dc2cdab3504cb1a316f47a7f0de2437132c3448ad19

Request headers

Referer: https://35922.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 08:03:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2024 10:10:26 GMT
Server: 8080
ETag: W/"66b1f692-9b96"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 08 Sep 2024 20:22:55 GMT

GET
H/1.1 200
OK ios.png
35922.club/tp/ 39 KB
39 KB 441ms
441ms Image
image/png 147.92.35.171
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://35922.club/tp/ios.png
Requested by: Host: 35922.club
URL: https://35922.club/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.92.35.171 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: 8080 /
Resource Hash: 3ab75e12e9e7e51d9d38b0830495ca3a1517e4923d3c5834f3bd96d052290cba

Request headers

Referer: https://35922.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 08:03:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2024 10:10:28 GMT
Server: 8080
ETag: W/"66b1f694-9ce1"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 08 Sep 2024 20:22:55 GMT

GET
H/1.1 200
OK js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 1096ms
265ms Script
text/plain 156.225.111.13
LDPL-AS-AP LEGEND...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: 35922.club
URL: https://35922.club/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 156.225.111.13 , Hong Kong, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG),
Reverse DNS
Software: openresty /
Resource Hash: c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa

Request headers

Referer: https://35922.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 08:03:37 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Ser: BC17_US-Virginia-Ashburn-1-cache-1

POST
H2 200 init Show response
33z03lu0pj0s6.wisdomcounty.com/web/m8aq3u6b/35922cl/ 797 B
1 KB 863ms
277ms XHR
application/json 170.33.13.110
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://33z03lu0pj0s6.wisdomcounty.com:6443/web/m8aq3u6b/35922cl/init?channelCode=35922club&av=0&cv=0&hash=&server=https%3A%2F%2F33z03lu0pj0s6.wisdomcounty.com%3A6443&sw=p6Cmpg&sh=p6Smpg&sp=1&li=p6GkuKehuKa4oA

Requested by

Host: 35922.club
URL: https://35922.club/files/appinstall.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

170.33.13.110 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),

Reverse DNS

Software

NgxFence /

Resource Hash

eebdb929c5192c667acf977c478cd6aa52adfc058149970271af2fbc8e135cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://35922.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Aug 2024 08:03:36 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
server: NgxFence
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://35922.club
access-control-allow-credentials: true

POST
H/1.1 200
OK collect Show response
collect-v6.51.la/v6/ 0
378 B 499ms
264ms XHR
text/plain 156.225.111.13
LDPL-AS-AP LEGEND...

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 156.225.111.13 , Hong Kong, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://35922.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 08:03:37 GMT
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://35922.club
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-Ser: BC8_yd-obgp-guangdong-shenzhen-27-cache-2, BC12_US-Virginia-Ashburn-1-cache-1

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 0
175 B 2278ms
1518ms Script
text/plain 111.45.11.83
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?abecb1866a53f2659a40384811d14806

Requested by

Host: 35922.club
URL: https://35922.club/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.11.83 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: https://35922.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 08:03:39 GMT
Strict-Transport-Security: max-age=172800
Server: apache
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H/1.1 404
Not Found favicon.ico
35922.club/ 548 B
717 B 214ms
214ms Other
text/html 147.92.35.171
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to

Full URL: https://35922.club/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.92.35.171 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: 8080 /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://35922.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 16 Aug 2024 08:03:39 GMT
Server: 8080
Connection: keep-alive
Content-Length: 548
X-Cache-Status: MISS
Content-Type: text/html

POST
H2 200 eyJjIjoiMzU5MjJjbHViIiwibSI6Ijh0ZUctOUIybmx3QUFBR1JXamFuWnZ1VnV4LWVJYloybmZObXlzYTNkcmNpOFIzQXNDd25yWS1lOFMzTm8tZUJWR1VkRFRMa3JScXo5Y25BR0Z2Y3pvcDJDeUVVa3p0MlZLS1k0c1BKV1ZBaXdocWQ1b180SVE3dnR2QkdSQ...
33z03lu0pj0s6.wisdomcounty.com/web/m8aq3u6b/35922cl/clicked/c/ 0
379 B 260ms
259ms Ping
text/plain 170.33.13.110
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://33z03lu0pj0s6.wisdomcounty.com:6443/web/m8aq3u6b/35922cl/clicked/c/eyJjIjoiMzU5MjJjbHViIiwibSI6Ijh0ZUctOUIybmx3QUFBR1JXamFuWnZ1VnV4LWVJYloybmZObXlzYTNkcmNpOFIzQXNDd25yWS1lOFMzTm8tZUJWR1VkRFRMa3JScXo5Y25BR0Z2Y3pvcDJDeUVVa3p0MlZLS1k0c1BKV1ZBaXdocWQ1b180SVE3dnR2QkdSQXBoQXMzYnd3In0=?p=0&ref=https%3A%2F%2F35922.club%2F&ac=0&cc=0&channelCode=35922club

Requested by

Host: 35922.club
URL: https://35922.club/files/appinstall.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

170.33.13.110 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),

Reverse DNS

Software

NgxFence /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://35922.club/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 16 Aug 2024 08:03:42 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
server: NgxFence
vary: Origin, Origin
access-control-allow-origin: https://35922.club
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0

GET
H2

403

Primary Request fl333-1723794667250.apk Show response
dalt8oyan8psz.cloudfront.net/fl/
Redirect Chain

https://33z03lu0pj0s6.wisdomcounty.com:6443/page/m8aq3u6b/install/c/eyJjIjoiMzU5MjJjbHViIiwibSI6InAyakh4WE5ZdkRBQUFBR1JXamFuWnMtVm8zMUlEWVRBOUNTRTVZb25OVjdnY01JZVBObEVyZ25pU0pqTTU0Vjl3ZFg2Z19fTUU4R...
https://igl.fri.xl777.club:5026/redirect/aws?s=fl333
https://dalt8oyan8psz.cloudfront.net/fl/fl333-1723794667250.apk

986 B
1 KB

172ms
35ms

Document
text/html

54.230.244.185

General

Check archive.org

Show headers Download Go to

Full URL: https://dalt8oyan8psz.cloudfront.net/fl/fl333-1723794667250.apk
Requested by: Host: 35922.club
URL: https://35922.club/files/appinstall.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.244.185 -, , ASN (),
Reverse DNS
Software: CloudFront /
Resource Hash: 2d5b376071933e8d692ed11ace25927b5a76ddae393884ca51088615fd1ff19c

Request headers

Referer: https://35922.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-length: 986
content-type: text/html
date: Fri, 16 Aug 2024 08:03:45 GMT
server: CloudFront
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
x-amz-cf-id: XAZVwV5tF0ZEmyskeY1NFDnGd-CrCY-zrmSL_2d8gY9JdsZNwoPAsA==
x-amz-cf-pop: EWR53-P1
x-cache: Error from cloudfront

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Fri, 16 Aug 2024 08:03:45 GMT
Location: https://dalt8oyan8psz.cloudfront.net/fl/fl333-1723794667250.apk
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

GET
H2 403 favicon.ico
dalt8oyan8psz.cloudfront.net/ 986 B
1 KB 41ms
40ms Other
text/html 54.230.244.185

General

Check archive.org

Show headers Download Go to

Full URL: https://dalt8oyan8psz.cloudfront.net/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.244.185 -, , ASN (),
Reverse DNS
Software: CloudFront /
Resource Hash: 6b97eca263beab4cb8a513f515ddcf393af8b3e693c65876f5b71bf3ada1a014

Request headers

Referer: https://dalt8oyan8psz.cloudfront.net/fl/fl333-1723794667250.apk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 16 Aug 2024 08:03:45 GMT
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
x-cache: Error from cloudfront
content-type: text/html
content-length: 986
x-amz-cf-id: 7i0zURUTz6yEcMJUAb6OdBM5dIDcLEFOTUDA7FqgfRA34bNCYQk3uA==

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
35922.club/	1969-12-31 23:59:59	Name: __vtins__K2xRYKB2u2FWbgz3 Value: %7B%22sid%22%3A%20%22a81ea096-5c0d-515e-b2cb-444fe75eb567%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201723797217206%2C%20%22ct%22%3A%201723795417206%7D
35922.club/	1970-01-21 08:25:55	Name: __51uvsct__K2xRYKB2u2FWbgz3 Value: 1
35922.club/	1970-01-21 08:25:55	Name: __51vcke__K2xRYKB2u2FWbgz3 Value: f50ec486-2b24-532a-83ac-1dbc164cff57
35922.club/	1970-01-21 08:25:55	Name: __51vuft__K2xRYKB2u2FWbgz3 Value: 1723795417226

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://35922.club/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://dalt8oyan8psz.cloudfront.net/fl/fl333-1723794667250.apk Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://dalt8oyan8psz.cloudfront.net/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33z03lu0pj0s6.wisdomcounty.com
35922.club
collect-v6.51.la
dalt8oyan8psz.cloudfront.net
hm.baidu.com
igl.fri.xl777.club
sdk.51.la
111.45.11.83
147.92.35.171
156.225.111.13
170.33.13.110
47.76.179.163
54.230.244.185
08ea7f632ad2985db8fbcd8064a0528e5c64d29e4cb23f78980e540890ee5230
2a88b9db6c0ac3680bb6f5890b9eb46ecb087d3ad35f65e15f8cbff41685d0b4
2d5b376071933e8d692ed11ace25927b5a76ddae393884ca51088615fd1ff19c
37e0d4b5f86202ae5c4e2dc2cdab3504cb1a316f47a7f0de2437132c3448ad19
3ab75e12e9e7e51d9d38b0830495ca3a1517e4923d3c5834f3bd96d052290cba
5d9452defd89f198afa99697e603c16096969742f68c102b540adaed5779eb72
688aa53f372732962c330f766ac2b9f8b3d2e8976da0b5276c3a605ac5b024af
6b97eca263beab4cb8a513f515ddcf393af8b3e693c65876f5b71bf3ada1a014
7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd
c0b382dba14d61084c4c3a976191fde672d9a12c141ad6248eb4813172891d71
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa
cb7d8890c5dba8a3f97c6fc15244f46ba3c80393f8d0a0d39d61d2fb312ea760
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d6367f41c907fb1647f07ba4e13ec9831ab02fee489f09e802d723e6a7bf1744
de99afd44c9e3e237d4de7b8addf0bc9156f1f619be0964edc29c7a5e817b532
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e42491dfd651d86323c2bf142885b21646737be2287914253f5455fd86626a
ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6
eebdb929c5192c667acf977c478cd6aa52adfc058149970271af2fbc8e135cfe
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

dalt8oyan8psz.cloudfront.net Open in urlscan Pro 54.230.244.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

5 IPs

3 Countries

762 kBTransfer

867 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

4 Cookies

3 Console Messages

Indicators

dalt8oyan8psz.cloudfront.net Open in urlscan Pro
54.230.244.185 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

5
IPs

3
Countries

762 kB
Transfer

867 kB
Size

4
Cookies

22 HTTP transactions
0 data transactions