6q6w2u3.top Open in urlscan Pro
20.239.237.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://6q6w2u3.top/
Effective URL:
https://6q6w2u3.top/1.html?channelCode=lg446
Submission: On November 20 via api (November 20th 2024, 8:11:04 am UTC) from BE — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 14 HTTP transactions. The main IP is 20.239.237.10, located in Hong Kong, Hong Kong and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is 6q6w2u3.top.
TLS certificate: Issued by R11 on November 14th 2024. Valid for: 3 months.

This is the only time 6q6w2u3.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
7	20.239.237.10 20.239.237.10		8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
14	2

7 20.239.237.10 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

6q6w2u3.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	6q6w2u3.top 6q6w2u3.top	39 KB
0	myqcloud.com Failed uopil20wed-1331445069.cos.accelerate.myqcloud.com Failed hby19dto-1331446929.cos.accelerate.myqcloud.com Failed
14	2

	Domain	Requested by
7	6q6w2u3.top	6q6w2u3.top
0	hby19dto-1331446929.cos.accelerate.myqcloud.com Failed	6q6w2u3.top
0	uopil20wed-1331445069.cos.accelerate.myqcloud.com Failed	6q6w2u3.top
14	3

This site contains no links.

Subject Issuer	Validity	Valid
6q6w2u3.top R11	`2024-11-14` - `2025-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://6q6w2u3.top/1.html?channelCode=lg446
Frame ID: 108341A11F903D60131A8E9AD082BF54
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://6q6w2u3.top/ HTTP 307
https://6q6w2u3.top/ Page URL
https://6q6w2u3.top/1.html?channelCode=lg446 Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

39 kB
Transfer

100 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://6q6w2u3.top/ HTTP 307
https://6q6w2u3.top/ Page URL
https://6q6w2u3.top/1.html?channelCode=lg446 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://6q6w2u3.top/ HTTP 307
https://6q6w2u3.top/

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response 6q6w2u3.top/ Redirect Chain http://6q6w2u3.top/ https://6q6w2u3.top/	1 KB 947 B	2164ms 231ms	Document text/html	20.239.237.10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://6q6w2u3.top/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.239.237.10 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash `b02189ae6534da0386882cb2fbe149e8c39fec0bc0af848ad9ac07816ba4aad4` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Content-Encoding gzip Content-Length 696 Content-Type text/html Date Wed, 20 Nov 2024 08:10:49 GMT Etag W/"6735fd81-509" Last-Modified Thu, 14 Nov 2024 13:39:13 GMT Server nginx Vary Accept-Encoding X-Cache BYPASS Redirect headers Location https://6q6w2u3.top/ Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	200 OK	admin.js Show response 6q6w2u3.top/	244 B 552 B	231ms 231ms	Script application/javascript	20.239.237.10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://6q6w2u3.top/admin.js Requested by Host: 6q6w2u3.top URL: https://6q6w2u3.top/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.239.237.10 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash `fd7dd3d5682c72e744e1ab126e883adb73d0b30df4cb56e453f6ec513b107635` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://6q6w2u3.top/ Response headers Cache-Control max-age=43200 Etag "6735fd88-f4" Expires Wed, 20 Nov 2024 20:10:49 GMT Accept-Ranges bytes X-Cache UPDATING Content-Length 244 Date Wed, 20 Nov 2024 08:10:49 GMT Content-Type application/javascript Last-Modified Thu, 14 Nov 2024 13:39:20 GMT Server nginx
GET H/1.1	404 Not Found	favicon.ico 6q6w2u3.top/	548 B 702 B	4064ms 4064ms	Other text/html	20.239.237.10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://6q6w2u3.top/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.239.237.10 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://6q6w2u3.top/ Response headers X-Cache BYPASS, Status: 404 Content-Length 548 Date Wed, 20 Nov 2024 08:10:49 GMT Content-Type text/html Server nginx
GET H/1.1	200 OK	Primary Request 1.html Show response 6q6w2u3.top/	2 KB 1003 B	4183ms 229ms	Document text/html	20.239.237.10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://6q6w2u3.top/1.html?channelCode=lg446 Requested by Host: 6q6w2u3.top URL: https://6q6w2u3.top/admin.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.239.237.10 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash `3023dc82dde230632cb127e9351b44e440ec7a0d3e08c2b3459efa519c22e581` Request headers Referer https://6q6w2u3.top/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Content-Encoding gzip Content-Length 750 Content-Type text/html Date Wed, 20 Nov 2024 08:10:53 GMT Etag W/"673d8dff-6e5" Last-Modified Wed, 20 Nov 2024 07:21:35 GMT Server nginx Vary Accept-Encoding X-Cache UPDATING
GET H/1.1	200 OK	index.css 6q6w2u3.top/vawym_files/	4 KB 1 KB	234ms 232ms	Stylesheet text/css	20.239.237.10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://6q6w2u3.top/vawym_files/index.css Requested by Host: 6q6w2u3.top URL: https://6q6w2u3.top/1.html?channelCode=lg446 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.239.237.10 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash `747d5db6dcc5fb71528034126ca3f89973f622a60fa11a0d7476dbee6181af33` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://6q6w2u3.top/1.html?channelCode=lg446 Response headers Cache-Control max-age=43200 Content-Encoding gzip Etag W/"673328c4-ec0" Expires Wed, 20 Nov 2024 20:10:53 GMT X-Cache UPDATING Content-Length 994 Date Wed, 20 Nov 2024 08:10:53 GMT Content-Type text/css Last-Modified Tue, 12 Nov 2024 10:07:00 GMT Server nginx Vary Accept-Encoding
GET H/1.1	200 OK	jquery-3.5.1.min.js Show response 6q6w2u3.top/vawym_files/	88 KB 35 KB	401ms 233ms	Script application/javascript	20.239.237.10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://6q6w2u3.top/vawym_files/jquery-3.5.1.min.js Requested by Host: 6q6w2u3.top URL: https://6q6w2u3.top/1.html?channelCode=lg446 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.239.237.10 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash `e2a0fd6f8ab0c30f98e58d503a31ac2d6790c9bb51238998abc2e817ed548108` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://6q6w2u3.top/1.html?channelCode=lg446 Response headers Transfer-Encoding chunked Cache-Control max-age=43200 Content-Encoding gzip Etag W/"673328c5-1611c" Expires Wed, 20 Nov 2024 20:10:54 GMT X-Cache UPDATING Date Wed, 20 Nov 2024 08:10:54 GMT Content-Type application/javascript Last-Modified Tue, 12 Nov 2024 10:07:01 GMT Server nginx Vary Accept-Encoding
GET		nopjh.js uopil20wed-1331445069.cos.accelerate.myqcloud.com/	0 0

GET H/1.1	200 OK	head.gif 6q6w2u3.top/vawym_files/	4 KB 0	489ms 252ms	Image image/gif	20.239.237.10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://6q6w2u3.top/vawym_files/head.gif Requested by Host: 6q6w2u3.top URL: https://6q6w2u3.top/1.html?channelCode=lg446 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.239.237.10 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://6q6w2u3.top/1.html?channelCode=lg446 Response headers Transfer-Encoding chunked Cache-Control max-age=2592000 Content-Encoding gzip Etag W/"673595c4-2b979" Expires Fri, 20 Dec 2024 08:10:54 GMT X-Cache UPDATING Date Wed, 20 Nov 2024 08:10:54 GMT Content-Type image/gif Last-Modified Thu, 14 Nov 2024 06:16:36 GMT Server nginx Vary Accept-Encoding
GET		mytgt.js hby19dto-1331446929.cos.accelerate.myqcloud.com/	0 0

GET		page-img1.gif 6q6w2u3.top/vawym_files/	0 0

GET		ge-aw2.js hby19dto-1331446929.cos.accelerate.myqcloud.com/	0 0

GET		foot.gif 6q6w2u3.top/vawym_files/	0 0

GET		qrcode.js.%E4%B8%8B%E8%BD%BD 6q6w2u3.top/vawym_files/	0 0

GET		lgck.js 6q6w2u3.top/vawym_files/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: uopil20wed-1331445069.cos.accelerate.myqcloud.com
URL: https://uopil20wed-1331445069.cos.accelerate.myqcloud.com/nopjh.js

Domain: hby19dto-1331446929.cos.accelerate.myqcloud.com
URL: https://hby19dto-1331446929.cos.accelerate.myqcloud.com/mytgt.js

Domain: 6q6w2u3.top
URL: https://6q6w2u3.top/vawym_files/page-img1.gif

Domain: hby19dto-1331446929.cos.accelerate.myqcloud.com
URL: https://hby19dto-1331446929.cos.accelerate.myqcloud.com/ge-aw2.js

Domain: 6q6w2u3.top
URL: https://6q6w2u3.top/vawym_files/foot.gif

Domain: 6q6w2u3.top
URL: https://6q6w2u3.top/vawym_files/qrcode.js.%E4%B8%8B%E8%BD%BD

Domain: 6q6w2u3.top
URL: https://6q6w2u3.top/vawym_files/lgck.js

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| generateRandomString function| $ function| jQuery object| link

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://6q6w2u3.top/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6q6w2u3.top
hby19dto-1331446929.cos.accelerate.myqcloud.com
uopil20wed-1331445069.cos.accelerate.myqcloud.com
6q6w2u3.top
hby19dto-1331446929.cos.accelerate.myqcloud.com
uopil20wed-1331445069.cos.accelerate.myqcloud.com
20.239.237.10
3023dc82dde230632cb127e9351b44e440ec7a0d3e08c2b3459efa519c22e581
747d5db6dcc5fb71528034126ca3f89973f622a60fa11a0d7476dbee6181af33
b02189ae6534da0386882cb2fbe149e8c39fec0bc0af848ad9ac07816ba4aad4
e2a0fd6f8ab0c30f98e58d503a31ac2d6790c9bb51238998abc2e817ed548108
fd7dd3d5682c72e744e1ab126e883adb73d0b30df4cb56e453f6ec513b107635

6q6w2u3.top Open in urlscan Pro 20.239.237.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

50 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

1 Countries

39 kBTransfer

100 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

6q6w2u3.top Open in urlscan Pro
20.239.237.10 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

39 kB
Transfer

100 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions