urlscan.io logo urlscan.io
SecurityTrails logo

kdfg98whr.f3en4wgy.live Open in urlscan Pro
13.249.91.115  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kdfg98whr.f3en4wgy.live/
Effective URL: https://kdfg98whr.f3en4wgy.live/client/
Submission: On October 10 via api from CN — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 28 HTTP transactions. The main IP is 13.249.91.115, located in United States and belongs to AMAZON-02, US. The main domain is kdfg98whr.f3en4wgy.live.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 28th 2025. Valid for: a year.
This is the only time kdfg98whr.f3en4wgy.live was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

IP Address AS Autonomous System
1 19 13.249.91.115 16509 (AMAZON-02)
3 156.225.111.18 139057 (ELD-AS-AP...)
5 43.174.224.10 139341 (ACE-AS-AP...)
1 124.220.203.60 45090 (TENCENT-N...)
28 5
Apex Domain
Subdomains		 Transfer
19 f3en4wgy.live
kdfg98whr.f3en4wgy.live
2 MB
8 meiqia.com
static.meiqia.com — Cisco Umbrella Rank: 409982
edge-api.meiqia.com — Cisco Umbrella Rank: 373234
new-api.meiqia.com — Cisco Umbrella Rank: 252945
camorope-client-a.meiqia.com Failed
446 KB
1 dcloud.net.cn
cdn.dcloud.net.cn — Cisco Umbrella Rank: 67673
420 B
28 3
Domain Requested by
19 kdfg98whr.f3en4wgy.live 1 redirects kdfg98whr.f3en4wgy.live
3 new-api.meiqia.com static.meiqia.com
3 static.meiqia.com kdfg98whr.f3en4wgy.live
static.meiqia.com
2 edge-api.meiqia.com static.meiqia.com
1 cdn.dcloud.net.cn kdfg98whr.f3en4wgy.live
0 camorope-client-a.meiqia.com Failed static.meiqia.com
28 6

This site contains no links.

Subject Issuer Validity Valid
*.f3en4wgy.live
Amazon RSA 2048 M02		 2025-07-28 -
2026-08-26		 a year crt.sh
*.meiqia.com
RapidSSL TLS RSA CA G1		 2025-06-24 -
2026-07-24		 a year crt.sh
*.dcloud.net.cn
Certum Domain Validation CA SHA2		 2025-08-26 -
2026-09-25		 a year crt.sh

This page contains 2 frames:

Primary Page: https://kdfg98whr.f3en4wgy.live/client/
Frame ID: 4BBFEE2506EEA92B5C851F69D902E70F
Requests: 29 HTTP requests in this frame

Frame: https://static.meiqia.com/fe-widget/v1.4.200.prod.20251009_159/app-v1.4.200.prod.20251009_159.js
Frame ID: E76B60A09D7B5E413C308CABA7B84426
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://kdfg98whr.f3en4wgy.live/ HTTP 307
    https://kdfg98whr.f3en4wgy.live/ HTTP 301
    http://kdfg98whr.f3en4wgy.live/client/ HTTP 307
    https://kdfg98whr.f3en4wgy.live/client/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

28
Requests

96 %
HTTPS

0 %
IPv6

3
Domains

6
Subdomains

5
IPs

3
Countries

2165 kB
Transfer

3774 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kdfg98whr.f3en4wgy.live/ HTTP 307
    https://kdfg98whr.f3en4wgy.live/ HTTP 301
    http://kdfg98whr.f3en4wgy.live/client/ HTTP 307
    https://kdfg98whr.f3en4wgy.live/client/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kdfg98whr.f3en4wgy.live/client/
Redirect Chain
  • http://kdfg98whr.f3en4wgy.live/
  • https://kdfg98whr.f3en4wgy.live/
  • http://kdfg98whr.f3en4wgy.live/client/
  • https://kdfg98whr.f3en4wgy.live/client/
802 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kdfg98whr.f3en4wgy.live/client/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-115.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
7e45a34518a28ed67670a91113e4cd0c2b91db1ebb6dbd0b9b2181b90ce42ec0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
802
content-type
text/html
date
Fri, 10 Oct 2025 02:19:36 GMT
etag
"65182a44-322"
last-modified
Sat, 30 Sep 2023 14:01:40 GMT
server
nginx
via
1.1 6534d206fc9f372ba1942ac32aef18ce.cloudfront.net (CloudFront)
x-amz-cf-id
B6IJ3fnU09oSDq5FjWmAkI55ViCLNFyhTa0uSYbcSJN2ee4IYjS4mQ==
x-amz-cf-pop
JFK52-P9
x-cache
Miss from cloudfront

Redirect headers

Location
https://kdfg98whr.f3en4wgy.live/client/
Non-Authoritative-Reason
HttpsUpgrades
index.97465e7b.css
kdfg98whr.f3en4wgy.live/client/static/ 		94 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kdfg98whr.f3en4wgy.live/client/static/index.97465e7b.css
Requested by
Host: kdfg98whr.f3en4wgy.live
URL: https://kdfg98whr.f3en4wgy.live/client/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-115.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
f6789ee8a50f44f18ba717956bd34c4cd17b1d658443e92408976907b83a0242

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://kdfg98whr.f3en4wgy.live/client/

Response headers

cache-control
max-age=43200
content-encoding
gzip
etag
W/"65182a44-17894"
via
1.1 6534d206fc9f372ba1942ac32aef18ce.cloudfront.net (CloudFront)
expires
Fri, 10 Oct 2025 14:19:37 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
IQQyKR2oSG1oofrWEDMzAsxMXnJbDYDIof_0EzpsFnjnV2hCjPMnQQ==
date
Fri, 10 Oct 2025 02:19:37 GMT
content-type
text/css
last-modified
Sat, 30 Sep 2023 14:01:40 GMT
server
nginx
x-amz-cf-pop
JFK52-P9
vary
Accept-Encoding
chunk-vendors.2bb2bd16.js
kdfg98whr.f3en4wgy.live/client/static/js/ 		780 KB
327 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kdfg98whr.f3en4wgy.live/client/static/js/chunk-vendors.2bb2bd16.js
Requested by
Host: kdfg98whr.f3en4wgy.live
URL: https://kdfg98whr.f3en4wgy.live/client/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-115.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
d1ab345eec508cb538216a33dcc1c9967fecd77abf635c0bc86c61053d35f96a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://kdfg98whr.f3en4wgy.live/client/

Response headers

cache-control
max-age=43200
content-encoding
gzip
etag
W/"65182a44-c2e94"
via
1.1 6534d206fc9f372ba1942ac32aef18ce.cloudfront.net (CloudFront)
expires
Fri, 10 Oct 2025 14:19:37 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
RYLI5z0zuSUmR3xsayeW5571Z1NcVvbFER6GdKRcFR55Y1nn-zfG1Q==
date
Fri, 10 Oct 2025 02:19:37 GMT
content-type
application/javascript
last-modified
Sat, 30 Sep 2023 14:01:40 GMT
server
nginx
x-amz-cf-pop
JFK52-P9
vary
Accept-Encoding
index.a4a4e6ea.js
kdfg98whr.f3en4wgy.live/client/static/js/ 		169 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kdfg98whr.f3en4wgy.live/client/static/js/index.a4a4e6ea.js
Requested by
Host: kdfg98whr.f3en4wgy.live
URL: https://kdfg98whr.f3en4wgy.live/client/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-115.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
f0b03f309261b03bf224fef42e854d173a05801493df2a573ad3ba95ff32b8e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://kdfg98whr.f3en4wgy.live/client/

Response headers

cache-control
max-age=43200
content-encoding
gzip
etag
W/"689ec2ec-2a58d"
via
1.1 6534d206fc9f372ba1942ac32aef18ce.cloudfront.net (CloudFront)
expires
Fri, 10 Oct 2025 14:19:37 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
3hIAUhG6IfqqWv5eL8oEOnBMIngVlWunmdl9gCBjEHS6ESz9TAuhAg==
date
Fri, 10 Oct 2025 02:19:37 GMT
content-type
application/javascript
last-modified
Fri, 15 Aug 2025 05:17:32 GMT
server
nginx
x-amz-cf-pop
JFK52-P9
vary
Accept-Encoding
pages-index-index2.04ed4e92.js
kdfg98whr.f3en4wgy.live/client/static/js/ 		19 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kdfg98whr.f3en4wgy.live/client/static/js/pages-index-index2.04ed4e92.js
Requested by
Host: kdfg98whr.f3en4wgy.live
URL: https://kdfg98whr.f3en4wgy.live/client/static/js/index.a4a4e6ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-115.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
8f0c541d27d6eb599dcfb09c7a0e72e3b14b45b2dda57e46c4eb768549ac3175

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://kdfg98whr.f3en4wgy.live/client/

Response headers

cache-control
max-age=43200
content-encoding
gzip
etag
W/"65182a44-4c65"
via
1.1 6534d206fc9f372ba1942ac32aef18ce.cloudfront.net (CloudFront)
expires
Fri, 10 Oct 2025 14:19:38 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
6zK8kJ9DTrvsCf1JmFuKsoaOVE8GaznOAPuEu9UGMnwCi0aayIXDjw==
date
Fri, 10 Oct 2025 02:19:38 GMT
content-type
application/javascript
last-modified
Sat, 30 Sep 2023 14:01:40 GMT
server
nginx
x-amz-cf-pop
JFK52-P9
vary
Accept-Encoding
hangqingicon.png
kdfg98whr.f3en4wgy.live/client/static/icon/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kdfg98whr.f3en4wgy.live/client/static/icon/hangqingicon.png
Requested by
Host: kdfg98whr.f3en4wgy.live
URL: https://kdfg98whr.f3en4wgy.live/client/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-115.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
c1befdf82ddd58a00b25eb866a81234a529f55b227f1d479ca84facca8aa2c45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://kdfg98whr.f3en4wgy.live/client/

Response headers

cache-control
max-age=2592000
etag
"65182a44-ae3"
via
1.1 6534d206fc9f372ba1942ac32aef18ce.cloudfront.net (CloudFront)
expires
Sun, 09 Nov 2025 02:19:39 GMT
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
2787
x-amz-cf-id
Tj_DlYUfdHky0hwuqZ6rbhRhnVCbSnIdrTpFB8kn8UYwvoxddWegmA==
date
Fri, 10 Oct 2025 02:19:39 GMT
content-type
image/png
last-modified
Sat, 30 Sep 2023 14:01:40 GMT
server
nginx
x-amz-cf-pop
JFK52-P9
jiaoyi.png
kdfg98whr.f3en4wgy.live/client/static/icon/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kdfg98whr.f3en4wgy.live/client/static/icon/jiaoyi.png
Requested by
Host: kdfg98whr.f3en4wgy.live
URL: https://kdfg98whr.f3en4wgy.live/client/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-115.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
870e2ceda552bbcf2a38b2f06dfe7e8ab67e34a29f823e63920a44f92ea2c880

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://kdfg98whr.f3en4wgy.live/client/

Response headers

cache-control
max-age=2592000
etag
"65182a44-92f"
via
1.1 6534d206fc9f372ba1942ac32aef18ce.cloudfront.net (CloudFront)
expires
Sun, 09 Nov 2025 02:19:39 GMT
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
2351
x-amz-cf-id
6owZ4nE8LJ_wf-FR2QYCCiD32AYIAtj1HQatBNO2ZEIzKHEbXXLKKw==
date
Fri, 10 Oct 2025 02:19:39 GMT
content-type
image/png
last-modified
Sat, 30 Sep 2023 14:01:40 GMT
server
nginx
x-amz-cf-pop
JFK52-P9
deal.png
kdfg98whr.f3en4wgy.live/client/static/icon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kdfg98whr.f3en4wgy.live/client/static/icon/deal.png
Requested by
Host: kdfg98whr.f3en4wgy.live
URL: https://kdfg98whr.f3en4wgy.live/client/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-115.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
ec7142c42f89ddcc2cc4acb36fa553228573fd81b9efd8b32bfb0ae8c64eceaf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://kdfg98whr.f3en4wgy.live/client/

Response headers

cache-control
max-age=2592000
etag
"65182a44-70f"
via
1.1 6534d206fc9f372ba1942ac32aef18ce.cloudfront.net (CloudFront)
expires
Sun, 09 Nov 2025 02:19:38 GMT
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
1807
x-amz-cf-id
IA7-Jp3NyuUht4qVe4BYhl4Ti8fBIPDTlwKfHmL6U3HJ2St-SoapOg==
date
Fri, 10 Oct 2025 02:19:38 GMT
content-type
image/png
last-modified
Sat, 30 Sep 2023 14:01:40 GMT
server
nginx
x-amz-cf-pop
JFK52-P9
my.png
kdfg98whr.f3en4wgy.live/client/static/icon/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kdfg98whr.f3en4wgy.live/client/static/icon/my.png
Requested by
Host: kdfg98whr.f3en4wgy.live
URL: https://kdfg98whr.f3en4wgy.live/client/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-115.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
5db1c6bc3f3036dc8e0d12c94354888bc8e030bc609d1c04936013f884ad63f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://kdfg98whr.f3en4wgy.live/client/

Response headers

cache-control
max-age=2592000
etag
"65182a44-c1b"
via
1.1 6534d206fc9f372ba1942ac32aef18ce.cloudfront.net (CloudFront)
expires
Sun, 09 Nov 2025 02:19:38 GMT
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
3099
x-amz-cf-id
OlBdY5tHsXxjK02fBNvXR4-O3CET1q13xdbySvzTE8DKtGnto41NwQ==
date
Fri, 10 Oct 2025 02:19:38 GMT
content-type
image/png
last-modified
Sat, 30 Sep 2023 14:01:40 GMT
server
nginx
x-amz-cf-pop
JFK52-P9
getconfig
kdfg98whr.f3en4wgy.live/index/api/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kdfg98whr.f3en4wgy.live/index/api/getconfig
Requested by
Host: kdfg98whr.f3en4wgy.live
URL: https://kdfg98whr.f3en4wgy.live/client/static/js/chunk-vendors.2bb2bd16.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-115.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
087adfc4682a25a8632b8f29ab15355f4a9e06f55da341a2b4cca8998aab453f

Request headers

Referer
https://kdfg98whr.f3en4wgy.live/client/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/x-www-form-urlencoded

Response headers

cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
access-control-allow-methods
GET, POST, PUT,DELETE,OPTIONS,PATCH
via
1.1 6534d206fc9f372ba1942ac32aef18ce.cloudfront.net (CloudFront)
expires
Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
pr6fUW1JatT3KoexaFyFhjFO2Jh9FYWKT5FoxWyEB9xDVjU6KFmiLA==
date
Fri, 10 Oct 2025 02:19:38 GMT
content-type
application/json; charset=utf-8
x-amz-cf-pop
JFK52-P9
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization,token,uid
getWapConfig
kdfg98whr.f3en4wgy.live/index/login/ 		121 KB
122 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kdfg98whr.f3en4wgy.live/index/login/getWapConfig
Requested by
Host: kdfg98whr.f3en4wgy.live
URL: https://kdfg98whr.f3en4wgy.live/client/static/js/chunk-vendors.2bb2bd16.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-115.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
58ed9ec645d2cfff37ec1e70ceccdd70652171e029899181e1967fe98444429b

Request headers

Referer
https://kdfg98whr.f3en4wgy.live/client/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/x-www-form-urlencoded

Response headers

cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
access-control-allow-methods
GET, POST, PUT,DELETE,OPTIONS,PATCH
via
1.1 6534d206fc9f372ba1942ac32aef18ce.cloudfront.net (CloudFront)
expires
Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
kDLuxgrBobMp_-FFn-Em5R5boKu7DtuNY9TeBblC2n50KiP5nyRlYw==
date
Fri, 10 Oct 2025 02:19:39 GMT
content-type
application/json; charset=utf-8
x-amz-cf-pop
JFK52-P9
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization,token,uid
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f668186c670ee6d483568f020bac0f37ebb535a1ca2e1731631b72d5bdf338c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6c45149b475bc9c126f5c9ec4070f6adbf84f2fdc44ed7a13664aced7e94e09

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c2561d0f3fc840ec06d3c1188fedb7773069b5ea059ac94678ec5c2801226b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55a1031400edc79e419ddda2d997e265a12aaaa44f8544bfb6e39003c7832fac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
favicon.ico
kdfg98whr.f3en4wgy.live/ 		7 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://kdfg98whr.f3en4wgy.live/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-115.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
eda47c581ef7b463a77aa50df1a93c595a02a0e292a9183a05725d2bc42494e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://kdfg98whr.f3en4wgy.live/client/

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-methods
GET, POST, PUT,DELETE,OPTIONS,PATCH
via
1.1 6534d206fc9f372ba1942ac32aef18ce.cloudfront.net (CloudFront)
expires
Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin
*
x-cache
Error from cloudfront
x-amz-cf-id
Z97BfQ6QmKcdnka3v1iSCMbvNBrFNO1F9JtVWjfIZAjzkUivQlvImA==
date
Fri, 10 Oct 2025 02:19:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
x-amz-cf-pop
JFK52-P9
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization,token,uid
loader.js
static.meiqia.com/widget/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/widget/loader.js
Requested by
Host: kdfg98whr.f3en4wgy.live
URL: https://kdfg98whr.f3en4wgy.live/client/static/js/index.a4a4e6ea.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
156.225.111.18 Ashburn, United States, ASN139057 (ELD-AS-AP Edgenext Legend Dynasty Pte. Ltd., SG),
Reverse DNS
Software
AliyunOSS /
Resource Hash
07b10d9c31fb3e5df8c7dbb2522da941d49be31f596add069f068a3d83823231
Security Headers
Name Value
Strict-Transport-Security max-age=5184000;includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://kdfg98whr.f3en4wgy.live/

Response headers

Content-MD5
ABhPCpPR94Z833gvPfGrUw==
X-Ser
i28857_c3473, i2475911_c28821, i1984077_c24029, i1932617_c23621
x-oss-storage-class
Standard
Content-Encoding
gzip
x-oss-object-type
Normal
Access-Control-Allow-Methods
GET
Date
Fri, 10 Oct 2025 02:19:40 GMT
x-oss-server-time
2
Content-Type
application/javascript
Vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Disposition
inline
Ali-Tproxy-Dns-Update
sync
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=5184000;includeSubdomains
Cache-Control
max-age=2592000
x-oss-hash-crc64ecma
14476346677076018366
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
x-oss-request-id
66B5D39E485C4FCD1E9501FF
Server
AliyunOSS
e0382448a03e4d02d46423ebf6ff8d4b.png
kdfg98whr.f3en4wgy.live/upload/20231001/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kdfg98whr.f3en4wgy.live/upload/20231001/e0382448a03e4d02d46423ebf6ff8d4b.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-115.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
76a9069819a330d722fc27ad238e5c7a4e754f7b9a70587a056777368026b332

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://kdfg98whr.f3en4wgy.live/client/

Response headers

cache-control
max-age=2592000
etag
"6518f783-247e"
via
1.1 6534d206fc9f372ba1942ac32aef18ce.cloudfront.net (CloudFront)
expires
Sun, 09 Nov 2025 02:19:40 GMT
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
9342
x-amz-cf-id
Rm-iYAAWgPnsvEhfKhEchoR2-WRGU3OTJ_puopTZHv5CbjhbC59zKw==
date
Fri, 10 Oct 2025 02:19:40 GMT
content-type
image/png
last-modified
Sun, 01 Oct 2023 04:37:23 GMT
server
nginx
x-amz-cf-pop
JFK52-P9
fe668b9005ffa7621ca2e85b37f386d5.png
kdfg98whr.f3en4wgy.live/upload/20231001/ 		329 KB
330 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kdfg98whr.f3en4wgy.live/upload/20231001/fe668b9005ffa7621ca2e85b37f386d5.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-115.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
f3ac0f0adcaec5699fb459583742019f6c482073982a803bd2bbde62c745f499

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://kdfg98whr.f3en4wgy.live/client/

Response headers

cache-control
max-age=2592000
etag
"6518f783-52595"
via
1.1 6534d206fc9f372ba1942ac32aef18ce.cloudfront.net (CloudFront)
expires
Sun, 09 Nov 2025 02:19:40 GMT
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
337301
x-amz-cf-id
t6U3xp03hwWVG4mkQ7MTt1SfACeWMG1PEfzSqx7t5CN05PK7vd7yEg==
date
Fri, 10 Oct 2025 02:19:40 GMT
content-type
image/png
last-modified
Sun, 01 Oct 2023 04:37:23 GMT
server
nginx
x-amz-cf-pop
JFK52-P9
082b7a3fa1437c07494919962c7991cb.png
kdfg98whr.f3en4wgy.live/upload/20231001/ 		300 KB
301 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kdfg98whr.f3en4wgy.live/upload/20231001/082b7a3fa1437c07494919962c7991cb.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-115.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
af8d10c3a864867e28e3a0fd52794675057cc155a79663289c7ea272598fe8ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://kdfg98whr.f3en4wgy.live/client/

Response headers

cache-control
max-age=2592000
etag
"6518f783-4b1ce"
via
1.1 6534d206fc9f372ba1942ac32aef18ce.cloudfront.net (CloudFront)
expires
Sun, 09 Nov 2025 02:19:40 GMT
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
307662
x-amz-cf-id
73fgUQhQYuEPcyMULbNTHZ0DpnJQkYC2lA41CO8LdUj1QN_kjGNXFQ==
date
Fri, 10 Oct 2025 02:19:40 GMT
content-type
image/png
last-modified
Sun, 01 Oct 2023 04:37:23 GMT
server
nginx
x-amz-cf-pop
JFK52-P9
617df9c40cc400fd67e86bc1dc1cce98.png
kdfg98whr.f3en4wgy.live/upload/20231001/ 		484 KB
485 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kdfg98whr.f3en4wgy.live/upload/20231001/617df9c40cc400fd67e86bc1dc1cce98.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-115.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
69e975491f6efd2be1b2fbd3484d8e1f61f12f7e7a78d878799d1d20df55e998

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://kdfg98whr.f3en4wgy.live/client/

Response headers

cache-control
max-age=2592000
etag
"6518f783-78eb8"
via
1.1 6534d206fc9f372ba1942ac32aef18ce.cloudfront.net (CloudFront)
expires
Sun, 09 Nov 2025 02:19:40 GMT
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
495288
x-amz-cf-id
btKzLU1n4sjzYhyx64jTeXKKK6tl0Kk6dlICxgwPbV36OZtrnx4AmA==
date
Fri, 10 Oct 2025 02:19:40 GMT
content-type
image/png
last-modified
Sun, 01 Oct 2023 04:37:23 GMT
server
nginx
x-amz-cf-pop
JFK52-P9
a73c555d98f8ef6864b8f3e1dc2e97c3.png
kdfg98whr.f3en4wgy.live/upload/20231001/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kdfg98whr.f3en4wgy.live/upload/20231001/a73c555d98f8ef6864b8f3e1dc2e97c3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-115.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
fd33afd1d620fcd0b9f02c1004e24b940f63e21ab19835418a25886587934edf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://kdfg98whr.f3en4wgy.live/client/

Response headers

cache-control
max-age=2592000
etag
"6518f783-3477"
via
1.1 6534d206fc9f372ba1942ac32aef18ce.cloudfront.net (CloudFront)
expires
Sun, 09 Nov 2025 02:19:39 GMT
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
13431
x-amz-cf-id
rwl06PTsCtqRPKlPH3EjirNTqgekxA5KIxxDnE6TaygqlsAebkojbg==
date
Fri, 10 Oct 2025 02:19:39 GMT
content-type
image/png
last-modified
Sun, 01 Oct 2023 04:37:23 GMT
server
nginx
x-amz-cf-pop
JFK52-P9
e0382448a03e4d02d46423ebf6ff8d4b.png
kdfg98whr.f3en4wgy.live/upload/20231001/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kdfg98whr.f3en4wgy.live/upload/20231001/e0382448a03e4d02d46423ebf6ff8d4b.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-115.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
76a9069819a330d722fc27ad238e5c7a4e754f7b9a70587a056777368026b332

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://kdfg98whr.f3en4wgy.live/client/

Response headers

cache-control
max-age=2592000
etag
"6518f783-247e"
via
1.1 6534d206fc9f372ba1942ac32aef18ce.cloudfront.net (CloudFront)
expires
Sun, 09 Nov 2025 02:19:40 GMT
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
9342
x-amz-cf-id
Rm-iYAAWgPnsvEhfKhEchoR2-WRGU3OTJ_puopTZHv5CbjhbC59zKw==
date
Fri, 10 Oct 2025 02:19:40 GMT
content-type
image/png
last-modified
Sun, 01 Oct 2023 04:37:23 GMT
server
nginx
x-amz-cf-pop
JFK52-P9
match
edge-api.meiqia.com/summer/widget/route/ 		993 B
1010 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge-api.meiqia.com/summer/widget/route/match
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/widget/loader.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
43.174.224.10 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
istio-envoy /
Resource Hash
31a60dfd6c35da1d8072a178abcbf2cc24d23ab378e380c07f8a6c135d48a165

Request headers

x-ent-id
0f187f9c0fd8ac38c0030aeb96aea672
Referer
https://kdfg98whr.f3en4wgy.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
content-type
application/json

Response headers

access-control-expose-headers
*
content-encoding
gzip
EO-LOG-UUID
14419520193991625377
req-cost-time
2
Date
Fri, 10 Oct 2025 02:19:41 GMT
content-type
application/json;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
req-arrive-time
1760062781681
Transfer-Encoding
chunked
EO-Cache-Status
MISS
x-envoy-upstream-service-time
1
resp-start-time
1760062781683
Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-origin
https://kdfg98whr.f3en4wgy.live
server
istio-envoy
match
edge-api.meiqia.com/summer/widget/route/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://edge-api.meiqia.com/summer/widget/route/match
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
43.174.224.10 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ent-id
Access-Control-Request-Method
POST
Origin
https://kdfg98whr.f3en4wgy.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Fri, 10 Oct 2025 02:19:41 GMT
EO-Cache-Status
MISS
EO-LOG-UUID
2438095477324967809
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-ent-id
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
access-control-allow-origin
https://kdfg98whr.f3en4wgy.live
access-control-expose-headers
*
access-control-max-age
86400
server
istio-envoy
shadow-grey.png
cdn.dcloud.net.cn/img/ 		136 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.dcloud.net.cn/img/shadow-grey.png
Requested by
Host: kdfg98whr.f3en4wgy.live
URL: https://kdfg98whr.f3en4wgy.live/client/static/index.97465e7b.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
124.220.203.60 Shanghai, China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://kdfg98whr.f3en4wgy.live/

Response headers

cache-control
max-age=46800
etag
"5cf8b5bf-88"
expires
Fri, 10 Oct 2025 15:19:42 GMT
accept-ranges
bytes
content-length
136
date
Fri, 10 Oct 2025 02:19:42 GMT
content-type
image/png
last-modified
Thu, 06 Jun 2019 06:42:07 GMT
server
nginx
entrypoint-v1.4.200.prod.20251009_159.js
static.meiqia.com/fe-widget/v1.4.200.prod.20251009_159/ 		190 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/fe-widget/v1.4.200.prod.20251009_159/entrypoint-v1.4.200.prod.20251009_159.js
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/widget/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
156.225.111.18 Ashburn, United States, ASN139057 (ELD-AS-AP Edgenext Legend Dynasty Pte. Ltd., SG),
Reverse DNS
Software
AliyunOSS /
Resource Hash
d74f85d4db09facead5fff0a06492d3629a673be928ff0b736ae6e42952e33e1
Security Headers
Name Value
Strict-Transport-Security max-age=5184000;includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://kdfg98whr.f3en4wgy.live/

Response headers

Content-MD5
wUxoCk0t06wfDz7DUzwXsQ==
X-Ser
i28855_c3473, i2475919_c28821, i89826_c26665, i1932523_c23621
x-oss-storage-class
Standard
Content-Encoding
gzip
x-oss-object-type
Normal
Access-Control-Allow-Methods
GET
Date
Fri, 10 Oct 2025 02:19:42 GMT
x-oss-server-time
4
Content-Type
text/javascript
Vary
Accept-Encoding
Content-Disposition
inline
Ali-Tproxy-Dns-Update
sync
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=5184000;includeSubdomains
Cache-Control
max-age=2592000
x-oss-hash-crc64ecma
3827641848173482293
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
x-oss-request-id
68E780841FC73E3436733928
Server
AliyunOSS
app-v1.4.200.prod.20251009_159.js
static.meiqia.com/fe-widget/v1.4.200.prod.20251009_159/ Frame E76B 		1 MB
367 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/fe-widget/v1.4.200.prod.20251009_159/app-v1.4.200.prod.20251009_159.js
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/fe-widget/v1.4.200.prod.20251009_159/entrypoint-v1.4.200.prod.20251009_159.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
156.225.111.18 Ashburn, United States, ASN139057 (ELD-AS-AP Edgenext Legend Dynasty Pte. Ltd., SG),
Reverse DNS
Software
AliyunOSS /
Resource Hash
1b3ba86c8f1b666cf8e7208d5e27df8bcd406eb93af77b6e82d5a86d96f9b2c1
Security Headers
Name Value
Strict-Transport-Security max-age=5184000;includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer

Response headers

Content-MD5
gRUfweuWpLBBZg9ACLyr1Q==
X-Ser
i90622_c24817, i2475941_c28821, i89830_c26665, i1932615_c23621
x-oss-storage-class
Standard
Content-Encoding
gzip
x-oss-object-type
Normal
Access-Control-Allow-Methods
GET
Date
Fri, 10 Oct 2025 02:19:42 GMT
x-oss-server-time
20
Content-Type
text/javascript
Vary
Accept-Encoding
Content-Disposition
inline
Ali-Tproxy-Dns-Update
sync
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=5184000;includeSubdomains
Cache-Control
max-age=2592000
x-oss-hash-crc64ecma
12825148028300257311
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
x-oss-request-id
68E7808597E87C3531B24957
Server
AliyunOSS
get_base_config
new-api.meiqia.com/hikari/visit/visit/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://new-api.meiqia.com/hikari/visit/visit/get_base_config?ent_id=0f187f9c0fd8ac38c0030aeb96aea672
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/fe-widget/v1.4.200.prod.20251009_159/entrypoint-v1.4.200.prod.20251009_159.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
43.174.224.10 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
istio-envoy /
Resource Hash
424b8fc44eaad471796a45b75fa3eb1530b035aa9e3c3a47a45301b37812913b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Accept
application/json
Referer
https://kdfg98whr.f3en4wgy.live/

Response headers

EO-Cache-Status
MISS
access-control-expose-headers
*
x-envoy-upstream-service-time
7
resp-start-time
1760062783491
EO-LOG-UUID
11809786194422066775
Connection
keep-alive
access-control-allow-credentials
true
req-cost-time
7
access-control-allow-origin
https://kdfg98whr.f3en4wgy.live
Content-Length
1034
Date
Fri, 10 Oct 2025 02:19:43 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
istio-envoy
req-arrive-time
1760062783483
start
new-api.meiqia.com/hikari/visit/visit/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://new-api.meiqia.com/hikari/visit/visit/start?ent_id=0f187f9c0fd8ac38c0030aeb96aea672&track_id=&title=&referrer_url=&url=https:%2F%2Fkdfg98whr.f3en4wgy.live%2Fclient%2F%23%2F&is_standalone=false
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/fe-widget/v1.4.200.prod.20251009_159/entrypoint-v1.4.200.prod.20251009_159.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
43.174.224.10 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
istio-envoy /
Resource Hash
a2844b78d6334dabcc192093fb0d4e7b949e4a75ca693642eea3c44d9fe354ce

Request headers

X-Is-Meiqia-Domain
undefined
X-Is-Standalone
false
Referer
https://kdfg98whr.f3en4wgy.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Accept
application/json

Response headers

Transfer-Encoding
chunked
EO-Cache-Status
MISS
access-control-expose-headers
*
x-envoy-upstream-service-time
45
resp-start-time
1760062784270
EO-LOG-UUID
233614108841710014
Connection
keep-alive
access-control-allow-credentials
true
req-cost-time
45
access-control-allow-origin
https://kdfg98whr.f3en4wgy.live
Date
Fri, 10 Oct 2025 02:19:44 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
istio-envoy
req-arrive-time
1760062784225
start
new-api.meiqia.com/hikari/visit/visit/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://new-api.meiqia.com/hikari/visit/visit/start?ent_id=0f187f9c0fd8ac38c0030aeb96aea672&track_id=&title=&referrer_url=&url=https:%2F%2Fkdfg98whr.f3en4wgy.live%2Fclient%2F%23%2F&is_standalone=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
43.174.224.10 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-is-meiqia-domain,x-is-standalone
Access-Control-Request-Method
GET
Origin
https://kdfg98whr.f3en4wgy.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Fri, 10 Oct 2025 02:19:43 GMT
EO-Cache-Status
MISS
EO-LOG-UUID
8267614769337170030
access-control-allow-credentials
true
access-control-allow-headers
x-is-meiqia-domain,x-is-standalone
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
access-control-allow-origin
https://kdfg98whr.f3en4wgy.live
access-control-expose-headers
*
access-control-max-age
86400
server
istio-envoy
info
camorope-client-a.meiqia.com/push/ Frame E76B 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
camorope-client-a.meiqia.com
URL
https://camorope-client-a.meiqia.com/push/info?browser_id=24c911e34af470f2ce4634a241931be2&ent_id=504694&track_id=33r6L8JUkNVR2poNK6vVxFo7mVV&visit_id=33r6L31k2BWWCdUvkDyCMxRtXQd&t=1760062784529

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

25 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| coverSupport object| webpackJsonp object| __uniConfig object| __uniRoutes function| UniApp object| UniViewJSBridge object| UniServiceJSBridge object| uni object| wx function| getApp function| getCurrentPages function| _MEIQIA object| SENTRY_RELEASE object| SENTRY_RELEASES object| core string| _agent_chat_type object| _widgetBundleName string| backendApi string| widgetBffApi string| publicUrl string| socketUrl object| regeneratorRuntime object| _CHAT_GLOBAL_API_CONFIG_ object| meiqia

4 Cookies

Domain/Path Name / Value
kdfg98whr.f3en4wgy.live/ Name: PHPSESSID
Value: ikq69hqbrq0puv04hmbg3bccll
.dcloud.net.cn/ Name: __uni__uid
Value: rBEQiWjobT5f/yE6A1n5Ag==
.f3en4wgy.live/ Name: MEIQIA_TRACK_ID
Value: 33r6L8JUkNVR2poNK6vVxFo7mVV
.f3en4wgy.live/ Name: MEIQIA_VISIT_ID
Value: 33r6L31k2BWWCdUvkDyCMxRtXQd

1 Console Messages

Source Level URL
Text
network error URL: https://kdfg98whr.f3en4wgy.live/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

camorope-client-a.meiqia.com
cdn.dcloud.net.cn
edge-api.meiqia.com
kdfg98whr.f3en4wgy.live
new-api.meiqia.com
static.meiqia.com
camorope-client-a.meiqia.com
124.220.203.60
13.249.91.115
156.225.111.18
43.174.224.10
07b10d9c31fb3e5df8c7dbb2522da941d49be31f596add069f068a3d83823231
087adfc4682a25a8632b8f29ab15355f4a9e06f55da341a2b4cca8998aab453f
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3
1b3ba86c8f1b666cf8e7208d5e27df8bcd406eb93af77b6e82d5a86d96f9b2c1
2c2561d0f3fc840ec06d3c1188fedb7773069b5ea059ac94678ec5c2801226b2
31a60dfd6c35da1d8072a178abcbf2cc24d23ab378e380c07f8a6c135d48a165
424b8fc44eaad471796a45b75fa3eb1530b035aa9e3c3a47a45301b37812913b
55a1031400edc79e419ddda2d997e265a12aaaa44f8544bfb6e39003c7832fac
58ed9ec645d2cfff37ec1e70ceccdd70652171e029899181e1967fe98444429b
5db1c6bc3f3036dc8e0d12c94354888bc8e030bc609d1c04936013f884ad63f8
69e975491f6efd2be1b2fbd3484d8e1f61f12f7e7a78d878799d1d20df55e998
76a9069819a330d722fc27ad238e5c7a4e754f7b9a70587a056777368026b332
7e45a34518a28ed67670a91113e4cd0c2b91db1ebb6dbd0b9b2181b90ce42ec0
870e2ceda552bbcf2a38b2f06dfe7e8ab67e34a29f823e63920a44f92ea2c880
8f0c541d27d6eb599dcfb09c7a0e72e3b14b45b2dda57e46c4eb768549ac3175
a2844b78d6334dabcc192093fb0d4e7b949e4a75ca693642eea3c44d9fe354ce
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
af8d10c3a864867e28e3a0fd52794675057cc155a79663289c7ea272598fe8ef
c1befdf82ddd58a00b25eb866a81234a529f55b227f1d479ca84facca8aa2c45
d1ab345eec508cb538216a33dcc1c9967fecd77abf635c0bc86c61053d35f96a
d74f85d4db09facead5fff0a06492d3629a673be928ff0b736ae6e42952e33e1
e6c45149b475bc9c126f5c9ec4070f6adbf84f2fdc44ed7a13664aced7e94e09
ec7142c42f89ddcc2cc4acb36fa553228573fd81b9efd8b32bfb0ae8c64eceaf
eda47c581ef7b463a77aa50df1a93c595a02a0e292a9183a05725d2bc42494e1
f0b03f309261b03bf224fef42e854d173a05801493df2a573ad3ba95ff32b8e4
f3ac0f0adcaec5699fb459583742019f6c482073982a803bd2bbde62c745f499
f668186c670ee6d483568f020bac0f37ebb535a1ca2e1731631b72d5bdf338c3
f6789ee8a50f44f18ba717956bd34c4cd17b1d658443e92408976907b83a0242
fd33afd1d620fcd0b9f02c1004e24b940f63e21ab19835418a25886587934edf