hxfx.chnwg.com Open in urlscan Pro
154.82.100.26 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hxfx.chnwg.com/
Submission: On January 16 via api (January 16th 2024, 4:54:11 pm UTC) from US — Scanned from US

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 13 HTTP transactions. The main IP is 154.82.100.26, located in Singapore and belongs to TERAEXCH, US. The main domain is hxfx.chnwg.com.
TLS certificate: Issued by R3 on January 14th 2024. Valid for: 3 months.

This is the only time hxfx.chnwg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete hx_23454269_sign.apk 43 MB

Size: 43 MB (44884393 bytes, 0% done)

Downloaded from: https://ff1020f.safprotek.com/hx_23454269_sign.apk

Domain & IP information

	IP Address	AS Autonomous System
10	154.82.100.26 154.82.100.26	399077 (TERAEXCH) (TERAEXCH)
1 3	154.82.120.223 154.82.120.223	399077 (TERAEXCH) (TERAEXCH)
1 1	123.6.18.124 123.6.18.124	() ()
1	123.6.18.106 123.6.18.106	() ()
13	4

10 154.82.100.26 (Singapore)

ASN399077 (TERAEXCH, US)

hxfx.chnwg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 154.82.120.223 (Singapore) 1 redirects

ASN399077 (TERAEXCH, US)

sdksdk.renrenjihua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 123.6.18.124 (None, ) 1 redirects

ASN- ()

ff1020q.safprotek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 123.6.18.106 (None, )

ASN- ()

ff1020f.safprotek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	chnwg.com hxfx.chnwg.com	352 KB
3	renrenjihua.com 1 redirects sdksdk.renrenjihua.com	1 KB
2	safprotek.com 1 redirects ff1020q.safprotek.com ff1020f.safprotek.com	316 B
13	3

	Domain	Requested by
10	hxfx.chnwg.com	hxfx.chnwg.com
3	sdksdk.renrenjihua.com	1 redirects hxfx.chnwg.com
1	ff1020f.safprotek.com	hxfx.chnwg.com
1	ff1020q.safprotek.com	1 redirects
13	4

This site contains no links.

Subject Issuer	Validity	Valid
hxfx.chnwg.com R3	`2024-01-14` - `2024-04-13`	3 months	crt.sh
*.renrenjihua.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-31` - `2024-07-30`	a year	crt.sh
ff1020f.safprotek.com R3	`2024-01-12` - `2024-04-11`	3 months	crt.sh

This page contains 1 frames:

Frame: https://ff1020f.safprotek.com/hx_23454269_sign.apk
Frame ID: FA0752E91082C04EC8CAEAF54E940130
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

火星官方下载

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

353 kB
Transfer

438 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://sdksdk.renrenjihua.com/page/oa5v50/install/c/eyJtIjoiYnhtcWE3YjZlODRBQUFHTkV6SEZtc3ItbzYwNWtldmVoVHdGcjhtWk42THc4YVROdEtNdXJtQVJzTmY3M2pBZ1Vfd0wtMm82cFJ2NVp1cnpqanVfN180QVNOTFZZTHZBUDBiUHZLMzBZVWsifQ==?p=0 HTTP 302
https://ff1020q.safprotek.com/Dos/d/c/1aZYTjw4FuCsFTix HTTP 302
https://ff1020f.safprotek.com/hx_23454269_sign.apk

13 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hxfx.chnwg.com/ 12 KB
6 KB 2461ms
338ms Document
text/html 154.82.100.26
TERAEXCH

General

Check archive.org

Show headers Download Go to

Full URL

https://hxfx.chnwg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.82.100.26 , Singapore, ASN399077 (TERAEXCH, US),

Reverse DNS

Software

NgxFence /

Resource Hash

bf6a68ddfb7918d5d0ea84bc3baddd227bb5747bf8a9e3a8c10c82af4e9776fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 16 Jan 2024 16:54:00 GMT
etag: W/"6569c3e1-30e0"
last-modified: Fri, 01 Dec 2023 11:30:41 GMT
server: NgxFence
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-cache: DYNAMIC

GET
H2 200 app.b49c2a23.css
hxfx.chnwg.com/image/ 4 KB
2 KB 304ms
302ms Stylesheet
text/css 154.82.100.26
TERAEXCH

General

Check archive.org

Show headers Download Go to

Full URL

https://hxfx.chnwg.com/image/app.b49c2a23.css

Requested by

Host: hxfx.chnwg.com
URL: https://hxfx.chnwg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.82.100.26 , Singapore, ASN399077 (TERAEXCH, US),

Reverse DNS

Software

NgxFence /

Resource Hash

b56161d3505b692671bce4e7831a6b14b4bee1501bf708685580d756dbd22a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hxfx.chnwg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:54:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubdomains; preload
last-modified: Fri, 01 Dec 2023 11:30:42 GMT
server: NgxFence
etag: W/"6569c3e2-1028"
vary: Accept-Encoding
x-cache: MISS
content-type: text/css
cache-control: max-age=43200
expires: Wed, 17 Jan 2024 04:54:00 GMT

GET
H2 200 jquery.js Show response
hxfx.chnwg.com/image/ 82 KB
33 KB 340ms
339ms Script
application/javascript 154.82.100.26
TERAEXCH

General

Check archive.org

Show headers Download Go to

Full URL

https://hxfx.chnwg.com/image/jquery.js

Requested by

Host: hxfx.chnwg.com
URL: https://hxfx.chnwg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.82.100.26 , Singapore, ASN399077 (TERAEXCH, US),

Reverse DNS

Software

NgxFence /

Resource Hash

de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hxfx.chnwg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:54:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubdomains; preload
last-modified: Fri, 01 Dec 2023 11:30:45 GMT
server: NgxFence
etag: W/"6569c3e5-1497d"
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 17 Jan 2024 04:54:00 GMT

GET
H2 200 appinstall.js Show response
hxfx.chnwg.com/image/ 46 KB
20 KB 353ms
351ms Script
application/javascript 154.82.100.26
TERAEXCH

General

Check archive.org

Show headers Download Go to

Full URL

https://hxfx.chnwg.com/image/appinstall.js

Requested by

Host: hxfx.chnwg.com
URL: https://hxfx.chnwg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.82.100.26 , Singapore, ASN399077 (TERAEXCH, US),

Reverse DNS

Software

NgxFence /

Resource Hash

7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hxfx.chnwg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:54:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubdomains; preload
last-modified: Fri, 01 Dec 2023 11:30:43 GMT
server: NgxFence
etag: W/"6569c3e3-b9e1"
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 17 Jan 2024 04:54:00 GMT

GET
H2 200 tesss.png
hxfx.chnwg.com/image/ 44 KB
44 KB 339ms
338ms Image
image/png 154.82.100.26
TERAEXCH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hxfx.chnwg.com/image/tesss.png

Requested by

Host: hxfx.chnwg.com
URL: https://hxfx.chnwg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.82.100.26 , Singapore, ASN399077 (TERAEXCH, US),

Reverse DNS

Software

NgxFence /

Resource Hash

ef9bea91e36c3edb57332997ad21c2bcef1a2d7d85cf3685eae763233eaec9a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hxfx.chnwg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:54:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
last-modified: Fri, 01 Dec 2023 11:30:41 GMT
server: NgxFence
etag: "6569c3e1-b0c5"
x-cache: MISS
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 45253
expires: Thu, 15 Feb 2024 16:54:00 GMT

GET
H2 200 btn_down.15d86576.png
hxfx.chnwg.com/image/ 42 KB
43 KB 352ms
351ms Image
image/png 154.82.100.26
TERAEXCH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hxfx.chnwg.com/image/btn_down.15d86576.png

Requested by

Host: hxfx.chnwg.com
URL: https://hxfx.chnwg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.82.100.26 , Singapore, ASN399077 (TERAEXCH, US),

Reverse DNS

Software

NgxFence /

Resource Hash

a2b6260f94017aad3c83d40e1b063f739df7242b43758d10c51d2a2e1178f236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hxfx.chnwg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:54:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
last-modified: Fri, 01 Dec 2023 11:30:42 GMT
server: NgxFence
etag: "6569c3e2-a9c8"
x-cache: MISS
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 43464
expires: Thu, 15 Feb 2024 16:54:00 GMT

GET
H2 200 btn_and.50fcc6d6.png
hxfx.chnwg.com/image/ 15 KB
16 KB 360ms
359ms Image
image/png 154.82.100.26
TERAEXCH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hxfx.chnwg.com/image/btn_and.50fcc6d6.png

Requested by

Host: hxfx.chnwg.com
URL: https://hxfx.chnwg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.82.100.26 , Singapore, ASN399077 (TERAEXCH, US),

Reverse DNS

Software

NgxFence /

Resource Hash

bb1ca67c2c7786f609f01e22d9a19eb142513b497e0a00caf830832be1304a7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hxfx.chnwg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:54:01 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
last-modified: Fri, 01 Dec 2023 11:30:43 GMT
server: NgxFence
etag: "6569c3e3-3df5"
x-cache: MISS
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15861
expires: Thu, 15 Feb 2024 16:54:01 GMT

GET
H2 200 btn_ios.c896ef13.png
hxfx.chnwg.com/image/ 16 KB
16 KB 324ms
324ms Image
image/png 154.82.100.26
TERAEXCH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hxfx.chnwg.com/image/btn_ios.c896ef13.png

Requested by

Host: hxfx.chnwg.com
URL: https://hxfx.chnwg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.82.100.26 , Singapore, ASN399077 (TERAEXCH, US),

Reverse DNS

Software

NgxFence /

Resource Hash

ba878188ee171c837895b2bbd2fb94e1db0a8c17c56fd8da38a7f86e3dfa0a60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hxfx.chnwg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:54:01 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
last-modified: Fri, 01 Dec 2023 11:30:45 GMT
server: NgxFence
etag: "6569c3e5-4063"
x-cache: MISS
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16483
expires: Thu, 15 Feb 2024 16:54:01 GMT

GET
H2 200 tes.png
hxfx.chnwg.com/image/ 6 KB
6 KB 322ms
322ms Image
image/png 154.82.100.26
TERAEXCH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hxfx.chnwg.com/image/tes.png

Requested by

Host: hxfx.chnwg.com
URL: https://hxfx.chnwg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.82.100.26 , Singapore, ASN399077 (TERAEXCH, US),

Reverse DNS

Software

NgxFence /

Resource Hash

826bb90c6f459ea2c6140e58a82b281e0d6554e5063dc80652c062ddf7b9c724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hxfx.chnwg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:54:01 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
last-modified: Fri, 01 Dec 2023 11:30:44 GMT
server: NgxFence
etag: "6569c3e4-17e1"
x-cache: MISS
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6113
expires: Thu, 15 Feb 2024 16:54:01 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b45b87e9467507ef244ec38602603db7331724b3c0aa6ddf184c5f594a08334b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bg_buyu.jpg
hxfx.chnwg.com/image/ 166 KB
166 KB 348ms
347ms Image
image/jpeg 154.82.100.26
TERAEXCH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hxfx.chnwg.com/image/bg_buyu.jpg

Requested by

Host: hxfx.chnwg.com
URL: https://hxfx.chnwg.com/image/app.b49c2a23.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.82.100.26 , Singapore, ASN399077 (TERAEXCH, US),

Reverse DNS

Software

NgxFence /

Resource Hash

c9f4297754aa6ace85e28fec80204ed85bd3da049c2cb93d2d5d11ac51591fec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hxfx.chnwg.com/image/app.b49c2a23.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:54:01 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
last-modified: Fri, 01 Dec 2023 11:30:44 GMT
server: NgxFence
etag: "6569c3e4-296bd"
x-cache: MISS
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 169661
expires: Thu, 15 Feb 2024 16:54:01 GMT

POST
H2 200 init Show response
sdksdk.renrenjihua.com/web/oa5v50/_/ 642 B
832 B 3707ms
335ms XHR
application/json 154.82.120.223
TERAEXCH

General

Check archive.org

Show headers Download Go to

Full URL

https://sdksdk.renrenjihua.com/web/oa5v50/_/init?av=0&cv=0&hash=&server=https%3A%2F%2Fsdksdk.renrenjihua.com&sw=p6Cmpg&sh=p6Smpg&sp=1

Requested by

Host: hxfx.chnwg.com
URL: https://hxfx.chnwg.com/image/appinstall.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.82.120.223 , Singapore, ASN399077 (TERAEXCH, US),

Reverse DNS

Software

NgxFence /

Resource Hash

cc9ce3dbdd867692c0ef319011b2049278d436481cd36668d548deb7b8573d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://hxfx.chnwg.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 16 Jan 2024 16:54:05 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
server: NgxFence
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://hxfx.chnwg.com
access-control-allow-credentials: true

POST
H2 200 eyJtIjoiUTZjR2FWOGl4SXNBQUFHTkV6SEZtdE5PNHFpVjVzWlpMOFR0cDZpNHp3bG5XQ0UyZTBuYjE3aUxTWE5oUEFIcFVqYVgtM2NCdUdlRWVCbGRiaG1FOFRiZG5wNXcyM0hkeUhVS2wyOUdWcUUifQ==
sdksdk.renrenjihua.com/web/oa5v50/_/clicked/c/ 0
282 B 587ms
583ms Ping
text/plain 154.82.120.223
TERAEXCH

General

Check archive.org

Show headers Download Go to

Full URL

https://sdksdk.renrenjihua.com/web/oa5v50/_/clicked/c/eyJtIjoiUTZjR2FWOGl4SXNBQUFHTkV6SEZtdE5PNHFpVjVzWlpMOFR0cDZpNHp3bG5XQ0UyZTBuYjE3aUxTWE5oUEFIcFVqYVgtM2NCdUdlRWVCbGRiaG1FOFRiZG5wNXcyM0hkeUhVS2wyOUdWcUUifQ==?p=0&ref=https%3A%2F%2Fhxfx.chnwg.com%2F&ac=0&cc=0

Requested by

Host: hxfx.chnwg.com
URL: https://hxfx.chnwg.com/image/appinstall.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.82.120.223 , Singapore, ASN399077 (TERAEXCH, US),

Reverse DNS

Software

NgxFence /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hxfx.chnwg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:54:05 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
server: NgxFence
vary: Origin, Origin
access-control-allow-origin: https://hxfx.chnwg.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0

GET
H2

200

hx_23454269_sign.apk
ff1020f.safprotek.com/
Redirect Chain

https://sdksdk.renrenjihua.com/page/oa5v50/install/c/eyJtIjoiYnhtcWE3YjZlODRBQUFHTkV6SEZtc3ItbzYwNWtldmVoVHdGcjhtWk42THc4YVROdEtNdXJtQVJzTmY3M2pBZ1Vfd0wtMm82cFJ2NVp1cnpqanVfN180QVNOTFZZTHZBUDBiUHZL...
https://ff1020q.safprotek.com/Dos/d/c/1aZYTjw4FuCsFTix
https://ff1020f.safprotek.com/hx_23454269_sign.apk

0
0

2544ms
316ms

Document
application/octet-stream

123.6.18.106

General

Check archive.org

Show headers Download Go to

Full URL

https://ff1020f.safprotek.com/hx_23454269_sign.apk

Requested by

Host: hxfx.chnwg.com
URL: https://hxfx.chnwg.com/image/appinstall.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

123.6.18.106 -, , ASN (),

Reverse DNS

Software

NgxFence /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://hxfx.chnwg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
content-length: 44884393
content-type: application/octet-stream
date: Tue, 16 Jan 2024 16:54:11 GMT
etag: "65a6a1cb-2ace1a9"
last-modified: Tue, 16 Jan 2024 15:33:31 GMT
server: NgxFence
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: HIT

Redirect headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Tue, 16 Jan 2024 16:54:08 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://ff1020f.safprotek.com/hx_23454269_sign.apk
pragma: no-cache
server: NgxFence
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: DYNAMIC

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ff1020f.safprotek.com
ff1020q.safprotek.com
hxfx.chnwg.com
sdksdk.renrenjihua.com
123.6.18.106
123.6.18.124
154.82.100.26
154.82.120.223
7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd
826bb90c6f459ea2c6140e58a82b281e0d6554e5063dc80652c062ddf7b9c724
a2b6260f94017aad3c83d40e1b063f739df7242b43758d10c51d2a2e1178f236
b45b87e9467507ef244ec38602603db7331724b3c0aa6ddf184c5f594a08334b
b56161d3505b692671bce4e7831a6b14b4bee1501bf708685580d756dbd22a49
ba878188ee171c837895b2bbd2fb94e1db0a8c17c56fd8da38a7f86e3dfa0a60
bb1ca67c2c7786f609f01e22d9a19eb142513b497e0a00caf830832be1304a7a
bf6a68ddfb7918d5d0ea84bc3baddd227bb5747bf8a9e3a8c10c82af4e9776fb
c9f4297754aa6ace85e28fec80204ed85bd3da049c2cb93d2d5d11ac51591fec
cc9ce3dbdd867692c0ef319011b2049278d436481cd36668d548deb7b8573d84
de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f
ef9bea91e36c3edb57332997ad21c2bcef1a2d7d85cf3685eae763233eaec9a8

hxfx.chnwg.com Open in urlscan Pro 154.82.100.26 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

1 Countries

353 kBTransfer

438 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

hxfx.chnwg.com Open in urlscan Pro
154.82.100.26 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

353 kB
Transfer

438 kB
Size

0
Cookies

13 HTTP transactions
1 data transactions