hxfx.chnwg.com
Open in
urlscan Pro
154.82.100.26
Public Scan
Submission: On January 16 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on January 14th 2024. Valid for: 3 months.
This is the only time hxfx.chnwg.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Downloads These files were downloaded by the website
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 154.82.100.26 154.82.100.26 | 399077 (TERAEXCH) (TERAEXCH) | |
1 3 | 154.82.120.223 154.82.120.223 | 399077 (TERAEXCH) (TERAEXCH) | |
1 1 | 123.6.18.124 123.6.18.124 | () () | |
1 | 123.6.18.106 123.6.18.106 | () () | |
13 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
chnwg.com
hxfx.chnwg.com |
352 KB |
3 |
renrenjihua.com
1 redirects
sdksdk.renrenjihua.com |
1 KB |
2 |
safprotek.com
1 redirects
ff1020q.safprotek.com ff1020f.safprotek.com |
316 B |
13 | 3 |
Domain | Requested by | |
---|---|---|
10 | hxfx.chnwg.com |
hxfx.chnwg.com
|
3 | sdksdk.renrenjihua.com |
1 redirects
hxfx.chnwg.com
|
1 | ff1020f.safprotek.com |
hxfx.chnwg.com
|
1 | ff1020q.safprotek.com | 1 redirects |
13 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
hxfx.chnwg.com R3 |
2024-01-14 - 2024-04-13 |
3 months | crt.sh |
*.renrenjihua.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-31 - 2024-07-30 |
a year | crt.sh |
ff1020f.safprotek.com R3 |
2024-01-12 - 2024-04-11 |
3 months | crt.sh |
This page contains 1 frames:
Frame:
https://ff1020f.safprotek.com/hx_23454269_sign.apk
Frame ID: FA0752E91082C04EC8CAEAF54E940130
Requests: 14 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- https://sdksdk.renrenjihua.com/page/oa5v50/install/c/eyJtIjoiYnhtcWE3YjZlODRBQUFHTkV6SEZtc3ItbzYwNWtldmVoVHdGcjhtWk42THc4YVROdEtNdXJtQVJzTmY3M2pBZ1Vfd0wtMm82cFJ2NVp1cnpqanVfN180QVNOTFZZTHZBUDBiUHZLMzBZVWsifQ==?p=0 HTTP 302
- https://ff1020q.safprotek.com/Dos/d/c/1aZYTjw4FuCsFTix HTTP 302
- https://ff1020f.safprotek.com/hx_23454269_sign.apk
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
hxfx.chnwg.com/ |
12 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.b49c2a23.css
hxfx.chnwg.com/image/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
hxfx.chnwg.com/image/ |
82 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appinstall.js
hxfx.chnwg.com/image/ |
46 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tesss.png
hxfx.chnwg.com/image/ |
44 KB 44 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
btn_down.15d86576.png
hxfx.chnwg.com/image/ |
42 KB 43 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
btn_and.50fcc6d6.png
hxfx.chnwg.com/image/ |
15 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
btn_ios.c896ef13.png
hxfx.chnwg.com/image/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tes.png
hxfx.chnwg.com/image/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg_buyu.jpg
hxfx.chnwg.com/image/ |
166 KB 166 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
init
sdksdk.renrenjihua.com/web/oa5v50/_/ |
642 B 832 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
eyJtIjoiUTZjR2FWOGl4SXNBQUFHTkV6SEZtdE5PNHFpVjVzWlpMOFR0cDZpNHp3bG5XQ0UyZTBuYjE3aUxTWE5oUEFIcFVqYVgtM2NCdUdlRWVCbGRiaG1FOFRiZG5wNXcyM0hkeUhVS2wyOUdWcUUifQ==
sdksdk.renrenjihua.com/web/oa5v50/_/clicked/c/ |
0 282 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hx_23454269_sign.apk
ff1020f.safprotek.com/ Redirect Chain
|
0 0 |
Document
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| AppInstall function| getUrlParam object| data boolean| useOpeninstall string| androidAPK string| iosIPA0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubdomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ff1020f.safprotek.com
ff1020q.safprotek.com
hxfx.chnwg.com
sdksdk.renrenjihua.com
123.6.18.106
123.6.18.124
154.82.100.26
154.82.120.223
7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd
826bb90c6f459ea2c6140e58a82b281e0d6554e5063dc80652c062ddf7b9c724
a2b6260f94017aad3c83d40e1b063f739df7242b43758d10c51d2a2e1178f236
b45b87e9467507ef244ec38602603db7331724b3c0aa6ddf184c5f594a08334b
b56161d3505b692671bce4e7831a6b14b4bee1501bf708685580d756dbd22a49
ba878188ee171c837895b2bbd2fb94e1db0a8c17c56fd8da38a7f86e3dfa0a60
bb1ca67c2c7786f609f01e22d9a19eb142513b497e0a00caf830832be1304a7a
bf6a68ddfb7918d5d0ea84bc3baddd227bb5747bf8a9e3a8c10c82af4e9776fb
c9f4297754aa6ace85e28fec80204ed85bd3da049c2cb93d2d5d11ac51591fec
cc9ce3dbdd867692c0ef319011b2049278d436481cd36668d548deb7b8573d84
de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f
ef9bea91e36c3edb57332997ad21c2bcef1a2d7d85cf3685eae763233eaec9a8