mgbtx.jlwsjd.com.cn
Open in
urlscan Pro
112.28.188.238
Public Scan
Submitted URL: http://661486.cc/
Effective URL: https://mgbtx.jlwsjd.com.cn/xf_148684106_sign.apk
Submission: On August 20 via api from BE — Scanned from DE
Effective URL: https://mgbtx.jlwsjd.com.cn/xf_148684106_sign.apk
Submission: On August 20 via api from BE — Scanned from DE
Summary
This website contacted 9 IPs
in 4 countries
across 7 domains to perform 15 HTTP transactions.
The main IP is 112.28.188.238, located in
and
belongs to .
The main domain is mgbtx.jlwsjd.com.cn.
TLS certificate: Issued by E5 on August 2nd 2024. Valid for: 3 months.
This is the only time mgbtx.jlwsjd.com.cn was scanned on urlscan.io!
TLS certificate: Issued by E5 on August 2nd 2024. Valid for: 3 months.
This is the only time mgbtx.jlwsjd.com.cn was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 154.64.251.172 154.64.251.172 | 979 (NETLAB-SDN) (NETLAB-SDN) | |
| 2 | 154.19.194.130 154.19.194.130 | 140224 (SGPL-AS-A...) (SGPL-AS-AP STARCLOUD GLOBAL PTE.) | |
| 1 | 47.254.186.224 47.254.186.224 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
| 1 | 47.254.187.194 47.254.187.194 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
| 1 | 2a04:4e42:600... 2a04:4e42:600::649 | 54113 (FASTLY) (FASTLY) | |
| 3 | 47.254.187.65 47.254.187.65 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
| 1 3 | 170.33.13.110 170.33.13.110 | 134963 (ASEPL-AS-...) (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited) | |
| 1 1 | 120.209.209.18 120.209.209.18 | () () | |
| 2 | 112.28.188.238 112.28.188.238 | () () | |
| 2 | 206.238.215.7 206.238.215.7 | () () | |
| 15 | 9 |
2
154.19.194.130
(Hong Kong, Hong Kong)
ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG)
ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG)
| 154.19.194.130 |
1
47.254.186.224
(Frankfurt am Main, Germany)
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
| luodiyev16.oss-accelerate.aliyuncs.com |
1
47.254.187.194
(Frankfurt am Main, Germany)
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
| sjiawmndadasdoss.oss-accelerate.aliyuncs.com |
3
47.254.187.65
(Frankfurt am Main, Germany)
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
| cdn-360.oss-accelerate.aliyuncs.com |
3
170.33.13.110
(Singapore)
ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG)
ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG)
| i4i3iluscs621.wisdomcounty.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 5 |
aliyuncs.com
luodiyev16.oss-accelerate.aliyuncs.com sjiawmndadasdoss.oss-accelerate.aliyuncs.com cdn-360.oss-accelerate.aliyuncs.com |
555 KB |
| 3 |
wisdomcounty.com
1 redirects
i4i3iluscs621.wisdomcounty.com |
2 KB |
| 2 |
jshub.com
libs.jshub.com |
12 KB |
| 2 |
jlwsjd.com.cn
mgbtx.jlwsjd.com.cn |
3 KB |
| 1 |
fuduxuexiao.com
1 redirects
mpread.fuduxuexiao.com |
274 B |
| 1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211 |
31 KB |
| 1 |
661486.cc
1 redirects
661486.cc |
267 B |
| 15 | 7 |
| Domain | Requested by | |
|---|---|---|
| 3 | i4i3iluscs621.wisdomcounty.com |
1 redirects
sjiawmndadasdoss.oss-accelerate.aliyuncs.com
|
| 3 | cdn-360.oss-accelerate.aliyuncs.com |
154.19.194.130
|
| 2 | libs.jshub.com |
mgbtx.jlwsjd.com.cn
libs.jshub.com |
| 2 | mgbtx.jlwsjd.com.cn |
sjiawmndadasdoss.oss-accelerate.aliyuncs.com
|
| 1 | mpread.fuduxuexiao.com | 1 redirects |
| 1 | code.jquery.com |
154.19.194.130
|
| 1 | sjiawmndadasdoss.oss-accelerate.aliyuncs.com |
154.19.194.130
|
| 1 | luodiyev16.oss-accelerate.aliyuncs.com |
154.19.194.130
|
| 1 | 661486.cc | 1 redirects |
| 15 | 9 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.oss-eu-central-1.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G3 |
2024-01-26 - 2025-02-26 |
a year | crt.sh |
| *.jquery.com Sectigo ECC Domain Validation Secure Server CA |
2024-06-25 - 2025-06-25 |
a year | crt.sh |
| *.wisdomcounty.com Sectigo RSA Domain Validation Secure Server CA |
2024-06-16 - 2025-06-16 |
a year | crt.sh |
| mgbtx.jlwsjd.com.cn E5 |
2024-08-02 - 2024-10-31 |
3 months | crt.sh |
| *.jshub.com R10 |
2024-08-14 - 2024-11-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://mgbtx.jlwsjd.com.cn/xf_148684106_sign.apk
Frame ID: 9206D862109ACA1A7DFE0DBBC267914E
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
DocumentPage URL History Show full URLs
-
http://661486.cc/
HTTP 307
https://661486.cc/ HTTP 302
http://154.19.194.130:18110/v9/?a=520042&t=1724134934.921 HTTP 307
https://154.19.194.130:18110/v9/?a=520042&t=1724134934.921 HTTP 307
http://154.19.194.130:18110/v9/?a=520042&t=1724134934.921 Page URL
-
https://i4i3iluscs621.wisdomcounty.com:6443/page/e7ytmkvc/install/c/eyJjIjoiNTIwMDQyIiwiZCI6eyJhIjoiNTIwMDQyIiwidCI6IjE3...
HTTP 302
https://mpread.fuduxuexiao.com/Dos/d/c/NPuLkDHz8dsI2W1M HTTP 302
https://mgbtx.jlwsjd.com.cn/xf_148684106_sign.apk Page URL
Detected technologies
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://661486.cc/
HTTP 307
https://661486.cc/ HTTP 302
http://154.19.194.130:18110/v9/?a=520042&t=1724134934.921 HTTP 307
https://154.19.194.130:18110/v9/?a=520042&t=1724134934.921 HTTP 307
http://154.19.194.130:18110/v9/?a=520042&t=1724134934.921 Page URL
-
https://i4i3iluscs621.wisdomcounty.com:6443/page/e7ytmkvc/install/c/eyJjIjoiNTIwMDQyIiwiZCI6eyJhIjoiNTIwMDQyIiwidCI6IjE3MjQxMzQ5MzQuOTIxIn0sIm0iOiJ4YXdlcFVuT25aMEFBQUdSYm5OaWhwN2RsMElWcERsclZnd1lSRlpIcmhFRUJ0VnRRRzlaY29Ia1VGdzNiVHBodEl6YUNvUVZUWVJWczg1b0dET3dCQ3J4TlRDMFRweU5Ubk92bEREM2g3ZmNRb2Z1TURzbkQ4XzZjSktYQ0EifQ==?p=0
HTTP 302
https://mpread.fuduxuexiao.com/Dos/d/c/NPuLkDHz8dsI2W1M HTTP 302
https://mgbtx.jlwsjd.com.cn/xf_148684106_sign.apk Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://661486.cc/ HTTP 307
- https://661486.cc/ HTTP 302
- http://154.19.194.130:18110/v9/?a=520042&t=1724134934.921 HTTP 307
- https://154.19.194.130:18110/v9/?a=520042&t=1724134934.921 HTTP 307
- http://154.19.194.130:18110/v9/?a=520042&t=1724134934.921
15 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
154.19.194.130/v9/ Redirect Chain
|
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-3.5.1.min.js
luodiyev16.oss-accelerate.aliyuncs.com/static/js/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
appinstall3.js
sjiawmndadasdoss.oss-accelerate.aliyuncs.com/ |
47 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
01.txt
cdn-360.oss-accelerate.aliyuncs.com/v8/ |
621 KB 466 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
top.txt
cdn-360.oss-accelerate.aliyuncs.com/v8/ |
49 KB 38 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
top-buttom-null.js
cdn-360.oss-accelerate.aliyuncs.com/v2/ |
2 KB 1 KB |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.ico
154.19.194.130/ |
548 B 700 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
37 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
466 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
init
i4i3iluscs621.wisdomcounty.com/web/e7ytmkvc/520042/ |
873 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
eyJjIjoiNTIwMDQyIiwiZCI6eyJhIjoiNTIwMDQyIiwidCI6IjE3MjQxMzQ5MzQuOTIxIn0sIm0iOiJqLUJOb2FXNHhNd0FBQUdSYm5OaWhzTkttOTl4VURnaVhSQnUyaDVMemNnVE9WUE1XWk5mV3pwc2VzYVM1UkxaN19YeEFEd2JvVGIyUVFFcjlpOEFwRG1RM...
i4i3iluscs621.wisdomcounty.com/web/e7ytmkvc/520042/clicked/c/ |
0 385 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
xf_148684106_sign.apk
mgbtx.jlwsjd.com.cn/ Redirect Chain
|
4 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fontawesome.min.css
libs.jshub.com/font-awesome/5.10.0-12/css/ |
54 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
solid.min.css
libs.jshub.com/font-awesome/5.10.0-12/css/ |
671 B 522 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
fa-solid-900.woff2
libs.jshub.com/font-awesome/5.10.0-12/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
mgbtx.jlwsjd.com.cn/ |
4 KB 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- libs.jshub.com
- URL
- https://libs.jshub.com/font-awesome/5.10.0-12/webfonts/fa-solid-900.woff2
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery string| appserver object| data string| code function| AppInstall0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
661486.cc
cdn-360.oss-accelerate.aliyuncs.com
code.jquery.com
i4i3iluscs621.wisdomcounty.com
libs.jshub.com
luodiyev16.oss-accelerate.aliyuncs.com
mgbtx.jlwsjd.com.cn
mpread.fuduxuexiao.com
sjiawmndadasdoss.oss-accelerate.aliyuncs.com
libs.jshub.com
112.28.188.238
120.209.209.18
154.19.194.130
154.64.251.172
170.33.13.110
206.238.215.7
2a04:4e42:600::649
47.254.186.224
47.254.187.194
47.254.187.65
0fa0d6b97126c8c583d7c8a97cd03b7e9255f432fd7d9831b48bd338c79cea5e
30b1069dd2957763248b73c6f2bb82794e1b22a625cd4084537a41c70373042f
393fd49594addaa75ff8278e617e316033308ddc0f40aa8a280fc87710433b91
64808e8e17607eb2f464469884eb1b6ff5309772b5107b0f260f1cafc36dada9
741afb2abc724265dc096d7dbee5078610e5c768b0abd18fe42897bbccecc915
891e7c4146a26631611c1e7c420c4d86c06459eef8677da57f72fb2f8c783eef
a92f94a4d13d721be38298917aafc037fc942608aac632e4efe2791d0c8bd46b
ab1850cf99dcd77f164fc2e87f825d1bfa3a6d43a0917025363308e134330c9f
b634ff2103443c877783af8d0fe892bfb6ee57a9b3742aef170694f04e2e473b
c37d29c5f82e72743663276b4ddcca6a5ff51788a16e915c3d96e73d2bbdf0f6
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e26e5e4816f7404265465d83aff1b38bfca159fd8857c602d099ce695d0d57b8
e678b9f1900991f0b88773906d3f77ad886040f1afee03480389c283c145464e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e