heytapmobi.com Open in urlscan Pro
106.38.236.140  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response heytapmobi.com/	4 KB 3 KB	333ms 163ms	Document text/html	106.38.236.140 CHINANET-IDC-BJ-A...
General Check archive.org Show headers Download Go to Full URL http://heytapmobi.com/ Protocol HTTP/1.1 Server 106.38.236.140 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN), Reverse DNS Software nginx / Resource Hash c0b71686b08b4cce14f88cf8d93a2590181110d8d2861dccdb260e229a362271 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx Date Thu, 28 Oct 2021 09:50:37 GMT Content-Type text/html Content-Length 2103 Connection keep-alive Last-Modified Tue, 29 Dec 2020 03:29:33 GMT Vary Accept-Encoding ETag W/"5feaa29d-1160" Expires Thu, 28 Oct 2021 10:05:37 GMT Cache-Control max-age=900 X-Server-ID bjht3880 Content-Encoding gzip X-Backend-Host 0500:80 X-Gateway-Host b5a43959051ced264cb91b478b12250a2c655a745fa8c2996180b22466ef24820ab6ddb744d3af693d4266ba81a63ffd
GET H/1.1	200 OK	wpa.php Show response wpa.b.qq.com/cgi/	11 KB 5 KB	1231ms 307ms	Script text/javascript	111.206.25.170 CHINA169-BJ China...
General Check archive.org Show headers Download Go to Full URL http://wpa.b.qq.com/cgi/wpa.php?key=XzgwMDEwNTU1MF80MDI3NjZfODAwMTA1NTUwXw Requested by Host: heytapmobi.com URL: http://heytapmobi.com/ Protocol HTTP/1.1 Server 111.206.25.170 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN), Reverse DNS Software openresty / PHP/5.3.13 Resource Hash cfbefc71de78b2f412d7504b9b58cac51a7e2999da13ffca50b31654fd23f189 Request headers Accept-Language de-DE,de;q=0.9 Referer http://heytapmobi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Thu, 28 Oct 2021 09:50:38 GMT Content-Encoding gzip Server openresty X-Powered-By PHP/5.3.13 Vary Accept-Encoding Content-Type text/javascript Cache-Control no-cache, must-revalidate, max-age=0 Transfer-Encoding chunked Connection keep-alive
GET H/1.1	404 Not Found	header.jpeg heytapmobi.com/images/	564 B 564 B	163ms 163ms	Image text/html	106.38.236.140 CHINANET-IDC-BJ-A...
General Check archive.org Show headers Download Go to Show image Full URL http://heytapmobi.com/images/header.jpeg Requested by Host: heytapmobi.com URL: http://heytapmobi.com/ Protocol HTTP/1.1 Server 106.38.236.140 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN), Reverse DNS Software nginx / Resource Hash 0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2 Request headers Accept-Language de-DE,de;q=0.9 Referer http://heytapmobi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Thu, 28 Oct 2021 09:50:37 GMT X-Gateway-Host b5a43959051ced264cb91b478b12250a2c655a745fa8c2996180b22466ef24820ab6ddb744d3af693d4266ba81a63ffd X-Backend-Host 0501:80 Server nginx Connection keep-alive Content-Length 564 Content-Type text/html
GET H2	200	Panel.js Show response combo.b.qq.com/c/=/crm/wpa/release/3.3.8/util/domain.js,/crm/wpa/release/3.3.8/wpa/wpaMgr.js,/crm/wpa/release/3.3.8/wpa/visitor.js,/crm/wpa/release/3.3.8/wpa/kfuin.js,/crm/wpa/release/3.3.8/util/pr...	92 KB 26 KB	4358ms 471ms	Script application/x-javascript	203.205.137.113
General Check archive.org Show headers Download Go to Full URL https://combo.b.qq.com/c/=/crm/wpa/release/3.3.8/util/domain.js,/crm/wpa/release/3.3.8/wpa/wpaMgr.js,/crm/wpa/release/3.3.8/wpa/visitor.js,/crm/wpa/release/3.3.8/wpa/kfuin.js,/crm/wpa/release/3.3.8/util/proxy.js,/crm/wpa/release/3.3.8/util/titleFlash.js,/crm/wpa/release/3.3.8/util/cookie.js,/crm/wpa/release/3.3.8/wpa/WPA.js,/crm/wpa/release/3.3.8/util/getJSONP.js,/crm/wpa/release/3.3.8/wpa/filter.js,/crm/wpa/release/3.3.8/wpa/ta.js,/crm/wpa/release/3.3.8/wpa/invite.js,/crm/wpa/release/3.3.8/util/taskMgr.js,/crm/wpa/release/3.3.8/lang/browser.js,/crm/wpa/release/3.3.8/util/pad.js,/crm/wpa/release/3.3.8/util/Bits.js,/crm/wpa/release/3.3.8/util/events.js,/crm/wpa/release/3.3.8/util/onLoad.js,/crm/wpa/release/3.3.8/util/offset.js,/crm/wpa/release/3.3.8/util/Panel.js?v=3.3.8.20160126 Requested by Host: wpa.b.qq.com URL: http://wpa.b.qq.com/cgi/wpa.php?key=XzgwMDEwNTU1MF80MDI3NjZfODAwMTA1NTUwXw Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.205.137.113 -, , ASN (), Reverse DNS Software X2S_Platform / Resource Hash 81eac81514de4e0696ba6df9feeb9a4937452e33587a36172a461446c97e0087 Request headers Accept-Language de-DE,de;q=0.9 Referer http://heytapmobi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 09:50:43 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Wed, 21 Apr 2021 11:36:14 GMT server X2S_Platform content-type application/x-javascript access-control-allow-origin * cache-control max-age=300 server_ip 203.205.137.113 x-nws-log-uuid 73ee24f8-42a3-4bcb-904f-70e002d7483c content-length 26652 expires Thu, 28 Oct 2021 09:55:42 GMT
GET H2	200	localStorage.js Show response combo.b.qq.com/c/=/crm/wpa/release/3.3.8/util/onIframeLoaded.js,/crm/wpa/release/3.3.8/util/GUID.js,/crm/wpa/release/3.3.8/wpa/getQQVersion.js,/crm/wpa/release/3.3.8/wpa/ViewHelper.js,/crm/wpa/rele...	98 KB 40 KB	4124ms 236ms	Script application/x-javascript	203.205.137.113
General Check archive.org Show headers Download Go to Full URL https://combo.b.qq.com/c/=/crm/wpa/release/3.3.8/util/onIframeLoaded.js,/crm/wpa/release/3.3.8/util/GUID.js,/crm/wpa/release/3.3.8/wpa/getQQVersion.js,/crm/wpa/release/3.3.8/wpa/ViewHelper.js,/crm/wpa/release/3.3.8/wpa/views.js,/crm/wpa/release/3.3.8/wpa/sid.js,/crm/wpa/release/3.3.8/util/blockStorage.js,/crm/wpa/release/3.3.8/util/className.js,/crm/wpa/release/3.3.8/util/Style.js,/crm/wpa/release/3.3.8/util/sessionStorage.js,/crm/wpa/release/3.3.8/util/localStorage.js?v=3.3.8.20160126 Requested by Host: wpa.b.qq.com URL: http://wpa.b.qq.com/cgi/wpa.php?key=XzgwMDEwNTU1MF80MDI3NjZfODAwMTA1NTUwXw Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.205.137.113 -, , ASN (), Reverse DNS Software X2S_Platform / Resource Hash e6260688ff5f8eff62cae71aac037f2eb57077fd1c63caf4db155009e74c1c8e Request headers Accept-Language de-DE,de;q=0.9 Referer http://heytapmobi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 09:50:43 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Wed, 24 Feb 2021 12:59:06 GMT server X2S_Platform content-type application/x-javascript access-control-allow-origin * cache-control max-age=300 server_ip 203.205.137.113 x-nws-log-uuid 93bd50cb-562d-4b59-88fd-6fc06c426040 content-length 40932 expires Thu, 28 Oct 2021 09:55:42 GMT
GET H2	200	grayUserList.js Show response combo.b.qq.com/c/=/crm/wpa/release/3.3.8/util/	6 KB 2 KB	236ms 236ms	Script application/x-javascript	203.205.137.113
General Check archive.org Show headers Download Go to Full URL https://combo.b.qq.com/c/=/crm/wpa/release/3.3.8/util/grayUserList.js?v=3.3.8.20160126 Requested by Host: wpa.b.qq.com URL: http://wpa.b.qq.com/cgi/wpa.php?key=XzgwMDEwNTU1MF80MDI3NjZfODAwMTA1NTUwXw Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.205.137.113 -, , ASN (), Reverse DNS Software X2S_Platform / Resource Hash 4a615020c8fdcee23b09a93850385f843bc06549963622bc86cb9eb6f1004fd4 Request headers Accept-Language de-DE,de;q=0.9 Referer http://heytapmobi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 09:50:43 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Wed, 17 Mar 2021 11:32:06 GMT server X2S_Platform content-type application/x-javascript access-control-allow-origin * cache-control max-age=300 server_ip 203.205.137.113 x-nws-log-uuid ddd4412c-9a11-4add-a219-e42ad1bd0be3 content-length 1445 expires Thu, 28 Oct 2021 09:55:42 GMT
GET H2	200	contains.js Show response combo.b.qq.com/c/=/crm/wpa/release/3.3.8/wpa/SelectPanel.js,/crm/wpa/release/3.3.8/util/css.js,/crm/wpa/release/3.3.8/lang/extend.js,/crm/wpa/release/3.3.8/util/	18 KB 5 KB	237ms 237ms	Script application/x-javascript	203.205.137.113
General Check archive.org Show headers Download Go to Full URL https://combo.b.qq.com/c/=/crm/wpa/release/3.3.8/wpa/SelectPanel.js,/crm/wpa/release/3.3.8/util/css.js,/crm/wpa/release/3.3.8/lang/extend.js,/crm/wpa/release/3.3.8/util/contains.js?v=3.3.8.20160126 Requested by Host: wpa.b.qq.com URL: http://wpa.b.qq.com/cgi/wpa.php?key=XzgwMDEwNTU1MF80MDI3NjZfODAwMTA1NTUwXw Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.205.137.113 -, , ASN (), Reverse DNS Software X2S_Platform / Resource Hash 68752fabb4d19df7e730aa64cf6ec7649636cdbcf0e8c9dd1a292ffe4eb1f020 Request headers Accept-Language de-DE,de;q=0.9 Referer http://heytapmobi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 09:50:43 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Thu, 13 Dec 2018 09:07:35 GMT server X2S_Platform content-type application/x-javascript access-control-allow-origin * cache-control max-age=300 server_ip 203.205.137.113 x-nws-log-uuid 66f50711-648a-4247-a21e-b3d79782f377 content-length 4820 expires Thu, 28 Oct 2021 09:55:42 GMT
GET		r.cgi isdspeed.qq.com/cgi-bin/	0 0
GET		r.cgi isdspeed.qq.com/cgi-bin/	0 0
GET		r.gif prom.b.qq.com/se/	0 0
GET DATA	200 OK	truncated / Frame 5A66	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8a2777459e5d16ba7710011721b4418bb5f91cae16f78db96567b9a6ee41b63f Request headers Accept-Language de-DE,de;q=0.9 Referer http://heytapmobi.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/png
GET		ta.php wpl.b.qq.com/cgi/	0 0
GET		crmqq.php tajs.qq.com/	0 0
GET		wpa_first_heart_beat.php visitor.crm2.qq.com/cgi/visitorcgi/ajax/	0 0
GET		i.js bqq.gtimg.com/da/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

isdspeed.qq.com

URL

https://isdspeed.qq.com/cgi-bin/r.cgi?flag1=7818&flag2=21&flag3=1&2=4632&&1635414643761

Domain

isdspeed.qq.com

URL

https://isdspeed.qq.com/cgi-bin/r.cgi?flag1=7818&flag2=21&flag3=1&1=7&&1635414643769

Domain

prom.b.qq.com

URL

https://prom.b.qq.com/se/r.gif?na=800105550&ref=&1635414643769

Domain

wpl.b.qq.com

URL

https://wpl.b.qq.com/cgi/ta.php?na=800105550&dm=heytapmobi.com&cb=JSONP_CALLBACK_1_28

Domain

tajs.qq.com

URL

https://tajs.qq.com/crmqq.php?uid=800105550&dm=heytapmobi.com

Domain

visitor.crm2.qq.com

URL

https://visitor.crm2.qq.com/cgi/visitorcgi/ajax/wpa_first_heart_beat.php?nameAccount=800105550&dm=heytapmobi.com&title=%E5%B9%BF%E4%B8%9C%E6%AC%A2%E5%A4%AA%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8&url=heytapmobi.com%2F&cb=JSONP_CALLBACK_2_80

Domain

bqq.gtimg.com

URL

http://bqq.gtimg.com/da/i.js

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| BizQQWPA

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://heytapmobi.com/images/header.jpeg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bqq.gtimg.com
combo.b.qq.com
heytapmobi.com
isdspeed.qq.com
prom.b.qq.com
tajs.qq.com
visitor.crm2.qq.com
wpa.b.qq.com
wpl.b.qq.com
bqq.gtimg.com
isdspeed.qq.com
prom.b.qq.com
tajs.qq.com
visitor.crm2.qq.com
wpl.b.qq.com
106.38.236.140
111.206.25.170
203.205.137.113
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2
4a615020c8fdcee23b09a93850385f843bc06549963622bc86cb9eb6f1004fd4
68752fabb4d19df7e730aa64cf6ec7649636cdbcf0e8c9dd1a292ffe4eb1f020
81eac81514de4e0696ba6df9feeb9a4937452e33587a36172a461446c97e0087
8a2777459e5d16ba7710011721b4418bb5f91cae16f78db96567b9a6ee41b63f
c0b71686b08b4cce14f88cf8d93a2590181110d8d2861dccdb260e229a362271
cfbefc71de78b2f412d7504b9b58cac51a7e2999da13ffca50b31654fd23f189
e6260688ff5f8eff62cae71aac037f2eb57077fd1c63caf4db155009e74c1c8e