pay.yxxz7.com
Open in
urlscan Pro
106.55.249.48
Public Scan
Submitted URL: http://pay.yxxz7.com/
Effective URL: https://pay.yxxz7.com/
Submission: On January 06 via api from US — Scanned from US
Effective URL: https://pay.yxxz7.com/
Submission: On January 06 via api from US — Scanned from US
Summary
This website contacted 4 IPs
in 3 countries
across 4 domains to perform 12 HTTP transactions.
The main IP is 106.55.249.48, located in
China and
belongs to TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN.
The main domain is pay.yxxz7.com.
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on November 7th 2023. Valid for: a year.
This is the only time pay.yxxz7.com was scanned on urlscan.io!
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on November 7th 2023. Valid for: a year.
This is the only time pay.yxxz7.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 8 | 106.55.249.48 106.55.249.48 | 45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited) | |
| 1 | 2404:2280:1de... 2404:2280:1de:0:3::29 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
| 3 | 52.85.61.7 52.85.61.7 | 16509 (AMAZON-02) (AMAZON-02) | |
| 12 | 4 |
8
106.55.249.48
(China)
ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
| pay.yxxz7.com |
1
2404:2280:1de:0:3::29
(Singapore)
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
| js.css.r10086.com |
3
52.85.61.7
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-7.ewr53.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-7.ewr53.r.cloudfront.net
| dl6rt3mwcjzxg.cloudfront.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 8 |
yxxz7.com
1 redirects
pay.yxxz7.com |
137 KB |
| 3 |
cloudfront.net
dl6rt3mwcjzxg.cloudfront.net |
13 KB |
| 1 |
r10086.com
js.css.r10086.com |
|
| 0 |
jihulab.com
Failed
jihulab.com Failed |
|
| 12 | 4 |
| Domain | Requested by | |
|---|---|---|
| 8 | pay.yxxz7.com |
1 redirects
pay.yxxz7.com
|
| 3 | dl6rt3mwcjzxg.cloudfront.net |
pay.yxxz7.com
|
| 1 | js.css.r10086.com |
pay.yxxz7.com
|
| 0 | jihulab.com Failed |
pay.yxxz7.com
|
| 12 | 4 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| lc.sykj1.cn |
| xs.sykj1.cn |
| down.guluts.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| pay.yxxz7.com TrustAsia RSA DV TLS CA G2 |
2023-11-07 - 2024-11-06 |
a year | crt.sh |
| js.css.r10086.com TrustAsia RSA DV TLS CA G3 |
2023-11-11 - 2024-12-10 |
a year | crt.sh |
| *.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://pay.yxxz7.com/
Frame ID: 1EA122A06C9383B8C774F42FF892901A
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
主页Page URL History Show full URLs
-
http://pay.yxxz7.com/
HTTP 301
https://pay.yxxz7.com/ Page URL
Detected technologies
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
URL: http://lc.sykj1.cn/#/reward
Title: 充值累计
Title: 充值累计
Search URL Search Domain Scan URL
URL: http://xs.sykj1.cn/#/nreward
Title: 新手礼包
Title: 新手礼包
Search URL Search Domain Scan URL
URL: https://down.guluts.com/o_1hfe77ouh70abkcv7e9tntjea.apk?attname=16%E5%A4%A9%E9%BE%99%E5%85%AB%E9%83%A8.apk
Title: 游戏下载
Title: 游戏下载
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://pay.yxxz7.com/
HTTP 301
https://pay.yxxz7.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 7- https://api.likepoems.com/img/pc/ HTTP 302
- https://jihulab.com/weblog/gallery04/-/raw/master/pc/ecdccd4012168ac83c2b8c07ca6436d0d.png
12 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
pay.yxxz7.com/ Redirect Chain
|
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
pay.yxxz7.com/css/ |
28 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
snow.css
pay.yxxz7.com/css/ |
3 KB 936 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
pay.yxxz7.com/css/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
%E7%81%AF%E7%AC%BC.css
js.css.r10086.com/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
pay.yxxz7.com/static/js/ |
82 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pic.png
pay.yxxz7.com/ |
56 KB 56 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-2.1.4.min.js
pay.yxxz7.com/js/ |
82 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
ecdccd4012168ac83c2b8c07ca6436d0d.png
jihulab.com/weblog/gallery04/-/raw/master/pc/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
snow-large-075d267ecbc42e3564c8ed43516dd557.png
dl6rt3mwcjzxg.cloudfront.net/assets/snow/ |
956 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
snow-medium-0b8a5e0732315b68e1f54185be7a1ad9.png
dl6rt3mwcjzxg.cloudfront.net/assets/snow/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
snow-small-1ecd03b1fce08c24e064ff8c0a72c519.png
dl6rt3mwcjzxg.cloudfront.net/assets/snow/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- jihulab.com
- URL
- https://jihulab.com/weblog/gallery04/-/raw/master/pc/ecdccd4012168ac83c2b8c07ca6436d0d.png
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| hideURLbar function| $ function| jQuery function| isPIA0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dl6rt3mwcjzxg.cloudfront.net
jihulab.com
js.css.r10086.com
pay.yxxz7.com
jihulab.com
106.55.249.48
2404:2280:1de:0:3::29
52.85.61.7
19a509905cc5d46804bd9e9b5fd0a881abfc71ebf7eb447dacb417b02a377825
312edbcdc9dbb34d8a2b72a1b4cbd73208a6b635c948684e225c1a73e595a4d8
371322413093c0e1a11ce06c84a634342ed4d45e44f0cf2921a1b28718fff111
79f9ac506a97d2fe7e5c0186f825683bb7b04c18ce9550b61945d86e649ff5bf
802f083c1e6aad866958a0189fc102405e33ea000afb61e39369388e8c06e299
a0abb33883c406addb5492017bae0c67efd8a45b295bf2797798044568f726d6
ab0d063b4ff2827192c0e44103d3091457a1d2374c3b6243721c5679bb61eae2
d42746e81b0239d76b7ca526c0c0def9adbf0a623536d9cb84ff6d8ece932c99
ed583545e05184b1b8c50905502ec1fee7a13a1c8a7f925b7d507ec8c84e5215
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c