urlscan.io logo urlscan.io
SecurityTrails logo

wquyeofafg96.top Open in urlscan Pro
154.197.92.235  Public Scan

Go To Rescan Add Verdict Report
URL: http://wquyeofafg96.top/
Submission Tags: @ecarlesi threat malware Search All
Submission: On February 25 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 18 HTTP transactions. The main IP is 154.197.92.235, located in Seychelles and belongs to Africa-on-Cloud-AS, ZA. The main domain is wquyeofafg96.top.
This is the only time wquyeofafg96.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete huaxin-p8YYu-vdaa30b43.apk 38 MB
Size: 38 MB (39718271 bytes, 0% done)
Downloaded from: https://rzbnghkdpkbqetf-uqjkffgaqe.cn-shenzhen.fcapp.run/huaxin-p8YYu-vdaa30b43.apk?t=1708827821739

Domain & IP information

IP Address AS Autonomous System
14 154.197.92.235 328608 (Africa-on...)
1 43.152.44.160 139341 (ACE-AS-AP...)
1 3 170.33.13.110 134963 (ASEPL-AS-...)
1 1 47.254.188.9 ()
1 47.107.195.41 ()
18 4
14    154.197.92.235 (Seychelles)

ASN328608 (Africa-on-Cloud-AS, ZA)
wquyeofafg96.top
1    43.152.44.160 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
cdn.bootcdn.net
3    170.33.13.110 (Singapore)

ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG)
tscbbcbb5yq2fsul.huabanwl.com
1    47.254.188.9 (None, )

ASN- ()
ztdmoevc.oss-accelerate.aliyuncs.com
1    47.107.195.41 (None, )

ASN- ()
rzbnghkdpkbqetf-uqjkffgaqe.cn-shenzhen.fcapp.run
Domain Requested by
14 wquyeofafg96.top wquyeofafg96.top
3 tscbbcbb5yq2fsul.huabanwl.com 1 redirects wquyeofafg96.top
1 rzbnghkdpkbqetf-uqjkffgaqe.cn-shenzhen.fcapp.run wquyeofafg96.top
1 ztdmoevc.oss-accelerate.aliyuncs.com 1 redirects
1 cdn.bootcdn.net wquyeofafg96.top
18 5

This site contains links to these domains. Also see Links.

Domain
media.tyi21.win
Subject Issuer Validity Valid
*.bootcdn.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-17 -
2024-08-17		 a year crt.sh
*.huabanwl.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-26 -
2025-01-25		 a year crt.sh
*.fcapp.run
GlobalSign Organization Validation CA - SHA256 - G3		 2023-10-30 -
2024-11-30		 a year crt.sh

This page contains 1 frames:

Frame: https://rzbnghkdpkbqetf-uqjkffgaqe.cn-shenzhen.fcapp.run/huaxin-p8YYu-vdaa30b43.apk?t=1708827821739
Frame ID: 3415BD809D80BB55F800711ADCAA811D
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

富强、民主、文明、和谐

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

22 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

884 kB
Transfer

963 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://tscbbcbb5yq2fsul.huabanwl.com:6443/page/oc53tl/install/c/eyJtIjoicDFmZld5SjlnMWtBQUFHTjNoTTdaNzlTOUJrQW1ENi1Bb1BKTmRVUVZPVnlIaTNRQ25kZkpqOGRSZFVodlVkQW1CZFl2SFRYWGdnTnd5SWFZcXVjV1RPeGpxX1ZVZ2VROV9LbnBVR3gyMkZMcm1iQUxzTTFHbF83cXBrIn0=?p=0 HTTP 302
  • https://ztdmoevc.oss-accelerate.aliyuncs.com/p8YYu.html HTTP 302
  • https://rzbnghkdpkbqetf-uqjkffgaqe.cn-shenzhen.fcapp.run/huaxin-p8YYu-vdaa30b43.apk?t=1708827821739

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wquyeofafg96.top/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://wquyeofafg96.top/
Protocol
HTTP/1.1
Server
154.197.92.235 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
sudun /
Resource Hash
101427033cdedbafe8d3ec2cdd6f500702259b6d3331dbddcaa014d477a70814

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 25 Feb 2024 02:23:34 GMT
ETag
W/"65d209bc-1187"
Last-Modified
Sun, 18 Feb 2024 13:44:28 GMT
Server
sudun
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Request-Id
7505103885eb69d68362ace02dfa6925
reset.css
wquyeofafg96.top/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://wquyeofafg96.top/css/reset.css
Requested by
Host: wquyeofafg96.top
URL: http://wquyeofafg96.top/
Protocol
HTTP/1.1
Server
154.197.92.235 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
sudun /
Resource Hash
f06e7d26ae9a23e8b87641b052b7dffe977af642619c827a33c04ab869397a59

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wquyeofafg96.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Sun, 25 Feb 2024 02:23:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Aug 2022 14:11:57 GMT
Server
sudun
ETag
W/"62e930ad-48e"
cache-status
EXPIRED
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
X-Request-Id
18a4fe269b5c1adfc3013a25a701e3de
Expires
Sun, 25 Feb 2024 14:22:37 GMT
style.css
wquyeofafg96.top/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://wquyeofafg96.top/css/style.css
Requested by
Host: wquyeofafg96.top
URL: http://wquyeofafg96.top/
Protocol
HTTP/1.1
Server
154.197.92.235 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
sudun /
Resource Hash
8a28e0f121fe92d9879f732bb36ef19e4328b1855802f59714a87d75a1a5f8fe

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wquyeofafg96.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Sun, 25 Feb 2024 02:23:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Aug 2022 14:11:58 GMT
Server
sudun
ETag
W/"62e930ae-984"
cache-status
EXPIRED
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
X-Request-Id
12f6494e8349ac6a38a0426edf487f12
Expires
Sun, 25 Feb 2024 14:22:38 GMT
jquery.min.js
cdn.bootcdn.net/ajax/libs/jquery/3.5.1/ 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: wquyeofafg96.top
URL: http://wquyeofafg96.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.44.160 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wquyeofafg96.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 15:15:32 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
content-length
34800
x-cloud-ser
global
last-modified
Sat, 27 Jan 2024 00:03:51 GMT
server
nginx
etag
W/"65b44867-15d84"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
1800
access-control-allow-credentials
true
cache-control
max-age=31536000
x-nws-log-uuid
15117156702874289646
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Token
expires
Sun, 02 Feb 2025 15:15:32 GMT
bg1.jpg
wquyeofafg96.top/images/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wquyeofafg96.top/images/bg1.jpg
Requested by
Host: wquyeofafg96.top
URL: http://wquyeofafg96.top/
Protocol
HTTP/1.1
Server
154.197.92.235 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
sudun /
Resource Hash
1ec4722332f294f4697f3b3859214a2a20900dbc2739cff39a3bf68aded7ce32

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wquyeofafg96.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Sun, 25 Feb 2024 02:23:35 GMT
Last-Modified
Tue, 02 Aug 2022 14:12:01 GMT
Server
sudun
ETag
"62e930b1-13b10"
cache-status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
80656
X-Request-Id
181a82b4b751debbbabc834124202782
Expires
Tue, 26 Mar 2024 01:55:49 GMT
bg2.jpg
wquyeofafg96.top/images/ 		259 KB
259 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wquyeofafg96.top/images/bg2.jpg
Requested by
Host: wquyeofafg96.top
URL: http://wquyeofafg96.top/
Protocol
HTTP/1.1
Server
154.197.92.235 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
sudun /
Resource Hash
7642e87b8017e4bbd8d27212d5b7de4ca14f81d5b1470f41296c36dea74b8fb2

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wquyeofafg96.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Sun, 25 Feb 2024 02:23:35 GMT
Last-Modified
Thu, 29 Dec 2022 05:54:17 GMT
Server
sudun
ETag
"63ad2b89-40c42"
cache-status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
265282
X-Request-Id
602d680525d2ba8f243a350a687dfdb2
Expires
Tue, 26 Mar 2024 01:55:49 GMT
bg3.jpg
wquyeofafg96.top/images/ 		331 KB
331 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wquyeofafg96.top/images/bg3.jpg
Requested by
Host: wquyeofafg96.top
URL: http://wquyeofafg96.top/
Protocol
HTTP/1.1
Server
154.197.92.235 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
sudun /
Resource Hash
41ebd2d88a2c35d6fb78602766400a8dfa7227552bb13b04da004365148b201a

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wquyeofafg96.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Sun, 25 Feb 2024 02:23:36 GMT
Last-Modified
Thu, 29 Dec 2022 05:54:18 GMT
Server
sudun
ETag
"63ad2b8a-52a34"
cache-status
HIT
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
338484
X-Request-Id
9baf0c50d8ddddf0f5029f4eb6f48e03
Expires
Tue, 26 Mar 2024 01:55:50 GMT
logo.png
wquyeofafg96.top/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wquyeofafg96.top/images/logo.png
Requested by
Host: wquyeofafg96.top
URL: http://wquyeofafg96.top/
Protocol
HTTP/1.1
Server
154.197.92.235 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
sudun /
Resource Hash
cb763d0b96f7186f6ef33533d89a1087ba8af10dd29facbfc4a9077e0147bc48

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wquyeofafg96.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Sun, 25 Feb 2024 02:23:36 GMT
Last-Modified
Wed, 20 Dec 2023 13:27:53 GMT
Server
sudun
ETag
"6582ebd9-34cd"
cache-status
HIT
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13517
X-Request-Id
498e1afb747f4d8632d79d8e48b0056a
Expires
Tue, 26 Mar 2024 01:55:51 GMT
kefu.png
wquyeofafg96.top/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wquyeofafg96.top/images/kefu.png
Requested by
Host: wquyeofafg96.top
URL: http://wquyeofafg96.top/
Protocol
HTTP/1.1
Server
154.197.92.235 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
sudun /
Resource Hash
56848cec2f732d983bcb2680d29aeb8ec172181a148dbec26bfe0e82c688fc17

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wquyeofafg96.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Sun, 25 Feb 2024 02:23:37 GMT
Last-Modified
Tue, 02 Aug 2022 14:12:06 GMT
Server
sudun
ETag
"62e930b6-6de"
cache-status
HIT
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1758
X-Request-Id
ac47d6b8110413e1be34c496a7bca56b
Expires
Tue, 26 Mar 2024 01:55:51 GMT
title3.png
wquyeofafg96.top/images/ 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wquyeofafg96.top/images/title3.png
Requested by
Host: wquyeofafg96.top
URL: http://wquyeofafg96.top/
Protocol
HTTP/1.1
Server
154.197.92.235 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
sudun /
Resource Hash
a39e0ee4fb62878fb7054b94dbfe2397aa67e1c9cb00c9fb1fbe0170839c6372

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wquyeofafg96.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Sun, 25 Feb 2024 02:23:36 GMT
Last-Modified
Thu, 29 Dec 2022 05:54:16 GMT
Server
sudun
ETag
"63ad2b88-2076d"
cache-status
HIT
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
132973
X-Request-Id
df32705abcc2ed726c4d6c5a66c2989f
Expires
Tue, 26 Mar 2024 01:55:51 GMT
aixin.png
wquyeofafg96.top/images/ 		479 B
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wquyeofafg96.top/images/aixin.png
Requested by
Host: wquyeofafg96.top
URL: http://wquyeofafg96.top/
Protocol
HTTP/1.1
Server
154.197.92.235 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
sudun /
Resource Hash
63bbd64ac12203404984348ca6a377f53cd448bc42a879036ab0c5c6fcfae846

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wquyeofafg96.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Sun, 25 Feb 2024 02:23:36 GMT
Last-Modified
Tue, 02 Aug 2022 14:11:59 GMT
Server
sudun
ETag
"62e930af-1df"
cache-status
HIT
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
479
X-Request-Id
e45b4ca188b405217bb56c7214bacbe0
Expires
Tue, 26 Mar 2024 01:55:51 GMT
android.png
wquyeofafg96.top/images/ 		486 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wquyeofafg96.top/images/android.png
Requested by
Host: wquyeofafg96.top
URL: http://wquyeofafg96.top/
Protocol
HTTP/1.1
Server
154.197.92.235 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
sudun /
Resource Hash
c480e4efcce2926e0f66e20ba04af8c09cfde48f28287689958430afcc21900e

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wquyeofafg96.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Sun, 25 Feb 2024 02:23:37 GMT
Last-Modified
Tue, 02 Aug 2022 14:12:00 GMT
Server
sudun
ETag
"62e930b0-1e6"
cache-status
HIT
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
486
X-Request-Id
d6814d6860de3815d3b9e4faf76c2e6c
Expires
Tue, 26 Mar 2024 01:55:52 GMT
ios.png
wquyeofafg96.top/images/ 		482 B
900 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wquyeofafg96.top/images/ios.png
Requested by
Host: wquyeofafg96.top
URL: http://wquyeofafg96.top/
Protocol
HTTP/1.1
Server
154.197.92.235 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
sudun /
Resource Hash
d3edd8f0b1d578b29862811d55db25a225096ad191e88573e8868cc5931ba0f4

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wquyeofafg96.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Sun, 25 Feb 2024 02:23:37 GMT
Last-Modified
Tue, 02 Aug 2022 14:12:05 GMT
Server
sudun
ETag
"62e930b5-1e2"
cache-status
HIT
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
482
X-Request-Id
ed4833c9b26f1065530200c236f1e285
Expires
Tue, 26 Mar 2024 01:55:52 GMT
footer.png
wquyeofafg96.top/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wquyeofafg96.top/images/footer.png
Requested by
Host: wquyeofafg96.top
URL: http://wquyeofafg96.top/
Protocol
HTTP/1.1
Server
154.197.92.235 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
sudun /
Resource Hash
7eded748802e6e1df8650b77098c327ce4cd8fd3fcb2e1ed886ad219669c7c2d

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wquyeofafg96.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Sun, 25 Feb 2024 02:23:37 GMT
Last-Modified
Tue, 02 Aug 2022 14:12:04 GMT
Server
sudun
ETag
"62e930b4-17d2"
cache-status
HIT
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6098
X-Request-Id
f167b2bf359e1b8b6fc255ee247d7bd8
Expires
Tue, 26 Mar 2024 01:55:51 GMT
appinstall.js
wquyeofafg96.top/ 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://wquyeofafg96.top/appinstall.js
Requested by
Host: wquyeofafg96.top
URL: http://wquyeofafg96.top/
Protocol
HTTP/1.1
Server
154.197.92.235 , Seychelles, ASN328608 (Africa-on-Cloud-AS, ZA),
Reverse DNS
Software
sudun /
Resource Hash
7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wquyeofafg96.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date
Sun, 25 Feb 2024 02:23:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Oct 2023 12:39:04 GMT
Server
sudun
ETag
W/"653baf68-b9e1"
cache-status
EXPIRED
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
X-Request-Id
b1426ff05ee6bd0a79e93afe7dde843c
Expires
Sun, 25 Feb 2024 14:22:40 GMT
init
tscbbcbb5yq2fsul.huabanwl.com/web/oc53tl/_/ 		706 B
871 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tscbbcbb5yq2fsul.huabanwl.com:6443/web/oc53tl/_/init?av=0&cv=0&hash=&server=https%3A%2F%2Ftscbbcbb5yq2fsul.huabanwl.com%3A6443&sw=p6Cmpg&sh=p6Smpg&sp=1
Requested by
Host: wquyeofafg96.top
URL: http://wquyeofafg96.top/appinstall.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.33.13.110 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),
Reverse DNS
Software
NgxFence /
Resource Hash
a4a49e0b981dd0c08c0defbd675aa8c5708c89c36335ce089195ed4bdb0e5f46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Referer
http://wquyeofafg96.top/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 25 Feb 2024 02:23:38 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
server
NgxFence
vary
Origin, Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
http://wquyeofafg96.top
access-control-allow-credentials
true
eyJtIjoibVNzN0dSQzQ3RHNBQUFHTjNoTTdaMmdRMVlVbEljTnVzZDdIOGt1UTlIVDRlWldZUTFGRGQtOEZ2YWRFMkw5VU9aWjBxMkc3ZFVfWVBScmZaNmNwVDhBamtBc2tKNzNYbzBlZUpmOWRBRFlXREhuRDc2Sk1NWV8zM2lBIn0=
tscbbcbb5yq2fsul.huabanwl.com/web/oc53tl/_/clicked/c/ 		0
281 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tscbbcbb5yq2fsul.huabanwl.com:6443/web/oc53tl/_/clicked/c/eyJtIjoibVNzN0dSQzQ3RHNBQUFHTjNoTTdaMmdRMVlVbEljTnVzZDdIOGt1UTlIVDRlWldZUTFGRGQtOEZ2YWRFMkw5VU9aWjBxMkc3ZFVfWVBScmZaNmNwVDhBamtBc2tKNzNYbzBlZUpmOWRBRFlXREhuRDc2Sk1NWV8zM2lBIn0=?p=0&ref=http%3A%2F%2Fwquyeofafg96.top%2F&ac=0&cc=0
Requested by
Host: wquyeofafg96.top
URL: http://wquyeofafg96.top/appinstall.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.33.13.110 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),
Reverse DNS
Software
NgxFence /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
it-IT,it;q=0.9
Referer
http://wquyeofafg96.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Sun, 25 Feb 2024 02:23:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
server
NgxFence
vary
Origin, Origin
access-control-allow-origin
http://wquyeofafg96.top
access-control-allow-credentials
true
accept-ranges
bytes
content-length
0
huaxin-p8YYu-vdaa30b43.apk
rzbnghkdpkbqetf-uqjkffgaqe.cn-shenzhen.fcapp.run/
Redirect Chain
  • https://tscbbcbb5yq2fsul.huabanwl.com:6443/page/oc53tl/install/c/eyJtIjoicDFmZld5SjlnMWtBQUFHTjNoTTdaNzlTOUJrQW1ENi1Bb1BKTmRVUVZPVnlIaTNRQ25kZkpqOGRSZFVodlVkQW1CZFl2SFRYWGdnTnd5SWFZcXVjV1RPeGpxX1ZV...
  • https://ztdmoevc.oss-accelerate.aliyuncs.com/p8YYu.html
  • https://rzbnghkdpkbqetf-uqjkffgaqe.cn-shenzhen.fcapp.run/huaxin-p8YYu-vdaa30b43.apk?t=1708827821739
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rzbnghkdpkbqetf-uqjkffgaqe.cn-shenzhen.fcapp.run/huaxin-p8YYu-vdaa30b43.apk?t=1708827821739
Requested by
Host: wquyeofafg96.top
URL: http://wquyeofafg96.top/appinstall.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
47.107.195.41 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://wquyeofafg96.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Expose-Headers
Date,x-fc-request-id
Content-Disposition
attachment
Content-Length
39718271
Content-Type
application/vnd.android.package-archive
Date
Sun, 25 Feb 2024 02:23:43 GMT
Last-Modified
Sun, 25 Feb 2024 02:11:09 GMT
X-Cache
HIT
X-Fc-Request-Id
1-65daa4af-17d182c9-893ccbde8eaf
X-Forwarded-From
fc

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 25 Feb 2024 02:23:41 GMT
Location
https://rzbnghkdpkbqetf-uqjkffgaqe.cn-shenzhen.fcapp.run/huaxin-p8YYu-vdaa30b43.apk?t=1708827821739
Server
AliyunOSS
x-oss-request-id
65DAA4AD6E29B671B552AAFA

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| AppInstall object| data

1 Cookies

Domain/Path Name / Value
wquyeofafg96.top/ Name: X-SUDUN-WAF-R-C
Value: 0001668777

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.bootcdn.net
rzbnghkdpkbqetf-uqjkffgaqe.cn-shenzhen.fcapp.run
tscbbcbb5yq2fsul.huabanwl.com
wquyeofafg96.top
ztdmoevc.oss-accelerate.aliyuncs.com
154.197.92.235
170.33.13.110
43.152.44.160
47.107.195.41
47.254.188.9
101427033cdedbafe8d3ec2cdd6f500702259b6d3331dbddcaa014d477a70814
1ec4722332f294f4697f3b3859214a2a20900dbc2739cff39a3bf68aded7ce32
41ebd2d88a2c35d6fb78602766400a8dfa7227552bb13b04da004365148b201a
56848cec2f732d983bcb2680d29aeb8ec172181a148dbec26bfe0e82c688fc17
63bbd64ac12203404984348ca6a377f53cd448bc42a879036ab0c5c6fcfae846
7642e87b8017e4bbd8d27212d5b7de4ca14f81d5b1470f41296c36dea74b8fb2
7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd
7eded748802e6e1df8650b77098c327ce4cd8fd3fcb2e1ed886ad219669c7c2d
8a28e0f121fe92d9879f732bb36ef19e4328b1855802f59714a87d75a1a5f8fe
a39e0ee4fb62878fb7054b94dbfe2397aa67e1c9cb00c9fb1fbe0170839c6372
a4a49e0b981dd0c08c0defbd675aa8c5708c89c36335ce089195ed4bdb0e5f46
c480e4efcce2926e0f66e20ba04af8c09cfde48f28287689958430afcc21900e
cb763d0b96f7186f6ef33533d89a1087ba8af10dd29facbfc4a9077e0147bc48
d3edd8f0b1d578b29862811d55db25a225096ad191e88573e8868cc5931ba0f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f06e7d26ae9a23e8b87641b052b7dffe977af642619c827a33c04ab869397a59
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d