wquyeofafg96.top
Open in
urlscan Pro
154.197.92.235
Public Scan
Submission Tags: @ecarlesi threat malware Search All
Submission: On February 25 via api from IT — Scanned from IT
Summary
This is the only time wquyeofafg96.top was scanned on urlscan.io!
urlscan.io Verdict: No classification
Downloads These files were downloaded by the website
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 154.197.92.235 154.197.92.235 | 328608 (Africa-on...) (Africa-on-Cloud-AS) | |
1 | 43.152.44.160 43.152.44.160 | 139341 (ACE-AS-AP...) (ACE-AS-AP ACE) | |
1 3 | 170.33.13.110 170.33.13.110 | 134963 (ASEPL-AS-...) (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited) | |
1 1 | 47.254.188.9 47.254.188.9 | () () | |
1 | 47.107.195.41 47.107.195.41 | () () | |
18 | 4 |
ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG)
tscbbcbb5yq2fsul.huabanwl.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
wquyeofafg96.top
wquyeofafg96.top |
849 KB |
3 |
huabanwl.com
1 redirects
tscbbcbb5yq2fsul.huabanwl.com |
1 KB |
1 |
fcapp.run
rzbnghkdpkbqetf-uqjkffgaqe.cn-shenzhen.fcapp.run |
|
1 |
aliyuncs.com
1 redirects
ztdmoevc.oss-accelerate.aliyuncs.com |
276 B |
1 |
bootcdn.net
cdn.bootcdn.net — Cisco Umbrella Rank: 124541 |
35 KB |
18 | 5 |
Domain | Requested by | |
---|---|---|
14 | wquyeofafg96.top |
wquyeofafg96.top
|
3 | tscbbcbb5yq2fsul.huabanwl.com |
1 redirects
wquyeofafg96.top
|
1 | rzbnghkdpkbqetf-uqjkffgaqe.cn-shenzhen.fcapp.run |
wquyeofafg96.top
|
1 | ztdmoevc.oss-accelerate.aliyuncs.com | 1 redirects |
1 | cdn.bootcdn.net |
wquyeofafg96.top
|
18 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
media.tyi21.win |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.bootcdn.net Sectigo RSA Domain Validation Secure Server CA |
2023-08-17 - 2024-08-17 |
a year | crt.sh |
*.huabanwl.com Sectigo RSA Domain Validation Secure Server CA |
2024-01-26 - 2025-01-25 |
a year | crt.sh |
*.fcapp.run GlobalSign Organization Validation CA - SHA256 - G3 |
2023-10-30 - 2024-11-30 |
a year | crt.sh |
This page contains 1 frames:
Frame:
https://rzbnghkdpkbqetf-uqjkffgaqe.cn-shenzhen.fcapp.run/huaxin-p8YYu-vdaa30b43.apk?t=1708827821739
Frame ID: 3415BD809D80BB55F800711ADCAA811D
Requests: 18 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 16- https://tscbbcbb5yq2fsul.huabanwl.com:6443/page/oc53tl/install/c/eyJtIjoicDFmZld5SjlnMWtBQUFHTjNoTTdaNzlTOUJrQW1ENi1Bb1BKTmRVUVZPVnlIaTNRQ25kZkpqOGRSZFVodlVkQW1CZFl2SFRYWGdnTnd5SWFZcXVjV1RPeGpxX1ZVZ2VROV9LbnBVR3gyMkZMcm1iQUxzTTFHbF83cXBrIn0=?p=0 HTTP 302
- https://ztdmoevc.oss-accelerate.aliyuncs.com/p8YYu.html HTTP 302
- https://rzbnghkdpkbqetf-uqjkffgaqe.cn-shenzhen.fcapp.run/huaxin-p8YYu-vdaa30b43.apk?t=1708827821739
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
wquyeofafg96.top/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reset.css
wquyeofafg96.top/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
wquyeofafg96.top/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdn.bootcdn.net/ajax/libs/jquery/3.5.1/ |
87 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg1.jpg
wquyeofafg96.top/images/ |
79 KB 79 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg2.jpg
wquyeofafg96.top/images/ |
259 KB 259 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg3.jpg
wquyeofafg96.top/images/ |
331 KB 331 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
wquyeofafg96.top/images/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kefu.png
wquyeofafg96.top/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
title3.png
wquyeofafg96.top/images/ |
130 KB 130 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aixin.png
wquyeofafg96.top/images/ |
479 B 897 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
android.png
wquyeofafg96.top/images/ |
486 B 904 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ios.png
wquyeofafg96.top/images/ |
482 B 900 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer.png
wquyeofafg96.top/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
appinstall.js
wquyeofafg96.top/ |
46 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
init
tscbbcbb5yq2fsul.huabanwl.com/web/oc53tl/_/ |
706 B 871 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
eyJtIjoibVNzN0dSQzQ3RHNBQUFHTjNoTTdaMmdRMVlVbEljTnVzZDdIOGt1UTlIVDRlWldZUTFGRGQtOEZ2YWRFMkw5VU9aWjBxMkc3ZFVfWVBScmZaNmNwVDhBamtBc2tKNzNYbzBlZUpmOWRBRFlXREhuRDc2Sk1NWV8zM2lBIn0=
tscbbcbb5yq2fsul.huabanwl.com/web/oc53tl/_/clicked/c/ |
0 281 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
huaxin-p8YYu-vdaa30b43.apk
rzbnghkdpkbqetf-uqjkffgaqe.cn-shenzhen.fcapp.run/ Redirect Chain
|
0 0 |
Document
application/vnd.android.package-archive |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| AppInstall object| data1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
wquyeofafg96.top/ | Name: X-SUDUN-WAF-R-C Value: 0001668777 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.bootcdn.net
rzbnghkdpkbqetf-uqjkffgaqe.cn-shenzhen.fcapp.run
tscbbcbb5yq2fsul.huabanwl.com
wquyeofafg96.top
ztdmoevc.oss-accelerate.aliyuncs.com
154.197.92.235
170.33.13.110
43.152.44.160
47.107.195.41
47.254.188.9
101427033cdedbafe8d3ec2cdd6f500702259b6d3331dbddcaa014d477a70814
1ec4722332f294f4697f3b3859214a2a20900dbc2739cff39a3bf68aded7ce32
41ebd2d88a2c35d6fb78602766400a8dfa7227552bb13b04da004365148b201a
56848cec2f732d983bcb2680d29aeb8ec172181a148dbec26bfe0e82c688fc17
63bbd64ac12203404984348ca6a377f53cd448bc42a879036ab0c5c6fcfae846
7642e87b8017e4bbd8d27212d5b7de4ca14f81d5b1470f41296c36dea74b8fb2
7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd
7eded748802e6e1df8650b77098c327ce4cd8fd3fcb2e1ed886ad219669c7c2d
8a28e0f121fe92d9879f732bb36ef19e4328b1855802f59714a87d75a1a5f8fe
a39e0ee4fb62878fb7054b94dbfe2397aa67e1c9cb00c9fb1fbe0170839c6372
a4a49e0b981dd0c08c0defbd675aa8c5708c89c36335ce089195ed4bdb0e5f46
c480e4efcce2926e0f66e20ba04af8c09cfde48f28287689958430afcc21900e
cb763d0b96f7186f6ef33533d89a1087ba8af10dd29facbfc4a9077e0147bc48
d3edd8f0b1d578b29862811d55db25a225096ad191e88573e8868cc5931ba0f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f06e7d26ae9a23e8b87641b052b7dffe977af642619c827a33c04ab869397a59
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d