www.qtweed.com Open in urlscan Pro
107.179.103.194 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.qtweed.com/
Submission: On December 21 via manual (December 21st 2023, 1:38:48 pm UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 19 HTTP transactions. The main IP is 107.179.103.194, located in United States and belongs to LAYER-HOST, US. The main domain is www.qtweed.com.

This is the only time www.qtweed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	107.179.103.194 107.179.103.194	46573 (LAYER-HOST) (LAYER-HOST)
1	112.34.113.148 112.34.113.148	9808 (CHINAMOBI...) (CHINAMOBILE-CN China Mobile Communications Group Co.)
2	163.177.17.97 163.177.17.97	136958 (UNICOM-GU...) (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network)
1	171.8.167.90 171.8.167.90	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1	103.235.47.103 103.235.47.103	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
6	203.107.86.226 203.107.86.226	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
2	172.247.193.226 172.247.193.226	40065 (CNSERVERS) (CNSERVERS)
1 2	45.194.207.75 45.194.207.75	134175 (SH2206-AP...) (SH2206-AP UNIT A17)
2	103.248.21.183 103.248.21.183	55720 (GIGABIT-M...) (GIGABIT-MY Gigabit Hosting Sdn Bhd)
19	9

3 107.179.103.194 (United States)

ASN46573 (LAYER-HOST, US)

www.qtweed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 112.34.113.148 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)

push.zhanzhang.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 163.177.17.97 (China)

ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN)

api.share.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 171.8.167.90 (Zhengzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
PTR: 8.171.broad.ha.dynamic.163data.com.cn

s.360.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.235.47.103 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

sp0.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 203.107.86.226 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.247.193.226 (United States)

ASN40065 (CNSERVERS, US)

www.xxpindaozdxbljflszdyledufz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.194.207.75 (Hong Kong) 1 redirects

ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK)

www.23123www.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.248.21.183 (Australia)

ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY)

654.231234.xn--gecrj9c	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	51.la js.users.51.la — Cisco Umbrella Rank: 96686 ia.51.la — Cisco Umbrella Rank: 89111	9 KB
4	baidu.com push.zhanzhang.baidu.com — Cisco Umbrella Rank: 144777 api.share.baidu.com — Cisco Umbrella Rank: 106601 sp0.baidu.com — Cisco Umbrella Rank: 26319	1 KB
3	qtweed.com www.qtweed.com	4 KB
2	function sub() { [native code] }.	2 KB
2	23123www.com 1 redirects www.23123www.com	854 B
2	xxpindaozdxbljflszdyledufz.com www.xxpindaozdxbljflszdyledufz.com	2 KB
1	360.cn s.360.cn — Cisco Umbrella Rank: 34101	118 B
19	7

	Domain	Requested by
3	ia.51.la	www.qtweed.com www.23123www.com
3	js.users.51.la	www.qtweed.com www.23123www.com
3	www.qtweed.com	www.qtweed.com
2	654.231234.xn--gecrj9c	www.qtweed.com 654.231234.xn--gecrj9c
2	www.23123www.com	1 redirects www.qtweed.com
2	www.xxpindaozdxbljflszdyledufz.com	www.qtweed.com www.xxpindaozdxbljflszdyledufz.com
2	api.share.baidu.com	www.qtweed.com
1	sp0.baidu.com	www.qtweed.com
1	s.360.cn	www.qtweed.com
1	push.zhanzhang.baidu.com	www.qtweed.com
19	10

This site contains no links.

Subject Issuer	Validity	Valid
*.s.360.cn WoTrus DV Server CA [Run by the Issuer]	`2023-12-04` - `2024-12-03`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh
www.n23123.com GoGetSSL RSA DV CA	`2023-07-26` - `2024-07-26`	a year	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2023-04-14` - `2024-05-15`	a year	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2023-04-20` - `2024-05-21`	a year	crt.sh
*.231234.xn--gecrj9c AlphaSSL CA - SHA256 - G4	`2023-07-26` - `2024-08-26`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://www.qtweed.com/
Frame ID: D2E25C590D0BF48F55D961010DD853E9
Requests: 12 HTTP requests in this frame

Frame: https://654.231234.xn--gecrj9c:7838/
Frame ID: F5D7CFFB9CE87D372D5B01370A3799C6
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

防城港盼裂科技有限公司

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

47 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

9
IPs

4
Countries

19 kB
Transfer

169 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://www.23123www.com/rr HTTP 301
https://www.23123www.com/rr/

19 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.qtweed.com/	3 KB 1 KB	380ms 148ms	Document text/html	107.179.103.194 LAYER-HOST
General Check archive.org Show headers Download Go to Full URL http://www.qtweed.com/ Protocol HTTP/1.1 Server 107.179.103.194 , United States, ASN46573 (LAYER-HOST, US), Reverse DNS Software nginx / Resource Hash `823b0f1f1228713dbd0ab3cc4abdc72cf02a247fed56e428de1909f01592ea8b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Thu, 21 Dec 2023 13:37:34 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	tj.js Show response www.qtweed.com/	100 B 256 B	146ms 145ms	Script application/x-javascript	107.179.103.194 LAYER-HOST
General Check archive.org Show headers Download Go to Full URL http://www.qtweed.com/tj.js Requested by Host: www.qtweed.com URL: http://www.qtweed.com/ Protocol HTTP/1.1 Server 107.179.103.194 , United States, ASN46573 (LAYER-HOST, US), Reverse DNS Software nginx / Resource Hash `e737e857f71c14c874342fb1b412d2756131548a74c4cc6d1a351438c26f94f2` Request headers accept-language de-DE,de;q=0.9 Referer http://www.qtweed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 13:37:34 GMT Server nginx Connection keep-alive Content-Length 100 Content-Type application/x-javascript
GET H/1.1	200 OK	common.js Show response www.qtweed.com/	5 KB 2 KB	290ms 147ms	Script application/x-javascript	107.179.103.194 LAYER-HOST
General Check archive.org Show headers Download Go to Full URL http://www.qtweed.com/common.js Requested by Host: www.qtweed.com URL: http://www.qtweed.com/ Protocol HTTP/1.1 Server 107.179.103.194 , United States, ASN46573 (LAYER-HOST, US), Reverse DNS Software nginx / Resource Hash `35875f3a8151d9915599f8cd57c60f5368b2e381db72e578ca609097b9af15da` Request headers accept-language de-DE,de;q=0.9 Referer http://www.qtweed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 13:37:34 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript
GET H/1.1	200 OK	push.js Show response push.zhanzhang.baidu.com/	281 B 752 B	2257ms 156ms	Script text/javascript	112.34.113.148 CHINAMOBILE-CN Ch...
General Check archive.org Show headers Download Go to Full URL http://push.zhanzhang.baidu.com/push.js Requested by Host: www.qtweed.com URL: http://www.qtweed.com/ Protocol HTTP/1.1 Server 112.34.113.148 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN), Reverse DNS Software apache / Resource Hash `674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2` Request headers accept-language de-DE,de;q=0.9 Referer http://www.qtweed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 13:38:16 GMT Content-Encoding gzip Last-Modified Wed, 25 Nov 2015 07:47:55 GMT Server apache Etag "4078521116" Vary Accept-Encoding Content-Type text/javascript P3p CP=" OTI DSP COR IVA OUR IND COM " Cache-Control max-age=31536000 Accept-Ranges bytes Content-Length 227 Expires Fri, 20 Dec 2024 13:38:16 GMT
GET H/1.1	200 OK	s.gif api.share.baidu.com/	0 116 B	2384ms 193ms	Image text/plain	163.177.17.97 UNICOM-GUANGZHOU-...
General Check archive.org Show headers Download Go to Show image Full URL http://api.share.baidu.com/s.gif?l=http://www.qtweed.com/ Requested by Host: www.qtweed.com URL: http://www.qtweed.com/ Protocol HTTP/1.1 Server 163.177.17.97 , China, ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer http://www.qtweed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 13:38:18 GMT Content-Length 0 Content-Type text/plain; charset=utf-8
GET H2	200	zz.gif s.360.cn/so/	0 118 B	790ms 214ms	Image image/gif	171.8.167.90 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL https://s.360.cn/so/zz.gif?url=http%3A%2F%2Fwww.qtweed.com%2F&sid=d182b3f28525f2db83acfaaf6e696dba&token=d/1m8o2cb.3dfe2e8w5t2q5.fw2wdwb/ Requested by Host: www.qtweed.com URL: http://www.qtweed.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 171.8.167.90 Zhengzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS 8.171.broad.ha.dynamic.163data.com.cn Software openresty/1.15.8.2 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer http://www.qtweed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 21 Dec 2023 13:38:17 GMT last-modified Mon, 29 Oct 2018 06:10:42 GMT server openresty/1.15.8.2 accept-ranges bytes etag "5bd6a462-0" content-length 0 content-type image/gif
GET H/1.1	200 OK	s.gif sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/	0 116 B	1977ms 335ms	Image text/plain	103.235.47.103 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=http://www.qtweed.com/ Requested by Host: www.qtweed.com URL: http://www.qtweed.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.47.103 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer http://www.qtweed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 13:38:18 GMT Content-Length 0 Content-Type text/plain; charset=utf-8
GET H/1.1	200 OK	21831291.js Show response js.users.51.la/	5 KB 3 KB	940ms 303ms	Script application/javascript	203.107.86.226 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL http://js.users.51.la/21831291.js Requested by Host: www.qtweed.com URL: http://www.qtweed.com/tj.js Protocol HTTP/1.1 Server 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software openresty / Resource Hash `83c0bf10cc68e7d7a7d5861fa106b3b7cbde02ca19a4fe7b72f8c8ad2c8587e0` Request headers Referer http://www.qtweed.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Thu, 21 Dec 2023 13:38:15 GMT Content-Encoding gzip Server openresty Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-store Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H/1.1	200	go1 ia.51.la/	0 317 B	655ms 294ms	Image text/plain	203.107.86.226 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Show image Full URL http://ia.51.la/go1?id=21831291&rt=1703165895744&rl=16001200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E9%2598%25B2%25E5%259F%258E%25E6%25B8%25AF%25E7%259B%25BC%25E8%25A3%2582%25E7%25A7%2591%25E6%258A%2580%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&ing=1&ekc=&sid=1703165895744&tt=%25E9%2598%25B2%25E5%259F%258E%25E6%25B8%25AF%25E7%259B%25BC%25E8%25A3%2582%25E7%25A7%2591%25E6%258A%2580%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E9%2598%25B2%25E5%259F%258E%25E6%25B8%25AF%25E7%259B%25BC%25E8%25A3%2582%25E7%25A7%2591%25E6%258A%2580%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&cu=http%253A%252F%252Fwww.qtweed.com%252F&pu= Requested by* Host: www.qtweed.com URL: http://www.qtweed.com/ Protocol HTTP/1.1 Server 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer http://www.qtweed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Connection keep-alive Date Thu, 21 Dec 2023 13:38:17 GMT Content-Length 0
GET H/1.1	200 OK	2021hlm.js Show response www.xxpindaozdxbljflszdyledufz.com/js/	4 KB 2 KB	931ms 145ms	Script application/javascript	172.247.193.226 CNSERVERS
General Check archive.org Show headers Download Go to Full URL http://www.xxpindaozdxbljflszdyledufz.com/js/2021hlm.js Requested by Host: www.qtweed.com URL: http://www.qtweed.com/common.js Protocol HTTP/1.1 Server 172.247.193.226 , United States, ASN40065 (CNSERVERS, US), Reverse DNS Software nginx / Resource Hash `4e541c4f3eec04c34f30306db62bc1a9462061a3dac6ef7e5d2782214025ec05` Request headers Referer http://www.qtweed.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Thu, 21 Dec 2023 21:31:53 GMT Content-Encoding gzip Last-Modified Tue, 01 Aug 2023 01:23:31 GMT Server nginx ETag W/"64c85e93-ecf" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43200 Connection keep-alive Expires Fri, 22 Dec 2023 09:31:53 GMT
GET H/1.1	200 OK	hlm_data.php Show response www.xxpindaozdxbljflszdyledufz.com/	66 B 279 B	293ms 147ms	XHR application/json	172.247.193.226 CNSERVERS
General Check archive.org Show headers Download Go to Full URL http://www.xxpindaozdxbljflszdyledufz.com/hlm_data.php?zq=hlm&val=smplink&t=0.005594213394306546?v=006315951547314103 Requested by Host: www.xxpindaozdxbljflszdyledufz.com URL: http://www.xxpindaozdxbljflszdyledufz.com/js/2021hlm.js Protocol HTTP/1.1 Server 172.247.193.226 , United States, ASN40065 (CNSERVERS, US), Reverse DNS Software nginx / Resource Hash `984c778ae90a1ee4cbc84a1df33f292365e4d5b05925a3973d6853878fa08276` Request headers accept-language de-DE,de;q=0.9 Referer http://www.qtweed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Thu, 21 Dec 2023 21:31:53 GMT Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type application/json; charset=utf-8
GET H/1.1	200 OK	/ Show response www.23123www.com/rr/ Frame F5D7 Redirect Chain https://www.23123www.com/rr https://www.23123www.com/rr/	427 B 658 B	259ms 259ms	Document text/html	45.194.207.75 SH2206-AP UNIT A17
General Check archive.org Show headers Download Go to Full URL https://www.23123www.com/rr/ Requested by Host: www.qtweed.com URL: http://www.qtweed.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.194.207.75 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK), Reverse DNS Software nginx / Resource Hash `f53720ebfdc4ff55d9b84f3138a1922ae4965cc6135a650a4bf416325011d8ba` Request headers Referer http://www.qtweed.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Length 427 Content-Type text/html Date Thu, 21 Dec 2023 13:38:17 GMT ETag "658129ec-1ab" Last-Modified Tue, 19 Dec 2023 05:28:12 GMT Server nginx Redirect headers Connection keep-alive Content-Length 162 Content-Type text/html Date Thu, 21 Dec 2023 13:38:17 GMT Location https://www.23123www.com/rr/ Server nginx
GET H/1.1	200 OK	s.gif api.share.baidu.com/	0 116 B	1092ms 209ms	Image text/plain	163.177.17.97 UNICOM-GUANGZHOU-...
General Check archive.org Show headers Download Go to Show image Full URL http://api.share.baidu.com/s.gif?l=http://www.qtweed.com/ Requested by Host: www.qtweed.com URL: http://www.qtweed.com/ Protocol HTTP/1.1 Server 163.177.17.97 , China, ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer http://www.qtweed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 13:38:18 GMT Content-Length 0 Content-Type text/plain; charset=utf-8
GET H/1.1	200 OK	21760519.js Show response js.users.51.la/ Frame F5D7	5 KB 3 KB	3817ms 1325ms	Script application/javascript	203.107.86.226 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://js.users.51.la/21760519.js Requested by Host: www.23123www.com URL: https://www.23123www.com/rr/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software openresty / Resource Hash `4b72c1839faa6267b9625c2bf46a886f90f313a3ed54eb4bfb4acc4652d39738` Request headers accept-language de-DE,de;q=0.9 Referer https://www.23123www.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 13:38:21 GMT Content-Encoding gzip Server openresty Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-store Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H/1.1	200 OK	21787597.js Show response js.users.51.la/ Frame F5D7	5 KB 3 KB	10632ms 7687ms	Script application/javascript	203.107.86.226 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://js.users.51.la/21787597.js Requested by Host: www.23123www.com URL: https://www.23123www.com/rr/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software openresty / Resource Hash `6550ce6b9cde90771150557ee84634ef8ac246022d48df55815e04f172314931` Request headers accept-language de-DE,de;q=0.9 Referer https://www.23123www.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 13:38:28 GMT Content-Encoding gzip Server openresty Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-store Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H/1.1	200	go1 ia.51.la/ Frame F5D7	0 317 B	5540ms 4538ms	Image text/plain	203.107.86.226 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Show image Full URL https://ia.51.la/go1?id=21760519&rt=1703165901856&rl=16001200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1703165901856&tt=&kw=&cu=https%253A%252F%252Fwww.23123www.com%252Frr%252F&pu=http%253A%252F%252Fwww.qtweed.com%252F Requested by* Host: www.23123www.com URL: https://www.23123www.com/rr/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www.23123www.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Connection keep-alive Date Thu, 21 Dec 2023 13:38:27 GMT Content-Length 0
GET H/1.1	200	go1 ia.51.la/ Frame F5D7	0 317 B	269ms 269ms	Image text/plain	203.107.86.226 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Show image Full URL https://ia.51.la/go1?id=21787597&rt=1703165908671&rl=16001200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1703165908671&tt=&kw=&cu=https%253A%252F%252Fwww.23123www.com%252Frr%252F&pu=http%253A%252F%252Fwww.qtweed.com%252F Requested by* Host: www.23123www.com URL: https://www.23123www.com/rr/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://www.23123www.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Connection keep-alive Date Thu, 21 Dec 2023 13:38:28 GMT Content-Length 0
GET H/1.1	200 OK	/ Show response 654.231234.xn--gecrj9c/ Frame F5D7	5 KB 2 KB	5503ms 1782ms	Document text/html	103.248.21.183 GIGABIT-MY Gigabi...
General Check archive.org Show headers Download Go to Full URL https://654.231234.xn--gecrj9c:7838/ Requested by Host: www.qtweed.com URL: http://www.qtweed.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 103.248.21.183 , Australia, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY), Reverse DNS Software AWS / Resource Hash `7e849b60f96db0e2d5d0aea16098d47cf67fc782a5517db784d1c80f731c10de` Request headers Referer https://www.23123www.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Thu, 21 Dec 2023 13:38:33 GMT ETag W/"656c646e-14aa" Last-Modified Sun, 03 Dec 2023 11:20:14 GMT Server AWS Transfer-Encoding chunked Vary Accept-Encoding aws-Cache HIT
GET H/1.1	200 OK	jquery-latest.js 654.231234.xn--gecrj9c/Scripts/ Frame F5D7	137 KB 0	4814ms 4813ms	Script application/javascript	103.248.21.183 GIGABIT-MY Gigabi...
General Check archive.org Show headers Download Go to Full URL https://654.231234.xn--gecrj9c:7838/Scripts/jquery-latest.js Requested by Host: 654.231234.xn--gecrj9c URL: https://654.231234.xn--gecrj9c:7838/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 103.248.21.183 , Australia, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY), Reverse DNS Software AWS / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://654.231234.xn--gecrj9c:7838/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers aws-Cache HIT Date Thu, 21 Dec 2023 13:38:34 GMT Content-Encoding gzip Last-Modified Sun, 03 Dec 2023 11:20:14 GMT Server AWS ETag W/"656c646e-45130" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.qtweed.com/	1969-12-31 23:59:59	Name: __tins__21831291 Value: %7B%22sid%22%3A%201703165895744%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201703167695744%7D
www.qtweed.com/	1969-12-31 23:59:59	Name: __51cke__ Value:
www.qtweed.com/	1969-12-31 23:59:59	Name: __51laig__ Value: 1
.www.qtweed.com/	1970-01-20 17:06:31	Name: frmcookie Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.qtweed.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://js.users.51.la/21831291.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.qtweed.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://js.users.51.la/21831291.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.qtweed.com/common.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.xxpindaozdxbljflszdyledufz.com/js/2021hlm.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.qtweed.com/common.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.xxpindaozdxbljflszdyledufz.com/js/2021hlm.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

654.231234.xn--gecrj9c
api.share.baidu.com
ia.51.la
js.users.51.la
push.zhanzhang.baidu.com
s.360.cn
sp0.baidu.com
www.23123www.com
www.qtweed.com
www.xxpindaozdxbljflszdyledufz.com
103.235.47.103
103.248.21.183
107.179.103.194
112.34.113.148
163.177.17.97
171.8.167.90
172.247.193.226
203.107.86.226
45.194.207.75
35875f3a8151d9915599f8cd57c60f5368b2e381db72e578ca609097b9af15da
4b72c1839faa6267b9625c2bf46a886f90f313a3ed54eb4bfb4acc4652d39738
4e541c4f3eec04c34f30306db62bc1a9462061a3dac6ef7e5d2782214025ec05
6550ce6b9cde90771150557ee84634ef8ac246022d48df55815e04f172314931
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
7e849b60f96db0e2d5d0aea16098d47cf67fc782a5517db784d1c80f731c10de
823b0f1f1228713dbd0ab3cc4abdc72cf02a247fed56e428de1909f01592ea8b
83c0bf10cc68e7d7a7d5861fa106b3b7cbde02ca19a4fe7b72f8c8ad2c8587e0
984c778ae90a1ee4cbc84a1df33f292365e4d5b05925a3973d6853878fa08276
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e737e857f71c14c874342fb1b412d2756131548a74c4cc6d1a351438c26f94f2
f53720ebfdc4ff55d9b84f3138a1922ae4965cc6135a650a4bf416325011d8ba

www.qtweed.com Open in urlscan Pro 107.179.103.194 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

47 %HTTPS

0 %IPv6

7 Domains

10 Subdomains

9 IPs

4 Countries

19 kBTransfer

169 kBSize

4 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

4 Cookies

4 Console Messages

Indicators

www.qtweed.com Open in urlscan Pro
107.179.103.194 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

47 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

9
IPs

4
Countries

19 kB
Transfer

169 kB
Size

4
Cookies

19 HTTP transactions
0 data transactions