66872.pink Open in urlscan Pro
66.232.5.217 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://66872.pink/
Effective URL:
https://66872.pink/?channelCode=66872pink
Submission Tags: @ecarlesi threat malware Search All
Submission: On September 02 via api (September 2nd 2024, 10:49:05 am UTC) from IT — Scanned from IT

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 5 domains to perform 35 HTTP transactions. The main IP is 66.232.5.217, located in Hong Kong, Hong Kong and belongs to DNC-AS Dimension Network & Communication Limited, HK. The main domain is 66872.pink.
TLS certificate: Issued by R11 on September 2nd 2024. Valid for: 3 months.

This is the only time 66872.pink was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete fengyun-p8YiP-v7fe2cb77.apk 37 MB

Size: 37 MB (39224005 bytes, 22% done)

Downloaded from: https://utkngmvlxfvvtszhvzfaocibzokauyiw.pdsjiaxiao.com/fengyun-p8YiP-v7fe2cb77.apk?f=1#t=1725273153466&auth_key=1725274135-0-0-8fb8dcab62eb8152fcd414235981a0da

Domain & IP information

	IP Address	AS Autonomous System
13	66.232.5.217 66.232.5.217	59371 (DNC-AS Di...) (DNC-AS Dimension Network & Communication Limited)
7	47.254.187.65 47.254.187.65	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	240e:97c:4040... 240e:97c:4040:900:3::3ce	4816 (CHINANET-...) (CHINANET-IDC-GD China Telecom Group)
1 3	170.33.13.110 170.33.13.110	134963 (ASEPL-AS-...) (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited)
1	240e:97b:500:... 240e:97b:500:2000::6	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1 1	47.254.186.248 47.254.186.248	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	106.14.228.190 106.14.228.190	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
35	7

13 66.232.5.217 (Hong Kong, Hong Kong)

ASN59371 (DNC-AS Dimension Network & Communication Limited, HK)

66872.pink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 47.254.187.65 (Frankfurt am Main, Germany)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

kdjfhhg9834.oss-accelerate.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myeytrtuer9831.oss-accelerate.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
khfgsfs87365.oss-accelerate.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 240e:97c:4040:900:3::3ce (China)

ASN4816 (CHINANET-IDC-GD China Telecom Group, CN)

v1.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 170.33.13.110 (Singapore) 1 redirects

ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG)

x6un0ut6cqpgu.hrblsdgjg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 240e:97b:500:2000::6 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

z6.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.254.186.248 (Frankfurt am Main, Germany) 1 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

wwstakcs.oss-accelerate.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 106.14.228.190 (Shanghai, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

utkngmvlxfvvtszhvzfaocibzokauyiw.pdsjiaxiao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	66872.pink 66872.pink	197 KB
8	aliyuncs.com 1 redirects kdjfhhg9834.oss-accelerate.aliyuncs.com myeytrtuer9831.oss-accelerate.aliyuncs.com Failed khfgsfs87365.oss-accelerate.aliyuncs.com Failed wwstakcs.oss-accelerate.aliyuncs.com	353 KB
3	hrblsdgjg.com 1 redirects x6un0ut6cqpgu.hrblsdgjg.com	1 KB
2	cnzz.com v1.cnzz.com — Cisco Umbrella Rank: 65629 z6.cnzz.com — Cisco Umbrella Rank: 72629 c.cnzz.com Failed	5 KB
1	pdsjiaxiao.com utkngmvlxfvvtszhvzfaocibzokauyiw.pdsjiaxiao.com
35	5

	Domain	Requested by
13	66872.pink	66872.pink
4	khfgsfs87365.oss-accelerate.aliyuncs.com	66872.pink
3	x6un0ut6cqpgu.hrblsdgjg.com	1 redirects 66872.pink
2	kdjfhhg9834.oss-accelerate.aliyuncs.com	66872.pink
1	utkngmvlxfvvtszhvzfaocibzokauyiw.pdsjiaxiao.com	66872.pink
1	wwstakcs.oss-accelerate.aliyuncs.com	1 redirects
1	z6.cnzz.com	v1.cnzz.com
1	v1.cnzz.com	66872.pink
1	myeytrtuer9831.oss-accelerate.aliyuncs.com	66872.pink
0	c.cnzz.com Failed	v1.cnzz.com
35	10

This site contains no links.

Subject Issuer	Validity	Valid
66871.pink R11	`2024-09-02` - `2024-12-01`	3 months	crt.sh
*.oss-eu-central-1.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G3	`2024-01-26` - `2025-02-26`	a year	crt.sh
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G3	`2024-02-17` - `2025-03-20`	a year	crt.sh
*.hrblsdgjg.com Sectigo RSA Domain Validation Secure Server CA	`2024-08-21` - `2025-08-21`	a year	crt.sh
*.pdsjiaxiao.com R10	`2024-08-20` - `2024-11-18`	3 months	crt.sh

This page contains 1 frames:

Frame: https://utkngmvlxfvvtszhvzfaocibzokauyiw.pdsjiaxiao.com/fengyun-p8YiP-v7fe2cb77.apk?f=1
Frame ID: B1454193212A734F210AD34B35B65A13
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://66872.pink/ HTTP 307
https://66872.pink/ Page URL
https://66872.pink/?channelCode=66872pink Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

71 %
HTTPS

29 %
IPv6

5
Domains

10
Subdomains

7
IPs

4
Countries

556 kB
Transfer

811 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://66872.pink/ HTTP 307
https://66872.pink/ Page URL
https://66872.pink/?channelCode=66872pink Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://66872.pink/ HTTP 307
https://66872.pink/

Request Chain 33

https://x6un0ut6cqpgu.hrblsdgjg.com:6443/page/o7lc7n1u/install/c/eyJjIjoiNjY4NzJwaW5rIiwibSI6Imw0aTAwUWJaa044QUFBR1JzbG45dGY1dUQzeDUyMmU4T0lub0R5S1pTX3JEblJYbHl1cWx3ZVpKbWZldEVWR1F6cUd2TWtzeDZyZXVMYkw2S1YyZ2xFa2VxQ052dUdObnloUS15YUFXZy1kUy1nOGpQVmZpY3h4QTNDRFp2SFR5MVEifQ==?p=0 HTTP 302
https://wwstakcs.oss-accelerate.aliyuncs.com/p8YiP.html HTTP 302
https://utkngmvlxfvvtszhvzfaocibzokauyiw.pdsjiaxiao.com/fengyun-p8YiP-v7fe2cb77.apk?f=1

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
66872.pink/
Redirect Chain

http://66872.pink/
https://66872.pink/

5 KB
2 KB

1141ms
261ms

Document
text/html

66.232.5.217
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to

Full URL: https://66872.pink/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.232.5.217 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: cdn /
Resource Hash: 86818ba911f03aa31a65a937c9f184e9f85d2e6accc8b01493cf912a434f13e8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 02 Sep 2024 10:48:46 GMT
ETag: W/"66c9860e-12e1"
Last-Modified: Sat, 24 Aug 2024 07:04:46 GMT
Server: cdn
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Cache-Status: MISS

Redirect headers

Location: https://66872.pink/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK index.css
66872.pink/static/css/ 7 KB
2 KB 262ms
261ms Stylesheet
text/css 66.232.5.217
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to

Full URL: https://66872.pink/static/css/index.css
Requested by: Host: 66872.pink
URL: https://66872.pink/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.232.5.217 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: cdn /
Resource Hash: f32b676767a23b139c642101a90430e1a310a4af4107df7db0186cd8b7e3aa0c

Request headers

Referer: https://66872.pink/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:48:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Aug 2024 07:03:43 GMT
Server: cdn
ETag: W/"66c985cf-1c59"
X-Cache-Status: MISS
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Mon, 02 Sep 2024 22:48:46 GMT

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
66872.pink/static/js/ 87 KB
31 KB 528ms
527ms Script
application/javascript 66.232.5.217
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to

Full URL: https://66872.pink/static/js/jquery-3.5.1.min.js
Requested by: Host: 66872.pink
URL: https://66872.pink/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.232.5.217 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: cdn /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://66872.pink/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:48:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Aug 2024 07:03:45 GMT
Server: cdn
ETag: W/"66c985d1-15d84"
X-Cache-Status: MISS
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Mon, 02 Sep 2024 22:48:46 GMT

GET
H/1.1 200
OK appinstall.js Show response
66872.pink/static/js/ 46 KB
18 KB 791ms
523ms Script
application/javascript 66.232.5.217
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to

Full URL: https://66872.pink/static/js/appinstall.js
Requested by: Host: 66872.pink
URL: https://66872.pink/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.232.5.217 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: cdn /
Resource Hash: 7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd

Request headers

Referer: https://66872.pink/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:48:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Aug 2024 07:03:44 GMT
Server: cdn
ETag: W/"66c985d0-b9e1"
X-Cache-Status: MISS
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Mon, 02 Sep 2024 22:48:46 GMT

GET
H/1.1 200
OK fy1.js
kdjfhhg9834.oss-accelerate.aliyuncs.com/ 19 KB
19 KB 851ms
225ms Image
image/png 47.254.187.65
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kdjfhhg9834.oss-accelerate.aliyuncs.com/fy1.js
Requested by: Host: 66872.pink
URL: https://66872.pink/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.65 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash

Request headers

Referer: https://66872.pink/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:48:47 GMT
x-oss-request-id: 66D5980E2AE9D585E8FFB60B
Content-MD5: j6OQh1yHUejydbE34HrAKw==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 19228
x-oss-object-type: Normal
Last-Modified: Sun, 07 Jul 2024 13:44:17 GMT
Server: AliyunOSS
ETag: "8FA390875C8751E8F275B137E07AC02B"
Content-Type: image/png
x-oss-ec: 0048-00000111
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 4963829124004585828
x-oss-server-time: 1

GET kf.js
myeytrtuer9831.oss-accelerate.aliyuncs.com/ 0
0

GET mn.js
66872.pink/static/picture/ 0
0

GET yc-img01.js
khfgsfs87365.oss-accelerate.aliyuncs.com// 0
0

GET yc-img02.js
khfgsfs87365.oss-accelerate.aliyuncs.com// 0
0

GET text.js
66872.pink/static/picture/ 0
0

GET mfk.js
66872.pink/static/picture/ 0
0

GET logo-bottom.js
khfgsfs87365.oss-accelerate.aliyuncs.com// 0
0

GET btn01.js
66872.pink/static/picture/ 0
0

GET btn02.js
66872.pink/static/picture/ 0
0

GET
H/1.1 200
OK Primary Request / Show response
66872.pink/ 5 KB
2 KB 259ms
259ms Document
text/html 66.232.5.217
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to

Full URL: https://66872.pink/?channelCode=66872pink
Requested by: Host: 66872.pink
URL: https://66872.pink/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.232.5.217 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: cdn /
Resource Hash: 86818ba911f03aa31a65a937c9f184e9f85d2e6accc8b01493cf912a434f13e8

Request headers

Referer: https://66872.pink/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 02 Sep 2024 10:48:47 GMT
ETag: W/"66c9860e-12e1"
Last-Modified: Sat, 24 Aug 2024 07:04:46 GMT
Server: cdn
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Cache-Status: MISS

GET
H/1.1 200
OK index.css
66872.pink/static/css/ 7 KB
0 0ms
0ms Stylesheet
text/css 66.232.5.217
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to

Full URL: https://66872.pink/static/css/index.css
Requested by: Host: 66872.pink
URL: https://66872.pink/?channelCode=66872pink
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.232.5.217 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: cdn /
Resource Hash: f32b676767a23b139c642101a90430e1a310a4af4107df7db0186cd8b7e3aa0c

Request headers

Referer: https://66872.pink/?channelCode=66872pink
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:48:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Aug 2024 07:03:43 GMT
Server: cdn
ETag: W/"66c985cf-1c59"
X-Cache-Status: MISS
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Expires: Mon, 02 Sep 2024 22:48:46 GMT

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
66872.pink/static/js/ 87 KB
0 2ms
2ms Script
application/javascript 66.232.5.217
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to

Full URL: https://66872.pink/static/js/jquery-3.5.1.min.js
Requested by: Host: 66872.pink
URL: https://66872.pink/?channelCode=66872pink
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.232.5.217 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: cdn /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://66872.pink/?channelCode=66872pink
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:48:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Aug 2024 07:03:45 GMT
Server: cdn
ETag: W/"66c985d1-15d84"
X-Cache-Status: MISS
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Expires: Mon, 02 Sep 2024 22:48:46 GMT

GET
H/1.1 200
OK appinstall.js Show response
66872.pink/static/js/ 46 KB
0 3ms
3ms Script
application/javascript 66.232.5.217
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to

Full URL: https://66872.pink/static/js/appinstall.js
Requested by: Host: 66872.pink
URL: https://66872.pink/?channelCode=66872pink
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.232.5.217 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: cdn /
Resource Hash: 7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd

Request headers

Referer: https://66872.pink/?channelCode=66872pink
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:48:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Aug 2024 07:03:44 GMT
Server: cdn
ETag: W/"66c985d0-b9e1"
X-Cache-Status: MISS
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Expires: Mon, 02 Sep 2024 22:48:46 GMT

GET
H/1.1 200
OK fy1.js
kdjfhhg9834.oss-accelerate.aliyuncs.com/ 19 KB
0 3ms
3ms Image
image/png 47.254.187.65
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kdjfhhg9834.oss-accelerate.aliyuncs.com/fy1.js
Requested by: Host: 66872.pink
URL: https://66872.pink/?channelCode=66872pink
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.65 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: a0b77b0c63441450e71aca2c058908562c8140d225b5507097bd883fbd24fdc7

Request headers

Referer: https://66872.pink/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:48:47 GMT
x-oss-request-id: 66D5980E2AE9D585E8FFB60B
Content-MD5: j6OQh1yHUejydbE34HrAKw==
Content-Disposition: attachment
Content-Length: 19228
x-oss-object-type: Normal
Last-Modified: Sun, 07 Jul 2024 13:44:17 GMT
Server: AliyunOSS
ETag: "8FA390875C8751E8F275B137E07AC02B"
Content-Type: image/png
x-oss-ec: 0048-00000111
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 4963829124004585828
x-oss-server-time: 1

GET
H/1.1 200
OK kf.js
myeytrtuer9831.oss-accelerate.aliyuncs.com/ 55 KB
55 KB 259ms
204ms Image
image/png 47.254.187.65
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myeytrtuer9831.oss-accelerate.aliyuncs.com/kf.js
Requested by: Host: 66872.pink
URL: https://66872.pink/?channelCode=66872pink
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.65 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 5e9ec696c928db7392bd5e2d2365f38d3b288d3ebbb23a244724d8b032f722eb

Request headers

Referer: https://66872.pink/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:48:47 GMT
x-oss-request-id: 66D5980F4C216D4A02C5F64B
Content-MD5: j5k9q+Ii1jQA+2LPp7WLig==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 56219
x-oss-object-type: Normal
Last-Modified: Sat, 06 Jul 2024 15:02:37 GMT
Server: AliyunOSS
ETag: "8F993DABE222D63400FB62CFA7B58B8A"
Content-Type: image/png
x-oss-ec: 0048-00000111
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 6418786395435602069
x-oss-server-time: 2

GET
H/1.1 200
OK mn.js
66872.pink/static/picture/ 99 B
430 B 255ms
254ms Image
application/javascript 66.232.5.217
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://66872.pink/static/picture/mn.js
Requested by: Host: 66872.pink
URL: https://66872.pink/?channelCode=66872pink
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.232.5.217 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: cdn /
Resource Hash: c166dd0402b60f1b6287f3ddd0c3e124a57eaa47418d2c63c68f13aeadd697ca

Request headers

Referer: https://66872.pink/?channelCode=66872pink
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:48:47 GMT
Last-Modified: Sat, 24 Aug 2024 07:03:50 GMT
Server: cdn
ETag: "66c985d6-63"
X-Cache-Status: HIT
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 99
Expires: Mon, 02 Sep 2024 22:44:58 GMT

GET
H/1.1 200
OK yc-img01.js
khfgsfs87365.oss-accelerate.aliyuncs.com// 90 KB
90 KB 607ms
184ms Image
application/javascript 47.254.187.65
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khfgsfs87365.oss-accelerate.aliyuncs.com//yc-img01.js
Requested by: Host: 66872.pink
URL: https://66872.pink/?channelCode=66872pink
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.65 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 5108dcf86095bfd5014f1957d23ffc12ed62c342af763c67c92d887d832fb0b7

Request headers

Referer: https://66872.pink/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:48:47 GMT
Content-Encoding: gzip
x-oss-request-id: 66D5980F2F5D6912B8E054E9
Content-MD5: +BTj2YqwIQ2J3A3mhiFcrg==
Transfer-Encoding: chunked
Content-Disposition: attachment
Connection: keep-alive
x-oss-object-type: Normal
Last-Modified: Sat, 03 Aug 2024 11:48:13 GMT
Server: AliyunOSS
Vary: Accept-Encoding
Content-Type: application/javascript
x-oss-ec: 0048-00000111
x-oss-force-download: true
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 14683157842145807707
x-oss-server-time: 2

GET
H/1.1 200
OK yc-img02.js
khfgsfs87365.oss-accelerate.aliyuncs.com// 72 KB
73 KB 658ms
217ms Image
application/javascript 47.254.187.65
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khfgsfs87365.oss-accelerate.aliyuncs.com//yc-img02.js
Requested by: Host: 66872.pink
URL: https://66872.pink/?channelCode=66872pink
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.65 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 149ce00ac148761770fd3503ae5cd0b426335b3f6b1d03e9f3ac4dd7bc0a7202

Request headers

Referer: https://66872.pink/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:48:47 GMT
Content-Encoding: gzip
x-oss-request-id: 66D5980FAB4B81C4E5C5B1B3
Content-MD5: pptbPoJYHerkG9aihTA4yA==
Transfer-Encoding: chunked
Content-Disposition: attachment
Connection: keep-alive
x-oss-object-type: Normal
Last-Modified: Sat, 03 Aug 2024 11:48:19 GMT
Server: AliyunOSS
Vary: Accept-Encoding
Content-Type: application/javascript
x-oss-ec: 0048-00000111
x-oss-force-download: true
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 3205691878695374608
x-oss-server-time: 2

GET
H/1.1 200
OK text.js
66872.pink/static/picture/ 99 B
430 B 492ms
256ms Image
application/javascript 66.232.5.217
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://66872.pink/static/picture/text.js
Requested by: Host: 66872.pink
URL: https://66872.pink/?channelCode=66872pink
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.232.5.217 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: cdn /
Resource Hash: c166dd0402b60f1b6287f3ddd0c3e124a57eaa47418d2c63c68f13aeadd697ca

Request headers

Referer: https://66872.pink/?channelCode=66872pink
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:48:47 GMT
Last-Modified: Sat, 24 Aug 2024 07:03:50 GMT
Server: cdn
ETag: "66c985d6-63"
X-Cache-Status: HIT
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 99
Expires: Mon, 02 Sep 2024 22:44:58 GMT

GET
H/1.1 200
OK mfk.js
66872.pink/static/picture/ 80 KB
81 KB 1034ms
540ms Image
application/javascript 66.232.5.217
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://66872.pink/static/picture/mfk.js
Requested by: Host: 66872.pink
URL: https://66872.pink/?channelCode=66872pink
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.232.5.217 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: cdn /
Resource Hash: 88545667c334739172531629ac5ca11504787add264505c4362c195067c8a45d

Request headers

Referer: https://66872.pink/?channelCode=66872pink
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:48:47 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Aug 2024 07:03:49 GMT
Server: cdn
ETag: W/"66c985d5-14077"
X-Cache-Status: MISS
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Mon, 02 Sep 2024 22:48:47 GMT

GET
H/1.1 200
OK logo-bottom.js
khfgsfs87365.oss-accelerate.aliyuncs.com// 40 KB
40 KB 651ms
229ms Image
application/javascript 47.254.187.65
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khfgsfs87365.oss-accelerate.aliyuncs.com//logo-bottom.js
Requested by: Host: 66872.pink
URL: https://66872.pink/?channelCode=66872pink
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.65 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 6c2508cb53a6d8f64f9599d1b23df17b37c4e30c4446d8f6e3c6bae23552ac56

Request headers

Referer: https://66872.pink/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:48:47 GMT
Content-Encoding: gzip
x-oss-request-id: 66D5980F4C216D4A02C5F76A
Content-MD5: tmoiEZYLg880nm5RPIVs1g==
Transfer-Encoding: chunked
Content-Disposition: attachment
Connection: keep-alive
x-oss-object-type: Normal
Last-Modified: Sat, 03 Aug 2024 11:48:06 GMT
Server: AliyunOSS
Vary: Accept-Encoding
Content-Type: application/javascript
x-oss-ec: 0048-00000111
x-oss-force-download: true
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 3883928041166252433
x-oss-server-time: 1

GET
H/1.1 200
OK btn01.js
66872.pink/static/picture/ 29 KB
29 KB 1029ms
531ms Image
application/javascript 66.232.5.217
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://66872.pink/static/picture/btn01.js
Requested by: Host: 66872.pink
URL: https://66872.pink/?channelCode=66872pink
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.232.5.217 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: cdn /
Resource Hash: fe6368354edcf6c5a42f42ba5e3efc11853b04e12fc078bfd98eb88f9a2c7e60

Request headers

Referer: https://66872.pink/?channelCode=66872pink
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:48:47 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Aug 2024 07:03:48 GMT
Server: cdn
ETag: W/"66c985d4-7340"
X-Cache-Status: MISS
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Mon, 02 Sep 2024 22:48:47 GMT

GET
H/1.1 200
OK btn02.js
66872.pink/static/picture/ 31 KB
31 KB 1035ms
525ms Image
application/javascript 66.232.5.217
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://66872.pink/static/picture/btn02.js
Requested by: Host: 66872.pink
URL: https://66872.pink/?channelCode=66872pink
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.232.5.217 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: cdn /
Resource Hash: 546564c5cfc158e38e35699cfb17fa260de9e103cf33b9e505f6cf34c1920bfc

Request headers

Referer: https://66872.pink/?channelCode=66872pink
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:48:47 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Aug 2024 07:03:48 GMT
Server: cdn
ETag: W/"66c985d4-7bb1"
X-Cache-Status: MISS
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Mon, 02 Sep 2024 22:48:47 GMT

GET
H2 200 z.js Show response
v1.cnzz.com/ 10 KB
5 KB 4177ms
2628ms Script
application/javascript 240e:97c:4040:900:3::3ce
CHINANET-IDC-GD C...

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.cnzz.com/z.js?id=1281319186&show=pic
Requested by: Host: 66872.pink
URL: https://66872.pink/?channelCode=66872pink
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 240e:97c:4040:900:3::3ce , China, ASN4816 (CHINANET-IDC-GD China Telecom Group, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 2fd4f30bee3927bd5b6fd64dfb9431881e9e92125c1d5e66821ba0d27bc43892

Request headers

Referer: https://66872.pink/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 02 Sep 2024 10:48:49 GMT
content-encoding: gzip
via: cache15.l2cn1802[86,86,200-0,H], cache49.l2cn1802[87,0], cache19.cn4594[147,147,200-0,M], cache5.cn4594[149,0]
age: 0
x-swift-cachetime: 300
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Mon, 02 Sep 2024 10:48:49 GMT
content-length: 4395
server: Tengine
etag: W/"6903921586899513467"
vary: accept-encoding
ali-swift-global-savetime: 1725274129
content-type: application/javascript
cache-control: public, max-age=300
timing-allow-origin: *
eagleid: 716c4b1917252741290064978e

POST
H2 200 init Show response
x6un0ut6cqpgu.hrblsdgjg.com/web/o7lc7n1u/66872pi/ 783 B
931 B 619ms
208ms XHR
application/json 170.33.13.110
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://x6un0ut6cqpgu.hrblsdgjg.com:6443/web/o7lc7n1u/66872pi/init?channelCode=66872pink&av=0&cv=0&hash=&server=https%3A%2F%2Fx6un0ut6cqpgu.hrblsdgjg.com%3A6443&sw=p6Cmpg&sh=p6Smpg&sp=1&li=p6GkuKehuKa4oqE

Requested by

Host: 66872.pink
URL: https://66872.pink/static/js/appinstall.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

170.33.13.110 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),

Reverse DNS

Software

NgxFence /

Resource Hash

dd52644f8c8108b5e3d5f3a1f51c7287e5ce3b01bff8d2b2abda2a4a580c2741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://66872.pink/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 02 Sep 2024 10:48:47 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
server: NgxFence
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://66872.pink
access-control-allow-credentials: true

GET
H/1.1 200
OK bg.js
khfgsfs87365.oss-accelerate.aliyuncs.com/ 75 KB
76 KB 643ms
228ms Image
application/javascript 47.254.187.65
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khfgsfs87365.oss-accelerate.aliyuncs.com/bg.js
Requested by: Host: 66872.pink
URL: https://66872.pink/?channelCode=66872pink
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.65 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: be0b002f030f2737762095e2a209bea61cf5bcab5dcf6c5e11d28468863fb4a1

Request headers

Referer: https://66872.pink/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 02 Sep 2024 10:48:47 GMT
Content-Encoding: gzip
x-oss-request-id: 66D5980F81C2E1EEA1DB861E
Content-MD5: mDo2WIi/EkWvABZalmUWwg==
Transfer-Encoding: chunked
Content-Disposition: attachment
Connection: keep-alive
x-oss-object-type: Normal
Last-Modified: Sat, 03 Aug 2024 11:48:00 GMT
Server: AliyunOSS
Vary: Accept-Encoding
Content-Type: application/javascript
x-oss-ec: 0048-00000111
x-oss-force-download: true
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 13613968935482302657
x-oss-server-time: 2

POST
H2 200 stat.htm
z6.cnzz.com/ 2 B
123 B 3919ms
1778ms Ping
text/html 240e:97b:500:2000::6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://z6.cnzz.com/stat.htm?id=1281319186&r=https%3A%2F%2F66872.pink%2F&lg=it-it&ntime=none&cnzz_eid=1005960733-1725274131-https%3A%2F%2F66872.pink%2F&showp=1600x1200&p=https%3A%2F%2F66872.pink%2F%3FchannelCode%3D66872pink&t=&umuuid=191b25a0c0511af-029bb3091f3e01-1f462c6f-1d4c00-191b25a0c061788&h=1
Requested by: Host: v1.cnzz.com
URL: https://v1.cnzz.com/z.js?id=1281319186&show=pic
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 240e:97b:500:2000::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://66872.pink/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 10:48:54 GMT
content-encoding: gzip
server: Tengine
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET c.js
c.cnzz.com/ 0
0

POST
H2 200 eyJjIjoiNjY4NzJwaW5rIiwibSI6Il9sMmRkVUhmMzRZQUFBR1JzbG45dFItOHpfc25udDVwclRtdzlkNk5jU3p5Y1gxVlhwM0dXU3lZYmpVZUZGRF9NZmhlaUVMbXpTZVBsOU5XUGRkSGlkb1Q3bzJYTW85TTlWaEdiYzh0NFA2d1BQVk9WbXNCM3loRmhzRng3O...
x6un0ut6cqpgu.hrblsdgjg.com/web/o7lc7n1u/66872pi/clicked/c/ 0
282 B 194ms
194ms Ping
text/plain 170.33.13.110
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://x6un0ut6cqpgu.hrblsdgjg.com:6443/web/o7lc7n1u/66872pi/clicked/c/eyJjIjoiNjY4NzJwaW5rIiwibSI6Il9sMmRkVUhmMzRZQUFBR1JzbG45dFItOHpfc25udDVwclRtdzlkNk5jU3p5Y1gxVlhwM0dXU3lZYmpVZUZGRF9NZmhlaUVMbXpTZVBsOU5XUGRkSGlkb1Q3bzJYTW85TTlWaEdiYzh0NFA2d1BQVk9WbXNCM3loRmhzRng3OUZtYlEifQ==?p=0&ref=https%3A%2F%2F66872.pink%2F%3FchannelCode%3D66872pink&ac=0&cc=0&channelCode=66872pink

Requested by

Host: 66872.pink
URL: https://66872.pink/static/js/appinstall.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

170.33.13.110 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),

Reverse DNS

Software

NgxFence /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://66872.pink/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 10:48:52 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
server: NgxFence
vary: Origin, Origin
access-control-allow-origin: https://66872.pink
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0

GET
H/1.1

200
OK

fengyun-p8YiP-v7fe2cb77.apk
utkngmvlxfvvtszhvzfaocibzokauyiw.pdsjiaxiao.com/
Redirect Chain

https://x6un0ut6cqpgu.hrblsdgjg.com:6443/page/o7lc7n1u/install/c/eyJjIjoiNjY4NzJwaW5rIiwibSI6Imw0aTAwUWJaa044QUFBR1JzbG45dGY1dUQzeDUyMmU4T0lub0R5S1pTX3JEblJYbHl1cWx3ZVpKbWZldEVWR1F6cUd2TWtzeDZyZXVM...
https://wwstakcs.oss-accelerate.aliyuncs.com/p8YiP.html
https://utkngmvlxfvvtszhvzfaocibzokauyiw.pdsjiaxiao.com/fengyun-p8YiP-v7fe2cb77.apk?f=1

0
0

5377ms
664ms

Document
application/vnd.android.package-archive

106.14.228.190
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://utkngmvlxfvvtszhvzfaocibzokauyiw.pdsjiaxiao.com/fengyun-p8YiP-v7fe2cb77.apk?f=1
Requested by: Host: 66872.pink
URL: https://66872.pink/static/js/appinstall.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 106.14.228.190 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash

Request headers

Referer: https://66872.pink/?channelCode=66872pink
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 39224005
Content-MD5: MnxmItH5pO/ee7ibZX7KtA==
Content-Type: application/vnd.android.package-archive
Date: Mon, 02 Sep 2024 10:49:00 GMT
ETag: "327C6622D1F9A4EFDE7BB89B657ECAB4"
Last-Modified: Mon, 02 Sep 2024 10:32:28 GMT
Server: AliyunOSS
x-oss-expiration: expiry-date="Wed, 04 Sep 2024 00:00:00 GMT", rule-id="SSOKCUF"
x-oss-hash-crc64ecma: 5386444209016240890
x-oss-object-type: Normal
x-oss-request-id: 66D5981C8BC801383448A5F0
x-oss-server-time: 22
x-oss-storage-class: Standard

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Mon, 02 Sep 2024 10:48:55 GMT
Location: https://utkngmvlxfvvtszhvzfaocibzokauyiw.pdsjiaxiao.com/fengyun-p8YiP-v7fe2cb77.apk?f=1#t=1725273153466&auth_key=1725274135-0-0-8fb8dcab62eb8152fcd414235981a0da
Server: AliyunOSS
x-oss-request-id: 66D59816FA615D16C4E7CBAF

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: myeytrtuer9831.oss-accelerate.aliyuncs.com
URL: https://myeytrtuer9831.oss-accelerate.aliyuncs.com/kf.js

Domain: 66872.pink
URL: https://66872.pink/static/picture/mn.js

Domain: khfgsfs87365.oss-accelerate.aliyuncs.com
URL: https://khfgsfs87365.oss-accelerate.aliyuncs.com//yc-img01.js

Domain: khfgsfs87365.oss-accelerate.aliyuncs.com
URL: https://khfgsfs87365.oss-accelerate.aliyuncs.com//yc-img02.js

Domain: 66872.pink
URL: https://66872.pink/static/picture/text.js

Domain: 66872.pink
URL: https://66872.pink/static/picture/mfk.js

Domain: khfgsfs87365.oss-accelerate.aliyuncs.com
URL: https://khfgsfs87365.oss-accelerate.aliyuncs.com//logo-bottom.js

Domain: 66872.pink
URL: https://66872.pink/static/picture/btn01.js

Domain: 66872.pink
URL: https://66872.pink/static/picture/btn02.js

Domain: c.cnzz.com
URL: https://c.cnzz.com/c.js?web_id=1281319186&show=pic&t=z

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.66872.pink/	1970-01-21 03:36:38	Name: UM_distinctid Value: 191b25a0c0511af-029bb3091f3e01-1f462c6f-1d4c00-191b25a0c061788
			66872.pink/	1970-01-21 03:36:38	Name: CNZZDATA1281319186 Value: 1005960733-1725274131-https%253A%252F%252F66872.pink%252F%7C1725274131

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://66872.pink/?channelCode=66872pink(Line 140) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://v1.cnzz.com/z.js?id=1281319186&show=pic, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://66872.pink/?channelCode=66872pink(Line 140) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://v1.cnzz.com/z.js?id=1281319186&show=pic, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://v1.cnzz.com/z.js?id=1281319186&show=pic Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/c.js?web_id=1281319186&show=pic&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://v1.cnzz.com/z.js?id=1281319186&show=pic Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/c.js?web_id=1281319186&show=pic&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

66872.pink
c.cnzz.com
kdjfhhg9834.oss-accelerate.aliyuncs.com
khfgsfs87365.oss-accelerate.aliyuncs.com
myeytrtuer9831.oss-accelerate.aliyuncs.com
utkngmvlxfvvtszhvzfaocibzokauyiw.pdsjiaxiao.com
v1.cnzz.com
wwstakcs.oss-accelerate.aliyuncs.com
x6un0ut6cqpgu.hrblsdgjg.com
z6.cnzz.com
66872.pink
c.cnzz.com
khfgsfs87365.oss-accelerate.aliyuncs.com
myeytrtuer9831.oss-accelerate.aliyuncs.com
106.14.228.190
170.33.13.110
240e:97b:500:2000::6
240e:97c:4040:900:3::3ce
47.254.186.248
47.254.187.65
66.232.5.217
149ce00ac148761770fd3503ae5cd0b426335b3f6b1d03e9f3ac4dd7bc0a7202
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2fd4f30bee3927bd5b6fd64dfb9431881e9e92125c1d5e66821ba0d27bc43892
5108dcf86095bfd5014f1957d23ffc12ed62c342af763c67c92d887d832fb0b7
546564c5cfc158e38e35699cfb17fa260de9e103cf33b9e505f6cf34c1920bfc
5e9ec696c928db7392bd5e2d2365f38d3b288d3ebbb23a244724d8b032f722eb
6c2508cb53a6d8f64f9599d1b23df17b37c4e30c4446d8f6e3c6bae23552ac56
7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd
86818ba911f03aa31a65a937c9f184e9f85d2e6accc8b01493cf912a434f13e8
88545667c334739172531629ac5ca11504787add264505c4362c195067c8a45d
a0b77b0c63441450e71aca2c058908562c8140d225b5507097bd883fbd24fdc7
be0b002f030f2737762095e2a209bea61cf5bcab5dcf6c5e11d28468863fb4a1
c166dd0402b60f1b6287f3ddd0c3e124a57eaa47418d2c63c68f13aeadd697ca
dd52644f8c8108b5e3d5f3a1f51c7287e5ce3b01bff8d2b2abda2a4a580c2741
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f32b676767a23b139c642101a90430e1a310a4af4107df7db0186cd8b7e3aa0c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe6368354edcf6c5a42f42ba5e3efc11853b04e12fc078bfd98eb88f9a2c7e60

66872.pink Open in urlscan Pro 66.232.5.217 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

71 %HTTPS

29 %IPv6

5 Domains

10 Subdomains

7 IPs

4 Countries

556 kBTransfer

811 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

2 Cookies

4 Console Messages

66872.pink Open in urlscan Pro
66.232.5.217 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

71 %
HTTPS

29 %
IPv6

5
Domains

10
Subdomains

7
IPs

4
Countries

556 kB
Transfer

811 kB
Size

2
Cookies

35 HTTP transactions
0 data transactions