lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 7 HTTP transactions. The main IP is 43.142.231.143, located in and belongs to . The main domain is lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com.

This is the only time lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.255.119.253 162.255.119.253	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	61.160.192.97 61.160.192.97	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
2	43.248.103.237 43.248.103.237	23650 (CHINANET-...) (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone)
1	43.142.231.143 43.142.231.143	() ()
7	4

1 162.255.119.253 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)

889d.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 61.160.192.97 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

reader-statics.duzhe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 43.248.103.237 (China)

ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN)

24130js.xn--xhq8sm16c5ls.xn--55qx5d	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.xn--cjrs0sv8hx33bvec.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.142.231.143 (None, )

ASN- ()

lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	duzhe.com reader-statics.duzhe.com	2 KB
1	tencentclb.com lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com	742 B
1	xn--cjrs0sv8hx33bvec.cn api.xn--cjrs0sv8hx33bvec.cn	588 B
1	function sub() { [native code] }.	9 KB
1	889d.cc 1 redirects 889d.cc	350 B
7	5

	Domain	Requested by
2	reader-statics.duzhe.com
1	lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com	24130js.xn--xhq8sm16c5ls.xn--55qx5d lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com
1	api.xn--cjrs0sv8hx33bvec.cn	24130js.xn--xhq8sm16c5ls.xn--55qx5d
1	24130js.xn--xhq8sm16c5ls.xn--55qx5d	reader-statics.duzhe.com
1	889d.cc	1 redirects
7	5

This site contains no links.

Subject Issuer	Validity	Valid
*.duzhe.com cnTrus OV SSL CA	`2024-01-30` - `2025-01-29`	a year	crt.sh
24130js.xn--xhq8sm16c5ls.xn--55qx5d sslTrus (RSA) DV CA	`2024-02-13` - `2024-05-13`	3 months	crt.sh
api.xn--cjrs0sv8hx33bvec.cn sslTrus (RSA) DV CA	`2024-03-09` - `2024-06-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com/?key=HxlUTLrI
Frame ID: 3D79ED73701476A2F70941970F8A9B93
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://889d.cc/ HTTP 307
https://889d.cc/ HTTP 307
http://889d.cc/ HTTP 302
http://reader-statics.duzhe.com/4b36f33a-36ed-4670-b2cb-e9760c7b80e2.html?code=pXhxqy&t=1713410449&r=f2b2d70... HTTP 307
https://reader-statics.duzhe.com/4b36f33a-36ed-4670-b2cb-e9760c7b80e2.html?code=pXhxqy&t=1713410449&r=f2b2d70... Page URL
http://lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com/?key=HxlUTLrI HTTP 307
https://lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com/?key=HxlUTLrI HTTP 307
http://lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com/?key=HxlUTLrI Page URL

Page Statistics

7
Requests

57 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

13 kB
Transfer

24 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://889d.cc/ HTTP 307
https://889d.cc/ HTTP 307
http://889d.cc/ HTTP 302
http://reader-statics.duzhe.com/4b36f33a-36ed-4670-b2cb-e9760c7b80e2.html?code=pXhxqy&t=1713410449&r=f2b2d707a1a1447e00d5ee68ea31a9d7 HTTP 307
https://reader-statics.duzhe.com/4b36f33a-36ed-4670-b2cb-e9760c7b80e2.html?code=pXhxqy&t=1713410449&r=f2b2d707a1a1447e00d5ee68ea31a9d7 Page URL
http://lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com/?key=HxlUTLrI HTTP 307
https://lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com/?key=HxlUTLrI HTTP 307
http://lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com/?key=HxlUTLrI Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://889d.cc/ HTTP 307
https://889d.cc/ HTTP 307
http://889d.cc/ HTTP 302
http://reader-statics.duzhe.com/4b36f33a-36ed-4670-b2cb-e9760c7b80e2.html?code=pXhxqy&t=1713410449&r=f2b2d707a1a1447e00d5ee68ea31a9d7 HTTP 307
https://reader-statics.duzhe.com/4b36f33a-36ed-4670-b2cb-e9760c7b80e2.html?code=pXhxqy&t=1713410449&r=f2b2d707a1a1447e00d5ee68ea31a9d7

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

4b36f33a-36ed-4670-b2cb-e9760c7b80e2.html Show response
reader-statics.duzhe.com/
Redirect Chain

http://889d.cc/
https://889d.cc/
http://889d.cc/
http://reader-statics.duzhe.com/4b36f33a-36ed-4670-b2cb-e9760c7b80e2.html?code=pXhxqy&t=1713410449&r=f2b2d707a1a1447e00d5ee68ea31a9d7
https://reader-statics.duzhe.com/4b36f33a-36ed-4670-b2cb-e9760c7b80e2.html?code=pXhxqy&t=1713410449&r=f2b2d707a1a1447e00d5ee68ea31a9d7

2 KB
2 KB

1786ms
345ms

Document
text/html

61.160.192.97
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://reader-statics.duzhe.com/4b36f33a-36ed-4670-b2cb-e9760c7b80e2.html?code=pXhxqy&t=1713410449&r=f2b2d707a1a1447e00d5ee68ea31a9d7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.160.192.97 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine /
Resource Hash: ff1fd39ca9fda60080f940753fe5c621ec6935a0ecf4369f37fd941cc2f262d7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

ali-swift-global-savetime: 1714459642
cache-control: no-cache
content-disposition: inline;filename=4b36f33a-36ed-4670-b2cb-e9760c7b80e2.html
content-encoding: gzip
content-md5: HCZubDOLgUu7uBQNSUbgWw==
content-type: text/html
date: Tue, 30 Apr 2024 06:47:22 GMT
eagleid: 3da0c00b17144596427706931e
last-modified: Mon, 15 Apr 2024 02:32:27 GMT
server: Tengine
timing-allow-origin: *
vary: Accept-Encoding
via: cache22.l2cn1827[56,56,200-0,M], cache65.l2cn1827[58,0], kunlun4.cn6425[137,136,200-0,M], kunlun1.cn6425[138,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-oss-cdn-auth: success
x-oss-hash-crc64ecma: 9185995643491806113
x-oss-object-type: Normal
x-oss-request-id: 663093FA9069CD3234824D28
x-oss-server-time: 2
x-oss-storage-class: Standard
x-swift-cachetime: 0
x-swift-savetime: Tue, 30 Apr 2024 06:47:22 GMT

Redirect headers

Location: https://reader-statics.duzhe.com/4b36f33a-36ed-4670-b2cb-e9760c7b80e2.html?code=pXhxqy&t=1713410449&r=f2b2d707a1a1447e00d5ee68ea31a9d7
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 jm.js Show response
24130js.xn--xhq8sm16c5ls.xn--55qx5d/dazhu/ 21 KB
9 KB 1650ms
202ms Script
application/javascript 43.248.103.237
CHINANET-JIANGSU-...

General

Check archive.org

Show headers Download Go to

Full URL

https://24130js.xn--xhq8sm16c5ls.xn--55qx5d/dazhu/jm.js

Requested by

Host: reader-statics.duzhe.com
URL: https://reader-statics.duzhe.com/4b36f33a-36ed-4670-b2cb-e9760c7b80e2.html?code=pXhxqy&t=1713410449&r=f2b2d707a1a1447e00d5ee68ea31a9d7

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

43.248.103.237 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),

Reverse DNS

Software

nginx /

Resource Hash

5f8dce737aa98d0a1a37101348cc83aa5e1ef11ecb1c7f76cdbf6142a70f3485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reader-statics.duzhe.com/4b36f33a-36ed-4670-b2cb-e9760c7b80e2.html?code=pXhxqy&t=1713410449&r=f2b2d707a1a1447e00d5ee68ea31a9d7
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:47:24 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 03 Jan 2024 05:55:34 GMT
server: nginx
etag: W/"6594f6d6-524d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 30 Apr 2024 18:47:24 GMT

GET
H2 200 pXhxqy
api.xn--cjrs0sv8hx33bvec.cn/api/find/key/ 126 B
588 B 2089ms
574ms XHR
application/json 43.248.103.237
CHINANET-JIANGSU-...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xn--cjrs0sv8hx33bvec.cn/api/find/key/pXhxqy

Requested by

Host: 24130js.xn--xhq8sm16c5ls.xn--55qx5d
URL: https://24130js.xn--xhq8sm16c5ls.xn--55qx5d/dazhu/jm.js

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

43.248.103.237 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reader-statics.duzhe.com/4b36f33a-36ed-4670-b2cb-e9760c7b80e2.html?code=pXhxqy&t=1713410449&r=f2b2d707a1a1447e00d5ee68ea31a9d7
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:47:27 GMT
strict-transport-security: max-age=31536000
server: nginx
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reader-statics.duzhe.com
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With

GET
H2 404 favicon.ico
reader-statics.duzhe.com/ 382 B
686 B 271ms
271ms Other
application/xml 61.160.192.97
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://reader-statics.duzhe.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.160.192.97 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 434e2ed5ceb1a28d6d11ce61355be8ffa544438bf3f5ed65b187329f7f6c43d5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://reader-statics.duzhe.com/4b36f33a-36ed-4670-b2cb-e9760c7b80e2.html?code=pXhxqy&t=1713410449&r=f2b2d707a1a1447e00d5ee68ea31a9d7
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:47:25 GMT
via: cache9.l2cn1827[49,49,404-1280,M], cache52.l2cn1827[50,0], kunlun8.cn6425[65,65,404-1280,M], kunlun1.cn6425[66,0]
x-oss-request-id: 663093FD83994932372D3EFE
x-swift-error: orig response 4XX error
x-swift-cachetime: 1
x-cache: MISS TCP_MISS dirn:-2:-2
x-oss-cdn-auth: success
x-swift-savetime: Tue, 30 Apr 2024 06:47:25 GMT
content-length: 382
server: Tengine
ali-swift-global-savetime: 1714459645
x-oss-ec: 0026-00000001
content-type: application/xml
timing-allow-origin: *
eagleid: 3da0c00b17144596453181942e
x-oss-server-time: 1

GET
H/1.1

200
OK

Primary Request /
lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com/
Redirect Chain

http://lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com/?key=HxlUTLrI
https://lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com/?key=HxlUTLrI
http://lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com/?key=HxlUTLrI

511 B
742 B

1482ms
1481ms

Document
text/html

43.142.231.143

General

Check archive.org

Show headers Download Go to

Full URL: http://lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com/?key=HxlUTLrI
Requested by: Host: 24130js.xn--xhq8sm16c5ls.xn--55qx5d
URL: https://24130js.xn--xhq8sm16c5ls.xn--55qx5d/dazhu/jm.js
Protocol: HTTP/1.1
Server: 43.142.231.143 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://reader-statics.duzhe.com/4b36f33a-36ed-4670-b2cb-e9760c7b80e2.html?code=pXhxqy&t=1713410449&r=f2b2d707a1a1447e00d5ee68ea31a9d7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 511
Content-Type: text/html
Date: Tue, 30 Apr 2024 06:47:31 GMT
ETag: "661badd1-1ff"
Last-Modified: Sun, 14 Apr 2024 10:20:01 GMT
Server: nginx

Redirect headers

Location: http://lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com/?key=HxlUTLrI
Non-Authoritative-Reason: HttpsUpgrades

GET index-6xiIw9On.js
lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com/assets/ 0
0

GET index-BSyhSD3A.css
lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com/assets/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com
URL: http://lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com/assets/index-6xiIw9On.js

Domain: lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com
URL: http://lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com/assets/index-BSyhSD3A.css

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://reader-statics.duzhe.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

24130js.xn--xhq8sm16c5ls.xn--55qx5d
889d.cc
api.xn--cjrs0sv8hx33bvec.cn
lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com
reader-statics.duzhe.com
lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com
162.255.119.253
43.142.231.143
43.248.103.237
61.160.192.97
434e2ed5ceb1a28d6d11ce61355be8ffa544438bf3f5ed65b187329f7f6c43d5
5f8dce737aa98d0a1a37101348cc83aa5e1ef11ecb1c7f76cdbf6142a70f3485
ff1fd39ca9fda60080f940753fe5c621ec6935a0ecf4369f37fd941cc2f262d7

lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com Open in urlscan Pro 43.142.231.143 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

7 Requests

57 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

4 IPs

2 Countries

13 kBTransfer

24 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

lb-8c0oer6r-wrcvq0z9xhde7253.clb.ap-shanghai.tencentclb.com Open in urlscan Pro
43.142.231.143 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

57 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

13 kB
Transfer

24 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions