urlscan.io logo urlscan.io
SecurityTrails logo

fly.qzbwcwu.xyz Open in urlscan Pro
143.92.48.63  Public Scan

Go To Rescan Add Verdict Report
URL: https://fly.qzbwcwu.xyz/
Submission: On September 13 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 22 HTTP transactions. The main IP is 143.92.48.63, located in Hong Kong, Hong Kong and belongs to BCPL-SG BGPNET Global ASN, SG. The main domain is fly.qzbwcwu.xyz.
TLS certificate: Issued by R3 on September 9th 2023. Valid for: 3 months.
This is the only time fly.qzbwcwu.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 143.92.48.63 64050 (BCPL-SG B...)
1 43.135.83.230 132203 (TENCENT-N...)
22 3
Apex Domain
Subdomains		 Transfer
21 qzbwcwu.xyz
fly.qzbwcwu.xyz
1 MB
1 hbniu.com
tcdn.hbniu.com
3 KB
22 2
Domain Requested by
21 fly.qzbwcwu.xyz fly.qzbwcwu.xyz
1 tcdn.hbniu.com
22 2

This site contains links to these domains. Also see Links.

Domain
www.manycai.com
www.lopa1k9.xyz
www.manycai.club
www.jdcfwealth.com
Subject Issuer Validity Valid
bot.ybazt.xyz
R3		 2023-09-09 -
2023-12-08		 3 months crt.sh
tcdn.sioe4t.xyz
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://fly.qzbwcwu.xyz/
Frame ID: 73F46C01A285589EC10571A6B241B306
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TD LOTO

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

1452 kB
Transfer

4916 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fly.qzbwcwu.xyz/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fly.qzbwcwu.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.92.48.63 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
b7cc3a6803c7af170e1b91e721a3d56eb5c6d8f7d36274e94c88f0fec5e7de0c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers
Authorization, Set-Cookie
access-control-max-age
86400
cache-control
private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 13 Sep 2023 05:48:14 GMT
server
nginx
vary
Accept-Encoding
x-ratelimit-limit
300
x-ratelimit-remaining
299
0.26a777349f33e4cd4a1b.css
fly.qzbwcwu.xyz/webx/td/desktop/styles/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fly.qzbwcwu.xyz/webx/td/desktop/styles/0.26a777349f33e4cd4a1b.css?v=23.08.19.14532
Requested by
Host: fly.qzbwcwu.xyz
URL: https://fly.qzbwcwu.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.92.48.63 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
7879bdfa80b78ef49786bc8e66f3bdd0174ee05b02d0ade6f0a9fcf3f53c1057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fly.qzbwcwu.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 05:48:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Sat, 09 Sep 2023 18:37:29 GMT
server
nginx
etag
W/"64fcbb69-2421"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
x-xss-protection
1
expires
Wed, 20 Sep 2023 05:48:14 GMT
index.26a7.css
fly.qzbwcwu.xyz/webx/td/desktop/styles/ 		1 MB
246 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fly.qzbwcwu.xyz/webx/td/desktop/styles/index.26a7.css?v=23.08.19.14532
Requested by
Host: fly.qzbwcwu.xyz
URL: https://fly.qzbwcwu.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.92.48.63 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
4822e342c4741fce0e7ed33b95a17762533a1bbb70d8128c30922772ddf3a91c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fly.qzbwcwu.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 05:48:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Sat, 09 Sep 2023 18:37:29 GMT
server
nginx
etag
W/"64fcbb69-114d36"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
x-xss-protection
1
expires
Wed, 20 Sep 2023 05:48:14 GMT
chunk.vendor.7fb2.js
fly.qzbwcwu.xyz/webx/td/desktop/javascript/ 		768 KB
272 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fly.qzbwcwu.xyz/webx/td/desktop/javascript/chunk.vendor.7fb2.js?v=23.08.19.14532
Requested by
Host: fly.qzbwcwu.xyz
URL: https://fly.qzbwcwu.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.92.48.63 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
bd91f71aeb5b5c5a3b789c02f7900c1e29de65d960c538d6ee916d22caff18fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fly.qzbwcwu.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 05:48:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Sun, 23 Jul 2023 17:58:29 GMT
server
nginx
etag
W/"64bd6a45-c009b"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=604800
x-xss-protection
1
expires
Wed, 20 Sep 2023 05:48:14 GMT
base.26a7.js
fly.qzbwcwu.xyz/webx/td/desktop/javascript/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fly.qzbwcwu.xyz/webx/td/desktop/javascript/base.26a7.js?v=23.08.19.14532
Requested by
Host: fly.qzbwcwu.xyz
URL: https://fly.qzbwcwu.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.92.48.63 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
8bc52b1a801c1ac1da4be507f9e0204d02feaa3adabcd6dfb435e2671100977a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fly.qzbwcwu.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 05:48:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Sat, 09 Sep 2023 18:37:29 GMT
server
nginx
etag
W/"64fcbb69-26b1"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=604800
x-xss-protection
1
expires
Wed, 20 Sep 2023 05:48:14 GMT
bootstrap.26a7.js
fly.qzbwcwu.xyz/webx/td/desktop/javascript/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fly.qzbwcwu.xyz/webx/td/desktop/javascript/bootstrap.26a7.js?v=23.08.19.14532
Requested by
Host: fly.qzbwcwu.xyz
URL: https://fly.qzbwcwu.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.92.48.63 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
de216e998db684f67036788c45a36ffefbbfa56a441579f91e9bf21a2a71cc91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fly.qzbwcwu.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 05:48:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Sat, 09 Sep 2023 18:37:29 GMT
server
nginx
etag
W/"64fcbb69-222f"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=604800
x-xss-protection
1
expires
Wed, 20 Sep 2023 05:48:14 GMT
index.26a7.js
fly.qzbwcwu.xyz/webx/td/desktop/javascript/ 		899 KB
255 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fly.qzbwcwu.xyz/webx/td/desktop/javascript/index.26a7.js?v=23.08.19.14532
Requested by
Host: fly.qzbwcwu.xyz
URL: https://fly.qzbwcwu.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.92.48.63 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
8641d3b8b89ccf75fba19dcfca151713e67e5d33f40b178abc6d5f57ed202a57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fly.qzbwcwu.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 05:48:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Sat, 09 Sep 2023 18:37:29 GMT
server
nginx
etag
W/"64fcbb69-e0d8a"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=604800
x-xss-protection
1
expires
Wed, 20 Sep 2023 05:48:14 GMT
/
fly.qzbwcwu.xyz/api/settings/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fly.qzbwcwu.xyz/api/settings/?fields=
Requested by
Host: fly.qzbwcwu.xyz
URL: https://fly.qzbwcwu.xyz/webx/td/desktop/javascript/chunk.vendor.7fb2.js?v=23.08.19.14532
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.92.48.63 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
62b6be6de74e419b4b3aa2abd39496392a376efe7c493537aadd44b431f020ad

Request headers

Accept
application/json, text/plain, */*
Referer
https://fly.qzbwcwu.xyz/
Accept-Language
en-US,en;q=0.9
Authorization
bearer undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Accept-Currency
cny
Content-Type
application/vnd.sc-api.v1.json

Response headers

x-runtime
0.048
date
Wed, 13 Sep 2023 05:48:17 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-ratelimit-remaining
299
content-type
application/json
access-control-max-age
86400
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers
Authorization, Set-Cookie
cache-control
max-age=0, no-cache, no-store, private
access-control-allow-credentials
true
x-ratelimit-limit
300
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
methods.js
fly.qzbwcwu.xyz/webx/td/static/ 		2 MB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fly.qzbwcwu.xyz/webx/td/static/methods.js?27e72f10
Requested by
Host: fly.qzbwcwu.xyz
URL: https://fly.qzbwcwu.xyz/webx/td/desktop/javascript/index.26a7.js?v=23.08.19.14532
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.92.48.63 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
2305b505275a877afe6064ff6a28bfed1978cf93164545e21030a60058272074
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fly.qzbwcwu.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 05:48:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 06 Jun 2023 18:20:17 GMT
server
nginx
etag
W/"647f78e1-189eab"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=604800
x-xss-protection
1
expires
Wed, 20 Sep 2023 05:48:17 GMT
3c93c7.png
fly.qzbwcwu.xyz/webx/td/desktop/images/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fly.qzbwcwu.xyz/webx/td/desktop/images/3c93c7.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.92.48.63 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
ca1dff45e859100904bcf00c56a56a5a4dfafd1b7ba87ca2f6deb4e02d356e5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fly.qzbwcwu.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 05:48:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 22 Feb 2021 18:13:37 GMT
server
nginx
etag
"6033f451-24b3f"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
150335
x-xss-protection
1
expires
Wed, 20 Sep 2023 05:48:17 GMT
da6a36.png
fly.qzbwcwu.xyz/webx/td/desktop/images/ 		242 KB
242 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fly.qzbwcwu.xyz/webx/td/desktop/images/da6a36.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.92.48.63 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
e44a721189d51ee1ac550c301691d3987fcaa70c9569f4e4d0fae522afad47db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fly.qzbwcwu.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 05:48:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 07:57:34 GMT
server
nginx
etag
"644a2aee-3c74f"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
247631
x-xss-protection
1
expires
Wed, 20 Sep 2023 05:48:17 GMT
04b303.png
fly.qzbwcwu.xyz/webx/td/desktop/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fly.qzbwcwu.xyz/webx/td/desktop/images/04b303.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.92.48.63 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
e988399588e4bea9ab58c949c9b4a2ff7deb680a847ad2a515c698c4830bad4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fly.qzbwcwu.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 05:48:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 11 Nov 2021 19:08:29 GMT
server
nginx
etag
"618d6a2d-1fba"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
8122
x-xss-protection
1
expires
Wed, 20 Sep 2023 05:48:17 GMT
448982.png
fly.qzbwcwu.xyz/webx/td/desktop/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fly.qzbwcwu.xyz/webx/td/desktop/images/448982.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.92.48.63 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
b5be69c16d6d790717588e2628667448f032d6f74d1deb699e9dfea83bd7688f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fly.qzbwcwu.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 05:48:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 11 Nov 2021 19:08:29 GMT
server
nginx
etag
"618d6a2d-1dee"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
7662
x-xss-protection
1
expires
Wed, 20 Sep 2023 05:48:17 GMT
3db03a.png
fly.qzbwcwu.xyz/webx/td/desktop/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fly.qzbwcwu.xyz/webx/td/desktop/images/3db03a.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.92.48.63 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
35a5fd1dc7c4863ccde2fb5681107a2c78b1a98155de49ca373d9ff9a393593f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fly.qzbwcwu.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 05:48:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Wed, 25 May 2022 17:59:38 GMT
server
nginx
etag
"628e6e8a-21fd"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
8701
x-xss-protection
1
expires
Wed, 20 Sep 2023 05:48:17 GMT
71f2af.png
fly.qzbwcwu.xyz/webx/td/desktop/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fly.qzbwcwu.xyz/webx/td/desktop/images/71f2af.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.92.48.63 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
80dc5e4dd89358df05e2b06bd0c5626305a5fc07a08300e429963f05bfca9bc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fly.qzbwcwu.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 05:48:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Wed, 19 Apr 2023 05:25:02 GMT
server
nginx
etag
"643f7b2e-1e73"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
7795
x-xss-protection
1
expires
Wed, 20 Sep 2023 05:48:17 GMT
truncated
/ 		761 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32c3426fa6126fe1cabf42a8d8bed74505823b85ed738e08d1442bb0ecda429a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		663 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5109f7cf9ffe5ae6b48ec10d1717c72d4cfe0f3e7fcffa880d13f78a13c03fd8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
0f51b8.png
fly.qzbwcwu.xyz/webx/td/desktop/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fly.qzbwcwu.xyz/webx/td/desktop/images/0f51b8.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.92.48.63 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
49aac1defaca09caf07ee3d9bac16f2fb068af08818019422e4d8ce7b6145240
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fly.qzbwcwu.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 05:48:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 09:34:45 GMT
server
nginx
etag
"644a41b5-14f6"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
5366
x-xss-protection
1
expires
Wed, 20 Sep 2023 05:48:17 GMT
truncated
/ 		616 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
746ce85c1199c6bf7fce9461d0df0234de19a17d4eb818d5b749accd1ac9f649

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f617ffdb896e58702cb973494ede2d5d5d5d68e8eb3510696993154aca7c1d99

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
qr_code.png
tcdn.hbniu.com/td/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tcdn.hbniu.com/td/qr_code.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.135.83.230 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
0cb57bb36018bc3494e9012cbb005a67e36e4593aedafd19c7674f8f3cecd2b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fly.qzbwcwu.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

expires
Wed, 13 Sep 2023 05:58:18 GMT
date
Wed, 13 Sep 2023 05:48:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Fri, 18 Aug 2023 07:47:13 GMT
server
nginx
etag
"64df2201-c3d"
content-type
image/png
x-remote-addr
38.132.118.68
cache-control
max-age=600
http-geo-ipcountry
US
accept-ranges
bytes
x-forwarded-port
443
content-length
3133
x-xss-protection
1
x-proxy-cache
HIT
6b1f82.jpg
fly.qzbwcwu.xyz/webx/td/desktop/images/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fly.qzbwcwu.xyz/webx/td/desktop/images/6b1f82.jpg
Requested by
Host: fly.qzbwcwu.xyz
URL: https://fly.qzbwcwu.xyz/webx/td/desktop/styles/index.26a7.css?v=23.08.19.14532
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.92.48.63 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
26560f6092994e6e929060bdc880a0b9c83325e864927011cd36d250db3b95c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fly.qzbwcwu.xyz/webx/td/desktop/styles/index.26a7.css?v=23.08.19.14532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 05:48:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Wed, 19 Apr 2023 05:25:02 GMT
server
nginx
etag
"643f7b2e-fd13"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
64787
x-xss-protection
1
expires
Wed, 20 Sep 2023 05:48:17 GMT
bd43af.png
fly.qzbwcwu.xyz/webx/td/desktop/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fly.qzbwcwu.xyz/webx/td/desktop/images/bd43af.png
Requested by
Host: fly.qzbwcwu.xyz
URL: https://fly.qzbwcwu.xyz/webx/td/desktop/styles/index.26a7.css?v=23.08.19.14532
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.92.48.63 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
feb7e93563d88db7b97cc7eae2a74169204336cfbc36b2fd0f0c52e45295b44a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fly.qzbwcwu.xyz/webx/td/desktop/styles/index.26a7.css?v=23.08.19.14532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 05:48:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 09:07:12 GMT
server
nginx
etag
"644a3b40-33cb"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
13259
x-xss-protection
1
expires
Wed, 20 Sep 2023 05:48:17 GMT
e2a1ce.png
fly.qzbwcwu.xyz/webx/td/desktop/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fly.qzbwcwu.xyz/webx/td/desktop/images/e2a1ce.png
Requested by
Host: fly.qzbwcwu.xyz
URL: https://fly.qzbwcwu.xyz/webx/td/desktop/styles/index.26a7.css?v=23.08.19.14532
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.92.48.63 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
ec646801779d8d358b817ac6a6b48cf9bdc71ce68a399da2d9aae8ceb019f123
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fly.qzbwcwu.xyz/webx/td/desktop/styles/index.26a7.css?v=23.08.19.14532
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 05:48:17 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Wed, 19 Apr 2023 05:25:01 GMT
server
nginx
etag
"643f7b2d-54be"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
21694
x-xss-protection
1
expires
Wed, 20 Sep 2023 05:48:17 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
344e303d7f105b9cace59b65fb4b21fc070bc59ed19896d66002455a3c7971c6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type
image/png
speedtests
fly.qzbwcwu.xyz/api/domain/platform/ 		80 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fly.qzbwcwu.xyz/api/domain/platform/speedtests
Requested by
Host: fly.qzbwcwu.xyz
URL: https://fly.qzbwcwu.xyz/webx/td/desktop/javascript/chunk.vendor.7fb2.js?v=23.08.19.14532
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.92.48.63 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
fd7407e882a5245840c9a9c5dc5412b0afafcafdd65fa2be29f75e9d7bce6ebb

Request headers

Accept
application/json, text/plain, */*
Referer
https://fly.qzbwcwu.xyz/
Accept-Language
en-US,en;q=0.9
Authorization
bearer undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Accept-Currency
cny
Content-Type
application/vnd.sc-api.v1.json

Response headers

x-runtime
0.041
date
Wed, 13 Sep 2023 05:48:17 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-ratelimit-remaining
299
content-type
application/json
access-control-max-age
86400
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers
Authorization, Set-Cookie
cache-control
max-age=0, no-cache, no-store, private
access-control-allow-credentials
true
x-ratelimit-limit
300
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
point.bmp
fly.qzbwcwu.xyz// 		68 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fly.qzbwcwu.xyz//point.bmp?r=87931
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.92.48.63 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fly.qzbwcwu.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 05:48:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 27 Apr 2023 08:45:42 GMT
server
nginx
etag
"644a3636-44"
content-type
image/x-ms-bmp
cache-control
max-age=604800
accept-ranges
bytes
content-length
68
x-xss-protection
1
expires
Wed, 20 Sep 2023 05:48:18 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| __CDN_PUBLIC_PATH__ object| webpackJsonp function| webpackHotUpdate function| _ string| $LANG string| $CURRENCY object| i18nDebug function| PushStream object| PushStreamManager function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ number| 2f1acc6c3a606b082e5eef5e54414ffb object| Hex object| Base64 function| ASN1 function| loadStaticMethodData object| devConsole function| _i18n number| serverTime number| localTime number| during object| method-data

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fly.qzbwcwu.xyz
tcdn.hbniu.com
143.92.48.63
43.135.83.230
0cb57bb36018bc3494e9012cbb005a67e36e4593aedafd19c7674f8f3cecd2b3
2305b505275a877afe6064ff6a28bfed1978cf93164545e21030a60058272074
26560f6092994e6e929060bdc880a0b9c83325e864927011cd36d250db3b95c6
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
32c3426fa6126fe1cabf42a8d8bed74505823b85ed738e08d1442bb0ecda429a
344e303d7f105b9cace59b65fb4b21fc070bc59ed19896d66002455a3c7971c6
35a5fd1dc7c4863ccde2fb5681107a2c78b1a98155de49ca373d9ff9a393593f
4822e342c4741fce0e7ed33b95a17762533a1bbb70d8128c30922772ddf3a91c
49aac1defaca09caf07ee3d9bac16f2fb068af08818019422e4d8ce7b6145240
5109f7cf9ffe5ae6b48ec10d1717c72d4cfe0f3e7fcffa880d13f78a13c03fd8
62b6be6de74e419b4b3aa2abd39496392a376efe7c493537aadd44b431f020ad
746ce85c1199c6bf7fce9461d0df0234de19a17d4eb818d5b749accd1ac9f649
7879bdfa80b78ef49786bc8e66f3bdd0174ee05b02d0ade6f0a9fcf3f53c1057
80dc5e4dd89358df05e2b06bd0c5626305a5fc07a08300e429963f05bfca9bc4
8641d3b8b89ccf75fba19dcfca151713e67e5d33f40b178abc6d5f57ed202a57
8bc52b1a801c1ac1da4be507f9e0204d02feaa3adabcd6dfb435e2671100977a
b5be69c16d6d790717588e2628667448f032d6f74d1deb699e9dfea83bd7688f
b7cc3a6803c7af170e1b91e721a3d56eb5c6d8f7d36274e94c88f0fec5e7de0c
bd91f71aeb5b5c5a3b789c02f7900c1e29de65d960c538d6ee916d22caff18fd
ca1dff45e859100904bcf00c56a56a5a4dfafd1b7ba87ca2f6deb4e02d356e5e
de216e998db684f67036788c45a36ffefbbfa56a441579f91e9bf21a2a71cc91
e44a721189d51ee1ac550c301691d3987fcaa70c9569f4e4d0fae522afad47db
e988399588e4bea9ab58c949c9b4a2ff7deb680a847ad2a515c698c4830bad4e
ec646801779d8d358b817ac6a6b48cf9bdc71ce68a399da2d9aae8ceb019f123
f617ffdb896e58702cb973494ede2d5d5d5d68e8eb3510696993154aca7c1d99
fd7407e882a5245840c9a9c5dc5412b0afafcafdd65fa2be29f75e9d7bce6ebb
feb7e93563d88db7b97cc7eae2a74169204336cfbc36b2fd0f0c52e45295b44a