gqffiduw.jzdgift.com Open in urlscan Pro
38.239.7.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wanxinqbdownload.shengxinkej.com/
Effective URL:
http://gqffiduw.jzdgift.com/
Submission: On November 18 via api (November 18th 2023, 7:55:37 am UTC) from US — Scanned from US

Summary HTTP 8 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 38.239.7.50, located in United States and belongs to DXTL-HK DXTL Tseung Kwan O Service, HK. The main domain is gqffiduw.jzdgift.com.

This is the only time gqffiduw.jzdgift.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	154.219.99.85 154.219.99.85	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
8	38.239.7.50 38.239.7.50	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
8	1

1 154.219.99.85 (Hong Kong) 1 redirects

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

wanxinqbdownload.shengxinkej.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 38.239.7.50 (United States)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

gqffiduw.jzdgift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	jzdgift.com gqffiduw.jzdgift.com	283 KB
1	shengxinkej.com 1 redirects wanxinqbdownload.shengxinkej.com	218 B
8	2

	Domain	Requested by
8	gqffiduw.jzdgift.com	gqffiduw.jzdgift.com
1	wanxinqbdownload.shengxinkej.com	1 redirects
8	2

This site contains links to these domains. Also see Links.

Domain
hanyu.baidu.com

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://gqffiduw.jzdgift.com/
Frame ID: 104B23DE68BDEE8A33505C0C837ED130
Requests: 2 HTTP requests in this frame

Frame: http://gqffiduw.jzdgift.com/ky.html
Frame ID: 5793BCC53C8C1374ABA492CBC66A7D17
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

开云真人(中国)官方网站

Page URL History Show full URLs

http://wanxinqbdownload.shengxinkej.com/ HTTP 301
http://gqffiduw.jzdgift.com/ Page URL

Page Statistics

8
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

283 kB
Transfer

295 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://hanyu.baidu.com/shici/detail?from=kg1&highlight=&pid=91c01afc8f3f46e49580acec640331a4&srcid=51369
Title: 开云真人(中国)官方网站

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wanxinqbdownload.shengxinkej.com/ HTTP 301
http://gqffiduw.jzdgift.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	404 Not Found	Primary Request / Show response gqffiduw.jzdgift.com/ Redirect Chain http://wanxinqbdownload.shengxinkej.com/ http://gqffiduw.jzdgift.com/	1 KB 989 B	748ms 290ms	Document text/html	38.239.7.50 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Full URL http://gqffiduw.jzdgift.com/ Protocol HTTP/1.1 Server 38.239.7.50 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash `e108acd3eec78bb5ee8a092db032d46633b609838982f43f8d60c0f7552881e6` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Sat, 18 Nov 2023 07:55:31 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Redirect headers Connection keep-alive Content-Type text/html; charset=utf-8 Date Sat, 18 Nov 2023 07:55:30 GMT Location http://gqffiduw.jzdgift.com/ Server nginx Transfer-Encoding chunked
GET H/1.1	200 OK	tz.js Show response gqffiduw.jzdgift.com/	573 B 887 B	238ms 238ms	Script application/javascript	38.239.7.50 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Full URL http://gqffiduw.jzdgift.com/tz.js?v=0.8097767282874317 Requested by Host: gqffiduw.jzdgift.com URL: http://gqffiduw.jzdgift.com/ Protocol HTTP/1.1 Server 38.239.7.50 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash `4b1f20d9b1c0755cbed7d496774aed9444c61bb55ce374d8513e739e33dc7ba8` Request headers accept-language en-US,en;q=0.9 Referer http://gqffiduw.jzdgift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sat, 18 Nov 2023 07:55:31 GMT Last-Modified Tue, 14 Nov 2023 10:13:56 GMT Server nginx ETag "65534864-23d" Content-Type application/javascript Cache-Control max-age=43200 Connection keep-alive Accept-Ranges bytes Content-Length 573 Expires Sat, 18 Nov 2023 19:55:31 GMT
GET H/1.1	200 OK	ky.html Show response gqffiduw.jzdgift.com/ Frame 5793	12 KB 3 KB	249ms 249ms	Document text/html	38.239.7.50 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Full URL http://gqffiduw.jzdgift.com/ky.html Requested by Host: gqffiduw.jzdgift.com URL: http://gqffiduw.jzdgift.com/tz.js?v=0.8097767282874317 Protocol HTTP/1.1 Server 38.239.7.50 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash `bc865a8d695c5e7758a4c9fdb6e2a0c2e729f176b9c82b8328574d41f6937e2f` Request headers Referer http://gqffiduw.jzdgift.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sat, 18 Nov 2023 07:55:32 GMT ETag W/"65435265-3097" Last-Modified Thu, 02 Nov 2023 07:40:21 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	pc-logo.png gqffiduw.jzdgift.com/img/images7/ Frame 5793	40 KB 40 KB	240ms 240ms	Image image/png	38.239.7.50 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Show image Full URL http://gqffiduw.jzdgift.com/img/images7/pc-logo.png Requested by Host: gqffiduw.jzdgift.com URL: http://gqffiduw.jzdgift.com/ky.html Protocol HTTP/1.1 Server 38.239.7.50 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash `c8a9ed5f4321fbfbfb26000f056304c7ea2a8a875dbeba44bdcd523709e51bae` Request headers accept-language en-US,en;q=0.9 Referer http://gqffiduw.jzdgift.com/ky.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sat, 18 Nov 2023 07:55:32 GMT Last-Modified Mon, 21 Aug 2023 08:15:10 GMT Server nginx ETag "64e31d0e-9e3e" Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 40510 Expires Mon, 18 Dec 2023 07:55:32 GMT
GET H/1.1	200 OK	cslink.js Show response gqffiduw.jzdgift.com/ Frame 5793	6 KB 2 KB	262ms 262ms	Script application/javascript	38.239.7.50 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Full URL http://gqffiduw.jzdgift.com/cslink.js?v=0.18207203774320946 Requested by Host: gqffiduw.jzdgift.com URL: http://gqffiduw.jzdgift.com/ky.html Protocol HTTP/1.1 Server 38.239.7.50 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash `acbfef2c908f145553bf91bce2feaa8bf73e560d0d1bc2540525d412fa1e1220` Request headers accept-language en-US,en;q=0.9 Referer http://gqffiduw.jzdgift.com/ky.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sat, 18 Nov 2023 07:55:32 GMT Content-Encoding gzip Last-Modified Sat, 18 Nov 2023 07:21:32 GMT Server nginx ETag W/"655865fc-1861" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43200 Connection keep-alive Expires Sat, 18 Nov 2023 19:55:32 GMT
GET H/1.1	200 OK	pc-bg.jpg gqffiduw.jzdgift.com/img/images7/ Frame 5793	198 KB 198 KB	262ms 261ms	Image image/jpeg	38.239.7.50 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Show image Full URL http://gqffiduw.jzdgift.com/img/images7/pc-bg.jpg Requested by Host: gqffiduw.jzdgift.com URL: http://gqffiduw.jzdgift.com/ky.html Protocol HTTP/1.1 Server 38.239.7.50 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash `4040e7fc92cc6462a32f3fb2de70de363851f5d378c7cbc4a0068e835aedeb99` Request headers accept-language en-US,en;q=0.9 Referer http://gqffiduw.jzdgift.com/ky.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sat, 18 Nov 2023 07:55:32 GMT Last-Modified Mon, 21 Aug 2023 08:15:07 GMT Server nginx ETag "64e31d0b-317dc" Content-Type image/jpeg Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 202716 Expires Mon, 18 Dec 2023 07:55:32 GMT
GET H/1.1	200 OK	pc-title.png gqffiduw.jzdgift.com/img/images7/ Frame 5793	20 KB 20 KB	475ms 238ms	Image image/png	38.239.7.50 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Show image Full URL http://gqffiduw.jzdgift.com/img/images7/pc-title.png Requested by Host: gqffiduw.jzdgift.com URL: http://gqffiduw.jzdgift.com/ky.html Protocol HTTP/1.1 Server 38.239.7.50 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash `e36028f1a18c5ee1cf18e8ba0507dc6323f6c2f87010444932725a231afdc86d` Request headers accept-language en-US,en;q=0.9 Referer http://gqffiduw.jzdgift.com/ky.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sat, 18 Nov 2023 07:55:32 GMT Last-Modified Mon, 21 Aug 2023 08:15:11 GMT Server nginx ETag "64e31d0f-5004" Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 20484 Expires Mon, 18 Dec 2023 07:55:32 GMT
GET H/1.1	200 OK	pc-stitle.png gqffiduw.jzdgift.com/img/images7/ Frame 5793	17 KB 17 KB	515ms 258ms	Image image/png	38.239.7.50 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Show image Full URL http://gqffiduw.jzdgift.com/img/images7/pc-stitle.png Requested by Host: gqffiduw.jzdgift.com URL: http://gqffiduw.jzdgift.com/ky.html Protocol HTTP/1.1 Server 38.239.7.50 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash `f71b621cb9edf0b4d46536cf659604a786d962314a8119277669c5af3cf01878` Request headers accept-language en-US,en;q=0.9 Referer http://gqffiduw.jzdgift.com/ky.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Sat, 18 Nov 2023 07:55:32 GMT Last-Modified Mon, 21 Aug 2023 08:15:11 GMT Server nginx ETag "64e31d0f-4424" Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 17444 Expires Mon, 18 Dec 2023 07:55:32 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| items string| Alibaba string| JackMa

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://gqffiduw.jzdgift.com/ Message: Failed to load resource: the server responded with a status of 404 (Not Found)
rendering	warning	URL: http://gqffiduw.jzdgift.com/ky.html(Line 8) Message: The key "user-sclacle" is not recognized and ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gqffiduw.jzdgift.com
wanxinqbdownload.shengxinkej.com
154.219.99.85
38.239.7.50
4040e7fc92cc6462a32f3fb2de70de363851f5d378c7cbc4a0068e835aedeb99
4b1f20d9b1c0755cbed7d496774aed9444c61bb55ce374d8513e739e33dc7ba8
acbfef2c908f145553bf91bce2feaa8bf73e560d0d1bc2540525d412fa1e1220
bc865a8d695c5e7758a4c9fdb6e2a0c2e729f176b9c82b8328574d41f6937e2f
c8a9ed5f4321fbfbfb26000f056304c7ea2a8a875dbeba44bdcd523709e51bae
e108acd3eec78bb5ee8a092db032d46633b609838982f43f8d60c0f7552881e6
e36028f1a18c5ee1cf18e8ba0507dc6323f6c2f87010444932725a231afdc86d
f71b621cb9edf0b4d46536cf659604a786d962314a8119277669c5af3cf01878

gqffiduw.jzdgift.com Open in urlscan Pro 38.239.7.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

8 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

283 kBTransfer

295 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

gqffiduw.jzdgift.com Open in urlscan Pro
38.239.7.50 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

283 kB
Transfer

295 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions