urlscan.io logo urlscan.io
SecurityTrails logo

app1.oswfrf.xyz Open in urlscan Pro
38.45.122.91  Public Scan

Go To Rescan Add Verdict Report
URL: https://app1.oswfrf.xyz/
Submission Tags: @phishunt_io
Submission: On July 18 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 21 HTTP transactions. The main IP is 38.45.122.91, located in United States and belongs to GNETINC-AS-AP GNET INC., US. The main domain is app1.oswfrf.xyz.
TLS certificate: Issued by R3 on July 18th 2023. Valid for: 3 months.
This is the only time app1.oswfrf.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 38.45.122.91 9294 (GNETINC-A...)
2 119.28.19.156 132203 (TENCENT-N...)
21 3
Apex Domain
Subdomains		 Transfer
19 oswfrf.xyz
app1.oswfrf.xyz
979 KB
2 weiyihx.com
tcdn.weiyihx.com
6 KB
21 2
Domain Requested by
19 app1.oswfrf.xyz app1.oswfrf.xyz
2 tcdn.weiyihx.com
21 2
Subject Issuer Validity Valid
app1.oswfrf.xyz
R3		 2023-07-18 -
2023-10-16		 3 months crt.sh
tcdn.jiandejtsg.com
R3		 2023-07-18 -
2023-10-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app1.oswfrf.xyz/
Frame ID: 5799FE37F728F555A69FC3582BF11E38
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

恒煊

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

986 kB
Transfer

4574 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app1.oswfrf.xyz/ 		16 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app1.oswfrf.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.45.122.91 , United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
f21e9aa8d5367255b571dbcaad1454748fd1df99872688a0f91502add0cc492d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers
Authorization, Set-Cookie
access-control-max-age
86400
cache-control
private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 18 Jul 2023 09:42:07 GMT
server
****
vary
Accept-Encoding
x-cache
BYPASS
x-ratelimit-limit
300
x-ratelimit-remaining
299
x-request-id
a5f41b73e1c92bb54b74ca27b4e30c99
0.6b71c857e05fe23ad396.css
app1.oswfrf.xyz/webx/hx/desktop/styles/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app1.oswfrf.xyz/webx/hx/desktop/styles/0.6b71c857e05fe23ad396.css?v=23.05.25.74773
Requested by
Host: app1.oswfrf.xyz
URL: https://app1.oswfrf.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.45.122.91 , United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
7879bdfa80b78ef49786bc8e66f3bdd0174ee05b02d0ade6f0a9fcf3f53c1057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.oswfrf.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 09:42:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 11 May 2023 18:43:44 GMT
server
****
etag
W/"645d3760-2421"
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
cache-control
max-age=1800
x-xss-protection
1
x-request-id
63538256aaa20c44cdeba8fdf5ddc512
expires
Tue, 25 Jul 2023 09:42:07 GMT
index.6b71.css
app1.oswfrf.xyz/webx/hx/desktop/styles/ 		968 KB
190 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app1.oswfrf.xyz/webx/hx/desktop/styles/index.6b71.css?v=23.05.25.74773
Requested by
Host: app1.oswfrf.xyz
URL: https://app1.oswfrf.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.45.122.91 , United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
948e40a3f7ed538f51398781d3287df797a4439a04bf7cc7fc5847d4fc105381
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.oswfrf.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 09:42:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 11 May 2023 18:43:44 GMT
server
****
etag
W/"645d3760-f20d0"
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
cache-control
max-age=1800
x-xss-protection
1
x-request-id
c84ab3a1ff354f4741b67aa8e80a6433
expires
Tue, 25 Jul 2023 09:42:07 GMT
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ae5327826544e7337261279862e11e410478d3878ddf79eec6992db9e0dfdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a593a5189c0fda13e22ad82d74fa5d79e284c36f43d772a5646b7c5d6e5ee11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
chunk.vendor.2853.js
app1.oswfrf.xyz/webx/hx/desktop/javascript/ 		713 KB
226 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.oswfrf.xyz/webx/hx/desktop/javascript/chunk.vendor.2853.js?v=23.05.25.74773
Requested by
Host: app1.oswfrf.xyz
URL: https://app1.oswfrf.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.45.122.91 , United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
cc07a56c2902f6fbe6a339eb58cf41fabf5c558d83e6890053dbd05567a65445
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.oswfrf.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 09:42:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 11 May 2023 18:43:44 GMT
server
****
etag
W/"645d3760-b234b"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
3896fd503310715efef751943c7b7ac0
expires
Tue, 25 Jul 2023 09:42:07 GMT
base.6b71.js
app1.oswfrf.xyz/webx/hx/desktop/javascript/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.oswfrf.xyz/webx/hx/desktop/javascript/base.6b71.js?v=23.05.25.74773
Requested by
Host: app1.oswfrf.xyz
URL: https://app1.oswfrf.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.45.122.91 , United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
24446af277a39fad9cb12f49d82ec64469154d09a7cc4ab6ce21491de12ee7a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.oswfrf.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 09:42:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 11 May 2023 18:43:44 GMT
server
****
etag
W/"645d3760-26b1"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
9d25290f5757d35675c49ddb9b674661
expires
Tue, 25 Jul 2023 09:42:07 GMT
bootstrap.6b71.js
app1.oswfrf.xyz/webx/hx/desktop/javascript/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.oswfrf.xyz/webx/hx/desktop/javascript/bootstrap.6b71.js?v=23.05.25.74773
Requested by
Host: app1.oswfrf.xyz
URL: https://app1.oswfrf.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.45.122.91 , United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
1f44747dcb0a9b7e2475bc3c2ad88132c7674d6d8a46380140cabe25fd89b169
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.oswfrf.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 09:42:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 11 May 2023 18:43:44 GMT
server
****
etag
W/"645d3760-2511"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
37dc0b193314f78ff032be70308b4e25
expires
Tue, 25 Jul 2023 09:42:07 GMT
index.6b71.js
app1.oswfrf.xyz/webx/hx/desktop/javascript/ 		792 KB
211 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.oswfrf.xyz/webx/hx/desktop/javascript/index.6b71.js?v=23.05.25.74773
Requested by
Host: app1.oswfrf.xyz
URL: https://app1.oswfrf.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.45.122.91 , United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
b637ccaff9e8869e483311bd6cf803fa620ee180284b104ef90b570cdd2a3b56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.oswfrf.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 09:42:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 11 May 2023 18:43:44 GMT
server
****
etag
W/"645d3760-c6024"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
538f8a1b62b8ba8b237936c293607b8f
expires
Tue, 25 Jul 2023 09:42:07 GMT
/
app1.oswfrf.xyz/api/settings/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app1.oswfrf.xyz/api/settings/?fields=
Requested by
Host: app1.oswfrf.xyz
URL: https://app1.oswfrf.xyz/webx/hx/desktop/javascript/chunk.vendor.2853.js?v=23.05.25.74773
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.45.122.91 , United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
c665a11878656b7756565ca2237bd4b46845d190ba2913019fef2f1452ca28cf

Request headers

Accept
application/json, text/plain, */*
Referer
https://app1.oswfrf.xyz/
Accept-Language
de-DE,de;q=0.9
Authorization
bearer undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Accept-Currency
cny
Content-Type
application/vnd.sc-api.v1.json

Response headers

date
Tue, 18 Jul 2023 09:42:08 GMT
content-encoding
gzip
x-cache
BYPASS
x-request-id
db9c10e8120eca2ef5d475b3657892f8
x-runtime
0.087
server
****
vary
Accept-Encoding
x-ratelimit-remaining
299
content-type
application/json
access-control-max-age
86400
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers
Authorization, Set-Cookie
cache-control
max-age=0, no-cache, no-store, private
access-control-allow-credentials
true
x-ratelimit-limit
300
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
recommend
app1.oswfrf.xyz/api/ads/ 		69 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app1.oswfrf.xyz/api/ads/recommend
Requested by
Host: app1.oswfrf.xyz
URL: https://app1.oswfrf.xyz/webx/hx/desktop/javascript/chunk.vendor.2853.js?v=23.05.25.74773
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.45.122.91 , United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
6e125f5d71f286ad4dd242886c82d6822491245420ec5de729ad5a3520d5db45

Request headers

Accept
application/json, text/plain, */*
Referer
https://app1.oswfrf.xyz/
Accept-Language
de-DE,de;q=0.9
Authorization
bearer undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Accept-Currency
cny
Content-Type
application/vnd.sc-api.v1.json

Response headers

date
Tue, 18 Jul 2023 09:42:08 GMT
content-encoding
gzip
x-cache
BYPASS
x-request-id
11c0866785737090056b7edfb2fcc7c2
x-runtime
0.070
server
****
vary
Accept-Encoding
x-ratelimit-remaining
299
content-type
application/json
access-control-max-age
86400
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers
Authorization, Set-Cookie
cache-control
max-age=0, no-cache, no-store, private
access-control-allow-credentials
true
x-ratelimit-limit
300
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
methods.js
app1.oswfrf.xyz/webx/hx/static/ 		2 MB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.oswfrf.xyz/webx/hx/static/methods.js?78ff8eb3
Requested by
Host: app1.oswfrf.xyz
URL: https://app1.oswfrf.xyz/webx/hx/desktop/javascript/index.6b71.js?v=23.05.25.74773
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.45.122.91 , United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
f9e97d2b6f06c31da653276538a6c36811fcd14217fc682f4b401e21dd9be8d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.oswfrf.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 09:42:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 04 Aug 2022 18:44:59 GMT
server
****
etag
W/"62ec13ab-1c7db1"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
4b5e815382266411f30bcd0bbf236ad6
expires
Tue, 25 Jul 2023 09:42:09 GMT
qr_code.png
tcdn.weiyihx.com/hx/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tcdn.weiyihx.com/hx/qr_code.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
119.28.19.156 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
0fd557e3999b5f4142bbd5e30fdb9c749670ee274f4efa8f4e72c116ae8a6ac1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.oswfrf.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 18 Jul 2023 09:52:10 GMT
date
Tue, 18 Jul 2023 09:42:10 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 15 Jun 2021 06:49:25 GMT
server
nginx
etag
"60c84d75-baf"
content-type
image/png
x-remote-addr
178.162.209.131
cache-control
max-age=600
http-geo-ipcountry
DE
accept-ranges
bytes
x-forwarded-port
443
content-length
2991
x-xss-protection
1
x-proxy-cache
REVALIDATED
qr_code.png
tcdn.weiyihx.com/hx/auto/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tcdn.weiyihx.com/hx/auto/qr_code.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
119.28.19.156 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
9c071cdc0ba07d5c0110c1b8174a914944c27243712b567950f7f5637bbd6e2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.oswfrf.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 18 Jul 2023 09:52:10 GMT
date
Tue, 18 Jul 2023 09:42:10 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 14 Feb 2022 07:51:01 GMT
server
nginx
etag
"620a09e5-b75"
content-type
image/png
x-remote-addr
178.162.209.131
cache-control
max-age=600
http-geo-ipcountry
DE
accept-ranges
bytes
x-forwarded-port
443
content-length
2933
x-xss-protection
1
x-proxy-cache
REVALIDATED
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15cbad734c46e9b2c08558b00b08c915fc2c086235316aaffda14dbd2ca23f65

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
0754a9.jpg
app1.oswfrf.xyz/webx/hx/desktop/images/ 		75 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.oswfrf.xyz/webx/hx/desktop/images/0754a9.jpg
Requested by
Host: app1.oswfrf.xyz
URL: https://app1.oswfrf.xyz/webx/hx/desktop/styles/index.6b71.css?v=23.05.25.74773
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.45.122.91 , United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
8144c81d09a0d51a2407b11b12a8edbee56c4dbd6961c77a749dc757b63cc44a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.oswfrf.xyz/webx/hx/desktop/styles/index.6b71.css?v=23.05.25.74773
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 09:42:09 GMT
strict-transport-security
max-age=31536000; includeSubdomains
content-encoding
gzip
last-modified
Mon, 10 Jan 2022 09:00:20 GMT
server
****
etag
W/"61dbf5a4-12ce9"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
cache-control
max-age=1800
x-xss-protection
1
x-request-id
735153195a3673638c0c2ad16d286788
expires
Tue, 25 Jul 2023 09:42:09 GMT
dd0801.png
app1.oswfrf.xyz/webx/hx/desktop/images/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.oswfrf.xyz/webx/hx/desktop/images/dd0801.png
Requested by
Host: app1.oswfrf.xyz
URL: https://app1.oswfrf.xyz/webx/hx/desktop/styles/index.6b71.css?v=23.05.25.74773
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.45.122.91 , United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
18c22241df6f22d10d041e59b84ec2222bafe593834fb4316877de62786f7e1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.oswfrf.xyz/webx/hx/desktop/styles/index.6b71.css?v=23.05.25.74773
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 09:42:09 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 10 Jan 2022 09:00:20 GMT
server
****
etag
"61dbf5a4-ec05"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
60421
x-xss-protection
1
x-request-id
07989f0337103e94925d6247b40ee09c
expires
Tue, 25 Jul 2023 09:42:09 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b06d08f004b94992aeeab3824f4602924aebcd4b4ff69ac37b4e9c10f8a35b48

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b0652389230af80bb8dfff7df27bc2a3cd89212b26e19455e8b710b0769afa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
9220c8.png
app1.oswfrf.xyz/webx/hx/desktop/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.oswfrf.xyz/webx/hx/desktop/images/9220c8.png
Requested by
Host: app1.oswfrf.xyz
URL: https://app1.oswfrf.xyz/webx/hx/desktop/styles/index.6b71.css?v=23.05.25.74773
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.45.122.91 , United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
dde30f62646847db13e006b00339c794826fb8f2607f9d43544433d619ca0398
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.oswfrf.xyz/webx/hx/desktop/styles/index.6b71.css?v=23.05.25.74773
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 09:42:09 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 10 Jan 2022 09:00:20 GMT
server
****
etag
"61dbf5a4-3c9e"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
15518
x-xss-protection
1
x-request-id
5597c7742f6f4271387840990c79349c
expires
Tue, 25 Jul 2023 09:42:09 GMT
26b4b9.png
app1.oswfrf.xyz/webx/hx/desktop/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.oswfrf.xyz/webx/hx/desktop/images/26b4b9.png
Requested by
Host: app1.oswfrf.xyz
URL: https://app1.oswfrf.xyz/webx/hx/desktop/styles/index.6b71.css?v=23.05.25.74773
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.45.122.91 , United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
0d270041ef4e50d1bb0a7eeb81375aa82016614a03010ad48a3a2277fdffb8d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.oswfrf.xyz/webx/hx/desktop/styles/index.6b71.css?v=23.05.25.74773
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 09:42:09 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 10 Jan 2022 09:00:20 GMT
server
****
etag
"61dbf5a4-2f82"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
12162
x-xss-protection
1
x-request-id
0a50a30049d82f57f217ba715e6f61fa
expires
Tue, 25 Jul 2023 09:42:09 GMT
1d8e04.png
app1.oswfrf.xyz/webx/hx/desktop/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.oswfrf.xyz/webx/hx/desktop/images/1d8e04.png
Requested by
Host: app1.oswfrf.xyz
URL: https://app1.oswfrf.xyz/webx/hx/desktop/styles/index.6b71.css?v=23.05.25.74773
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.45.122.91 , United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
a3d537d1795c22b1e6749623f94f337d92270b2f3b1c04c5eee7073d51a288e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.oswfrf.xyz/webx/hx/desktop/styles/index.6b71.css?v=23.05.25.74773
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 09:42:09 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 10 Jan 2022 09:00:20 GMT
server
****
etag
"61dbf5a4-2d79"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
11641
x-xss-protection
1
x-request-id
9b669e5d2ce7b06519c0e4d56377837d
expires
Tue, 25 Jul 2023 09:42:09 GMT
1d537c.png
app1.oswfrf.xyz/webx/hx/desktop/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.oswfrf.xyz/webx/hx/desktop/images/1d537c.png
Requested by
Host: app1.oswfrf.xyz
URL: https://app1.oswfrf.xyz/webx/hx/desktop/styles/index.6b71.css?v=23.05.25.74773
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.45.122.91 , United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
ac7e512b57d33d45968fdad2125d5b14e768398ce5c5673059ed05103dd370f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.oswfrf.xyz/webx/hx/desktop/styles/index.6b71.css?v=23.05.25.74773
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 09:42:09 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Wed, 25 May 2022 17:57:50 GMT
server
****
etag
"628e6e1e-4567"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
17767
x-xss-protection
1
x-request-id
f56c46fde11db225b9e27135ecea8338
expires
Tue, 25 Jul 2023 09:42:09 GMT
truncated
/ 		828 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e12dbb63ca012a5b0499784100b45d8f18789a41ae4e8ec550d08f3733b99b69

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da3f630b809b017303af43803b3033e9cb011fb35fd7722518e1845fcffc030e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4926c977a9630a5906c63fffffc336c95e97471b43952ce98b810ddac20a85a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
5cb7cd.png
app1.oswfrf.xyz/webx/hx/desktop/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.oswfrf.xyz/webx/hx/desktop/images/5cb7cd.png
Requested by
Host: app1.oswfrf.xyz
URL: https://app1.oswfrf.xyz/webx/hx/desktop/styles/index.6b71.css?v=23.05.25.74773
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.45.122.91 , United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
f5f43ef4d32ab1382907b6c733cd35a7207b8ffb69a83db0ca1d982877594592
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.oswfrf.xyz/webx/hx/desktop/styles/index.6b71.css?v=23.05.25.74773
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 09:42:09 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 10 Jan 2022 09:00:20 GMT
server
****
etag
"61dbf5a4-3dad"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
15789
x-xss-protection
1
x-request-id
af6fd01fed75b121fdee524b820dc9ba
expires
Tue, 25 Jul 2023 09:42:09 GMT
speedtests
app1.oswfrf.xyz/api/domain/platform/ 		80 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app1.oswfrf.xyz/api/domain/platform/speedtests
Requested by
Host: app1.oswfrf.xyz
URL: https://app1.oswfrf.xyz/webx/hx/desktop/javascript/chunk.vendor.2853.js?v=23.05.25.74773
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.45.122.91 , United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
ff1492308fd2164768ec85bfed9e64e843c450ced108cc4b926a44fdf1ce9dc6

Request headers

Accept
application/json, text/plain, */*
Referer
https://app1.oswfrf.xyz/
Accept-Language
de-DE,de;q=0.9
Authorization
bearer undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Accept-Currency
cny
Content-Type
application/vnd.sc-api.v1.json

Response headers

date
Tue, 18 Jul 2023 09:42:09 GMT
content-encoding
gzip
x-cache
BYPASS
x-request-id
40d244dc5097875003f0f539bd26f822
x-runtime
0.063
server
****
vary
Accept-Encoding
x-ratelimit-remaining
299
content-type
application/json
access-control-max-age
86400
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers
Authorization, Set-Cookie
cache-control
max-age=0, no-cache, no-store, private
access-control-allow-credentials
true
x-ratelimit-limit
300
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
point.bmp
app1.oswfrf.xyz// 		68 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.oswfrf.xyz//point.bmp?r=959572
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.45.122.91 , United States, ASN9294 (GNETINC-AS-AP GNET INC., US),
Reverse DNS
Software
**** /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.oswfrf.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 09:42:09 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 16 Jul 2019 05:18:48 GMT
server
****
etag
"5d2d5e38-44"
x-cache
MISS
content-type
image/x-ms-bmp
cache-control
max-age=1800
accept-ranges
bytes
content-length
68
x-xss-protection
1
x-request-id
21d87b13b841b8a40decda4141ff3e37
expires
Tue, 25 Jul 2023 09:42:09 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend string| __CDN_PUBLIC_PATH__ object| webpackJsonp function| webpackHotUpdate function| _ string| $LANG string| $CURRENCY object| i18nDebug function| PushStream object| PushStreamManager function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ number| 2f1acc6c3a606b082e5eef5e54414ffb object| Hex object| Base64 function| ASN1 function| loadStaticMethodData object| devConsole function| _i18n number| serverTime number| localTime number| during object| method-data

2 Cookies

Domain/Path Name / Value
app1.oswfrf.xyz/ Name: session_sslproxy_server
Value: 9bd8eba4-4364-4711eb1b2388cb5dc0df9b1bd163bde61bcb
app1.oswfrf.xyz/ Name: currency
Value: cny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app1.oswfrf.xyz
tcdn.weiyihx.com
119.28.19.156
38.45.122.91
0d270041ef4e50d1bb0a7eeb81375aa82016614a03010ad48a3a2277fdffb8d1
0fd557e3999b5f4142bbd5e30fdb9c749670ee274f4efa8f4e72c116ae8a6ac1
15cbad734c46e9b2c08558b00b08c915fc2c086235316aaffda14dbd2ca23f65
18c22241df6f22d10d041e59b84ec2222bafe593834fb4316877de62786f7e1c
1f44747dcb0a9b7e2475bc3c2ad88132c7674d6d8a46380140cabe25fd89b169
24446af277a39fad9cb12f49d82ec64469154d09a7cc4ab6ce21491de12ee7a7
2a593a5189c0fda13e22ad82d74fa5d79e284c36f43d772a5646b7c5d6e5ee11
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
4926c977a9630a5906c63fffffc336c95e97471b43952ce98b810ddac20a85a0
5b0652389230af80bb8dfff7df27bc2a3cd89212b26e19455e8b710b0769afa3
63ae5327826544e7337261279862e11e410478d3878ddf79eec6992db9e0dfdc
6e125f5d71f286ad4dd242886c82d6822491245420ec5de729ad5a3520d5db45
7879bdfa80b78ef49786bc8e66f3bdd0174ee05b02d0ade6f0a9fcf3f53c1057
8144c81d09a0d51a2407b11b12a8edbee56c4dbd6961c77a749dc757b63cc44a
948e40a3f7ed538f51398781d3287df797a4439a04bf7cc7fc5847d4fc105381
9c071cdc0ba07d5c0110c1b8174a914944c27243712b567950f7f5637bbd6e2c
a3d537d1795c22b1e6749623f94f337d92270b2f3b1c04c5eee7073d51a288e5
ac7e512b57d33d45968fdad2125d5b14e768398ce5c5673059ed05103dd370f9
b06d08f004b94992aeeab3824f4602924aebcd4b4ff69ac37b4e9c10f8a35b48
b637ccaff9e8869e483311bd6cf803fa620ee180284b104ef90b570cdd2a3b56
c665a11878656b7756565ca2237bd4b46845d190ba2913019fef2f1452ca28cf
cc07a56c2902f6fbe6a339eb58cf41fabf5c558d83e6890053dbd05567a65445
da3f630b809b017303af43803b3033e9cb011fb35fd7722518e1845fcffc030e
dde30f62646847db13e006b00339c794826fb8f2607f9d43544433d619ca0398
e12dbb63ca012a5b0499784100b45d8f18789a41ae4e8ec550d08f3733b99b69
f21e9aa8d5367255b571dbcaad1454748fd1df99872688a0f91502add0cc492d
f5f43ef4d32ab1382907b6c733cd35a7207b8ffb69a83db0ca1d982877594592
f9e97d2b6f06c31da653276538a6c36811fcd14217fc682f4b401e21dd9be8d4
ff1492308fd2164768ec85bfed9e64e843c450ced108cc4b926a44fdf1ce9dc6