urlscan.io logo urlscan.io
SecurityTrails logo

36697323.xn--inr90by5xh5sw8ftn2a.com Open in urlscan Pro Puny
36697323.商用厨房空调.com IDN
47.102.226.244  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://s91.wf/
Effective URL: https://36697323.xn--inr90by5xh5sw8ftn2a.com/download/36697323/36697323a1.html
Submission: On May 29 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 7 HTTP transactions. The main IP is 47.102.226.244, located in and belongs to . The main domain is 36697323.xn--inr90by5xh5sw8ftn2a.com.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on March 7th 2024. Valid for: 3 months.
This is the only time 36697323.xn--inr90by5xh5sw8ftn2a.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 116.193.153.49 138195 (MOACKCOLT...)
2 47.102.226.244 ()
7 3
Domain Requested by
2 36697323.xn--inr90by5xh5sw8ftn2a.com
2 www.s91.wf
2 s91.wf
0 47.100.106.196 Failed 36697323.xn--inr90by5xh5sw8ftn2a.com
7 4

This site contains no links.

Subject Issuer Validity Valid
xn--inr90by5xh5sw8ftn2a.com
ZeroSSL ECC Domain Secure Site CA		 2024-03-07 -
2024-06-05		 3 months crt.sh

This page contains 1 frames:

Frame: https://47.100.106.196:8001/dw/36697323_8001.html
Frame ID: EE4051FB491EE7E14DB38F0DE5B3B686
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://s91.wf/ HTTP 307
    https://s91.wf/ HTTP 307
    http://s91.wf/ Page URL
  2. http://www.s91.wf/b/ HTTP 307
    https://www.s91.wf/b/ HTTP 307
    http://www.s91.wf/b/ Page URL
  3. https://36697323.xn--inr90by5xh5sw8ftn2a.com/download/36697323/36697323a1.html Page URL

Page Statistics

7
Requests

29 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

14 kB
Transfer

12 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://s91.wf/ HTTP 307
    https://s91.wf/ HTTP 307
    http://s91.wf/ Page URL
  2. http://www.s91.wf/b/ HTTP 307
    https://www.s91.wf/b/ HTTP 307
    http://www.s91.wf/b/ Page URL
  3. https://36697323.xn--inr90by5xh5sw8ftn2a.com/download/36697323/36697323a1.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://s91.wf/ HTTP 307
  • https://s91.wf/ HTTP 307
  • http://s91.wf/
Request Chain 1
  • http://www.s91.wf/b/ HTTP 307
  • https://www.s91.wf/b/ HTTP 307
  • http://www.s91.wf/b/
Request Chain 5
  • http://47.100.106.196:8001/dw/36697323_8001.html HTTP 307
  • https://47.100.106.196:8001/dw/36697323_8001.html

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
s91.wf/
Redirect Chain
  • http://s91.wf/
  • https://s91.wf/
  • http://s91.wf/
199 B
550 B 		Document
General
Check archive.org
Download Go to
Full URL
http://s91.wf/
Protocol
HTTP/1.1
Server
116.193.153.49 , China, ASN138195 (MOACKCOLTD-AS-AP MOACK.Co.LTD, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
64246685b904d5f80372e38a3656cd92b95405eca9b9a3b47532309ce5d3dc6d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.29 Safari/537.36

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
255
Content-Type
text/html
Date
Wed, 29 May 2024 08:11:09 GMT
ETag
"f7387218a4a8da1:0"
Last-Modified
Fri, 17 May 2024 21:49:29 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-Powered-By
ASP.NET

Redirect headers

Location
http://s91.wf/
Non-Authoritative-Reason
HttpsUpgrades
/
www.s91.wf/b/
Redirect Chain
  • http://www.s91.wf/b/
  • https://www.s91.wf/b/
  • http://www.s91.wf/b/
259 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.s91.wf/b/
Protocol
HTTP/1.1
Server
116.193.153.49 , China, ASN138195 (MOACKCOLTD-AS-AP MOACK.Co.LTD, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://s91.wf/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.29 Safari/537.36

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
296
Content-Type
text/html
Date
Wed, 29 May 2024 08:11:12 GMT
ETag
"1eb67f1b4aa3da1:0"
Last-Modified
Sat, 11 May 2024 02:22:44 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-Powered-By
ASP.NET

Redirect headers

Location
http://www.s91.wf/b/
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
s91.wf/ 		5 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://s91.wf/favicon.ico
Protocol
HTTP/1.1
Server
116.193.153.49 , China, ASN138195 (MOACKCOLTD-AS-AP MOACK.Co.LTD, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://s91.wf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.29 Safari/537.36

Response headers

Date
Wed, 29 May 2024 08:11:09 GMT
Cache-Control
private
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Length
4721
Content-Type
text/html; charset=utf-8
Primary Request 36697323a1.html
36697323.xn--inr90by5xh5sw8ftn2a.com/download/36697323/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://36697323.xn--inr90by5xh5sw8ftn2a.com/download/36697323/36697323a1.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
47.102.226.244 -, , ASN (),
Reverse DNS
Software
openresty/1.15.8.1 /
Resource Hash
75842afe886cd376b6d7be59b70f0e7c6080e014b0fe88bd4dfcc4086454bf3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://www.s91.wf/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.29 Safari/537.36

Response headers

Cache-Control
max-age=0
Connection
keep-alive
Content-Type
text/html
Date
Wed, 29 May 2024 08:11:14 GMT
Expires
Wed, 29 May 2024 08:11:14 GMT
Server
openresty/1.15.8.1
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
favicon.ico
www.s91.wf/ 		5 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://www.s91.wf/favicon.ico
Protocol
HTTP/1.1
Server
116.193.153.49 , China, ASN138195 (MOACKCOLTD-AS-AP MOACK.Co.LTD, KR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://www.s91.wf/b/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.29 Safari/537.36

Response headers

Date
Wed, 29 May 2024 08:11:12 GMT
Cache-Control
private
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Length
4725
Content-Type
text/html; charset=utf-8
favicon.ico
36697323.xn--inr90by5xh5sw8ftn2a.com/ 		2 B
356 B 		Other
General
Check archive.org
Download Go to
Full URL
https://36697323.xn--inr90by5xh5sw8ftn2a.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
47.102.226.244 -, , ASN (),
Reverse DNS
Software
openresty/1.15.8.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://36697323.xn--inr90by5xh5sw8ftn2a.com/download/36697323/36697323a1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.29 Safari/537.36

Response headers

Date
Wed, 29 May 2024 08:11:14 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 15 Feb 2024 01:16:55 GMT
Server
openresty/1.15.8.1
ETag
"65cd6607-2"
Content-Type
image/x-icon
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2
Expires
Wed, 29 May 2024 08:11:14 GMT
36697323_8001.html
47.100.106.196/dw/
Redirect Chain
  • http://47.100.106.196:8001/dw/36697323_8001.html
  • https://47.100.106.196:8001/dw/36697323_8001.html
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
47.100.106.196
URL
https://47.100.106.196:8001/dw/36697323_8001.html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: http://s91.wf/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://www.s91.wf/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

36697323.xn--inr90by5xh5sw8ftn2a.com
47.100.106.196
s91.wf
www.s91.wf
47.100.106.196
116.193.153.49
47.102.226.244
64246685b904d5f80372e38a3656cd92b95405eca9b9a3b47532309ce5d3dc6d
75842afe886cd376b6d7be59b70f0e7c6080e014b0fe88bd4dfcc4086454bf3b