app-dhjvbl.junyaochaye.com
Open in
urlscan Pro
170.33.96.105
Public Scan
Effective URL: https://app-dhjvbl.junyaochaye.com/page/dhjvbl/install/c/eyJtIjoiX3pkYjJLeFVIZTBBQUFHRUhzVTBBZWhRMHNJdm1OYWFMNHYxWVpla29YQ1NxR2Y2Ml...
Submission: On October 28 via api from US — Scanned from US
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 24th 2022. Valid for: a year.
This is the only time app-dhjvbl.junyaochaye.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Downloads These files were downloaded by the website
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 45.207.36.174 45.207.36.174 | 133199 (SONDERCLO...) (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited) | |
4 | 154.197.15.18 154.197.15.18 | 400618 (PRIME-SEC) (PRIME-SEC) | |
7 | 47.253.28.5 47.253.28.5 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
1 | 154.82.120.144 154.82.120.144 | 399077 (TERAEXCH) (TERAEXCH) | |
1 2 | 170.33.96.105 170.33.96.105 | 134963 (ASEPL-AS-...) (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited) | |
1 1 | 23.224.86.173 23.224.86.173 | () () | |
1 | 120.77.166.19 120.77.166.19 | () () | |
15 | 6 |
ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK)
xpoplrl7.xyz |
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
amazon2as.oss-accelerate.aliyuncs.com | |
cloudto1.oss-accelerate.aliyuncs.com |
ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG)
app-dhjvbl.junyaochaye.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
aliyuncs.com
amazon2as.oss-accelerate.aliyuncs.com cloudto1.oss-accelerate.aliyuncs.com wasnfqjs20221028.oss-cn-shenzhen.aliyuncs.com |
837 KB |
5 |
xpoplrl7.xyz
1 redirects
xpoplrl7.xyz |
61 KB |
2 |
junyaochaye.com
sdk.junyaochaye.com Failed app-dhjvbl.junyaochaye.com |
11 KB |
1 |
ddosrbpp.cn
1 redirects
d92707.ddosrbpp.cn |
422 B |
1 |
szdaqi88.com
sdk.szdaqi88.com — Cisco Umbrella Rank: 936393 |
667 B |
15 | 5 |
Domain | Requested by | |
---|---|---|
5 | cloudto1.oss-accelerate.aliyuncs.com |
xpoplrl7.xyz
|
5 | xpoplrl7.xyz |
1 redirects
xpoplrl7.xyz
|
2 | app-dhjvbl.junyaochaye.com |
1 redirects
xpoplrl7.xyz
|
2 | amazon2as.oss-accelerate.aliyuncs.com |
xpoplrl7.xyz
|
1 | wasnfqjs20221028.oss-cn-shenzhen.aliyuncs.com |
app-dhjvbl.junyaochaye.com
|
1 | d92707.ddosrbpp.cn | 1 redirects |
1 | sdk.szdaqi88.com |
xpoplrl7.xyz
|
0 | sdk.junyaochaye.com Failed |
xpoplrl7.xyz
|
15 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
uftpzsl1.xyz R3 |
2022-10-28 - 2023-01-26 |
3 months | crt.sh |
*.oss-us-east-1.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G2 |
2022-01-20 - 2023-02-21 |
a year | crt.sh |
*.szdaqi88.com Sectigo RSA Domain Validation Secure Server CA |
2022-03-16 - 2023-03-16 |
a year | crt.sh |
*.junyaochaye.com Sectigo RSA Domain Validation Secure Server CA |
2022-10-24 - 2023-10-24 |
a year | crt.sh |
*.oss-cn-shenzhen.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G2 |
2022-01-20 - 2023-02-21 |
a year | crt.sh |
This page contains 1 frames:
Frame:
https://wasnfqjs20221028.oss-cn-shenzhen.aliyuncs.com/20221028/217224_sign.apk?OSSAccessKeyId=LTAI5tCWaZtZzv9Z3FYPNeay&Expires=1666963855&Signature=4i%2BFl28NpbxH1lN%2FGpP3NBTI0hE%3D
Frame ID: 0D4041A1A98620C046A061FAA300481B
Requests: 15 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://xpoplrl7.xyz/
HTTP 301
https://xpoplrl7.xyz/ Page URL
- https://app-dhjvbl.junyaochaye.com/page/dhjvbl/install/c/eyJtIjoiX3pkYjJLeFVIZTBBQUFHRUhzVTBBZWhRMHNJdm1OYWFMNH... Page URL
Detected technologies
Clipboard.js (Miscellaneous) ExpandDetected patterns
- clipboard(?:-([\d.]+))?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://xpoplrl7.xyz/
HTTP 301
https://xpoplrl7.xyz/ Page URL
- https://app-dhjvbl.junyaochaye.com/page/dhjvbl/install/c/eyJtIjoiX3pkYjJLeFVIZTBBQUFHRUhzVTBBZWhRMHNJdm1OYWFMNHYxWVpla29YQ1NxR2Y2MlZCbU42d1JFM00ifQ==?p=0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://xpoplrl7.xyz/ HTTP 301
- https://xpoplrl7.xyz/
- https://app-dhjvbl.junyaochaye.com/page/dhjvbl/install/c/eyJtIjoiX3pkYjJLeFVIZTBBQUFHRUhzVTBBZWhRMHNJdm1OYWFMNHYxWVpla29YQ1NxR2Y2MlZCbU42d1JFM00ifQ==?p=0 HTTP 302
- https://d92707.ddosrbpp.cn/Dos/d/c/5sppdN7ykEdG895G HTTP 302
- https://wasnfqjs20221028.oss-cn-shenzhen.aliyuncs.com/20221028/217224_sign.apk?OSSAccessKeyId=LTAI5tCWaZtZzv9Z3FYPNeay&Expires=1666963855&Signature=4i%2BFl28NpbxH1lN%2FGpP3NBTI0hE%3D
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
xpoplrl7.xyz/ Redirect Chain
|
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
xpoplrl7.xyz/js/ |
87 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
first.gif
amazon2as.oss-accelerate.aliyuncs.com/images/ |
468 KB 468 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1_01.jpg
cloudto1.oss-accelerate.aliyuncs.com/images/ |
22 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1_02.jpg
cloudto1.oss-accelerate.aliyuncs.com/images/ |
64 KB 65 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1_03.jpg
amazon2as.oss-accelerate.aliyuncs.com/images/ |
60 KB 60 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1_04.jpg
cloudto1.oss-accelerate.aliyuncs.com/images/ |
110 KB 110 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clipboard.min.js
xpoplrl7.xyz/js/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appinstall.js
xpoplrl7.xyz/js/ |
45 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kf.gif
cloudto1.oss-accelerate.aliyuncs.com/images/ |
35 KB 35 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
down.gif
cloudto1.oss-accelerate.aliyuncs.com/images/ |
76 KB 76 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
init
sdk.szdaqi88.com/web/dhjvbl/_/ |
420 B 667 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
clicked
sdk.junyaochaye.com/web/dhjvbl/_/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
eyJtIjoiX3pkYjJLeFVIZTBBQUFHRUhzVTBBZWhRMHNJdm1OYWFMNHYxWVpla29YQ1NxR2Y2MlZCbU42d1JFM00ifQ==
app-dhjvbl.junyaochaye.com/page/dhjvbl/install/c/ |
11 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
217224_sign.apk
wasnfqjs20221028.oss-cn-shenzhen.aliyuncs.com/20221028/ Redirect Chain
|
0 0 |
Document
application/vnd.android.package-archive |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- sdk.junyaochaye.com
- URL
- https://sdk.junyaochaye.com/web/dhjvbl/_/clicked?p=0&ref=https%3A%2F%2Fxpoplrl7.xyz%2F&ac=0&cc=0
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _0x39ee function| _0x10a8 function| _0x515581 function| _0x5d853e function| _0x33e19b function| _0xd82cc9 function| _0x17f61b number| seed string| result2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
app-dhjvbl.junyaochaye.com/ | Name: alicfw Value: 3496778422%7C2121589291%7C1328233473%7C1328234225 |
|
app-dhjvbl.junyaochaye.com/ | Name: alicfw_gfver Value: v1.200309.1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amazon2as.oss-accelerate.aliyuncs.com
app-dhjvbl.junyaochaye.com
cloudto1.oss-accelerate.aliyuncs.com
d92707.ddosrbpp.cn
sdk.junyaochaye.com
sdk.szdaqi88.com
wasnfqjs20221028.oss-cn-shenzhen.aliyuncs.com
xpoplrl7.xyz
sdk.junyaochaye.com
120.77.166.19
154.197.15.18
154.82.120.144
170.33.96.105
23.224.86.173
45.207.36.174
47.253.28.5
1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44
3d77977fc2d8d6101a2034261f2a5e6e6526b1e1ccedef80dadb8d49570c4c8a
779101d05511ba1fc419b60c0a9786b62412ad5dac100045bf936428a28f52c7
a41d962b651290780e840c6af891a5b5bf63111a37ce0da79cff4702cb830ce2
a60ea3bb61d164a8b23876b80605519d9b53da334b665759d259ff7273bc0154
a8e55f1991be926559f45df5d6382d030ecc28ba863b4604d392b5e9f43a6d7c
b3eff13e100d16ecb01ceba621a6b565388eddee002e835d4df01e6d5335a762
d1fa2a864010d7d034c071d51b60555253edf9f1b3443e6709d567ffd3f21484
e953c154a8bd98da9076333d59ed238543ce1f39fb8225fd2ea2b941926a534e
f482f87bfe938e6ad011574862f681efb3ac56c84a4b1c8915f7cb1b97b23acd
f6974610b825bbeb24fb28c8d13c21aacb7e13c9ea0e14a4ff4bc1fc207e8a17
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fced5bbe9797ebba5c5f9d5d941ad3d2b09904e27343cf226ff078026aa7c519