urlscan.io logo urlscan.io
SecurityTrails logo

dxtz001.vip Open in urlscan Pro
156.251.163.151  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://69321.pro/
Effective URL: https://dxtz001.vip/nice.htm?100011199
Submission: On July 21 via api from BE — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 11 HTTP transactions. The main IP is 156.251.163.151, located in United States and belongs to CNSERVERS, US. The main domain is dxtz001.vip.
TLS certificate: Issued by R10 on June 30th 2024. Valid for: 3 months.
This is the only time dxtz001.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.247.127.107 40065 (CNSERVERS)
2 156.251.163.151 40065 (CNSERVERS)
1 163.181.131.208 24429 (TAOBAO Zh...)
2 76.76.21.61 16509 (AMAZON-02)
1 60.205.127.28 37963 (ALIBABA-C...)
4 172.67.171.116 13335 (CLOUDFLAR...)
11 6
1    172.247.127.107 (United States)

ASN40065 (CNSERVERS, US)
69321.pro
2    156.251.163.151 (United States)

ASN40065 (CNSERVERS, US)
dxtz001.vip
1    163.181.131.208 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
res.openinstall.com
2    76.76.21.61 (Walnut, United States)

ASN16509 (AMAZON-02, US)
cloud.umami.is
1    60.205.127.28 (Beijing, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
web-uxuu9o.openinstall.com
4    172.67.171.116 (United States)

ASN13335 (CLOUDFLARENET, US)
api-gateway.umami.dev
Apex Domain
Subdomains		 Transfer
4 umami.dev
api-gateway.umami.dev — Cisco Umbrella Rank: 88435
1 KB
2 umami.is
cloud.umami.is — Cisco Umbrella Rank: 363339
2 KB
2 openinstall.com
res.openinstall.com — Cisco Umbrella Rank: 998426
web-uxuu9o.openinstall.com
20 KB
2 dxtz001.vip
dxtz001.vip
2 KB
1 69321.pro
69321.pro
204 B
0 cctv13memb01.vip Failed
cctv13memb01.vip Failed
11 6
Domain Requested by
4 api-gateway.umami.dev cloud.umami.is
2 cloud.umami.is dxtz001.vip
2 dxtz001.vip
1 web-uxuu9o.openinstall.com res.openinstall.com
1 res.openinstall.com dxtz001.vip
1 69321.pro 1 redirects
0 cctv13memb01.vip Failed dxtz001.vip
11 7

This site contains no links.

Subject Issuer Validity Valid
dxtz001.vip
R10		 2024-06-30 -
2024-09-28		 3 months crt.sh
*.openinstall.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2024-05-10 -
2025-05-09		 a year crt.sh
cloud.umami.is
R11		 2024-07-16 -
2024-10-14		 3 months crt.sh
umami.dev
E6		 2024-06-25 -
2024-09-23		 3 months crt.sh

This page contains 1 frames:

Frame: https://cctv13memb01.vip/?aff=100011199
Frame ID: B70F67314077BCF1747EEBD24A5D793E
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

安全跳转

Page URL History Show full URLs

  1. https://69321.pro/ HTTP 301
    https://dxtz001.vip/nice.htm?100011199 Page URL

Page Statistics

11
Requests

91 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

25 kB
Transfer

56 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://69321.pro/ HTTP 301
    https://dxtz001.vip/nice.htm?100011199 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request nice.htm
dxtz001.vip/
Redirect Chain
  • https://69321.pro/
  • https://dxtz001.vip/nice.htm?100011199
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dxtz001.vip/nice.htm?100011199
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
156.251.163.151 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
cdn /
Resource Hash
ff7202879f0fecc107fe4859adfbee4a63337d30146f058885342e0b6a30f41e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 21 Jul 2024 19:22:06 GMT
ETag
W/"669ca4c7-c1b"
Last-Modified
Sun, 21 Jul 2024 06:03:51 GMT
Server
cdn
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sun, 21 Jul 2024 19:22:04 GMT
Location
https://dxtz001.vip/nice.htm?100011199
Server
cdn
openinstall-uxuu9o.js
res.openinstall.com/ 		47 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.openinstall.com/openinstall-uxuu9o.js
Requested by
Host: dxtz001.vip
URL: https://dxtz001.vip/nice.htm?100011199
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.131.208 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
c54f7c66910e9d3f7f1be9923fdcfece3b5896cacf18faa627ba4372f0a013c1

Request headers

Referer
https://dxtz001.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 19:22:08 GMT
content-encoding
br
via
cache23.l2de2[472,473,200-0,M], cache4.l2de2[474,0], ens-cache3.de7[480,481,200-0,M], ens-cache3.de7[482,0]
server
Tengine
x-swift-cachetime
3600
vary
Accept-Encoding
x-cache
MISS TCP_REFRESH_MISS dirn:12:820904804
ali-swift-global-savetime
1721589728
content-type
text/javascript;charset=utf-8
cache-control
max-age=7200
x-swift-savetime
Sun, 21 Jul 2024 19:22:08 GMT
timing-allow-origin
*
eagleid
a3b5839717215897277054094e
script.js
cloud.umami.is/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.umami.is/script.js
Requested by
Host: dxtz001.vip
URL: https://dxtz001.vip/nice.htm?100011199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ea5a81f5881bce2d303b820cd09d4a0a96981295b5161693e58942a1c7e59f28
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; connect-src *; frame-ancestors 'self';
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://dxtz001.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self'; img-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; connect-src *; frame-ancestors 'self';
content-encoding
br
date
Sun, 21 Jul 2024 19:22:07 GMT
strict-transport-security
max-age=63072000
age
1696033
x-dns-prefetch-control
on
content-disposition
inline; filename="script.js"
server
Vercel
x-vercel-id
fra1:fra1:fra1::xgkkn-1721589727078-40d9406d730d
x-matched-path
/script.js
etag
W/"a8b809821d04e40c5935471a8fe4be9a"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
script.js
cloud.umami.is/ 		3 KB
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.umami.is/script.js
Requested by
Host: dxtz001.vip
URL: https://dxtz001.vip/nice.htm?100011199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ea5a81f5881bce2d303b820cd09d4a0a96981295b5161693e58942a1c7e59f28
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; connect-src *; frame-ancestors 'self';
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://dxtz001.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self'; img-src *; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; connect-src *; frame-ancestors 'self';
date
Sun, 21 Jul 2024 19:22:08 GMT
content-encoding
br
strict-transport-security
max-age=63072000
age
1696033
x-dns-prefetch-control
on
content-disposition
inline; filename="script.js"
server
Vercel
x-vercel-id
fra1:fra1:fra1::mr7q6-1721589728478-ba7b5257ca40
x-matched-path
/script.js
x-vercel-cache
BYPASS
etag
W/"a8b809821d04e40c5935471a8fe4be9a"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
init2
web-uxuu9o.openinstall.com/web/uxuu9o/_/ 		304 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web-uxuu9o.openinstall.com/web/uxuu9o/_/init2?av=0&cv=0&hash=&sw=p6Cmpg&sh=p6Smpg&sp=1&li=p6GkuKehuKa4pKQ
Requested by
Host: res.openinstall.com
URL: https://res.openinstall.com/openinstall-uxuu9o.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.205.127.28 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash
24eb57f9573b4c61ee373742b688a4d05aa68aa467424d28fedd30b5dc78441f

Request headers

Referer
https://dxtz001.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://dxtz001.vip
date
Sun, 21 Jul 2024 19:22:09 GMT
access-control-allow-credentials
true
content-length
304
vary
Origin
content-type
text/plain
send
api-gateway.umami.dev/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-gateway.umami.dev/api/send
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.171.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dxtz001.vip
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-placement
remote-EWR
cf-ray
8a6d8ede7ecd0e5b-MXP
content-length
0
date
Sun, 21 Jul 2024 19:22:09 GMT
expect-ct
max-age=86400, enforce
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ifp%2BQXNYsVOUHrD%2BDDmQ3q1cKdelSYxtS2iZUbwmUtXqhAphZlpkBn3Xwgv9LRTZPZIdpJf9m4sSTrom0TQxrLha11b%2FFggYrN0Wz7LZiJZzE2C3RVWqHBtN%2F9cBdGPsB2tc4y8Qfpk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
send
api-gateway.umami.dev/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-gateway.umami.dev/api/send
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.171.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dxtz001.vip
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-placement
remote-EWR
cf-ray
8a6d8ede7ec50e5b-MXP
content-length
0
date
Sun, 21 Jul 2024 19:22:09 GMT
expect-ct
max-age=86400, enforce
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nxS%2BJt3IWyf%2BHgqgxUlLX2yK%2F7JYpd7XN6LmNVJogMHkA%2FbDiA3sDUXf3gQrtYeke4gpV9uXSq%2BybC4zrgsGi4epE5OURsGuq2ITFi0fzaHn7tILf6vmYQEKQgztAT6j916PS5xqx%2Bg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
send
api-gateway.umami.dev/api/ 		43 B
344 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-gateway.umami.dev/api/send
Requested by
Host: cloud.umami.is
URL: https://cloud.umami.is/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.171.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ac49ab5d4b0ee339b4cd1f74c08e49058371d097462c2b364ab4f20e1043848
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dxtz001.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Jul 2024 19:22:09 GMT
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
cf-placement
remote-EWR
content-length
43
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
cloudflare
expect-ct
max-age=86400, enforce
access-control-max-age
86400
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v4OOag%2ByX0heCYIV3%2Fy21oOHHwQLGb5j7gHu83AaGkATloduCkpJlMUvk76DDDRQABEGEt9dm3pXEp99mUOCKpc%2BhbAlvoYGGnGZjF0q4ehN373cUoVzVvYwxwRRNYNAWDerWx4cGCQ%3D"}],"group":"cf-nel","max_age":604800}
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-ray
8a6d8edfa9060e5b-MXP
access-control-allow-headers
*
send
api-gateway.umami.dev/api/ 		521 B
918 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-gateway.umami.dev/api/send
Requested by
Host: cloud.umami.is
URL: https://cloud.umami.is/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.171.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23ce3e2c6f4fef9f4319d9aafcdd7d5f38356c8b9173db3ca05c9ce77394bac8
Security Headers
Name Value
Content-Security-Policy default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dxtz001.vip/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Jul 2024 19:22:09 GMT
content-security-policy
default-src 'self';img-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline';connect-src 'self' api.umami.is cloud.umami.is;frame-ancestors 'self' undefined
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-dns-prefetch-control
on
alt-svc
h3=":443"; ma=86400
cf-placement
remote-EWR
x-xss-protection
1; mode=block
referrer-policy
same-origin
server
cloudflare
etag
W/"r45goqfy1peh"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
access-control-allow-methods
POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j5JUss8rKOgEeyFhZn%2BlfffQNT632dzShi%2F7hrlyOZsX4UYR6tM2BjLm9PkPTkzaHFCoUaOeFwxafpM0BdFb66uZgLhn5Zyon6q%2FtPS2jNVDuE%2B0Eynj6ww2oWIGag2CgfYPhgdmlhI%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
x-frame-options
SAMEORIGIN
cf-ray
8a6d8edfa8f40e5b-MXP
access-control-allow-headers
*
favicon.ico
dxtz001.vip/ 		138 B
305 B 		Other
General
Check archive.org
Download Go to
Full URL
https://dxtz001.vip/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
156.251.163.151 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
cdn /
Resource Hash
301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f

Request headers

Referer
https://dxtz001.vip/nice.htm?100011199
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 19:22:08 GMT
Server
cdn
Connection
keep-alive
ETag
"6688d0a4-8a"
Content-Length
138
Content-Type
text/html
/
cctv13memb01.vip/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cctv13memb01.vip
URL
https://cctv13memb01.vip/?aff=100011199

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| nice function| cdoe function| GetQueryValue object| config function| OpenInstall object| data object| umami

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://dxtz001.vip/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://api-gateway.umami.dev/api/send
Message:
Failed to load resource: the server responded with a status of 429 ()