qd-app13.gdyatyf.com Open in urlscan Pro
122.114.12.11 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://qd-app13.gdyatyf.com/
Submission Tags: @phishunt_io
Submission: On September 30 via api (September 30th 2022, 5:36:49 am UTC) from DE — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 122.114.12.11, located in China and belongs to CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN. The main domain is qd-app13.gdyatyf.com.
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on August 1st 2022. Valid for: 3 months.

This is the only time qd-app13.gdyatyf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	122.114.12.11 122.114.12.11	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
1	3.97.250.146 3.97.250.146	16509 (AMAZON-02) (AMAZON-02)
3	42.194.172.207 42.194.172.207	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
16	4

11 122.114.12.11 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

qd-app13.gdyatyf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.97.250.146 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-97-250-146.ca-central-1.compute.amazonaws.com

res.hduofen.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 42.194.172.207 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

api.hduofen.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	gdyatyf.com qd-app13.gdyatyf.com	133 KB
4	hduofen.cn res.hduofen.cn api.hduofen.cn	23 KB
0	gdkangen.com Failed kun3.gdkangen.com Failed
16	3

	Domain	Requested by
11	qd-app13.gdyatyf.com	qd-app13.gdyatyf.com
3	api.hduofen.cn	res.hduofen.cn
1	res.hduofen.cn	qd-app13.gdyatyf.com
0	kun3.gdkangen.com Failed	qd-app13.gdyatyf.com
16	4

This site contains no links.

Subject Issuer	Validity	Valid
qd-app05.gdyatyf.com TrustAsia RSA DV TLS CA G2	`2022-08-01` - `2022-10-30`	3 months	crt.sh
res.hduofen.cn Encryption Everywhere DV TLS CA - G1	`2022-04-25` - `2023-04-25`	a year	crt.sh
api.hduofen.cn Encryption Everywhere DV TLS CA - G1	`2022-08-21` - `2023-08-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://qd-app13.gdyatyf.com/
Frame ID: 8EE0CFBFEC81511B72A8E499EC68DEEF
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

在线咨询

Detected technologies

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

94 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

156 kB
Transfer

279 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response qd-app13.gdyatyf.com/	8 KB 3 KB	924ms 202ms	Document text/html	122.114.12.11 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://qd-app13.gdyatyf.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 122.114.12.11 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software nginx / Resource Hash `f7f66890c6ad5770142680afe60fcaa0bf64364a231922f381cc576969e2813d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Fri, 30 Sep 2022 05:32:59 GMT ETag W/"62ba9821-2172" Last-Modified Tue, 28 Jun 2022 05:56:49 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	style.css qd-app13.gdyatyf.com/css/	17 KB 4 KB	204ms 202ms	Stylesheet text/css	122.114.12.11 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://qd-app13.gdyatyf.com/css/style.css Requested by Host: qd-app13.gdyatyf.com URL: https://qd-app13.gdyatyf.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 122.114.12.11 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software nginx / Resource Hash `c92fbd8624330d3606566016cbee1f115afaad4070cc884dfee6f6c596a27288` Request headers accept-language de-DE,de;q=0.9 Referer https://qd-app13.gdyatyf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Fri, 30 Sep 2022 05:32:59 GMT Content-Encoding gzip Last-Modified Fri, 22 Apr 2022 07:54:23 GMT Server nginx ETag W/"62625f2f-433f" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control max-age=43200 Connection keep-alive Expires Fri, 30 Sep 2022 17:32:59 GMT
GET H/1.1	200 OK	jquery-1.12.4.min.js Show response qd-app13.gdyatyf.com/js/	95 KB 37 KB	432ms 427ms	Script application/javascript	122.114.12.11 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://qd-app13.gdyatyf.com/js/jquery-1.12.4.min.js Requested by Host: qd-app13.gdyatyf.com URL: https://qd-app13.gdyatyf.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 122.114.12.11 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software nginx / Resource Hash `668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404` Request headers accept-language de-DE,de;q=0.9 Referer https://qd-app13.gdyatyf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Fri, 30 Sep 2022 05:32:59 GMT Content-Encoding gzip Last-Modified Fri, 22 Apr 2022 07:54:23 GMT Server nginx ETag W/"62625f2f-17b8b" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43200 Connection keep-alive Expires Fri, 30 Sep 2022 17:32:59 GMT
GET H/1.1	200 OK	img.js Show response qd-app13.gdyatyf.com/js/	84 B 396 B	406ms 201ms	Script application/javascript	122.114.12.11 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://qd-app13.gdyatyf.com/js/img.js Requested by Host: qd-app13.gdyatyf.com URL: https://qd-app13.gdyatyf.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 122.114.12.11 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software nginx / Resource Hash `632f952a68258f21d7230cce88b3d05fecbf00a8669986a320c21cc84482314c` Request headers accept-language de-DE,de;q=0.9 Referer https://qd-app13.gdyatyf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Fri, 30 Sep 2022 05:32:59 GMT Last-Modified Fri, 22 Apr 2022 07:54:23 GMT Server nginx ETag "62625f2f-54" Content-Type application/javascript Cache-Control max-age=43200 Connection keep-alive Accept-Ranges bytes Content-Length 84 Expires Fri, 30 Sep 2022 17:32:59 GMT
GET H/1.1	200 OK	layer.js Show response qd-app13.gdyatyf.com/js/	3 KB 2 KB	611ms 204ms	Script application/javascript	122.114.12.11 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://qd-app13.gdyatyf.com/js/layer.js Requested by Host: qd-app13.gdyatyf.com URL: https://qd-app13.gdyatyf.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 122.114.12.11 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software nginx / Resource Hash `f4c08c51df259ea8b1acbe7d3b18e46432062ff0c03465ec31d75cffb95bfb02` Request headers accept-language de-DE,de;q=0.9 Referer https://qd-app13.gdyatyf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Fri, 30 Sep 2022 05:33:00 GMT Content-Encoding gzip Last-Modified Fri, 22 Apr 2022 07:54:23 GMT Server nginx ETag W/"62625f2f-cbd" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43200 Connection keep-alive Expires Fri, 30 Sep 2022 17:33:00 GMT
GET H/1.1	200 OK	clipboard.min.js Show response qd-app13.gdyatyf.com/js/	10 KB 4 KB	619ms 206ms	Script application/javascript	122.114.12.11 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://qd-app13.gdyatyf.com/js/clipboard.min.js Requested by Host: qd-app13.gdyatyf.com URL: https://qd-app13.gdyatyf.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 122.114.12.11 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software nginx / Resource Hash `8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2` Request headers accept-language de-DE,de;q=0.9 Referer https://qd-app13.gdyatyf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Fri, 30 Sep 2022 05:33:00 GMT Content-Encoding gzip Last-Modified Fri, 22 Apr 2022 07:54:23 GMT Server nginx ETag W/"62625f2f-28d5" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43200 Connection keep-alive Expires Fri, 30 Sep 2022 17:33:00 GMT
GET H2	200	zaaxstat.js Show response res.hduofen.cn/js/	56 KB 22 KB	1570ms 107ms	Script application/javascript	3.97.250.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://res.hduofen.cn/js/zaaxstat.js?id=7VaQUVZf Requested by Host: qd-app13.gdyatyf.com URL: https://qd-app13.gdyatyf.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.97.250.146 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-97-250-146.ca-central-1.compute.amazonaws.com Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 mod_jk/1.2.46 / Resource Hash `fcd77aa229a028aec72d49560899af404b82cceb7ad4909acf413165dc1de1f6` Request headers accept-language de-DE,de;q=0.9 Referer https://qd-app13.gdyatyf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers date Thu, 29 Sep 2022 22:57:26 GMT content-encoding gzip x-cache-lookup Cache Hit last-modified Wed, 21 Sep 2022 17:34:58 GMT server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 mod_jk/1.2.46 etag "de69-5e9335d228f77-gzip" vary Accept-Encoding access-control-allow-methods POST content-type application/javascript access-control-allow-origin * x-nws-log-uuid 16040782048130511449 accept-ranges bytes access-control-allow-headers x-requested-with,content-type content-length 22519
GET H/1.1	200 OK	ly_t.png qd-app13.gdyatyf.com/picture/	7 KB 7 KB	206ms 206ms	Image image/png	122.114.12.11 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL https://qd-app13.gdyatyf.com/picture/ly_t.png Requested by Host: qd-app13.gdyatyf.com URL: https://qd-app13.gdyatyf.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 122.114.12.11 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software nginx / Resource Hash `1cd2e32e47a494c8b82dd7e5abcea8fd924bb0e1a1b6fd8a442e59bc814805e5` Request headers accept-language de-DE,de;q=0.9 Referer https://qd-app13.gdyatyf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Fri, 30 Sep 2022 05:33:00 GMT Last-Modified Fri, 22 Apr 2022 07:54:23 GMT Server nginx ETag "62625f2f-1c41" Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 7233 Expires Sun, 30 Oct 2022 05:33:00 GMT
GET H/1.1	200 OK	ly711.js Show response qd-app13.gdyatyf.com/js/	8 KB 3 KB	212ms 212ms	Script application/javascript	122.114.12.11 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://qd-app13.gdyatyf.com/js/ly711.js Requested by Host: qd-app13.gdyatyf.com URL: https://qd-app13.gdyatyf.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 122.114.12.11 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software nginx / Resource Hash `bccb2871a812046c73b6ff52a09bb5057e4a13045b0d779bca24844afc9891da` Request headers accept-language de-DE,de;q=0.9 Referer https://qd-app13.gdyatyf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Fri, 30 Sep 2022 05:33:00 GMT Content-Encoding gzip Last-Modified Tue, 28 Jun 2022 05:59:13 GMT Server nginx ETag W/"62ba98b1-1ec1" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43200 Connection keep-alive Expires Fri, 30 Sep 2022 17:33:00 GMT
GET H/1.1	200 OK	ts.js Show response qd-app13.gdyatyf.com/js/	1 KB 908 B	207ms 206ms	Script application/javascript	122.114.12.11 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://qd-app13.gdyatyf.com/js/ts.js Requested by Host: qd-app13.gdyatyf.com URL: https://qd-app13.gdyatyf.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 122.114.12.11 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software nginx / Resource Hash `54c0fa05897fc248d62c40c7a3886c8cec523c04bafe449384a6378a290b2ccf` Request headers accept-language de-DE,de;q=0.9 Referer https://qd-app13.gdyatyf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Fri, 30 Sep 2022 05:33:00 GMT Content-Encoding gzip Last-Modified Fri, 22 Apr 2022 07:54:23 GMT Server nginx ETag W/"62625f2f-4f8" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43200 Connection keep-alive Expires Fri, 30 Sep 2022 17:33:00 GMT
GET		tuicu.css kun3.gdkangen.com/static/wap/hijack/rw4/css/	0 0

GET H/1.1	200 OK	layer.css qd-app13.gdyatyf.com/js/need/	5 KB 2 KB	206ms 206ms	Stylesheet text/css	122.114.12.11 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://qd-app13.gdyatyf.com/js/need/layer.css?2.0 Requested by Host: qd-app13.gdyatyf.com URL: https://qd-app13.gdyatyf.com/js/layer.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 122.114.12.11 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software nginx / Resource Hash `eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6` Request headers accept-language de-DE,de;q=0.9 Referer https://qd-app13.gdyatyf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Fri, 30 Sep 2022 05:33:00 GMT Content-Encoding gzip Last-Modified Fri, 22 Apr 2022 07:54:23 GMT Server nginx ETag W/"62625f2f-148c" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control max-age=43200 Connection keep-alive Expires Fri, 30 Sep 2022 17:33:00 GMT
POST H2	200	findByUserIdWxh Show response api.hduofen.cn/sem/webstatic/	80 B 395 B	1402ms 256ms	XHR application/json	42.194.172.207 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL https://api.hduofen.cn/sem/webstatic/findByUserIdWxh Requested by Host: res.hduofen.cn URL: https://res.hduofen.cn/js/zaaxstat.js?id=7VaQUVZf Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 42.194.172.207 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software nginx/1.16.0 / Resource Hash `d0e365e87fc145c239c202d610c9636fa7908a83d53dc4539c064a5d46405c30` Request headers Accept application/json Referer https://qd-app13.gdyatyf.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://qd-app13.gdyatyf.com date Fri, 30 Sep 2022 05:36:46 GMT access-control-allow-credentials true content-type application/json;charset=UTF-8 server nginx/1.16.0 access-control-allow-methods POST, GET, OPTIONS, DELETE p3p CP=CAO PSA OUR
GET H/1.1	200 OK	banner001.jpg qd-app13.gdyatyf.com/picture/	69 KB 69 KB	411ms 411ms	Image image/jpeg	122.114.12.11 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL https://qd-app13.gdyatyf.com/picture/banner001.jpg Requested by Host: qd-app13.gdyatyf.com URL: https://qd-app13.gdyatyf.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 122.114.12.11 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software nginx / Resource Hash `d3af51bae0aaabbfca727095e77f30e9a0ef4614691b041f9ab8131d72565b2d` Request headers accept-language de-DE,de;q=0.9 Referer https://qd-app13.gdyatyf.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Date Fri, 30 Sep 2022 05:33:01 GMT Last-Modified Mon, 01 Aug 2022 10:45:57 GMT Server nginx ETag "62e7aee5-1128b" Content-Type image/jpeg Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 70283 Expires Sun, 30 Oct 2022 05:33:01 GMT
POST H2	200	addbrowseRecord Show response api.hduofen.cn/sem/webstatic/	65 B 293 B	238ms 236ms	XHR application/json	42.194.172.207 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL https://api.hduofen.cn/sem/webstatic/addbrowseRecord Requested by Host: res.hduofen.cn URL: https://res.hduofen.cn/js/zaaxstat.js?id=7VaQUVZf Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 42.194.172.207 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software nginx/1.16.0 / Resource Hash `ce0b0d41f1511f8de3142da5e7aa17549e67d01ef7a1d8a1a0731199674dbaeb` Request headers Accept application/json Referer https://qd-app13.gdyatyf.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://qd-app13.gdyatyf.com date Fri, 30 Sep 2022 05:36:46 GMT access-control-allow-credentials true content-type application/json;charset=UTF-8 server nginx/1.16.0 access-control-allow-methods POST, GET, OPTIONS, DELETE p3p CP=CAO PSA OUR
POST H2	200	getJsCode Show response api.hduofen.cn/sem/webstatic/	65 B 293 B	232ms 231ms	XHR application/json	42.194.172.207 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL https://api.hduofen.cn/sem/webstatic/getJsCode Requested by Host: res.hduofen.cn URL: https://res.hduofen.cn/js/zaaxstat.js?id=7VaQUVZf Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 42.194.172.207 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software nginx/1.16.0 / Resource Hash `ce0b0d41f1511f8de3142da5e7aa17549e67d01ef7a1d8a1a0731199674dbaeb` Request headers Accept application/json Referer https://qd-app13.gdyatyf.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://qd-app13.gdyatyf.com date Fri, 30 Sep 2022 05:36:46 GMT access-control-allow-credentials true content-type application/json;charset=UTF-8 server nginx/1.16.0 access-control-allow-methods POST, GET, OPTIONS, DELETE p3p CP=CAO PSA OUR

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kun3.gdkangen.com
URL: http://kun3.gdkangen.com/static/wap/hijack/rw4/css/tuicu.css

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			api.hduofen.cn/	1969-12-31 23:59:59	Name: JSESSIONID Value: 6F834EDF7E31CB7B7D1BE453398B1AF0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://qd-app13.gdyatyf.com/(Line 11) Message: Mixed Content: The page at 'https://qd-app13.gdyatyf.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://kun3.gdkangen.com/static/wap/hijack/rw4/css/tuicu.css'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hduofen.cn
kun3.gdkangen.com
qd-app13.gdyatyf.com
res.hduofen.cn
kun3.gdkangen.com
122.114.12.11
3.97.250.146
42.194.172.207
1cd2e32e47a494c8b82dd7e5abcea8fd924bb0e1a1b6fd8a442e59bc814805e5
54c0fa05897fc248d62c40c7a3886c8cec523c04bafe449384a6378a290b2ccf
632f952a68258f21d7230cce88b3d05fecbf00a8669986a320c21cc84482314c
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2
bccb2871a812046c73b6ff52a09bb5057e4a13045b0d779bca24844afc9891da
c92fbd8624330d3606566016cbee1f115afaad4070cc884dfee6f6c596a27288
ce0b0d41f1511f8de3142da5e7aa17549e67d01ef7a1d8a1a0731199674dbaeb
d0e365e87fc145c239c202d610c9636fa7908a83d53dc4539c064a5d46405c30
d3af51bae0aaabbfca727095e77f30e9a0ef4614691b041f9ab8131d72565b2d
eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6
f4c08c51df259ea8b1acbe7d3b18e46432062ff0c03465ec31d75cffb95bfb02
f7f66890c6ad5770142680afe60fcaa0bf64364a231922f381cc576969e2813d
fcd77aa229a028aec72d49560899af404b82cceb7ad4909acf413165dc1de1f6

qd-app13.gdyatyf.com Open in urlscan Pro 122.114.12.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

94 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

156 kBTransfer

279 kBSize

1 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

qd-app13.gdyatyf.com Open in urlscan Pro
122.114.12.11 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

156 kB
Transfer

279 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions