![](/screenshots/aeec58fb-20c3-4308-9824-7bf423520b55.png)
qd-app13.gdyatyf.com
Open in
urlscan Pro
122.114.12.11
Public Scan
Submission Tags: @phishunt_io
Submission: On September 30 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on August 1st 2022. Valid for: 3 months.
This is the only time qd-app13.gdyatyf.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 122.114.12.11 122.114.12.11 | 4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone) | |
1 | 3.97.250.146 3.97.250.146 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 42.194.172.207 42.194.172.207 | 45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited) | |
16 | 4 |
ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
qd-app13.gdyatyf.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-97-250-146.ca-central-1.compute.amazonaws.com
res.hduofen.cn |
ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
api.hduofen.cn |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
gdyatyf.com
qd-app13.gdyatyf.com |
133 KB |
4 |
hduofen.cn
res.hduofen.cn api.hduofen.cn |
23 KB |
0 |
gdkangen.com
Failed
kun3.gdkangen.com Failed |
|
16 | 3 |
Domain | Requested by | |
---|---|---|
11 | qd-app13.gdyatyf.com |
qd-app13.gdyatyf.com
|
3 | api.hduofen.cn |
res.hduofen.cn
|
1 | res.hduofen.cn |
qd-app13.gdyatyf.com
|
0 | kun3.gdkangen.com Failed |
qd-app13.gdyatyf.com
|
16 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
qd-app05.gdyatyf.com TrustAsia RSA DV TLS CA G2 |
2022-08-01 - 2022-10-30 |
3 months | crt.sh |
res.hduofen.cn Encryption Everywhere DV TLS CA - G1 |
2022-04-25 - 2023-04-25 |
a year | crt.sh |
api.hduofen.cn Encryption Everywhere DV TLS CA - G1 |
2022-08-21 - 2023-08-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://qd-app13.gdyatyf.com/
Frame ID: 8EE0CFBFEC81511B72A8E499EC68DEEF
Requests: 16 HTTP requests in this frame
Screenshot
![](/screenshots/aeec58fb-20c3-4308-9824-7bf423520b55.png)
Page Title
在线咨询Detected technologies
Detected patterns
- clipboard(?:-([\d.]+))?(?:\.min)?\.js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
qd-app13.gdyatyf.com/ |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
qd-app13.gdyatyf.com/css/ |
17 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.12.4.min.js
qd-app13.gdyatyf.com/js/ |
95 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img.js
qd-app13.gdyatyf.com/js/ |
84 B 396 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layer.js
qd-app13.gdyatyf.com/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clipboard.min.js
qd-app13.gdyatyf.com/js/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zaaxstat.js
res.hduofen.cn/js/ |
56 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ly_t.png
qd-app13.gdyatyf.com/picture/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ly711.js
qd-app13.gdyatyf.com/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ts.js
qd-app13.gdyatyf.com/js/ |
1 KB 908 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
tuicu.css
kun3.gdkangen.com/static/wap/hijack/rw4/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layer.css
qd-app13.gdyatyf.com/js/need/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
findByUserIdWxh
api.hduofen.cn/sem/webstatic/ |
80 B 395 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner001.jpg
qd-app13.gdyatyf.com/picture/ |
69 KB 69 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
addbrowseRecord
api.hduofen.cn/sem/webstatic/ |
65 B 293 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
getJsCode
api.hduofen.cn/sem/webstatic/ |
65 B 293 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- kun3.gdkangen.com
- URL
- http://kun3.gdkangen.com/static/wap/hijack/rw4/css/tuicu.css
Verdicts & Comments Add Verdict or Comment
22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery string| host string| Img object| layer function| ClipboardJS function| Zepto function| $zq object| _hdf object| zaaxstat string| ts number| s number| _zid1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
api.hduofen.cn/ | Name: JSESSIONID Value: 6F834EDF7E31CB7B7D1BE453398B1AF0 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.hduofen.cn
kun3.gdkangen.com
qd-app13.gdyatyf.com
res.hduofen.cn
kun3.gdkangen.com
122.114.12.11
3.97.250.146
42.194.172.207
1cd2e32e47a494c8b82dd7e5abcea8fd924bb0e1a1b6fd8a442e59bc814805e5
54c0fa05897fc248d62c40c7a3886c8cec523c04bafe449384a6378a290b2ccf
632f952a68258f21d7230cce88b3d05fecbf00a8669986a320c21cc84482314c
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2
bccb2871a812046c73b6ff52a09bb5057e4a13045b0d779bca24844afc9891da
c92fbd8624330d3606566016cbee1f115afaad4070cc884dfee6f6c596a27288
ce0b0d41f1511f8de3142da5e7aa17549e67d01ef7a1d8a1a0731199674dbaeb
d0e365e87fc145c239c202d610c9636fa7908a83d53dc4539c064a5d46405c30
d3af51bae0aaabbfca727095e77f30e9a0ef4614691b041f9ab8131d72565b2d
eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6
f4c08c51df259ea8b1acbe7d3b18e46432062ff0c03465ec31d75cffb95bfb02
f7f66890c6ad5770142680afe60fcaa0bf64364a231922f381cc576969e2813d
fcd77aa229a028aec72d49560899af404b82cceb7ad4909acf413165dc1de1f6