www.cedarwingsmag.com Open in urlscan Pro
45.199.63.221 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.cedarwingsmag.com/
Submission: On April 28 via manual (April 28th 2022, 8:35:46 pm UTC) from FR — Scanned from FR

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 10 HTTP transactions. The main IP is 45.199.63.221, located in Hong Kong and belongs to DXTL-HK DXTL Tseung Kwan O Service, HK. The main domain is www.cedarwingsmag.com.

This is the only time www.cedarwingsmag.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	45.199.63.221 45.199.63.221	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
1	184.105.240.172 184.105.240.172	6939 (HURRICANE) (HURRICANE)
1	100.42.229.48 100.42.229.48	54288 (SOLIDTOOL...) (SOLIDTOOLSINC)
1	14.17.102.110 14.17.102.110	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
10	5

3 45.199.63.221 (Hong Kong)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

www.cedarwingsmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.105.240.172 (United States)

ASN6939 (HURRICANE, US)

h08.huntza.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.42.229.48 (United States)

ASN54288 (SOLIDTOOLSINC, US)

ttss77.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 14.17.102.110 (Shenzhen, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	cedarwingsmag.com www.cedarwingsmag.com	2 KB
1	ttss77.top ttss77.top	1 KB
1	51.la js.users.51.la — Cisco Umbrella Rank: 56351 Failed	3 KB
1	huntza.top h08.huntza.top	1 KB
0	pc11.im Failed pc11.im Failed
0	cnzz.com Failed v1.cnzz.com Failed
10	6

	Domain	Requested by
3	www.cedarwingsmag.com	www.cedarwingsmag.com
1	ttss77.top	h08.huntza.top
1	js.users.51.la	www.cedarwingsmag.com h08.huntza.top ttss77.top
1	h08.huntza.top	www.cedarwingsmag.com
0	pc11.im Failed	ttss77.top
0	v1.cnzz.com Failed	ttss77.top
10	6

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://www.cedarwingsmag.com/
Frame ID: 2BA7A1C7ACF67552FEE07552E829A123
Requests: 4 HTTP requests in this frame

Frame: https://pc11.im/?channelCode=pczx_60
Frame ID: BD350188B142F8A775BF4AE557E670B8
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

华南蔷郊食品有限公司制服丝袜长腿无码专区第一页_日本不卡免费一本二本高清_真人强奷试看二十分钟_操逼综合网华南蔷郊食品有限公司

Page Statistics

10
Requests

0 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

7 kB
Transfer

11 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.cedarwingsmag.com/	2 KB 828 B	678ms 258ms	Document text/html	45.199.63.221 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Full URL http://www.cedarwingsmag.com/ Protocol HTTP/1.1 Server 45.199.63.221 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash `beccf430c43c3179e0dae4583ed3cd494ed885ba164f01e1fae12f2fd959c3e1` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Thu, 28 Apr 2022 20:35:29 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	common.js Show response www.cedarwingsmag.com/	1 KB 880 B	257ms 257ms	Script application/x-javascript	45.199.63.221 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Full URL http://www.cedarwingsmag.com/common.js Requested by Host: www.cedarwingsmag.com URL: http://www.cedarwingsmag.com/ Protocol HTTP/1.1 Server 45.199.63.221 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash `c1eddfa482124e1d1d8ef86039d4879d11b7138d758998a4e44d6573ea4cafbc` Request headers accept-language fr-FR,fr;q=0.9 Referer http://www.cedarwingsmag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Thu, 28 Apr 2022 20:35:30 GMT Content-Encoding gzip Transfer-Encoding chunked Server nginx Connection keep-alive Vary Accept-Encoding Content-Type application/x-javascript
GET H/1.1	200 OK	tj.js Show response www.cedarwingsmag.com/	102 B 258 B	249ms 249ms	Script application/x-javascript	45.199.63.221 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Full URL http://www.cedarwingsmag.com/tj.js Requested by Host: www.cedarwingsmag.com URL: http://www.cedarwingsmag.com/ Protocol HTTP/1.1 Server 45.199.63.221 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash `d750f75a83b564fbc3e8d7579c537306c111b4130b4fc0a6506584e458727726` Request headers accept-language fr-FR,fr;q=0.9 Referer http://www.cedarwingsmag.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Thu, 28 Apr 2022 20:35:30 GMT Server nginx Connection keep-alive Content-Length 102 Content-Type application/x-javascript
GET H/1.1	200 OK	/ Show response h08.huntza.top/ Frame BD35	1 KB 1 KB	562ms 160ms	Document text/html	184.105.240.172 HURRICANE
General Check archive.org Show headers Download Go to Full URL http://h08.huntza.top/ Requested by Host: www.cedarwingsmag.com URL: http://www.cedarwingsmag.com/ Protocol HTTP/1.1 Server 184.105.240.172 , United States, ASN6939 (HURRICANE, US), Reverse DNS Software nginx / Resource Hash `12deebabc194434cf04b0b6fffd61c86c77f3ac60041d127e6f298dee0fa4865` Request headers Referer http://www.cedarwingsmag.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Thu, 28 Apr 2022 20:35:30 GMT ETag W/"626579e7-581" Last-Modified Sun, 24 Apr 2022 16:25:11 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET		21259717.js js.users.51.la/	0 0

GET		21282067.js js.users.51.la/ Frame BD35	0 0

GET H/1.1	200 OK	/ Show response ttss77.top/ Frame BD35	2 KB 1 KB	1178ms 596ms	Document text/html	100.42.229.48 SOLIDTOOLSINC
General Check archive.org Show headers Download Go to Full URL http://ttss77.top/ Requested by Host: h08.huntza.top URL: http://h08.huntza.top/ Protocol HTTP/1.1 Server 100.42.229.48 , United States, ASN54288 (SOLIDTOOLSINC, US), Reverse DNS Software nginx / Resource Hash `5230bbe546b4512f80d06d8d13a527e37a62aef4e8668cb364e6c1a0432708f5` Request headers Referer http://h08.huntza.top/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language fr-FR,fr;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Thu, 28 Apr 2022 20:35:31 GMT ETag W/"6261178c-628" Last-Modified Thu, 21 Apr 2022 08:36:28 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET		z_stat.php v1.cnzz.com/ Frame BD35	0 0

GET H/1.1	200 OK	21282659.js Show response js.users.51.la/ Frame BD35	5 KB 3 KB	1611ms 1610ms	Script application/javascript	14.17.102.110 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL http://js.users.51.la/21282659.js Requested by Host: ttss77.top URL: http://ttss77.top/ Protocol HTTP/1.1 Server 14.17.102.110 Shenzhen, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software openresty / Resource Hash `76a1358d193b55300b95d80723ca858846f2f9689bb6f1a91c02ac4fa391523c` Request headers accept-language fr-FR,fr;q=0.9 Referer http://ttss77.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Thu, 28 Apr 2022 20:35:32 GMT Content-Encoding gzip Server openresty Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=360000 Access-Control-Allow-Credentials true Connection keep-alive
GET		/ pc11.im/ Frame BD35	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.users.51.la
URL: https://js.users.51.la/21259717.js

Domain: js.users.51.la
URL: http://js.users.51.la/21282067.js

Domain: v1.cnzz.com
URL: https://v1.cnzz.com/z_stat.php?id=1280861865&web_id=1280861865

Domain: pc11.im
URL: https://pc11.im/?channelCode=pczx_60

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.cedarwingsmag.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21259717.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.cedarwingsmag.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21259717.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://js.users.51.la/21259717.js Message: Failed to load resource: net::ERR_SOCKET_NOT_CONNECTED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

h08.huntza.top
js.users.51.la
pc11.im
ttss77.top
v1.cnzz.com
www.cedarwingsmag.com
js.users.51.la
pc11.im
v1.cnzz.com
100.42.229.48
14.17.102.110
184.105.240.172
45.199.63.221
12deebabc194434cf04b0b6fffd61c86c77f3ac60041d127e6f298dee0fa4865
5230bbe546b4512f80d06d8d13a527e37a62aef4e8668cb364e6c1a0432708f5
76a1358d193b55300b95d80723ca858846f2f9689bb6f1a91c02ac4fa391523c
beccf430c43c3179e0dae4583ed3cd494ed885ba164f01e1fae12f2fd959c3e1
c1eddfa482124e1d1d8ef86039d4879d11b7138d758998a4e44d6573ea4cafbc
d750f75a83b564fbc3e8d7579c537306c111b4130b4fc0a6506584e458727726

www.cedarwingsmag.com Open in urlscan Pro 45.199.63.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

0 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

5 IPs

3 Countries

7 kBTransfer

11 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

www.cedarwingsmag.com Open in urlscan Pro
45.199.63.221 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

0 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

7 kB
Transfer

11 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions