s90.app1112135522.qqopenapp.com
Open in
urlscan Pro
106.55.249.48
Public Scan
URL:
https://s90.app1112135522.qqopenapp.com/
Submission: On March 25 via api from US — Scanned from US
Submission: On March 25 via api from US — Scanned from US
Summary
This website contacted 2 IPs
in 2 countries
across 2 domains to perform 12 HTTP transactions.
The main IP is 106.55.249.48, located in
China and
belongs to TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN.
The main domain is s90.app1112135522.qqopenapp.com.
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on November 25th 2023. Valid for: a year.
This is the only time s90.app1112135522.qqopenapp.com was scanned on urlscan.io!
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on November 25th 2023. Valid for: a year.
This is the only time s90.app1112135522.qqopenapp.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 9 | 106.55.249.48 106.55.249.48 | 45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited) | |
| 3 | 18.165.98.122 18.165.98.122 | 16509 (AMAZON-02) (AMAZON-02) | |
| 12 | 2 |
9
106.55.249.48
(China)
ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
| s90.app1112135522.qqopenapp.com |
3
18.165.98.122
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-165-98-122.iad55.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-165-98-122.iad55.r.cloudfront.net
| dl6rt3mwcjzxg.cloudfront.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 9 |
qqopenapp.com
s90.app1112135522.qqopenapp.com |
380 KB |
| 3 |
cloudfront.net
dl6rt3mwcjzxg.cloudfront.net |
13 KB |
| 12 | 2 |
| Domain | Requested by | |
|---|---|---|
| 9 | s90.app1112135522.qqopenapp.com |
s90.app1112135522.qqopenapp.com
|
| 3 | dl6rt3mwcjzxg.cloudfront.net |
s90.app1112135522.qqopenapp.com
|
| 12 | 2 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| pay.yxxz7.com |
| down.guluts.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| game.yxxz7.com TrustAsia RSA DV TLS CA G2 |
2023-11-25 - 2024-11-24 |
a year | crt.sh |
| *.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://s90.app1112135522.qqopenapp.com/
Frame ID: 4EA20A9987946DB8098169299A5EDC25
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
主页Detected technologies
Laravel
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: https://pay.yxxz7.com/register?agent=1
Title: 账号注册
Title: 账号注册
Search URL Search Domain Scan URL
URL: https://down.guluts.com/o_1hfe77ouh70abkcv7e9tntjea.apk?attname=16%E5%A4%A9%E9%BE%99%E5%85%AB%E9%83%A8.apk
Title: 游戏下载
Title: 游戏下载
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
s90.app1112135522.qqopenapp.com/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
s90.app1112135522.qqopenapp.com/css/ |
28 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
snow.css
s90.app1112135522.qqopenapp.com/css/ |
3 KB 936 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
s90.app1112135522.qqopenapp.com/css/ |
19 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
s90.app1112135522.qqopenapp.com/js/ |
82 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pia.js
s90.app1112135522.qqopenapp.com/js/ |
2 KB 981 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
toastr.min.js
s90.app1112135522.qqopenapp.com/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pic.png
s90.app1112135522.qqopenapp.com/ |
56 KB 56 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
huazhi.jpg
s90.app1112135522.qqopenapp.com/images/ |
272 KB 273 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
snow-large-075d267ecbc42e3564c8ed43516dd557.png
dl6rt3mwcjzxg.cloudfront.net/assets/snow/ |
956 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
snow-medium-0b8a5e0732315b68e1f54185be7a1ad9.png
dl6rt3mwcjzxg.cloudfront.net/assets/snow/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
snow-small-1ecd03b1fce08c24e064ff8c0a72c519.png
dl6rt3mwcjzxg.cloudfront.net/assets/snow/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| hideURLbar function| $ function| jQuery function| isPIA object| toastr2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| s90.app1112135522.qqopenapp.com/ | Name: XSRF-TOKEN Value: eyJpdiI6ImVqL3NRYkhsZjg1OW1TL1RnanhDQmc9PSIsInZhbHVlIjoiQjlXUG1rRTNmdDMzUEVNdHYwcVNaSGExRXZyZ29JbGdlUDF3dE1rTEtIMGZILzJZOHVWYVBoUkJzOWlUZWlsRmFHZjlmSVJyVUFrYzVaUHQwQUI2UUNwVlJMYnNwdGp6c3dNNUxNNWR6R2xLNW1hNkdHY3R5bEtWVlZXK1FqRHUiLCJtYWMiOiIwNjQ2MWE4MDdlNWY3OTg2ZGE0OTgzZTZjOWQzZjcyNmMyYzM2YTJhMGNjZGIyNDgwMzIyN2E1ODVhYTRmNjk5IiwidGFnIjoiIn0%3D |
|
| s90.app1112135522.qqopenapp.com/ | Name: laravel_session Value: eyJpdiI6ImcvaWdtZG0weEl6Q0V1bTBJM1hkY0E9PSIsInZhbHVlIjoiYjRSNHQ4R04rWGV0dVNDZm5Sa0kwMVBQZTlFU0Yzb3d2MEd1QUs0M1NwU0pQcVd6SHlFUEF6cW5odjJWWmZOUjRYRU1wdW8yMkRycDhPSXRLazJETEk2ZUJOdXAxd3FGRGZhc09nQ29NdVJDSjcreEx6TERYMkNRVnZCR3diR3kiLCJtYWMiOiJhZDk3Mzc2NzEzNTZkZTcwMGU5NWE1ODRkYTI0NzNhMTQ4MTcwM2FhYmVkZmQyNGY4YTVlZGIzOGMzMTJlZDQ0IiwidGFnIjoiIn0%3D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dl6rt3mwcjzxg.cloudfront.net
s90.app1112135522.qqopenapp.com
106.55.249.48
18.165.98.122
19a509905cc5d46804bd9e9b5fd0a881abfc71ebf7eb447dacb417b02a377825
312edbcdc9dbb34d8a2b72a1b4cbd73208a6b635c948684e225c1a73e595a4d8
371322413093c0e1a11ce06c84a634342ed4d45e44f0cf2921a1b28718fff111
3c29738f82c38f2d718f8b98d00aa7d7d63803f44c5049209f9e90282258d263
4efd0736c937f99d1832dbdfd8a31858b865a8b92b35eb75ed4676210bff21d9
79f9ac506a97d2fe7e5c0186f825683bb7b04c18ce9550b61945d86e649ff5bf
7bddecb11203dcf80760ed007327c7dc7688b20ab6c7de302a58122b9ddb5941
802f083c1e6aad866958a0189fc102405e33ea000afb61e39369388e8c06e299
83ed914b7b951f29ba8b54d6c3e91da682957cb3acdba9398cb014e9ee330d87
ab0d063b4ff2827192c0e44103d3091457a1d2374c3b6243721c5679bb61eae2
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
ed583545e05184b1b8c50905502ec1fee7a13a1c8a7f925b7d507ec8c84e5215