urlscan.io logo urlscan.io
SecurityTrails logo

ltbkqw-x-ov.blsneu.info Open in urlscan Pro
154.213.247.101  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://haoniuyingshi1580.top/template/1/html/ad/tz/zbtz.html
Effective URL: https://ltbkqw-x-ov.blsneu.info/0538481785/s/l-s6.html?channelCode=9062
Submission: On March 17 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 5 domains to perform 17 HTTP transactions. The main IP is 154.213.247.101, located in Hong Kong and belongs to POWERLINE-AS-AP POWER LINE DATACENTER, HK. The main domain is ltbkqw-x-ov.blsneu.info.
TLS certificate: Issued by R3 on March 15th 2024. Valid for: 3 months.
This is the only time ltbkqw-x-ov.blsneu.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 154.213.247.101 132839 (POWERLINE...)
9 47.110.23.162 37963 (ALIBABA-C...)
1 47.89.140.94 45102 (ALIBABA-C...)
1 121.199.204.179 37963 (ALIBABA-C...)
2 240e:944:1:90... 58541 (CHINATELE...)
1 58.218.215.172 4134 (CHINANET-...)
1 2409:8c20:5c6... 56046 (CMNET-JIA...)
17 8
1    2606:4700:3034::ac43:cbb7 (United States)

ASN13335 (CLOUDFLARENET, US)
haoniuyingshi1580.top
1    2606:4700:3037::6815:2525 (United States)

ASN13335 (CLOUDFLARENET, US)
haoniuyingshi1580.top
1    154.213.247.101 (Hong Kong)

ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK)
ltbkqw-x-ov.blsneu.info
9    47.110.23.162 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
xin-xy.oss-cn-hangzhou.aliyuncs.com
1    47.89.140.94 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
speed-address.oss-accelerate.aliyuncs.com
1    121.199.204.179 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
tal-xin.oss-cn-hangzhou.aliyuncs.com
2    240e:944:1:900:3::3f1 (China)

ASN58541 (CHINATELECOM-SHANDONG-QINGDAO-IDC Qingdao,266000, CN)
v1.cnzz.com
c.cnzz.com
1    58.218.215.172 (Xuzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
sdk.rarrc.com
1    2409:8c20:5c64:2000::5 (China)

ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN)
z6.cnzz.com
Apex Domain
Subdomains		 Transfer
11 aliyuncs.com
xin-xy.oss-cn-hangzhou.aliyuncs.com
speed-address.oss-accelerate.aliyuncs.com
tal-xin.oss-cn-hangzhou.aliyuncs.com
4 MB
3 cnzz.com
v1.cnzz.com — Cisco Umbrella Rank: 105430
z6.cnzz.com — Cisco Umbrella Rank: 183056
c.cnzz.com — Cisco Umbrella Rank: 83023
6 KB
2 haoniuyingshi1580.top
haoniuyingshi1580.top
2 KB
1 rarrc.com
sdk.rarrc.com
1 KB
1 blsneu.info
ltbkqw-x-ov.blsneu.info
2 KB
17 5
Domain Requested by
9 xin-xy.oss-cn-hangzhou.aliyuncs.com ltbkqw-x-ov.blsneu.info
2 haoniuyingshi1580.top 1 redirects
1 c.cnzz.com v1.cnzz.com
1 z6.cnzz.com v1.cnzz.com
1 sdk.rarrc.com speed-address.oss-accelerate.aliyuncs.com
1 v1.cnzz.com tal-xin.oss-cn-hangzhou.aliyuncs.com
1 tal-xin.oss-cn-hangzhou.aliyuncs.com ltbkqw-x-ov.blsneu.info
1 speed-address.oss-accelerate.aliyuncs.com ltbkqw-x-ov.blsneu.info
1 ltbkqw-x-ov.blsneu.info haoniuyingshi1580.top
17 9

This site contains no links.

Subject Issuer Validity Valid
haoniuyingshi1580.top
E1		 2024-02-07 -
2024-05-07		 3 months crt.sh
ltbkqw-x-ov.blsneu.info
R3		 2024-03-15 -
2024-06-13		 3 months crt.sh
cn-hangzhou.oss.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-02-19 -
2025-03-22		 a year crt.sh
oss-us-east-1.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G3		 2023-11-24 -
2024-05-24		 6 months crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-02-17 -
2025-03-20		 a year crt.sh
*.rarrc.com
WoTrus DV Server CA [Run by the Issuer]		 2024-01-12 -
2025-01-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ltbkqw-x-ov.blsneu.info/0538481785/s/l-s6.html?channelCode=9062
Frame ID: 6E6ACD9396EDB46299B41F5229FE0926
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

洛神直播

Page URL History Show full URLs

  1. http://haoniuyingshi1580.top/template/1/html/ad/tz/zbtz.html HTTP 301
    https://haoniuyingshi1580.top/template/1/html/ad/tz/zbtz.html Page URL
  2. https://ltbkqw-x-ov.blsneu.info/0538481785/s/l-s6.html?channelCode=9062 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

44 %
IPv6

5
Domains

9
Subdomains

8
IPs

3
Countries

4206 kB
Transfer

4317 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://haoniuyingshi1580.top/template/1/html/ad/tz/zbtz.html HTTP 301
    https://haoniuyingshi1580.top/template/1/html/ad/tz/zbtz.html Page URL
  2. https://ltbkqw-x-ov.blsneu.info/0538481785/s/l-s6.html?channelCode=9062 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://haoniuyingshi1580.top/template/1/html/ad/tz/zbtz.html HTTP 301
  • https://haoniuyingshi1580.top/template/1/html/ad/tz/zbtz.html

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
zbtz.html
haoniuyingshi1580.top/template/1/html/ad/tz/
Redirect Chain
  • http://haoniuyingshi1580.top/template/1/html/ad/tz/zbtz.html
  • https://haoniuyingshi1580.top/template/1/html/ad/tz/zbtz.html
686 B
876 B 		Document
General
Check archive.org
Download Go to
Full URL
https://haoniuyingshi1580.top/template/1/html/ad/tz/zbtz.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2525 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
865ffbf9fd3b9aeb-MIA
content-encoding
br
content-type
text/html
date
Sun, 17 Mar 2024 21:12:59 GMT
last-modified
Sat, 16 Mar 2024 14:58:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ysSIMCN9MThMkPPWvqpPSHO2AVVM1C9Yrc3BKkcRdQIyCNYeK%2FedqikJyuHiUtuAwclakcvxvDsa4wgFOBuMusrSlx3tY%2Fa%2Ft8rFeRYkcMjD%2FbVwj5CpAxNAZgpl3kC9E0HwedqRdRbIMvwC9IISkHurCk4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
865ffbf93cb6b3c1-MIA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 17 Mar 2024 21:12:59 GMT
Expires
Sun, 17 Mar 2024 22:12:59 GMT
Location
https://haoniuyingshi1580.top/template/1/html/ad/tz/zbtz.html
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=naInFPM5Shc3GTdGFxVLQfcK5MOkUCx%2FK2yJ6DSad4hd794UVB3evzke7oiZqge59XUurU2YfUcBVUs0rOWSfjLRpp0tEo7Jnq70qE7d7bc%2BFW8oePvh2zYk1xrJDNeDfpAwpKZvkfHV2h905y8s1W3ZjSs%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
Primary Request l-s6.html
ltbkqw-x-ov.blsneu.info/0538481785/s/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ltbkqw-x-ov.blsneu.info/0538481785/s/l-s6.html?channelCode=9062
Requested by
Host: haoniuyingshi1580.top
URL: https://haoniuyingshi1580.top/template/1/html/ad/tz/zbtz.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.213.247.101 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
8f8e0974a70b6c593c4bf387602755d155403f76ec9025d652954051eb38ad20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://haoniuyingshi1580.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 17 Mar 2024 21:12:55 GMT
etag
W/"65f41d59-1448"
last-modified
Fri, 15 Mar 2024 10:05:13 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
index.css
xin-xy.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/css/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xin-xy.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/css/index.css
Requested by
Host: ltbkqw-x-ov.blsneu.info
URL: https://ltbkqw-x-ov.blsneu.info/0538481785/s/l-s6.html?channelCode=9062
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.110.23.162 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
8ee8aae7882dbf0377b99f1ea53bc6c146913469dbf636947b5682c9b7b95b0b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ltbkqw-x-ov.blsneu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 21:13:01 GMT
Content-Encoding
gzip
x-oss-request-id
65F75CDDA0BE373438F03E6D
Content-MD5
2ijG6fuGRNwKYLktW8630w==
Transfer-Encoding
chunked
Content-Disposition
attachment
Connection
keep-alive
x-oss-object-type
Normal
Last-Modified
Sat, 27 Jan 2024 08:38:55 GMT
Server
AliyunOSS
Vary
Accept-Encoding
Content-Type
text/css
x-oss-ec
0048-00000113
x-oss-force-download
true
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
14185031966586589041
x-oss-server-time
2
jquery-3.js
xin-xy.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/js/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xin-xy.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/js/jquery-3.js
Requested by
Host: ltbkqw-x-ov.blsneu.info
URL: https://ltbkqw-x-ov.blsneu.info/0538481785/s/l-s6.html?channelCode=9062
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.110.23.162 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ltbkqw-x-ov.blsneu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 21:13:01 GMT
Content-Encoding
gzip
x-oss-request-id
65F75CDD6A91E536346812CB
Content-MD5
Igr9dD2elkOFLjGhNanzrg==
Transfer-Encoding
chunked
Content-Disposition
attachment
Connection
keep-alive
x-oss-object-type
Normal
Last-Modified
Sat, 27 Jan 2024 08:38:58 GMT
Server
AliyunOSS
Vary
Accept-Encoding
Content-Type
application/javascript
x-oss-ec
0048-00000113
x-oss-force-download
true
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
7140207208985271372
x-oss-server-time
3
flexible.js
xin-xy.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xin-xy.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/js/flexible.js
Requested by
Host: ltbkqw-x-ov.blsneu.info
URL: https://ltbkqw-x-ov.blsneu.info/0538481785/s/l-s6.html?channelCode=9062
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.110.23.162 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
4fb38a8ec69704a9999aa8902d961bc31a6e924a9e3773125f9f90fe8c976f9d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ltbkqw-x-ov.blsneu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 21:13:01 GMT
Content-Encoding
gzip
x-oss-request-id
65F75CDD1AFF653034BD56D5
Content-MD5
xStiLYWGHeQSs25mu0m/4g==
Transfer-Encoding
chunked
Content-Disposition
attachment
Connection
keep-alive
x-oss-object-type
Normal
Last-Modified
Sat, 27 Jan 2024 08:38:58 GMT
Server
AliyunOSS
Vary
Accept-Encoding
Content-Type
application/javascript
x-oss-ec
0048-00000113
x-oss-force-download
true
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
6231984596528586936
x-oss-server-time
3
tgtd.png
xin-xy.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/14/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xin-xy.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/14/tgtd.png
Requested by
Host: ltbkqw-x-ov.blsneu.info
URL: https://ltbkqw-x-ov.blsneu.info/0538481785/s/l-s6.html?channelCode=9062
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.110.23.162 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
67072b8a3bbea5d8d30f3d3dd646e1c15272e9efe2cd66fd447017c4b58178f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ltbkqw-x-ov.blsneu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 21:13:01 GMT
x-oss-request-id
65F75CDD6E537B35350AD8BF
Content-MD5
PouGzA5HZt/rsPq7GmWbnA==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
61293
x-oss-object-type
Normal
Last-Modified
Sat, 27 Jan 2024 08:38:55 GMT
Server
AliyunOSS
ETag
"3E8B86CC0E4766DFEBB0FABB1A659B9C"
Content-Type
image/png
x-oss-ec
0048-00000105
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
14768942209425518908
x-oss-server-time
1
lgindex.abc
xin-xy.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/ty/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xin-xy.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/ty/lgindex.abc
Requested by
Host: ltbkqw-x-ov.blsneu.info
URL: https://ltbkqw-x-ov.blsneu.info/0538481785/s/l-s6.html?channelCode=9062
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.110.23.162 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
255060940a13c104c5bc10017e06840f755f1a8384bb4147c5024650197c5a7a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ltbkqw-x-ov.blsneu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 21:13:01 GMT
x-oss-request-id
65F75CDD5C00693838EC6A2F
Content-MD5
S9wozwt0q/x595JnwWPThw==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1284488
x-oss-object-type
Normal
Last-Modified
Sat, 27 Jan 2024 08:38:56 GMT
Server
AliyunOSS
ETag
"4BDC28CF0B74ABFC79F79267C163D387"
Content-Type
application/octet-stream
x-oss-ec
0048-00000113
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
3952304509250792464
x-oss-server-time
1
2.gif
xin-xy.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/14/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xin-xy.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/14/2.gif
Requested by
Host: ltbkqw-x-ov.blsneu.info
URL: https://ltbkqw-x-ov.blsneu.info/0538481785/s/l-s6.html?channelCode=9062
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.110.23.162 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
00fe37afd56103ce8a35e6556ed476c13f2eec78b3b0d55f3ea4b9d2748b53de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ltbkqw-x-ov.blsneu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 21:13:02 GMT
x-oss-request-id
65F75CDE6A91E536342C13CB
Content-MD5
KLiLc6gnrc1YF29EBcShfg==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
18915
x-oss-object-type
Normal
Last-Modified
Sat, 27 Jan 2024 08:38:55 GMT
Server
AliyunOSS
ETag
"28B88B73A827ADCD58176F4405C4A17E"
Content-Type
image/gif
x-oss-ec
0048-00000105
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
297709221883091024
x-oss-server-time
3
s.abc
xin-xy.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/ty/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xin-xy.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/ty/s.abc
Requested by
Host: ltbkqw-x-ov.blsneu.info
URL: https://ltbkqw-x-ov.blsneu.info/0538481785/s/l-s6.html?channelCode=9062
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.110.23.162 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
fcfbafb860935767cc8812cad9fcdc8086aebd226faa1bce9bb698aee61bc512

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ltbkqw-x-ov.blsneu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 21:13:02 GMT
x-oss-request-id
65F75CDEA0BE373438753F6D
Content-MD5
7kaEC0cAL8/XrDXkZCxeiA==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
106669
x-oss-object-type
Normal
Last-Modified
Sat, 27 Jan 2024 08:38:56 GMT
Server
AliyunOSS
ETag
"EE46840B47002FCFD7AC35E4642C5E88"
Content-Type
application/octet-stream
x-oss-ec
0048-00000113
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
16233723993844021981
x-oss-server-time
1
x.abc
xin-xy.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/ty/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xin-xy.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/ty/x.abc
Requested by
Host: ltbkqw-x-ov.blsneu.info
URL: https://ltbkqw-x-ov.blsneu.info/0538481785/s/l-s6.html?channelCode=9062
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.110.23.162 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
7b3825ad5aabe0bd9ed9927d509464d2872f692e03bacb00ed46394e71814a1d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ltbkqw-x-ov.blsneu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 21:13:02 GMT
x-oss-request-id
65F75CDE1AFF6530346C57D5
Content-MD5
oozDQTwyzxe7ojEtVUlENg==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2393995
x-oss-object-type
Normal
Last-Modified
Sat, 27 Jan 2024 08:38:58 GMT
Server
AliyunOSS
ETag
"A28CC3413C32CF17BBA2312D55494436"
Content-Type
application/octet-stream
x-oss-ec
0048-00000113
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
1263957793629678752
x-oss-server-time
4
tsinstall.js
speed-address.oss-accelerate.aliyuncs.com/common/js/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://speed-address.oss-accelerate.aliyuncs.com/common/js/tsinstall.js
Requested by
Host: ltbkqw-x-ov.blsneu.info
URL: https://ltbkqw-x-ov.blsneu.info/0538481785/s/l-s6.html?channelCode=9062
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.89.140.94 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
5efa411bb5efe22e0ab733633205387cd074ff0e722c4a514cac12e718b0c677

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ltbkqw-x-ov.blsneu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 21:13:03 GMT
Content-Encoding
gzip
x-oss-request-id
65F75CDF5A8042E043085030
Content-MD5
j2Ef6VlhSjQLCvoN2BwUjA==
Transfer-Encoding
chunked
Content-Disposition
attachment
Connection
keep-alive
x-oss-object-type
Normal
Last-Modified
Thu, 22 Feb 2024 12:12:06 GMT
Server
AliyunOSS
Vary
Accept-Encoding
Content-Type
application/javascript
x-oss-ec
0048-00000113
x-oss-force-download
true
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
7683371853242817631
x-oss-server-time
2
statistics-a.js
tal-xin.oss-cn-hangzhou.aliyuncs.com/xin-so/assets/js/ 		141 B
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tal-xin.oss-cn-hangzhou.aliyuncs.com/xin-so/assets/js/statistics-a.js
Requested by
Host: ltbkqw-x-ov.blsneu.info
URL: https://ltbkqw-x-ov.blsneu.info/0538481785/s/l-s6.html?channelCode=9062
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
121.199.204.179 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
010dd0a35d8f76a0826026af36f3251ac7875adb5dedc16c93514cd21d10f8eb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ltbkqw-x-ov.blsneu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 21:13:02 GMT
x-oss-request-id
65F75CDE3849223531DF3EBF
Content-MD5
ZndfsTHf9SgITmely49ahg==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
141
x-oss-object-type
Normal
Last-Modified
Thu, 22 Feb 2024 07:06:07 GMT
Server
AliyunOSS
ETag
"66775FB131DFF528084E67A5CB8F5A86"
Content-Type
application/javascript
x-oss-ec
0048-00000113
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
3768697754762057141
x-oss-server-time
1
z.js
v1.cnzz.com/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.cnzz.com/z.js?id=1281334663&async=1
Requested by
Host: tal-xin.oss-cn-hangzhou.aliyuncs.com
URL: https://tal-xin.oss-cn-hangzhou.aliyuncs.com/xin-so/assets/js/statistics-a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:944:1:900:3::3f1 , China, ASN58541 (CHINATELECOM-SHANDONG-QINGDAO-IDC Qingdao,266000, CN),
Reverse DNS
Software
Tengine /
Resource Hash
b17d9728b7b657a95bfabd23d0d262b2d2750e450952e59a83d1ab50c40d2b13

Request headers

Referer
https://ltbkqw-x-ov.blsneu.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 17 Mar 2024 21:08:24 GMT
via
cache56.l2cn3032[41,41,304-0,M], cache9.l2cn3032[42,0], cache15.cn373[0,0,200-0,H], cache18.cn373[0,0]
content-encoding
gzip
age
280
x-swift-cachetime
300
x-cache
HIT TCP_MEM_HIT dirn:13:483115425
x-swift-savetime
Sun, 17 Mar 2024 21:08:24 GMT
content-length
4390
server
Tengine
etag
W/"4647466065368437738"
vary
accept-encoding
ali-swift-global-savetime
1710709704
content-type
application/javascript
cache-control
public, max-age=300
timing-allow-origin
*
eagleid
968a902617107099843603663e
init
sdk.rarrc.com/web/iq6elgdk/9062/ 		560 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.rarrc.com/web/iq6elgdk/9062/init?channelCode=9062&av=0&cv=0&hash=&sw=p6Cmpg&sh=p6Smpg&sp=1
Requested by
Host: speed-address.oss-accelerate.aliyuncs.com
URL: https://speed-address.oss-accelerate.aliyuncs.com/common/js/tsinstall.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
58.218.215.172 Xuzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
fecd07e9571589f6177ec7c69a8a43e3822b37ff10316c19ca0580f09a98f2de

Request headers

Referer
https://ltbkqw-x-ov.blsneu.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 17 Mar 2024 21:13:05 GMT
Via
cache9.l2cn3132[200,199,200-0,M], cache9.l2cn3132[201,0], kunlun9.cn192[215,214,200-0,M], kunlun9.cn192[216,0]
Server
Tengine
X-Swift-CacheTime
0
Vary
Origin
Ali-Swift-Global-Savetime
1710709985
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://ltbkqw-x-ov.blsneu.info
X-Cache
MISS TCP_MISS dirn:-2:-2
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Swift-SaveTime
Sun, 17 Mar 2024 21:13:05 GMT
Timing-Allow-Origin
*
Content-Length
560
EagleId
3adad01d17107099857488192e
stat.htm
z6.cnzz.com/ 		2 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://z6.cnzz.com/stat.htm?id=1281334663&r=https%3A%2F%2Fhaoniuyingshi1580.top%2F&lg=en-us&ntime=none&cnzz_eid=163404923-1710709985-https%3A%2F%2Fhaoniuyingshi1580.top%2F&showp=1600x1200&p=https%3A%2F%2Fltbkqw-x-ov.blsneu.info%2F0538481785%2Fs%2Fl-s6.html%3FchannelCode%3D9062&t=%E6%B4%9B%E7%A5%9E%E7%9B%B4%E6%92%AD&umuuid=18e4e42cd09902-01b6c4fae79fc2-64345551-1d4c00-18e4e42cd0abe2&h=1
Requested by
Host: v1.cnzz.com
URL: https://v1.cnzz.com/z.js?id=1281334663&async=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2409:8c20:5c64:2000::5 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ltbkqw-x-ov.blsneu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 21:13:05 GMT
content-encoding
gzip
server
Tengine
vary
Accept-Encoding
content-type
text/html; charset=utf-8
c.js
c.cnzz.com/ 		906 B
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.cnzz.com/c.js?web_id=1281334663&t=z
Requested by
Host: v1.cnzz.com
URL: https://v1.cnzz.com/z.js?id=1281334663&async=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:944:1:900:3::3f1 , China, ASN58541 (CHINATELECOM-SHANDONG-QINGDAO-IDC Qingdao,266000, CN),
Reverse DNS
Software
Tengine /
Resource Hash
56fb254f9464faad900848011417478f2353690722d00107f4721a07e6a7c53a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ltbkqw-x-ov.blsneu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 17 Mar 2024 21:08:23 GMT
via
cache40.l2cn3032[32,31,304-0,M], cache31.l2cn3032[33,0], cache19.cn373[0,0,200-0,H], cache18.cn373[1,0]
content-encoding
gzip
age
281
x-swift-cachetime
321
x-cache
HIT TCP_MEM_HIT dirn:13:929991051
x-swift-savetime
Sun, 17 Mar 2024 21:08:23 GMT
content-length
591
server
Tengine
etag
W/"4843387006892891622"
vary
accept-encoding
ali-swift-global-savetime
1710709703
content-type
application/javascript
cache-control
public, max-age=321
timing-allow-origin
*
eagleid
968a902617107099846573778e
sample.png
xin-xy.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/14/ 		363 KB
364 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xin-xy.oss-cn-hangzhou.aliyuncs.com/xin-mm/assets/images/14/sample.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.110.23.162 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
cfbf91ee9a9dfdf19ae9ead9e0c4c5105e9c15dd5f7fda016e86f1a7c7cf8786

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ltbkqw-x-ov.blsneu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 17 Mar 2024 21:13:05 GMT
x-oss-request-id
65F75CE11AFF653034555BD5
Content-MD5
auo0kYXEX4pZKYU4J+FEPQ==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
371682
x-oss-object-type
Normal
Last-Modified
Sat, 27 Jan 2024 08:38:56 GMT
Server
AliyunOSS
ETag
"6AEA349185C45F8A5929853827E1443D"
Content-Type
image/png
x-oss-ec
0048-00000105
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
16870585337475491034
x-oss-server-time
3

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| lib number| rem number| dpr function| isDesktop function| TechSpark object| data object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1281334663 object| buttons

3 Cookies

Domain/Path Name / Value
haoniuyingshi1580.top/ Name: sl-session
Value: sX1WLVuu+GVd7g1cPuf7Ag==
.blsneu.info/ Name: UM_distinctid
Value: 18e4e42cd09902-01b6c4fae79fc2-64345551-1d4c00-18e4e42cd0abe2
ltbkqw-x-ov.blsneu.info/ Name: CNZZDATA1281334663
Value: 163404923-1710709985-https%253A%252F%252Fhaoniuyingshi1580.top%252F%7C1710709985

2 Console Messages

Source Level URL
Text
javascript warning URL: https://tal-xin.oss-cn-hangzhou.aliyuncs.com/xin-so/assets/js/statistics-a.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://v1.cnzz.com/z.js?id=1281334663&async=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://tal-xin.oss-cn-hangzhou.aliyuncs.com/xin-so/assets/js/statistics-a.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://v1.cnzz.com/z.js?id=1281334663&async=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.cnzz.com
haoniuyingshi1580.top
ltbkqw-x-ov.blsneu.info
sdk.rarrc.com
speed-address.oss-accelerate.aliyuncs.com
tal-xin.oss-cn-hangzhou.aliyuncs.com
v1.cnzz.com
xin-xy.oss-cn-hangzhou.aliyuncs.com
z6.cnzz.com
121.199.204.179
154.213.247.101
2409:8c20:5c64:2000::5
240e:944:1:900:3::3f1
2606:4700:3034::ac43:cbb7
2606:4700:3037::6815:2525
47.110.23.162
47.89.140.94
58.218.215.172
00fe37afd56103ce8a35e6556ed476c13f2eec78b3b0d55f3ea4b9d2748b53de
010dd0a35d8f76a0826026af36f3251ac7875adb5dedc16c93514cd21d10f8eb
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
255060940a13c104c5bc10017e06840f755f1a8384bb4147c5024650197c5a7a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
4fb38a8ec69704a9999aa8902d961bc31a6e924a9e3773125f9f90fe8c976f9d
56fb254f9464faad900848011417478f2353690722d00107f4721a07e6a7c53a
5efa411bb5efe22e0ab733633205387cd074ff0e722c4a514cac12e718b0c677
67072b8a3bbea5d8d30f3d3dd646e1c15272e9efe2cd66fd447017c4b58178f2
7b3825ad5aabe0bd9ed9927d509464d2872f692e03bacb00ed46394e71814a1d
8ee8aae7882dbf0377b99f1ea53bc6c146913469dbf636947b5682c9b7b95b0b
8f8e0974a70b6c593c4bf387602755d155403f76ec9025d652954051eb38ad20
b17d9728b7b657a95bfabd23d0d262b2d2750e450952e59a83d1ab50c40d2b13
cfbf91ee9a9dfdf19ae9ead9e0c4c5105e9c15dd5f7fda016e86f1a7c7cf8786
fcfbafb860935767cc8812cad9fcdc8086aebd226faa1bce9bb698aee61bc512
fecd07e9571589f6177ec7c69a8a43e3822b37ff10316c19ca0580f09a98f2de