urlscan.io logo urlscan.io
SecurityTrails logo

asmr.tzxmjsqtv.shop Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nowhealth.shop/
Effective URL: https://asmr.tzxmjsqtv.shop/404.html
Submission: On September 06 via api from SG — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is asmr.tzxmjsqtv.shop.
TLS certificate: Issued by WE1 on September 5th 2024. Valid for: 3 months.
This is the only time asmr.tzxmjsqtv.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 188.114.96.3 13335 (CLOUDFLAR...)
1 104.160.171.58 46844 (SHARKTECH)
1 188.114.97.3 13335 (CLOUDFLAR...)
5 4
Apex Domain
Subdomains		 Transfer
1 tzxmjsqtv.shop
asmr.tzxmjsqtv.shop
893 B
1 uv60.cn
uv60.cn — Cisco Umbrella Rank: 249031
22 KB
1 nowhealth.shop
nowhealth.shop
1 KB
5 3
Domain Requested by
1 asmr.tzxmjsqtv.shop nowhealth.shop
1 uv60.cn nowhealth.shop
uv60.cn
asmr.tzxmjsqtv.shop
1 nowhealth.shop
5 3

This site contains no links.

Subject Issuer Validity Valid
nowhealth.shop
WE1		 2024-08-18 -
2024-11-16		 3 months crt.sh
uv60.cn
Sectigo RSA Domain Validation Secure Server CA		 2024-05-19 -
2025-05-19		 a year crt.sh
tzxmjsqtv.shop
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://asmr.tzxmjsqtv.shop/404.html
Frame ID: CD39BB6AAEBCD5BF1E776E6284EBDCA6
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://nowhealth.shop/ HTTP 307
    https://nowhealth.shop/ Page URL
  2. https://asmr.tzxmjsqtv.shop/404.html Page URL

Page Statistics

5
Requests

60 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

24 kB
Transfer

56 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nowhealth.shop/ HTTP 307
    https://nowhealth.shop/ Page URL
  2. https://asmr.tzxmjsqtv.shop/404.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://nowhealth.shop/ HTTP 307
  • https://nowhealth.shop/

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
nowhealth.shop/
Redirect Chain
  • http://nowhealth.shop/
  • https://nowhealth.shop/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nowhealth.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f11c0ffcac1d3d480fc43d45f906bc8be3e0081ef83bdfa93ae6d956da0970

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8beafb53ddd80a5c-AMS
content-encoding
br
content-type
text/html;charset=utf-8
date
Fri, 06 Sep 2024 02:20:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dWGHXyJidM1XA0YFHqpuFZp7t6iF7%2FLGTAiWhdJEJ%2Bg%2BtYEUIDc91b9hzIrN4F4rLbRSEHuG2Ufv9lanpuIt8N3EY3tsVUhgLme%2F%2FT0pfCmfJZWd8oJsWWGLr9qcl11rlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Location
https://nowhealth.shop/
Non-Authoritative-Reason
HttpsUpgrades
tongji.js
uv60.cn/tj/ 		54 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uv60.cn/tj/tongji.js?v=2.08
Requested by
Host: nowhealth.shop
URL: https://nowhealth.shop/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.160.171.58 , United States, ASN46844 (SHARKTECH, US),
Reverse DNS
104-160-171-58.rdns.jiuqianyun.com
Software
cdn /
Resource Hash
80e64dfedca6f0a7259ec26a459b1f605d6f7fb72ad50e2a4c8cd7f4e56d7d03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://nowhealth.shop/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 02:20:48 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Thu, 05 Sep 2024 09:25:32 GMT
server
cdn
etag
W/"66d9790c-d6d5"
x-cache-status
HIT
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
Primary Request 404.html
asmr.tzxmjsqtv.shop/ 		1 KB
893 B 		Document
General
Check archive.org
Download Go to
Full URL
https://asmr.tzxmjsqtv.shop/404.html
Requested by
Host: nowhealth.shop
URL: https://nowhealth.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54552e0b199981092cf6e4c3a9e429cb838b1e7c1a78938a6c4fa6e819cb2b9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://nowhealth.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8beafb655909a008-AMS
content-encoding
br
content-type
text/html
date
Fri, 06 Sep 2024 02:20:48 GMT
last-modified
Tue, 20 Aug 2024 23:38:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fD9W%2FaDfbWOiGNKyp9MtQadjPDzMS8Lo8hP%2Fa3%2FfIkpl7dS%2BB16vlpoXQV1xXa7G%2F4EWC0%2B5wnCROPXpUxls3GbFLK98R%2Fd%2F4Me3VtgEhmW02k91YkI3e%2FJ%2FsEk0duIwp1foXQv6"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
start
uv60.cn/api/v1/api2/statistics/ 		0
0
tongji.js
uv60.cn/tj/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
uv60.cn
URL
https://uv60.cn/api/v1/api2/statistics/start?s=3c4e98b324b08b221b0fb3651a38ba23&d=QWZQdlZtb3RYcDNDNkVYc1hMYmltQ2FtL1ZqS2NSaHM4VUp2V3R0VTV4ZUFPSUNuM2dXTURJL2lzeVdrVVN0ZmJ6c2hTZm9SMEpjSmtUOEp2YmFqTXlvSHRJaExGcUVVVXVId2lWRzJKZUNNYzlMTi9DWTdMZWhjTUpkUllzK0tPaldXQi9lZlV3QXBUNVpQQVNFM09KSUtEVVNPQ3ljKzZtdDZCRHFnczZkQmZWb0VCQ3JuSHNKaFRwMklma1RPR0l5bnpGRitweGFjR0FUNDBER3ZZazFkRlM5ekhFOVFEMDh1RmpGbllpd0JwMWp0YnBvMlBNMTQzdWhvdTBUQg==&t=1725589248809
Domain
uv60.cn
URL
https://uv60.cn/tj/tongji.js?v=2.08

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| url_1736 string| token object| cltj object| s function| dogo

1 Cookies

Domain/Path Name / Value
nowhealth.shop/ Name: X_CACHE_KEY
Value: ee4f28fbd28402238023129008a455b3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

asmr.tzxmjsqtv.shop
nowhealth.shop
uv60.cn
uv60.cn
104.160.171.58
188.114.96.3
188.114.97.3
54552e0b199981092cf6e4c3a9e429cb838b1e7c1a78938a6c4fa6e819cb2b9e
80e64dfedca6f0a7259ec26a459b1f605d6f7fb72ad50e2a4c8cd7f4e56d7d03
f7f11c0ffcac1d3d480fc43d45f906bc8be3e0081ef83bdfa93ae6d956da0970