2uuoss.rusbzh.xyz Open in urlscan Pro
23.224.227.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://xvkcb.mom/
Effective URL:
https://2uuoss.rusbzh.xyz/index.html?mplmkf=3k37n
Submission: On May 08 via api (May 8th 2024, 4:15:16 pm UTC) from BE — Scanned from DE

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 50 HTTP transactions. The main IP is 23.224.227.54, located in and belongs to . The main domain is 2uuoss.rusbzh.xyz.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on April 27th 2024. Valid for: 3 months.

This is the only time 2uuoss.rusbzh.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	23.225.40.38 23.225.40.38	40065 (CNSERVERS) (CNSERVERS)
1 2	23.224.227.54 23.224.227.54	() ()
50	3

3 23.225.40.38 (United States) 1 redirects

ASN40065 (CNSERVERS, US)

xvkcb.mom	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.224.227.54 (None, ) 1 redirects

ASN- ()

2uuoss.rusbzh.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	xvkcb.mom 1 redirects xvkcb.mom	2 KB
2	rusbzh.xyz 1 redirects 2uuoss.rusbzh.xyz	20 KB
0	salantool.com Failed v1imvvfc356.salantool.com Failed
0	hebeimanlong.com Failed mcr69tje.hebeimanlong.com Failed
50	4

	Domain	Requested by
3	xvkcb.mom	1 redirects
2	2uuoss.rusbzh.xyz	1 redirects xvkcb.mom 2uuoss.rusbzh.xyz
0	v1imvvfc356.salantool.com Failed	2uuoss.rusbzh.xyz
0	mcr69tje.hebeimanlong.com Failed	2uuoss.rusbzh.xyz
50	4

This site contains no links.

Subject Issuer	Validity	Valid
xvkcb.mom ZeroSSL ECC Domain Secure Site CA	`2024-04-27` - `2024-07-26`	3 months	crt.sh
rusbzh.xyz ZeroSSL ECC Domain Secure Site CA	`2024-04-27` - `2024-07-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://2uuoss.rusbzh.xyz/index.html?mplmkf=3k37n
Frame ID: 5F7556A1C2A6DABC937EEDD8F716050C
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://xvkcb.mom/ Page URL
https://xvkcb.mom/?key=ok HTTP 302
https://2uuoss.rusbzh.xyz/ HTTP 301
https://2uuoss.rusbzh.xyz/index.html?mplmkf=3k37n Page URL

Page Statistics

50
Requests

6 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

21 kB
Transfer

65 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://xvkcb.mom/ Page URL
https://xvkcb.mom/?key=ok HTTP 302
https://2uuoss.rusbzh.xyz/ HTTP 301
https://2uuoss.rusbzh.xyz/index.html?mplmkf=3k37n Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
xvkcb.mom/ 2 KB
1 KB 560ms
180ms Document
text/html 23.225.40.38
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://xvkcb.mom/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.225.40.38 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: openresty /
Resource Hash: 7e8048c022836462a6c4c85e2db090dfa21c4513863183cf28c10c2831922ebc

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 08 May 2024 16:15:10 GMT
etag: W/"65ea108c-62b"
last-modified: Thu, 07 Mar 2024 19:07:56 GMT
server: openresty
vary: Accept-Encoding

GET
H2 404 favicon.ico
xvkcb.mom/ 552 B
652 B 181ms
181ms Other
text/html 23.225.40.38
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://xvkcb.mom/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.225.40.38 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: openresty /
Resource Hash: a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://xvkcb.mom/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 08 May 2024 16:15:11 GMT
server: openresty
content-length: 552
content-type: text/html; charset=utf-8

GET
H2

200

Primary Request index.html Show response
2uuoss.rusbzh.xyz/
Redirect Chain

https://xvkcb.mom/?key=ok
https://2uuoss.rusbzh.xyz/
https://2uuoss.rusbzh.xyz/index.html?mplmkf=3k37n

63 KB
20 KB

250ms
250ms

Document
text/html

23.224.227.54

General

Check archive.org

Show headers Download Go to

Full URL

https://2uuoss.rusbzh.xyz/index.html?mplmkf=3k37n

Requested by

Host: xvkcb.mom
URL: https://xvkcb.mom/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.227.54 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

90a92a50987506a230aff4d0579c6a398124e9cacfa74a60399b75a3592b1128

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://xvkcb.mom/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 08 May 2024 16:15:08 GMT
etag: W/"663b0e3d-fb79"
last-modified: Wed, 08 May 2024 05:31:41 GMT
server: openresty
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

access-control-allow-origin: *
content-length: 166
content-type: text/html
date: Wed, 08 May 2024 16:15:08 GMT
location: https://2uuoss.rusbzh.xyz/index.html?mplmkf=3k37n
server: openresty
x-frame-options: SAMEORIGIN

GET video-js.min.css
mcr69tje.hebeimanlong.com/ 0
0

GET video.min.js
mcr69tje.hebeimanlong.com/ 0
0

GET tips01.gif
mcr69tje.hebeimanlong.com/ 0
0

GET 7b92dd449065747a8bc48557c24c7b4c.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET cea542d0fac41b8d6ce61b51b2418501.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET 3a6561edae7db5fc26dccee181bce04e.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET 64cebfe53e9c2012b9b580e1f9bbafd6.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET a0446a6079b2b5c6bfafa28b620c4c11.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET 472a2974ccefe48d3b652a47d43965cb.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET ad103afaddc285c5da2ab6492946e1a6.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET f27a4b7f54a9beb661b4691ad55a38b4.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET b5551ce8bd5e520633053733e3c6d48a.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET bbed324c7e3659112719f49ed587c021.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET b9a9d3b782b30dec0c0b1bad48ce6ad5.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET 57efd02e026379c14d5830a0ee53bd3f.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET 95bab11f2b712b35f04dfb79733b3e45.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET 9d0307f442714d941ecf63e8bcb57da3.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET b3139431e20bbeaaf8ee27c282399c4a.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET af137d278223e404d08b9e2bb2884f62.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET 92b353c863968bd97917056e11280290.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET 3fea54759a4474ce5e73c2f1e32b019c.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET 7612541fd716ea9f65502835d51bd148.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET 16de502db73e8f0825cdbaacfdda9f44.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET 3d0f16a19f1d70a47f6cc098a3608acb.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET f77e481d0ca71a14c1a13351ad441fcc.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET ddba97c09c20b26eb5b472c43bb9fa0f.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET 0dd0bfaa29bb7026baf19b4f9efe3710.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET 0e388d73c890d351436648c0e2e54f6f.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET 33ba2b4b9181f62f7ca78d078a5bc30a.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET 6a335ecff2135e5f8a1c5c212f36a037.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET 89a129dea4476f73b2589ddd0e0a2c0c.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET 264af287a9ba6d4a87012903671f53c2.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET cf9602fa99b54732d73a1bf37aec499d.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET cd6ee0ce1d3b5f0b70b69b8449df717d.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET b22a3ab2391709a3cf6b2a572475eb7f.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET eb8dd7b57137b37788cb38547d43c987.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET f7739614f67bd6a1f1a36bff55405917.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET 118669d27c9c2dc6eea98869794b39de.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET 7774c4e08ecd2d6fc758d63db3618877.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET b35cb35667283189aa70fd8bfef94a9f.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET 8b25c0c13de5328ccc8bd024b6529b07.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET c6d711c1e0a39038459809b0ff9db633.webp.js
v1imvvfc356.salantool.com/p2/ 0
0

GET index.json
mcr69tje.hebeimanlong.com/ 0
0

GET mz.js
2uuoss.rusbzh.xyz/ 0
0

GET gs.js
mcr69tje.hebeimanlong.com/ 0
0

GET video-js.min.css
mcr69tje.hebeimanlong.com/ 0
0

GET video.min.js
mcr69tje.hebeimanlong.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mcr69tje.hebeimanlong.com
URL: https://mcr69tje.hebeimanlong.com/video-js.min.css

Domain: mcr69tje.hebeimanlong.com
URL: https://mcr69tje.hebeimanlong.com/video.min.js

Domain: mcr69tje.hebeimanlong.com
URL: https://mcr69tje.hebeimanlong.com/tips01.gif

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/7b92dd449065747a8bc48557c24c7b4c.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/cea542d0fac41b8d6ce61b51b2418501.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/3a6561edae7db5fc26dccee181bce04e.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/64cebfe53e9c2012b9b580e1f9bbafd6.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/a0446a6079b2b5c6bfafa28b620c4c11.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/472a2974ccefe48d3b652a47d43965cb.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/ad103afaddc285c5da2ab6492946e1a6.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/f27a4b7f54a9beb661b4691ad55a38b4.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/b5551ce8bd5e520633053733e3c6d48a.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/bbed324c7e3659112719f49ed587c021.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/b9a9d3b782b30dec0c0b1bad48ce6ad5.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/57efd02e026379c14d5830a0ee53bd3f.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/95bab11f2b712b35f04dfb79733b3e45.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/9d0307f442714d941ecf63e8bcb57da3.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/b3139431e20bbeaaf8ee27c282399c4a.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/af137d278223e404d08b9e2bb2884f62.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/92b353c863968bd97917056e11280290.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/3fea54759a4474ce5e73c2f1e32b019c.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/7612541fd716ea9f65502835d51bd148.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/16de502db73e8f0825cdbaacfdda9f44.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/3d0f16a19f1d70a47f6cc098a3608acb.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/f77e481d0ca71a14c1a13351ad441fcc.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/ddba97c09c20b26eb5b472c43bb9fa0f.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/0dd0bfaa29bb7026baf19b4f9efe3710.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/0e388d73c890d351436648c0e2e54f6f.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/33ba2b4b9181f62f7ca78d078a5bc30a.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/6a335ecff2135e5f8a1c5c212f36a037.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/89a129dea4476f73b2589ddd0e0a2c0c.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/264af287a9ba6d4a87012903671f53c2.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/cf9602fa99b54732d73a1bf37aec499d.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/cd6ee0ce1d3b5f0b70b69b8449df717d.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/b22a3ab2391709a3cf6b2a572475eb7f.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/eb8dd7b57137b37788cb38547d43c987.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/f7739614f67bd6a1f1a36bff55405917.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/118669d27c9c2dc6eea98869794b39de.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/7774c4e08ecd2d6fc758d63db3618877.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/b35cb35667283189aa70fd8bfef94a9f.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/8b25c0c13de5328ccc8bd024b6529b07.webp.js

Domain: v1imvvfc356.salantool.com
URL: https://v1imvvfc356.salantool.com/p2/c6d711c1e0a39038459809b0ff9db633.webp.js

Domain: mcr69tje.hebeimanlong.com
URL: https://mcr69tje.hebeimanlong.com/index.json

Domain: 2uuoss.rusbzh.xyz
URL: https://2uuoss.rusbzh.xyz/mz.js

Domain: mcr69tje.hebeimanlong.com
URL: https://mcr69tje.hebeimanlong.com/gs.js

Domain: mcr69tje.hebeimanlong.com
URL: https://mcr69tje.hebeimanlong.com/video-js.min.css

Domain: mcr69tje.hebeimanlong.com
URL: https://mcr69tje.hebeimanlong.com/video.min.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://xvkcb.mom/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2uuoss.rusbzh.xyz
mcr69tje.hebeimanlong.com
v1imvvfc356.salantool.com
xvkcb.mom
2uuoss.rusbzh.xyz
mcr69tje.hebeimanlong.com
v1imvvfc356.salantool.com
23.224.227.54
23.225.40.38
7e8048c022836462a6c4c85e2db090dfa21c4513863183cf28c10c2831922ebc
90a92a50987506a230aff4d0579c6a398124e9cacfa74a60399b75a3592b1128
a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb

2uuoss.rusbzh.xyz Open in urlscan Pro 23.224.227.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

50 Requests

6 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

1 Countries

21 kBTransfer

65 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

2uuoss.rusbzh.xyz Open in urlscan Pro
23.224.227.54 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

6 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

21 kB
Transfer

65 kB
Size

0
Cookies

50 HTTP transactions
0 data transactions