www.txty392.com Open in urlscan Pro
95.82.50.50 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.txty392.com/
Submission: On January 14 via api (January 14th 2024, 12:09:51 pm UTC) from US — Scanned from US

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 16 HTTP transactions. The main IP is 95.82.50.50, located in Australia and belongs to JPTL-AS-AP JOINT POWER TECHNOLOGY LIMITED, HK. The main domain is www.txty392.com.
TLS certificate: Issued by R3 on January 8th 2024. Valid for: 3 months.

This is the only time www.txty392.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	95.82.50.50 95.82.50.50	134729 (JPTL-AS-A...) (JPTL-AS-AP JOINT POWER TECHNOLOGY LIMITED)
1	43.152.182.92 43.152.182.92	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
2	104.250.33.35 104.250.33.35	137280 (KSYUNGLOB...) (KSYUNGLOBAL-AS-AP Kingsoft cloud corporation limited)
16	4

13 95.82.50.50 (Australia)

ASN134729 (JPTL-AS-AP JOINT POWER TECHNOLOGY LIMITED, HK)

www.txty392.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.152.182.92 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

pv.sohu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.250.33.35 (Hong Kong)

ASN137280 (KSYUNGLOBAL-AS-AP Kingsoft cloud corporation limited, HK)

yenbackfi.mo6i2p.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	txty392.com www.txty392.com	694 KB
2	mo6i2p.com yenbackfi.mo6i2p.com	1 MB
1	sohu.com pv.sohu.com — Cisco Umbrella Rank: 29803	308 B
16	3

	Domain	Requested by
13	www.txty392.com	www.txty392.com
2	yenbackfi.mo6i2p.com
1	pv.sohu.com	www.txty392.com
16	3

This site contains links to these domains. Also see Links.

Domain
www.txty194.com

Subject Issuer	Validity	Valid
www.txty392.com R3	`2024-01-08` - `2024-04-07`	3 months	crt.sh
www.sohu.com Secure Site CA G2	`2023-08-10` - `2024-08-10`	a year	crt.sh
www.yenbackfi.mo6i2p.com R3	`2023-11-24` - `2024-02-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.txty392.com/
Frame ID: 4CA5574DC24D1B13A44D1DA3D7176AC1
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

请用系统浏览器打开进行下载

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

1787 kB
Transfer

2624 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.txty194.com:30501/app/csList
Title: 联系客服

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.txty392.com/ 6 KB
2 KB 871ms
283ms Document
text/html 95.82.50.50
JPTL-AS-AP JOINT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.txty392.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.82.50.50 , Australia, ASN134729 (JPTL-AS-AP JOINT POWER TECHNOLOGY LIMITED, HK),
Reverse DNS
Software: nginx /
Resource Hash: b6ea79434a8eeeef5d9ba4821e3d16e95249ee00c214cfa9a24a0735ceb2ea5d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-type: text/html
date: Sun, 14 Jan 2024 12:09:41 GMT
etag: W/"659d45b0-160c"
jckl: 0AA3EwTwI7eD5DxqRxekwJShO46Rj8mszlA/dw+zQE2YrbhV9I/HCcJ088KxSudajuFZjI25w9E0zjBlvZO9uA==
last-modified: Tue, 09 Jan 2024 13:10:08 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 google
x-request-id: 5dab8e60a2cef37f8f647c46830e889f

GET
H2 200 theme.config.js Show response
www.txty392.com/ 39 KB
12 KB 378ms
375ms Script
application/javascript 95.82.50.50
JPTL-AS-AP JOINT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.txty392.com/theme.config.js?version=202401021950
Requested by: Host: www.txty392.com
URL: https://www.txty392.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.82.50.50 , Australia, ASN134729 (JPTL-AS-AP JOINT POWER TECHNOLOGY LIMITED, HK),
Reverse DNS
Software: nginx /
Resource Hash: bfde1e4c34e94bbaf51ecdbcfd2ad30b9c03680a7529beaa69497e4bca75e85e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.txty392.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 12:09:42 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 09 Jan 2024 13:10:23 GMT
server: nginx
etag: W/"659d45bf-9bca"
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
jckl: dTdLljL1S7fxhzd6aPrEZyyFasPs5cPRPh2sugEkOVCXZKneJqELvyRsTh2Nh5CEYzZ/Guxq4oKIBfatCLKWiw==
x-request-id: 256384d063988d33c78f724ac45eb312

GET
H2 200 siteMobile.css
www.txty392.com/css/ 47 KB
11 KB 325ms
323ms Stylesheet
text/css 95.82.50.50
JPTL-AS-AP JOINT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.txty392.com/css/siteMobile.css?version=1704805823991
Requested by: Host: www.txty392.com
URL: https://www.txty392.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.82.50.50 , Australia, ASN134729 (JPTL-AS-AP JOINT POWER TECHNOLOGY LIMITED, HK),
Reverse DNS
Software: nginx /
Resource Hash: 98b833bd86f1b632bd184b81142d631773874d2a3ffb0a3b30cd15053a7d37d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.txty392.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 12:09:42 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 09 Jan 2024 13:10:08 GMT
server: nginx
etag: W/"659d45b0-bd21"
vary: Accept-Encoding
x-cache: MISS
content-type: text/css
cache-control: max-age=1800
jckl: Eq5RblzwgHC/qfpBwr/smfBZ4C73jh9PC+Sq5SJSRF816bKAo1bYmuDYlfzgD6NjE7wpAdWpOGas4FOUeG3ZlQ==
x-request-id: ed72d82fa3296f68291d80a1a60a1c82

GET
H2 200 official_tutorials.png
www.txty392.com/assets/commons/images/home/ 145 KB
145 KB 376ms
375ms Image
image/png 95.82.50.50
JPTL-AS-AP JOINT ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.txty392.com/assets/commons/images/home/official_tutorials.png
Requested by: Host: www.txty392.com
URL: https://www.txty392.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.82.50.50 , Australia, ASN134729 (JPTL-AS-AP JOINT POWER TECHNOLOGY LIMITED, HK),
Reverse DNS
Software: nginx /
Resource Hash: 065aada6c29891c3f66976e03d6756a380600aa0f74d6e27c55bb19fa120f289

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.txty392.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 12:09:42 GMT
via: 1.1 google
last-modified: Thu, 09 Nov 2023 14:54:34 GMT
server: nginx
etag: "654cf2aa-24395"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 148373
jckl: 0hmfOLZrsIoitHBprHLwMwYpuQTSi0G8dbQ9D3u0xJVeAlAVKVuCoJINZ+kAAc8GHwf1mPBzc6fovmdd0f4ieA==
x-request-id: dcfed7db169cda434d0704c1f8c007f4

GET
H2 200 simple_tutorials.png
www.txty392.com/assets/commons/images/home/ 140 KB
141 KB 510ms
509ms Image
image/png 95.82.50.50
JPTL-AS-AP JOINT ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.txty392.com/assets/commons/images/home/simple_tutorials.png
Requested by: Host: www.txty392.com
URL: https://www.txty392.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.82.50.50 , Australia, ASN134729 (JPTL-AS-AP JOINT POWER TECHNOLOGY LIMITED, HK),
Reverse DNS
Software: nginx /
Resource Hash: e6a27a927d56afc617059174b78d02a9bc26e6920d90d6167cf0b9b0a73ea986

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.txty392.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 12:09:42 GMT
via: 1.1 google
last-modified: Thu, 09 Nov 2023 14:54:34 GMT
server: nginx
etag: "654cf2aa-23153"
x-cache: MISS
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
content-length: 143699
jckl: nenER9qamHrhvTj2RgOVPr2MPYpGqep/jUBNX3IMErVus5o6roBo3YD74obERJ29X9mNJlw3kpE8yo4SEgQnMw==
x-request-id: 4e634e43ab8fbc47d126461a2b8fd301

GET
H/1.1 200
OK cityjson Show response
pv.sohu.com/ 72 B
308 B 1502ms
293ms Script
application/json 43.152.182.92
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.sohu.com/cityjson?ie=utf-8
Requested by: Host: www.txty392.com
URL: https://www.txty392.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.182.92 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: OverSea_E0 /
Resource Hash: f5d09365810dd11ef1204b35bfede3158a07d5592a9c9cfa449dd534f9964aa9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.txty392.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 12:09:43 GMT
X-Cache-Lookup: Return Directly
Server: OverSea_E0
Connection: keep-alive
X-NWS-LOG-UUID: 4859389558503854679
Content-Length: 72
Content-Type: application/json;charset=utf-8

GET
H2 200 tyscm.3.9.1.js Show response
www.txty392.com/houtu/tyscm/ 470 KB
148 KB 739ms
738ms Script
application/javascript 95.82.50.50
JPTL-AS-AP JOINT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.txty392.com/houtu/tyscm/tyscm.3.9.1.js
Requested by: Host: www.txty392.com
URL: https://www.txty392.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.82.50.50 , Australia, ASN134729 (JPTL-AS-AP JOINT POWER TECHNOLOGY LIMITED, HK),
Reverse DNS
Software: nginx /
Resource Hash: 5071674bb70698211c0ede67a4a111d5c91c9f9d8dbf63bcdc925c5172de9138

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.txty392.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 12:09:42 GMT
content-encoding: gzip
via: 1.1 google
x-cache: MISS
jckl: foxHSSQHbZaSYD7q9cQycL0Zq91z8NN8Caz+jRJOX44vKwPFf3vVPKwCCvaQ/fj5RfbPCkl+f6R94mqsbgFp+A==
x-request-id: e0258de51fcdd8c3c32cd75f0913df91
last-modified: Thu, 28 Dec 2023 02:52:05 GMT
server: nginx
etag: W/"658ce2d5-75790"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
access-control-allow-methods: POST, GET,PUT,DELETE,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
access-control-allow-headers: Origin, Authorization, Accept,Content-Type, X-JSL-API-AUTH

GET
H2 200 siteMobile.c375b986.js Show response
www.txty392.com/js/ 633 KB
216 KB 594ms
594ms Script
application/javascript 95.82.50.50
JPTL-AS-AP JOINT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.txty392.com/js/siteMobile.c375b986.js
Requested by: Host: www.txty392.com
URL: https://www.txty392.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.82.50.50 , Australia, ASN134729 (JPTL-AS-AP JOINT POWER TECHNOLOGY LIMITED, HK),
Reverse DNS
Software: nginx /
Resource Hash: 988ad60ff82b9db4cd7f62cfc62aa59293bf31e8f71667feaec9d004d2af9b1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.txty392.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 12:09:42 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 09 Jan 2024 13:10:08 GMT
server: nginx
etag: W/"659d45b0-9e385"
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: max-age=1800
jckl: Z9jsIcg4GLBGHHfWytgsIxMeveY41k1u9U3Kzp8Fadc/EAnAdJCyqFpHokPanfB3HHLTuEPn3JiWfThSo4MwgA==
x-request-id: ef14793d6a39d956de66ce3fc68efa0c

GET
H2 200 timeServer Show response
www.txty392.com/ 70 B
234 B 294ms
294ms Fetch
application/json 95.82.50.50
JPTL-AS-AP JOINT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.txty392.com/timeServer
Requested by: Host: www.txty392.com
URL: https://www.txty392.com/js/siteMobile.c375b986.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.82.50.50 , Australia, ASN134729 (JPTL-AS-AP JOINT POWER TECHNOLOGY LIMITED, HK),
Reverse DNS
Software: nginx /
Resource Hash: d89ae23b42eaf990d5fa79888c866602d0261d484cd334a6f8f355c53b2b3451

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.txty392.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 12:09:44 GMT
via: 1.1 google
server: nginx
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 70
jckl: 3TgkLvn8IoFZGXRm7GOIXZiwA7m45bXaN84z7eS2jPAOEvnCF8Ed7nmZnwqmPSl/4joQs4TVL00Oj9tikIa0qw==
x-request-id: 80ca6d8dc4d6b7d57472199ed5a31886

GET
H2 200 siteMobile.css Show response
www.txty392.com/css/ 47 KB
11 KB 271ms
271ms XHR
text/css 95.82.50.50
JPTL-AS-AP JOINT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.txty392.com/css/siteMobile.css?version=1704805823991
Requested by: Host: www.txty392.com
URL: https://www.txty392.com/theme.config.js?version=202401021950
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.82.50.50 , Australia, ASN134729 (JPTL-AS-AP JOINT POWER TECHNOLOGY LIMITED, HK),
Reverse DNS
Software: nginx /
Resource Hash: d498718581574ca3a1cd0b971532a532ba88eef2cd862f0bd6de04af63f4f713

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.txty392.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 12:09:44 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 09 Jan 2024 13:10:08 GMT
server: nginx
etag: W/"659d45b0-bd21"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=1800
x-cache-hit: edge
jckl: Eq5RblzwgHC/qfpBwr/smfBZ4C73jh9PC+Sq5SJSRF816bKAo1bYmuDYlfzgD6NjE7wpAdWpOGas4FOUeG3ZlQ==
x-request-id: 948382175304d3788a02feafe62c85a4

GET
DATA 200
OK truncated
/ 56 KB
56 KB Other
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96e5754a524990caad6a85393b8ebcb9d63d41b774db021ec21f991aebd01cb4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: application/octet-stream

POST
H2 200 nl5fdzjvexaotqhdaqx8pdyq1j2q8oxm Show response
www.txty392.com/scytale/ 5 KB
5 KB 401ms
400ms XHR
application/scytale 95.82.50.50
JPTL-AS-AP JOINT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.txty392.com/scytale/nl5fdzjvexaotqhdaqx8pdyq1j2q8oxm

Requested by

Host: www.txty392.com
URL: https://www.txty392.com/js/siteMobile.c375b986.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.82.50.50 , Australia, ASN134729 (JPTL-AS-AP JOINT POWER TECHNOLOGY LIMITED, HK),

Reverse DNS

Software

nginx /

Resource Hash

5aaf8a5f6d19d361eb7885bcf73f18739088da3c7f138789ef03ac1f74335936

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
QHUJK: 1
Content-Type: application/scytale
Accept: application/json, text/plain, */*
Referer: https://www.txty392.com/
withCredentials: true
crossDomain: true

Response headers

date: Sun, 14 Jan 2024 12:09:44 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-date: 1705234184
access-control-allow-headers: *
content-length: 5336
x-xss-protection: 1; mode=block
jckl: gVA2IDUN2lauieRxTsAoig1mZWlc5zT7VXQPZfgGDIbIsQuBfdAbX1ezxsWk7G9IIMQRzFc/xi5iBr6CDqANGA==
x-request-id: fc76033d9be2e4f41f37aed785a595bb

POST
H2 200 taafdzn8km58i4zmyna1nz4la8qw1yrt Show response
www.txty392.com/scytale/ 504 B
694 B 406ms
405ms XHR
application/scytale 95.82.50.50
JPTL-AS-AP JOINT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.txty392.com/scytale/taafdzn8km58i4zmyna1nz4la8qw1yrt

Requested by

Host: www.txty392.com
URL: https://www.txty392.com/js/siteMobile.c375b986.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.82.50.50 , Australia, ASN134729 (JPTL-AS-AP JOINT POWER TECHNOLOGY LIMITED, HK),

Reverse DNS

Software

nginx /

Resource Hash

3772357928efab8ea838c24a2aaf042341624b728a41e1c8c372776e526e4423

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
QHUJK: 1
Content-Type: application/scytale
Accept: application/json, text/plain, */*
Referer: https://www.txty392.com/
withCredentials: true
crossDomain: true

Response headers

date: Sun, 14 Jan 2024 12:09:45 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-date: 1705234185
access-control-allow-headers: *
content-length: 504
x-xss-protection: 1; mode=block
jckl: WGaokBvdjrA5HqjL4ztkprO1KGS0tNCc7BG9IGJOJw/lIA4kAs2gQAPAPYteygLAd4HXICmd/eRKG6/YiMQPUg==
x-request-id: b29ea7b7f58245b763d39753d6032934

POST
H2 200 haafdz45eqnbyml57of7qfi7n2xmzbqb Show response
www.txty392.com/scytale/ 424 B
574 B 406ms
406ms XHR
application/scytale 95.82.50.50
JPTL-AS-AP JOINT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.txty392.com/scytale/haafdz45eqnbyml57of7qfi7n2xmzbqb

Requested by

Host: www.txty392.com
URL: https://www.txty392.com/js/siteMobile.c375b986.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.82.50.50 , Australia, ASN134729 (JPTL-AS-AP JOINT POWER TECHNOLOGY LIMITED, HK),

Reverse DNS

Software

nginx /

Resource Hash

d081e284de684d3b1b679ad028262c6bf734f0b1605e12457a671da2287cdb3f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
QHUJK: 1
Content-Type: application/scytale
Accept: application/json, text/plain, */*
Referer: https://www.txty392.com/
withCredentials: true
crossDomain: true

Response headers

date: Sun, 14 Jan 2024 12:09:45 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-date: 1705234185
access-control-allow-headers: *
content-length: 424
x-xss-protection: 1; mode=block
jckl: shlxyGnzpjjEYdj8/E1g91UGMdY9A5F7bOher3i7l1UqibbhhIX6LRUbKmHomUlH6XsQlxqP6XKWoMByQvNAWg==
x-request-id: 5ae83334033b802a426b0b093bcb5c51

POST
H2 200 ucafdz88knytadd2dokr7g81jmv4jdan Show response
www.txty392.com/scytale/ 504 B
651 B 408ms
408ms XHR
application/scytale 95.82.50.50
JPTL-AS-AP JOINT ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.txty392.com/scytale/ucafdz88knytadd2dokr7g81jmv4jdan

Requested by

Host: www.txty392.com
URL: https://www.txty392.com/js/siteMobile.c375b986.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.82.50.50 , Australia, ASN134729 (JPTL-AS-AP JOINT POWER TECHNOLOGY LIMITED, HK),

Reverse DNS

Software

nginx /

Resource Hash

97eecc69756bb6cd65bf8567de9a417cbddddaf064bbef38336fa80ca1cd4885

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
QHUJK: 1
Content-Type: application/scytale
Accept: application/json, text/plain, */*
Referer: https://www.txty392.com/
withCredentials: true
crossDomain: true

Response headers

date: Sun, 14 Jan 2024 12:09:45 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
via: 1.1 google
server: nginx
access-control-allow-methods: *
content-type: application/scytale
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-date: 1705234185
access-control-allow-headers: *
content-length: 504
x-xss-protection: 1; mode=block
jckl: iTS9AjG2xSJbU/rD/wSEzUw6dhCVbWbbs38bBXKWN2hMp7+AIN/AOEQCwyBsd58fbazSIUuM82PoaWyMbJ79NQ==
x-request-id: 3ed077754d6421c43369a943eb763190

GET
H2 200 5b781583ec114676935e7eb87cd3d86e.png
yenbackfi.mo6i2p.com/clientManage/ 27 KB
27 KB 996ms
441ms Image
image/png 104.250.33.35
KSYUNGLOBAL-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yenbackfi.mo6i2p.com/clientManage/5b781583ec114676935e7eb87cd3d86e.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.250.33.35 , Hong Kong, ASN137280 (KSYUNGLOBAL-AS-AP Kingsoft cloud corporation limited, HK),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57fb3a525873e19780f7ca5703279df144ed37c9e6aca12f8eb226f1d8074646

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.txty392.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 10:58:37 GMT
via: 1.1 52f7257d0c699edd83950a4ebf27c3cc.cloudfront.net (CloudFront)
age: 4268
x-amz-cf-pop: HKG54-C1
x-amz-server-side-encryption: AES256
x-cache-status: HIT from KS-CLOUD-XG-FOREIGN-12-04, HIT from KS-CLOUD-XG-FOREIGN-03-05
x-cache: Miss from cloudfront
x-link-via: xg03:443;xg12:443;
content-length: 27140
last-modified: Thu, 07 Dec 2023 06:01:23 GMT
server: AmazonS3
etag: "0a086825355c0f27b871343a7eec1b95"
content-type: image/png
accept-ranges: bytes
x-cdn-request-id: ba72f95c78fe816769586b10d408df07
x-amz-cf-id: 9e6ATVk26L_K9aCrIA1_M7xQZFZD7WtncG5ZTLPckggiP6xWFEN8kg==
expires: Mon, 15 Jan 2024 10:58:37 GMT

GET
H2 200 eb09fda9af30463eb785b90261fd0c67.png
yenbackfi.mo6i2p.com/clientManage/ 1008 KB
1010 KB 894ms
343ms Image
image/png 104.250.33.35
KSYUNGLOBAL-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yenbackfi.mo6i2p.com/clientManage/eb09fda9af30463eb785b90261fd0c67.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.250.33.35 , Hong Kong, ASN137280 (KSYUNGLOBAL-AS-AP Kingsoft cloud corporation limited, HK),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7603579e99c1b8cae72e29ba44e2c63518cc3423db4fea1271c929d945ea9721

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.txty392.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 10:58:37 GMT
via: 1.1 abe726b1571439a6268136ea3851d872.cloudfront.net (CloudFront)
age: 4268
x-amz-cf-pop: HKG54-C1
x-amz-server-side-encryption: AES256
x-cache-status: MISS from KS-CLOUD-XG-FOREIGN-12-02, HIT from KS-CLOUD-XG-FOREIGN-03-05
x-cache: Miss from cloudfront
x-link-via: xg03:443;xg12:443;
content-length: 1032195
last-modified: Mon, 14 Aug 2023 11:57:45 GMT
server: AmazonS3
etag: "a9ec9a43127af00cc6694912fa833d64"
content-type: image/png
accept-ranges: bytes
x-cdn-request-id: 615fe5490fd78f3580c9260b1d782bd6
x-amz-cf-id: mZJj9i2lwMrY98PRP8UosvLlajRKYG81jhWU4gyKjxO1vjnoAnh8uQ==
expires: Mon, 15 Jan 2024 10:58:37 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.txty392.com/	1969-12-31 23:59:59	Name: https_waf_cookie Value: cb4dec76-698b-45e6d179e537271dfd9092130dd9adae7f4e
			www.txty392.com/	1970-01-20 17:40:35	Name: acw_tc Value: ac11000117052341817317814e00a250c9be5f3162510b045196ae885b9c16

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pv.sohu.com
www.txty392.com
yenbackfi.mo6i2p.com
104.250.33.35
43.152.182.92
95.82.50.50
065aada6c29891c3f66976e03d6756a380600aa0f74d6e27c55bb19fa120f289
3772357928efab8ea838c24a2aaf042341624b728a41e1c8c372776e526e4423
5071674bb70698211c0ede67a4a111d5c91c9f9d8dbf63bcdc925c5172de9138
57fb3a525873e19780f7ca5703279df144ed37c9e6aca12f8eb226f1d8074646
5aaf8a5f6d19d361eb7885bcf73f18739088da3c7f138789ef03ac1f74335936
7603579e99c1b8cae72e29ba44e2c63518cc3423db4fea1271c929d945ea9721
96e5754a524990caad6a85393b8ebcb9d63d41b774db021ec21f991aebd01cb4
97eecc69756bb6cd65bf8567de9a417cbddddaf064bbef38336fa80ca1cd4885
988ad60ff82b9db4cd7f62cfc62aa59293bf31e8f71667feaec9d004d2af9b1b
98b833bd86f1b632bd184b81142d631773874d2a3ffb0a3b30cd15053a7d37d2
b6ea79434a8eeeef5d9ba4821e3d16e95249ee00c214cfa9a24a0735ceb2ea5d
bfde1e4c34e94bbaf51ecdbcfd2ad30b9c03680a7529beaa69497e4bca75e85e
d081e284de684d3b1b679ad028262c6bf734f0b1605e12457a671da2287cdb3f
d498718581574ca3a1cd0b971532a532ba88eef2cd862f0bd6de04af63f4f713
d89ae23b42eaf990d5fa79888c866602d0261d484cd334a6f8f355c53b2b3451
e6a27a927d56afc617059174b78d02a9bc26e6920d90d6167cf0b9b0a73ea986
f5d09365810dd11ef1204b35bfede3158a07d5592a9c9cfa449dd534f9964aa9

www.txty392.com Open in urlscan Pro 95.82.50.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

16 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

1787 kBTransfer

2624 kBSize

2 Cookies

1 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

2 Cookies

Indicators

www.txty392.com Open in urlscan Pro
95.82.50.50 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

1787 kB
Transfer

2624 kB
Size

2
Cookies

16 HTTP transactions
1 data transactions