i.135958.com Open in urlscan Pro
119.3.106.213  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://www.ushendu.com/download.html?download=http://down.usdxz1.cn/20200602/UShenDu_UEFI_gw.exe Page URL
2. http://i.135958.com/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	download.html Show response www.ushendu.com/	1 KB 2 KB	1061ms 559ms	Document text/html	122.225.34.186 CT-HANGZHOU-IDC N...
General Check archive.org Show headers Download Go to Full URL http://www.ushendu.com/download.html?download=http://down.usdxz1.cn/20200602/UShenDu_UEFI_gw.exe Protocol HTTP/1.1 Server 122.225.34.186 , China, ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN), Reverse DNS Software Tengine / Resource Hash 5a2c1cbdc7ced8ebc3a6121194cf69a7f00a6df3b041b961e67e91bfa11f6516 Request headers Host www.ushendu.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server Tengine Content-Type text/html Content-Length 1075 Connection keep-alive Date Thu, 18 Jun 2020 22:56:33 GMT Vary Accept-Encoding Ali-Swift-Global-Savetime 1592520993 Via cache26.l2cn1833[71,200-0,M], cache17.l2cn1833[72,0], kunlun4.cn24[117,200-0,M], kunlun6.cn24[118,0] X-Cache MISS TCP_MISS dirn:-2:-2 X-Swift-SaveTime Thu, 18 Jun 2020 22:56:33 GMT X-Swift-CacheTime 0 Timing-Allow-Origin * EagleId 7ae122a415925209935532846e
GET H/1.1	200 OK	UShenDu_UEFI_gw.exe down.usdxz1.cn/20200602/	0 0	2329ms 1073ms	Document application/x-msdownload	43.242.166.88 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL http://down.usdxz1.cn/20200602/UShenDu_UEFI_gw.exe Requested by Host: www.ushendu.com URL: http://www.ushendu.com/download.html?download=http://down.usdxz1.cn/20200602/UShenDu_UEFI_gw.exe Protocol HTTP/1.1 Server 43.242.166.88 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software tencent-cos / Resource Hash Request headers Host down.usdxz1.cn Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.ushendu.com/download.html?download=http://down.usdxz1.cn/20200602/UShenDu_UEFI_gw.exe Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://www.ushendu.com/download.html?download=http://down.usdxz1.cn/20200602/UShenDu_UEFI_gw.exe Response headers Server tencent-cos Connection keep-alive Date Thu, 18 Jun 2020 22:56:35 GMT Cache-Control no-cache Last-Modified Thu, 04 Jun 2020 16:01:29 GMT Content-Type application/x-msdownload Content-Length 622638392 X-NWS-UUID-VERIFY a73e11034fa5ad1c50c2cb82732a30d5 Accept-Ranges bytes ETag "2daea2cc6f5b070e3bec44231cfca2fc-75" x-cos-hash-crc64ecma 15311844779768242512 x-cos-request-id NWVlYmYxMjNfNmJjYjEwOV8xMTA4Nl8zZjRiZTEx X-Daa-Tunnel hop_count=4 X-NWS-LOG-UUID 6304848790453521590 3816863d4edfb844940a57589b3dff90 X-Cache-Lookup Hit From Upstream
GET H/1.1	200 OK	Primary Request / Show response i.135958.com/	3 KB 4 KB	979ms 532ms	Document text/html	119.3.106.213 HWCSNET Huawei Cl...
General Check archive.org Show headers Download Go to Full URL http://i.135958.com/ Requested by Host: www.ushendu.com URL: http://www.ushendu.com/download.html?download=http://down.usdxz1.cn/20200602/UShenDu_UEFI_gw.exe Protocol HTTP/1.1 Server 119.3.106.213 , China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN), Reverse DNS ecs-119-3-106-213.compute.hwclouds-dns.com Software Microsoft-IIS/8.5 / Resource Hash 7607e731f19873c991cfc5a92e37e064b17619f96ad8d290c808aa0575b95aaa Request headers Host i.135958.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.ushendu.com/download.html?download=http://down.usdxz1.cn/20200602/UShenDu_UEFI_gw.exe Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://www.ushendu.com/download.html?download=http://down.usdxz1.cn/20200602/UShenDu_UEFI_gw.exe Response headers Content-Type text/html Last-Modified Wed, 03 Jun 2020 04:07:52 GMT Accept-Ranges bytes ETag "1226498d5c39d61:0" Server Microsoft-IIS/8.5 Date Thu, 18 Jun 2020 22:56:39 GMT Content-Length 3529
GET H/1.1	200 OK	ifrProps.js Show response www.2345.com/css/	3 KB 4 KB	803ms 523ms	Script application/javascript	101.226.28.202 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Full URL http://www.2345.com/css/ifrProps.js Requested by Host: i.135958.com URL: http://i.135958.com/ Protocol HTTP/1.1 Server 101.226.28.202 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN), Reverse DNS Software Tengine / Resource Hash f5da2825f3945443e5164ed8ee9e400cad2d419afd54dac81e4d67bd5446f203 Request headers Referer http://i.135958.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 18 Jun 2020 22:46:20 GMT Via cache48.l2cn1817[0,304-0,H], cache50.l2cn1817[0,0], cache26.cn1907[0,200-0,H], cache29.cn1907[4,0] Age 620 X-Cache HIT TCP_MEM_HIT dirn:11:380458826 X-Swift-CacheTime 1794 X-Swift-SaveTime Thu, 18 Jun 2020 22:46:26 GMT Content-Length 3183 Last-Modified Mon, 07 Jan 2019 01:32:33 GMT Server Tengine Cache-Control max-age=1800 ETag "5c32ac31-c6f" Vary Accept-Encoding Ali-Swift-Global-Savetime 1587902233 Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * EagleId 65e21c3115925210004297291e Expires Thu, 18 Jun 2020 23:16:20 GMT
GET		z_stat.php s22.cnzz.com/	0 0
GET		z_stat.php s13.cnzz.com/	0 0
GET		tg39874.htm www.2345.com/ Frame 3CD0	0 0
GET H2	200	tg39874.htm www.2345.com/ Frame 21ED	0 0	735ms 734ms	Document text/html	101.226.28.202 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Full URL https://www.2345.com/tg39874.htm Requested by Host: www.2345.com URL: http://www.2345.com/css/ifrProps.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 101.226.28.202 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN), Reverse DNS Software Tengine / Resource Hash Request headers :method GET :authority www.2345.com :scheme https :path /tg39874.htm pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://i.135958.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://i.135958.com/ Response headers status 200 server Tengine content-type text/html content-length 162714 date Thu, 18 Jun 2020 22:46:42 GMT last-modified Thu, 18 Jun 2020 22:30:01 GMT vary Accept-Encoding etag "5eebeae9-27b9a" expires Thu, 18 Jun 2020 23:16:42 GMT cache-control max-age=1800 accept-ranges bytes ali-swift-global-savetime 1592371107 via cache28.l2cn1817[0,200-0,H], cache33.l2cn1817[0,0], cache33.cn1907[0,200-0,H], cache14.cn1907[0,0] age 598 x-cache HIT TCP_MEM_HIT dirn:-2:-2 x-swift-savetime Thu, 18 Jun 2020 22:48:22 GMT x-swift-cachetime 1700 timing-allow-origin * eagleid 65e21c2215925210007296804e
GET H/1.1	200 OK	widthHeight.js Show response www.2345.com/css/	1 KB 2 KB	276ms 275ms	Script application/javascript	101.226.28.202 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Full URL http://www.2345.com/css/widthHeight.js?ver=5.19 Requested by Host: i.135958.com URL: http://i.135958.com/ Protocol HTTP/1.1 Server 101.226.28.202 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN), Reverse DNS Software Tengine / Resource Hash 2fefff5e77a2040e062e4854d179bcf69be30367619f8feeb4e83c191c3c8625 Request headers Referer http://i.135958.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 18 Jun 2020 22:34:50 GMT Via cache47.l2cn1817[0,304-0,H], cache45.l2cn1817[0,0], cache9.cn1907[0,200-0,H], cache29.cn1907[1,0] Age 1310 X-Cache HIT TCP_MEM_HIT dirn:10:926282368 X-Swift-CacheTime 1791 X-Swift-SaveTime Thu, 18 Jun 2020 22:34:59 GMT Content-Length 1174 Last-Modified Mon, 07 Jan 2019 01:32:33 GMT Server Tengine Cache-Control max-age=1800 ETag "5c32ac31-496" Vary Accept-Encoding Ali-Swift-Global-Savetime 1591594698 Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * EagleId 65e21c3115925210007247524e Expires Thu, 18 Jun 2020 23:04:50 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

s22.cnzz.com

URL

https://s22.cnzz.com/z_stat.php?id=1263267095&web_id=1263267095

Domain

s13.cnzz.com

URL

https://s13.cnzz.com/z_stat.php?id=1273775672&web_id=1273775672

Domain

www.2345.com

URL

https://www.2345.com/tg39874.htm

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| domain string| main string| search_ string| logo_ string| websiteUrl_ function| init function| getCookie function| subs function| setScreen function| getLogo function| getWebsiteUrl object| T object| webKuanPing object| webBiaoZhun

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

down.usdxz1.cn
i.135958.com
s13.cnzz.com
s22.cnzz.com
www.2345.com
www.ushendu.com
s13.cnzz.com
s22.cnzz.com
www.2345.com
101.226.28.202
119.3.106.213
122.225.34.186
43.242.166.88
2fefff5e77a2040e062e4854d179bcf69be30367619f8feeb4e83c191c3c8625
5a2c1cbdc7ced8ebc3a6121194cf69a7f00a6df3b041b961e67e91bfa11f6516
7607e731f19873c991cfc5a92e37e064b17619f96ad8d290c808aa0575b95aaa
f5da2825f3945443e5164ed8ee9e400cad2d419afd54dac81e4d67bd5446f203