duzhitech.com Open in urlscan Pro
47.243.95.166 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ejgftkzzy695cmyu.myfritz.net/wordpress/wp-content
Effective URL:
https://duzhitech.com/wordpress/info/
Submission: On May 10 via api (May 10th 2024, 5:17:43 am UTC) from BY — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 4 countries across 4 domains to perform 24 HTTP transactions. The main IP is 47.243.95.166, located in Hong Kong, Hong Kong and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is duzhitech.com.
TLS certificate: Issued by R3 on March 7th 2024. Valid for: 3 months.

This is the only time duzhitech.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Schweizerische Bundesbahnen (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 3	46.142.68.137 46.142.68.137	8881 (VERSATEL) (VERSATEL)
1 21	47.243.95.166 47.243.95.166	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1 2	18.245.39.50 18.245.39.50	16509 (AMAZON-02) (AMAZON-02)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	4

3 46.142.68.137 (Mühlacker, Germany) 1 redirects

ASN8881 (VERSATEL, DE)
PTR: 137-68-142-46.pool.kielnet.net

ejgftkzzy695cmyu.myfritz.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 47.243.95.166 (Hong Kong, Hong Kong) 1 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

duzhitech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.39.50 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-245-39-50.fra56.r.cloudfront.net

logs1407.xiti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

userstatics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	duzhitech.com 1 redirects duzhitech.com	408 KB
3	myfritz.net 1 redirects ejgftkzzy695cmyu.myfritz.net	687 B
2	xiti.com 1 redirects logs1407.xiti.com — Cisco Umbrella Rank: 137349	1 KB
1	userstatics.com userstatics.com — Cisco Umbrella Rank: 90025	624 B
24	4

	Domain	Requested by
21	duzhitech.com	1 redirects duzhitech.com
3	ejgftkzzy695cmyu.myfritz.net	1 redirects
2	logs1407.xiti.com	1 redirects duzhitech.com
1	userstatics.com	duzhitech.com
24	4

This site contains no links.

Subject Issuer	Validity	Valid
dbfpi.myddns.me R3	`2023-10-14` - `2024-01-12`	3 months	crt.sh
www.duzhitech.com R3	`2024-03-07` - `2024-06-05`	3 months	crt.sh
userstatics.com E1	`2024-03-28` - `2024-06-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://duzhitech.com/wordpress/info/
Frame ID: BD02DB48782F540217A1F1E836596985
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmeldung | SwissPass

Page URL History Show full URLs

http://ejgftkzzy695cmyu.myfritz.net/wordpress/wp-content HTTP 307
https://ejgftkzzy695cmyu.myfritz.net/wordpress/wp-content HTTP 301
https://ejgftkzzy695cmyu.myfritz.net/wordpress/wp-content/ Page URL
https://duzhitech.com/wordpress/info HTTP 301
https://duzhitech.com/wordpress/info/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

88 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

4
Countries

410 kB
Transfer

1021 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ejgftkzzy695cmyu.myfritz.net/wordpress/wp-content HTTP 307
https://ejgftkzzy695cmyu.myfritz.net/wordpress/wp-content HTTP 301
https://ejgftkzzy695cmyu.myfritz.net/wordpress/wp-content/ Page URL
https://duzhitech.com/wordpress/info HTTP 301
https://duzhitech.com/wordpress/info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ejgftkzzy695cmyu.myfritz.net/wordpress/wp-content HTTP 307
https://ejgftkzzy695cmyu.myfritz.net/wordpress/wp-content HTTP 301
https://ejgftkzzy695cmyu.myfritz.net/wordpress/wp-content/

Request Chain 18

https://logs1407.xiti.com/event?s=611076 HTTP 307
https://logs1407.xiti.com/event?s=611076&Rdt=On

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
ejgftkzzy695cmyu.myfritz.net/wordpress/wp-content/
Redirect Chain

http://ejgftkzzy695cmyu.myfritz.net/wordpress/wp-content
https://ejgftkzzy695cmyu.myfritz.net/wordpress/wp-content
https://ejgftkzzy695cmyu.myfritz.net/wordpress/wp-content/

83 B
341 B

18ms
18ms

Document
text/html

46.142.68.137
VERSATEL

General

Check archive.org

Show headers Download Go to

Full URL

https://ejgftkzzy695cmyu.myfritz.net/wordpress/wp-content/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

46.142.68.137 Mühlacker, Germany, ASN8881 (VERSATEL, DE),

Reverse DNS

137-68-142-46.pool.kielnet.net

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 100
content-type: text/html
date: Fri, 10 May 2024 05:17:35 GMT
etag: "53-61531f3f897c0-gzip"
last-modified: Wed, 03 Apr 2024 14:22:31 GMT
referrer-policy: no-referrer
server: Apache
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-robots-tag: noindex, nofollow
x-xss-protection: 0

Redirect headers

content-length: 266
content-type: text/html; charset=iso-8859-1
date: Fri, 10 May 2024 05:17:35 GMT
location: https://ejgftkzzy695cmyu.myfritz.net/wordpress/wp-content/
server: Apache

GET
H2

200

Primary Request / Show response
duzhitech.com/wordpress/info/
Redirect Chain

https://duzhitech.com/wordpress/info
https://duzhitech.com/wordpress/info/

25 KB
6 KB

274ms
274ms

Document
text/html

47.243.95.166
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://duzhitech.com/wordpress/info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.243.95.166 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

1f6e67bc886cbf171ee9cb58e9985ddbf7e636315cec4f2034625a758d1f5b45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ejgftkzzy695cmyu.myfritz.net/wordpress/wp-content/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 10 May 2024 05:17:36 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

content-length: 162
content-type: text/html
date: Fri, 10 May 2024 05:17:36 GMT
location: https://duzhitech.com/wordpress/info/
server: nginx
strict-transport-security: max-age=31536000

GET
H2 404 favicon.ico
ejgftkzzy695cmyu.myfritz.net/ 196 B
224 B 16ms
16ms Other
text/html 46.142.68.137
VERSATEL

General

Check archive.org

Show headers Download Go to

Full URL: https://ejgftkzzy695cmyu.myfritz.net/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.142.68.137 Mühlacker, Germany, ASN8881 (VERSATEL, DE),
Reverse DNS: 137-68-142-46.pool.kielnet.net
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 05:17:35 GMT
server: Apache
content-length: 196
content-type: text/html; charset=iso-8859-1

GET
H2 200 sso.min-20200819.css
duzhitech.com/wordpress/info/css/ 180 KB
29 KB 547ms
547ms Stylesheet
text/css 47.243.95.166
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://duzhitech.com/wordpress/info/css/sso.min-20200819.css

Requested by

Host: duzhitech.com
URL: https://duzhitech.com/wordpress/info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.243.95.166 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

c365cf63e0edecc072b99e919e45604dfbca32ec0a19dac39275c9c67d334caf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://duzhitech.com/wordpress/info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 05:17:36 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 03 Apr 2024 14:12:20 GMT
server: nginx
etag: W/"660d63c4-2ce1f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Fri, 10 May 2024 17:17:36 GMT

GET
H2 200 modernizr-20200819.js Show response
duzhitech.com/wordpress/info/js/ 8 KB
4 KB 549ms
548ms Script
application/javascript 47.243.95.166
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://duzhitech.com/wordpress/info/js/modernizr-20200819.js

Requested by

Host: duzhitech.com
URL: https://duzhitech.com/wordpress/info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.243.95.166 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

7a9fa521a58ee93001981f3a7db498c589233d8cc616e8d09af0119388a865bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://duzhitech.com/wordpress/info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 05:17:36 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 03 Apr 2024 14:12:20 GMT
server: nginx
etag: W/"660d63c4-1e5c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 10 May 2024 17:17:36 GMT

GET
H2 200 otSDKStub.js Show response
duzhitech.com/wordpress/info/js/ 21 KB
7 KB 819ms
819ms Script
application/javascript 47.243.95.166
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://duzhitech.com/wordpress/info/js/otSDKStub.js

Requested by

Host: duzhitech.com
URL: https://duzhitech.com/wordpress/info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.243.95.166 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://duzhitech.com/wordpress/info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 05:17:36 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 03 Apr 2024 14:12:20 GMT
server: nginx
etag: W/"660d63c4-526c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 10 May 2024 17:17:36 GMT

GET
H2 200 launch-6cc731e967aa.min.js Show response
duzhitech.com/wordpress/info/js/ 124 KB
43 KB 542ms
542ms Script
application/javascript 47.243.95.166
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://duzhitech.com/wordpress/info/js/launch-6cc731e967aa.min.js

Requested by

Host: duzhitech.com
URL: https://duzhitech.com/wordpress/info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.243.95.166 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

f053f049a78c3afbce0d34f57d0bea4a24f7964d0e1e45197a35c06124b5e357

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://duzhitech.com/wordpress/info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 05:17:37 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 03 Apr 2024 14:12:20 GMT
server: nginx
etag: W/"660d63c4-1efde"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 10 May 2024 17:17:37 GMT

GET
H2 200 logo_text_de-20200819.svg
duzhitech.com/wordpress/info/images/ 137 KB
137 KB 820ms
820ms Image
image/svg+xml 47.243.95.166
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duzhitech.com/wordpress/info/images/logo_text_de-20200819.svg

Requested by

Host: duzhitech.com
URL: https://duzhitech.com/wordpress/info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.243.95.166 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

c337d42ed7979c6be0282900bd957dd9d112a430dc7761463d655eb8f0d9bc07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://duzhitech.com/wordpress/info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 05:17:36 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Apr 2024 14:12:20 GMT
server: nginx
etag: "660d63c4-222c3"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 139971

GET
H2 200 logo-20200819.svg
duzhitech.com/wordpress/info/images/ 7 KB
7 KB 821ms
820ms Image
image/svg+xml 47.243.95.166
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duzhitech.com/wordpress/info/images/logo-20200819.svg

Requested by

Host: duzhitech.com
URL: https://duzhitech.com/wordpress/info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.243.95.166 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

deeee170c3759a6ed35c0c05c5b935d0e7638f1c0c5677166918ecff6edb1909

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://duzhitech.com/wordpress/info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 05:17:36 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Apr 2024 14:12:20 GMT
server: nginx
etag: "660d63c4-1cce"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 7374

GET
H2 200 loader-20200819.png
duzhitech.com/wordpress/info/images/ 272 B
478 B 539ms
538ms Image
image/png 47.243.95.166
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://duzhitech.com/wordpress/info/images/loader-20200819.png

Requested by

Host: duzhitech.com
URL: https://duzhitech.com/wordpress/info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.243.95.166 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

f766c7457c6ec463eaa85778aa47261344f1772e0b7cf1987ad212f889f472f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://duzhitech.com/wordpress/info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 05:17:37 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Apr 2024 14:12:20 GMT
server: nginx
etag: "660d63c4-110"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 272
expires: Sun, 09 Jun 2024 05:17:37 GMT

GET
H2 200 jquery-20200819.js Show response
duzhitech.com/wordpress/info/js/ 95 KB
37 KB 539ms
539ms Script
application/javascript 47.243.95.166
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://duzhitech.com/wordpress/info/js/jquery-20200819.js

Requested by

Host: duzhitech.com
URL: https://duzhitech.com/wordpress/info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.243.95.166 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

2b2485b0669a2f73c4846e82eb5a37421358591a8ac8ba21d8149bfb88adcbfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://duzhitech.com/wordpress/info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 05:17:37 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 03 Apr 2024 14:12:20 GMT
server: nginx
etag: W/"660d63c4-17c58"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 10 May 2024 17:17:37 GMT

GET
H2 200 vendor.min-20200819.js Show response
duzhitech.com/wordpress/info/js/ 176 KB
59 KB 540ms
539ms Script
application/javascript 47.243.95.166
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://duzhitech.com/wordpress/info/js/vendor.min-20200819.js

Requested by

Host: duzhitech.com
URL: https://duzhitech.com/wordpress/info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.243.95.166 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

233ddeda2a0fbeee053d13f25669fe187bdef4fe708aacfadddd560905d209f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://duzhitech.com/wordpress/info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 05:17:37 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 03 Apr 2024 14:12:20 GMT
server: nginx
etag: W/"660d63c4-2beeb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 10 May 2024 17:17:37 GMT

GET
H2 200 swisspass.min-20200819.js Show response
duzhitech.com/wordpress/info/js/ 97 KB
29 KB 541ms
541ms Script
application/javascript 47.243.95.166
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://duzhitech.com/wordpress/info/js/swisspass.min-20200819.js

Requested by

Host: duzhitech.com
URL: https://duzhitech.com/wordpress/info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.243.95.166 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

9c50211b34ab0377f3b35c243c98e402315127bfa5b51e147cb22c702174ca60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://duzhitech.com/wordpress/info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 05:17:37 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 03 Apr 2024 14:12:20 GMT
server: nginx
etag: W/"660d63c4-18410"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 10 May 2024 17:17:37 GMT

GET
H2 200 SBBWeb-Light.woff2
duzhitech.com/wordpress/info/fonts/ 14 KB
14 KB 798ms
798ms Font
font/woff2 47.243.95.166
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://duzhitech.com/wordpress/info/fonts/SBBWeb-Light.woff2

Requested by

Host: duzhitech.com
URL: https://duzhitech.com/wordpress/info/css/sso.min-20200819.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.243.95.166 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

5c7f0e173844556da7ca5eb8936fa3dab1c00206960920a49a1eea9cde2bfaaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://duzhitech.com/wordpress/info/css/sso.min-20200819.css
Origin: https://duzhitech.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 05:17:37 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Apr 2024 14:12:20 GMT
server: nginx
etag: "660d63c4-3784"
content-type: font/woff2
accept-ranges: bytes
content-length: 14212

GET
H2 404 e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json Show response
duzhitech.com/wordpress/info/js/otSDKStub.js/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/ 68 KB
16 KB 1904ms
1904ms XHR
text/html 47.243.95.166
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://duzhitech.com/wordpress/info/js/otSDKStub.js/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json
Requested by: Host: duzhitech.com
URL: https://duzhitech.com/wordpress/info/js/otSDKStub.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.243.95.166 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: 2f06b9d2ca75f98babd34080a32c3f5a61b7bd0610d9794a819b803c1fce57c1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://duzhitech.com/wordpress/info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 10 May 2024 05:17:39 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://duzhitech.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 loader-20200819.png
duzhitech.com/wordpress/info/images/ 272 B
0 539ms
539ms Image
image/png 47.243.95.166
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duzhitech.com/wordpress/info/images/loader-20200819.png
Requested by: Host: duzhitech.com
URL: https://duzhitech.com/wordpress/info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.243.95.166 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: f766c7457c6ec463eaa85778aa47261344f1772e0b7cf1987ad212f889f472f5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://duzhitech.com/wordpress/info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 05:17:37 GMT
last-modified: Wed, 03 Apr 2024 14:12:20 GMT
server: nginx
etag: "660d63c4-110"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 272
expires: Sun, 09 Jun 2024 05:17:37 GMT

GET
H2 404 login_bg.jpg
duzhitech.com/wordpress/info/resources/img/ 548 B
548 B 541ms
541ms Image
text/html 47.243.95.166
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duzhitech.com/wordpress/info/resources/img/login_bg.jpg
Requested by: Host: duzhitech.com
URL: https://duzhitech.com/wordpress/info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.243.95.166 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://duzhitech.com/wordpress/info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 05:17:37 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 404 icomoon.woff2
duzhitech.com/fonts/icomoon/ 0
0 1896ms
1896ms Font
text/html 47.243.95.166
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://duzhitech.com/fonts/icomoon/icomoon.woff2?7m5yri
Requested by: Host: duzhitech.com
URL: https://duzhitech.com/wordpress/info/css/sso.min-20200819.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.243.95.166 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://duzhitech.com/wordpress/info/css/sso.min-20200819.css
Origin: https://duzhitech.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 10 May 2024 05:17:39 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://duzhitech.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 co-branding Show response
duzhitech.com/idp/ 68 KB
16 KB 1816ms
1816ms XHR
text/html 47.243.95.166
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://duzhitech.com/idp/co-branding?resource=co-branding&lang=de&provider=
Requested by: Host: duzhitech.com
URL: https://duzhitech.com/wordpress/info/js/jquery-20200819.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.243.95.166 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: 3dc7bbd67f155a442404c93dbc3ba39373a6c8075a4da5e07fe79943f101e40d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: */*
Referer: https://duzhitech.com/wordpress/info/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 10 May 2024 05:17:39 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://duzhitech.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2

204

event
logs1407.xiti.com/
Redirect Chain

https://logs1407.xiti.com/event?s=611076
https://logs1407.xiti.com/event?s=611076&Rdt=On

0
326 B

8ms
8ms

Ping
text/plain

18.245.39.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://logs1407.xiti.com/event?s=611076&Rdt=On

Requested by

Host: duzhitech.com
URL: https://duzhitech.com/wordpress/info/

Protocol

Server

18.245.39.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-39-50.fra56.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://duzhitech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Fri, 10 May 2024 05:17:38 GMT
strict-transport-security: max-age=15768000
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P8
access-control-max-age: 600
x-cache: Miss from cloudfront
access-control-allow-origin: https://duzhitech.com
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: ntPKjyu0hPqdzdv9FQImgDzcJLVS9lLSmqfNXHx_7R6BK8rW_H4kww==

Redirect headers

date: Fri, 10 May 2024 05:17:38 GMT
strict-transport-security: max-age=15768000
via: 1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P8
access-control-max-age: 600
x-cache: Miss from cloudfront
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin: https://duzhitech.com
location: /event?s=611076&Rdt=On
cache-control: no-store
access-control-allow-credentials: true
content-length: 0
x-amz-cf-id: 2SVX5x8q8inZRd0Ep7TuZKF7rrHaXFfWScwn0ypyFmb3CYIo4QQT6Q==

GET
H3 200 script.js Show response
userstatics.com/get/ 133 B
624 B 80ms
56ms Script
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userstatics.com/get/script.js?referrer=https://duzhitech.com/wordpress/info/
Requested by: Host: duzhitech.com
URL: https://duzhitech.com/wordpress/info/js/vendor.min-20200819.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.1
Resource Hash: df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://duzhitech.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 05:17:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.1
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: https://duzhitech.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NbZ7ZYBWn7FGIACpSNvnyvz16ndoSVtQOD5VQ4WyLp3ezHqwjSE0JoUQoBGcqQ9hsdeYmLd966104mrGeaLvskpenwwqABOrQbISpETTHdeVoh0yJwTU8rE1KLuCWp5jBEA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 881776d04f705d87-FRA
access-control-allow-headers: X-Requested-With,content-type
alt-svc: h3=":443"; ma=86400

GET
H2 404 icomoon.ttf
duzhitech.com/fonts/icomoon/ 0
0 1484ms
1484ms Font
text/html 47.243.95.166
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://duzhitech.com/fonts/icomoon/icomoon.ttf?7m5yri
Requested by: Host: duzhitech.com
URL: https://duzhitech.com/wordpress/info/css/sso.min-20200819.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.243.95.166 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://duzhitech.com/wordpress/info/css/sso.min-20200819.css
Origin: https://duzhitech.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 10 May 2024 05:17:40 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://duzhitech.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 icomoon.woff
duzhitech.com/fonts/icomoon/ 0
0 1754ms
1754ms Font
text/html 47.243.95.166
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://duzhitech.com/fonts/icomoon/icomoon.woff?7m5yri
Requested by: Host: duzhitech.com
URL: https://duzhitech.com/wordpress/info/css/sso.min-20200819.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.243.95.166 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://duzhitech.com/wordpress/info/css/sso.min-20200819.css
Origin: https://duzhitech.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 10 May 2024 05:17:42 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://duzhitech.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 favicon.ico
duzhitech.com/wordpress/info/ 1 KB
1 KB 273ms
272ms Other
image/x-icon 47.243.95.166
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://duzhitech.com/wordpress/info/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.243.95.166 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

7c1925da382279a72f94990d0a1456f78918619f35780ea0905e4ae0db684677

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://duzhitech.com/wordpress/info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 05:17:42 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Apr 2024 14:12:20 GMT
server: nginx
etag: "660d63c4-47e"
content-type: image/x-icon
accept-ranges: bytes
content-length: 1150

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Schweizerische Bundesbahnen (Transportation)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
duzhitech.com/wordpress/info	1970-01-20 20:29:18	Name: PHPREFS Value: full
.duzhitech.com/	1970-01-21 05:57:26	Name: pa_privacy Value: %22optin%22
.duzhitech.com/	1970-01-21 05:57:26	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXSwH18yBbAEbUALBADMSAD6oA7gAYAHAHZCMGgF8gA
.xiti.com/	1970-01-21 05:58:52	Name: atid Value: C75A966C-2E78-401A-98CC-9B8F9425C5FC
duzhitech.com/	1970-01-20 20:28:41	Name: wcpay_currency Value: USD_1
duzhitech.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: hqtb4gs9iqitdl3mof5259tn86

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ejgftkzzy695cmyu.myfritz.net/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://duzhitech.com/wordpress/info/resources/img/login_bg.jpg Message: Failed to load resource: the server responded with a status of 404 ()
recommendation	warning	URL: https://duzhitech.com/wordpress/info/ Message: [DOM] Found 2 elements with non-unique id #login_button: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	verbose	URL: https://duzhitech.com/wordpress/info/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other	warning	URL: https://duzhitech.com/wordpress/info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://duzhitech.com/wordpress/info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://duzhitech.com/wordpress/info/js/otSDKStub.js/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://duzhitech.com/fonts/icomoon/icomoon.woff2?7m5yri Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://duzhitech.com/idp/co-branding?resource=co-branding&lang=de&provider= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://duzhitech.com/fonts/icomoon/icomoon.ttf?7m5yri Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://duzhitech.com/fonts/icomoon/icomoon.woff?7m5yri Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

duzhitech.com
ejgftkzzy695cmyu.myfritz.net
logs1407.xiti.com
userstatics.com
18.245.39.50
188.114.97.3
46.142.68.137
47.243.95.166
1f6e67bc886cbf171ee9cb58e9985ddbf7e636315cec4f2034625a758d1f5b45
233ddeda2a0fbeee053d13f25669fe187bdef4fe708aacfadddd560905d209f1
2b2485b0669a2f73c4846e82eb5a37421358591a8ac8ba21d8149bfb88adcbfb
2f06b9d2ca75f98babd34080a32c3f5a61b7bd0610d9794a819b803c1fce57c1
3dc7bbd67f155a442404c93dbc3ba39373a6c8075a4da5e07fe79943f101e40d
5c7f0e173844556da7ca5eb8936fa3dab1c00206960920a49a1eea9cde2bfaaf
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
7a9fa521a58ee93001981f3a7db498c589233d8cc616e8d09af0119388a865bc
7c1925da382279a72f94990d0a1456f78918619f35780ea0905e4ae0db684677
9c50211b34ab0377f3b35c243c98e402315127bfa5b51e147cb22c702174ca60
c337d42ed7979c6be0282900bd957dd9d112a430dc7761463d655eb8f0d9bc07
c365cf63e0edecc072b99e919e45604dfbca32ec0a19dac39275c9c67d334caf
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
deeee170c3759a6ed35c0c05c5b935d0e7638f1c0c5677166918ecff6edb1909
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f053f049a78c3afbce0d34f57d0bea4a24f7964d0e1e45197a35c06124b5e357
f766c7457c6ec463eaa85778aa47261344f1772e0b7cf1987ad212f889f472f5

duzhitech.com Open in urlscan Pro 47.243.95.166 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

88 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

4 Countries

410 kBTransfer

1021 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

32 JavaScript Global Variables

6 Cookies

11 Console Messages

duzhitech.com Open in urlscan Pro
47.243.95.166 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

88 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

4
Countries

410 kB
Transfer

1021 kB
Size

6
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!