af13.wdaww1.vip Open in urlscan Pro
46.149.198.200 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://af13.wdaww1.vip/
Effective URL:
https://af13.wdaww1.vip/
Submission: On March 10 via api (March 10th 2024, 10:26:32 am UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 11 HTTP transactions. The main IP is 46.149.198.200, located in Hong Kong and belongs to DNC-AS Dimension Network & Communication Limited, HK. The main domain is af13.wdaww1.vip.
TLS certificate: Issued by R3 on February 26th 2024. Valid for: 3 months.

This is the only time af13.wdaww1.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	46.149.198.198 46.149.198.198	59371 (DNC-AS Di...) (DNC-AS Dimension Network & Communication Limited)
9	46.149.198.200 46.149.198.200	59371 (DNC-AS Di...) (DNC-AS Dimension Network & Communication Limited)
2	38.47.58.241 38.47.58.241	137962 (GREYPANEL...) (GREYPANEL-AS137962 GREYPANEL PTE LTD)
11	2

1 46.149.198.198 (Hong Kong) 1 redirects

ASN59371 (DNC-AS Dimension Network & Communication Limited, HK)

af13.wdaww1.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 46.149.198.200 (Hong Kong)

ASN59371 (DNC-AS Dimension Network & Communication Limited, HK)

af13.wdaww1.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.47.58.241 (United States)

ASN137962 (GREYPANEL-AS137962 GREYPANEL PTE LTD, SG)

matomo.bets888807.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	wdaww1.vip 1 redirects af13.wdaww1.vip	1 MB
2	bets888807.com matomo.bets888807.com	23 KB
11	2

	Domain	Requested by
10	af13.wdaww1.vip	1 redirects af13.wdaww1.vip
2	matomo.bets888807.com	af13.wdaww1.vip matomo.bets888807.com
11	2

This site contains no links.

Subject Issuer	Validity	Valid
af13.wdaww1.vip R3	`2024-02-26` - `2024-05-26`	3 months	crt.sh
matomo.bets888807.com R3	`2024-01-17` - `2024-04-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://af13.wdaww1.vip/
Frame ID: 72F44029DA83C6A19B8140224FFF6419
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

登录 - 平台管理后台系统

Page URL History Show full URLs

http://af13.wdaww1.vip/ HTTP 301
https://af13.wdaww1.vip/ Page URL

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1265 kB
Transfer

3814 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://af13.wdaww1.vip/ HTTP 301
https://af13.wdaww1.vip/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response af13.wdaww1.vip/ Redirect Chain http://af13.wdaww1.vip/ https://af13.wdaww1.vip/	1 KB 1 KB	2704ms 334ms	Document text/html	46.149.198.200 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://af13.wdaww1.vip/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.149.198.200 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software tydcdn / Resource Hash `2bd04520f3de9e6b886746b89745bc738dd53c4670bb201def194ebd410b1a27` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * content-encoding gzip content-type text/html date Sun, 10 Mar 2024 10:26:25 GMT etag W/"65d6d890-554" last-modified Thu, 22 Feb 2024 05:16:00 GMT server tydcdn vary Accept-Encoding x-cache-status MISS Redirect headers Connection keep-alive Content-Length 166 Content-Type text/html Date Sun, 10 Mar 2024 10:26:22 GMT Location https://af13.wdaww1.vip/ Server tydcdn X-Cache-Status MISS
GET H2	200	chunk-vendors.86b11932.css af13.wdaww1.vip/css/	47 KB 15 KB	662ms 662ms	Stylesheet text/css	46.149.198.200 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://af13.wdaww1.vip/css/chunk-vendors.86b11932.css Requested by Host: af13.wdaww1.vip URL: https://af13.wdaww1.vip/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.149.198.200 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software tydcdn / Resource Hash `705a5bd9704b5bf1d1e768a18a60a3b1d3a42637d97234b4c83ece104af55863` Request headers accept-language de-DE,de;q=0.9 Referer https://af13.wdaww1.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 10:26:25 GMT content-encoding gzip last-modified Thu, 22 Feb 2024 05:16:00 GMT server tydcdn etag W/"65d6d890-bddc" x-cache-status HIT vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
GET H2	200	app.ef713ce0.css af13.wdaww1.vip/css/	389 KB 93 KB	663ms 663ms	Stylesheet text/css	46.149.198.200 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://af13.wdaww1.vip/css/app.ef713ce0.css Requested by Host: af13.wdaww1.vip URL: https://af13.wdaww1.vip/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.149.198.200 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software tydcdn / Resource Hash `2028f9610a01a38cb88d18f1172ff097429f76021e1e85a7cec8b80d1036466a` Request headers accept-language de-DE,de;q=0.9 Referer https://af13.wdaww1.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 10:26:25 GMT content-encoding gzip last-modified Thu, 22 Feb 2024 05:16:00 GMT server tydcdn etag W/"65d6d890-61226" x-cache-status HIT vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
GET H2	200	chunk-vendors.0ed59e7d.js Show response af13.wdaww1.vip/js/	2 MB 714 KB	995ms 995ms	Script application/javascript	46.149.198.200 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://af13.wdaww1.vip/js/chunk-vendors.0ed59e7d.js Requested by Host: af13.wdaww1.vip URL: https://af13.wdaww1.vip/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.149.198.200 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software tydcdn / Resource Hash `2516792561105f350f97ffe06925d2d8e0b6f5b035d7404453e235d0853ac611` Request headers accept-language de-DE,de;q=0.9 Referer https://af13.wdaww1.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 10:26:25 GMT content-encoding gzip last-modified Thu, 22 Feb 2024 05:16:00 GMT server tydcdn etag W/"65d6d890-215729" x-cache-status HIT vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
GET H2	200	app.2b54c823.js Show response af13.wdaww1.vip/js/	1 MB 333 KB	996ms 995ms	Script application/javascript	46.149.198.200 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://af13.wdaww1.vip/js/app.2b54c823.js Requested by Host: af13.wdaww1.vip URL: https://af13.wdaww1.vip/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.149.198.200 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software tydcdn / Resource Hash `d62bc0e6c14a62578b8487874897a4ad5412f6de2e37bd6218acdfea18965c10` Request headers accept-language de-DE,de;q=0.9 Referer https://af13.wdaww1.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 10:26:25 GMT content-encoding gzip last-modified Thu, 22 Feb 2024 05:16:00 GMT server tydcdn etag W/"65d6d890-111993" x-cache-status HIT vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
GET H2	200	matomo.js Show response matomo.bets888807.com/	63 KB 23 KB	946ms 327ms	Script application/javascript	38.47.58.241 GREYPANEL-AS13796...
General Check archive.org Show headers Download Go to Full URL https://matomo.bets888807.com/matomo.js Requested by Host: af13.wdaww1.vip URL: https://af13.wdaww1.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.47.58.241 , United States, ASN137962 (GREYPANEL-AS137962 GREYPANEL PTE LTD, SG), Reverse DNS Software openresty/1.21.4.7 / Resource Hash `5ae1f50302b0902aac44e88dc58c734bd3475ed4e93718dbc8888dc8fd6c0142` Request headers accept-language de-DE,de;q=0.9 Referer https://af13.wdaww1.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 10:26:27 GMT content-encoding gzip last-modified Tue, 30 Aug 2022 11:47:10 GMT server openresty/1.21.4.7 etag W/"630df8be-fbde" gp-cache-status HIT vary Accept-Encoding content-type application/javascript; charset=utf-8
GET H2	200	chunk-583ce6a4.15fb1086.css af13.wdaww1.vip/css/	71 B 394 B	332ms 332ms	Stylesheet text/css	46.149.198.200 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://af13.wdaww1.vip/css/chunk-583ce6a4.15fb1086.css Requested by Host: af13.wdaww1.vip URL: https://af13.wdaww1.vip/js/app.2b54c823.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.149.198.200 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software tydcdn / Resource Hash `453535a64fbc5554d06a2417ce631db69087af2dd7d988e0668242db3912a9ff` Request headers accept-language de-DE,de;q=0.9 Referer https://af13.wdaww1.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 10:26:27 GMT last-modified Thu, 22 Feb 2024 05:16:00 GMT server tydcdn etag "65d6d890-47" x-cache-status HIT access-control-allow-methods GET, POST, OPTIONS content-type text/css access-control-allow-origin * accept-ranges bytes access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization content-length 71
GET H2	200	chunk-583ce6a4.43c8eef8.js Show response af13.wdaww1.vip/js/	4 KB 2 KB	333ms 333ms	Script application/javascript	46.149.198.200 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://af13.wdaww1.vip/js/chunk-583ce6a4.43c8eef8.js Requested by Host: af13.wdaww1.vip URL: https://af13.wdaww1.vip/js/app.2b54c823.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.149.198.200 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software tydcdn / Resource Hash `c92f179e7d0e0d6ab49cb6d762c4f3ed583c5eff668b5c126169abb5cca69d43` Request headers accept-language de-DE,de;q=0.9 Referer https://af13.wdaww1.vip/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 10:26:27 GMT content-encoding gzip last-modified Thu, 22 Feb 2024 05:16:00 GMT server tydcdn etag W/"65d6d890-e12" x-cache-status HIT vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
POST H2	204	matomo.php matomo.bets888807.com/	0 136 B	447ms 446ms	Ping text/plain	38.47.58.241 GREYPANEL-AS13796...
General Check archive.org Show headers Download Go to Full URL https://matomo.bets888807.com/matomo.php?action_name=af13.wdaww1.vip%2F%E5%B9%B3%E5%8F%B0%E7%AE%A1%E7%90%86%E5%90%8E%E5%8F%B0%E7%B3%BB%E7%BB%9F&idsite=64&rec=1&r=981759&h=11&m=26&s=27&url=https%3A%2F%2Faf13.wdaww1.vip%2F&_id=fb5da7ff7c616fc6&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=rd7LMG&pf_net=2370&pf_srv=334&pf_tfr=1 Requested by Host: matomo.bets888807.com URL: https://matomo.bets888807.com/matomo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 38.47.58.241 , United States, ASN137962 (GREYPANEL-AS137962 GREYPANEL PTE LTD, SG), Reverse DNS Software openresty/1.21.4.7 / PHP/8.0.28 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://af13.wdaww1.vip/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers access-control-allow-origin https://af13.wdaww1.vip date Sun, 10 Mar 2024 10:26:28 GMT access-control-allow-credentials true server openresty/1.21.4.7 x-powered-by PHP/8.0.28
GET H2	200	body.48ce6ab0.svg af13.wdaww1.vip/img/	2 KB 2 KB	330ms 330ms	Image image/svg+xml	46.149.198.200 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Show image Full URL https://af13.wdaww1.vip/img/body.48ce6ab0.svg Requested by Host: af13.wdaww1.vip URL: https://af13.wdaww1.vip/css/app.ef713ce0.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.149.198.200 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software tydcdn / Resource Hash `e39833c31f117f999f6435a4d5c8ac521290f1d1af34786dd66bb97c97177c65` Request headers accept-language de-DE,de;q=0.9 Referer https://af13.wdaww1.vip/css/app.ef713ce0.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 10:26:28 GMT last-modified Thu, 22 Feb 2024 05:16:00 GMT server tydcdn etag "65d6d890-64a" x-cache-status HIT access-control-allow-methods GET, POST, OPTIONS content-type image/svg+xml access-control-allow-origin * accept-ranges bytes access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization content-length 1610
GET H2	200	ionicons.143146fa.woff2 af13.wdaww1.vip/fonts/	80 KB 81 KB	331ms 331ms	Font font/woff2	46.149.198.200 DNC-AS Dimension ...
General Check archive.org Show headers Download Go to Full URL https://af13.wdaww1.vip/fonts/ionicons.143146fa.woff2 Requested by Host: af13.wdaww1.vip URL: https://af13.wdaww1.vip/css/app.ef713ce0.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.149.198.200 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK), Reverse DNS Software tydcdn / Resource Hash `503dc6b7a4b1ef89aac99bf92eab623f06d00ca212630514b660fa6ee52c437c` Request headers Referer https://af13.wdaww1.vip/css/app.ef713ce0.css Origin https://af13.wdaww1.vip accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Sun, 10 Mar 2024 10:26:28 GMT last-modified Thu, 22 Feb 2024 05:16:00 GMT server tydcdn etag "65d6d890-14128" x-cache-status HIT access-control-allow-methods GET, POST, OPTIONS content-type font/woff2 access-control-allow-origin * accept-ranges bytes access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization content-length 82216

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			af13.wdaww1.vip/	1970-01-21 04:27:01	Name: _pk_id.64.83a7 Value: fb5da7ff7c616fc6.1710066388.
			af13.wdaww1.vip/	1970-01-20 19:01:08	Name: _pk_ses.64.83a7 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

af13.wdaww1.vip
matomo.bets888807.com
38.47.58.241
46.149.198.198
46.149.198.200
2028f9610a01a38cb88d18f1172ff097429f76021e1e85a7cec8b80d1036466a
2516792561105f350f97ffe06925d2d8e0b6f5b035d7404453e235d0853ac611
2bd04520f3de9e6b886746b89745bc738dd53c4670bb201def194ebd410b1a27
453535a64fbc5554d06a2417ce631db69087af2dd7d988e0668242db3912a9ff
503dc6b7a4b1ef89aac99bf92eab623f06d00ca212630514b660fa6ee52c437c
5ae1f50302b0902aac44e88dc58c734bd3475ed4e93718dbc8888dc8fd6c0142
705a5bd9704b5bf1d1e768a18a60a3b1d3a42637d97234b4c83ece104af55863
c92f179e7d0e0d6ab49cb6d762c4f3ed583c5eff668b5c126169abb5cca69d43
d62bc0e6c14a62578b8487874897a4ad5412f6de2e37bd6218acdfea18965c10
e39833c31f117f999f6435a4d5c8ac521290f1d1af34786dd66bb97c97177c65
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

af13.wdaww1.vip Open in urlscan Pro 46.149.198.200 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

1265 kBTransfer

3814 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

2 Cookies

Indicators

af13.wdaww1.vip Open in urlscan Pro
46.149.198.200 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1265 kB
Transfer

3814 kB
Size

2
Cookies

11 HTTP transactions
0 data transactions