urlscan.io logo urlscan.io
SecurityTrails logo

wzg7i7i.vip Open in urlscan Pro
103.41.65.197  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://wzg7i7i.vip/
Effective URL: https://wzg7i7i.vip/index/index/pass
Submission: On November 06 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 9 HTTP transactions. The main IP is 103.41.65.197, located in Hong Kong and belongs to CTGSERVERLIMITED-AS-AP CTG Server Limited, HK. The main domain is wzg7i7i.vip.
TLS certificate: Issued by R11 on November 1st 2024. Valid for: 3 months.
This is the only time wzg7i7i.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 103.41.65.197 152194 (CTGSERVER...)
1 118.123.202.81 38283 (CHINANET-...)
1 240e:978:2608... 4134 (CHINANET-...)
1 43.198.116.181 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 7
4    103.41.65.197 (Hong Kong)

ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK)
wzg7i7i.vip
1    118.123.202.81 (China)

ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN)
api.suyanw.cn
1    240e:978:2608:300::755c:8b23 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
img0.baidu.com
1    43.198.116.181 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-198-116-181.ap-east-1.compute.amazonaws.com
www.91ajs.com
1    2606:4700:3035::ac43:ad59 (United States)

ASN13335 (CLOUDFLARENET, US)
img.shields.io
1    2606:4700::6812:39d (United States)

ASN13335 (CLOUDFLARENET, US)
png.pngtree.com
Apex Domain
Subdomains		 Transfer
4 wzg7i7i.vip
wzg7i7i.vip
114 KB
1 pngtree.com
png.pngtree.com — Cisco Umbrella Rank: 33528
55 KB
1 shields.io
img.shields.io — Cisco Umbrella Rank: 43416
1 KB
1 91ajs.com
www.91ajs.com
7 KB
1 baidu.com
img0.baidu.com — Cisco Umbrella Rank: 139401
11 KB
1 suyanw.cn
api.suyanw.cn
45 KB
0 sakura98cdn.com Failed
png.sakura98cdn.com Failed
9 7
Domain Requested by
4 wzg7i7i.vip 2 redirects wzg7i7i.vip
1 png.pngtree.com wzg7i7i.vip
1 img.shields.io wzg7i7i.vip
1 www.91ajs.com wzg7i7i.vip
1 img0.baidu.com wzg7i7i.vip
1 api.suyanw.cn wzg7i7i.vip
0 png.sakura98cdn.com Failed wzg7i7i.vip
9 7

This site contains links to these domains. Also see Links.

Domain
www.xbext.com
www.91ajs.com
myssl.com
Subject Issuer Validity Valid
wzg2i8i.vip
R11		 2024-11-01 -
2025-01-30		 3 months crt.sh
api.suyanw.cn
R11		 2024-10-26 -
2025-01-24		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2024-07-08 -
2025-08-09		 a year crt.sh
91ajs.com
R11		 2024-10-28 -
2025-01-26		 3 months crt.sh
shields.io
WE1		 2024-10-21 -
2025-01-19		 3 months crt.sh
*.pngtree.com
GeoTrust RSA CN CA G2		 2024-04-25 -
2025-05-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://wzg7i7i.vip/index/index/pass
Frame ID: 589E1466CCAD7540929BCCE2E01A435B
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

安全身份验证系统5.0

Page URL History Show full URLs

  1. https://wzg7i7i.vip/ HTTP 301
    https://wzg7i7i.vip/index/login HTTP 301
    https://wzg7i7i.vip/index/index/pass Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

9
Requests

78 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

233 kB
Transfer

947 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wzg7i7i.vip/ HTTP 301
    https://wzg7i7i.vip/index/login HTTP 301
    https://wzg7i7i.vip/index/index/pass Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request pass
wzg7i7i.vip/index/index/
Redirect Chain
  • https://wzg7i7i.vip/
  • https://wzg7i7i.vip/index/login
  • https://wzg7i7i.vip/index/index/pass
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wzg7i7i.vip/index/index/pass
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.41.65.197 , Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
05e3de0437ed366a9f9f7b1a25c13f1f48fead324db7dfd7337b9adee9e2c544
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
1880
content-type
text/html; charset=utf-8
date
Wed, 06 Nov 2024 05:11:20 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache
BYPASS

Redirect headers

cache-control
no-cache,must-revalidate
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 06 Nov 2024 05:11:20 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/index/index/pass
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
x-cache
BYPASS
yinghua.js
api.suyanw.cn/api/mouse/ 		62 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.suyanw.cn/api/mouse/yinghua.js
Requested by
Host: wzg7i7i.vip
URL: https://wzg7i7i.vip/index/index/pass
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
118.123.202.81 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
nginx /
Resource Hash
6a7d79deaae0c9ee517102c2eef4ba037139784ce93b0fcff51ff4854edfc8d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wzg7i7i.vip/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"6586db83-f667"
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
expires
Wed, 06 Nov 2024 17:11:08 GMT
access-control-allow-origin
*
date
Wed, 06 Nov 2024 05:11:08 GMT
content-type
application/javascript
last-modified
Sat, 23 Dec 2023 13:07:15 GMT
server
nginx
vary
Accept-Encoding
home.50edc202.css
wzg7i7i.vip/static/wap/css/ 		766 KB
112 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wzg7i7i.vip/static/wap/css/home.50edc202.css
Requested by
Host: wzg7i7i.vip
URL: https://wzg7i7i.vip/index/index/pass
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.41.65.197 , Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
72922fdc6b5dc7915f4a79632df816bfe0a1e5c555e48546a4d39b9dcb86fc9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wzg7i7i.vip/index/index/pass

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"64b68865-bf9fa"
expires
Wed, 06 Nov 2024 17:11:20 GMT
x-cache
UPDATING
date
Wed, 06 Nov 2024 05:11:20 GMT
content-type
text/css
last-modified
Tue, 18 Jul 2023 12:41:09 GMT
server
nginx
vary
Accept-Encoding
soft.png
png.sakura98cdn.com/down/visitor/ 		0
0
u=191938668,1834983260&fm=253&fmt=auto&app=138&f=PNG
img0.baidu.com/it/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img0.baidu.com/it/u=191938668,1834983260&fm=253&fmt=auto&app=138&f=PNG?w=256&h=256
Requested by
Host: wzg7i7i.vip
URL: https://wzg7i7i.vip/index/index/pass
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:978:2608:300::755c:8b23 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
3a0fcfdcd1fae7f9c2f9b7f3a77b68811082ff60b48670316f4effb83a5e954c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wzg7i7i.vip/

Response headers

x-cache-status
HIT
timing-allow-origin
*
etag
92254c8312ff97fe1cc187d386099142
age
932147
ohc-cache-hit
lygct52 [4], qdix52 [2]
expires
Sun, 24 Nov 2024 18:33:26 GMT
accept-ranges
bytes
access-control-allow-origin
*
ohc-global-saved-time
Fri, 25 Oct 2024 18:33:26 GMT
content-length
10506
date
Wed, 06 Nov 2024 05:11:09 GMT
content-type
image/webp
last-modified
Mon, 05 Jan 1970 00:00:00 GMT
server
JSP3/2.0.14
ohc-file-size
10506
ajs_logo@2x.png
www.91ajs.com//Site/Ajiasu/Images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.91ajs.com//Site/Ajiasu/Images/ajs_logo@2x.png
Requested by
Host: wzg7i7i.vip
URL: https://wzg7i7i.vip/index/index/pass
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.198.116.181 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-198-116-181.ap-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
da71541c4b99ca865cf59c2633dca97f0932a29ea46fa0b0454c606ecc3d79b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wzg7i7i.vip/

Response headers

accept-ranges
bytes
content-length
7064
date
Wed, 06 Nov 2024 05:11:10 GMT
etag
"6510dbcc-1b98"
content-type
image/png
last-modified
Mon, 25 Sep 2023 01:01:00 GMT
server
nginx
CDN%E5%8A%A0%E9%80%9F-%E4%B8%87%E6%B4%B2%E9%87%91%E4%B8%9ACDN%E7%94%B1%E9%98%BF%E9%87%8C%E4%BA%91%E8%B5%9E%E5%8A%A9%E6%8F%90%E4%BE%9B-blue.svg
img.shields.io/badge/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.shields.io/badge/CDN%E5%8A%A0%E9%80%9F-%E4%B8%87%E6%B4%B2%E9%87%91%E4%B8%9ACDN%E7%94%B1%E9%98%BF%E9%87%8C%E4%BA%91%E8%B5%9E%E5%8A%A9%E6%8F%90%E4%BE%9B-blue.svg
Requested by
Host: wzg7i7i.vip
URL: https://wzg7i7i.vip/index/index/pass
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ad59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f576938eec448529a3bf8011e2d85cf28a26c32902a9d6a2ae65cb81397532ec
Security Headers
Name Value
Content-Security-Policy script-src 'none';

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wzg7i7i.vip/

Response headers

content-encoding
br
cf-cache-status
HIT
age
97708
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8rs%2FpH3imhODT1AYj2VYI0KK1nizgLTGjrUAqfrp5%2FleWd5VHHVY8WaSaY7UHNQOyqI8wEqe%2FZdqvI4Py5R7dN8RvEImuCoYfpmLRf75plA0j8FNFtkv6X95kSWixsa7S9P4uO6agR99RtvB6g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=36883&sent=8&recv=10&lost=0&retrans=0&sent_bytes=3941&recv_bytes=2301&delivery_rate=105062&cwnd=253&unsent_bytes=0&cid=2a9dc1cf971333ac&ts=54&x=0"
date
Wed, 06 Nov 2024 05:11:08 GMT
content-type
image/svg+xml;charset=utf-8
last-modified
Mon, 04 Nov 2024 19:43:20 GMT
fly-request-id
01JBX0YKVMBMAPWCDNYFJDYYCQ-fra
vary
Accept-Encoding
content-security-policy
script-src 'none';
cache-control
max-age=432000, s-maxage=432000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
via
1.1 fly.io
cf-ray
8de294c82fa59250-FRA
access-control-allow-origin
*
server
cloudflare
wzh2.png
png.sakura98cdn.com/down/visitor/ 		0
0
truncated
/ 		43 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
427f7a363b07e17ab7900d38d315c2bb2e4e66f8239f837c72de4321931117d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
pngtree-artificial-intelligence-future-technology-background-technology-backgroundtechnology-backgroundtechnology-image_72686.jpg
png.pngtree.com/thumb_back/fw800/background/20190223/ourmid/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://png.pngtree.com/thumb_back/fw800/background/20190223/ourmid/pngtree-artificial-intelligence-future-technology-background-technology-backgroundtechnology-backgroundtechnology-image_72686.jpg
Requested by
Host: wzg7i7i.vip
URL: https://wzg7i7i.vip/index/index/pass
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:39d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
416bf697ad9e50992e9c8f4a9bb16abea6c2548151973c7ef2648938faf98b08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://wzg7i7i.vip/

Response headers

cf-ray
8de294c83fb33684-FRA
cache-control
public, max-age=16070400
cf-bgj
h2pri
etag
"04380ad0e9dec506bb501fa7748a6b69"
cf-cache-status
HIT
x-amz-request-id
886JZR1C29VDX602
expires
Sun, 11 May 2025 05:11:09 GMT
accept-ranges
bytes
content-length
55244
date
Wed, 06 Nov 2024 05:11:09 GMT
content-type
image/jpeg
last-modified
Wed, 15 Jan 2020 18:39:05 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-id-2
zEQX+oR02LT6S/Pp3+H1D2rW4qp5TS3kn4DEF3Wx3ABS0kqf9QEx8zCUvSjnjJOY7U9Kj++Z6Ds=

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
png.sakura98cdn.com
URL
https://png.sakura98cdn.com/down/visitor/soft.png
Domain
png.sakura98cdn.com
URL
https://png.sakura98cdn.com/down/visitor/wzh2.png

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| staticx object| img function| Sakura function| getRandom function| startSakura function| stopp function| SakuraList

2 Cookies

Domain/Path Name / Value
wzg7i7i.vip/ Name: s6da4fefb
Value: f04erss482oll9jki675kiru90
.pngtree.com/ Name: __cf_bm
Value: zpr3GzunIQ8tNic5.Y11on6OUMJBlVo6KKnN0pJgKiI-1730869869-1.0.1.1-jVtU0jGGkoYIxDDJvTfs6taurPVDiNGjLkO_lOi8LYQJMQ00AOwvbqoUkTUc014uGmE8v7XNun1N6HVm0hxF8Q

2 Console Messages

Source Level URL
Text
security warning URL: https://wzg7i7i.vip/index/index/pass
Message:
Mixed Content: The page at 'https://wzg7i7i.vip/index/index/pass' was loaded over HTTPS, but requested an insecure element 'http://www.91ajs.com//Site/Ajiasu/Images/ajs_logo@2x.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://wzg7i7i.vip/index/index/pass(Line 19)
Message:
Mixed Content: The page at 'https://wzg7i7i.vip/index/index/pass' was loaded over HTTPS, but requested an insecure element 'http://www.91ajs.com//Site/Ajiasu/Images/ajs_logo@2x.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000