urlscan.io logo urlscan.io
SecurityTrails logo

zfauth.xgzwk.com Open in urlscan Pro
36.159.127.39  Public Scan

Go To Rescan Add Verdict Report
URL: https://zfauth.xgzwk.com/
Submission: On February 07 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 36.159.127.39, located in China and belongs to CMNET-GD Guangdong Mobile Communication Co.Ltd., CN. The main domain is zfauth.xgzwk.com.
TLS certificate: Issued by TrustAsia TLS RSA CA on February 7th 2021. Valid for: a year.
This is the only time zfauth.xgzwk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 36.159.127.39 9808 (CMNET-GD ...)
2 101.71.72.220 4837 (CHINA169-...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 163.181.56.227 24429 (TAOBAO Zh...)
11 4
Apex Domain
Subdomains		 Transfer
7 xgzwk.com
zfauth.xgzwk.com
71 KB
2 bootcss.com
cdn.bootcss.com
11 KB
1 sinaimg.cn
tva1.sinaimg.cn
833 KB
1 ixiaowai.cn
api.ixiaowai.cn
627 B
11 4
Domain Requested by
7 zfauth.xgzwk.com zfauth.xgzwk.com
2 cdn.bootcss.com zfauth.xgzwk.com
cdn.bootcss.com
1 tva1.sinaimg.cn zfauth.xgzwk.com
1 api.ixiaowai.cn 1 redirects
11 4

This site contains links to these domains. Also see Links.

Domain
xuantang.lanzoux.com
yh.v8bt.com
www.huiziku.cn
xc.v8bt.cn
wwx.lanzoux.com
jq.qq.com
Subject Issuer Validity Valid
zfauth.xgzwk.com
TrustAsia TLS RSA CA		 2021-02-07 -
2022-02-06		 a year crt.sh
*.bootcss.com
Let's Encrypt Authority X3		 2020-11-26 -
2021-02-24		 3 months crt.sh
sina.cn
GeoTrust CN RSA CA G1		 2020-11-30 -
2021-12-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://zfauth.xgzwk.com/
Frame ID: C3840466D3C0A46B4D55E4C77DCBFF3B
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

11
Requests

91 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

916 kB
Transfer

1022 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://api.ixiaowai.cn/api/api.php HTTP 302
  • https://tva1.sinaimg.cn/large/0072Vf1pgy1foxkfkejbbj31hc0u0k7e.jpg

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
zfauth.xgzwk.com/ 		12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zfauth.xgzwk.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
36.159.127.39 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
b74bc3f5f4592d1a4bded955518b157d984a581d602192546db04390d609d62b

Request headers

:method
GET
:authority
zfauth.xgzwk.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
Apache
date
Sun, 07 Feb 2021 09:16:17 GMT
cache-control
must-revalidate, no-cache, no-store
content-type
text/html; charset=utf-8
x-nws-uuid-verify
3f27838cdf3f5ed333767f91c8e47922
pragma
no-cache
set-cookie
PHPSESSID=trnkn45l9fsac176lqbo9f8uk3; path=/
vary
Accept-Encoding
x-daa-tunnel
hop_count=1
x-nws-log-uuid
5338615367963883235
x-cache-lookup
Cache Miss
style.css
zfauth.xgzwk.com/assets/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zfauth.xgzwk.com/assets/style.css
Requested by
Host: zfauth.xgzwk.com
URL: https://zfauth.xgzwk.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
36.159.127.39 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
1b34a7387c8523c2fa4f3b67c1dfbb9b639bfbe436c46c8c1c856786c3af349e

Request headers

Referer
https://zfauth.xgzwk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:16:17 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss
last-modified
Sun, 08 Jul 2018 11:14:56 GMT
server
Apache
x-nws-uuid-verify
017127cdc840c3115763b467fadaffce
etag
"4d02-5707b01bcec00-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache
x-daa-tunnel
hop_count=1
x-nws-log-uuid
6772330855755702370
accept-ranges
bytes
content-length
4909
jquery.min.js
zfauth.xgzwk.com/assets/js/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zfauth.xgzwk.com/assets/js/jquery.min.js
Requested by
Host: zfauth.xgzwk.com
URL: https://zfauth.xgzwk.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
36.159.127.39 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
00f926b5e971408518e0e99cc4dbce15a92ad6c01bda18a53fe4783b6efb3dd3

Request headers

Referer
https://zfauth.xgzwk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:16:17 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss
last-modified
Sun, 08 Jul 2018 11:12:16 GMT
server
Apache
x-nws-uuid-verify
e0af948ddf5c0f3eae805f469683c346
etag
"17ddb-5707af8338400-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-daa-tunnel
hop_count=1
x-nws-log-uuid
12159594791662631319
accept-ranges
bytes
content-length
34625
layer.min.js
cdn.bootcss.com/layer/3.0.3/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcss.com/layer/3.0.3/layer.min.js
Requested by
Host: zfauth.xgzwk.com
URL: https://zfauth.xgzwk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.71.72.220 Hangzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWS_TCloud_S1 /
Resource Hash
f7a8ebd36df16d9e0e5b5fb0f3582907c71069081d4162f0058cd86ac9c5cb2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://zfauth.xgzwk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:16:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache-lookup
Hit From Disktank3 Gz, Hit From Inner Cluster
x-nws-uuid-verify
abe01b8e9b4639780577ce194fc1e92d
age
1
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7436
x-served-by
cache-fra19177-FRA, cache-hkg17931-HKG
last-modified
Thu, 04 Feb 2021 23:30:00 GMT
server
NWS_TCloud_S1
etag
W/"5487-ugU+1wZqOGD+FtsPSk1L+chFGjI"
x-ws-request-id
601c83a8_wt179_46235-53548
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=2592000, s-maxage=43200
x-daa-tunnel
hop_count=1
x-nws-log-uuid
1a314d34-09ce-42c1-8d55-fa6ee7ddc439
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Mar 2021 09:16:18 GMT
bootstrap.css
cdn.bootcss.com/bootstrap/3.3.4/css/ 		0
0
1.png
zfauth.xgzwk.com/assets/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zfauth.xgzwk.com/assets/1.png
Requested by
Host: zfauth.xgzwk.com
URL: https://zfauth.xgzwk.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
36.159.127.39 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
70fbd4eab3a9e6ce214458441224a3a26e547c3475ee6e8cddb4a539dbcd8312

Request headers

Referer
https://zfauth.xgzwk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:16:19 GMT
x-cache-lookup
Cache Miss
last-modified
Wed, 27 Jan 2021 11:32:40 GMT
server
Apache
x-nws-uuid-verify
aed694646d9f50f9c65c746a71fc21ef
etag
"3a23-5b9e020f08600"
content-type
image/png
cache-control
no-cache
x-daa-tunnel
hop_count=1
x-nws-log-uuid
9384165944161835286
accept-ranges
bytes
content-length
14883
main.js
zfauth.xgzwk.com/assets/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zfauth.xgzwk.com/assets/js/main.js
Requested by
Host: zfauth.xgzwk.com
URL: https://zfauth.xgzwk.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
36.159.127.39 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
70db99eaf7ce7bfa529ba027dc149f5a2225bc5a5fdc68235955857097ef8413

Request headers

Referer
https://zfauth.xgzwk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:16:19 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss
last-modified
Fri, 06 Apr 2018 06:15:00 GMT
server
Apache
x-nws-uuid-verify
f13ddb5fa45376af7d41341d7a26bc45
etag
"2212-56927f9d9e100-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-daa-tunnel
hop_count=1
x-nws-log-uuid
2472991652449822286
accept-ranges
bytes
content-length
1867
qrlogin.js
zfauth.xgzwk.com/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zfauth.xgzwk.com/assets/js/qrlogin.js
Requested by
Host: zfauth.xgzwk.com
URL: https://zfauth.xgzwk.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
36.159.127.39 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
03602045d2847e1393f5f25f30f1aa2c9c91747bd6c37e738adc203e41a5e5af

Request headers

Referer
https://zfauth.xgzwk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:16:18 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss
last-modified
Wed, 27 Jan 2021 14:56:56 GMT
server
Apache
x-nws-uuid-verify
3e470ffb1845677935ac6914dfc94319
etag
"1500-5b9e2fb743e00-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-daa-tunnel
hop_count=1
x-nws-log-uuid
11717191889872028993
accept-ranges
bytes
content-length
2086
layer.css
cdn.bootcss.com/layer/3.0.3/skin/default/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcss.com/layer/3.0.3/skin/default/layer.css?v=3.0.3303
Requested by
Host: cdn.bootcss.com
URL: https://cdn.bootcss.com/layer/3.0.3/layer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.71.72.220 Hangzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWS_TCloud_S1 /
Resource Hash
fefc5c5314aa67b5e56ab4d5e8aab61af50a9ca93df64786b24f77a46a5c22f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://zfauth.xgzwk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:16:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache-lookup
Hit From Disktank3 Gz, Hit From Inner Cluster
x-nws-uuid-verify
f5239f1cad97e73ef75c51a39190ed84
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2885
x-served-by
cache-fra19170-FRA, cache-hkg17920-HKG
last-modified
Fri, 05 Feb 2021 09:00:00 GMT
server
NWS_TCloud_S1
etag
W/"38a3-/Q6doZvnvFymgTZT0KaV6znoCQo"
x-ws-request-id
601d0a9b_PS-ZUH-01hlA24_30250-39492
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=2592000, s-maxage=43200
x-daa-tunnel
hop_count=1
x-nws-log-uuid
ae006a80-41e5-43e1-989d-38f30770cdca
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Mar 2021 09:16:19 GMT
0072Vf1pgy1foxkfkejbbj31hc0u0k7e.jpg
tva1.sinaimg.cn/large/
Redirect Chain
  • https://api.ixiaowai.cn/api/api.php
  • https://tva1.sinaimg.cn/large/0072Vf1pgy1foxkfkejbbj31hc0u0k7e.jpg
832 KB
833 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tva1.sinaimg.cn/large/0072Vf1pgy1foxkfkejbbj31hc0u0k7e.jpg
Requested by
Host: zfauth.xgzwk.com
URL: https://zfauth.xgzwk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.56.227 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
14951ad87074662f894c01d3e9599eeae7748cb6e31144240cc35dee9d7b870d

Request headers

Referer
https://zfauth.xgzwk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 09:24:18 GMT
via
https/1.1 ctc.ningbo.union.47 (ApacheTrafficServer/6.2.1 [cSsNfU]), cache28.l2ot7-1[0,304-0,H], cache36.l2ot7-1[23,0], cache2.de3[316,200-0,H], cache3.de3[330,0]
age
777123
x-via-edge
16119122586963071fe2f8b8388b769d8dbab
lb_header
ssl.42.wbg2.shx.lb.sinanode.com
x-cache
HIT TCP_REFRESH_HIT dirn:4:1456718015
x-swift-cachetime
864000, 86877
x-swift-savetime
Tue, 06 Oct 2020 03:22:15 GMT, Sun, 07 Feb 2021 09:16:21 GMT
x-uidblock-version
5599
x-via-cdn
f=alicdn,s=cache3.de3,c=82.102.20.235;f=alicdn,s=cache36.l2ot7-1,c=163.181.56.150;f=edge,s=ctc.ningbo.union.72.nb.sinaedge.com,c=47.254.113.48;f=Edge,s=ctc.ningbo.union.47,c=115.238.190.72
x-request-id
g2.171-1611005524.195000-2572774819
pragma
public
edge-copy-time
1611026418953
last-modified
Mon, 08 Jul 2013 18:06:40 GMT
server
Tengine
ali-swift-global-savetime
1592273986
content-type
image/jpeg
cache-control
max-age=864000
access-control-allow-credentials
true
x-debug-hit
sto(851563,0.063)
x-ban
miss,5599, MISS,5492
content-length
851563
timing-allow-origin
*
eagleid
a3b5389716126893811344658e
expires
Mon, 08 Feb 2021 08:05:29 GMT

Redirect headers

date
Sun, 07 Feb 2021 09:16:21 GMT
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
yunjiasu-nginx
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bDorMhRsmsXrWefalin5sw%2FRKOYATvdcNtH2VwH%2BMbFx5uY3ZqKr55m%2FLPXqZiYkx1b1p%2BmFv4OcKvXZD2WF3Oh29drmvfMegaEH97eSeZJDrCeXxaZrT1gRx9c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://tva1.sinaimg.cn/large/0072Vf1pgy1foxkfkejbbj31hc0u0k7e.jpg
cf-ray
61dc02ec09cc176e-FRA
cf-request-id
081d6027810000176ee78b3000000001
login.php
zfauth.xgzwk.com/qq/getsid/ 		366 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zfauth.xgzwk.com/qq/getsid/login.php?do=getqrpic&r=0.5183977415475729
Requested by
Host: zfauth.xgzwk.com
URL: https://zfauth.xgzwk.com/assets/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
36.159.127.39 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
5b2e43951d47f3c914c7b4a4c14daeba8053260b95c8bf5147e43f24b851c02d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://zfauth.xgzwk.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:16:20 GMT
x-cache-lookup
Cache Miss
x-nws-uuid-verify
3f5a4d6020e1707357e434dd1b7c8480
server
Apache
content-type
text/html; charset=iso-8859-1
cache-control
no-cache
x-daa-tunnel
hop_count=1
x-nws-log-uuid
1994756524601449309
content-length
366

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.bootcss.com
URL
http://cdn.bootcss.com/bootstrap/3.3.4/css/bootstrap.css

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| loadgo function| trim function| $ function| jQuery object| layer object| xiha function| login function| getvc function| dovc function| checkvc function| qqrow_checkvc function| qqlist_checkvc undefined| interval1 undefined| interval2 function| setCookie function| getCookie function| delCookie function| getqrpic function| qrlogin function| loginload function| cleartime function| mloginurl function| query function| daili function| Choice function| shouquan

0 Cookies