wxpage1.wcfciiv.cn - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 3 HTTP transactions. The main IP is 114.80.179.246, located in Shanghai, China and belongs to CHINANET-SH-AP China Telecom Group, CN. The main domain is wxpage1.wcfciiv.cn.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on May 14th 2024. Valid for: a year.

This is the only time wxpage1.wcfciiv.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	114.80.179.246 114.80.179.246	4812 (CHINANET-...) (CHINANET-SH-AP China Telecom Group)
1 1	47.114.104.237 47.114.104.237	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	61.170.77.228 61.170.77.228	4812 (CHINANET-...) (CHINANET-SH-AP China Telecom Group)
3	2

2 114.80.179.246 (Shanghai, China)

ASN4812 (CHINANET-SH-AP China Telecom Group, CN)

wxpage1.wcfciiv.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.114.104.237 (Hangzhou, China) 1 redirects

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

i.iwanbei.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.170.77.228 (China)

ASN4812 (CHINANET-SH-AP China Telecom Group, CN)
PTR: 228.77.170.61.broad.xw.sh.dynamic.163data.com.cn

activity.inads.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	wcfciiv.cn wxpage1.wcfciiv.cn	3 KB
1	inads.cn activity.inads.cn
1	iwanbei.cn 1 redirects i.iwanbei.cn	410 B
3	3

	Domain	Requested by
2	wxpage1.wcfciiv.cn
1	activity.inads.cn	wxpage1.wcfciiv.cn
1	i.iwanbei.cn	1 redirects
3	3

This site contains no links.

Subject Issuer	Validity	Valid
wxpage1.wcfciiv.cn Encryption Everywhere DV TLS CA - G2	`2024-05-14` - `2025-05-13`	a year	crt.sh
*.inads.cn vTrus DV SSL CA G2	`2024-05-13` - `2025-05-13`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://wxpage1.wcfciiv.cn/
Frame ID: 0ACF941D63BA2FB2DA2E1512E9ABEE66
Requests: 2 HTTP requests in this frame

Frame: https://activity.inads.cn/dist/welfareAT02/private/T/T266/index.html?appkey&business=money-1&uid=A2B98892EC31D50C4B28CE1B87E37500&spm=20240518174654682000022719194468&gettime=1716025614751&activityid=26457&heaAlgoCode&fmmodel_id=actNotColdStart,actCvr2,actSTC2,actV7_1
Frame ID: D999F76A0CFDC9C81231EFE1F4F4CA26
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

请稍等

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

3 kB
Transfer

6 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://i.iwanbei.cn/activities HTTP 302
https://activity.inads.cn/dist/welfareAT02/private/T/T266/index.html?appkey&business=money-1&uid=A2B98892EC31D50C4B28CE1B87E37500&spm=20240518174654682000022719194468&gettime=1716025614751&activityid=26457&heaAlgoCode&fmmodel_id=actNotColdStart,actCvr2,actSTC2,actV7_1

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response wxpage1.wcfciiv.cn/	5 KB 2 KB	1641ms 285ms	Document text/html	114.80.179.246 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Full URL https://wxpage1.wcfciiv.cn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 114.80.179.246 Shanghai, China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN), Reverse DNS Software Tengine / Resource Hash `cfd53b815114919f3c564d7592afb1d719722fc61bf867a00b6c6a48deae7419` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers ali-swift-global-savetime 1716025614 content-encoding gzip content-length 1852 content-md5 PNFsbib3HYUZCxbRRTOTvg== content-type text/html date Sat, 18 May 2024 09:46:54 GMT eagleid 7250b39517160256139683472e last-modified Wed, 21 Feb 2024 09:23:51 GMT server Tengine timing-allow-origin * vary Accept-Encoding via cache74.l2cn3160[28,27,200-0,M], cache51.l2cn3160[29,0], cache8.cn3259[59,72,200-0,M], cache1.cn3259[4:74,0] x-cache MISS TCP_MISS dirn:3:812778997 x-oss-cdn-auth success x-oss-hash-crc64ecma 11340161479654202924 x-oss-object-type Normal x-oss-request-id 6648790E17772438389C947D x-oss-server-time 9 x-oss-storage-class Standard x-swift-cachetime 3600 x-swift-savetime Sat, 18 May 2024 09:46:54 GMT
GET H2	200	index.html activity.inads.cn/dist/welfareAT02/private/T/T266/ Frame D999 Redirect Chain https://i.iwanbei.cn/activities https://activity.inads.cn/dist/welfareAT02/private/T/T266/index.html?appkey&business=money-1&uid=A2B98892EC31D50C4B28CE1B87E37500&spm=20240518174654682000022719194468&gettime=1716025614751&activity...	0 0	985ms 188ms	Document text/html	61.170.77.228 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Full URL https://activity.inads.cn/dist/welfareAT02/private/T/T266/index.html?appkey&business=money-1&uid=A2B98892EC31D50C4B28CE1B87E37500&spm=20240518174654682000022719194468&gettime=1716025614751&activityid=26457&heaAlgoCode&fmmodel_id=actNotColdStart,actCvr2,actSTC2,actV7_1 Requested by Host: wxpage1.wcfciiv.cn URL: https://wxpage1.wcfciiv.cn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 61.170.77.228 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN), Reverse DNS 228.77.170.61.broad.xw.sh.dynamic.163data.com.cn Software Tengine / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://wxpage1.wcfciiv.cn/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-headers * access-control-allow-methods * access-control-allow-origin * age 1924 ali-swift-global-savetime 1716023691 bxm-edge-version 20240517.1 content-encoding br content-md5 skEQ7U0ymuzGpOmbKc+ErA== content-type text/html date Sat, 18 May 2024 09:14:51 GMT eagleid 3daa4d1d17160256157514220e, 3daa4d1d17160256157514220e etag W/"B24110ED4D329AECC6A4E99B29CF84AC" last-modified Tue, 30 Apr 2024 02:28:03 GMT server Tengine timing-allow-origin , vary Accept-Encoding Accept-Encoding Accept-Encoding via cache24.l2cn3160[0,0,304-0,H], cache35.l2cn3160[1,0], ens-cache13.cn6020[0,0,200-0,H], ens-cache23.cn6020[1,0], ens-cache9.cn6020[6,0] x-cache HIT TCP_MEM_HIT dirn:-2:-2 x-oss-cdn-auth success x-oss-hash-crc64ecma 17166716230847240292 x-oss-object-type Normal x-oss-request-id 6648718B279F71363611C3E2 x-oss-server-time 15 x-oss-storage-class Standard x-swift-cachetime 3600 x-swift-savetime Sat, 18 May 2024 09:15:49 GMT Redirect headers content-length 0 date Sat, 18 May 2024 09:46:54 GMT location https://activity.inads.cn/dist/welfareAT02/private/T/T266/index.html?appkey&business=money-1&uid=A2B98892EC31D50C4B28CE1B87E37500&spm=20240518174654682000022719194468&gettime=1716025614751&activityid=26457&heaAlgoCode&fmmodel_id=actNotColdStart,actCvr2,actSTC2,actV7_1
GET H2	404	favicon.ico wxpage1.wcfciiv.cn/	570 B 966 B	223ms 222ms	Other text/html	114.80.179.246 CHINANET-SH-AP Ch...
General Check archive.org Show headers Download Go to Full URL https://wxpage1.wcfciiv.cn/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 114.80.179.246 Shanghai, China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN), Reverse DNS Software Tengine / Resource Hash `ac095564e80d92c6eeb3576f6ee9f317dc7c38c4469916294679c6c81e911d90` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://wxpage1.wcfciiv.cn/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 18 May 2024 09:46:58 GMT via cache21.l2cn3160[12,12,404-1280,M], cache16.l2cn3160[13,0], cache10.cn3259[30,30,404-1280,M], cache1.cn3259[2:32,0] x-oss-request-id 66487912C07B563432809365 content-md5 UchVS0YLIbX8DfeSWvqEdg== x-swift-error orig response 4XX error x-swift-cachetime 1 x-cache MISS TCP_MISS dirn:-2:-2 x-oss-cdn-auth success x-swift-savetime Sat, 18 May 2024 09:46:58 GMT content-length 570 x-oss-object-type Normal last-modified Mon, 23 Oct 2017 03:52:28 GMT server Tengine etag "51C8554B460B21B5FC0DF7925AFA8476" ali-swift-global-savetime 1716025618 content-type text/html x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 16074412355885956377 eagleid 7250b39517160256189056270e x-oss-server-time 6

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://wxpage1.wcfciiv.cn/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activity.inads.cn
i.iwanbei.cn
wxpage1.wcfciiv.cn
114.80.179.246
47.114.104.237
61.170.77.228
ac095564e80d92c6eeb3576f6ee9f317dc7c38c4469916294679c6c81e911d90
cfd53b815114919f3c564d7592afb1d719722fc61bf867a00b6c6a48deae7419

wxpage1.wcfciiv.cn Open in urlscan Pro 114.80.179.246 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

3 kBTransfer

6 kBSize

0 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

wxpage1.wcfciiv.cn Open in urlscan Pro
114.80.179.246 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

3 kB
Transfer

6 kB
Size

0
Cookies

3 HTTP transactions
0 data transactions