blog.weiwanjia.com - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 5 domains to perform 2 HTTP transactions. The main IP is 129.211.64.249, located in China and belongs to CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN. The main domain is blog.weiwanjia.com. The Cisco Umbrella rank of the primary domain is 900154.

This is the only time blog.weiwanjia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	129.211.64.249 129.211.64.249	45090 (CNNIC-TEN...) (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 1	34.197.13.117 34.197.13.117	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.54.26.223 52.54.26.223	14618 (AMAZON-AES) (AMAZON-AES)
1 2	13.225.80.9 13.225.80.9	16509 (AMAZON-02) (AMAZON-02)
2	2

1 129.211.64.249 (China)

ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

blog.weiwanjia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.13.117 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-13-117.compute-1.amazonaws.com

fastsl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.26.223 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-26-223.compute-1.amazonaws.com

smarterlink.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.80.9 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-9.fra2.r.cloudfront.net

smart.bbwait.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	bbwait.com 1 redirects smart.bbwait.com	463 B
1	smarterlink.io 1 redirects smarterlink.io	2 KB
1	fastsl.com 1 redirects fastsl.com	2 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 4034	321 B
1	weiwanjia.com blog.weiwanjia.com — Cisco Umbrella Rank: 900154	2 KB
2	5

	Domain	Requested by
2	smart.bbwait.com	1 redirects blog.weiwanjia.com
1	smarterlink.io	1 redirects
1	fastsl.com	1 redirects
1	bit.ly	1 redirects
1	blog.weiwanjia.com
2	5

This site contains no links.

Subject Issuer	Validity	Valid
bbwait.com Amazon	`2021-11-18` - `2022-12-16`	a year	crt.sh

This page contains 1 frames:

Frame: https://smart.bbwait.com/campaign/835d73df-7b59-43fe-82f0-6bc474930522?pub=174&source=0602
Frame ID: 36515CFC0BFC56BF159524AF530846CA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

2
IPs

2
Countries

2 kB
Transfer

5 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://bit.ly/3usUvj8 HTTP 301
https://fastsl.com/sl/94bc23e7-37dd-47b3-9061-13426d888959?pub=174&source=0602 HTTP 302
https://smarterlink.io/sl?pub=174&source=0602&cs_id=87038db1-6bec-46ad-8d67-a5e9d89be6f6 HTTP 302
http://smart.bbwait.com/campaign/835d73df-7b59-43fe-82f0-6bc474930522?pub=174&source=0602 HTTP 301
https://smart.bbwait.com/campaign/835d73df-7b59-43fe-82f0-6bc474930522?pub=174&source=0602

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request nostrilj.php Show response blog.weiwanjia.com/	5 KB 2 KB	1644ms 1121ms	Document text/html	129.211.64.249 CNNIC-TENCENT-NET...
General Check archive.org Show headers Download Go to Full URL http://blog.weiwanjia.com/nostrilj.php?utm_source=26168d6&utm_content=f Protocol HTTP/1.1 Server 129.211.64.249 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software nginx / Resource Hash `d879e0f96ca0b9ad3ec999de88115ca39fc439be3ff6400b997895d249dced84` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language it-IT,it;q=0.9 Response headers Server nginx Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Date Thu, 17 Feb 2022 13:38:20 GMT Last-Modified Thu, 17 Feb 2022 12:38:20 GMT Expires Thu, 17 Feb 2022 13:08:20 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 max-age=0 Pragma no-cache Content-Encoding gzip
GET H2	200	835d73df-7b59-43fe-82f0-6bc474930522 smart.bbwait.com/campaign/ Redirect Chain https://bit.ly/3usUvj8 https://fastsl.com/sl/94bc23e7-37dd-47b3-9061-13426d888959?pub=174&source=0602 https://smarterlink.io/sl?pub=174&source=0602&cs_id=87038db1-6bec-46ad-8d67-a5e9d89be6f6 http://smart.bbwait.com/campaign/835d73df-7b59-43fe-82f0-6bc474930522?pub=174&source=0602 https://smart.bbwait.com/campaign/835d73df-7b59-43fe-82f0-6bc474930522?pub=174&source=0602	0 0	3714ms 3649ms	Document text/html	13.225.80.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://smart.bbwait.com/campaign/835d73df-7b59-43fe-82f0-6bc474930522?pub=174&source=0602 Requested by Host: blog.weiwanjia.com URL: http://blog.weiwanjia.com/nostrilj.php?utm_source=26168d6&utm_content=f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.80.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-80-9.fra2.r.cloudfront.net Software / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language it-IT,it;q=0.9 Referer http://blog.weiwanjia.com/ Response headers content-type text/html; charset=UTF-8 content-length 25841 date Thu, 17 Feb 2022 13:38:27 GMT x-amzn-requestid a84b02b9-0d4c-4241-8a6f-17af840b3126 x-amz-apigw-id NsFogHDDoAMFqnw= cache-control no-cache, private x-amzn-trace-id Root=1-620e4fcf-34e624d833def8fb3b89b7f4;Sampled=0 x-amzn-remapped-date Thu, 17 Feb 2022 13:38:27 GMT x-cache Miss from cloudfront via 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-cf-id yCPn3jB43s5T7Ki8SZ2v7XngWoiDtEVu1iHZt177vCH1dn2sOjCCzQ== Redirect headers Server CloudFront Date Thu, 17 Feb 2022 13:38:23 GMT Content-Type text/html Content-Length 183 Connection keep-alive Location https://smart.bbwait.com/campaign/835d73df-7b59-43fe-82f0-6bc474930522?pub=174&source=0602 X-Cache Redirect from cloudfront Via 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA2-C2 X-Amz-Cf-Id KbpBseaDpvJoBLYD6j9wWKmbJJJi3gflo3LqTW4rLHcW7VCqduWnAw==

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 05:17:37	Name: _bit Value: m1hdCm-2546f8d7d3c60bcbbf-007
fastsl.com/	1970-01-20 00:58:32	Name: hGBldepPDJ8x2VTSIXj7wA6cPL1qvqyuNgDoLYX5 Value: eyJpdiI6ImVpdThuSXB4c3NTUG0ybDIvdXY3YVE9PSIsInZhbHVlIjoiVlpycXNuVXpQcnNrUGlUVVJvYW9GUzhYTnFtN2lxTUpRcHpFdGdNUnc1QjhoWjlua01UbDAreTdIUWhmbzh5Zm90N0EwQS8wVHlsSmN0MWhjM1ZJOW40L1JlNTllRFUyNnhJckova0Fmb1BUcEd5Rk9ON1VIVmtNSlhaekNqSGZaY0lWWE9YaFl2MXpxaVBPdUpmaVMzanduWUR3VkZiOEpySUMwOWZKdUw5UUorQ045K05CNjdzWTB4a2lEMnNIMVJPM0JwdDl1aHdiY0MxdThGaG1TV0JPS0ZKSFhLV1dya2RaVnoyM3FXRGRuVHJMMlU4OFh2eDhlSHZhcDZQRTZOQm9OOXdlZ1dSeXh6VUxMZU85bjNCTVRWNlU3ZkkwbmRiVUl5dnZTN3lqU0RhN1d3R20yRUdrRVVHT1A2LzBXb0VTTFhlREc4SDJ1WWJ1cU10WldIUzB6MlovWFFhL3RBb3FNMVNvWktMMDBaeVl3WHp2b3FpaElWZTJIZ3luZlRqTm1kYy9MZzkyU0RGV3pMOEJ6N2ZBVDdYWmxtbmpkTlVHMklMbnFNcHk4K0dvM3RLWS9SZFVaVVRERW9VTFJkR0w3TWcvNjFkN1JZT2Y5TmZmb0xNdHQ2OU8zUWtWbHY2b3JYK0E2R1M0ZVVGcytWYWpxNmxlektXQ210MzZlZjhaUnlodDVGYjFwclhkT2l2aE1XYVJvNWdlUkhtODVsT2RlWHRRWDJlVGZ0UFNKZzIyak5OZWd2V3VUUm1NWUJ6ZHFRSW5EWTg1bXVSeWZ6RjhkZExVczZsZHBWalJ4WE1hM28rejdDSEQ5UDZqeFZkdGM3VnQxQWQ5VXh3WFYwOEVvUEVaMkdvenQ1dGNoTzdlcFVOM0hsYmNoZUdnQllIbm1LWkFDbnRSbVF5MFBXcWFHamRNQ1NoNUtIV0RwTGtreVVoZkRRWUZ6WFF2dHZLdUt5NGVRVmVVT3NySVZxTEFaK2d4SDl6WWs2VW45cm91WVcvaWhrTzhtWW96djFwTFZGRFVwRjJ3VjhHaml5Z3Fmdz09IiwibWFjIjoiN2RiYTIxNDE3M2JhNjUzZTY1YmIzMDczYzhkYjIyOTE0ZTVmYmY5MzUwMmJiYzE1YWM1YzQ5MWFjNDZmZDkwOCJ9
fastsl.com/	1970-01-20 00:58:32	Name: convertplz_session Value: eyJpdiI6ImlLS2ZpUG9mY28wUVFEQ29IRGFUR2c9PSIsInZhbHVlIjoibEJ0Vm02TEsvdzZOQ2lFSTk1bHV1QU1aTHZLWnQ5N2NVdmlGUWtuWFhnQk9oSlVSNlpWOGpCWDF4S2RkZEFER2w1QklhWFdqZUIwVk1GT0wzbzlkZnQ3VlI5c3p1NXJ1VHFCbUE1VlRIN0E3L1cwdHRtV3RieFUrenhRdU1reWQiLCJtYWMiOiI0YTYzODc0M2NjMGRjZjBmZmMzMWNlMTkzOTViZTZjNzkwMTFiZjc2OWZlYWNmZGQ2NzlkMmU4OThlMmRhNDZjIn0%3D
fastsl.com/	1970-01-20 00:58:32	Name: XSRF-TOKEN Value: eyJpdiI6IlFRQ1FoSVNjckpLN2Nhd1FqT2ljcHc9PSIsInZhbHVlIjoiY2R3dDYzVk56NHY4ZEh5WUk0YUJ0Rlg1YzhGeVFGcVRVSy9WaTlwRW9xNFVGUFI1bzR3Rmk5TWlZZ2tmVnJjdlRDekFucXVDQnFGSTN1RkRxa2lvZGdFZjJMeTRoYkJLbWpmUWlJUFB2N1FkNngzeklNWWc2K3ZKUmFETnNjSXAiLCJtYWMiOiI2ODMzZTljZjIxZjlmZjllMTlhYjVjZWYyNmVkNTIzY2M5YmM4MGI0ODllMWYzM2Q5MmI2YzM1MGZhMzMwNjU2In0%3D
smarterlink.io/	1970-01-20 00:59:51	Name: buiHLvPSWS8TV1krv7NcvXz6E9JonTZvK8mT664O Value: eyJpdiI6Ik1vWk93SEpYNkpVVzRwMldLSGhhcmc9PSIsInZhbHVlIjoiR29tNHN4ODdmVGluRHZiZ3g4SjNkMXpjdEZhNVhWdUtlekV5SlJ3dFg1dHAwZjQ1RG44dW5WNHRveitFUVJtK3JXNnJOQUh0eWRwZjZWdHlPTzdyMURYTGtpTmlwY3RvUENRWUxKbkRuUm1sUjlmbWhkdmpPUWJmRkY2R1o1NHZGQzhkSHZJcHpuK1o0NFFQNzh5RERQOW1FeTVyNWVTRFg0c2Q5VTdDaEIzYS9DdFVPMnExUWV5MmlqSjd6UER2M3pKSCtPenpwenAvVEpab3pQcXhNNzdKbTVrNm5DUkRSa1FNUmxmcmU2KzZCSlFLeUNabEM2YzNYM1FsS3RxUElidkVHYnp2V3p0RklIeW9HUFlSbVZObEFyNWdYZlZDTUVYRWFGRHozYmRkTWhqMGhKNXBJcGwwWHdtYmRaKzdMMHlva0piTklNWmxIZzJqVHF2bm5ydXIrZ3N2Sks0WlpBejBsNWRwaWFFNGorckcrcmdZd24reG9sS1pmUFJRQmd6TkdHcVdJQkF0UU1iYTJwdThObWpjVHdqMk80N3dNYlJvM2FlaEV3N25hVEhOOVVxNHJvWVg5bmljejg5enNZMUpJRkVId3NzMzEyWVR5b3ZTZkErN1ZXYmNyZG5LRHFvZzBxRjlvUFVLSjlSME1mMFpsdHlTcUJvbG1BUkZUa1RYSEc4ODlSWHVYekFLbVNvTHFWV0oxTytUTFJtWG1vaWVVRE1qcGhoQnhBeVV5ZGtXTzlvMWRSTmVDRThKSjdVWlpiYlZvMDZreDNsdjgyM2JlcytieS9EWGEyTG1WRXBwRnpNQzN6QzBwZFZwUUJ5VTNwZzlUZXBTeXFIZ2YzM3lKOHo4aDF4dVl3eUtKVjZEZVhYTnN1R3dJdmFQK2tKNGVpbytWR3R6VzVJZ2xySnF1ZVJXVmNKbVlVV2Jtd2t5QllZY0R6ZEhZd1ZIWVIvVG1nR3hrcDYxMS9yNEpDZmZ2MWQ3bnNOZm1pOWU2dVJNVFJmNTg0ckJ3OVJMUDlac0JIU05KTG4vZlNBSXhjYko2RngxeW5kY3NpOHVPTGMvbHo2c2g2S0I3eHhLLy9JY21lUTh3STYzTkZLYjZCMlUxbnVCK0trcktaN1Jnc1NBZ0VRbTVCTmlOMVV0QUNyaTg3eDQ4RWF0NDJoSDZjQjd6Tyt5L0NhVUdaT04ydE5tNSt2a2k2YmN6RmJqWnJGSUlEVis3ZnVMUFgzaXAzaHpsaVFEcVlFRTZ0NXhNSGlYdkMzZ0ZwSitYRmNYVStzait1c3RRZGI4NEM0UkZnbWFQMDNmNnRDSW1BR2lwMG9BUzgvYk9MUT0iLCJtYWMiOiJmYzk1MzQyZWY3NjAwYWNmNjVjZjQ5NjM2MWI3OWI1ZTEyMGYzNWRiZjQ5M2ZkMzdkY2VhOWFiYmFkZWQ1MWYwIiwidGFnIjoiIn0%3D
smarterlink.io/	1970-01-20 00:59:51	Name: smartlink_session Value: eyJpdiI6ImMvS1V0UTU4aHpBaTJLb2pMM2cwTkE9PSIsInZhbHVlIjoiZmFaT0k4ZldNcDZZS2Zzai9iendQdFVLc0pxSG41VWd5YTFUTlh4RFFIVmJOQ0JwV0thaFRiL0p2VW9LeTNQMmRXVFV5bEo3Rm1vR0F1YkRRdWhvbEdsUzAxdHVnWlFhSkFZWjV5cE8rSXd3ZEY1QnFTUGxSbzBWZWZCaVd2S3UiLCJtYWMiOiI2M2M1YmZmOWZiMzc4ZjI1NWU2MGYzYTAzYWJiNjk4NWZjZmNiODRjMjg5ZWUxOGYwNzIyNDlkNjIwYTc4NjMwIiwidGFnIjoiIn0%3D
smarterlink.io/	1970-01-20 00:59:51	Name: XSRF-TOKEN Value: eyJpdiI6Ik1HeEJZa0RLVnJEVEZxSU8zK0tXclE9PSIsInZhbHVlIjoiYllIMlZ3V2NBTFJpb21DSmlaM1RMc3d3c2tHMDB2UkFaS0ZSS3NsWmNmbzZOUDZvSk03RVMrTW0ydmRXZjhjU2NQZ2ROZkIvalcrbnJNWThsT3c5OTBvck0wYlQ0eWg2K3dHKzlZc3VHVlBQNjFsT2VMOWhmdTRNbkJ1QWx6OWkiLCJtYWMiOiJmYjk1ZGFlYzU1MGJlODM4MzRkYTJlZTdjYWI4MjJlMjM5MTc4NzEzZmQ4NTEwODFhMzhhMzg1MGJkOTc0ZWQ4IiwidGFnIjoiIn0%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://smart.bbwait.com/campaign/835d73df-7b59-43fe-82f0-6bc474930522?pub=174&source=0602(Line 7) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
blog.weiwanjia.com
fastsl.com
smart.bbwait.com
smarterlink.io
129.211.64.249
13.225.80.9
34.197.13.117
52.54.26.223
67.199.248.11
d879e0f96ca0b9ad3ec999de88115ca39fc439be3ff6400b997895d249dced84

blog.weiwanjia.com Open in urlscan Pro 129.211.64.249 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

2 Requests

50 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

2 IPs

2 Countries

2 kBTransfer

5 kBSize

7 Cookies

0 Outgoing links

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

7 Cookies

1 Console Messages

Indicators

blog.weiwanjia.com Open in urlscan Pro
129.211.64.249 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

50 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

2
IPs

2
Countries

2 kB
Transfer

5 kB
Size

7
Cookies

2 HTTP transactions
0 data transactions