urlscan.io logo urlscan.io
SecurityTrails logo

passwordhelper.aitmed.com.cn Open in urlscan Pro
121.199.204.181  Public Scan

Go To Rescan Add Verdict Report
URL: https://passwordhelper.aitmed.com.cn/
Submission: On June 26 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 4 HTTP transactions. The main IP is 121.199.204.181, located in Hangzhou, China and belongs to ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN. The main domain is passwordhelper.aitmed.com.cn.
TLS certificate: Issued by GlobalSign Organization Validation CA... on February 15th 2023. Valid for: a year.
This is the only time passwordhelper.aitmed.com.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 121.199.204.181 37963 (ALIBABA-C...)
1 2a04:4e42:400... 54113 (FASTLY)
1 163.181.56.155 24429 (TAOBAO Zh...)
4 4
Apex Domain
Subdomains		 Transfer
2 aitmed.com.cn
passwordhelper.aitmed.com.cn
3 KB
1 staticfile.org
cdn.staticfile.org — Cisco Umbrella Rank: 49255
327 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379
222 KB
4 3
Domain Requested by
2 passwordhelper.aitmed.com.cn passwordhelper.aitmed.com.cn
1 cdn.staticfile.org passwordhelper.aitmed.com.cn
1 cdn.jsdelivr.net passwordhelper.aitmed.com.cn
4 3

This site contains no links.

Subject Issuer Validity Valid
*.oss-cn-hangzhou.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G3		 2023-02-15 -
2024-03-18		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.staticfile.org
GeoTrust RSA CN CA G2		 2022-09-05 -
2023-10-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://passwordhelper.aitmed.com.cn/
Frame ID: 156E647468DD2803A27A940252ABA435
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AiTmed | Start your E-health Journey Anywhere, Anytime

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

4
Requests

50 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

551 kB
Transfer

2428 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
passwordhelper.aitmed.com.cn/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://passwordhelper.aitmed.com.cn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
121.199.204.181 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
6f6612fa84218208a5263b4f496c6fb8d10e2d3c83b0afc581951c6e13185d57

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-MD5
zaNDm6iWA2pTVM/6+ndSUg==
Content-Type
text/html; charset=utf-8
Date
Mon, 26 Jun 2023 08:54:36 GMT
Last-Modified
Mon, 26 Jun 2023 06:33:13 GMT
Server
AliyunOSS
Transfer-Encoding
chunked
Vary
Accept-Encoding Origin
x-oss-hash-crc64ecma
3760589103007772909
x-oss-object-type
Normal
x-oss-request-id
6499524C6670853239CCC304
x-oss-server-time
8
x-oss-storage-class
Standard
main.144494e88e35c07cabc3.js
passwordhelper.aitmed.com.cn/ 		621 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://passwordhelper.aitmed.com.cn/main.144494e88e35c07cabc3.js
Requested by
Host: passwordhelper.aitmed.com.cn
URL: https://passwordhelper.aitmed.com.cn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
121.199.204.181 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://passwordhelper.aitmed.com.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Mon, 26 Jun 2023 08:54:36 GMT
Content-Encoding
gzip
x-oss-request-id
6499524C66708532390FC504
Last-Modified
Mon, 26 Jun 2023 06:33:13 GMT
Server
AliyunOSS
Content-MD5
M5bCRTsd/kFcW7ppUyUNCA==
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/javascript
x-oss-storage-class
Standard
Connection
keep-alive
x-oss-hash-crc64ecma
9832885019217613912
x-oss-server-time
35
mapbox-gl.min.js
cdn.jsdelivr.net/npm/mapbox-gl@2.1.1/dist/ 		803 KB
222 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/mapbox-gl@2.1.1/dist/mapbox-gl.min.js
Requested by
Host: passwordhelper.aitmed.com.cn
URL: https://passwordhelper.aitmed.com.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
adc222631f40c1196225fb1061234d6cddca129a67e661859b3a88bbd6a2a5e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://passwordhelper.aitmed.com.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Jun 2023 08:54:36 GMT
x-content-type-options
nosniff
content-encoding
br
age
1744601
x-jsd-version
2.1.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
226464
x-served-by
cache-fra-eddf8230030-FRA
x-jsd-version-type
version
etag
W/"c8a6e-G4/RwaSEa+dcszwzEcn/Q0Na9Uo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
echarts.min.js
cdn.staticfile.org/echarts/5.4.1/ 		999 KB
327 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.staticfile.org/echarts/5.4.1/echarts.min.js
Requested by
Host: passwordhelper.aitmed.com.cn
URL: https://passwordhelper.aitmed.com.cn/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.155 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
205df6a283fc34f233420fdfb3b9551e9c06f7625c08f1354d9004c854a01995

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://passwordhelper.aitmed.com.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

X-Log
X-Log
Date
Sun, 25 Jun 2023 23:32:01 GMT
Via
cache23.l2de2[0,0,304-0,H], cache6.l2de2[2,0], ens-cache10.de4[0,0,200-0,H], ens-cache9.de4[1,0]
Content-Encoding
gzip
X-Svr
IO
Content-Md5
prNVrcbpY0ylw3WYBCsT1Q==
X-Reqid
eksAAAApWuPgCmwX
Age
33756
X-Swift-CacheTime
52679
X-Cache
HIT TCP_MEM_HIT dirn:8:152309363
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="echarts.min.js"; filename*=utf-8''echarts.min.js
Connection
keep-alive
X-Swift-SaveTime
Mon, 26 Jun 2023 08:54:02 GMT
Content-Length
333552
Last-Modified
Sat, 10 Dec 2022 14:14:05 GMT
Server
Tengine
Etag
"Fh6cx_eEEQUELHDhHrt9un5YcuL1.gz"
Access-Control-Max-Age
2592000
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Ali-Swift-Global-Savetime
1687735921
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Qiniu-Zone
0
Timing-Allow-Origin
*
EagleId
2ff62b2116877696772129000e
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/webp

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| mapboxgl

0 Cookies