twafgig.cn
Open in
urlscan Pro
2606:4700:3033::ac43:8547
Public Scan
Effective URL: https://twafgig.cn/wctx1D1DFxFDg.do.php
Submission: On July 20 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by E1 on July 20th 2022. Valid for: 3 months.
This is the only time twafgig.cn was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 23.94.73.208 23.94.73.208 | 36352 (AS-COLOCR...) (AS-COLOCROSSING) | |
12 | 2606:4700:303... 2606:4700:3033::ac43:8547 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
16 | 3 |
ASN36352 (AS-COLOCROSSING, US)
PTR: mail1.fkvytbaq.cn
rqlredw.cn |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
twafgig.cn
twafgig.cn |
119 KB |
2 |
rqlredw.cn
rqlredw.cn |
843 B |
0 |
cloudflareresearch.com
Failed
tls-ech-experiment.cloudflareresearch.com Failed tls-ech-experiment-c.cloudflareresearch.com Failed |
|
16 | 3 |
Domain | Requested by | |
---|---|---|
12 | twafgig.cn |
rqlredw.cn
twafgig.cn |
2 | rqlredw.cn |
rqlredw.cn
|
0 | tls-ech-experiment-c.cloudflareresearch.com Failed |
rqlredw.cn
|
0 | tls-ech-experiment.cloudflareresearch.com Failed |
rqlredw.cn
|
16 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
darksoulz.us |
www.cloudflare.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
rqlredw.cn R3 |
2022-07-20 - 2022-10-18 |
3 months | crt.sh |
*.twafgig.cn E1 |
2022-07-20 - 2022-10-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://twafgig.cn/wctx1D1DFxFDg.do.php
Frame ID: 7B4D717EECC01377E603783527CAF0D6
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
Just a moment...Page URL History Show full URLs
- https://rqlredw.cn/?Login/wctx1D1DFxFDg.do.php?wctx/NBCW2101.do?paypaybank/wctx/NBG129A0G13.do?... Page URL
- https://twafgig.cn/wctx1D1DFxFDg.do.php Page URL
- https://twafgig.cn/wctx1D1DFxFDg.do.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Cloudflare
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://rqlredw.cn/?Login/wctx1D1DFxFDg.do.php?wctx/NBCW2101.do?paypaybank/wctx/NBG129A0G13.do?MngKey=77C0C0C9587615370B2DF743DBE3E32F Page URL
- https://twafgig.cn/wctx1D1DFxFDg.do.php Page URL
- https://twafgig.cn/wctx1D1DFxFDg.do.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
rqlredw.cn/ |
224 B 377 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.js
rqlredw.cn/ |
253 B 466 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wctx1D1DFxFDg.do.php
twafgig.cn/ |
10 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
twafgig.cn/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ |
35 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transparent.gif
twafgig.cn/cdn-cgi/images/trace/jschal/js/ |
42 B 220 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transparent.gif
twafgig.cn/cdn-cgi/images/trace/jschal/nojs/ |
42 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
0ee0f4990144c77
twafgig.cn/cdn-cgi/challenge-platform/h/g/flow/ov1/0.5598690406036592:1658326000:q_yu6adcrMLIFQxGGmid_e1F64F7VcFPw3DUtKD0qyU/72dc7efb1a098aa4/ |
128 KB 68 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
FimsS6wkVMyLPrG
twafgig.cn/cdn-cgi/challenge-platform/h/g/img/72dc7efb1a098aa4/1658328488401/ |
61 B 509 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
probe
tls-ech-experiment.cloudflareresearch.com/.well-known/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
probe
tls-ech-experiment-c.cloudflareresearch.com/.well-known/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
9baAX9qYt8WoByJ
twafgig.cn/cdn-cgi/challenge-platform/h/g/pat/72dc7efb1a098aa4/1658328488403/e7c33dffe899b39fd67580b4970dcb5dfc89b65479b2bfee90b46557711df721/ |
1 B 975 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
68 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
0ee0f4990144c77
twafgig.cn/cdn-cgi/challenge-platform/h/g/flow/ov1/0.5598690406036592:1658326000:q_yu6adcrMLIFQxGGmid_e1F64F7VcFPw3DUtKD0qyU/72dc7efb1a098aa4/ |
1 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
wctx1D1DFxFDg.do.php
twafgig.cn/ |
10 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
v1
twafgig.cn/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ |
32 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
transparent.gif
twafgig.cn/cdn-cgi/images/trace/jschal/js/ |
42 B 222 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
transparent.gif
twafgig.cn/cdn-cgi/images/trace/jschal/nojs/ |
42 B 222 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- tls-ech-experiment.cloudflareresearch.com
- URL
- https://tls-ech-experiment.cloudflareresearch.com/.well-known/probe
- Domain
- tls-ech-experiment-c.cloudflareresearch.com
- URL
- https://tls-ech-experiment-c.cloudflareresearch.com/.well-known/probe
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _cf_chl_opt function| _cf_chl_enter function| sendRequest boolean| _cf_chl_done_ran function| _cf_chl_done function| SHA256 object| _cf_chl_ctx object| _ undefined| _cf_gcr2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
twafgig.cn/ | Name: cf_chl_prog Value: F16 |
|
twafgig.cn/ | Name: cf_chl_rc_ni Value: 1 |
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
rqlredw.cn
tls-ech-experiment-c.cloudflareresearch.com
tls-ech-experiment.cloudflareresearch.com
twafgig.cn
tls-ech-experiment-c.cloudflareresearch.com
tls-ech-experiment.cloudflareresearch.com
23.94.73.208
2606:4700:3033::ac43:8547
4b9df6303fd7aa3998d605d365578fd33dbe3acfe42c53c99d68f839502b9e63
4e4b08d6e9f7718027d50bd0404d40f1a0d2b202495beb82cc518f9ab33d18df
52a25b0ede9ac4d40d40a332b74b4f8979b1ff545c8d3aeb57792c8eeb224109
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
79a30b84779db049cefcef63a24954760febd5e9cf877acf7a263637b26058b2
9207caaf79f20da386783d5ba03e0e308f8eec0d31ebf6e81b6c26cf662c0c8e
cf942ac212725d6cc7a8b51a3eccc8b9c5a5ea7aab8c7283700eec4329681936
dfa40d39edda12008f530d7378d709b592220777af122f108aabddba353db0fa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff8b3bf35639216a2503b45c6c711bcdf8ead5e199fdb13513c40f91d7359c32