iu.2s.ink Open in urlscan Pro
115.126.50.56 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://iu.2s.ink/
Submission: On July 02 via api (July 2nd 2024, 1:33:44 am UTC) from US — Scanned from DE

Summary HTTP 10 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 115.126.50.56, located in Hong Kong and belongs to FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK. The main domain is iu.2s.ink.
TLS certificate: Issued by E6 on June 14th 2024. Valid for: 3 months.

This is the only time iu.2s.ink was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2	115.126.50.56 115.126.50.56		38186 (FTG-AS-AP...) (FTG-AS-AP Forewin Telecom Group Limited)
10	2

2 115.126.50.56 (Hong Kong)

ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK)

iu.2s.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	2s.ink iu.2s.ink	13 KB
10	1

	Domain	Requested by
2	iu.2s.ink	iu.2s.ink
10	1

This site contains links to these domains. Also see Links.

Domain
wpa.qq.com

Subject Issuer	Validity	Valid
hellowindyxi.cn E6	`2024-06-14` - `2024-09-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://iu.2s.ink/
Frame ID: 0E16A00D3E8D15716D828C3DC2B94836
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

QINYUHUI DL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Page Statistics

10
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

13 kB
Transfer

12 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://wpa.qq.com/msgrd?v=3&uin=%E6%94%B9%E6%88%90%E4%BD%A0%E7%9A%84QQ%E5%8F%B7&site=qq&menu=yes
Title: 联系我们

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response iu.2s.ink/	11 KB 12 KB	1855ms 1228ms	Document text/html	115.126.50.56 FTG-AS-AP Forewin...
General Check archive.org Show headers Download Go to Full URL https://iu.2s.ink/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 115.126.50.56 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK), Reverse DNS Software kangle/3.5 / Resource Hash `3ebc0e43c1ac5014257afbf052dc61556c50a394674bb83f820f141d2786eb24` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Content-type text/html; charset=UTF-8 Date Tue, 02 Jul 2024 01:33:33 GMT Server kangle/3.5 Transfer-Encoding chunked X-Cache MISS from kangle web server
GET		bootstrap.css iu.2s.ink//css/	0 0

GET		animate.css iu.2s.ink//css/	0 0

GET		style.css iu.2s.ink//css/	0 0

GET		fonts.css iu.2s.ink//css/ziti/	0 0

GET		all.css iu.2s.ink//css/a/	0 0

GET		jquery-1.10.2.js iu.2s.ink//js/	0 0

GET		bootstrap.js iu.2s.ink//js/	0 0

GET		jquery.form-validator.min.js iu.2s.ink//js/	0 0

GET H/1.1	404 Not Found	favicon.ico iu.2s.ink/	991 B 1 KB	303ms 303ms	Other text/html	115.126.50.56 FTG-AS-AP Forewin...
General Check archive.org Show headers Download Go to Full URL https://iu.2s.ink/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 115.126.50.56 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK), Reverse DNS Software kangle/3.5 / Resource Hash `9a45d76d8239660aee43b424388d8822db20935f7c4660f2a2b97d85e03d4770` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://iu.2s.ink/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 02 Jul 2024 01:33:33 GMT Server kangle/3.5 Content-Length 991 X-Cache MISS from kangle web server Content-Type text/html; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: iu.2s.ink
URL: http://iu.2s.ink//css/bootstrap.css

Domain: iu.2s.ink
URL: http://iu.2s.ink//css/animate.css

Domain: iu.2s.ink
URL: http://iu.2s.ink//css/style.css

Domain: iu.2s.ink
URL: http://iu.2s.ink//css/ziti/fonts.css

Domain: iu.2s.ink
URL: http://iu.2s.ink//css/a/all.css

Domain: iu.2s.ink
URL: http://iu.2s.ink//js/jquery-1.10.2.js

Domain: iu.2s.ink
URL: http://iu.2s.ink//js/bootstrap.js

Domain: iu.2s.ink
URL: http://iu.2s.ink//js/jquery.form-validator.min.js

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| toggleNightMode

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://iu.2s.ink/(Line 19) Message: Mixed Content: The page at 'https://iu.2s.ink/' was loaded over HTTPS, but requested an insecure stylesheet 'http://iu.2s.ink//css/bootstrap.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://iu.2s.ink/(Line 20) Message: Mixed Content: The page at 'https://iu.2s.ink/' was loaded over HTTPS, but requested an insecure stylesheet 'http://iu.2s.ink//css/animate.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://iu.2s.ink/(Line 23) Message: Mixed Content: The page at 'https://iu.2s.ink/' was loaded over HTTPS, but requested an insecure stylesheet 'http://iu.2s.ink//css/style.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://iu.2s.ink/(Line 24) Message: Mixed Content: The page at 'https://iu.2s.ink/' was loaded over HTTPS, but requested an insecure stylesheet 'http://iu.2s.ink//css/ziti/fonts.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://iu.2s.ink/(Line 25) Message: Mixed Content: The page at 'https://iu.2s.ink/' was loaded over HTTPS, but requested an insecure stylesheet 'http://iu.2s.ink//css/a/all.css'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://iu.2s.ink/(Line 136) Message: Mixed Content: The page at 'https://iu.2s.ink/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://iu.2s.ink//create.php'. This endpoint should be made available over a secure connection.
security	error	URL: https://iu.2s.ink/ Message: Mixed Content: The page at 'https://iu.2s.ink/' was loaded over HTTPS, but requested an insecure script 'http://iu.2s.ink//js/jquery-1.10.2.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://iu.2s.ink/ Message: Mixed Content: The page at 'https://iu.2s.ink/' was loaded over HTTPS, but requested an insecure script 'http://iu.2s.ink//js/bootstrap.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://iu.2s.ink/ Message: Mixed Content: The page at 'https://iu.2s.ink/' was loaded over HTTPS, but requested an insecure script 'http://iu.2s.ink//js/jquery.form-validator.min.js'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://iu.2s.ink/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

iu.2s.ink
iu.2s.ink
115.126.50.56
3ebc0e43c1ac5014257afbf052dc61556c50a394674bb83f820f141d2786eb24
9a45d76d8239660aee43b424388d8822db20935f7c4660f2a2b97d85e03d4770

iu.2s.ink Open in urlscan Pro 115.126.50.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

13 kBTransfer

12 kBSize

0 Cookies

1 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

10 Console Messages

Indicators

iu.2s.ink Open in urlscan Pro
115.126.50.56 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

13 kB
Transfer

12 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions