urlscan.io logo urlscan.io
SecurityTrails logo

hzaa.989ghyqqk.vip Open in urlscan Pro
156.251.50.62  Public Scan

Go To Rescan Add Verdict Report
URL: https://hzaa.989ghyqqk.vip/
Submission: On July 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 156.251.50.62, located in Hong Kong and belongs to TERAEXCH, US. The main domain is hzaa.989ghyqqk.vip.
TLS certificate: Issued by R11 on July 5th 2024. Valid for: 3 months.
This is the only time hzaa.989ghyqqk.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 156.251.50.62 399077 (TERAEXCH)
1 170.33.13.110 134963 (ASEPL-AS-...)
9 2
Domain Requested by
8 hzaa.989ghyqqk.vip hzaa.989ghyqqk.vip
1 foe5ix0fdis8wgpd.wisdomcounty.com hzaa.989ghyqqk.vip
9 2

This site contains no links.

Subject Issuer Validity Valid
hzaa.989ghyqqk.vip
R11		 2024-07-05 -
2024-10-03		 3 months crt.sh
*.wisdomcounty.com
Sectigo RSA Domain Validation Secure Server CA		 2024-06-16 -
2025-06-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://hzaa.989ghyqqk.vip/
Frame ID: A5B08FCC8EF41CE81C4B38B0F9030E87
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

巴黎APP

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

2445 kB
Transfer

2533 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hzaa.989ghyqqk.vip/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hzaa.989ghyqqk.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
156.251.50.62 , Hong Kong, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence /
Resource Hash
1ceb2d24a5e444c4eb2dfe7c42de457515546e3c98cd9d9151a5d95a0b9342bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 05 Jul 2024 19:07:20 GMT
etag
W/"66879717-99c"
last-modified
Fri, 05 Jul 2024 06:47:51 GMT
server
NgxFence
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
x-cache
DYNAMIC
index.css
hzaa.989ghyqqk.vip/app/css/ 		2 KB
1023 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hzaa.989ghyqqk.vip/app/css/index.css
Requested by
Host: hzaa.989ghyqqk.vip
URL: https://hzaa.989ghyqqk.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
156.251.50.62 , Hong Kong, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence /
Resource Hash
c8df4f8e5733a14afad0711a563ac7a3669a48e6aae284a56d3167b728746d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hzaa.989ghyqqk.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 19:07:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Tue, 16 Apr 2024 12:24:59 GMT
server
NgxFence
etag
W/"661e6e1b-700"
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
cache-control
max-age=43200
expires
Sat, 06 Jul 2024 07:03:32 GMT
1.gif
hzaa.989ghyqqk.vip/app/img/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hzaa.989ghyqqk.vip/app/img/1.gif
Requested by
Host: hzaa.989ghyqqk.vip
URL: https://hzaa.989ghyqqk.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
156.251.50.62 , Hong Kong, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence /
Resource Hash
656b17de77fa5bc7a72282480b0d83e393ea3bbffb67959d9c5067d50bb6a716
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hzaa.989ghyqqk.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 19:07:20 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Tue, 16 Apr 2024 12:41:43 GMT
server
NgxFence
etag
"661e7207-24a7cc"
x-cache
MISS
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2402252
expires
Sun, 04 Aug 2024 19:03:32 GMT
2.gif
hzaa.989ghyqqk.vip/app/img/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hzaa.989ghyqqk.vip/app/img/2.gif
Requested by
Host: hzaa.989ghyqqk.vip
URL: https://hzaa.989ghyqqk.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
156.251.50.62 , Hong Kong, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence /
Resource Hash
a4392a9043b282c4234bd137dff619ec1026c4e4521b863d35ad77e22cabd71c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hzaa.989ghyqqk.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 19:07:20 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Tue, 16 Apr 2024 12:43:16 GMT
server
NgxFence
etag
"661e7264-54fe"
x-cache
MISS
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
21758
expires
Sun, 04 Aug 2024 19:03:32 GMT
kf.png
hzaa.989ghyqqk.vip/app/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hzaa.989ghyqqk.vip/app/img/kf.png
Requested by
Host: hzaa.989ghyqqk.vip
URL: https://hzaa.989ghyqqk.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
156.251.50.62 , Hong Kong, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence /
Resource Hash
4c5696d2ec6d47d9636c1f7748329f53f4977b2cfb2704bebaafd3691ef5674a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hzaa.989ghyqqk.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 19:07:20 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Tue, 16 Apr 2024 12:26:33 GMT
server
NgxFence
etag
"661e6e79-289b"
x-cache
MISS
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10395
expires
Sun, 04 Aug 2024 19:03:32 GMT
jquery-3.5.1.min.js
hzaa.989ghyqqk.vip/app/js/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hzaa.989ghyqqk.vip/app/js/jquery-3.5.1.min.js
Requested by
Host: hzaa.989ghyqqk.vip
URL: https://hzaa.989ghyqqk.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
156.251.50.62 , Hong Kong, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hzaa.989ghyqqk.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 19:07:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Tue, 16 Apr 2024 12:25:46 GMT
server
NgxFence
etag
W/"661e6e4a-15d84"
vary
Accept-Encoding
x-cache
MISS
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 06 Jul 2024 07:03:32 GMT
appinstall.js
hzaa.989ghyqqk.vip/app/js/ 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hzaa.989ghyqqk.vip/app/js/appinstall.js
Requested by
Host: hzaa.989ghyqqk.vip
URL: https://hzaa.989ghyqqk.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
156.251.50.62 , Hong Kong, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence /
Resource Hash
7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hzaa.989ghyqqk.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 19:07:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Tue, 16 Apr 2024 12:44:39 GMT
server
NgxFence
etag
W/"661e72b7-b9e1"
vary
Accept-Encoding
x-cache
MISS
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 06 Jul 2024 07:03:32 GMT
init
foe5ix0fdis8wgpd.wisdomcounty.com/web/jg32qe/_/ 		746 B
907 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://foe5ix0fdis8wgpd.wisdomcounty.com:6443/web/jg32qe/_/init?av=0&cv=0&hash=&server=https%3A%2F%2Ffoe5ix0fdis8wgpd.wisdomcounty.com%3A6443&sw=p6Cmpg&sh=p6Smpg&sp=1&li=p6GkuKehuKa4pa4
Requested by
Host: hzaa.989ghyqqk.vip
URL: https://hzaa.989ghyqqk.vip/app/js/appinstall.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.33.13.110 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),
Reverse DNS
Software
NgxFence /
Resource Hash
888089b2ccb4b63166f882c2f2d1458f5ed4b2213921a33d0fdb824c0f5f3be8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://hzaa.989ghyqqk.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 05 Jul 2024 19:07:22 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
server
NgxFence
vary
Origin, Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://hzaa.989ghyqqk.vip
access-control-allow-credentials
true
favicon.ico
hzaa.989ghyqqk.vip/app/img/ 		17 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hzaa.989ghyqqk.vip/app/img/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
156.251.50.62 , Hong Kong, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence /
Resource Hash
cbc74764e99f93cf2ca2b3ebeae96c3e8ce3fe45b61fc397ea78a70c7ec2d268
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hzaa.989ghyqqk.vip/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 19:07:23 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
last-modified
Tue, 16 Apr 2024 12:46:29 GMT
server
NgxFence
etag
W/"661e7325-423e"
x-cache
SCARCE
content-type
image/x-icon

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery function| AppInstall string| kflink string| shareName object| data function| getSystemInfo

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload