Submitted URL: http://zlz.fsgplus.com/
Effective URL: https://zlz.efesco.com/benefit/tickies/nyhome.jsp
Submission Tags: falconsandbox
Submission: On February 25 via api from US — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 122.144.215.112, located in China and belongs to STN-CN shanghai science and technology network communication limited company, CN. The main domain is zlz.efesco.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on June 2nd 2021. Valid for: a year.
This is the only time zlz.efesco.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 122.144.215.114 17775 (STN-CN sh...)
1 9 122.144.215.112 17775 (STN-CN sh...)
8 1
Apex Domain
Subdomains
Transfer
9 efesco.com
zlz.efesco.com
mix.efesco.com
193 KB
1 fsgplus.com
zlz.fsgplus.com
191 B
8 2
Domain Requested by
7 zlz.efesco.com 1 redirects zlz.efesco.com
2 mix.efesco.com zlz.efesco.com
1 zlz.fsgplus.com 1 redirects
8 3

This site contains no links.

Subject Issuer Validity Valid
*.efesco.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-06-02 -
2022-07-03
a year crt.sh

This page contains 1 frames:

Primary Page: https://zlz.efesco.com/benefit/tickies/nyhome.jsp
Frame ID: CB88BCAF3DF9F97B69A94CFA4576B828
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

真情好礼站

Page URL History Show full URLs

  1. http://zlz.fsgplus.com/ HTTP 301
    https://zlz.efesco.com/ HTTP 302
    https://zlz.efesco.com/benefit/tickies/nyhome.jsp Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

1
IPs

1
Countries

193 kB
Transfer

203 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://zlz.fsgplus.com/ HTTP 301
    https://zlz.efesco.com/ HTTP 302
    https://zlz.efesco.com/benefit/tickies/nyhome.jsp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request nyhome.jsp
zlz.efesco.com/benefit/tickies/
Redirect Chain
  • http://zlz.fsgplus.com/
  • https://zlz.efesco.com/
  • https://zlz.efesco.com/benefit/tickies/nyhome.jsp
13 KB
5 KB
Document
General
Full URL
https://zlz.efesco.com/benefit/tickies/nyhome.jsp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
122.144.215.112 , China, ASN17775 (STN-CN shanghai science and technology network communication limited company, CN),
Reverse DNS
Software
nginx /
Resource Hash
7e7825b7b1a410e0b7eaf906ac24898c9c0f9a27bff76ce7dbaff74edbc54545
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Fri, 25 Feb 2022 14:17:29 GMT
Content-Type
text/html; charset=gbk
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Pragma
No-cache
Cache-Control
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-XSS-Protection
1; mode=block
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 25 Feb 2022 14:17:29 GMT
Content-Type
text/html
Content-Length
154
Connection
keep-alive
Location
https://zlz.efesco.com/benefit/tickies/nyhome.jsp
X-XSS-Protection
1; mode=block
jquery.js
zlz.efesco.com/act/invest/
85 KB
85 KB
Script
General
Full URL
https://zlz.efesco.com/act/invest/jquery.js
Requested by
Host: zlz.efesco.com
URL: https://zlz.efesco.com/benefit/tickies/nyhome.jsp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
122.144.215.112 , China, ASN17775 (STN-CN shanghai science and technology network communication limited company, CN),
Reverse DNS
Software
nginx /
Resource Hash
00c1a9d934056c423f4a2b02cf1bff130c63666743373064d21244862cd5222f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zlz.efesco.com/benefit/tickies/nyhome.jsp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 14:17:29 GMT
Last-Modified
Mon, 03 Sep 2012 07:38:51 GMT
Server
nginx
ETag
"206288-152ec-4c8c73b9c78c0"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
86764
X-XSS-Protection
1; mode=block
css1.css
zlz.efesco.com/benefit/tickies/
7 KB
3 KB
Stylesheet
General
Full URL
https://zlz.efesco.com/benefit/tickies/css1.css
Requested by
Host: zlz.efesco.com
URL: https://zlz.efesco.com/benefit/tickies/nyhome.jsp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
122.144.215.112 , China, ASN17775 (STN-CN shanghai science and technology network communication limited company, CN),
Reverse DNS
Software
nginx /
Resource Hash
5c3f5418f364037157a0535f97e71767cd8f53fc74c9ef0a1a9b3634b5d6ff87
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zlz.efesco.com/benefit/tickies/nyhome.jsp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 14:17:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Sep 2021 05:58:20 GMT
Server
nginx
ETag
W/"2c01cc-1dc1-5cafcdeacf700"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
safeimage
zlz.efesco.com/servlet/
1 KB
1 KB
Image
General
Full URL
https://zlz.efesco.com/servlet/safeimage?r=53333087
Requested by
Host: zlz.efesco.com
URL: https://zlz.efesco.com/benefit/tickies/nyhome.jsp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
122.144.215.112 , China, ASN17775 (STN-CN shanghai science and technology network communication limited company, CN),
Reverse DNS
Software
nginx /
Resource Hash
285a6eaa96237391fecce74f3d0c63657bf605490431ceeff6f58f8bb67d046b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zlz.efesco.com/benefit/tickies/nyhome.jsp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
No-cache
Date
Fri, 25 Feb 2022 14:17:30 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/jpeg
Cache-Control
no-cache
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bg.gif
zlz.efesco.com/benefit/tickies/images/
3 KB
3 KB
Image
General
Full URL
https://zlz.efesco.com/benefit/tickies/images/bg.gif
Requested by
Host: zlz.efesco.com
URL: https://zlz.efesco.com/benefit/tickies/css1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
122.144.215.112 , China, ASN17775 (STN-CN shanghai science and technology network communication limited company, CN),
Reverse DNS
Software
nginx /
Resource Hash
3070a759ab52b81b9b151e229eb1417d67ce350c141164fbc75155c079894840
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zlz.efesco.com/benefit/tickies/css1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 14:17:30 GMT
Last-Modified
Wed, 06 Jun 2012 08:32:17 GMT
Server
nginx
ETag
"223733-aa8-4c1c99ad3c640"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2728
X-XSS-Protection
1; mode=block
index_bgall.jpg
zlz.efesco.com/benefit/tickies/images/
93 KB
94 KB
Image
General
Full URL
https://zlz.efesco.com/benefit/tickies/images/index_bgall.jpg
Requested by
Host: zlz.efesco.com
URL: https://zlz.efesco.com/benefit/tickies/css1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
122.144.215.112 , China, ASN17775 (STN-CN shanghai science and technology network communication limited company, CN),
Reverse DNS
Software
nginx /
Resource Hash
48f5bd00462a6e4ea7eb96da73efd57f15cc21c6f8ce50d3e0fe6393d40c52ac
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zlz.efesco.com/benefit/tickies/css1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 14:17:30 GMT
Last-Modified
Fri, 19 Aug 2016 03:25:25 GMT
Server
nginx
ETag
"223735-1759c-53a643fceb774"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95644
X-XSS-Protection
1; mode=block
dialog-bg.png
mix.efesco.com/event/benefit/index/images/
149 B
423 B
Image
General
Full URL
https://mix.efesco.com/event/benefit/index/images/dialog-bg.png
Requested by
Host: zlz.efesco.com
URL: https://zlz.efesco.com/benefit/tickies/css1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
122.144.215.112 , China, ASN17775 (STN-CN shanghai science and technology network communication limited company, CN),
Reverse DNS
Software
nginx /
Resource Hash
2317955c5769922680db7bc3399144778f395c9760d1c9984abb033a1098a4a2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zlz.efesco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 14:17:32 GMT
Last-Modified
Tue, 03 Feb 2015 01:24:10 GMT
Server
nginx
ETag
"c1b13-95-50e24ed83c280"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
149
X-XSS-Protection
1; mode=block
msg-close.png
mix.efesco.com/event/benefit/index/images/
1 KB
1 KB
Image
General
Full URL
https://mix.efesco.com/event/benefit/index/images/msg-close.png
Requested by
Host: zlz.efesco.com
URL: https://zlz.efesco.com/benefit/tickies/css1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
122.144.215.112 , China, ASN17775 (STN-CN shanghai science and technology network communication limited company, CN),
Reverse DNS
Software
nginx /
Resource Hash
9240129185b1560d10524365060195b2b725f176a21994971add80e07589a777
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zlz.efesco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 14:17:32 GMT
Last-Modified
Tue, 03 Feb 2015 02:03:52 GMT
Server
nginx
ETag
"c1b14-4d2-50e257b7e3200"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1234
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone function| jQuery function| $ string| passwordPrt function| doSubmit function| changeLoginType function| checkQno function| selectProjct number| pp function| change

3 Cookies

Domain/Path Name / Value
.efesco.com/ Name: language
Value: 0b71e715df2985b110431ca96901a55c
.efesco.com/ Name: style
Value: 49685f06fd4bb3244cae94e02a4583ad
zlz.efesco.com/ Name: JSESSIONID
Value: abcDfgi9WuX1J5m0MpX8x

2 Console Messages

Source Level URL
Text
security warning URL: https://zlz.efesco.com/benefit/tickies/nyhome.jsp
Message:
Mixed Content: The page at 'https://zlz.efesco.com/benefit/tickies/nyhome.jsp' was loaded over HTTPS, but requested an insecure element 'http://mix.efesco.com/event/benefit/index/images/dialog-bg.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://zlz.efesco.com/benefit/tickies/nyhome.jsp
Message:
Mixed Content: The page at 'https://zlz.efesco.com/benefit/tickies/nyhome.jsp' was loaded over HTTPS, but requested an insecure element 'http://mix.efesco.com/event/benefit/index/images/msg-close.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 1; mode=block