app18.a.sz.w7.com Open in urlscan Pro
218.23.2.48 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app18.a.sz.w7.com/
Submission Tags: @phishunt_io
Submission: On October 08 via api (October 8th 2023, 1:33:44 pm UTC) from DE — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 10 HTTP transactions. The main IP is 218.23.2.48, located in China and belongs to CHINANET-BACKBONE No.31,Jin-rong Street, CN. The main domain is app18.a.sz.w7.com.
TLS certificate: Issued by R3 on October 8th 2023. Valid for: 3 months.

This is the only time app18.a.sz.w7.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	218.23.2.48 218.23.2.48	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1	2600:9000:249... 2600:9000:2491:6a00:1d:80d9:9400:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2

9 218.23.2.48 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

app18.a.sz.w7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:6a00:1d:80d9:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)

lib.baomitu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	w7.com app18.a.sz.w7.com	854 KB
1	baomitu.com lib.baomitu.com — Cisco Umbrella Rank: 204345	315 KB
10	2

	Domain	Requested by
9	app18.a.sz.w7.com	app18.a.sz.w7.com
1	lib.baomitu.com	app18.a.sz.w7.com
10	2

This site contains no links.

Subject Issuer	Validity	Valid
app18.a.sz.w7.com R3	`2023-10-08` - `2024-01-06`	3 months	crt.sh
*.baomitu.com WoTrus DV Server CA [Run by the Issuer]	`2023-04-20` - `2024-04-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://app18.a.sz.w7.com/
Frame ID: 3F5D5DBE457F7E4AF18FD2D7FED6782F
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page Statistics

10
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1169 kB
Transfer

1167 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response app18.a.sz.w7.com/	3 KB 3 KB	2117ms 182ms	Document text/html	218.23.2.48 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://app18.a.sz.w7.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 218.23.2.48 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software nginx / Resource Hash `b4a0134d409d0c732fce728563722a81e08569364c6e8fc1594bc356af05906d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-length 3038 content-type text/html date Sun, 08 Oct 2023 13:33:37 GMT etag "65226049-bde" last-modified Sun, 08 Oct 2023 07:54:49 GMT server nginx
GET H2	200	polyfills-28f0f81c.js Show response app18.a.sz.w7.com/assets/	110 KB 111 KB	183ms 182ms	Script application/javascript	218.23.2.48 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://app18.a.sz.w7.com/assets/polyfills-28f0f81c.js Requested by Host: app18.a.sz.w7.com URL: https://app18.a.sz.w7.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 218.23.2.48 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software nginx / Resource Hash `993f01eb79eb6a03722f8e9d1a62aba318299893d96a65f04ebf8446327dc61c` Request headers Referer https://app18.a.sz.w7.com/ Origin https://app18.a.sz.w7.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:33:38 GMT last-modified Sun, 08 Oct 2023 07:54:49 GMT server nginx accept-ranges bytes etag "65226049-1b9f4" content-length 113140 content-type application/javascript
GET H2	200	DPlayer.min.js Show response app18.a.sz.w7.com/js/	164 KB 164 KB	548ms 547ms	Script application/javascript	218.23.2.48 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://app18.a.sz.w7.com/js/DPlayer.min.js Requested by Host: app18.a.sz.w7.com URL: https://app18.a.sz.w7.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 218.23.2.48 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software nginx / Resource Hash `573485477e812d0c4531e49c32cebd03d00802fa41f58ecca897d3a89a226d07` Request headers accept-language de-DE,de;q=0.9 Referer https://app18.a.sz.w7.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:33:38 GMT last-modified Sun, 08 Oct 2023 07:54:49 GMT server nginx accept-ranges bytes etag "65226049-28e51" content-length 167505 content-type application/javascript
GET H2	200	index-1c6b2791.js Show response app18.a.sz.w7.com/assets/	404 KB 404 KB	366ms 365ms	Script application/javascript	218.23.2.48 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://app18.a.sz.w7.com/assets/index-1c6b2791.js Requested by Host: app18.a.sz.w7.com URL: https://app18.a.sz.w7.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 218.23.2.48 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software nginx / Resource Hash `83a98b926a0e14d60facbf56b62681916247f2b0a8496ff7dd0ac043415b8466` Request headers Referer https://app18.a.sz.w7.com/ Origin https://app18.a.sz.w7.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:33:38 GMT last-modified Sun, 08 Oct 2023 07:54:49 GMT server nginx accept-ranges bytes etag "65226049-65002" content-length 413698 content-type application/javascript
GET H2	200	index-4af8ad64.css app18.a.sz.w7.com/assets/	17 KB 17 KB	550ms 550ms	Stylesheet text/css	218.23.2.48 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://app18.a.sz.w7.com/assets/index-4af8ad64.css Requested by Host: app18.a.sz.w7.com URL: https://app18.a.sz.w7.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 218.23.2.48 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software nginx / Resource Hash `4af8ad646cac5945713227453d88d2630b7bebc8c00289ec1d5150474eb519eb` Request headers accept-language de-DE,de;q=0.9 Referer https://app18.a.sz.w7.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:33:38 GMT last-modified Sun, 08 Oct 2023 07:54:49 GMT server nginx accept-ranges bytes etag "65226049-44bf" content-length 17599 content-type text/css
GET H2	200	hls.min.js Show response lib.baomitu.com/hls.js/1.1.4/	315 KB 315 KB	878ms 9ms	Script application/javascript	2600:9000:2491:6a00:1d:80d9:9400:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lib.baomitu.com/hls.js/1.1.4/hls.min.js Requested by Host: app18.a.sz.w7.com URL: https://app18.a.sz.w7.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:6a00:1d:80d9:9400:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash `0b5586b0ac2286b9035ecc3a5ce1a20decc964fdabf498f73e4494408788dee5` Request headers Referer https://app18.a.sz.w7.com/ Origin https://app18.a.sz.w7.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 31 May 2023 14:04:48 GMT via 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront) kcs-via MISS from w-fc01.lato;MISS from w-sc09.zzzc x-qstatic-hit 1 x-amz-cf-pop FRA56-P7 age 11230130 x-cache Hit from cloudfront content-length 322233 last-modified Mon, 01 Jan 2018 00:00:00 GMT etag W/"5e55a0dcc9a7b3d3" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, immutable accept-ranges bytes x-amz-cf-id wWRcb9dTQSlFApWzKgTvXLbOYfO1-NU25dcj2N_z_kaFE39FWQo80A== expires Sat, 28 May 2033 14:04:48 GMT
GET H2	200	config Show response app18.a.sz.w7.com/api/v1/system/	353 B 558 B	197ms 197ms	XHR application/json	218.23.2.48 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://app18.a.sz.w7.com/api/v1/system/config Requested by Host: app18.a.sz.w7.com URL: https://app18.a.sz.w7.com/assets/index-1c6b2791.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 218.23.2.48 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software nginx / Resource Hash `16ad377722c00b1ac66674551865dbf69ec8a4570630a1c17f316686ae110bc7` Request headers Accept application/json Referer https://app18.a.sz.w7.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:33:39 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json access-control-allow-origin * x-ratelimit-remaining 359 x-ratelimit-limit 360 access-control-allow-headers *
GET H2	200	iconfont-fb805977.woff2 app18.a.sz.w7.com/assets/	6 KB 6 KB	183ms 183ms	Font font/woff2	218.23.2.48 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://app18.a.sz.w7.com/assets/iconfont-fb805977.woff2?t=1688110248865 Requested by Host: app18.a.sz.w7.com URL: https://app18.a.sz.w7.com/assets/index-4af8ad64.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 218.23.2.48 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software nginx / Resource Hash `fb805977362a5e9b7b76080ab14458777be2e31658adbe640f77f4f128feecc0` Request headers Referer https://app18.a.sz.w7.com/assets/index-4af8ad64.css Origin https://app18.a.sz.w7.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:33:39 GMT last-modified Sun, 08 Oct 2023 07:54:49 GMT server nginx accept-ranges bytes etag "65226049-17f4" content-length 6132 content-type font/woff2
GET H2	200	banner-59dace5a.png app18.a.sz.w7.com/assets/	35 KB 35 KB	182ms 182ms	Image image/png	218.23.2.48 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL https://app18.a.sz.w7.com/assets/banner-59dace5a.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 218.23.2.48 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software nginx / Resource Hash `59dace5a19280b17ec958fccc35ea3c1046d9f1939ee66180452b8e05d6f8e26` Request headers accept-language de-DE,de;q=0.9 Referer https://app18.a.sz.w7.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:33:39 GMT last-modified Sun, 08 Oct 2023 07:54:49 GMT server nginx accept-ranges bytes etag "65226049-8daa" content-length 36266 content-type image/png
GET H2	200	bg-232b3e1a.png app18.a.sz.w7.com/assets/	113 KB 113 KB	185ms 185ms	Image image/png	218.23.2.48 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL https://app18.a.sz.w7.com/assets/bg-232b3e1a.png Requested by Host: app18.a.sz.w7.com URL: https://app18.a.sz.w7.com/assets/index-4af8ad64.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 218.23.2.48 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software nginx / Resource Hash `232b3e1a9ef6ae2d6e227e62b9a6eada76b553f024d04f93ad278805174ee4e5` Request headers accept-language de-DE,de;q=0.9 Referer https://app18.a.sz.w7.com/assets/index-4af8ad64.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:33:39 GMT last-modified Sun, 08 Oct 2023 07:54:49 GMT server nginx accept-ranges bytes etag "65226049-1c2f6" content-length 115446 content-type image/png

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app18.a.sz.w7.com
lib.baomitu.com
218.23.2.48
2600:9000:2491:6a00:1d:80d9:9400:93a1
0b5586b0ac2286b9035ecc3a5ce1a20decc964fdabf498f73e4494408788dee5
16ad377722c00b1ac66674551865dbf69ec8a4570630a1c17f316686ae110bc7
232b3e1a9ef6ae2d6e227e62b9a6eada76b553f024d04f93ad278805174ee4e5
4af8ad646cac5945713227453d88d2630b7bebc8c00289ec1d5150474eb519eb
573485477e812d0c4531e49c32cebd03d00802fa41f58ecca897d3a89a226d07
59dace5a19280b17ec958fccc35ea3c1046d9f1939ee66180452b8e05d6f8e26
83a98b926a0e14d60facbf56b62681916247f2b0a8496ff7dd0ac043415b8466
993f01eb79eb6a03722f8e9d1a62aba318299893d96a65f04ebf8446327dc61c
b4a0134d409d0c732fce728563722a81e08569364c6e8fc1594bc356af05906d
fb805977362a5e9b7b76080ab14458777be2e31658adbe640f77f4f128feecc0

app18.a.sz.w7.com Open in urlscan Pro 218.23.2.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

1169 kBTransfer

1167 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

Indicators

app18.a.sz.w7.com Open in urlscan Pro
218.23.2.48 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1169 kB
Transfer

1167 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions