ticket.gzmf1.cn Open in urlscan Pro
58.216.118.224 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ticket.gzmf1.cn/
Submission: On August 10 via automatic, source certstream-suspicious (August 10th 2022, 3:18:27 pm UTC) — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 10 HTTP transactions. The main IP is 58.216.118.224, located in China and belongs to CHINANET-BACKBONE No.31,Jin-rong Street, CN. The main domain is ticket.gzmf1.cn.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on August 10th 2022. Valid for: a year.

This is the only time ticket.gzmf1.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	58.216.118.224 58.216.118.224	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
4	47.93.95.208 47.93.95.208	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
10	3

5 58.216.118.224 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

ticket.gzmf1.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 47.93.95.208 (Beijing, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

api.bspapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	gzmf1.cn ticket.gzmf1.cn	276 KB
4	bspapp.com api.bspapp.com	893 B
0	dcloud.net.cn Failed cdn.dcloud.net.cn Failed
10	3

	Domain	Requested by
5	ticket.gzmf1.cn	ticket.gzmf1.cn
4	api.bspapp.com	ticket.gzmf1.cn
0	cdn.dcloud.net.cn Failed	ticket.gzmf1.cn
10	3

This site contains no links.

Subject Issuer	Validity	Valid
ticket.gzmf1.cn Encryption Everywhere DV TLS CA - G1	`2022-08-10` - `2023-08-11`	a year	crt.sh
*.bspapp.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-11-03` - `2022-12-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ticket.gzmf1.cn/
Frame ID: E55F6C98D73E98DAAFA277D22F0301E4
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

领取补漆券

Page Statistics

10
Requests

90 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

277 kB
Transfer

889 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response ticket.gzmf1.cn/	792 B 2 KB	1545ms 264ms	Document text/html	58.216.118.224 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://ticket.gzmf1.cn/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 58.216.118.224 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Tengine / Resource Hash `9cee85101728c194f95786cd9e1bbf82d29b60f771b07c4a44f509043974a484` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Age 113 Ali-Swift-Global-Savetime 1660144588 Connection keep-alive Content-Length 792 Content-MD5 vvEgAvRdQ0BO3Gchz15hEw== Content-Type text/html Date Wed, 10 Aug 2022 15:16:28 GMT ETag "BEF12002F45D43404EDC6721CF5E6113" EagleId 3ad8769816601447016698104e Last-Modified Tue, 27 Jul 2021 02:39:58 GMT Server Tengine Timing-Allow-Origin * Via cache79.l2cn3036[326,325,304-0,M], cache29.l2cn3036[327,0], kunlun8.cn1310[0,0,200-0,H], kunlun4.cn1310[3,0] X-Cache HIT TCP_MEM_HIT dirn:7:409588363 X-Swift-CacheTime 3600 X-Swift-SaveTime Wed, 10 Aug 2022 15:16:28 GMT x-oss-cdn-auth success x-oss-hash-crc64ecma 9395734151748468191 x-oss-object-type Normal x-oss-request-id 62F3CBCC343AF632354A95C5 x-oss-server-time 5 x-oss-storage-class Standard
GET H/1.1	200 OK	index.d0f128df.css ticket.gzmf1.cn/static/	93 KB 27 KB	564ms 563ms	Stylesheet text/css	58.216.118.224 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://ticket.gzmf1.cn/static/index.d0f128df.css Requested by Host: ticket.gzmf1.cn URL: https://ticket.gzmf1.cn/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 58.216.118.224 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Tengine / Resource Hash `bb056223c2b9f08edd3a9a9ce177047fd16a31839c6c5e7e642ddb2171e4e9f2` Request headers accept-language de-DE,de;q=0.9 Referer https://ticket.gzmf1.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Wed, 10 Aug 2022 15:18:22 GMT Via cache75.l2cn3036[252,252,200-0,M], cache12.l2cn3036[254,0], kunlun9.cn1310[301,301,200-0,M], kunlun4.cn1310[302,0] x-oss-request-id 62F3CC3E343AF63339A74EC6 Content-MD5 etVgWvxtt6+RMK/e675zFQ== Age 0 Transfer-Encoding chunked X-Cache MISS TCP_MISS dirn:-2:-2 x-oss-cdn-auth success X-Swift-CacheTime 3600 Connection keep-alive Content-Encoding gzip x-oss-object-type Normal Last-Modified Tue, 27 Jul 2021 02:40:00 GMT Server Tengine ETag W/"7AD5605AFC6DB7AF9130AFDEEBBE7315" Vary Accept-Encoding, Accept-Encoding Ali-Swift-Global-Savetime 1660144702 Content-Type text/css x-oss-storage-class Standard Timing-Allow-Origin * x-oss-hash-crc64ecma 8325200146916696720 EagleId 3ad8769816601447019378292e x-oss-server-time 6 X-Swift-SaveTime Wed, 10 Aug 2022 15:18:22 GMT
GET H/1.1	200 OK	chunk-vendors.66e9b73c.js Show response ticket.gzmf1.cn/static/js/	658 KB 205 KB	779ms 481ms	Script application/javascript	58.216.118.224 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://ticket.gzmf1.cn/static/js/chunk-vendors.66e9b73c.js Requested by Host: ticket.gzmf1.cn URL: https://ticket.gzmf1.cn/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 58.216.118.224 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Tengine / Resource Hash `2608fba8575ca9782758c0c44272bd65ea09778cac187101e30f2fdb98fcaa5c` Request headers accept-language de-DE,de;q=0.9 Referer https://ticket.gzmf1.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Wed, 10 Aug 2022 15:18:22 GMT Via cache6.l2cn3036[207,206,200-0,M], cache32.l2cn3036[208,0], kunlun2.cn1310[217,217,200-0,M], kunlun8.cn1310[221,0] x-oss-request-id 62F3CC3EC3FE1E3837087EFA Content-MD5 iPYDfmUD3fvpyOXDBa6+4A== Age 0 Transfer-Encoding chunked X-Cache MISS TCP_MISS dirn:-2:-2 x-oss-cdn-auth success X-Swift-CacheTime 3600 Connection keep-alive Content-Encoding gzip x-oss-object-type Normal Last-Modified Tue, 27 Jul 2021 02:40:03 GMT Server Tengine ETag W/"88F6037E6503DDFBE9C8E5C305AEBEE0" Vary Accept-Encoding, Accept-Encoding Ali-Swift-Global-Savetime 1660144702 Content-Type application/javascript x-oss-storage-class Standard Timing-Allow-Origin * x-oss-hash-crc64ecma 4528271713168014544 EagleId 3ad8769c16601447022382198e x-oss-server-time 10 X-Swift-SaveTime Wed, 10 Aug 2022 15:18:22 GMT
GET H/1.1	200 OK	index.3b30812a.js Show response ticket.gzmf1.cn/static/js/	7 KB 4 KB	1046ms 511ms	Script application/javascript	58.216.118.224 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://ticket.gzmf1.cn/static/js/index.3b30812a.js Requested by Host: ticket.gzmf1.cn URL: https://ticket.gzmf1.cn/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 58.216.118.224 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Tengine / Resource Hash `41314e15749c136ae64016a73814d771cfaa98b9f4f3a268ac083bb610c5b240` Request headers accept-language de-DE,de;q=0.9 Referer https://ticket.gzmf1.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Wed, 10 Aug 2022 15:18:22 GMT Via cache33.l2cn3036[231,231,200-0,M], cache78.l2cn3036[233,0], kunlun1.cn1310[242,242,200-0,M], kunlun8.cn1310[244,0] x-oss-request-id 62F3CC3EF45D063532309147 Content-MD5 vnMlxh6fCxAZaK+bgVBi3w== Age 0 Transfer-Encoding chunked X-Cache MISS TCP_MISS dirn:-2:-2 x-oss-cdn-auth success X-Swift-CacheTime 3600 Connection keep-alive Content-Encoding gzip x-oss-object-type Normal Last-Modified Tue, 27 Jul 2021 02:40:02 GMT Server Tengine ETag W/"BE7325C61E9F0B101968AF9B815062DF" Vary Accept-Encoding, Accept-Encoding Ali-Swift-Global-Savetime 1660144702 Content-Type application/javascript x-oss-storage-class Standard Timing-Allow-Origin * x-oss-hash-crc64ecma 11358635778460186661 EagleId 3ad8769c16601447024792351e x-oss-server-time 3 X-Swift-SaveTime Wed, 10 Aug 2022 15:18:22 GMT
GET H/1.1	200 OK	pages-index-index.def91161.js Show response ticket.gzmf1.cn/static/js/	128 KB 38 KB	513ms 512ms	Script application/javascript	58.216.118.224 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://ticket.gzmf1.cn/static/js/pages-index-index.def91161.js Requested by Host: ticket.gzmf1.cn URL: https://ticket.gzmf1.cn/static/js/index.3b30812a.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 58.216.118.224 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Tengine / Resource Hash `813f656fb0aed11aca6d21492a959b0c0898cde8fed8ca8d7e69d8953f253513` Request headers accept-language de-DE,de;q=0.9 Referer https://ticket.gzmf1.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Wed, 10 Aug 2022 15:18:23 GMT Via cache70.l2cn3036[244,244,200-0,M], cache21.l2cn3036[246,0], kunlun9.cn1310[253,253,200-0,M], kunlun8.cn1310[255,0] x-oss-request-id 62F3CC3FF689FE32310BC05C Content-MD5 GAU8KXOW6N9L57wGFMTqdA== Age 0 Transfer-Encoding chunked X-Cache MISS TCP_MISS dirn:-2:-2 x-oss-cdn-auth success X-Swift-CacheTime 3600 Connection keep-alive Content-Encoding gzip x-oss-object-type Normal Last-Modified Tue, 27 Jul 2021 02:40:04 GMT Server Tengine ETag W/"18053C297396E8DF4BE7BC0614C4EA74" Vary Accept-Encoding, Accept-Encoding Ali-Swift-Global-Savetime 1660144703 Content-Type application/javascript x-oss-storage-class Standard Timing-Allow-Origin * x-oss-hash-crc64ecma 13972904030930707524 EagleId 3ad8769c16601447036683240e x-oss-server-time 3 X-Swift-SaveTime Wed, 10 Aug 2022 15:18:23 GMT
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/svg+xml
POST H2	200	client Show response api.bspapp.com/	100 B 434 B	264ms 262ms	XHR text/plain	47.93.95.208 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://api.bspapp.com/client Requested by Host: ticket.gzmf1.cn URL: https://ticket.gzmf1.cn/static/js/chunk-vendors.66e9b73c.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.93.95.208 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software / Resource Hash `dead7efc38edc6ad5579cfb9427a0e38bd5255ed7f38e757dd08d2f42465b04a` Request headers accept-language de-DE,de;q=0.9 Referer https://ticket.gzmf1.cn/ x-serverless-sign e39851d26ce6f10a58497e79c79e3055 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type application/json Response headers date Wed, 10 Aug 2022 15:18:25 GMT access-control-allow-methods GET,HEAD,PUT,POST,DELETE,PATCH,OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin https://ticket.gzmf1.cn access-control-allow-credentials true request-id ac1403841660144705161198991 access-control-allow-headers content-length 100
OPTIONS H2	200	client api.bspapp.com/	0 0	881ms 257ms	Preflight	47.93.95.208 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://api.bspapp.com/client Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.93.95.208 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type,x-serverless-sign Access-Control-Request-Method POST Origin https://ticket.gzmf1.cn Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-serverless-sign access-control-allow-methods GET,HEAD,PUT,POST,DELETE,PATCH,OPTIONS access-control-allow-origin https://ticket.gzmf1.cn allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH content-length 0 date Wed, 10 Aug 2022 15:18:24 GMT
POST H2	200	client Show response api.bspapp.com/	126 B 459 B	521ms 521ms	XHR text/plain	47.93.95.208 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://api.bspapp.com/client Requested by Host: ticket.gzmf1.cn URL: https://ticket.gzmf1.cn/static/js/chunk-vendors.66e9b73c.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.93.95.208 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software / Resource Hash `7742113f0c1cb52e88f30c63162700a499a336d7512407068064e74dbdd14895` Request headers Referer https://ticket.gzmf1.cn/ x-basement-token e0ad00f2-bebb-4a6f-82f2-ac425e1a8390 x-serverless-sign bf211fbd56f93dfbe78d8d0237671593 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type application/json Response headers date Wed, 10 Aug 2022 15:18:25 GMT access-control-allow-methods GET,HEAD,PUT,POST,DELETE,PATCH,OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin https://ticket.gzmf1.cn access-control-allow-credentials true request-id ac1401081660144705712186542 access-control-allow-headers content-length 126
OPTIONS H2	200	client api.bspapp.com/	0 0	276ms 276ms	Preflight	47.93.95.208 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://api.bspapp.com/client Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.93.95.208 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type,x-basement-token,x-serverless-sign Access-Control-Request-Method POST Origin https://ticket.gzmf1.cn Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-basement-token,x-serverless-sign access-control-allow-methods GET,HEAD,PUT,POST,DELETE,PATCH,OPTIONS access-control-allow-origin https://ticket.gzmf1.cn allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH content-length 0 date Wed, 10 Aug 2022 15:18:25 GMT
GET		shadow-grey.png cdn.dcloud.net.cn/img/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.dcloud.net.cn
URL: https://cdn.dcloud.net.cn/img/shadow-grey.png

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.bspapp.com
cdn.dcloud.net.cn
ticket.gzmf1.cn
cdn.dcloud.net.cn
47.93.95.208
58.216.118.224
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3
2608fba8575ca9782758c0c44272bd65ea09778cac187101e30f2fdb98fcaa5c
41314e15749c136ae64016a73814d771cfaa98b9f4f3a268ac083bb610c5b240
7742113f0c1cb52e88f30c63162700a499a336d7512407068064e74dbdd14895
813f656fb0aed11aca6d21492a959b0c0898cde8fed8ca8d7e69d8953f253513
9cee85101728c194f95786cd9e1bbf82d29b60f771b07c4a44f509043974a484
bb056223c2b9f08edd3a9a9ce177047fd16a31839c6c5e7e642ddb2171e4e9f2
dead7efc38edc6ad5579cfb9427a0e38bd5255ed7f38e757dd08d2f42465b04a

ticket.gzmf1.cn Open in urlscan Pro 58.216.118.224 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

90 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

277 kBTransfer

889 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

0 Cookies

Indicators

ticket.gzmf1.cn Open in urlscan Pro
58.216.118.224 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

90 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

277 kB
Transfer

889 kB
Size

0
Cookies

10 HTTP transactions
1 data transactions