www.demizhe.com
Open in
urlscan Pro
122.246.20.164
Public Scan
Effective URL: https://www.demizhe.com/mi/nl63.com/
Submission Tags: threatshare
Submission: On April 26 via api from US
Summary
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on October 6th 2019. Valid for: a year.
This is the only time www.demizhe.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 124.156.141.134 124.156.141.134 | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
1 10 | 122.246.20.164 122.246.20.164 | 136188 (CHINATELE...) (CHINATELECOM-ZHEJIANG-NINGBO-IDC NINGBO) | |
1 | 221.230.141.229 221.230.141.229 | 4134 (CHINANET-...) (CHINANET-BACKBONE No.31) | |
1 | 183.131.207.66 183.131.207.66 | 136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA) | |
13 | 4 |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
nl63.com |
ASN136188 (CHINATELECOM-ZHEJIANG-NINGBO-IDC NINGBO, ZHEJIANG Province, P.R.China., CN)
www.demizhe.com |
ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)
ia.51.la |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
demizhe.com
1 redirects
www.demizhe.com |
66 KB |
2 |
51.la
js.users.51.la ia.51.la |
3 KB |
2 |
nl63.com
nl63.com |
2 KB |
13 | 3 |
Domain | Requested by | |
---|---|---|
10 | www.demizhe.com |
1 redirects
nl63.com
www.demizhe.com |
2 | nl63.com |
nl63.com
|
1 | ia.51.la |
www.demizhe.com
|
1 | js.users.51.la |
www.demizhe.com
|
13 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
wpa.qq.com |
www.aliyun.com |
whois.aliyun.com |
www.benmi.com |
www.baidu.com |
www.so.com |
www.beian.miit.gov.cn |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.demizhe.com Encryption Everywhere DV TLS CA - G1 |
2019-10-06 - 2020-10-05 |
a year | crt.sh |
*.users.51.la GlobalSign Domain Validation CA - SHA256 - G2 |
2018-01-15 - 2021-03-19 |
3 years | crt.sh |
*.51.la GlobalSign Domain Validation CA - SHA256 - G2 |
2018-01-15 - 2021-04-15 |
3 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.demizhe.com/mi/nl63.com/
Frame ID: 0D0CA8CDE96F9FCF9525CDAA39539948
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://nl63.com/dertyui989/jertyu/89/PvqDq929BSx_A_D_M1n_a.php Page URL
- http://nl63.com/index.html Page URL
-
http://www.demizhe.com/mi/nl63.com/
HTTP 301
https://www.demizhe.com/mi/nl63.com/ Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Windows Server (Operating Systems) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: 已知晓,点此直接联系QQ-对话
Search URL Search Domain Scan URL
Title: 云优惠券
Search URL Search Domain Scan URL
Title: WHOIS信息查看
Search URL Search Domain Scan URL
Title: 域名历史查询
Search URL Search Domain Scan URL
Title: 百度搜索
Search URL Search Domain Scan URL
Title: 360搜索
Search URL Search Domain Scan URL
Title: 鲁ICP备15007995号-2
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://nl63.com/dertyui989/jertyu/89/PvqDq929BSx_A_D_M1n_a.php Page URL
- http://nl63.com/index.html Page URL
-
http://www.demizhe.com/mi/nl63.com/
HTTP 301
https://www.demizhe.com/mi/nl63.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
PvqDq929BSx_A_D_M1n_a.php
nl63.com/dertyui989/jertyu/89/ |
253 B 622 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.html
nl63.com/ |
907 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
www.demizhe.com/mi/nl63.com/ Redirect Chain
|
9 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v.css
www.demizhe.com/js/img/ |
22 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j.js
www.demizhe.com/js/ |
7 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qq.gif
www.demizhe.com/js/img/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
www.demizhe.com/js/img/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qq.png
www.demizhe.com/js/img/ |
685 B 920 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5.svg
www.demizhe.com/pic/v/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6.png
www.demizhe.com/pic/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
19176309.js
js.users.51.la/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajax.asp
www.demizhe.com/js/ |
3 B 181 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
go1
ia.51.la/ |
0 255 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
42 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate number| wcom number| wtype number| wtag number| wjia string| wkey number| wx1 number| nl function| $ function| views function| hides function| setc function| set function| myXMLHttp function| Ajax function| Ajaxpost function| ff function| xx function| hits function| fav function| fav1 function| fav2 function| delfav function| rea function| favx function| xso function| wshai function| z function| xl number| mx function| mot function| fd function| mcha function| fan function| vq function| hq function| px function| pc function| pc1 function| pc2 function| getw4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.demizhe.com/ | Name: __51laig__ Value: 1 |
|
www.demizhe.com/ | Name: __tins__19176309 Value: %7B%22sid%22%3A%201587935154708%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201587936954708%7D |
|
www.demizhe.com/ | Name: __51cke__ Value: |
|
www.demizhe.com/ | Name: ASPSESSIONIDCATQBSBT Value: OBAEJFKCHINKDIPNCKPJEEKL |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ia.51.la
js.users.51.la
nl63.com
www.demizhe.com
122.246.20.164
124.156.141.134
183.131.207.66
221.230.141.229
0a1f1256f9bac68e806442aa76455bb761af5414855efa23c1b3fd54477c0ba1
2a0058a5548455e06f30d1f36da22dde53e907ff99d2a3716075df15412ab348
3ac8982683adac83cf4f4c1696162b08648355a12cc8d827fde19e93e65bbdb2
47ce96ab37e81abcf6926d1d7e3efac8cdf658cb440d9806e0220d27b42aab54
52dbea22b0edbbfea60f90661fa0f7c2b2f0d2edaffe13bee5a8961c46fadcd1
55b6b1c59401a1f1472c049930a287b89d7ab5c50f8c71cba6e992f21c404b94
8ef810e4f5a5ecbc333e6cf8a166251987d7e05fc340c8ece6675f7128209967
cd49190d94dc97376915e1d783d0db5ebd8ebe0edf7071d6659d3b617b1d96bf
dded9bc4681282ca12cc46439b1da1312357f0ba0e44968736456310397bfee3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7dc7e5ddd734a4f2823231633c4de4742473e96ba0a97600305a722bca837d7