urlscan.io logo urlscan.io
SecurityTrails logo

goldplan.qyzl.top Open in urlscan Pro
110.41.21.211  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://goldplan.qyzl.top/
Effective URL: https://goldplan.qyzl.top/
Submission: On March 27 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 110.41.21.211, located in Guangzhou, China and belongs to HWCSNET Huawei Cloud Service data center, CN. The main domain is goldplan.qyzl.top.
TLS certificate: Issued by R3 on March 27th 2024. Valid for: 3 months.
This is the only time goldplan.qyzl.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 110.41.21.211 55990 (HWCSNET H...)
1 203.205.137.184 132203 (TENCENT-N...)
1 203.25.222.21 139220 (CHINANET-...)
6 3
Apex Domain
Subdomains		 Transfer
4 qyzl.top
goldplan.qyzl.top
40 KB
1 qyzl.vip
dsimg.qyzl.vip
3 KB
1 gtimg.com
wx.gtimg.com — Cisco Umbrella Rank: 43569
721 B
6 3
Domain Requested by
4 goldplan.qyzl.top goldplan.qyzl.top
1 dsimg.qyzl.vip goldplan.qyzl.top
1 wx.gtimg.com goldplan.qyzl.top
6 3

This site contains no links.

Subject Issuer Validity Valid
goldplan.qyzl.top
R3		 2024-03-27 -
2024-06-25		 3 months crt.sh
wx.gtimg.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-02-21 -
2025-03-24		 a year crt.sh
*.qyzl.vip
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2024-03-05 -
2025-03-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://goldplan.qyzl.top/
Frame ID: CB8D44ED985FF93E2175CC9699B68E61
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

支付完成

Page URL History Show full URLs

  1. http://goldplan.qyzl.top/ HTTP 307
    https://goldplan.qyzl.top/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

43 kB
Transfer

102 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://goldplan.qyzl.top/ HTTP 307
    https://goldplan.qyzl.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
goldplan.qyzl.top/
Redirect Chain
  • http://goldplan.qyzl.top/
  • https://goldplan.qyzl.top/
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://goldplan.qyzl.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
110.41.21.211 Guangzhou, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-110-41-21-211.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
99efc778c1f83d1c600d373f96cdd4821498b365214a4b865ffbfe15412a13c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 27 Mar 2024 12:22:34 GMT
etag
W/"66040956-12d1"
last-modified
Wed, 27 Mar 2024 11:56:06 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

Location
https://goldplan.qyzl.top/
Non-Authoritative-Reason
HttpsUpgrades
jgoldplan-1.0.0.js
wx.gtimg.com/pay_h5/goldplan/js/ 		868 B
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wx.gtimg.com/pay_h5/goldplan/js/jgoldplan-1.0.0.js
Requested by
Host: goldplan.qyzl.top
URL: https://goldplan.qyzl.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
203.205.137.184 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
a3e7a0f18cc1bd9a7e453f1c96cf605f4f4345cc8f678d2d3c3e1cc8b8e74ba2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://goldplan.qyzl.top/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 Nov 2023 13:33:05 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Mon, 16 Aug 2021 22:47:31 GMT
server
nginx
age
295
etag
"611aeb52-364"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-nws-log-uuid
14237597556268110446
accept-ranges
bytes
content-length
435
expires
Thu, 21 Nov 2024 13:33:05 GMT
jquery.min.js
goldplan.qyzl.top/js/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://goldplan.qyzl.top/js/jquery.min.js
Requested by
Host: goldplan.qyzl.top
URL: https://goldplan.qyzl.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
110.41.21.211 Guangzhou, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-110-41-21-211.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://goldplan.qyzl.top/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 12:22:34 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 27 Mar 2024 05:55:38 GMT
server
nginx
etag
W/"6603b4da-176da"
vary
Accept-Encoding
content-type
application/javascript
pay-success.png
dsimg.qyzl.vip/qyzl/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsimg.qyzl.vip:9000/qyzl/pay-success.png
Requested by
Host: goldplan.qyzl.top
URL: https://goldplan.qyzl.top/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.25.222.21 Guangzhou, China, ASN139220 (CHINANET-SICHUAN-CHUANXI-IDC Sichuan Chuanxn IDC, CN),
Reverse DNS
Software
MinIO /
Resource Hash
be41413d487f0e410a5dcb8d6e2f0cd45d0ba51af82a5f3e3441377c8b39a06d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://goldplan.qyzl.top/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
block-all-mixed-content
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Wed, 27 Mar 2024 12:22:35 GMT
Last-Modified
Wed, 27 Mar 2024 08:11:23 GMT
Server
MinIO
X-Amz-Request-Id
17C09E85B2DF7ED3
ETag
"428b0260bf1f57730a39a7f38e71b066"
Vary
Origin, Accept-Encoding
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2295
X-Xss-Protection
1; mode=block
getOrderInfoByWxOrderId
goldplan.qyzl.top/ticketapi/orderinfo/ 		44 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://goldplan.qyzl.top/ticketapi/orderinfo/getOrderInfoByWxOrderId?sub_mch_id=&out_trade_no=&check_code=
Requested by
Host: goldplan.qyzl.top
URL: https://goldplan.qyzl.top/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
110.41.21.211 Guangzhou, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-110-41-21-211.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
3971dcd2e9a08c18439574dcf0777cde92c33ad56a6a26f61e91704b96492a3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://goldplan.qyzl.top/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 27 Mar 2024 12:22:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
1; mode=block
expires
0
favicon.ico
goldplan.qyzl.top/ 		548 B
611 B 		Other
General
Check archive.org
Download Go to
Full URL
https://goldplan.qyzl.top/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
110.41.21.211 Guangzhou, China, ASN55990 (HWCSNET Huawei Cloud Service data center, CN),
Reverse DNS
ecs-110-41-21-211.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://goldplan.qyzl.top/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 12:22:37 GMT
server
nginx
content-length
548
content-type
text/html

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal function| $ function| jQuery function| getQueryString object| sub_mch_id object| out_trade_no object| check_code

0 Cookies

2 Console Messages

Source Level URL
Text
security warning URL: https://wx.gtimg.com/pay_h5/goldplan/js/jgoldplan-1.0.0.js(Line 1)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://payapp.weixin.qq.com') does not match the recipient window's origin ('https://goldplan.qyzl.top').
network error URL: https://goldplan.qyzl.top/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000