urlscan.io logo urlscan.io
SecurityTrails logo

www.zhouxijing.cn Open in urlscan Pro
42.192.121.183  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://wadax-ne-jp-login.mjbsuper.com.au/
Effective URL: https://www.zhouxijing.cn/wp-includes/images/wadax.ne.jp/ee41zm1po79x8o7ml3ti2wmm.php?LF388L1716542665482cbd2b2f3b9647a62d...
Submission: On May 24 via api from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 7 HTTP transactions. The main IP is 42.192.121.183, located in China and belongs to TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN. The main domain is www.zhouxijing.cn.
TLS certificate: Issued by R3 on April 5th 2024. Valid for: 3 months.
This is the only time www.zhouxijing.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 69.49.230.170 19871 (NETWORK-S...)
1 2 42.192.121.183 45090 (TENCENT-N...)
5 133.18.75.205 24282 (KIR KAGOY...)
1 18.244.51.92 16509 (AMAZON-02)
7 4
Apex Domain
Subdomains		 Transfer
5 kagoya.com
activemail.kagoya.com
10 KB
2 zhouxijing.cn
www.zhouxijing.cn
4 KB
1 wadax.ne.jp
www.wadax.ne.jp
5 KB
1 mjbsuper.com.au
wadax-ne-jp-login.mjbsuper.com.au
275 B
7 4
Domain Requested by
5 activemail.kagoya.com www.zhouxijing.cn
activemail.kagoya.com
2 www.zhouxijing.cn 1 redirects
1 www.wadax.ne.jp
1 wadax-ne-jp-login.mjbsuper.com.au 1 redirects
7 4

This site contains no links.

Subject Issuer Validity Valid
www.zhouxijing.cn
R3		 2024-04-05 -
2024-07-04		 3 months crt.sh
activemail.kagoya.com
GeoTrust TLS RSA CA G1		 2023-07-18 -
2024-08-14		 a year crt.sh
www.wadax.ne.jp
GlobalSign Extended Validation CA - SHA256 - G3		 2023-08-08 -
2024-09-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.zhouxijing.cn/wp-includes/images/wadax.ne.jp/ee41zm1po79x8o7ml3ti2wmm.php?LF388L1716542665482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486&login=
Frame ID: 8C9152149950ADE577AE2B45C8F3603F
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WADAX Active! mail

Page URL History Show full URLs

  1. https://wadax-ne-jp-login.mjbsuper.com.au/ HTTP 302
    https://www.zhouxijing.cn/wp-includes/images/wadax.ne.jp/?login= HTTP 302
    https://www.zhouxijing.cn/wp-includes/images/wadax.ne.jp/ee41zm1po79x8o7ml3ti2wmm.php?LF388L1716542665... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

18 kB
Transfer

20 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wadax-ne-jp-login.mjbsuper.com.au/ HTTP 302
    https://www.zhouxijing.cn/wp-includes/images/wadax.ne.jp/?login= HTTP 302
    https://www.zhouxijing.cn/wp-includes/images/wadax.ne.jp/ee41zm1po79x8o7ml3ti2wmm.php?LF388L1716542665482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486&login= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ee41zm1po79x8o7ml3ti2wmm.php
www.zhouxijing.cn/wp-includes/images/wadax.ne.jp/
Redirect Chain
  • https://wadax-ne-jp-login.mjbsuper.com.au/
  • https://www.zhouxijing.cn/wp-includes/images/wadax.ne.jp/?login=
  • https://www.zhouxijing.cn/wp-includes/images/wadax.ne.jp/ee41zm1po79x8o7ml3ti2wmm.php?LF388L1716542665482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e48...
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.zhouxijing.cn/wp-includes/images/wadax.ne.jp/ee41zm1po79x8o7ml3ti2wmm.php?LF388L1716542665482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486&login=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.192.121.183 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
7d0312500603db82df4e1c466ea2b991c8b6e3b6baf321401232aa33d22b3a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 24 May 2024 09:24:26 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=UTF-8
date
Fri, 24 May 2024 09:24:25 GMT
location
ee41zm1po79x8o7ml3ti2wmm.php?LF388L1716542665482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486&login=
server
nginx
strict-transport-security
max-age=31536000
popup.css
activemail.kagoya.com/am_viz/common/standard/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://activemail.kagoya.com/am_viz/common/standard/popup.css?6.5002005200
Requested by
Host: www.zhouxijing.cn
URL: https://www.zhouxijing.cn/wp-includes/images/wadax.ne.jp/ee41zm1po79x8o7ml3ti2wmm.php?LF388L1716542665482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486&login=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
133.18.75.205 , Japan, ASN24282 (KIR KAGOYA JAPAN Inc., JP),
Reverse DNS
Software
/
Resource Hash
31ee601049c36396ff54ca0666cf705cb945a58b95944c064fc0256c072e4d44
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zhouxijing.cn/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 24 May 2024 09:24:27 GMT
Strict-Transport-Security
max-age=63072000
Last-Modified
Thu, 17 Nov 2022 15:00:00 GMT
ETag
"9e9-5edabd7d7fc00"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2537
X-XSS-Protection
1; mode=block
index_ff150.css
activemail.kagoya.com/kir_files/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://activemail.kagoya.com/kir_files/css/index_ff150.css
Requested by
Host: www.zhouxijing.cn
URL: https://www.zhouxijing.cn/wp-includes/images/wadax.ne.jp/ee41zm1po79x8o7ml3ti2wmm.php?LF388L1716542665482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486&login=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
133.18.75.205 , Japan, ASN24282 (KIR KAGOYA JAPAN Inc., JP),
Reverse DNS
Software
/
Resource Hash
1d8f3b22673cf858aa0ca5b840092febb4888855da9e42085a7d997e7986c8bb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zhouxijing.cn/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 24 May 2024 09:24:27 GMT
Strict-Transport-Security
max-age=63072000
Last-Modified
Tue, 04 Apr 2023 00:51:52 GMT
ETag
"9b9-5f87814cb7298"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2489
X-XSS-Protection
1; mode=block
index_login.gif
activemail.kagoya.com/am_viz/common/img/standard/ 		398 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activemail.kagoya.com/am_viz/common/img/standard/index_login.gif
Requested by
Host: www.zhouxijing.cn
URL: https://www.zhouxijing.cn/wp-includes/images/wadax.ne.jp/ee41zm1po79x8o7ml3ti2wmm.php?LF388L1716542665482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486482cbd2b2f3b9647a62dd1cd5298e486&login=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
133.18.75.205 , Japan, ASN24282 (KIR KAGOYA JAPAN Inc., JP),
Reverse DNS
Software
/
Resource Hash
985d990405b7d97d7fff66172ab81747ca11f22e24d0cd4e0a3e69b9e2e264f7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zhouxijing.cn/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 24 May 2024 09:24:27 GMT
Strict-Transport-Security
max-age=63072000
Last-Modified
Thu, 17 Nov 2022 15:00:00 GMT
ETag
"18e-5edabd7d7fc00"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
398
X-XSS-Protection
1; mode=block
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbfc055d992850c890a13e38a99fa81fe0469fe73a8e727e969a08898d016bb1

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
index_bg.gif
activemail.kagoya.com/kir_files/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activemail.kagoya.com/kir_files/img/index_bg.gif
Requested by
Host: activemail.kagoya.com
URL: https://activemail.kagoya.com/kir_files/css/index_ff150.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
133.18.75.205 , Japan, ASN24282 (KIR KAGOYA JAPAN Inc., JP),
Reverse DNS
Software
/
Resource Hash
943baf1254f48894f475c53fabd41abe07602b6bc729bcef17faef5004de0219
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://activemail.kagoya.com/kir_files/css/index_ff150.css
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 24 May 2024 09:24:27 GMT
Strict-Transport-Security
max-age=63072000
Last-Modified
Tue, 04 Apr 2023 00:51:52 GMT
ETag
"4f0-5f87814cb7298"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1264
X-XSS-Protection
1; mode=block
index_border.gif
activemail.kagoya.com/kir_files/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activemail.kagoya.com/kir_files/img/index_border.gif
Requested by
Host: activemail.kagoya.com
URL: https://activemail.kagoya.com/kir_files/css/index_ff150.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
133.18.75.205 , Japan, ASN24282 (KIR KAGOYA JAPAN Inc., JP),
Reverse DNS
Software
/
Resource Hash
f2165b5989a8fa0cec786eafa0367cefea4f4e49e072ff58c9d21f8fa0ecd049
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://activemail.kagoya.com/kir_files/css/index_ff150.css
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 24 May 2024 09:24:27 GMT
Strict-Transport-Security
max-age=63072000
Last-Modified
Tue, 04 Apr 2023 00:51:52 GMT
ETag
"5c1-5f87814cac5ef"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1473
X-XSS-Protection
1; mode=block
favicon.ico
www.wadax.ne.jp/common/images/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.wadax.ne.jp/common/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.51.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-51-92.cgk50.r.cloudfront.net
Software
Apache /
Resource Hash
93acaf3e5d28216cd122a0c708bc5c6774891e02b381c02babc423e15d6bbac2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.zhouxijing.cn/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 09:24:27 GMT
via
1.1 4ffaff110833a88c94fe48d98ffa5106.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
CGK50-P4
x-cache
RefreshHit from cloudfront
content-length
4286
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Mon, 14 Feb 2011 04:55:33 GMT
server
Apache
etag
"10be-49c36db953b40"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
accept-ranges
bytes
x-amz-cf-id
EphmMBcj9y8F0OTzkK6YeQTIYz6H63vWOri_aOEaUmJ230qZHvbYAQ==

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| kir_page_display_init

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000