urlscan.io logo urlscan.io
SecurityTrails logo

yiqing.itunes123.com Open in urlscan Pro
43.226.38.16  Public Scan

Go To Rescan Add Verdict Report
URL: https://yiqing.itunes123.com/
Submission Tags: @phishunt_io
Submission: On March 21 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 20 HTTP transactions. The main IP is 43.226.38.16, located in China and belongs to CHINANET-LIAONING-DALIAN-MAN CHINANET Liaoning province Dalian MAN network, CN. The main domain is yiqing.itunes123.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on March 21st 2021. Valid for: a year.
This is the only time yiqing.itunes123.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 43.226.38.16 134762 (CHINANET-...)
1 175.100.207.231 9304 (HUTCHISON...)
1 203.205.235.65 132203 (TENCENT-N...)
3 150.109.206.166 132203 (TENCENT-N...)
2 103.235.46.191 55967 (BAIDU Bei...)
1 240e:ff:f100:... 4816 (CHINANET-...)
1 203.205.137.184 132203 (TENCENT-N...)
20 8
10    43.226.38.16 (China)

ASN134762 (CHINANET-LIAONING-DALIAN-MAN CHINANET Liaoning province Dalian MAN network, CN)
yiqing.itunes123.com
1    175.100.207.231 (Central, Hong Kong)

ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK)
pv.sohu.com
1    203.205.235.65 (China)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
ssl.captcha.qq.com
3    150.109.206.166 (Tokyo, Japan)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
captcha.gtimg.com
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    240e:ff:f100:8019::44 (China)

ASN4816 (CHINANET-IDC-GD China Telecom (Group), CN)
t.captcha.qq.com
1    203.205.137.184 (Shenzhen, China)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
cdn-go.cn
Domain Requested by
10 yiqing.itunes123.com yiqing.itunes123.com
3 captcha.gtimg.com ssl.captcha.qq.com
t.captcha.qq.com
2 hm.baidu.com yiqing.itunes123.com
1 cdn-go.cn t.captcha.qq.com
1 t.captcha.qq.com captcha.gtimg.com
1 ssl.captcha.qq.com yiqing.itunes123.com
1 pv.sohu.com yiqing.itunes123.com
0 aegis.qq.com Failed cdn-go.cn
20 8

This site contains links to these domains. Also see Links.

Domain
mini.itunes123.com
Subject Issuer Validity Valid
yiqing.itunes123.com
Encryption Everywhere DV TLS CA - G1		 2021-03-21 -
2022-03-21		 a year crt.sh
www.sohu.com
Secure Site CA G2		 2020-06-18 -
2021-09-02		 a year crt.sh
*.captcha.qq.com
DigiCert Secure Site CN CA G3		 2020-11-12 -
2021-12-10		 a year crt.sh
coral.qq.com
Secure Site CA G2		 2020-08-31 -
2021-09-29		 a year crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-10-20 -
2021-07-26		 9 months crt.sh
*.oct03.sparta.3g.qq.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-10-19 -
2021-11-20		 a year crt.sh
weixin.qq.com
Secure Site CA G2		 2020-09-25 -
2021-09-30		 a year crt.sh

This page contains 2 frames:

Primary Page: https://yiqing.itunes123.com/
Frame ID: A9FAF2D11EB2EA38F7460FFB133F9B2E
Requests: 15 HTTP requests in this frame

Frame: https://t.captcha.qq.com/template/drag_ele.html?t=1616340875630
Frame ID: 93774F08B57F5DA8A748D3711032EFB4
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/TCaptcha\.js/i

Page Statistics

20
Requests

95 %
HTTPS

14 %
IPv6

6
Domains

8
Subdomains

8
IPs

3
Countries

408 kB
Transfer

787 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
yiqing.itunes123.com/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yiqing.itunes123.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.226.38.16 , China, ASN134762 (CHINANET-LIAONING-DALIAN-MAN CHINANET Liaoning province Dalian MAN network, CN),
Reverse DNS
Software
nginx /
Resource Hash
c6916c7cb11254a04221f2883fc866b90dfedea26561ff91c6766cec82c8eedd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
yiqing.itunes123.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Sun, 21 Mar 2021 15:34:31 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Encoding
gzip
style.css
yiqing.itunes123.com/v1/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yiqing.itunes123.com/v1/css/style.css
Requested by
Host: yiqing.itunes123.com
URL: https://yiqing.itunes123.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.226.38.16 , China, ASN134762 (CHINANET-LIAONING-DALIAN-MAN CHINANET Liaoning province Dalian MAN network, CN),
Reverse DNS
Software
nginx /
Resource Hash
04850bbf155fa4a506d7fad67e033c07761a61ed9e9e2abfdeb3c306b0f1720f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://yiqing.itunes123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 15:34:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 26 Feb 2020 14:17:15 GMT
Server
nginx
ETag
W/"1582726635.0-8145-1861357674"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Cache-Control
public, max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 22 Mar 2021 03:34:33 GMT
t1.png
yiqing.itunes123.com/v1/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yiqing.itunes123.com/v1/images/t1.png
Requested by
Host: yiqing.itunes123.com
URL: https://yiqing.itunes123.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.226.38.16 , China, ASN134762 (CHINANET-LIAONING-DALIAN-MAN CHINANET Liaoning province Dalian MAN network, CN),
Reverse DNS
Software
nginx /
Resource Hash
8f873070d75c6f97835108ca20a4465b8bf122bc8ac111bd4d7c61ae61f06d96
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://yiqing.itunes123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 15:34:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 25 Feb 2020 16:12:56 GMT
Server
nginx
ETag
W/"1582647176.0-11558-1829965831"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public, max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 22 Mar 2021 03:34:32 GMT
t2.png
yiqing.itunes123.com/v1/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yiqing.itunes123.com/v1/images/t2.png
Requested by
Host: yiqing.itunes123.com
URL: https://yiqing.itunes123.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.226.38.16 , China, ASN134762 (CHINANET-LIAONING-DALIAN-MAN CHINANET Liaoning province Dalian MAN network, CN),
Reverse DNS
Software
nginx /
Resource Hash
c8df2d5d2a1f5b560ca3f86225f8f0aa019913b4b8eeeb8b030ea5b4072091e8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://yiqing.itunes123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 15:34:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 25 Feb 2020 16:12:56 GMT
Server
nginx
ETag
W/"1582647176.0-6213-1830293512"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public, max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 22 Mar 2021 03:34:33 GMT
t3.png
yiqing.itunes123.com/v1/images/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yiqing.itunes123.com/v1/images/t3.png
Requested by
Host: yiqing.itunes123.com
URL: https://yiqing.itunes123.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.226.38.16 , China, ASN134762 (CHINANET-LIAONING-DALIAN-MAN CHINANET Liaoning province Dalian MAN network, CN),
Reverse DNS
Software
nginx /
Resource Hash
dedd1f970c33f8103d4d8239b0fe4038b53b3a6709d85c8f30efcff1910d5e1d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://yiqing.itunes123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 15:34:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 25 Feb 2020 16:12:56 GMT
Server
nginx
ETag
W/"1582647176.0-112915-1830621193"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public, max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 22 Mar 2021 03:34:33 GMT
notice.png
yiqing.itunes123.com/v1/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yiqing.itunes123.com/v1/images/notice.png
Requested by
Host: yiqing.itunes123.com
URL: https://yiqing.itunes123.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.226.38.16 , China, ASN134762 (CHINANET-LIAONING-DALIAN-MAN CHINANET Liaoning province Dalian MAN network, CN),
Reverse DNS
Software
nginx /
Resource Hash
fb6e0c463d40bcf0e9df6bc5882c60aeaf391b1fc0e1b075ef269c865a3ab99d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://yiqing.itunes123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 15:34:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 25 Feb 2020 16:12:56 GMT
Server
nginx
ETag
W/"1582647176.0-18199-3021935076"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public, max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 22 Mar 2021 03:34:33 GMT
jquery.min.js
yiqing.itunes123.com/v1/js/ 		91 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yiqing.itunes123.com/v1/js/jquery.min.js
Requested by
Host: yiqing.itunes123.com
URL: https://yiqing.itunes123.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.226.38.16 , China, ASN134762 (CHINANET-LIAONING-DALIAN-MAN CHINANET Liaoning province Dalian MAN network, CN),
Reverse DNS
Software
nginx /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://yiqing.itunes123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 15:34:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 25 Feb 2020 16:12:56 GMT
Server
nginx
ETag
W/"1582647176.0-93636-2712605043"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 22 Mar 2021 03:34:33 GMT
parsley.min.js
yiqing.itunes123.com/v1/js/parsley/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yiqing.itunes123.com/v1/js/parsley/parsley.min.js
Requested by
Host: yiqing.itunes123.com
URL: https://yiqing.itunes123.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.226.38.16 , China, ASN134762 (CHINANET-LIAONING-DALIAN-MAN CHINANET Liaoning province Dalian MAN network, CN),
Reverse DNS
Software
nginx /
Resource Hash
348ae62f932928f46b54ab072e7916a79bb8bcda55a767ca2e814ecfdea61d46
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://yiqing.itunes123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 15:34:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 25 Feb 2020 16:12:56 GMT
Server
nginx
ETag
W/"1582647176.0-42627-1373246722"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 22 Mar 2021 03:34:32 GMT
zh_cn.js
yiqing.itunes123.com/v1/js/parsley/i18n/ 		1 KB
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://yiqing.itunes123.com/v1/js/parsley/i18n/zh_cn.js
Requested by
Host: yiqing.itunes123.com
URL: https://yiqing.itunes123.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.226.38.16 , China, ASN134762 (CHINANET-LIAONING-DALIAN-MAN CHINANET Liaoning province Dalian MAN network, CN),
Reverse DNS
Software
nginx /
Resource Hash
21c0d95335b6ddc6a2fddaa2009496e9e707133696bdffcaafde4036fc657055
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://yiqing.itunes123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 15:34:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 25 Feb 2020 16:12:56 GMT
Server
nginx
ETag
W/"1582647176.0-1098-912397329"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 22 Mar 2021 03:34:34 GMT
cityjson
pv.sohu.com/ 		84 B
245 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pv.sohu.com/cityjson?ie=utf-8
Requested by
Host: yiqing.itunes123.com
URL: https://yiqing.itunes123.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
175.100.207.231 Central, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
nginx/1.0.15 /
Resource Hash
07f1adfdb9e635abd49c504971e07e58e054fd450b125ea4666019762f0e42ae

Request headers

Referer
https://yiqing.itunes123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 15:34:32 GMT
fss-proxy
Powered by 2432814.3481400.3158846, Powered by 11746953.19414675.15157502
server
nginx/1.0.15
content-length
84
content-type
text/json; charset=utf-8
TCaptcha.js
ssl.captcha.qq.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.captcha.qq.com/TCaptcha.js
Requested by
Host: yiqing.itunes123.com
URL: https://yiqing.itunes123.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.235.65 , China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent http server /
Resource Hash
db06064c2824478525e5888885225d6dc218119ba5111306f4cd2c37d8904a9c

Request headers

Referer
https://yiqing.itunes123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 15:34:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 Mar 2021 10:48:09 GMT
Server
tencent http server
Vary
Accept-Encoding
P3P
CP=CAO PSA OUR
Cache-Control
max-age=600
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript
bg.gif
yiqing.itunes123.com/v1/images/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yiqing.itunes123.com/v1/images/bg.gif
Requested by
Host: yiqing.itunes123.com
URL: https://yiqing.itunes123.com/v1/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.226.38.16 , China, ASN134762 (CHINANET-LIAONING-DALIAN-MAN CHINANET Liaoning province Dalian MAN network, CN),
Reverse DNS
Software
nginx /
Resource Hash
eabe2fdc38a8d0726ef6a5eb45259511889b59dc7dcade4cedd6281b324983ae
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://yiqing.itunes123.com/v1/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 15:34:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 25 Feb 2020 16:12:56 GMT
Server
nginx
ETag
W/"1582647176.0-69510-1838092316"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
public, max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 22 Mar 2021 03:34:34 GMT
tcaptcha-frame.649719fe.js
captcha.gtimg.com/1/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.gtimg.com/1/tcaptcha-frame.649719fe.js
Requested by
Host: ssl.captcha.qq.com
URL: https://ssl.captcha.qq.com/TCaptcha.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.166 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_UGC_HY /
Resource Hash
85b9e087d69ac8c60cb8b47eb20bc02050b641778c2fe1f60e06c196bec82048

Request headers

Referer
https://yiqing.itunes123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Mar 2021 15:34:35 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Wed, 17 Mar 2021 09:03:30 GMT
server
NWS_UGC_HY
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
max-age=1800
x-nws-log-uuid
ab82cf68-9188-483b-89d9-893536749fea
content-type
application/javascript
content-length
28855
expires
Sun, 21 Mar 2021 16:04:35 GMT
hm.js
hm.baidu.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?bdac66fd505b8b91ab9e1c6f51061c93
Requested by
Host: yiqing.itunes123.com
URL: https://yiqing.itunes123.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
b86d09313faa969ca03e369d27c91a996e111cfbb35d69373086620476db28ca
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://yiqing.itunes123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 15:34:34 GMT
Content-Encoding
gzip
Server
apache
Etag
1130fb5abb49371677c5285e069c0e9b
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14049
drag_ele.html
t.captcha.qq.com/template/ Frame 9377 		28 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.captcha.qq.com/template/drag_ele.html?t=1616340875630
Requested by
Host: captcha.gtimg.com
URL: https://captcha.gtimg.com/1/tcaptcha-frame.649719fe.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
240e:ff:f100:8019::44 , China, ASN4816 (CHINANET-IDC-GD China Telecom (Group), CN),
Reverse DNS
Software
nginx /
Resource Hash
264035d001ddef8a4878d1af14562f75168403756ae50a31719f12a5bcd27981

Request headers

Host
t.captcha.qq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://yiqing.itunes123.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://yiqing.itunes123.com/

Response headers

Server
nginx
Date
Sun, 21 Mar 2021 15:34:38 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Pragma
No-cache
P3P
CP=CAO PSA OUR
Content-Encoding
gzip
hm.gif
hm.baidu.com/ 		43 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1831357289&si=bdac66fd505b8b91ab9e1c6f51061c93&v=1.2.80&lv=1&sn=51171&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fyiqing.itunes123.com%2F&tt=%E9%84%82%E5%B7%9E%E6%96%B0%E5%86%A0%E8%82%BA%E7%82%8E%E7%96%AB%E6%83%85%E9%98%B2%E6%8E%A7%E5%92%A8%E8%AF%A2%E6%8A%95%E8%AF%89%E6%B1%82%E5%8A%A9%E5%B9%B3%E5%8F%B0
Requested by
Host: yiqing.itunes123.com
URL: https://yiqing.itunes123.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://yiqing.itunes123.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 15:34:35 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
private, max-age=0, no-cache
Content-Type
image/gif
Content-Length
43
aegis.min.js
cdn-go.cn/aegis/aegis-sdk/latest/ Frame 9377 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-go.cn/aegis/aegis-sdk/latest/aegis.min.js?_bid=3977
Requested by
Host: t.captcha.qq.com
URL: https://t.captcha.qq.com/template/drag_ele.html?t=1616340875630
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.184 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
X2S_Platform /
Resource Hash
84141f58b8728198052ae27f790a4fb8277f061ba1051da107c27daafae99124

Request headers

Origin
https://t.captcha.qq.com
Referer
https://t.captcha.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 15:34:39 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Thu, 04 Mar 2021 16:06:17 GMT
server
X2S_Platform
vary
Origin
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=666
server_ip
203.205.137.184
x-nws-log-uuid
a424084f-9dc3-4076-91f7-e3711e7ef253
timing-allow-origin
*
content-length
12871
is-immutable-in-the-future
false
expires
Sun, 21 Mar 2021 15:45:45 GMT
jquery-1.12.1.min.js
captcha.gtimg.com/1/ Frame 9377 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.gtimg.com/1/jquery-1.12.1.min.js
Requested by
Host: t.captcha.qq.com
URL: https://t.captcha.qq.com/template/drag_ele.html?t=1616340875630
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.166 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_UGC_HY /
Resource Hash
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772

Request headers

Origin
https://t.captcha.qq.com
Referer
https://t.captcha.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Mar 2021 15:34:39 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Wed, 10 Mar 2021 07:57:51 GMT
server
NWS_UGC_HY
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
max-age=1800
x-nws-log-uuid
e02d1a27-7a7d-454c-a6e3-dc4b68de2c35
content-type
application/javascript
content-length
33878
expires
Sun, 21 Mar 2021 16:04:39 GMT
drag-ele.edd0d07d.js
captcha.gtimg.com/1/ Frame 9377 		112 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.gtimg.com/1/drag-ele.edd0d07d.js
Requested by
Host: t.captcha.qq.com
URL: https://t.captcha.qq.com/template/drag_ele.html?t=1616340875630
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.166 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_UGC_HY /
Resource Hash
117e1f90cab7a154c4a981a4a088fb8ed1547ab23c5f9e127f99843523d4f4de

Request headers

Origin
https://t.captcha.qq.com
Referer
https://t.captcha.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Mar 2021 15:34:39 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Wed, 17 Mar 2021 09:03:30 GMT
server
NWS_UGC_HY
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
max-age=1800
x-nws-log-uuid
bd571041-2e5c-423d-ba5e-421acc95dd59
content-type
application/javascript
content-length
27829
expires
Sun, 21 Mar 2021 16:04:39 GMT
truncated
/ Frame 9377 		96 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88bbd2b60ebb24de3f714477e760110ab86842f88f4db455627982356d0edf17

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9377 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02a58e6412f474b7393c5bfbad51a827a857cb5a51c9e281132a258755eb3db7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9377 		651 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd9c225bfcf8e04e80dd839fa0660e92ae533167e1d707fe4d8a5b57d1718c45

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9377 		612 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac7b1f0233ef528a1e630b5680f497c48dad0164da718961aa76e2bacf5de6c5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9377 		597 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16a4969a8bef7595706c99368148d4e8fed12f550fadf5c96ffcf57ba3f738ed

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
speed
aegis.qq.com/ Frame 9377 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aegis.qq.com
URL
https://aegis.qq.com/speed?id=AhPIQNzsNIpuLYoVxk&uin=&version=1.32.16&aid=&platform=3&x5Type=3&netType=4&sessionId=session-1616340879844&from=https%3A%2F%2Ft.captcha.qq.com%2Ftemplate%2Fdrag_ele.html%3Ft%3D1616340875630&referer=https%3A%2F%2Fyiqing.itunes123.com%2F

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley object| returnCitySN boolean| __TencentCaptchaExists__ string| AqSCodeCapDomain function| TencentCaptcha object| _hmt function| callback function| TCapMsg function| AqSCode boolean| _bdhm_loaded_bdac66fd505b8b91ab9e1c6f51061c93 object| mini_tangram_log_rviip5

2 Cookies

Domain/Path Name / Value
.yiqing.itunes123.com/ Name: Hm_lpvt_bdac66fd505b8b91ab9e1c6f51061c93
Value: 1616340876
.yiqing.itunes123.com/ Name: Hm_lvt_bdac66fd505b8b91ab9e1c6f51061c93
Value: 1616340876

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aegis.qq.com
captcha.gtimg.com
cdn-go.cn
hm.baidu.com
pv.sohu.com
ssl.captcha.qq.com
t.captcha.qq.com
yiqing.itunes123.com
aegis.qq.com
103.235.46.191
150.109.206.166
175.100.207.231
203.205.137.184
203.205.235.65
240e:ff:f100:8019::44
43.226.38.16
02a58e6412f474b7393c5bfbad51a827a857cb5a51c9e281132a258755eb3db7
04850bbf155fa4a506d7fad67e033c07761a61ed9e9e2abfdeb3c306b0f1720f
07f1adfdb9e635abd49c504971e07e58e054fd450b125ea4666019762f0e42ae
117e1f90cab7a154c4a981a4a088fb8ed1547ab23c5f9e127f99843523d4f4de
16a4969a8bef7595706c99368148d4e8fed12f550fadf5c96ffcf57ba3f738ed
21c0d95335b6ddc6a2fddaa2009496e9e707133696bdffcaafde4036fc657055
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
264035d001ddef8a4878d1af14562f75168403756ae50a31719f12a5bcd27981
348ae62f932928f46b54ab072e7916a79bb8bcda55a767ca2e814ecfdea61d46
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
84141f58b8728198052ae27f790a4fb8277f061ba1051da107c27daafae99124
85b9e087d69ac8c60cb8b47eb20bc02050b641778c2fe1f60e06c196bec82048
88bbd2b60ebb24de3f714477e760110ab86842f88f4db455627982356d0edf17
8f873070d75c6f97835108ca20a4465b8bf122bc8ac111bd4d7c61ae61f06d96
ac7b1f0233ef528a1e630b5680f497c48dad0164da718961aa76e2bacf5de6c5
b86d09313faa969ca03e369d27c91a996e111cfbb35d69373086620476db28ca
c6916c7cb11254a04221f2883fc866b90dfedea26561ff91c6766cec82c8eedd
c8df2d5d2a1f5b560ca3f86225f8f0aa019913b4b8eeeb8b030ea5b4072091e8
cd9c225bfcf8e04e80dd839fa0660e92ae533167e1d707fe4d8a5b57d1718c45
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
db06064c2824478525e5888885225d6dc218119ba5111306f4cd2c37d8904a9c
dedd1f970c33f8103d4d8239b0fe4038b53b3a6709d85c8f30efcff1910d5e1d
eabe2fdc38a8d0726ef6a5eb45259511889b59dc7dcade4cedd6281b324983ae
fb6e0c463d40bcf0e9df6bc5882c60aeaf391b1fc0e1b075ef269c865a3ab99d