URL: http://chicvideo.net/
Tags: falconsandbox
Submission: On May 26 via api from US

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 11 HTTP transactions. The main IP is 160.121.137.148, located in Chicago, United States and belongs to CLAYERLIMITED-AS-AP Clayer Limited, HK. The main domain is chicvideo.net.
This is the only time chicvideo.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 160.121.137.148 137951 (CLAYERLIM...)
1 2 45.88.7.203 18013 (ASLINE-AS...)
2 103.235.46.191 55967 (BAIDU Bei...)
5 107.154.192.147 19551 (INCAPSULA)
1 2a04:4e42:200... 54113 (FASTLY)
11 6
Domain
Subdomains
Transfer
5 tbvip39.com
www.tbvip39.com
412 KB
2 baidu.com
hm.baidu.com
15 KB
2 aoa.ac
www.aoa.ac
1 KB
1 polyfill.io
.polyfill.io
560 B
1 chicvideo.net
.chicvideo.net
1 KB
0 cnzz.com Failed
s96.cnzz.com Failed
0 B
11 6
Domain Requested by
5 www.tbvip39.com chicvideo.net
www.aoa.ac
www.tbvip39.com
2 hm.baidu.com chicvideo.net
2 www.aoa.ac 1 redirects chicvideo.net
1 polyfill.io www.tbvip39.com
1 chicvideo.net
0 s96.cnzz.com Failed www.tbvip39.com
11 6

This site contains no links.

Subject Issuer Validity Valid
aoa.ac
R3
2021-05-23 -
2021-08-21
3 months crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2
2020-10-20 -
2021-07-26
9 months crt.sh

Sectigo RSA Domain Validation Secure Server CA
2021-02-19 -
2022-02-19
a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2021-05-18 -
2022-03-26
10 months crt.sh

This page contains 2 frames:

Primary Page: http://chicvideo.net/
Frame ID: 11502581B18907D40618B83C72C5C305
Requests: 6 HTTP requests in this frame

Frame: https://www.tbvip39.com/?agent_code=813900
Frame ID: 8D1E03B6481A5028524A3BED37664346
Requests: 5 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

11
Requests

82 %
HTTPS

20 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

429 kB
Transfer

1628 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.aoa.ac/aoa.js HTTP 301
  • https://www.aoa.ac/aoa.js

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
chicvideo.net/
2 KB
1 KB
Document
General
Full URL
http://chicvideo.net/
Protocol
HTTP/1.1
Server
160.121.137.148 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
ab516758e8a76cb911324610ccde19dcafadfbf4ccbfa4e9129ace0a43acefb9

Request headers

Host
chicvideo.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Wed, 26 May 2021 22:18:22 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
aoa.js
www.aoa.ac/
Redirect Chain
  • http://www.aoa.ac/aoa.js
  • https://www.aoa.ac/aoa.js
2 KB
1 KB
Script
General
Full URL
https://www.aoa.ac/aoa.js
Requested by
Host: chicvideo.net
URL: http://chicvideo.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.88.7.203 , Hong Kong, ASN18013 (ASLINE-AS-AP ASLINE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
20a4b96993eb3cef4762c5481f9d60023a041671870003eda27d77b248e42249
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://chicvideo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 22:18:23 GMT
content-encoding
gzip
last-modified
Sun, 23 May 2021 10:06:46 GMT
server
nginx
etag
W/"60aa2936-882"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Thu, 27 May 2021 10:18:23 GMT

Redirect headers

Location
https://www.aoa.ac/aoa.js
Date
Wed, 26 May 2021 22:18:23 GMT
Server
nginx
Connection
keep-alive
Content-Length
162
Strict-Transport-Security
max-age=31536000
Content-Type
text/html
hm.js?9f79eb8f91b581f48db8e9707d2a50f1
hm.baidu.com/
39 KB
14 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?9f79eb8f91b581f48db8e9707d2a50f1
Requested by
Host: chicvideo.net
URL: http://chicvideo.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
1eebd5644423197eb6744a70cb3af041cb7b78930c7c0a738968c11fab3e81d7
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
http://chicvideo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 26 May 2021 22:18:23 GMT
Content-Encoding
gzip
Server
apache
Etag
250fac5c0c0297af21d328616705879e
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14039
0.889779597224206
www.tbvip39.com/?agent_code=813900/
0
0
Image
General
Full URL
https://www.tbvip39.com/?agent_code=813900/0.889779597224206
Requested by
Host: chicvideo.net
URL: http://chicvideo.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.147 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.192.147.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://chicvideo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

0.6785828005452612
www.tbvip39.com/?agent_code=813900/
0
0
Image
General
Full URL
https://www.tbvip39.com/?agent_code=813900/0.6785828005452612
Requested by
Host: chicvideo.net
URL: http://chicvideo.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.147 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.192.147.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://chicvideo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1464861664&si=9f79eb8f91b581f48db8e9707d2a50f1&v=1.2.80&lv=1&sn=10720&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fchicvideo.net%2F&t...
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1464861664&si=9f79eb8f91b581f48db8e9707d2a50f1&v=1.2.80&lv=1&sn=10720&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fchicvideo.net%2F&tt=%E5%BB%BA%E7%AB%99%E6%88%90%E5%8A%9F
Requested by
Host: chicvideo.net
URL: http://chicvideo.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
http://chicvideo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 May 2021 22:18:24 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
?agent_code=813900
www.tbvip39.com/ Frame 8D1E
1 MB
390 KB
Document
General
Full URL
https://www.tbvip39.com/?agent_code=813900
Requested by
Host: www.aoa.ac
URL: http://www.aoa.ac/aoa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.147 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.192.147.ip.incapdns.net
Software
openresty /
Resource Hash
6c60625e52bf62dd429ddc797a4fc103d1f25b6d6702b929c4f0b6d09b8b5c09

Request headers

:method
GET
:authority
www.tbvip39.com
:scheme
https
:path
/?agent_code=813900
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://chicvideo.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://chicvideo.net/

Response headers

server
openresty
date
Wed, 26 May 2021 22:18:26 GMT
content-type
text/html; charset=utf-8
last-modified
Sat, 22 May 2021 08:46:52 GMT
vary
Accept-Encoding
etag
W/"60a8c4fc-16732e"
set-cookie
serwe=we14 nlbi_2495246=aOUyIY3cHyIgEF708krmCAAAAABr/Ilbeh4bfcEmF72R0gE0; path=/; Domain=.tbvip39.com visid_incap_2495246=iJrSxnsLQOua4F0d+tfYwi/JrmAAAAAAQUIPAAAAAACoz4NtqdDjSO5eTPo/txv3; expires=Thu, 26 May 2022 19:12:16 GMT; HttpOnly; path=/; Domain=.tbvip39.com incap_ses_721_2495246=hJQ+DIGSKSedEqWOBoIBCjHJrmAAAAAAxNSR7QWH0gdV6u7VnOXD5g==; path=/; Domain=.tbvip39.com
content-encoding
gzip
x-cdn
Imperva
x-iinfo
5-21165928-21165929 pNNN RT(1622067505596 0) q(0 0 0 0) r(3 3) U12
polyfill.min.js?flags=gated&features=default%2Ces2015%2Ces2016%2Ces2017%2Ces2018%2Ces2019%2Ces5%2Ces6%2Ces7%2Csmoothscroll
polyfill.io/v3/ Frame 8D1E
72 B
560 B
Script
General
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=default%2Ces2015%2Ces2016%2Ces2017%2Ces2018%2Ces2019%2Ces5%2Ces6%2Ces7%2Csmoothscroll
Requested by
Host: www.tbvip39.com
URL: https://www.tbvip39.com/?agent_code=813900
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.tbvip39.com
Referer
https://www.tbvip39.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1142659
detected-user-agent
Chrome/89.0.4389
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
74
referrer-policy
origin-when-cross-origin
last-modified
Thu, 13 May 2021 16:30:07 GMT
date
Wed, 26 May 2021 22:18:26 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=3&cb=1824140599
www.tbvip39.com/ Frame 8D1E
148 KB
21 KB
Script
General
Full URL
https://www.tbvip39.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=3&cb=1824140599
Requested by
Host: www.tbvip39.com
URL: https://www.tbvip39.com/?agent_code=813900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.147 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.192.147.ip.incapdns.net
Software
/
Resource Hash
146ba3be2ab05d29ac1db5fdad6887ff39cdb4d3e84c43fca739700090d51d3b

Request headers

Referer
https://www.tbvip39.com/?agent_code=813900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
21367
content-type
application/javascript
_Incapsula_Resource?SWKMTFSR=1&e=0.3236372460479857
www.tbvip39.com/ Frame 8D1E
1 B
247 B
Image
General
Full URL
https://www.tbvip39.com/_Incapsula_Resource?SWKMTFSR=1&e=0.3236372460479857
Requested by
Host: www.tbvip39.com
URL: https://www.tbvip39.com/?agent_code=813900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.147 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.192.147.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tbvip39.com/?agent_code=813900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
z_stat.php?id=1278466197&web_id=1278466197
s96.cnzz.com/ Frame 8D1E
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s96.cnzz.com
URL
https://s96.cnzz.com/z_stat.php?id=1278466197&web_id=1278466197

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| hd object| scr object| _hmt function| isMobile object| urlMobile object| urlPC number| tim1 number| maxTime object| Times function| loopImages boolean| _bdhm_loaded_9f79eb8f91b581f48db8e9707d2a50f1 object| mini_tangram_log_l25uvo

2 Cookies

Domain/Path Name / Value
.chicvideo.net/ Name: Hm_lpvt_9f79eb8f91b581f48db8e9707d2a50f1
Value: 1622067505
.chicvideo.net/ Name: Hm_lvt_9f79eb8f91b581f48db8e9707d2a50f1
Value: 1622067505

1 Console Messages

Source Level URL
Text
console-api log URL: http://www.aoa.ac/aoa.js(Line 43)
Message:
13,22