urlscan.io logo urlscan.io
SecurityTrails logo

www.398k.com Open in urlscan Pro
116.196.96.228  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.398k.com/zxxb/34524.html
Submission: On November 10 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 5 domains to perform 19 HTTP transactions. The main IP is 116.196.96.228, located in China and belongs to CHINA169-BJ China Unicom Beijing Province Network, CN. The main domain is www.398k.com.
This is the only time www.398k.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 116.196.96.228 4808 (CHINA169-...)
4 1.31.173.91 4837 (CHINA169-...)
1 106.11.209.24 37963 (CNNIC-ALI...)
2 61.135.185.248 4808 (CHINA169-...)
1 103.235.46.191 55967 (CNNIC-BAI...)
5 47.246.43.252 24429 (TAOBAO Zh...)
1 140.205.248.60 37963 (CNNIC-ALI...)
2 47.246.43.251 24429 (TAOBAO Zh...)
1 140.205.250.8 37963 (CNNIC-ALI...)
19 9
2    116.196.96.228 (China)

ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)
www.398k.com
4    1.31.173.91 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
cdn.bootcss.com
1    106.11.209.24 (China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
p.tanx.com
2    61.135.185.248 (Beijing, China)

ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)
push.zhanzhang.baidu.com
api.share.baidu.com
1    103.235.46.191 (Hong Kong)

ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
5    47.246.43.252 (San Mateo, United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
atanx.alicdn.com
1    140.205.248.60 (China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
ope.tanx.com
2    47.246.43.251 (San Mateo, United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
cdn.tanx.com
strip.alicdn.com
1    140.205.250.8 (China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
df.tanx.com
Domain Requested by
5 atanx.alicdn.com p.tanx.com
www.398k.com
4 cdn.bootcss.com www.398k.com
2 www.398k.com www.398k.com
1 strip.alicdn.com atanx.alicdn.com
1 df.tanx.com www.398k.com
1 cdn.tanx.com atanx.alicdn.com
1 api.share.baidu.com www.398k.com
1 ope.tanx.com atanx.alicdn.com
1 hm.baidu.com www.398k.com
1 push.zhanzhang.baidu.com www.398k.com
1 p.tanx.com www.398k.com
19 11

This site contains links to these domains. Also see Links.

Domain
www.alimama.com
www.miitbeian.gov.cn
Subject Issuer Validity Valid
*.bootcss.com
Let's Encrypt Authority X3		 2019-10-23 -
2020-01-21		 3 months crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2019-05-09 -
2020-06-25		 a year crt.sh
*.alicdn.com
GlobalSign Organization Validation CA - SHA256 - G2		 2019-09-03 -
2020-09-03		 a year crt.sh

This page contains 3 frames:

Primary Page: http://www.398k.com/zxxb/34524.html
Frame ID: 9A1369D5939B72DAA8E029F2960F1B80
Requests: 17 HTTP requests in this frame

Frame: http://cdn.tanx.com/t/acookie/acbeacon2.html
Frame ID: E0D30EFDA41177DCCFD1FA2A80611049
Requests: 1 HTTP requests in this frame

Frame: https://strip.alicdn.com/tfscom/TB1j92QPVXXXXcKXpXXXXXXXXXX.html?tanxdspv=http%3a%2f%2frdstat.tanx.com%2ftrd%3ff%3d%26k%3da09e279ad7f7a12a%26p%3dmm_16460681_245800149_68248900382%26pvid%3d0b0c4c0d00015dc7534484d0002c1979%26s%3d336x280%26d%3d59420271%26t%3d1573344068&pid=mm_16460681_245800149_68248900382&tp=6&tsid=0b0c4c0d00015dc7534484d0002c1979&pid=mm_16460681_245800149_68248900382
Frame ID: 1B2460D34C5D94BCCD5E7C8C15BB46BC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

19
Requests

32 %
HTTPS

0 %
IPv6

5
Domains

11
Subdomains

9
IPs

3
Countries

120 kB
Transfer

345 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 34524.html
www.398k.com/zxxb/ 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.398k.com/zxxb/34524.html
Protocol
HTTP/1.1
Server
116.196.96.228 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
nginx /
Resource Hash
34732fe243fe01243cc8cbc4f2b6f9f82eb715b1d5ea9e199871827f05c26e36

Request headers

Host
www.398k.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Server
nginx
Date
Sun, 10 Nov 2019 00:01:05 GMT
Content-Type
text/html
Last-Modified
Mon, 21 Jan 2019 12:37:05 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"5c45bcf1-42a8"
Content-Encoding
gzip
bootstrap.min.css
cdn.bootcss.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcss.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: www.398k.com
URL: http://www.398k.com/zxxb/34524.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
1.31.173.91 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWS_TCloud_S1 /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Sun, 10 Nov 2019 00:01:06 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz, Hit From Inner Cluster
last-modified
Sat, 09 Nov 2019 10:30:00 GMT
server
NWS_TCloud_S1
status
200
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000, s-maxage=43200
x-daa-tunnel
hop_count=1
x-nws-log-uuid
6c247cd8-b7be-434a-8f8e-9165a996feee
accept-ranges
bytes
timing-allow-origin
*
content-length
19767
expires
Tue, 10 Dec 2019 00:01:06 GMT
main.css
www.398k.com/templets/muban/css/ 		1 KB
867 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.398k.com/templets/muban/css/main.css
Requested by
Host: www.398k.com
URL: http://www.398k.com/zxxb/34524.html
Protocol
HTTP/1.1
Server
116.196.96.228 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
nginx /
Resource Hash
d8007584bfa5a96f49f25760bc65896f1cecde2340eaed663d3adc9971dd6cea

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 00:01:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Dec 2018 12:15:03 GMT
Server
nginx
ETag
W/"5c0912c7-48d"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sun, 10 Nov 2019 12:01:06 GMT
jquery.min.js
cdn.bootcss.com/jquery/1.12.4/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcss.com/jquery/1.12.4/jquery.min.js
Requested by
Host: www.398k.com
URL: http://www.398k.com/zxxb/34524.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
1.31.173.91 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWS_TCloud_S1 /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Sun, 10 Nov 2019 00:01:06 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz, Hit From Inner Cluster
last-modified
Thu, 17 May 2018 09:21:00 GMT
server
NWS_TCloud_S1
status
200
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-daa-tunnel
hop_count=1
x-nws-log-uuid
da81355a-ab83-46d6-a7a0-4432489fe546
timing-allow-origin
*
content-length
33781
expires
Tue, 10 Dec 2019 00:01:06 GMT
bootstrap.min.js
cdn.bootcss.com/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcss.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.398k.com
URL: http://www.398k.com/zxxb/34524.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
1.31.173.91 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWS_TCloud_S1 /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Sun, 10 Nov 2019 00:01:06 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz, Hit From Inner Cluster
last-modified
Sat, 09 Nov 2019 11:50:00 GMT
server
NWS_TCloud_S1
status
200
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2592000, s-maxage=43200
x-daa-tunnel
hop_count=1
x-nws-log-uuid
71b39ad5-474a-4fb2-bf2c-54648103d412
accept-ranges
bytes
timing-allow-origin
*
content-length
9832
expires
Tue, 10 Dec 2019 00:01:06 GMT
ex
p.tanx.com/ 		704 B
859 B 		Script
General
Check archive.org
Download Go to
Full URL
http://p.tanx.com/ex?i=mm_16460681_245800149_68248900382
Requested by
Host: www.398k.com
URL: http://www.398k.com/zxxb/34524.html
Protocol
HTTP/1.1
Server
106.11.209.24 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash
8bc443625c52f49c4d85cb56fb20db9a4451c0613ae444d1bb3996469dbac7fe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 00:01:07 GMT
Content-Encoding
gzip
Server
Tengine
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=gbk
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Timing-Allow-Origin
*
EagleEye-TraceId
0b1aec0e15733440673552788e37c8
Expires
Sun, 10 Nov 2019 00:01:06 GMT
glyphicons-halflings-regular.woff2
cdn.bootcss.com/bootstrap/3.3.7/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcss.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: www.398k.com
URL: http://www.398k.com/zxxb/34524.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
1.31.173.91 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWS_TCloud_S1 /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Sec-Fetch-Mode
cors
Referer
https://cdn.bootcss.com/bootstrap/3.3.7/css/bootstrap.min.css
Origin
http://www.398k.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Sun, 10 Nov 2019 00:01:07 GMT
x-cache-lookup
Hit From Disktank3, Hit From Inner Cluster
last-modified
Sat, 09 Nov 2019 14:40:00 GMT
server
NWS_TCloud_S1
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2592000, s-maxage=43200
x-daa-tunnel
hop_count=1
x-nws-log-uuid
6a15c6a7-05a8-44b2-bded-9294492b4c3e
accept-ranges
bytes
timing-allow-origin
*
content-length
18028
expires
Tue, 10 Dec 2019 00:01:07 GMT
push.js
push.zhanzhang.baidu.com/ 		281 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
http://push.zhanzhang.baidu.com/push.js
Requested by
Host: www.398k.com
URL: http://www.398k.com/zxxb/34524.html
Protocol
HTTP/1.1
Server
61.135.185.248 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
apache /
Resource Hash
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 00:01:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Nov 2015 07:47:55 GMT
Server
apache
Etag
"4078521116"
Vary
Accept-Encoding
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
227
Expires
Mon, 09 Nov 2020 00:01:07 GMT
hm.js
hm.baidu.com/ 		0
175 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?47a01d7bf548b250b3077312e89db7c0
Requested by
Host: www.398k.com
URL: http://www.398k.com/zxxb/34524.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 00:01:07 GMT
Server
apache
Content-Length
0
Strict-Transport-Security
max-age=172800
Content-Type
text/plain; charset=utf-8
tanxssp.js
atanx.alicdn.com/t/ 		55 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://atanx.alicdn.com/t/tanxssp.js?_v=12
Requested by
Host: p.tanx.com
URL: http://p.tanx.com/ex?i=mm_16460681_245800149_68248900382
Protocol
HTTP/1.1
Server
47.246.43.252 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
06b0fc8196b408e08c201b7cbc0646c2cf686c2a19ebd10e5f0a663d96595f82

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sat, 09 Nov 2019 22:33:03 GMT
Content-Encoding
gzip
x-oss-request-id
5DC73E9F72E8A73931AB02CA
Content-MD5
XYTRmtNn7QOVt/NdASV09Q==
Age
5284
X-Cache
HIT TCP_MEM_HIT dirn:11:233045431
X-Swift-CacheTime
3600
Connection
keep-alive
Content-Length
21796
x-oss-object-type
Normal
Access-Control-Allow-Origin
*
Server
Tengine
Vary
Accept-Encoding
Ali-Swift-Global-Savetime
1560605025
Content-Type
application/javascript
Via
cache15.l2de1[0,200-0,H], cache6.l2de1[0,0], cache6.de2[0,200-0,H], cache7.de2[0,0]
Cache-Control
max-age=3600,s-maxage=3600
x-oss-storage-class
Standard
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
12555399716524229773
EagleId
2ff62b9b15733440676373878e
x-oss-server-time
2
X-Swift-SaveTime
Sat, 09 Nov 2019 23:21:36 GMT
ex
ope.tanx.com/ 		925 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ope.tanx.com/ex?i=mm_16460681_245800149_68248900382&cb=jsonp_callback_18329&callback=&userid=&o=&f=&n=&r=&cg=a01d4fd75ba7332eadd7878d8c23d616&pvid=abea0a2819a650444fe230cc12cb63e9&u=http%3A%2F%2Fwww.398k.com%2Fzxxb%2F34524.html&psl=0
Requested by
Host: atanx.alicdn.com
URL: http://atanx.alicdn.com/t/tanxssp.js?_v=12
Protocol
HTTP/1.1
Server
140.205.248.60 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash
3aa3d3d0f684ffe671bf245a0fa79079a0e23323d3da9ecf864013166f6f22b6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 00:01:08 GMT
Cache-Control
no-cache
Server
Tengine
Connection
keep-alive
Transfer-Encoding
chunked
Expires
Sun, 10 Nov 2019 00:01:07 GMT
s.gif
api.share.baidu.com/ 		0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://api.share.baidu.com/s.gif?l=http://www.398k.com/zxxb/34524.html
Requested by
Host: www.398k.com
URL: http://www.398k.com/zxxb/34524.html
Protocol
HTTP/1.1
Server
61.135.185.248 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 00:01:09 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8
acbeacon2.html
cdn.tanx.com/t/acookie/ Frame E0D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://cdn.tanx.com/t/acookie/acbeacon2.html
Requested by
Host: atanx.alicdn.com
URL: http://atanx.alicdn.com/t/tanxssp.js?_v=12
Protocol
HTTP/1.1
Server
47.246.43.251 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Host
cdn.tanx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Server
Tengine
Content-Type
text/html
Content-Length
6382
Connection
keep-alive
Date
Sat, 09 Nov 2019 23:26:17 GMT
Vary
Accept-Encoding
x-oss-request-id
5DC74B196FC7C53933B40057
x-oss-object-type
Normal
x-oss-hash-crc64ecma
2629262646241174004
x-oss-storage-class
Standard
Cache-Control
max-age=3600,s-maxage=3600
Content-MD5
WwyZV04uyG9UbREuWiXfiA==
x-oss-server-time
2
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Ali-Swift-Global-Savetime
1550644958
Via
cache9.l2de1[0,200-0,H], cache44.l2de1[1,0], cache13.de2[0,200-0,H], cache12.de2[1,0]
Age
2091
X-Cache
HIT TCP_MEM_HIT dirn:9:62270840
X-Swift-SaveTime
Sat, 09 Nov 2019 23:26:20 GMT
X-Swift-CacheTime
3597
Timing-Allow-Origin
*
EagleId
2ff62ba015733440687595731e
spf3
df.tanx.com/ 		49 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://df.tanx.com/spf3?e=PjvAcfsbKB2bDt5Cn0lYE-ZoT5TfswQ2SWldAiTagT3chs-XpgiMS77uYTOehLMg6SuzuIQWUxFhVyBiDciUZqz1_txqkXxVrVShlaiXnicRR0v_ImXSHLnG2g47geTtZKS2nbEUdp3rlJ_rOE48GPrZTu_EGsUP&k=161&i=mm_16460681_245800149_68248900382
Requested by
Host: www.398k.com
URL: http://www.398k.com/zxxb/34524.html
Protocol
HTTP/1.1
Server
140.205.250.8 , China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 00:01:08 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache
Connection
close
Timing-Allow-Origin
*
EagleEye-TraceId
0bab2e5815733440687861922e304c
Expires
Sun, 10 Nov 2019 00:01:07 GMT
TB1j92QPVXXXXcKXpXXXXXXXXXX.html
strip.alicdn.com/tfscom/ Frame 1B24 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://strip.alicdn.com/tfscom/TB1j92QPVXXXXcKXpXXXXXXXXXX.html?tanxdspv=http%3a%2f%2frdstat.tanx.com%2ftrd%3ff%3d%26k%3da09e279ad7f7a12a%26p%3dmm_16460681_245800149_68248900382%26pvid%3d0b0c4c0d00015dc7534484d0002c1979%26s%3d336x280%26d%3d59420271%26t%3d1573344068&pid=mm_16460681_245800149_68248900382&tp=6&tsid=0b0c4c0d00015dc7534484d0002c1979&pid=mm_16460681_245800149_68248900382
Requested by
Host: atanx.alicdn.com
URL: http://atanx.alicdn.com/t/tanxssp.js?_v=12
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.43.251 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

:method
GET
:authority
strip.alicdn.com
:scheme
https
:path
/tfscom/TB1j92QPVXXXXcKXpXXXXXXXXXX.html?tanxdspv=http%3a%2f%2frdstat.tanx.com%2ftrd%3ff%3d%26k%3da09e279ad7f7a12a%26p%3dmm_16460681_245800149_68248900382%26pvid%3d0b0c4c0d00015dc7534484d0002c1979%26s%3d336x280%26d%3d59420271%26t%3d1573344068&pid=mm_16460681_245800149_68248900382&tp=6&tsid=0b0c4c0d00015dc7534484d0002c1979&pid=mm_16460681_245800149_68248900382
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate

Response headers

status
200
server
Tengine
content-type
text/html; charset=gb2312
content-length
38890
date
Wed, 10 Jul 2019 00:24:33 GMT
last-modified
Fri, 02 Jun 2017 23:19:39 GMT
expires
Thu, 09 Jul 2020 00:24:33 GMT
cache-control
max-age=31536000
ali-swift-global-savetime
1562718274
via
cache59.l2de1[0,200-0,H], cache26.l2de1[13,0], cache10.de2[0,200-0,H], cache12.de2[2,0]
age
10625796
x-cache
HIT TCP_HIT dirn:11:342773362
x-swift-savetime
Thu, 18 Jul 2019 04:53:48 GMT
x-swift-cachetime
30828645
timing-allow-origin
*
eagleid
2ff62ba015733440692076020e
TB1DmcoJXXXXXavXpXXXXXXXXXX-26-26.png
atanx.alicdn.com/t/img/ 		787 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://atanx.alicdn.com/t/img/TB1DmcoJXXXXXavXpXXXXXXXXXX-26-26.png
Requested by
Host: www.398k.com
URL: http://www.398k.com/zxxb/34524.html
Protocol
HTTP/1.1
Server
47.246.43.252 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
edf498d87df4cb375f9e9b7b0907fdb29872dfcb89f8c82b14f228dc3b4090e1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sat, 09 Nov 2019 22:35:56 GMT
Via
cache42.l2de1[0,200-0,H], cache30.l2de1[0,0], cache6.de2[0,200-0,H], cache7.de2[1,0]
x-oss-request-id
5DC73F4C6CB8F73237E00990
Content-MD5
QObF6jPxCdoW54qkyVIJgQ==
Age
5112
X-Cache
HIT TCP_MEM_HIT dirn:11:230988794
X-Swift-CacheTime
3600
Connection
keep-alive
Content-Length
787
x-oss-object-type
Normal
Server
Tengine
Ali-Swift-Global-Savetime
1573338956
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600,s-maxage=3600
x-oss-storage-class
Standard
Accept-Ranges
bytes
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
9215068310722943470
EagleId
2ff62b9b15733440683254368e
x-oss-server-time
58
X-Swift-SaveTime
Sat, 09 Nov 2019 23:11:48 GMT
TB1Lt7aJXXXXXcjXVXXXXXXXXXX-117-26.png
atanx.alicdn.com/t/img/ 		998 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://atanx.alicdn.com/t/img/TB1Lt7aJXXXXXcjXVXXXXXXXXXX-117-26.png
Requested by
Host: www.398k.com
URL: http://www.398k.com/zxxb/34524.html
Protocol
HTTP/1.1
Server
47.246.43.252 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
ce731c2d808e292b63f7bc14aee70aed2d3165afe7206e034f095de27cd956bd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sat, 09 Nov 2019 23:36:03 GMT
Via
cache46.l2de1[0,200-0,H], cache34.l2de1[1,0], cache8.de2[0,200-0,H], cache6.de2[0,0]
x-oss-request-id
5DC74D6374419730360129BB
Content-MD5
2aYmALHfPEaXn8xaNByIlw==
Age
1505
X-Cache
HIT TCP_MEM_HIT dirn:10:143308032
X-Swift-CacheTime
3600
Connection
keep-alive
Content-Length
998
x-oss-object-type
Normal
X-Source-Scheme
https
Server
Tengine
Ali-Swift-Global-Savetime
1573342563
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600,s-maxage=3600
x-oss-storage-class
Standard
Accept-Ranges
bytes
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
4652290459493442866
EagleId
2ff62b9a15733440683347706e
x-oss-server-time
25
X-Swift-SaveTime
Sat, 09 Nov 2019 23:39:15 GMT
TB1tWvVJFXXXXc_aXXXXXXXXXXX-40-26.png
atanx.alicdn.com/t/img/ 		349 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://atanx.alicdn.com/t/img/TB1tWvVJFXXXXc_aXXXXXXXXXXX-40-26.png
Requested by
Host: www.398k.com
URL: http://www.398k.com/zxxb/34524.html
Protocol
HTTP/1.1
Server
47.246.43.252 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
858e33ccde0cf2e070e690487dcca6d22783ced0f080e70ee83e37d61e8344fe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sat, 09 Nov 2019 23:22:42 GMT
Via
cache9.l2de1[0,200-0,H], cache47.l2de1[1,0], cache14.de2[0,200-0,H], cache5.de2[0,0]
x-oss-request-id
5DC74A42EFE5E13336074016
Content-MD5
9S9BhF6WI57fDSfenUeIKQ==
Age
2306
X-Cache
HIT TCP_MEM_HIT dirn:10:313244142
X-Swift-CacheTime
3600
Connection
keep-alive
Content-Length
349
x-oss-object-type
Normal
X-Source-Scheme
https
Server
Tengine
Ali-Swift-Global-Savetime
1573341763
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600,s-maxage=3600
x-oss-storage-class
Standard
Accept-Ranges
bytes
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
7598306964578673200
EagleId
2ff62b9915733440683376205e
x-oss-server-time
1
X-Swift-SaveTime
Sat, 09 Nov 2019 23:26:00 GMT
TB1upAiJXXXXXa5aXXXXXXXXXXX-116-30.png
atanx.alicdn.com/t/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://atanx.alicdn.com/t/img/TB1upAiJXXXXXa5aXXXXXXXXXXX-116-30.png
Requested by
Host: www.398k.com
URL: http://www.398k.com/zxxb/34524.html
Protocol
HTTP/1.1
Server
47.246.43.252 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
b633cc39aedb7bce3913dd06a55b89fb1a22ee3ce9e334ef1efd6df93256156a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Sat, 09 Nov 2019 23:17:53 GMT
Via
cache11.l2de1[0,200-0,H], cache9.l2de1[1,0], cache9.de2[0,200-0,H], cache4.de2[1,0]
x-oss-request-id
5DC749217459633735CEB75B
Content-MD5
h9KEnBy5+rJ2Ls5R4vTXXw==
Age
2595
X-Cache
HIT TCP_MEM_HIT dirn:10:28754676
X-Swift-CacheTime
3600
Connection
keep-alive
Content-Length
1271
x-oss-object-type
Normal
Server
Tengine
Ali-Swift-Global-Savetime
1573341473
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600,s-maxage=3600
x-oss-storage-class
Standard
Accept-Ranges
bytes
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
6491710681933029753
EagleId
2ff62b9815733440683281838e
x-oss-server-time
2
X-Swift-SaveTime
Sat, 09 Nov 2019 23:41:51 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| tanx_s object| tanx_h object| _hmt function| $ function| jQuery object| jQuery1124046949692649910935 number| _tanxlb object| TANX_ONLOAD function| tanxssp_show function| TANX_SHOW object| KSLITE object| KSLITEcurrentScript object| KSLITEpkgPaths object| KSLITEonLoad string| tax_vi object| tanx_ssp_onload object| 9fbe67ae61097

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.share.baidu.com
atanx.alicdn.com
cdn.bootcss.com
cdn.tanx.com
df.tanx.com
hm.baidu.com
ope.tanx.com
p.tanx.com
push.zhanzhang.baidu.com
strip.alicdn.com
www.398k.com
1.31.173.91
103.235.46.191
106.11.209.24
116.196.96.228
140.205.248.60
140.205.250.8
47.246.43.251
47.246.43.252
61.135.185.248
06b0fc8196b408e08c201b7cbc0646c2cf686c2a19ebd10e5f0a663d96595f82
34732fe243fe01243cc8cbc4f2b6f9f82eb715b1d5ea9e199871827f05c26e36
3aa3d3d0f684ffe671bf245a0fa79079a0e23323d3da9ecf864013166f6f22b6
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
858e33ccde0cf2e070e690487dcca6d22783ced0f080e70ee83e37d61e8344fe
8bc443625c52f49c4d85cb56fb20db9a4451c0613ae444d1bb3996469dbac7fe
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
b633cc39aedb7bce3913dd06a55b89fb1a22ee3ce9e334ef1efd6df93256156a
ce731c2d808e292b63f7bc14aee70aed2d3165afe7206e034f095de27cd956bd
d8007584bfa5a96f49f25760bc65896f1cecde2340eaed663d3adc9971dd6cea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edf498d87df4cb375f9e9b7b0907fdb29872dfcb89f8c82b14f228dc3b4090e1
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c