urlscan.io logo urlscan.io
SecurityTrails logo

28287.com Open in urlscan Pro
2606:4700:3035::6815:40e3  Public Scan

Go To Rescan Add Verdict Report
URL: http://28287.com/
Submission: On November 15 via api from BY — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3035::6815:40e3, located in United States and belongs to CLOUDFLARENET, US. The main domain is 28287.com.
This is the only time 28287.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 117.68.52.49 134425 (CHINANET-...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2 157.255.220.247 17623 (CNCGROUP-...)
1 1 203.205.136.81 132203 (TENCENT-N...)
1 203.205.136.243 132203 (TENCENT-N...)
2 103.235.46.191 55967 (BAIDU Bei...)
2 2a00:1450:400... 15169 (GOOGLE)
15 7
4    2606:4700:3035::6815:40e3 (United States)

ASN13335 (CLOUDFLARENET, US)
28287.com
1    117.68.52.49 (China)

ASN134425 (CHINANET-HEFEI-QIMENLU-IDC China Telecom, CN)
apps.bdimg.com
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    157.255.220.247 (China)

ASN17623 (CNCGROUP-SZ China Unicom Shenzen network, CN)
wpa.qq.com
1    203.205.136.81 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
pub.idqqimg.com
1    203.205.136.243 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
pub.idqqimg.com
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
239 KB
4 28287.com
28287.com
30 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
5 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 9830
12 KB
2 idqqimg.com
pub.idqqimg.com — Cisco Umbrella Rank: 39753
4 KB
2 qq.com
wpa.qq.com — Cisco Umbrella Rank: 273202
364 B
1 bdimg.com
apps.bdimg.com — Cisco Umbrella Rank: 139529
34 KB
15 7
Domain Requested by
4 pagead2.googlesyndication.com 28287.com
pagead2.googlesyndication.com
4 28287.com 28287.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 hm.baidu.com 28287.com
2 pub.idqqimg.com 1 redirects 28287.com
2 wpa.qq.com 2 redirects
1 apps.bdimg.com 28287.com
15 7

This site contains links to these domains. Also see Links.

Domain
wpa.qq.com
www.haomi123.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh

This page contains 3 frames:

Primary Page: http://28287.com/
Frame ID: C7274223DE716CD7B3684DC9EE58E768
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: D1A0021AF3B994E596CDFA25E5E75DE7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3893218168461460&output=html&adk=1812271804&adf=3025194257&lmt=1700010342&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2F28287.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&dt=1700010341979&bpp=4&bdt=2217&idt=177&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1829446774000&frm=20&pv=2&ga_vid=28792071.1700010342&ga_sid=1700010342&ga_hid=679391338&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C31079628%2C31078301%2C44807406%2C31079156%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=2965397459470901&tmod=1422253721&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=194
Frame ID: 9F0D3876EE7DBA397F7E09EE0441BDCD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

28287.com-34558官方网站

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

53 %
HTTPS

38 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

323 kB
Transfer

890 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://wpa.qq.com/pa?p=2:330331:51 HTTP 302
  • https://wpa.qq.com/pa?p=2:330331:51 HTTP 301
  • http://pub.idqqimg.com/qconn/wpa/button/button_111.gif HTTP 302
  • https://pub.idqqimg.com/qconn/wpa/button/button_111.gif

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
28287.com/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://28287.com/
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:40e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3e3fe2bb4202bd398e0f4cab5494c693565543dae74e007f48c5a069fbdd9d9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
8263964d0bf6e6ae-HKG
Connection
keep-alive
Content-Encoding
gzip
Content-Language
de-DE
Content-Type
text/html;charset=UTF-8
Date
Wed, 15 Nov 2023 01:05:39 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yat3%2FxtNRmjmNAgO3ngVCCAc4OTAACDSRFqBJanxXzTJ4E8gM73Vqw354aTBJt%2B%2F6QiTQMrfiO4WikScY04VEQZAmoJpbSc%2FYYd1key9pqiiOaDvsux6ERypEwjXEIudydEsPAMuBxg%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
jquery.min.js
apps.bdimg.com/libs/jquery/1.10.2/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://apps.bdimg.com/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: 28287.com
URL: http://28287.com/
Protocol
HTTP/1.1
Server
117.68.52.49 , China, ASN134425 (CHINANET-HEFEI-QIMENLU-IDC China Telecom, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
c1bcc5f2066e4476e6dbab0b5a9b9700b86f4d6ebeb2900d73ee97e53753d4f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://28287.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 01:05:41 GMT
Content-Encoding
gzip
Age
823132
Transfer-Encoding
chunked
Connection
keep-alive
Ohc-Cache-HIT
hfct63 [2], nb2ctcache63 [2]
Ohc-Response-Time
1 0 0 0 0 0
Last-Modified
Wed, 07 Jan 2015 09:16:30 GMT
Server
JSP3/2.0.14
ETag
"54acf96e-16bb2"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Ohc-Global-Saved-Time
Wed, 25 Oct 2023 09:28:27 GMT
Expires
Fri, 24 Nov 2023 09:28:27 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		149 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3893218168461460
Requested by
Host: 28287.com
URL: http://28287.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b5a6ca959aca3931464f3620c57da13a38bc1507accb6fd28461d15626d5bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://28287.com/
Origin
http://28287.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 01:05:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52728
x-xss-protection
0
server
cafe
etag
6603138316843373597
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 01:05:39 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		149 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 28287.com
URL: http://28287.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55719d16681943de25045b2bc551e2575897f413a79962fef82a7e386ee5e6eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://28287.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 01:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52697
x-xss-protection
0
server
cafe
etag
13348215443397589044
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 01:05:42 GMT
jquery.form.js
28287.com/static/common/js/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://28287.com/static/common/js/jquery.form.js
Requested by
Host: 28287.com
URL: http://28287.com/
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:40e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dd743447ea250fa9ba77c7d0a53151a4544bd94eb21e9ab63ad77b2127f260c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://28287.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 01:05:40 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Wed, 06 Mar 2019 04:39:51 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"41543-1551847191849"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQpbCgJ6noh%2FPBvXCDaG%2FcitjnmVy31HUUCGF%2F4FnaEW9%2B6TB2X2%2FNLYuMFEaiCEwRcDU0sn8FPtUktT6tt5ixqq8LaTVYrFidRUiKmg58eiTp3LlQ6P9S42XuAWf1DEPyqEkqclm8w%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
8263964fa8100488-CDG
alt-svc
h3=":443"; ma=86400
web.js
28287.com/static/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://28287.com/static/js/web.js
Requested by
Host: 28287.com
URL: http://28287.com/
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:40e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
593f0e0e9f88ed40f2c668133c2e2e496f731265f81f9c1a6358a0a1674cbad2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://28287.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 01:05:40 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Tue, 07 Apr 2020 13:43:22 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"1154-1586267002418"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOgTVmFIlnC7E49ilnoq%2Fl058AF68REaO7%2BXduCcnGhPYYYhGJhigdWUxr432K9IjkEFRfUF4PXBvRMVW09YI9tl4zUYq%2BCKDYx54YcgucKEixJx7z0Ams315Fd2nS32WHXSIdXWRhA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
8263964fc8bebb8b-FRA
alt-svc
h3=":443"; ma=86400
button_111.gif
pub.idqqimg.com/qconn/wpa/button/
Redirect Chain
  • http://wpa.qq.com/pa?p=2:330331:51
  • https://wpa.qq.com/pa?p=2:330331:51
  • http://pub.idqqimg.com/qconn/wpa/button/button_111.gif
  • https://pub.idqqimg.com/qconn/wpa/button/button_111.gif
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.idqqimg.com/qconn/wpa/button/button_111.gif
Requested by
Host: 28287.com
URL: http://28287.com/
Protocol
H2
Server
203.205.136.243 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_SSD_MID /
Resource Hash
ae9d6dd007fb1d078da953170c7052d2822b85f719b2f71230791f7ae8db5e5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://28287.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 03:56:20 GMT
x-cache-lookup
Cache Hit
last-modified
Fri, 30 Sep 2022 03:20:36 GMT
server
NWS_SSD_MID
age
18684
vary
Origin
content-type
image/jpeg
cache-control
max-age=86400
x-daa-tunnel
hop_count=1
x-nws-log-uuid
4096388907555477670
accept-ranges
bytes
x-verify-code
f43d2141f90038a1ba8d29012a073fe0
content-length
3534
expires
Sat, 16 Sep 2023 03:56:20 GMT

Redirect headers

Date
Wed, 15 Nov 2023 01:05:45 GMT
X-Cache-Lookup
Return Directly
Server
Lego Server
Vary
Origin
Location
https://pub.idqqimg.com/qconn/wpa/button/button_111.gif
Cache-Control
max-age=86400
X-NWS-LOG-UUID
17401763715243876016
Connection
keep-alive
Content-Length
0
QQ.png
28287.com/static/sale/img/ 		0
0
weixin.png
28287.com/static/sale/img/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://28287.com/static/sale/img/weixin.png
Requested by
Host: 28287.com
URL: http://28287.com/
Protocol
HTTP/1.1
Server
2606:4700:3035::6815:40e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5da825088c28294fafb22904bf929e716f17038d08a1bd9062a1c918c6875cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://28287.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 01:05:42 GMT
CF-Cache-Status
MISS
Last-Modified
Thu, 19 Mar 2020 12:51:38 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"12142-1584622298581"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvtTbrd00TgoZiWVNfUNS8pxQI2pNarNMXq5AH4%2BRcHttv5zo0Szt%2By5h9V0OOAWNr%2FNMGmQbPHBlauDCocB%2BueWjcbsviLfto%2FwoFmQ6m6Fz4rGThpuaH%2FEYumgPTrJIFydXhMyOis%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8263965d5f0d0488-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
12142
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?70d2e2a79b1acba79aa7d4731ac8d8ff
Requested by
Host: 28287.com
URL: http://28287.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
eca1f0288b617656ff5a741536c167bae4366b972cab50f6647fc52a6bb4ebbf
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://28287.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 01:05:43 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
4507ed4791092b9a819ac4a6bf2f6ccf
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11258
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3893218168461460&plah=28287.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3893218168461460
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53f510cfbeeed1c7cdb3eb120cbc5248984a2259d2d3e1c3866ae75fd21dd75a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://28287.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 01:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138528
x-xss-protection
0
server
cafe
etag
18345033877904197336
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 01:05:42 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame D1A0 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3893218168461460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://28287.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27965
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 17:19:37 GMT
etag
16674218716276178799
expires
Tue, 28 Nov 2023 17:19:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9F0D 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3893218168461460&output=html&adk=1812271804&adf=3025194257&lmt=1700010342&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2F28287.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&dt=1700010341979&bpp=4&bdt=2217&idt=177&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1829446774000&frm=20&pv=2&ga_vid=28792071.1700010342&ga_sid=1700010342&ga_hid=679391338&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C31079628%2C31078301%2C44807406%2C31079156%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=2965397459470901&tmod=1422253721&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=194
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3893218168461460&plah=28287.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://28287.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 01:05:42 GMT
expires
Wed, 15 Nov 2023 01:05:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=aa&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: 28287.com
URL: http://28287.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://28287.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 01:05:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1207312600&si=70d2e2a79b1acba79aa7d4731ac8d8ff&v=1.3.0&lv=1&sn=32444&r=0&ww=1600&u=http%3A%2F%2F28287.com%2F&tt=28287.com-34558%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99
Requested by
Host: 28287.com
URL: http://28287.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://28287.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Nov 2023 01:05:44 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
28287.com
URL
http://28287.com/static/sale/img/QQ.png

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery object| _isJqueryAjaxSubmitArray object| _doJqueryAjaxSubmitTimeIndexArray function| doJqueryAjaxSubmit function| doSaveOffer function| changeContactType object| _hmt object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages boolean| _bdhm_loaded_70d2e2a79b1acba79aa7d4731ac8d8ff object| mini_tangram_log_jdt2bn

5 Cookies

Domain/Path Name / Value
28287.com/ Name: JSESSIONID
Value: AA60A2D6FA209B8439B03F146AB2C4B1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 35F5CE1CDDC4C5EA
.28287.com/ Name: Hm_lvt_70d2e2a79b1acba79aa7d4731ac8d8ff
Value: 1700010344
.28287.com/ Name: Hm_lpvt_70d2e2a79b1acba79aa7d4731ac8d8ff
Value: 1700010344