urlscan.io logo urlscan.io
SecurityTrails logo

www.ticketmall.top Open in urlscan Pro
159.138.158.234  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.ticketmall.top/
Submission: On May 27 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 159.138.158.234, located in Nanjing, China and belongs to HWCLOUDS-AS-AP HUAWEI CLOUDS, HK. The main domain is www.ticketmall.top.
TLS certificate: Issued by R3 on May 27th 2022. Valid for: 3 months.
This is the only time www.ticketmall.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 159.138.158.234 136907 (HWCLOUDS-...)
4 94.74.119.194 136907 (HWCLOUDS-...)
1 36.103.236.36 134761 (CHINANET-...)
12 4
Apex Domain
Subdomains		 Transfer
5 ticketmall.top
www.ticketmall.top
358 KB
4 bitr.vip
m.bitr.vip
42 KB
1 baidu.com
t7.baidu.com — Cisco Umbrella Rank: 25925
gimg2.baidu.com Failed
62 KB
0 dcloud.net.cn Failed
cdn.dcloud.net.cn Failed
12 4
Domain Requested by
5 www.ticketmall.top www.ticketmall.top
4 m.bitr.vip www.ticketmall.top
1 t7.baidu.com www.ticketmall.top
0 gimg2.baidu.com Failed www.ticketmall.top
0 cdn.dcloud.net.cn Failed www.ticketmall.top
12 5

This site contains no links.

Subject Issuer Validity Valid
www.ticketmall.top
R3		 2022-05-27 -
2022-08-25		 3 months crt.sh
m.bitr.vip
R3		 2022-05-25 -
2022-08-23		 3 months crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-02-21 -
2022-08-02		 5 months crt.sh

This page contains 1 frames:

Primary Page: https://www.ticketmall.top/
Frame ID: 19F7C07C5B951FF23DB918CFFA8D0AAF
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

home

Page Statistics

12
Requests

83 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

462 kB
Transfer

1106 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ticketmall.top/ 		786 B
939 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ticketmall.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.138.158.234 Nanjing, China, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-158-234.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
bc9768586db4250a7076aaa428b2ac85c37dbecc58b51852de4101b78308c9b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
786
content-type
text/html
date
Fri, 27 May 2022 07:37:22 GMT
etag
"62906364-312"
last-modified
Fri, 27 May 2022 05:36:36 GMT
server
nginx
strict-transport-security
max-age=31536000
index.a5c69d49.css
www.ticketmall.top/static/ 		92 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ticketmall.top/static/index.a5c69d49.css
Requested by
Host: www.ticketmall.top
URL: https://www.ticketmall.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.138.158.234 Nanjing, China, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-158-234.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
4092422fbd44790f2e0889437a157b0156f3801412dbe0758286232f58ae0afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketmall.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 07:37:22 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 05:36:36 GMT
server
nginx
etag
W/"62906364-16ff2"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Fri, 27 May 2022 19:37:22 GMT
chunk-vendors.34802af4.js
www.ticketmall.top/static/js/ 		700 KB
247 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ticketmall.top/static/js/chunk-vendors.34802af4.js
Requested by
Host: www.ticketmall.top
URL: https://www.ticketmall.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.138.158.234 Nanjing, China, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-158-234.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
7f761eaf98293a43442f9122ab6f209e0aeab6f4ad3b319fabec280332a8425e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketmall.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 07:37:22 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 05:36:36 GMT
server
nginx
etag
W/"62906364-aeebc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Fri, 27 May 2022 19:37:22 GMT
index.7e384fa3.js
www.ticketmall.top/static/js/ 		182 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ticketmall.top/static/js/index.7e384fa3.js
Requested by
Host: www.ticketmall.top
URL: https://www.ticketmall.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.138.158.234 Nanjing, China, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-158-234.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
3c2b2660e45f7d4a5b96bb971a7c3cdae7585e6588580a8c05c58a40e135894b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketmall.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 07:37:22 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 05:36:36 GMT
server
nginx
etag
W/"62906364-2d87e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Fri, 27 May 2022 19:37:22 GMT
pages-index-index.33ade07b.js
www.ticketmall.top/static/js/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ticketmall.top/static/js/pages-index-index.33ade07b.js
Requested by
Host: www.ticketmall.top
URL: https://www.ticketmall.top/static/js/index.7e384fa3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.138.158.234 Nanjing, China, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-159-138-158-234.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
f1d3c879692919da1765c7b55dea5f16156abedc3a16e28c22b37eeb305ce5de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketmall.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 07:37:23 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 05:36:36 GMT
server
nginx
etag
W/"62906364-654e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Fri, 27 May 2022 19:37:23 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
getHome
m.bitr.vip/web/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://m.bitr.vip/web/getHome
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.74.119.194 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-94-74-119-194.compute.hwclouds-dns.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,form-type,lang
Access-Control-Request-Method
GET
Origin
https://www.ticketmall.top
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Fri, 27 May 2022 07:37:25 GMT
server
nginx
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
getHome
m.bitr.vip/web/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.bitr.vip/web/getHome
Requested by
Host: www.ticketmall.top
URL: https://www.ticketmall.top/static/js/chunk-vendors.34802af4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.74.119.194 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-94-74-119-194.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
e0d66b068c9e3390c262bed5da09473272c1bc488ccb0a48d307c3fe3514ec88

Request headers

lang
en_us
Referer
https://www.ticketmall.top/
Authorization
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Form-type
h5
content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 27 May 2022 07:37:26 GMT
server
nginx
access-control-max-age
3600
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
x-cache
MISS
access-control-allow-headers
*
truncated
/ 		326 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50bc70ce0099ca1188c607b8dca600c6f35365357db93fcc112a6f2c0fbfe7a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32940cf0433e6486289219c35171f8a678bcda6df9ab62e1b5af065f06ef6d28

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
u=4162611394,4275913936&fm=193&f=GIF
t7.baidu.com/it/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t7.baidu.com/it/u=4162611394,4275913936&fm=193&f=GIF
Requested by
Host: www.ticketmall.top
URL: https://www.ticketmall.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
36.103.236.36 Guangzhou, China, ASN134761 (CHINANET-NINGXIA-ZHONGWEI-IDC CHINANET NINGXIA province ZHONGWEI IDC network, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
1b90d1d73d23df9c0e7a805034757a54f34e9d7ccdf58e8ef796044a4cbb54ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketmall.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

ohc-file-size
63086
date
Fri, 27 May 2022 07:37:26 GMT
age
1091073
x-cache-status
HIT
ohc-upstream-trace
36.103.236.61
content-length
63086
ohc-cache-hit
zw2ct61 [2], bdix82 [2]
ohc-response-time
1 0 0 0 0 0
last-modified
Thu, 08 Jan 1970 00:00:00 GMT
server
JSP3/2.0.14
etag
cbca0f1b7978f809832efca5942ab71a
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jun 2022 05:48:41 GMT
shadow-grey.png
cdn.dcloud.net.cn/img/ 		0
0
10.jpg
m.bitr.vip/img/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.bitr.vip/img/10.jpg
Requested by
Host: www.ticketmall.top
URL: https://www.ticketmall.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.74.119.194 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-94-74-119-194.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
4bf6b60b7eea71743164e58d336e1aa62e9c268682bf7aeaed268c1df9abc12d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketmall.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 07:37:27 GMT
last-modified
Fri, 27 May 2022 05:32:44 GMT
server
nginx
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
access-control-max-age
3600
access-control-allow-credentials
true
x-cache
MISS
accept-ranges
bytes
access-control-allow-headers
*
content-length
34812
11.jpg
m.bitr.vip/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.bitr.vip/img/11.jpg
Requested by
Host: www.ticketmall.top
URL: https://www.ticketmall.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.74.119.194 Bangkok, Thailand, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-94-74-119-194.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
86d43f4042f6b3d1ebfea123ad0cb72f81c0f2473205a02d857783f9e48fb62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ticketmall.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 07:37:27 GMT
last-modified
Fri, 27 May 2022 05:32:44 GMT
server
nginx
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
*
content-type
image/jpeg
access-control-allow-origin
*
access-control-max-age
3600
access-control-allow-credentials
true
x-cache
MISS
accept-ranges
bytes
access-control-allow-headers
*
content-length
4117
src=http%3A%2F%2Fimg.doc.wendoc.com%2Fpic%2F3e38d20ea8fd5baf16b2eac1%2F1-810-jpg_6-1080-0-0-1080.jpg&refer=http%3A%2F%2Fimg.doc.wendoc.com&app=2002&size=f9999,10000&q=a80&n=0&g=0n&fmt=auto
gimg2.baidu.com/image_search/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.dcloud.net.cn
URL
https://cdn.dcloud.net.cn/img/shadow-grey.png
Domain
gimg2.baidu.com
URL
https://gimg2.baidu.com/image_search/src=http%3A%2F%2Fimg.doc.wendoc.com%2Fpic%2F3e38d20ea8fd5baf16b2eac1%2F1-810-jpg_6-1080-0-0-1080.jpg&refer=http%3A%2F%2Fimg.doc.wendoc.com&app=2002&size=f9999,10000&q=a80&n=0&g=0n&fmt=auto?sec=1655542863&t=ed6c7a73792252c43c6b29ba0ad6fd44

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation boolean| coverSupport object| webpackJsonp object| __uniConfig object| __uniRoutes function| UniApp object| UniViewJSBridge object| UniServiceJSBridge object| uni object| wx function| getApp function| getCurrentPages object| regeneratorRuntime

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000