www.exsawim.cn - urlscan.io

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 156.251.25.119, located in and belongs to . The main domain is www.exsawim.cn.
TLS certificate: Issued by R3 on January 19th 2024. Valid for: 3 months.

This is the only time www.exsawim.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	193.84.85.178 193.84.85.178	59796 (STORMWALL-AS) (STORMWALL-AS)
3	156.251.25.119 156.251.25.119	() ()
4	3

3 193.84.85.178 (Russian Federation) 2 redirects

ASN59796 (STORMWALL-AS, SK)

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 156.251.25.119 (None, )

ASN- ()

www.exsawim.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	exsawim.cn www.exsawim.cn	3 KB
3	s.id 2 redirects s.id — Cisco Umbrella Rank: 122908	14 KB
4	2

	Domain	Requested by
3	www.exsawim.cn	s.id www.exsawim.cn
3	s.id	2 redirects
4	2

This site contains no links.

Subject Issuer	Validity	Valid
s.id R3	`2023-12-21` - `2024-03-20`	3 months	crt.sh
www.jivvrve.cn R3	`2024-01-19` - `2024-04-18`	3 months	crt.sh

This page contains 1 frames:

Frame: https://www.exsawim.cn/index.php?t=51be38a461a06553f9c3ff8a1673e0fdcef1ac5dca3c5af2760a3e9c8dfc208a
Frame ID: 563D0A7213BE2A97D9D96E281AC3DB2E
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://s.id/20BmO Page URL
https://s.id/20BmO HTTP 302
https://s.id/20BmO HTTP 302
https://www.exsawim.cn/ Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

16 kB
Transfer

26 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s.id/20BmO Page URL
https://s.id/20BmO HTTP 302
https://s.id/20BmO HTTP 302
https://www.exsawim.cn/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	20BmO Show response s.id/	13 KB 13 KB	148ms 43ms	Document text/html	193.84.85.178 STORMWALL-AS
General Check archive.org Show headers Download Go to Full URL https://s.id/20BmO Protocol H2 Security TLS 1.3, , AES_256_GCM Server 193.84.85.178 , Russian Federation, ASN59796 (STORMWALL-AS, SK), Reverse DNS Software nginx / Resource Hash `1baac7f9b53a2fb054936c450c995e30c76ebac8bb5225e04de5661ba95064d4` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers cache-control no-cache content-length 13510 content-type text/html; charset=utf-8 date Sat, 20 Jan 2024 12:19:52 GMT server nginx
GET DATA	200 OK	truncated /	7 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `c6f6eb10a4472f02adf0f74f0805afb04a0bd0f4644a1eeff94d9b36d2ffeaf6` Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	Primary Request / Show response www.exsawim.cn/ Redirect Chain https://s.id/20BmO https://s.id/20BmO https://www.exsawim.cn/	1 KB 1007 B	2845ms 116ms	Document text/html	156.251.25.119
General Check archive.org Show headers Download Go to Full URL https://www.exsawim.cn/ Requested by Host: s.id URL: https://s.id/20BmO Protocol H2 Security TLS 1.3, , AES_256_GCM Server 156.251.25.119 -, , ASN (), Reverse DNS Software Apache / Resource Hash `b660d861ce6e7f1b048fb2e51c1f2fc4f73432a0a216b79f5c20286be93d231e` Request headers Referer https://s.id/20BmO Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 596 content-type text/html; charset=UTF-8 date Sat, 20 Jan 2024 12:19:56 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Apache vary Accept-Encoding Redirect headers cache-control private, max-age=15 content-length 0 date Sat, 20 Jan 2024 12:19:53 GMT location https://www.exsawim.cn server nginx strict-transport-security max-age=15724800; includeSubDomains
GET H2	200	vendor.23238u92u82.js www.exsawim.cn/vendor/	5 KB 2 KB	117ms 117ms	Script application/javascript	156.251.25.119
General Check archive.org Show headers Download Go to Full URL https://www.exsawim.cn/vendor/vendor.23238u92u82.js Requested by Host: www.exsawim.cn URL: https://www.exsawim.cn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 156.251.25.119 -, , ASN (), Reverse DNS Software Apache / Resource Hash Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.exsawim.cn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 12:19:57 GMT content-encoding gzip last-modified Tue, 06 Apr 2021 02:24:54 GMT server Apache etag "1375-5bf4485060980-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1907
GET H2	200	index.php Show response www.exsawim.cn/	0 26 B	6169ms 6168ms	Document text/html	156.251.25.119
General Check archive.org Show headers Download Go to Full URL https://www.exsawim.cn/index.php?t=51be38a461a06553f9c3ff8a1673e0fdcef1ac5dca3c5af2760a3e9c8dfc208a Requested by Host: www.exsawim.cn URL: https://www.exsawim.cn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 156.251.25.119 -, , ASN (), Reverse DNS Software Apache / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.exsawim.cn/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers content-length 0 content-type text/html; charset=UTF-8 date Sat, 20 Jan 2024 12:19:57 GMT server Apache

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
s.id/	1969-12-31 23:59:59	Name: __js_p_ Value: 192,1800,0,0,0
s.id/	1970-01-20 17:49:14	Name: __jhash_ Value: 828
s.id/	1970-01-20 17:49:14	Name: __jua_ Value: Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.224%20Safari%2F537.36
s.id/	1970-01-20 17:49:14	Name: __hash_ Value: 5a4a26953674410df767f16b80a56604
s.id/	1970-01-20 17:59:17	Name: __lhash_ Value: 49a754167d9a3e18f3af53e720a88fb9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

s.id
www.exsawim.cn
156.251.25.119
193.84.85.178
1baac7f9b53a2fb054936c450c995e30c76ebac8bb5225e04de5661ba95064d4
b660d861ce6e7f1b048fb2e51c1f2fc4f73432a0a216b79f5c20286be93d231e
c6f6eb10a4472f02adf0f74f0805afb04a0bd0f4644a1eeff94d9b36d2ffeaf6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.exsawim.cn Open in urlscan Pro 156.251.25.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

16 kBTransfer

26 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

5 Cookies

Indicators

www.exsawim.cn Open in urlscan Pro
156.251.25.119 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

16 kB
Transfer

26 kB
Size

5
Cookies

4 HTTP transactions
1 data transactions