![](/screenshots/8f66862f-40bc-4064-8e37-7084d7d0493a.png)
www.exsawim.cn
Open in
urlscan Pro
156.251.25.119
Public Scan
Effective URL: https://www.exsawim.cn/
Submission Tags: phishing saison Search All
Submission: On January 20 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on January 19th 2024. Valid for: 3 months.
This is the only time www.exsawim.cn was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 3 | 193.84.85.178 193.84.85.178 | 59796 (STORMWALL-AS) (STORMWALL-AS) | |
3 | 156.251.25.119 156.251.25.119 | () () | |
4 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
exsawim.cn
www.exsawim.cn |
3 KB |
3 |
s.id
2 redirects
s.id — Cisco Umbrella Rank: 122908 |
14 KB |
4 | 2 |
Domain | Requested by | |
---|---|---|
3 | www.exsawim.cn |
s.id
www.exsawim.cn |
3 | s.id | 2 redirects |
4 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
s.id R3 |
2023-12-21 - 2024-03-20 |
3 months | crt.sh |
www.jivvrve.cn R3 |
2024-01-19 - 2024-04-18 |
3 months | crt.sh |
This page contains 1 frames:
Frame:
https://www.exsawim.cn/index.php?t=51be38a461a06553f9c3ff8a1673e0fdcef1ac5dca3c5af2760a3e9c8dfc208a
Frame ID: 563D0A7213BE2A97D9D96E281AC3DB2E
Requests: 5 HTTP requests in this frame
Screenshot
![](/screenshots/8f66862f-40bc-4064-8e37-7084d7d0493a.png)
Page URL History Show full URLs
- https://s.id/20BmO Page URL
-
https://s.id/20BmO
HTTP 302
https://s.id/20BmO HTTP 302
https://www.exsawim.cn/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://s.id/20BmO Page URL
-
https://s.id/20BmO
HTTP 302
https://s.id/20BmO HTTP 302
https://www.exsawim.cn/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
20BmO
s.id/ |
13 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
www.exsawim.cn/ Redirect Chain
|
1 KB 1007 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.23238u92u82.js
www.exsawim.cn/vendor/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.php
www.exsawim.cn/ |
0 26 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
s.id/ | Name: __js_p_ Value: 192,1800,0,0,0 |
|
s.id/ | Name: __jhash_ Value: 828 |
|
s.id/ | Name: __jua_ Value: Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.224%20Safari%2F537.36 |
|
s.id/ | Name: __hash_ Value: 5a4a26953674410df767f16b80a56604 |
|
s.id/ | Name: __lhash_ Value: 49a754167d9a3e18f3af53e720a88fb9 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
s.id
www.exsawim.cn
156.251.25.119
193.84.85.178
1baac7f9b53a2fb054936c450c995e30c76ebac8bb5225e04de5661ba95064d4
b660d861ce6e7f1b048fb2e51c1f2fc4f73432a0a216b79f5c20286be93d231e
c6f6eb10a4472f02adf0f74f0805afb04a0bd0f4644a1eeff94d9b36d2ffeaf6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855