urlscan.io logo urlscan.io
SecurityTrails logo

wy.668wan.com Open in urlscan Pro
163.171.132.119  Public Scan

Go To Rescan Add Verdict Report
URL: https://wy.668wan.com/yscq/aJZ9Iz/index.html?uid=gdt-07
Submission: On May 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 18 HTTP transactions. The main IP is 163.171.132.119, located in Germany and belongs to QUANTILNETWORKS, CA. The main domain is wy.668wan.com.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on November 1st 2022. Valid for: a year.
This is the only time wy.668wan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 163.171.132.119 54994 (QUANTILNE...)
8 58.220.72.27 137697 (CHINATELE...)
3 163.171.128.148 54994 (QUANTILNE...)
1 2600:9000:212... 16509 (AMAZON-02)
2 103.235.46.191 55967 (BAIDU Bei...)
1 240e:f7:4f00:... 58461 (CT-HANGZH...)
18 6
3    163.171.132.119 (Germany)

ASN54994 (QUANTILNETWORKS, CA)
wy.668wan.com
gres.602.com
8    58.220.72.27 (China)

ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN)
tg.602.com
3    163.171.128.148 (Germany)

ASN54994 (QUANTILNETWORKS, CA)
static.602.com
em.602.com
1    2600:9000:2127:3200:1:fa24:cf00:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.geetest.com
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    240e:f7:4f00:1d03::1:15 (China)

ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN)
shouyou.53shubiao.com
Apex Domain
Subdomains		 Transfer
12 602.com
tg.602.com
static.602.com
em.602.com
gres.602.com
114 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 7872
12 KB
2 668wan.com
wy.668wan.com
2 KB
1 53shubiao.com
shouyou.53shubiao.com
12 MB
1 geetest.com
static.geetest.com — Cisco Umbrella Rank: 25661
5 KB
18 5
Domain Requested by
8 tg.602.com wy.668wan.com
2 hm.baidu.com tg.602.com
wy.668wan.com
2 static.602.com wy.668wan.com
tg.602.com
2 wy.668wan.com tg.602.com
1 shouyou.53shubiao.com wy.668wan.com
1 gres.602.com wy.668wan.com
1 em.602.com tg.602.com
1 static.geetest.com wy.668wan.com
18 8

This site contains links to these domains. Also see Links.

Domain
down.52jianpan.com
www.602.com
Subject Issuer Validity Valid
*.668wan.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-11-01 -
2023-11-13		 a year crt.sh
*.602.com
Xcc Trust OV SSL CA		 2022-08-08 -
2023-08-08		 a year crt.sh
*.geetest.com
GeoTrust TLS RSA CA G1		 2023-03-28 -
2024-04-26		 a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2022-07-05 -
2023-08-06		 a year crt.sh
shouyou.53shubiao.com
TrustAsia RSA DV TLS CA G2		 2022-12-30 -
2023-12-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://wy.668wan.com/yscq/aJZ9Iz/index.html?uid=gdt-07
Frame ID: F78DC41F1F128C4AC978CBEE41378112
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

,元宝全靠打,新区十倍爆率!刀刀切割!终极必爆带你重温经典

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

8
Subdomains

6
IPs

4
Countries

12707 kB
Transfer

13002 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
wy.668wan.com/yscq/aJZ9Iz/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wy.668wan.com/yscq/aJZ9Iz/index.html?uid=gdt-07
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
BWS/1.1 /
Resource Hash
00e2a70591fa7478de4c3feb2f3272be86bd0a8ac4e69347974d3ffb2a48918a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 16 May 2023 11:56:01 GMT
Last-Modified
Wed, 26 Apr 2023 09:53:39 GMT
Server
BWS/1.1
Transfer-Encoding
chunked
X-Via
1.1 PS-FOC-01TKc95:8 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2lp71:18 (Cdn Cache Server V2.0)
X-Ws-Request-Id
64636f51_PSdgflkfFRA2gb73_1214-46286
style.css
tg.602.com/js+flash/flash+js_1.01/css/ 		42 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tg.602.com/js+flash/flash+js_1.01/css/style.css
Requested by
Host: wy.668wan.com
URL: https://wy.668wan.com/yscq/aJZ9Iz/index.html?uid=gdt-07
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
58.220.72.27 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software
BWS/1.1 /
Resource Hash
1e581e3e56ef3112a9c2dc0adb573716477e1d37e36457b8854c9439fc15b701

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wy.668wan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 11:56:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 May 2023 08:32:24 GMT
Server
BWS/1.1
Age
1
Transfer-Encoding
chunked
X-Ws-Request-Id
64636f52_CS-000-01dDB163_4372-63997
Content-Type
text/css
X-Via
1.1 PS-WNZ-01qiY45:11 (Cdn Cache Server V2.0), 1.1 CS-000-01wEV162:1 (Cdn Cache Server V2.0)
Connection
keep-alive
jquery-1.7.2.min.js
tg.602.com/js+flash/flash+js_1.01/js/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg.602.com/js+flash/flash+js_1.01/js/jquery-1.7.2.min.js
Requested by
Host: wy.668wan.com
URL: https://wy.668wan.com/yscq/aJZ9Iz/index.html?uid=gdt-07
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
58.220.72.27 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software
BWS/1.1 /
Resource Hash
f31a768ffb2d326a2afd857cb1713ea5864da5abdbeffe8e075e28606e42dfd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wy.668wan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 11:56:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Jun 2020 06:36:05 GMT
Server
BWS/1.1
Age
1
Transfer-Encoding
chunked
X-Ws-Request-Id
64636f52_CS-000-01d8i116_7906-46481
Content-Type
application/javascript; charset=utf-8
X-Via
1.1 PS-FOC-01gp1103:8 (Cdn Cache Server V2.0), 1.1 CS-000-01dDB163:20 (Cdn Cache Server V2.0)
Connection
keep-alive
inserFlash.js
static.602.com/js/AlertFlash/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.602.com/js/AlertFlash/inserFlash.js
Requested by
Host: wy.668wan.com
URL: https://wy.668wan.com/yscq/aJZ9Iz/index.html?uid=gdt-07
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
BWS/1.1 /
Resource Hash
584e53418d33c09fe14dbd7722ad1ba64d960a9756757be3c861008464b963da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wy.668wan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 11:56:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Nov 2017 08:43:00 GMT
Server
BWS/1.1
Age
1
Transfer-Encoding
chunked
X-Ws-Request-Id
64636f51_PSdgflkfFRA1je97_34690-43603
Content-Type
application/javascript; charset=utf-8
X-Via
1.1 PS-FOC-01TKc95:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:6 (Cdn Cache Server V2.0)
Connection
keep-alive
crypto-js.js
tg.602.com/js+flash/flash+js_1.01/js/ 		115 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg.602.com/js+flash/flash+js_1.01/js/crypto-js.js
Requested by
Host: wy.668wan.com
URL: https://wy.668wan.com/yscq/aJZ9Iz/index.html?uid=gdt-07
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
58.220.72.27 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software
BWS/1.1 /
Resource Hash
e19ff2de755cb4d27c11f87ff9d879c9b190c158dd75e3be1d4e635ae08ec6ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wy.668wan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 11:56:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Mar 2023 03:49:53 GMT
Server
BWS/1.1
Age
1
Transfer-Encoding
chunked
X-Ws-Request-Id
64636f52_CS-000-01dDB163_4754-34573
Content-Type
application/javascript; charset=utf-8
X-Via
1.1 PS-WNZ-01eKx34:0 (Cdn Cache Server V2.0), 1.1 CS-000-01wEV162:17 (Cdn Cache Server V2.0)
Connection
keep-alive
jsencrypt.min.js
tg.602.com/js+flash/flash+js_1.01/js/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg.602.com/js+flash/flash+js_1.01/js/jsencrypt.min.js
Requested by
Host: wy.668wan.com
URL: https://wy.668wan.com/yscq/aJZ9Iz/index.html?uid=gdt-07
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
58.220.72.27 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software
BWS/1.1 /
Resource Hash
0442096d116963a886f96eb1016038d01a79879b287075b670cf2de3eb548f5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wy.668wan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 11:56:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Feb 2023 08:58:27 GMT
Server
BWS/1.1
Age
1
Transfer-Encoding
chunked
X-Ws-Request-Id
64636f52_CS-000-01dDB163_2756-40523
Content-Type
application/javascript; charset=utf-8
X-Via
1.1 PS-WNZ-01uDW5:7 (Cdn Cache Server V2.0), 1.1 CS-000-01d8i116:33 (Cdn Cache Server V2.0)
Connection
keep-alive
md5.js
tg.602.com/js+flash/flash+js_1.01/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg.602.com/js+flash/flash+js_1.01/js/md5.js
Requested by
Host: wy.668wan.com
URL: https://wy.668wan.com/yscq/aJZ9Iz/index.html?uid=gdt-07
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
58.220.72.27 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software
BWS/1.1 /
Resource Hash
69077c75805d437f86739bb7dd31265aeb106fe914bd7591c8656414a691089f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wy.668wan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 11:56:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Feb 2023 08:58:29 GMT
Server
BWS/1.1
Age
1
Transfer-Encoding
chunked
X-Ws-Request-Id
64636f52_CS-000-01d8i116_6885-30926
Content-Type
application/javascript; charset=utf-8
X-Via
1.1 PS-FOC-01M8e106:8 (Cdn Cache Server V2.0), 1.1 CS-000-01uyG161:31 (Cdn Cache Server V2.0)
Connection
keep-alive
gt4.js
static.geetest.com/v4/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.geetest.com/v4/gt4.js
Requested by
Host: wy.668wan.com
URL: https://wy.668wan.com/yscq/aJZ9Iz/index.html?uid=gdt-07
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:3200:1:fa24:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7955d63cf4dafcc56d51cfacb1821c2e057c68e815171a12659c225e5ce1f7da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wy.668wan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 08:34:15 GMT
content-encoding
gzip
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 07:13:19 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
530507
etag
W/"600d0bb194899bd6ffc7cb5802f4eb17"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
VB02KipAvw0970SX0DH147KLODKPlzNCvMncftFGWJoMtjl-gKxuPQ==
index_videocontrol1.js
tg.602.com/js+flash/flash+js_1.01/js/ 		74 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg.602.com/js+flash/flash+js_1.01/js/index_videocontrol1.js
Requested by
Host: wy.668wan.com
URL: https://wy.668wan.com/yscq/aJZ9Iz/index.html?uid=gdt-07
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
58.220.72.27 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software
BWS/1.1 /
Resource Hash
70614690b2defde37ba71ab5b2705bffa450cc8e521d2468a23d67f05393a6a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wy.668wan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 11:56:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 May 2023 09:37:09 GMT
Server
BWS/1.1
Age
1
Transfer-Encoding
chunked
X-Ws-Request-Id
64636f52_CS-000-01d8i116_8484-23653
Content-Type
application/javascript; charset=utf-8
X-Via
1.1 PS-TSN-01VPj38:14 (Cdn Cache Server V2.0), 1.1 CS-000-01d8i116:26 (Cdn Cache Server V2.0)
Connection
keep-alive
downloadtext.js
static.602.com/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.602.com/js/downloadtext.js
Requested by
Host: tg.602.com
URL: https://tg.602.com/js+flash/flash+js_1.01/js/index_videocontrol1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
BWS/1.1 /
Resource Hash
4dd4c7b45868fc5402defc35e376ba4974a3ddead4c1f0df50d167a7c2259f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wy.668wan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 11:56:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Feb 2023 08:41:09 GMT
Server
BWS/1.1
Age
1
Transfer-Encoding
chunked
X-Ws-Request-Id
64636f52_PSdgflkfFRA1je97_34690-43703
Content-Type
application/javascript; charset=utf-8
X-Via
1.1 PS-FOC-01tmR97:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:2 (Cdn Cache Server V2.0)
Connection
keep-alive
checkResLogin
wy.668wan.com/api/member/email/ 		44 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wy.668wan.com/api/member/email/checkResLogin
Requested by
Host: tg.602.com
URL: https://tg.602.com/js+flash/flash+js_1.01/js/jquery-1.7.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
BWS/1.1 /
Resource Hash
153808f7004bd262d2056aece7fa815c9c02a5262f05e4198be78e5cc9e8452a

Request headers

Accept
*/*
Referer
https://wy.668wan.com/yscq/aJZ9Iz/index.html?uid=gdt-07
X-Requested-With
XMLHttpRequest
securityKey
Mg8PGvnps0a867jY1A+IsXoqF1HgA0OhtDnqeW+PUEgyWgEpMpX69nalq0asr1TzOi7BeciDIHqGqPRWQgn0uUCNYBfeHYDLMX3qXZzZICaIZIPAKuxIG7gxfG8LSPFMQ35JY3uV5JnMYQ7JKuE1BJz4g142J5jynIGxg0RcUo1ht8AL+kjQjvdAhX5eOJpe+DYYZFxwF3pCLEx72B7SMzgB2hat6XkkiYRBQbeIitw6qXAYwdXyK9CuYZJF3c7Fo4NBYR3qoyy2ZuO0dz+E9snbNvrar2bfDLUP3Jn92Bk39shZ1nxUAVTNQQOnE3582YUX9QAcGHiBlIrgxiu0wtVEmzDmZbDdjCyewtwDCM686P3XrSmif86a3vRDsjoF1/jhrszkvmAilQvUBzaz7UhDhTG7fPf7vCCU3VdytmmxM1JmemUoGkyPcLP5iRvRlL5BuLh2QM8Rx6k8cBWUavKMKIOYfq2RYBNFjf6tYbB6vQP8UgwET66tZWJq3mVMguZ6V4+ohADnlaaTpLxHfgB+l2rkEyOjmmd3nCjv4h+idd9e1D/PuQWB+D/f4tjo1XlNaIH3y04RLKGNyAUnr7YeCGHxrgVQNLn8KwHp1M6FNeNFs3hMdzhuEQKEHHjFg7vrFcTiGBQYYi2oajX4tFw7Xq0pna3khrsNs4f7xGI=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 16 May 2023 11:56:03 GMT
Content-Encoding
gzip
Server
BWS/1.1
Transfer-Encoding
chunked
X-Ws-Request-Id
64636f52_PSdgflkfFRA2gb73_1214-46344
X-Via
1.1 PSzjlssxqc23:9 (Cdn Cache Server V2.0), 1.1 in215:4 (Cdn Cache Server V2.0), 1.1 dianxun233:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2lp71:0 (Cdn Cache Server V2.0)
Content-Type
text/html; charset=gbk
Connection
keep-alive
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?9a8fd8382e7cb49895035823394115b1
Requested by
Host: tg.602.com
URL: https://tg.602.com/js+flash/flash+js_1.01/js/index_videocontrol1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
775d8c6fc1e6af04f1faec307610312f75af3c8147612a4f721e561f2b543dce
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wy.668wan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 11:56:03 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
5484c63135000254542300952aac2b65
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11447
55878d53bc0c4efcbf04e9d9be140350
em.602.com/pageDisplay/ 		27 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://em.602.com/pageDisplay/55878d53bc0c4efcbf04e9d9be140350?noredirect=true&uid=gdt-07&material_id=cf6a54ba44c65661c84d9d22e85d9c7c
Requested by
Host: tg.602.com
URL: https://tg.602.com/js+flash/flash+js_1.01/js/jquery-1.7.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
nginx /
Resource Hash
973b0f5e7efbca3aa62b0c98086ccc981dfef400bc393d984c2f7d995ddac72b

Request headers

Accept
*/*
Referer
https://wy.668wan.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2023 11:56:03 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
X-Ws-Request-Id
64636f52_PSdgflkfFRA1je97_35250-38103
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-Via
1.1 PSdgflkfFRA1gi91:14 (Cdn Cache Server V2.0)
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
transparent.png
gres.602.com/swf/cqbz/ 		957 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gres.602.com/swf/cqbz/transparent.png
Requested by
Host: wy.668wan.com
URL: https://wy.668wan.com/yscq/aJZ9Iz/index.html?uid=gdt-07
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, CA),
Reverse DNS
Software
BWS/1.1 /
Resource Hash
80eca6884f910a2e06b54a30ff15f27096579af5599d45d0cd48eb5cba31ff23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wy.668wan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 11:56:02 GMT
Last-Modified
Mon, 21 Feb 2022 02:36:38 GMT
Server
BWS/1.1
Age
1
ETag
"6212fab6-3bd"
X-Ws-Request-Id
64636f52_PSdgflkfFRA2gb73_750-52063
Content-Type
image/png
X-Via
1.1 PS-FOC-01KG494:10 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:8 (Cdn Cache Server V2.0)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
957
account.png
tg.602.com/js+flash/flash+js_1.01/images/ 		640 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tg.602.com/js+flash/flash+js_1.01/images/account.png
Requested by
Host: wy.668wan.com
URL: https://wy.668wan.com/yscq/aJZ9Iz/index.html?uid=gdt-07
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
58.220.72.27 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software
BWS/1.1 /
Resource Hash
03d54407b327857ac09cb88b91659a58fe185090e7ecdaadb8c2baba9acd1ef8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wy.668wan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 11:56:02 GMT
Last-Modified
Wed, 06 Jul 2022 08:25:14 GMT
Server
BWS/1.1
Age
1
ETag
"62c546ea-280"
X-Ws-Request-Id
64636f52_CS-000-01d8i116_8484-23686
Content-Type
image/png
X-Via
1.1 PS-SHE-01u5c66:1 (Cdn Cache Server V2.0), 1.1 CS-000-01lsq128:32 (Cdn Cache Server V2.0)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
640
psw.png
tg.602.com/js+flash/flash+js_1.01/images/ 		369 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tg.602.com/js+flash/flash+js_1.01/images/psw.png
Requested by
Host: wy.668wan.com
URL: https://wy.668wan.com/yscq/aJZ9Iz/index.html?uid=gdt-07
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
58.220.72.27 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software
BWS/1.1 /
Resource Hash
ef6f5a7bb6c7bcbb71d9050f26502f8e652742ce94b3f72abcdadfa282790e04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wy.668wan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 11:56:02 GMT
Last-Modified
Wed, 06 Jul 2022 08:25:14 GMT
Server
BWS/1.1
Age
1
ETag
"62c546ea-171"
X-Ws-Request-Id
64636f52_CS-000-01d8i116_6885-30980
Content-Type
image/png
X-Via
1.1 PS-WNZ-01me054:3 (Cdn Cache Server V2.0), 1.1 CS-000-01wEV162:8 (Cdn Cache Server V2.0)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
369
f79ec685c9272db6626e3495f31d201e.mp4
shouyou.53shubiao.com/material/ 		12 MB
12 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://shouyou.53shubiao.com/material/f79ec685c9272db6626e3495f31d201e.mp4
Requested by
Host: wy.668wan.com
URL: https://wy.668wan.com/yscq/aJZ9Iz/index.html?uid=gdt-07
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:f7:4f00:1d03::1:15 , China, ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Referer
https://wy.668wan.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range
bytes=0-

Response headers

x-log
X-Log
date
Tue, 16 May 2023 11:56:04 GMT
x-svr
IO
content-md5
957GhcknLbZibjSV8x0gHg==
x-reqid
6z8AAAC_X_SEVD8X
x-cache
HIT from BC19_dx-zhejiang-jiaxing-10-cache-1(baishan)
Content-Range
bytes 0-12860968/12860969
content-transfer-encoding
binary
content-disposition
inline; filename="f79ec685c9272db6626e3495f31d201e.mp4"; filename*=utf-8''f79ec685c9272db6626e3495f31d201e.mp4
Content-Length
12860969
x-m-reqid
tzcAAPrkv81JVj8X
x-m-log
QNM:jjh1909;QNM3:14
last-modified
Tue, 31 Jan 2023 07:34:56 GMT
server
openresty
etag
"liCeTE9HqaZ7SqelOqf3qCTRFdRn"
access-control-max-age
2592000
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
x-qiniu-zone
0
x-qnm-cache
Hit
x-ser
BC128_dx-lt-yd-zhejiang-jinhua-12-cache-8, BC19_dx-zhejiang-jiaxing-10-cache-1
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1176037479&si=9a8fd8382e7cb49895035823394115b1&v=1.3.0&lv=1&sn=54199&r=0&ww=1600&u=https%3A%2F%2Fwy.668wan.com%2Fyscq%2FaJZ9Iz%2Findex.html%3Fuid%3Dgdt-07&tt=%E4%BD%A0%E9%87%8D%E6%B8%A9%E7%BB%8F%E5%85%B8%EF%BC%8C%E5%85%83%E5%AE%9D%E5%85%A8%E9%9D%A0%E6%89%93%EF%BC%8C%E6%96%B0%E5%8C%BA%E5%8D%81%E5%80%8D%E7%88%86%E7%8E%87%EF%BC%81%E5%88%80%E5%88%80%E5%88%87%E5%89%B2%EF%BC%81%E7%BB%88%E6%9E%81%E5%BF%85%E7%88%86%E5%B8%A6
Requested by
Host: wy.668wan.com
URL: https://wy.668wan.com/yscq/aJZ9Iz/index.html?uid=gdt-07
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wy.668wan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2023 11:56:04 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery function| _0x4e00 function| _0x2300 function| _0x1cd05d function| generatekey string| pubKeys function| aesencrypt function| aesdecrypt function| cliv function| rsaencrypt object| CryptoJS function| JSEncrypt function| initGeetest4 boolean| is360 boolean| registerflag boolean| iscryptojs function| isInclude function| checkIeFor360 function| checkChromeFor360 string| whatnew boolean| isincludnew function| showFlash function| is360Chrome object| sourceid function| getUrlParam object| show string| param string| uid object| suid string| clickUrl string| trace string| wd_trace string| material_id object| $_REQUEST object| aParams object| aParam function| params function| check object| _agl object| btnPositions number| random object| jQuery17206508012130060687 function| download boolean| _bdhm_loaded_9a8fd8382e7cb49895035823394115b1 object| _hmt object| mini_tangram_log_ybsee1

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: C4FCEA7C4901B133
.wy.668wan.com/ Name: Hm_lvt_9a8fd8382e7cb49895035823394115b1
Value: 1684238164
.wy.668wan.com/ Name: Hm_lpvt_9a8fd8382e7cb49895035823394115b1
Value: 1684238164

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

em.602.com
gres.602.com
hm.baidu.com
shouyou.53shubiao.com
static.602.com
static.geetest.com
tg.602.com
wy.668wan.com
103.235.46.191
163.171.128.148
163.171.132.119
240e:f7:4f00:1d03::1:15
2600:9000:2127:3200:1:fa24:cf00:93a1
58.220.72.27
00e2a70591fa7478de4c3feb2f3272be86bd0a8ac4e69347974d3ffb2a48918a
03d54407b327857ac09cb88b91659a58fe185090e7ecdaadb8c2baba9acd1ef8
0442096d116963a886f96eb1016038d01a79879b287075b670cf2de3eb548f5e
153808f7004bd262d2056aece7fa815c9c02a5262f05e4198be78e5cc9e8452a
1e581e3e56ef3112a9c2dc0adb573716477e1d37e36457b8854c9439fc15b701
4dd4c7b45868fc5402defc35e376ba4974a3ddead4c1f0df50d167a7c2259f98
584e53418d33c09fe14dbd7722ad1ba64d960a9756757be3c861008464b963da
69077c75805d437f86739bb7dd31265aeb106fe914bd7591c8656414a691089f
70614690b2defde37ba71ab5b2705bffa450cc8e521d2468a23d67f05393a6a0
775d8c6fc1e6af04f1faec307610312f75af3c8147612a4f721e561f2b543dce
7955d63cf4dafcc56d51cfacb1821c2e057c68e815171a12659c225e5ce1f7da
80eca6884f910a2e06b54a30ff15f27096579af5599d45d0cd48eb5cba31ff23
973b0f5e7efbca3aa62b0c98086ccc981dfef400bc393d984c2f7d995ddac72b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e19ff2de755cb4d27c11f87ff9d879c9b190c158dd75e3be1d4e635ae08ec6ac
ef6f5a7bb6c7bcbb71d9050f26502f8e652742ce94b3f72abcdadfa282790e04
f31a768ffb2d326a2afd857cb1713ea5864da5abdbeffe8e075e28606e42dfd6