buff.163.com Open in urlscan Pro
34.250.104.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ghjhgjhgjhg.com/
Effective URL:
https://buff.163.com/s/goods.html?game=tf2&goods_id=798088
Submission: On October 12 via api (October 12th 2023, 7:48:37 am UTC) from NL — Scanned from NL

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 20 HTTP transactions. The main IP is 34.250.104.1, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is buff.163.com. The Cisco Umbrella rank of the primary domain is 118517.
TLS certificate: Issued by GeoTrust RSA CN CA G2 on March 23rd 2023. Valid for: a year.

This is the only time buff.163.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 15	34.250.104.1 34.250.104.1	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:480... 2a02:26f0:480:794::31fc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	163.181.92.233 163.181.92.233	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
20	3

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ghjhgjhgjhg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 34.250.104.1 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-104-1.eu-west-1.compute.amazonaws.com

buff.163.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:794::31fc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

g.fp.ps.netease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 163.181.92.233 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

market.fp.ps.netease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	163.com 1 redirects buff.163.com — Cisco Umbrella Rank: 118517	95 KB
6	netease.com g.fp.ps.netease.com — Cisco Umbrella Rank: 347119 market.fp.ps.netease.com — Cisco Umbrella Rank: 513162	217 KB
1	ghjhgjhgjhg.com 1 redirects ghjhgjhgjhg.com	448 B
20	3

	Domain	Requested by
15	buff.163.com	1 redirects buff.163.com
3	market.fp.ps.netease.com
3	g.fp.ps.netease.com	buff.163.com
1	ghjhgjhgjhg.com	1 redirects
20	4

This site contains no links.

Subject Issuer	Validity	Valid
*.163.com GeoTrust RSA CN CA G2	`2023-03-23` - `2024-04-22`	a year	crt.sh
netease.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-17` - `2024-02-17`	a year	crt.sh
*.fp.ps.netease.com GeoTrust RSA CN CA G2	`2023-07-04` - `2024-08-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://buff.163.com/s/goods.html?game=tf2&goods_id=798088
Frame ID: 843207EE36457658FF59A6EDBC973F91
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BUFF163 Skins marketplace

Page URL History Show full URLs

https://ghjhgjhgjhg.com/ HTTP 302
https://buff.163.com/goods/798088 HTTP 302
https://buff.163.com/s/goods.html?game=tf2&goods_id=798088 Page URL

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

311 kB
Transfer

449 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ghjhgjhgjhg.com/ HTTP 302
https://buff.163.com/goods/798088 HTTP 302
https://buff.163.com/s/goods.html?game=tf2&goods_id=798088 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request goods.html Show response buff.163.com/s/ Redirect Chain https://ghjhgjhgjhg.com/ https://buff.163.com/goods/798088 https://buff.163.com/s/goods.html?game=tf2&goods_id=798088	13 KB 3 KB	613ms 612ms	Document text/html	34.250.104.1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://buff.163.com/s/goods.html?game=tf2&goods_id=798088 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.250.104.1 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-104-1.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `4d58bd1753536b259477b658bf9f9f0ae1f2b74573fed9ad7caf7e3dd7cfe0f1` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language nl-NL,nl;q=0.9 Response headers Content-Encoding gzip Content-Type text/html Date Thu, 12 Oct 2023 07:48:32 GMT Server nginx/1.13.5 Transfer-Encoding chunked X-Trace-ID 9368049c054840d669b93b8aa0ab2977 cache-control max-age=3600 etag W/"65269694-3310" expires Thu, 12 Oct 2023 08:48:32 GMT last-modified Wed, 11 Oct 2023 12:35:32 GMT ntes-trace-id 705e2ebc9df92157:705e2ebc9df92157:0:1 x-envoy-upstream-service-time 0 Redirect headers Content-Length 331 Content-Type text/html; charset=utf-8 Date Thu, 12 Oct 2023 07:48:31 GMT Server nginx/1.13.5 X-Trace-ID b4349e484fd59257df08abf0d9abf702 location https://buff.163.com/s/goods.html?game=tf2&goods_id=798088 ntes-trace-id 3b3de63cd7c3b097:3b3de63cd7c3b097:0:1 x-envoy-upstream-service-time 12
GET H/1.1	200 OK	style.min.css buff.163.com/css/	93 KB 25 KB	656ms 655ms	Stylesheet text/css	34.250.104.1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://buff.163.com/css/style.min.css Requested by Host: buff.163.com URL: https://buff.163.com/s/goods.html?game=tf2&goods_id=798088 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.250.104.1 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-104-1.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `d0c7050ca6b580c7bfc5294ecad381f5ae6c9febf6c32e31bae20744650cbf04` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/s/goods.html?game=tf2&goods_id=798088 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID 6f242889b4db9ff2084474dbf7dd8c1f Date Thu, 12 Oct 2023 07:48:33 GMT Content-Encoding gzip last-modified Wed, 11 Oct 2023 12:35:32 GMT Server nginx/1.13.5 etag W/"65269694-17541" ntes-trace-id 128baa4892ac6192:128baa4892ac6192:0:1 Transfer-Encoding chunked Content-Type text/css cache-control max-age=3600 x-envoy-upstream-service-time 1 expires Thu, 12 Oct 2023 08:48:33 GMT
GET H/1.1	200 OK	lib.min.js Show response buff.163.com/js/	68 KB 27 KB	746ms 662ms	Script application/javascript	34.250.104.1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://buff.163.com/js/lib.min.js Requested by Host: buff.163.com URL: https://buff.163.com/s/goods.html?game=tf2&goods_id=798088 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.250.104.1 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-104-1.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `1b6cd68df8cd77fba17c102ae045ab38c3511e9887d476491d6dc0473fbfe021` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/s/goods.html?game=tf2&goods_id=798088 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID 210104760dcdb73ec224ed28d04bad2c Date Thu, 12 Oct 2023 07:48:33 GMT Content-Encoding gzip last-modified Wed, 11 Oct 2023 12:35:32 GMT Server nginx/1.13.5 etag W/"65269694-1103f" ntes-trace-id 5fa215dbd958c174:5fa215dbd958c174:0:1 Transfer-Encoding chunked Content-Type application/javascript cache-control max-age=3600 x-envoy-upstream-service-time 0 expires Thu, 12 Oct 2023 08:48:33 GMT
GET H/1.1	200 OK	app.min.js Show response buff.163.com/js/	19 KB 8 KB	744ms 614ms	Script application/javascript	34.250.104.1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://buff.163.com/js/app.min.js Requested by Host: buff.163.com URL: https://buff.163.com/s/goods.html?game=tf2&goods_id=798088 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.250.104.1 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-104-1.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `b4b30577f27d467f600fe8e778acee2784ce56b90fbe7ceb24e04a15ab2519a4` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/s/goods.html?game=tf2&goods_id=798088 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID 7c221800cb57589cb7876ead998d8b00 Date Thu, 12 Oct 2023 07:48:33 GMT Content-Encoding gzip last-modified Wed, 11 Oct 2023 12:35:32 GMT Server nginx/1.13.5 etag W/"65269694-4ae2" ntes-trace-id ab126d0b6bb9d187:ab126d0b6bb9d187:0:1 Transfer-Encoding chunked Content-Type application/javascript cache-control max-age=3600 x-envoy-upstream-service-time 0 expires Thu, 12 Oct 2023 08:48:33 GMT
GET H/1.1	200 OK	marcket.js Show response buff.163.com/js/	4 KB 1 KB	727ms 596ms	Script application/javascript	34.250.104.1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://buff.163.com/js/marcket.js?20220706 Requested by Host: buff.163.com URL: https://buff.163.com/s/goods.html?game=tf2&goods_id=798088 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.250.104.1 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-104-1.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `cd294da2fd54e61259552a9dbda18295d8cd4673ee8167053a7984dc7afb3009` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/s/goods.html?game=tf2&goods_id=798088 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID f1f38d9ad725ddd6c885c8801ad2291e Date Thu, 12 Oct 2023 07:48:33 GMT Content-Encoding gzip last-modified Wed, 11 Oct 2023 12:35:32 GMT Server nginx/1.13.5 etag W/"65269694-f86" ntes-trace-id 96afe9b576f33c41:96afe9b576f33c41:0:1 Transfer-Encoding chunked Content-Type application/javascript cache-control max-age=3600 x-envoy-upstream-service-time 0 expires Thu, 12 Oct 2023 08:48:33 GMT
GET H/1.1	200 OK	info Show response buff.163.com/api/market/goods/	2 KB 2 KB	623ms 623ms	XHR application/json	34.250.104.1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://buff.163.com/api/market/goods/info?game=tf2&goods_id=798088 Requested by Host: buff.163.com URL: https://buff.163.com/js/lib.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.250.104.1 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-104-1.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `e4bc0fcf4a4a4caaf1fd43e567197e8d74f27a10706e291d31f11871b5f88f58` Request headers Accept / Referer https://buff.163.com/s/goods.html?game=tf2&goods_id=798088 X-Requested-With XMLHttpRequest accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID 84c28cc62a7cf08959dae3d4503dbe91 Date Thu, 12 Oct 2023 07:48:34 GMT Content-Encoding gzip Server nginx/1.13.5 ntes-trace-id a8669509f374d2f4:a8669509f374d2f4:0:1 Transfer-Encoding chunked Content-Type application/json x-envoy-upstream-service-time 21
GET H/1.1	200 OK	pic_null.png buff.163.com/images/icons/	5 KB 6 KB	611ms 611ms	Image image/png	34.250.104.1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://buff.163.com/images/icons/pic_null.png Requested by Host: buff.163.com URL: https://buff.163.com/css/style.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.250.104.1 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-104-1.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `561cd661faddb1a8c76aa96c23505a04d55a375b306d75755e9d197b6e8fc583` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/css/style.min.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID ddb3aa873934a5a3383968c41b4671e6 Date Thu, 12 Oct 2023 07:48:34 GMT last-modified Wed, 11 Oct 2023 12:35:32 GMT Server nginx/1.13.5 etag "65269694-14d0" ntes-trace-id 91f34d15854c2321:91f34d15854c2321:0:1 Content-Type image/png cache-control max-age=3600 x-envoy-upstream-service-time 0 accept-ranges bytes Content-Length 5328 expires Thu, 12 Oct 2023 08:48:34 GMT
GET H/1.1	200 OK	head_bg_csgo.jpg buff.163.com/images/bg/	7 KB 7 KB	610ms 609ms	Image image/jpeg	34.250.104.1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://buff.163.com/images/bg/head_bg_csgo.jpg Requested by Host: buff.163.com URL: https://buff.163.com/css/style.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.250.104.1 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-104-1.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `6f0fa9e4a33ee3e1603156fc62dab11ffbc339ffd684503a70ae76b9b4dda083` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/css/style.min.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID 9da1ef2719af14506b7fba7476b7ca86 Date Thu, 12 Oct 2023 07:48:34 GMT last-modified Wed, 11 Oct 2023 12:35:32 GMT Server nginx/1.13.5 etag "65269694-1b2c" ntes-trace-id 1509e3342d259c83:1509e3342d259c83:0:1 Content-Type image/jpeg cache-control max-age=3600 x-envoy-upstream-service-time 0 accept-ranges bytes Content-Length 6956 expires Thu, 12 Oct 2023 08:48:34 GMT
GET H/1.1	200 OK	thum_bg.png buff.163.com/images/bg/	5 KB 6 KB	607ms 606ms	Image image/png	34.250.104.1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://buff.163.com/images/bg/thum_bg.png Requested by Host: buff.163.com URL: https://buff.163.com/css/style.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.250.104.1 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-104-1.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `5c1d5ad5b4a356d739d4ebcf152933d41b574443ec0e2c7296efd6f64daac5fc` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/css/style.min.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID b857157940540fded65ac576b0ebe13f Date Thu, 12 Oct 2023 07:48:34 GMT last-modified Wed, 11 Oct 2023 12:35:32 GMT Server nginx/1.13.5 etag "65269694-14b1" ntes-trace-id d0a3fbc43a4a864:d0a3fbc43a4a864:0:1 Content-Type image/png cache-control max-age=3600 x-envoy-upstream-service-time 0 accept-ranges bytes Content-Length 5297 expires Thu, 12 Oct 2023 08:48:34 GMT
GET H/1.1	200 OK	sell_order Show response buff.163.com/api/market/goods/	13 KB 2 KB	624ms 623ms	XHR application/json	34.250.104.1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://buff.163.com/api/market/goods/sell_order?game=tf2&goods_id=798088&page_num=1&page_size=20 Requested by Host: buff.163.com URL: https://buff.163.com/js/lib.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.250.104.1 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-104-1.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `f94ec33f152534511c94ebe466feea02e3066a97a618bd1f985118aefdee481d` Request headers Accept / Referer https://buff.163.com/s/goods.html?game=tf2&goods_id=798088 X-Requested-With XMLHttpRequest accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID 2d63ea4105a4755c4d7eac43d93093b2 Date Thu, 12 Oct 2023 07:48:34 GMT Content-Encoding gzip Server nginx/1.13.5 ntes-trace-id d489303bb96675a7:d489303bb96675a7:0:1 Transfer-Encoding chunked Content-Type application/json x-envoy-upstream-service-time 14
GET H/1.1	200 OK	logo@2x.png buff.163.com/images/site/	2 KB 2 KB	599ms 599ms	Image image/png	34.250.104.1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://buff.163.com/images/site/logo@2x.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.250.104.1 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-104-1.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `58cfd7822c170dd18135a3ae4f85022dc350fd74a25bc805e1fd5f4344e2360a` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/s/goods.html?game=tf2&goods_id=798088 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID 63b905b8d9fc37e5c5fc04840d76ce86 Date Thu, 12 Oct 2023 07:48:34 GMT last-modified Wed, 11 Oct 2023 12:35:32 GMT Server nginx/1.13.5 etag "65269694-68f" ntes-trace-id c78285974c69a1e2:c78285974c69a1e2:0:1 Content-Type image/png cache-control max-age=3600 x-envoy-upstream-service-time 0 accept-ranges bytes Content-Length 1679 expires Thu, 12 Oct 2023 08:48:34 GMT
GET H2	200	5ede4efa6f0494d5fe5e0844bYlPrJEy02 g.fp.ps.netease.com/market/file/	84 KB 84 KB	345ms 35ms	Image image/png	2a02:26f0:480:794::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/5ede4efa6f0494d5fe5e0844bYlPrJEy02 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:480:794::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `011c9fe4839b74a94b7856018278d79f98c544a3a73b51efdd6a618e81d50268` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-trace-id c2be8408795bd17e9f78133d1d1f2352 date Thu, 12 Oct 2023 07:48:34 GMT last-modified Mon, 08 Jun 2020 14:45:14 GMT server nginx content-md5 8429dc31ee7dcb066b58244d08417d22 etag "2QkmevS27lC:85993" ntes-trace-id a3e38e1feee8c785:a3e38e1feee8c785:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=93261 x-cache-ip 2a02:26f0:480:794::31fc content-length 85993
GET H2	200	5ede4efa6f0494d5fe5e0844bYlPrJEy02 g.fp.ps.netease.com/market/file/	84 KB 84 KB	35ms 34ms	Image image/png	2a02:26f0:480:794::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/5ede4efa6f0494d5fe5e0844bYlPrJEy02 Requested by Host: buff.163.com URL: https://buff.163.com/js/lib.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:480:794::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `011c9fe4839b74a94b7856018278d79f98c544a3a73b51efdd6a618e81d50268` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-trace-id c2be8408795bd17e9f78133d1d1f2352 date Thu, 12 Oct 2023 07:48:34 GMT last-modified Mon, 08 Jun 2020 14:45:14 GMT server nginx content-md5 8429dc31ee7dcb066b58244d08417d22 etag "2QkmevS27lC:85993" ntes-trace-id a3e38e1feee8c785:a3e38e1feee8c785:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=93261 x-cache-ip 2a02:26f0:480:794::31fc content-length 85993
GET H2	200	64f4da40ea33078d573cbb7fdgJ6pm3V05 market.fp.ps.netease.com/file/	16 KB 16 KB	2052ms 68ms	Image image/jpeg	163.181.92.233 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Show image Full URL https://market.fp.ps.netease.com/file/64f4da40ea33078d573cbb7fdgJ6pm3V05 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 163.181.92.233 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `245cfa354f0b4bb41dbfd5f5ff0f95b0af33f5d40310349684a87b5cb401df86` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 12 Oct 2023 05:02:09 GMT via cache1.l2de2[0,14,304-0,H], cache21.l2de2[15,0], ens-cache15.de5[0,0,200-0,H], ens-cache15.de5[1,0] content-md5 ce37cfe2375d55c9feccd1f6efdf4bfd age 9986 x-swift-cachetime 164499 ntes-trace-id 82fb2de466f9dca1:82fb2de466f9dca1:0:1 x-cache HIT TCP_MEM_HIT dirn:7:1399497353 x-swift-savetime Thu, 12 Oct 2023 07:20:31 GMT content-length 16006 x-trace-id bf4b613499827cf738abc3d4a2367a3a last-modified Sun, 03 Sep 2023 19:10:56 GMT server Tengine etag "64f4da40ea33078d573cbb80QZJj:16006" ali-swift-global-savetime 1697086930 content-type image/jpeg; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=172800 x-cache-ip 163.181.92.233 timing-allow-origin * eagleid a3b55ca316970969168918110e
GET H2	200	64ecf1d037be95ce43964dd1KrGMSZro05 market.fp.ps.netease.com/file/	9 KB 9 KB	2058ms 74ms	Image image/jpeg	163.181.92.233 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Show image Full URL https://market.fp.ps.netease.com/file/64ecf1d037be95ce43964dd1KrGMSZro05 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 163.181.92.233 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `da318c07a17a0f838b86af9ebe58d8923785082deaaa857f70d9389d1583722a` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 11 Oct 2023 12:07:16 GMT via cache15.l2de2[0,0,304-0,H], cache1.l2de2[1,0], ens-cache12.de5[0,0,200-0,H], ens-cache15.de5[1,0] content-md5 7a02e871b54e96aabc8e0461ed4c7061 age 70879 x-swift-cachetime 103606 ntes-trace-id 5f846e381f4fc891:5f846e381f4fc891:0:1 x-cache HIT TCP_MEM_HIT dirn:12:566907736 x-swift-savetime Thu, 12 Oct 2023 07:20:31 GMT content-length 9176 x-trace-id 659101c1957179165d2d41818f8c1a23 last-modified Mon, 28 Aug 2023 19:13:21 GMT server Tengine etag "64ecf1d037be95ce43964dd25Y6j:9176" ali-swift-global-savetime 1697026037 content-type image/jpeg; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=172800 x-cache-ip 163.181.92.233 timing-allow-origin * eagleid a3b55ca316970969168918111e
GET H2	200	646d3c683b750088f66beb11f9wDir7M04 market.fp.ps.netease.com/file/	14 KB 14 KB	2077ms 93ms	Image image/jpeg	163.181.92.233 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Show image Full URL https://market.fp.ps.netease.com/file/646d3c683b750088f66beb11f9wDir7M04 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 163.181.92.233 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `2ed5a6741b236321c302f89e83669c6b4b02ed4353c8d9f275f297d198960905` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 11 Oct 2023 11:12:55 GMT via cache21.l2de2[0,0,304-0,H], cache2.l2de2[1,0], ens-cache3.de5[0,0,200-0,H], ens-cache15.de5[1,0] content-md5 7eb5a8b7d85d84c82f34ca0319694a09 age 74141 x-swift-cachetime 172784 ntes-trace-id 384185bd6fe835d9:384185bd6fe835d9:0:1 x-cache HIT TCP_MEM_HIT dirn:12:809250895 x-swift-savetime Wed, 11 Oct 2023 11:13:11 GMT content-length 13875 x-trace-id f896a21ecbbab678f14d140809d665fa last-modified Tue, 23 May 2023 22:21:28 GMT server Tengine etag "646d3c683b750088f66beb12Tj5E:13875" ali-swift-global-savetime 1697022775 content-type image/jpeg; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=172800 x-cache-ip 163.181.92.233 timing-allow-origin * eagleid a3b55ca316970969168918112e
GET H2	200	62684f223b6d3195298ec563E7UL149j04 g.fp.ps.netease.com/market/file/	8 KB 8 KB	52ms 52ms	Image image/jpeg	2a02:26f0:480:794::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/62684f223b6d3195298ec563E7UL149j04 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:480:794::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `c8d88b9e671f75a925d36ace53c071894dfae20fb44072b93274cc025b73e35a` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 12 Oct 2023 07:48:34 GMT last-modified Tue, 26 Apr 2022 19:59:31 GMT server nginx/1.14.2 content-md5 8e7790f352a279b4f100b77f04f0c4e5 etag "62684f223b6d3195298ec5649NbE:8437" content-type image/jpeg; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=34181 x-cache-ip 2a02:26f0:480:794::31fc content-length 8437
GET H/1.1	200 OK	icon_p2pdelivery@3x.png buff.163.com/images/icons/	2 KB 2 KB	611ms 610ms	Image image/png	34.250.104.1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://buff.163.com/images/icons/icon_p2pdelivery@3x.png Requested by Host: buff.163.com URL: https://buff.163.com/css/style.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.250.104.1 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-104-1.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `cc2d49310a80c173b25afbe9aab157bb4e735543a202c2b91a81faace04a23e3` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/css/style.min.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID 5a668b5fd4546816106d20c0be02c434 Date Thu, 12 Oct 2023 07:48:35 GMT last-modified Wed, 11 Oct 2023 12:35:32 GMT Server nginx/1.13.5 etag "65269694-6f9" ntes-trace-id c0a768d2affd8f9d:c0a768d2affd8f9d:0:1 Content-Type image/png cache-control max-age=3600 x-envoy-upstream-service-time 0 accept-ranges bytes Content-Length 1785 expires Thu, 12 Oct 2023 08:48:35 GMT
GET H/1.1	200 OK	icon_Pay_Alipay_grey.png buff.163.com/images/icons/	895 B 1 KB	607ms 607ms	Image image/png	34.250.104.1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://buff.163.com/images/icons/icon_Pay_Alipay_grey.png Requested by Host: buff.163.com URL: https://buff.163.com/css/style.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.250.104.1 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-104-1.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `86b0bea839f89189be487db3aa7daf1c6358193160da80e204a4b15dcc5f85e8` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/css/style.min.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID 4d6dfb4c67ec5a1a897a939047b1e85e Date Thu, 12 Oct 2023 07:48:35 GMT last-modified Wed, 11 Oct 2023 12:35:32 GMT Server nginx/1.13.5 etag "65269694-37f" ntes-trace-id b94934efa722d560:b94934efa722d560:0:1 Content-Type image/png cache-control max-age=3600 x-envoy-upstream-service-time 0 accept-ranges bytes Content-Length 895 expires Thu, 12 Oct 2023 08:48:35 GMT
GET H/1.1	200 OK	icon_Pay_otherspay_grey.png buff.163.com/images/icons/	820 B 1 KB	615ms 615ms	Image image/png	34.250.104.1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://buff.163.com/images/icons/icon_Pay_otherspay_grey.png Requested by Host: buff.163.com URL: https://buff.163.com/css/style.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.250.104.1 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-104-1.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `833a3b7a1ed72b9130f2e1753f45e5b590c1387af9ac155585b156f262e4c4b3` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/css/style.min.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID bcdde825e78a048838508fc05bef101b Date Thu, 12 Oct 2023 07:48:35 GMT last-modified Wed, 11 Oct 2023 12:35:32 GMT Server nginx/1.13.5 etag "65269694-334" ntes-trace-id ad8abf99c3dc59ba:ad8abf99c3dc59ba:0:1 Content-Type image/png cache-control max-age=3600 x-envoy-upstream-service-time 0 accept-ranges bytes Content-Length 820 expires Thu, 12 Oct 2023 08:48:35 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
buff.163.com/	1969-12-31 23:59:59	Name: client_id Value: Tw7Rg7o6qJwt-zhTALB_wA
buff.163.com/	1970-01-21 01:00:56	Name: Device-Id Value: tDXRaZvy2TglHdsRuCa8
buff.163.com/	1969-12-31 23:59:59	Name: csrf_token Value: ImYzY2U3MmFlZTAzN2M3Y2Q5NjdhNjg0YmY5YjNkZTc1MzIyY2JjYjki.GAk2Ug.L9bOWBCrj8Y-ia-eIWQbWsFNsg4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buff.163.com
g.fp.ps.netease.com
ghjhgjhgjhg.com
market.fp.ps.netease.com
163.181.92.233
2a02:26f0:480:794::31fc
2a06:98c1:3120::3
34.250.104.1
011c9fe4839b74a94b7856018278d79f98c544a3a73b51efdd6a618e81d50268
1b6cd68df8cd77fba17c102ae045ab38c3511e9887d476491d6dc0473fbfe021
245cfa354f0b4bb41dbfd5f5ff0f95b0af33f5d40310349684a87b5cb401df86
2ed5a6741b236321c302f89e83669c6b4b02ed4353c8d9f275f297d198960905
4d58bd1753536b259477b658bf9f9f0ae1f2b74573fed9ad7caf7e3dd7cfe0f1
561cd661faddb1a8c76aa96c23505a04d55a375b306d75755e9d197b6e8fc583
58cfd7822c170dd18135a3ae4f85022dc350fd74a25bc805e1fd5f4344e2360a
5c1d5ad5b4a356d739d4ebcf152933d41b574443ec0e2c7296efd6f64daac5fc
6f0fa9e4a33ee3e1603156fc62dab11ffbc339ffd684503a70ae76b9b4dda083
833a3b7a1ed72b9130f2e1753f45e5b590c1387af9ac155585b156f262e4c4b3
86b0bea839f89189be487db3aa7daf1c6358193160da80e204a4b15dcc5f85e8
b4b30577f27d467f600fe8e778acee2784ce56b90fbe7ceb24e04a15ab2519a4
c8d88b9e671f75a925d36ace53c071894dfae20fb44072b93274cc025b73e35a
cc2d49310a80c173b25afbe9aab157bb4e735543a202c2b91a81faace04a23e3
cd294da2fd54e61259552a9dbda18295d8cd4673ee8167053a7984dc7afb3009
d0c7050ca6b580c7bfc5294ecad381f5ae6c9febf6c32e31bae20744650cbf04
da318c07a17a0f838b86af9ebe58d8923785082deaaa857f70d9389d1583722a
e4bc0fcf4a4a4caaf1fd43e567197e8d74f27a10706e291d31f11871b5f88f58
f94ec33f152534511c94ebe466feea02e3066a97a618bd1f985118aefdee481d

buff.163.com Open in urlscan Pro 34.250.104.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

20 Requests

100 %HTTPS

50 %IPv6

3 Domains

4 Subdomains

3 IPs

3 Countries

311 kBTransfer

449 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

3 Cookies

Indicators

buff.163.com Open in urlscan Pro
34.250.104.1 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

311 kB
Transfer

449 kB
Size

3
Cookies

20 HTTP transactions
0 data transactions