Submitted URL: http://sagawa-aqo.com/pp.html
Effective URL: http://119.42.34.43:8085/
Submission: On November 27 via api from CZ

Summary

This website contacted 4 IPs in 4 countries across 2 domains to perform 15 HTTP transactions. The main IP is 119.42.34.43, located in Australia and belongs to MYTEK-AS-AP Defense Australia Network, AU. The main domain is 119.42.34.43.
This is the only time 119.42.34.43 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 67.198.226.90 35908 (VPLSNET)
4 103.235.46.191 55967 (CNNIC-BAI...)
2 111.206.37.189 4808 (CHINA169-...)
8 119.42.34.43 132825 (MYTEK-AS-...)
15 4
Domain Requested by
4 hm.baidu.com sagawa-aqo.com
119.42.34.43
1 api.share.baidu.com sagawa-aqo.com
1 push.zhanzhang.baidu.com sagawa-aqo.com
1 sagawa-aqo.com
15 4

This site contains links to these domains. Also see Links.

Domain
www.chenxing3.com
Subject Issuer Validity Valid
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2
2019-10-24 -
2020-06-25
8 months crt.sh

This page contains 1 frames:

Primary Page: http://119.42.34.43:8085/
Frame ID: FAF23936FCA1A2918E8C4B4746E611BC
Requests: 15 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://sagawa-aqo.com/pp.html Page URL
  2. http://119.42.34.43:8085/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /clipboard(?:-([\d.]+))?(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

15
Requests

27 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

4
Countries

271 kB
Transfer

389 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sagawa-aqo.com/pp.html Page URL
  2. http://119.42.34.43:8085/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set pp.html
sagawa-aqo.com/
4 KB
2 KB
Document
General
Full URL
http://sagawa-aqo.com/pp.html
Protocol
HTTP/1.1
Server
67.198.226.90 Orange, United States, ASN35908 (VPLSNET - Krypt Technologies, US),
Reverse DNS
call06.kryptservers.com
Software
nginx /
Resource Hash
654a4415f1a83ecc44ef381972855bee37c50ded0c4ad29704cfd63360823b6d

Request headers

Host
sagawa-aqo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Wed, 27 Nov 2019 21:40:19 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
security_session_verify=92c2d6f66ed3964d5b172aba6a5e301c; expires=Sun, 01-Dec-19 05:40:19 GMT; path=/; HttpOnly
Content-Encoding
gzip
hm.js
hm.baidu.com/
37 KB
13 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?64e6e828cb6bec1051c1856a4958ed29
Requested by
Host: sagawa-aqo.com
URL: http://sagawa-aqo.com/pp.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
c9689eb5f8978ea8cb20e1b1f65080e6c5efc29d49d704bfaa54f24def1097b7
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
http://sagawa-aqo.com/pp.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 21:40:20 GMT
Content-Encoding
gzip
Server
apache
Etag
2b6bf197078f83e7f608bf9ca8c7b087
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
13254
push.js
push.zhanzhang.baidu.com/
281 B
752 B
Script
General
Full URL
http://push.zhanzhang.baidu.com/push.js
Requested by
Host: sagawa-aqo.com
URL: http://sagawa-aqo.com/pp.html
Protocol
HTTP/1.1
Server
111.206.37.189 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
apache /
Resource Hash
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

Referer
http://sagawa-aqo.com/pp.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 21:40:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Nov 2015 07:47:55 GMT
Server
apache
Etag
"4078521116"
Vary
Accept-Encoding
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
227
Expires
Thu, 26 Nov 2020 21:40:20 GMT
s.gif
api.share.baidu.com/
0
116 B
Image
General
Full URL
http://api.share.baidu.com/s.gif?l=http://sagawa-aqo.com/pp.html
Requested by
Host: sagawa-aqo.com
URL: http://sagawa-aqo.com/pp.html
Protocol
HTTP/1.1
Server
111.206.37.189 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://sagawa-aqo.com/pp.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 21:40:21 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=326803969&si=64e6e828cb6bec1051c1856a4958ed29&v=1.2.64&lv=1&sn=19236&ct=!!&tt=%E6%AD%A3%E5%9C%A8%E5%8A%A0%E8%BD%BD%EF%BC%8C%E8%AF%B7%E7%A8%8D%E5%90%8E......
Requested by
Host: sagawa-aqo.com
URL: http://sagawa-aqo.com/pp.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
http://sagawa-aqo.com/pp.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Nov 2019 21:40:21 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
Primary Request /
119.42.34.43/
8 KB
3 KB
Document
General
Full URL
http://119.42.34.43:8085/
Protocol
HTTP/1.1
Server
119.42.34.43 , Australia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),
Reverse DNS
Software
nginx /
Resource Hash
f3845160560959a668a0027307970fabe3266b67f769b2cb2478aea5526d42cc

Request headers

Host
119.42.34.43:8085
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://sagawa-aqo.com/pp.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://sagawa-aqo.com/pp.html

Response headers

Server
nginx
Date
Wed, 27 Nov 2019 21:40:21 GMT
Content-Type
text/html
Last-Modified
Mon, 18 Nov 2019 16:09:38 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"5dd2c242-1f1b"
Content-Encoding
gzip
m.css
119.42.34.43/m/css/
3 KB
1 KB
Stylesheet
General
Full URL
http://119.42.34.43:8085/m/css/m.css
Requested by
Host: 119.42.34.43
URL: http://119.42.34.43:8085/
Protocol
HTTP/1.1
Server
119.42.34.43 , Australia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),
Reverse DNS
Software
nginx /
Resource Hash
2ce0a5a9a594c854df31ea31eb01800c32b0774905da7e84655810050948238c

Request headers

Referer
http://119.42.34.43:8085/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 21:40:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Oct 2019 13:40:50 GMT
Server
nginx
ETag
W/"5d9f34e2-a12"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
jquery-1.9.1.min.js
119.42.34.43/js/
90 KB
32 KB
Script
General
Full URL
http://119.42.34.43:8085/js/jquery-1.9.1.min.js
Requested by
Host: 119.42.34.43
URL: http://119.42.34.43:8085/
Protocol
HTTP/1.1
Server
119.42.34.43 , Australia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),
Reverse DNS
Software
nginx /
Resource Hash
b43d52aa1aedc42f1b2fdcf425d6bd74018ae651ebc5b05c6a209ff23aff701f

Request headers

Referer
http://119.42.34.43:8085/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 21:40:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Oct 2019 13:40:50 GMT
Server
nginx
ETag
W/"5d9f34e2-169d8"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
clipboard.min.js
119.42.34.43/js/
11 KB
4 KB
Script
General
Full URL
http://119.42.34.43:8085/js/clipboard.min.js
Requested by
Host: 119.42.34.43
URL: http://119.42.34.43:8085/
Protocol
HTTP/1.1
Server
119.42.34.43 , Australia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),
Reverse DNS
Software
nginx /
Resource Hash
1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44

Request headers

Referer
http://119.42.34.43:8085/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 21:40:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Oct 2019 13:40:50 GMT
Server
nginx
ETag
W/"5d9f34e2-2a02"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
data.js
119.42.34.43/js/
870 B
718 B
Script
General
Full URL
http://119.42.34.43:8085/js/data.js
Requested by
Host: 119.42.34.43
URL: http://119.42.34.43:8085/
Protocol
HTTP/1.1
Server
119.42.34.43 , Australia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),
Reverse DNS
Software
nginx /
Resource Hash
33d21edfe7747bcc2446abc6898d7500d31026892aaa47db7044303fdb5dbed7

Request headers

Referer
http://119.42.34.43:8085/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 21:40:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Nov 2019 17:03:10 GMT
Server
nginx
ETag
W/"5ddeac4e-366"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
hm.js
hm.baidu.com/
37 KB
13 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?3f6e006f81a637c10f8d0af7aaf3d90d
Requested by
Host: 119.42.34.43
URL: http://119.42.34.43:8085/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
14547e7ff92cd015d3fd64a4bcee4cc5c33124e75a60542aed1225987cf451b5
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
http://119.42.34.43:8085/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 21:40:22 GMT
Content-Encoding
gzip
Server
apache
Etag
5ce9050540b189e2e197b3c4d71db1ba
Strict-Transport-Security
max-age=172800
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
13257
m-bg.jpg
119.42.34.43/m/img/
73 KB
74 KB
Image
General
Full URL
http://119.42.34.43:8085/m/img/m-bg.jpg
Requested by
Host: 119.42.34.43
URL: http://119.42.34.43:8085/
Protocol
HTTP/1.1
Server
119.42.34.43 , Australia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),
Reverse DNS
Software
nginx /
Resource Hash
b659369a3d7a7fdd3a3f3a7eed8ace5224331a79e6332403de33cfc27b9752d8

Request headers

Referer
http://119.42.34.43:8085/m/css/m.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 21:40:22 GMT
Last-Modified
Thu, 10 Oct 2019 13:40:50 GMT
Server
nginx
ETag
"5d9f34e2-1255e"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
75102
m-header.png
119.42.34.43/m/img/
59 KB
60 KB
Image
General
Full URL
http://119.42.34.43:8085/m/img/m-header.png
Requested by
Host: 119.42.34.43
URL: http://119.42.34.43:8085/
Protocol
HTTP/1.1
Server
119.42.34.43 , Australia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),
Reverse DNS
Software
nginx /
Resource Hash
61dad17d2f8b742dc7df7a40b20ddde9cfe7f21ad6c7b201ca6ac41fef761d90

Request headers

Referer
http://119.42.34.43:8085/m/css/m.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 21:40:22 GMT
Last-Modified
Thu, 10 Oct 2019 13:40:50 GMT
Server
nginx
ETag
"5d9f34e2-edc6"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
60870
2281179723.jpg
119.42.34.43/QR/
66 KB
67 KB
Image
General
Full URL
http://119.42.34.43:8085/QR/2281179723.jpg
Requested by
Host: 119.42.34.43
URL: http://119.42.34.43:8085/
Protocol
HTTP/1.1
Server
119.42.34.43 , Australia, ASN132825 (MYTEK-AS-AP Defense Australia Network, AU),
Reverse DNS
Software
nginx /
Resource Hash
509466c0d31836d83d523a7342d10d10a9c6bb28cbc01125dfffcda7c68a5511

Request headers

Referer
http://119.42.34.43:8085/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 Nov 2019 21:40:23 GMT
Last-Modified
Thu, 21 Nov 2019 11:00:02 GMT
Server
nginx
ETag
"5dd66e32-1099a"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
67994
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=592856779&si=3f6e006f81a637c10f8d0af7aaf3d90d&su=http%3A%2F%2Fsagawa-aqo.com%2Fpp.html&v=1.2.64&lv=1&sn=19238&ct=!!&tt=%E8%B4%A2%E7%A5%9E%E8%AE%A1%E5%88%92%E5%9B%A2%E9%98%9F%20-%20%E6%99%A8%E5%85%B4%E5%BD%A9%E7%A5%A8
Requested by
Host: 119.42.34.43
URL: http://119.42.34.43:8085/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
http://119.42.34.43:8085/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Nov 2019 21:40:23 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate boolean| isMobile object| _hmt function| $ function| jQuery function| ClipboardJS object| data object| random_item function| fill_content function| qq_content function| formatTemplate object| qq_grup_arr function| fill_init_data function| copywx function| jump_qq boolean| xin boolean| yin number| step number| delay object| $obj function| move number| T boolean| _bdhm_loaded_3f6e006f81a637c10f8d0af7aaf3d90d object| mini_tangram_log_bjzl0r

2 Cookies

Domain/Path Name / Value
119.42.34.43/ Name: Hm_lpvt_3f6e006f81a637c10f8d0af7aaf3d90d
Value: 1574890823
119.42.34.43/ Name: Hm_lvt_3f6e006f81a637c10f8d0af7aaf3d90d
Value: 1574890823