urlscan.io logo urlscan.io
SecurityTrails logo

bbs.nga.cn Open in urlscan Pro
163.171.132.220  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bbs.nga.cn/read.php?tid=14590826&rand=536
Effective URL: https://bbs.nga.cn/read.php?tid=14590826&rand=405
Submission: On July 24 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 4 domains to perform 19 HTTP transactions. The main IP is 163.171.132.220, located in Germany and belongs to QUANTILNETWORKS, US. The main domain is bbs.nga.cn.
TLS certificate: Issued by RapidSSL RSA CA 2018 on February 10th 2020. Valid for: 2 years.
This is the only time bbs.nga.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 163.171.132.220 54994 (QUANTILNE...)
19 2
Apex Domain
Subdomains		 Transfer
2 nga.cn
bbs.nga.cn
34 KB
0 178.com Failed
img4.nga.178.com Failed
0 cnzz.com Failed
w.cnzz.com Failed
0 Failed
function sub() { [native code] }. Failed
19 4
Domain Requested by
2 bbs.nga.cn bbs.nga.cn
0 img4.nga.178.com Failed bbs.nga.cn
0 w.cnzz.com Failed bbs.nga.cn
0 blank Failed bbs.nga.cn
19 4

This site contains no links.

Subject Issuer Validity Valid
*.nga.cn
RapidSSL RSA CA 2018		 2020-02-10 -
2022-04-10		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://bbs.nga.cn/read.php?tid=14590826&rand=405
Frame ID: 715ECF56F7DA988193D4A0C0C30FE31B
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bbs.nga.cn/read.php?tid=14590826&rand=536 Page URL
  2. https://bbs.nga.cn/read.php?tid=14590826&rand=405 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

19
Requests

11 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

34 kB
Transfer

122 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bbs.nga.cn/read.php?tid=14590826&rand=536 Page URL
  2. https://bbs.nga.cn/read.php?tid=14590826&rand=405 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set read.php
bbs.nga.cn/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bbs.nga.cn/read.php?tid=14590826&rand=536
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.220 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx / PHP/5.6.13
Resource Hash
bb45f0ab4410fc8e15517fbf317793ef703dcbd79f067b41b6645ae745db177a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Host
bbs.nga.cn
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 24 Jul 2020 15:54:30 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
X-Powered-By
PHP/5.6.13
Strict-Transport-Security
max-age=604800
X-NGA-SERVER
56
Set-Cookie
lastvisit=1595606069; path=/; domain=bbs.nga.cn; secure lastpath=/read.php?tid=14590826&rand=536; path=/; domain=bbs.nga.cn; secure ngaPassportUid=guest05f1b0435613ad; expires=Sat, 25-Jul-2020 01:54:29 GMT; Max-Age=36000; path=/; domain=.nga.cn
X-NGA-CONTENT-TYPE
short-message
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
X-Via
1.1 PS-000-01tL0180:2 (Cdn Cache Server V2.0), 1.1 PS-FRA-01EYZ173:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id
5f1b0436_PS-FRA-01EYZ173_3704-11271
blank
/ 		0
0
c.php
w.cnzz.com/ 		0
0
c.php
w.cnzz.com/ 		0
0
Primary Request Cookie set read.php
bbs.nga.cn/ 		118 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bbs.nga.cn/read.php?tid=14590826&rand=405
Requested by
Host: bbs.nga.cn
URL: https://bbs.nga.cn/read.php?tid=14590826&rand=536
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.132.220 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx / PHP/5.6.13
Resource Hash
9794a13f5ba380bfed856938156d596e261215de35223af47f93f741b54aab31
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Host
bbs.nga.cn
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://bbs.nga.cn/read.php?tid=14590826&rand=536
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
lastvisit=1595606069; ngaPassportUid=guest05f1b0435613ad; guestJs=1595606069
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bbs.nga.cn/read.php?tid=14590826&rand=536

Response headers

Date
Fri, 24 Jul 2020 15:54:31 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
X-Powered-By
PHP/5.6.13
Strict-Transport-Security
max-age=604800
X-NGA-SERVER
56
Set-Cookie
lastvisit=1595606070; path=/; domain=bbs.nga.cn; secure lastpath=/read.php?tid=14590826&rand=405; path=/; domain=bbs.nga.cn; secure
Content-Encoding
gzip
X-Via
1.1 PS-000-01tL0180:2 (Cdn Cache Server V2.0), 1.1 PS-FRA-01EYZ173:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id
5f1b0437_PS-FRA-01EYZ173_3704-11520
js_commonLib.js
img4.nga.178.com/common_res/ 		0
0
js_dslist_default.js
img4.nga.178.com/ngabbs/nga_classic/ 		0
0
js_combine_data.js
img4.nga.178.com/proxy/cache_attach/ 		0
0
js_dscommon.js
img4.nga.178.com/common_res/ 		0
0
js_md5.js
img4.nga.178.com/common_res/ 		0
0
js_commonui.js
img4.nga.178.com/common_res/ 		0
0
js_forum.js
img4.nga.178.com/common_res/ 		0
0
js_box.js
img4.nga.178.com/common_res/ 		0
0
js_default.js
img4.nga.178.com/ngabbs/nga_classic/ 		0
0
js_bbscode_core.js
img4.nga.178.com/common_res/ 		0
0
js_bbscode_smiles.js
img4.nga.178.com/ngabbs/nga_classic/ 		0
0
js_mainMenu.js
img4.nga.178.com/common_res/ 		0
0
js_customBg.js
img4.nga.178.com/ngabbs/nga_classic/ 		0
0
js_postfunc_v2.js
img4.nga.178.com/common_res/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
blank
URL
about:blank
Domain
w.cnzz.com
URL
http://w.cnzz.com/c.php?id=30043604
Domain
w.cnzz.com
URL
http://w.cnzz.com/c.php?id=30039253
Domain
img4.nga.178.com
URL
https://img4.nga.178.com/common_res/js_commonLib.js?120868
Domain
img4.nga.178.com
URL
https://img4.nga.178.com/ngabbs/nga_classic/js_dslist_default.js?1204790
Domain
img4.nga.178.com
URL
https://img4.nga.178.com/proxy/cache_attach/js_combine_data.js?5318686
Domain
img4.nga.178.com
URL
https://img4.nga.178.com/common_res/js_dscommon.js?1204486
Domain
img4.nga.178.com
URL
https://img4.nga.178.com/common_res/js_md5.js?140333
Domain
img4.nga.178.com
URL
https://img4.nga.178.com/common_res/js_commonui.js?5856769
Domain
img4.nga.178.com
URL
https://img4.nga.178.com/common_res/js_forum.js?3062924
Domain
img4.nga.178.com
URL
https://img4.nga.178.com/common_res/js_box.js?8673177
Domain
img4.nga.178.com
URL
https://img4.nga.178.com/ngabbs/nga_classic/js_default.js?9938502
Domain
img4.nga.178.com
URL
https://img4.nga.178.com/common_res/js_bbscode_core.js?1393514
Domain
img4.nga.178.com
URL
https://img4.nga.178.com/ngabbs/nga_classic/js_bbscode_smiles.js?2951326
Domain
img4.nga.178.com
URL
https://img4.nga.178.com/common_res/js_mainMenu.js?110863
Domain
img4.nga.178.com
URL
https://img4.nga.178.com/ngabbs/nga_classic/js_customBg.js?111113
Domain
img4.nga.178.com
URL
https://img4.nga.178.com/common_res/js_postfunc_v2.js?3062924

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| __CURRENT_UID object| __CURRENT_AVATAR number| __NOW string| __CURRENT_UNAME string| __CACHE_PATH string| __MISC_COOKIE_NAME string| __CHARSET object| __GP number| _NotLoad178NavAll object| ngaAds string| __IMG_BASE string| __IMGPATH string| __IMG_STYLE string| __COMMONRES_PATH string| __BBSURL string| __CKDOMAIN string| __LASTDOMAIN string| __ATTACH_BASE string| __ATTACH_BASE_UPLOAD string| __ATTACH_BASE_UPLOAD_SEC string| __ATTACH_BASE_VIEW string| __ATTACH_BASE_VIEW_SEC string| __RES_BASE string| __RES_BASE_SEC string| __DSBASE object| __STYLE object| __SCRIPTS number| __CURRENT_FID number| __CURRENT_F_BIT number| __CURRENT_TID number| __CURRENT_STID number| tmp

3 Cookies

Domain/Path Name / Value
.nga.cn/ Name: ngaPassportUid
Value: guest05f1b0435613ad
.bbs.nga.cn/ Name: guestJs
Value: 1595606069
.bbs.nga.cn/ Name: lastvisit
Value: 1595606069

8 Console Messages

Source Level URL
Text
console-api log URL: https://bbs.nga.cn/read.php?tid=14590826&rand=405(Line 182)
Message:
https://img4.nga.178.com/common_res/js_commonLib.js?120868 load error
console-api log URL: https://bbs.nga.cn/read.php?tid=14590826&rand=405(Line 182)
Message:
https://img4.nga.178.com/ngabbs/nga_classic/js_dslist_default.js?1204790 load error
console-api log URL: https://bbs.nga.cn/read.php?tid=14590826&rand=405(Line 182)
Message:
https://img4.nga.178.com/proxy/cache_attach/js_combine_data.js?5318686 load error
console-api log URL: https://bbs.nga.cn/read.php?tid=14590826&rand=405(Line 182)
Message:
https://img4.nga.178.com/common_res/js_dscommon.js?1204486 load error
console-api log URL: https://bbs.nga.cn/read.php?tid=14590826&rand=405(Line 182)
Message:
https://img4.nga.178.com/common_res/js_md5.js?140333 load error
console-api log URL: https://bbs.nga.cn/read.php?tid=14590826&rand=405(Line 182)
Message:
https://img4.nga.178.com/common_res/js_commonui.js?5856769 load error
console-api log URL: https://bbs.nga.cn/read.php?tid=14590826&rand=405(Line 182)
Message:
https://img4.nga.178.com/common_res/js_forum.js?3062924 load error
console-api log URL: https://bbs.nga.cn/read.php?tid=14590826&rand=405(Line 182)
Message:
https://img4.nga.178.com/common_res/js_box.js?8673177 load error

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=604800

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbs.nga.cn
blank
img4.nga.178.com
w.cnzz.com
blank
img4.nga.178.com
w.cnzz.com
163.171.132.220
9794a13f5ba380bfed856938156d596e261215de35223af47f93f741b54aab31
bb45f0ab4410fc8e15517fbf317793ef703dcbd79f067b41b6645ae745db177a