that.fkg454a1.pw Open in urlscan Pro
47.74.245.16 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://yklian.top/b24.php
Effective URL:
http://that.fkg454a1.pw:5918/index.html
Submission: On August 12 via manual (August 12th 2018, 5:33:55 pm UTC) from US

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 10 domains to perform 19 HTTP transactions. The main IP is 47.74.245.16, located in San Mateo, United States and belongs to CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN. The main domain is that.fkg454a1.pw.

This is the only time that.fkg454a1.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	173.208.133.67 173.208.133.67	32097 (WII-KC) (WII-KC - WholeSale Internet)
1 10	47.74.245.16 47.74.245.16	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co.)
1	116.10.189.70 116.10.189.70	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1	183.131.24.61 183.131.24.61	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
19	5

3 173.208.133.67 (Kansas City, United States)

ASN32097 (WII-KC - WholeSale Internet, Inc., US)

yklian.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 47.74.245.16 (San Mateo, United States) 1 redirects

ASN45102 (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN)

that.zjhee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
that.fkg454a1.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
emss.zjhim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.10.189.70 (Nanning, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

ck.k0534.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.131.24.61 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

cdn.staticfile.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	fkg454a1.pw 1 redirects that.fkg454a1.pw	33 KB
3	yklian.top yklian.top	263 KB
1	zjhim.com emss.zjhim.com	2 KB
1	staticfile.org cdn.staticfile.org Failed	34 KB
1	k0534.com ck.k0534.com	14 KB
1	zjhee.com that.zjhee.com	2 KB
0	cnzz.com Failed s22.cnzz.com Failed
0	sinaimg.cn Failed wx4.sinaimg.cn Failed
0	ewtsoft.com Failed json.ewtsoft.com Failed
0	syasn.com Failed z.syasn.com Failed
19	10

	Domain	Requested by
8	that.fkg454a1.pw	1 redirects that.zjhee.com that.fkg454a1.pw
3	yklian.top	yklian.top
1	emss.zjhim.com	that.fkg454a1.pw
1	cdn.staticfile.org	that.fkg454a1.pw
1	ck.k0534.com	yklian.top
1	that.zjhee.com	yklian.top
0	s22.cnzz.com Failed	that.fkg454a1.pw
0	wx4.sinaimg.cn Failed	that.fkg454a1.pw
0	json.ewtsoft.com Failed	that.fkg454a1.pw
0	z.syasn.com Failed	yklian.top
19	10

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://that.fkg454a1.pw:5918/index.html
Frame ID: 6BD7B8072CBE2FD33209947EF472F247
Requests: 16 HTTP requests in this frame

Frame: http://yklian.top/vip/m24.html
Frame ID: 1634C68016E26B616294CA3E5378360E
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://yklian.top/b24.php Page URL
http://that.fkg454a1.pw:5918/xbb/zxtiao.asp HTTP 302
http://that.fkg454a1.pw:5918/xbb/zxtl.htm Page URL
http://that.fkg454a1.pw:5918/xbb/mb/403.htm Page URL
http://that.fkg454a1.pw:5918/index.html Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

Page Statistics

19
Requests

0 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

5
IPs

2
Countries

348 kB
Transfer

750 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://yklian.top/b24.php Page URL
http://that.fkg454a1.pw:5918/xbb/zxtiao.asp HTTP 302
http://that.fkg454a1.pw:5918/xbb/zxtl.htm Page URL
http://that.fkg454a1.pw:5918/xbb/mb/403.htm Page URL
http://that.fkg454a1.pw:5918/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://that.fkg454a1.pw:5918/xbb/zxtiao.asp HTTP 302
http://that.fkg454a1.pw:5918/xbb/zxtl.htm

19 HTTP transactions
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	b24.php Show response yklian.top/	213 KB 131 KB	1287ms 701ms	Document text/html	173.208.133.67 WholeSale Internet
General Check archive.org Show headers Download Go to Full URL http://yklian.top/b24.php Protocol HTTP/1.1 Server 173.208.133.67 Kansas City, United States, ASN32097 (WII-KC - WholeSale Internet, Inc., US), Reverse DNS Software Microsoft-IIS/7.5 / PHP/5.2.17 ASP.NET Resource Hash `c8430aa0edd98e5074aaf6eda0fffe6a3a23130341609f8a588ed96de02834a2` Request headers Host yklian.top Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 6BD7B8072CBE2FD33209947EF472F247 Response headers Content-Type text/html Content-Encoding gzip Vary Accept-Encoding Server Microsoft-IIS/7.5 X-Powered-By PHP/5.2.17 ASP.NET Date Sun, 12 Aug 2018 17:33:39 GMT Connection close
GET H/1.1	200 OK	wsgg.js Show response yklian.top/	107 B 519 B	117ms 117ms	Script application/x-javascript	173.208.133.67 WholeSale Internet
General Check archive.org Show headers Download Go to Full URL http://yklian.top/wsgg.js Requested by Host: yklian.top URL: http://yklian.top/b24.php Protocol HTTP/1.1 Server 173.208.133.67 Kansas City, United States, ASN32097 (WII-KC - WholeSale Internet, Inc., US), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `b8b1ee7279fed438d9e5448fbb0866dfaaaefa1b4dbcd171b264da00b855892c` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host yklian.top User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://yklian.top/b24.php Connection keep-alive Cache-Control no-cache Referer http://yklian.top/b24.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 Aug 2018 17:33:40 GMT Content-Encoding gzip Last-Modified Tue, 27 Feb 2018 10:07:53 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "2a649dd4b2afd31:0" Vary Accept-Encoding Content-Type application/x-javascript Accept-Ranges bytes Content-Length 210
GET H/1.1	200 OK	m24.html Show response yklian.top/vip/ Frame 1634	212 KB 131 KB	238ms 122ms	Document text/html	173.208.133.67 WholeSale Internet
General Check archive.org Show headers Download Go to Full URL http://yklian.top/vip/m24.html Requested by Host: yklian.top URL: http://yklian.top/b24.php Protocol HTTP/1.1 Server 173.208.133.67 Kansas City, United States, ASN32097 (WII-KC - WholeSale Internet, Inc., US), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `9f0cec194484294a1c14df73ccb476d2075165692a4cf1aa2d959eb6d049e181` Request headers Host yklian.top Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://yklian.top/b24.php Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 6BD7B8072CBE2FD33209947EF472F247 Referer http://yklian.top/b24.php Response headers Transfer-Encoding chunked Content-Type text/html Content-Encoding gzip Last-Modified Thu, 22 Dec 2016 06:57:13 GMT Accept-Ranges bytes ETag "1b4bda9f205cd21:0" Vary Accept-Encoding Server Microsoft-IIS/7.5 X-Powered-By ASP.NET Date Sun, 12 Aug 2018 17:33:40 GMT
GET H/1.1	200 OK	that.js Show response that.zjhee.com/js/	5 KB 2 KB	699ms 176ms	Script application/javascript	47.74.245.16 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL http://that.zjhee.com:588/js/that.js Requested by Host: yklian.top URL: http://yklian.top/wsgg.js Protocol HTTP/1.1 Server 47.74.245.16 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `42a81485ad3acaa0b4d02dfae6e70c0f2490d2291c4129d7b6198f819d3e9261` Request headers Referer http://yklian.top/b24.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Sun, 12 Aug 2018 17:33:41 GMT Content-Encoding gzip Last-Modified Sun, 12 Aug 2018 15:33:46 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "0e9aedb5132d41:0" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 1752
GET H/1.1	200 OK	ckplayer.js ck.k0534.com/ckplayer/ Frame 1634	51 KB 14 KB	1080ms 463ms	Script application/x-javascript	116.10.189.70 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL http://ck.k0534.com/ckplayer/ckplayer.js Requested by Host: yklian.top URL: http://yklian.top/vip/m24.html Protocol HTTP/1.1 Server 116.10.189.70 Nanning, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Microsoft-IIS/7.5 / ASP.NET Resource Hash Request headers Referer http://yklian.top/vip/m24.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 Aug 2018 17:29:51 GMT Content-Encoding gzip Last-Modified Fri, 17 Feb 2017 08:41:00 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET ETag "0768490f988d21:0" Vary Accept-Encoding Content-Type application/x-javascript Accept-Ranges bytes Content-Length 14000
GET H/1.1	200 OK	zxtl.htm Show response that.fkg454a1.pw/xbb/ Redirect Chain http://that.fkg454a1.pw:5918/xbb/zxtiao.asp http://that.fkg454a1.pw:5918/xbb/zxtl.htm	127 KB 18 KB	169ms 169ms	Document text/html	47.74.245.16 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL http://that.fkg454a1.pw:5918/xbb/zxtl.htm Requested by Host: that.zjhee.com URL: http://that.zjhee.com:588/js/that.js Protocol HTTP/1.1 Server 47.74.245.16 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `df2f3a0ff46bb304b7e98c953d1db52f759b31cd5a2ae9b283b1ab8c663ac431` Request headers Host that.fkg454a1.pw:5918 Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://yklian.top/b24.php Accept-Encoding gzip, deflate Cookie ASPSESSIONIDSQTQACDB=LDEOMPNDLFEKCGJIANKFGMKL Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 6BD7B8072CBE2FD33209947EF472F247 Referer http://yklian.top/b24.php Response headers Content-Type text/html Content-Encoding gzip Last-Modified Sun, 12 Aug 2018 08:04:29 GMT Accept-Ranges bytes ETag "8024f181332d41:0" Vary Accept-Encoding Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Date Sun, 12 Aug 2018 17:33:42 GMT Content-Length 17876 Redirect headers Cache-Control private Content-Type text/html Location ./zxtl.htm Server Microsoft-IIS/8.5 Set-Cookie ASPSESSIONIDSQTQACDB=LDEOMPNDLFEKCGJIANKFGMKL; path=/ X-Powered-By ASP.NET Date Sun, 12 Aug 2018 17:33:42 GMT Content-Length 108
GET DATA	200 OK	truncated / Frame 1634	715 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Response headers Access-Control-Allow-Origin * Content-Type image/png
GET DATA	200 OK	truncated / Frame 1634	381 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Response headers Access-Control-Allow-Origin * Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 1634	243 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Response headers Access-Control-Allow-Origin * Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 1634	352 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Response headers Access-Control-Allow-Origin * Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 1634	178 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Response headers Access-Control-Allow-Origin * Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 1634	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Response headers Access-Control-Allow-Origin * Content-Type image/png
GET		c169.mp4 z.syasn.com/c/ Frame 1634	0 0

GET DATA	200 OK	truncated / Frame 1634	177 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Response headers Access-Control-Allow-Origin * Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 1634	552 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Response headers Access-Control-Allow-Origin * Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 1634	547 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Response headers Access-Control-Allow-Origin * Content-Type image/svg+xml
GET H/1.1	200 OK	main.css that.fkg454a1.pw/xbb/mm/	38 KB 8 KB	489ms 166ms	Stylesheet text/css	47.74.245.16 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL http://that.fkg454a1.pw:5918/xbb/mm/main.css Requested by Host: that.fkg454a1.pw URL: http://that.fkg454a1.pw:5918/xbb/zxtl.htm Protocol HTTP/1.1 Server 47.74.245.16 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `97db199c6c5b3af8f5de92bf49637e3ec3b285ae1df9d594238b501f2d941a51` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host that.fkg454a1.pw:5918 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer http://that.fkg454a1.pw:5918/xbb/zxtl.htm Cookie ASPSESSIONIDSQTQACDB=LDEOMPNDLFEKCGJIANKFGMKL Connection keep-alive Cache-Control no-cache Referer http://that.fkg454a1.pw:5918/xbb/zxtl.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 Aug 2018 17:33:43 GMT Content-Encoding gzip Last-Modified Sun, 31 Dec 2017 05:27:24 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "046ca9f881d31:0" Vary Accept-Encoding Content-Type text/css Accept-Ranges bytes Content-Length 7936
GET H/1.1	200 OK	pc.js that.fkg454a1.pw/xbb/mb/	808 B 769 B	526ms 158ms	Script application/javascript	47.74.245.16 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL http://that.fkg454a1.pw:5918/xbb/mb/pc.js Requested by Host: that.fkg454a1.pw URL: http://that.fkg454a1.pw:5918/xbb/zxtl.htm Protocol HTTP/1.1 Server 47.74.245.16 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host that.fkg454a1.pw:5918 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://that.fkg454a1.pw:5918/xbb/zxtl.htm Cookie ASPSESSIONIDSQTQACDB=LDEOMPNDLFEKCGJIANKFGMKL Connection keep-alive Cache-Control no-cache Referer http://that.fkg454a1.pw:5918/xbb/zxtl.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 Aug 2018 17:33:43 GMT Content-Encoding gzip Last-Modified Sun, 01 Jul 2018 13:05:52 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "a980543d3c11d41:0" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 462
GET H/1.1	200 OK	ios.js that.fkg454a1.pw/xbb/mb/	675 B 699 B	532ms 161ms	Script application/javascript	47.74.245.16 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL http://that.fkg454a1.pw:5918/xbb/mb/ios.js Requested by Host: that.fkg454a1.pw URL: http://that.fkg454a1.pw:5918/xbb/zxtl.htm Protocol HTTP/1.1 Server 47.74.245.16 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host that.fkg454a1.pw:5918 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://that.fkg454a1.pw:5918/xbb/zxtl.htm Cookie ASPSESSIONIDSQTQACDB=LDEOMPNDLFEKCGJIANKFGMKL Connection keep-alive Cache-Control no-cache Referer http://that.fkg454a1.pw:5918/xbb/zxtl.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 Aug 2018 17:33:43 GMT Content-Encoding gzip Last-Modified Tue, 19 Sep 2017 11:11:25 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "20f74783831d31:0" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 393
GET H/1.1	200 OK	base64.js that.fkg454a1.pw/xbb/mb/	3 KB 1 KB	541ms 165ms	Script application/javascript	47.74.245.16 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL http://that.fkg454a1.pw:5918/xbb/mb/base64.js Requested by Host: that.fkg454a1.pw URL: http://that.fkg454a1.pw:5918/xbb/zxtl.htm Protocol HTTP/1.1 Server 47.74.245.16 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host that.fkg454a1.pw:5918 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://that.fkg454a1.pw:5918/xbb/zxtl.htm Cookie ASPSESSIONIDSQTQACDB=LDEOMPNDLFEKCGJIANKFGMKL Connection keep-alive Cache-Control no-cache Referer http://that.fkg454a1.pw:5918/xbb/zxtl.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 Aug 2018 17:33:43 GMT Content-Encoding gzip Last-Modified Sat, 14 Apr 2018 06:03:14 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "03d4046b6d3d31:0" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 836
GET		jsonzhejs json.ewtsoft.com/	0 0

GET		jquery.min.js cdn.staticfile.org/jquery/2.0.0/	0 0

GET		006nIoGNgy1fo22xsx0ozg30k003wjve.gif wx4.sinaimg.cn/mw690/	0 0

GET		z_stat.php s22.cnzz.com/	0 0

GET H/1.1	200 OK	403.htm Show response that.fkg454a1.pw/xbb/mb/	8 KB 3 KB	158ms 158ms	Document text/html	47.74.245.16 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL http://that.fkg454a1.pw:5918/xbb/mb/403.htm Requested by Host: that.fkg454a1.pw URL: http://that.fkg454a1.pw:5918/xbb/mb/pc.js Protocol HTTP/1.1 Server 47.74.245.16 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `024e222dfad2d88f4754bbababc3d68ebbb5a2321bed83e8c1d0977d50f8e66d` Request headers Host that.fkg454a1.pw:5918 Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://that.fkg454a1.pw:5918/xbb/zxtl.htm Accept-Encoding gzip, deflate Cookie ASPSESSIONIDSQTQACDB=LDEOMPNDLFEKCGJIANKFGMKL Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 6BD7B8072CBE2FD33209947EF472F247 Referer http://that.fkg454a1.pw:5918/xbb/zxtl.htm Response headers Content-Type text/html Content-Encoding gzip Last-Modified Tue, 04 Jul 2017 07:21:36 GMT Accept-Ranges bytes ETag "0808b2b96f4d21:0" Vary Accept-Encoding Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Date Sun, 12 Aug 2018 17:33:43 GMT Content-Length 3001
GET H/1.1	200 OK	jquery.min.js Show response cdn.staticfile.org/jquery/2.0.0/	81 KB 34 KB	453ms 228ms	Script application/javascript	183.131.24.61 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL http://cdn.staticfile.org/jquery/2.0.0/jquery.min.js Requested by Host: that.fkg454a1.pw URL: http://that.fkg454a1.pw:5918/xbb/mb/403.htm Protocol HTTP/1.1 Server 183.131.24.61 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software marco/2.5 / Resource Hash `d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c` Request headers Referer http://that.fkg454a1.pw:5918/xbb/mb/403.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers X-Log mc.g;IO/304 Date Sun, 12 Aug 2018 17:33:43 GMT Via T.168.H, V.mix-hz-fdi-169, T.204.H, M.ctn-zj-lna2-029 Vary Accept-Encoding X-Svr IO Age 47377 Transfer-Encoding chunked Content-Transfer-Encoding binary Content-Disposition inline; filename="jquery.min.js"; filename=utf-8' 'jquery.min.js Connection* keep-alive Content-Encoding gzip X-M-Reqid fggAACCg50_lg0QV X-Request-Id 7ce7469b71712fe485e5f094b6b66850; 83002ee900f97e3ce12a7843797ee8ae X-M-Log QNM:xs440;QNM3:3 Last-Modified Tue, 16 Feb 2016 04:22:55 GMT Server marco/2.5 ETag W/"FgvgXHFKfmzyj-aSYp7OWzdpkB3K" Access-Control-Max-Age 2592000 Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Log, X-Reqid Cache-Control max-age=86400 X-Source C/200 X-Qiniu-Zone 0 X-Qnm-Cache Hit X-Reqid tEwAABg83W8pUUQV Expires Mon, 13 Aug 2018 04:24:06 GMT
GET H/1.1	200 OK	zjaz.js Show response emss.zjhim.com/js/	4 KB 2 KB	1435ms 161ms	Script application/javascript	47.74.245.16 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL http://emss.zjhim.com:588/js/zjaz.js Requested by Host: that.fkg454a1.pw URL: http://that.fkg454a1.pw:5918/xbb/mb/403.htm Protocol HTTP/1.1 Server 47.74.245.16 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `1d5d6d553c2cda697b2eed86de63b73e080ceec6dddb7add2f4dd0baabf25382` Request headers Referer http://that.fkg454a1.pw:5918/xbb/mb/403.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 12 Aug 2018 17:33:44 GMT Content-Encoding gzip Last-Modified Fri, 03 Aug 2018 11:32:10 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "019ad9d1d2bd41:0" Vary Accept-Encoding Content-Type application/javascript Accept-Ranges bytes Content-Length 1474
GET H/1.1	200 OK	Primary Request index.html Show response that.fkg454a1.pw/	1 KB 1 KB	158ms 158ms	Document text/html	47.74.245.16 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL http://that.fkg454a1.pw:5918/index.html Requested by Host: that.fkg454a1.pw URL: http://that.fkg454a1.pw:5918/xbb/mb/403.htm Protocol HTTP/1.1 Server 47.74.245.16 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd., CN), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash `d542ce5acd00556a728cd3a1b20eaaef94c698267f3aa1bfeb07151c61834094` Request headers Host that.fkg454a1.pw:5918 Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://that.fkg454a1.pw:5918/xbb/mb/403.htm Accept-Encoding gzip, deflate Cookie ASPSESSIONIDSQTQACDB=LDEOMPNDLFEKCGJIANKFGMKL Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 6BD7B8072CBE2FD33209947EF472F247 Referer http://that.fkg454a1.pw:5918/xbb/mb/403.htm Response headers Content-Type text/html Content-Encoding gzip Last-Modified Fri, 05 Jan 2018 15:57:25 GMT Accept-Ranges bytes ETag "383d84e13d86d31:0" Vary Accept-Encoding Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Date Sun, 12 Aug 2018 17:33:45 GMT Content-Length 1214

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: z.syasn.com
URL: http://z.syasn.com/c/c169.mp4

Domain: json.ewtsoft.com
URL: https://json.ewtsoft.com/jsonzhejs?f=biaotz

Domain: cdn.staticfile.org
URL: https://cdn.staticfile.org/jquery/2.0.0/jquery.min.js

Domain: wx4.sinaimg.cn
URL: http://wx4.sinaimg.cn/mw690/006nIoGNgy1fo22xsx0ozg30k003wjve.gif

Domain: s22.cnzz.com
URL: https://s22.cnzz.com/z_stat.php?id=1265123842&web_id=1265123842

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			that.fkg454a1.pw/	1969-12-31 23:59:59	Name: ASPSESSIONIDSQTQACDB Value: LDEOMPNDLFEKCGJIANKFGMKL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.staticfile.org
ck.k0534.com
emss.zjhim.com
json.ewtsoft.com
s22.cnzz.com
that.fkg454a1.pw
that.zjhee.com
wx4.sinaimg.cn
yklian.top
z.syasn.com
cdn.staticfile.org
json.ewtsoft.com
s22.cnzz.com
wx4.sinaimg.cn
z.syasn.com
116.10.189.70
173.208.133.67
183.131.24.61
47.74.245.16
024e222dfad2d88f4754bbababc3d68ebbb5a2321bed83e8c1d0977d50f8e66d
1d5d6d553c2cda697b2eed86de63b73e080ceec6dddb7add2f4dd0baabf25382
42a81485ad3acaa0b4d02dfae6e70c0f2490d2291c4129d7b6198f819d3e9261
97db199c6c5b3af8f5de92bf49637e3ec3b285ae1df9d594238b501f2d941a51
9f0cec194484294a1c14df73ccb476d2075165692a4cf1aa2d959eb6d049e181
b8b1ee7279fed438d9e5448fbb0866dfaaaefa1b4dbcd171b264da00b855892c
c8430aa0edd98e5074aaf6eda0fffe6a3a23130341609f8a588ed96de02834a2
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
d542ce5acd00556a728cd3a1b20eaaef94c698267f3aa1bfeb07151c61834094
df2f3a0ff46bb304b7e98c953d1db52f759b31cd5a2ae9b283b1ab8c663ac431

that.fkg454a1.pw Open in urlscan Pro 47.74.245.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

0 %HTTPS

0 %IPv6

10 Domains

10 Subdomains

5 IPs

2 Countries

348 kBTransfer

750 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

Indicators

that.fkg454a1.pw Open in urlscan Pro
47.74.245.16 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

0 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

5
IPs

2
Countries

348 kB
Transfer

750 kB
Size

1
Cookies

19 HTTP transactions
9 data transactions