site.ip138.com Open in urlscan Pro
124.156.105.121 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://site.ip138.com/
Submission Tags: falconsandbox
Submission: On January 20 via api (January 20th 2022, 12:55:56 pm UTC) from US — Scanned from DE

Summary HTTP 52 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 7 domains to perform 52 HTTP transactions. The main IP is 124.156.105.121, located in Central, Hong Kong and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is site.ip138.com.

This is the only time site.ip138.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	124.156.105.121 124.156.105.121	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
11	2606:1980:2::24 2606:1980:2::24	54994 (QUANTILNE...) (QUANTILNETWORKS)
5	113.105.172.35 113.105.172.35	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1	120.237.55.18 120.237.55.18	9808 (CMNET-GD ...) (CMNET-GD Guangdong Mobile Communication Co.Ltd.)
1	113.113.73.48 113.113.73.48	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	2600:9000:223... 2600:9000:223d:6600:0:e2b1:a380:93a1	16509 (AMAZON-02) (AMAZON-02)
5	182.61.200.109 182.61.200.109	38365 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	180.101.212.103 180.101.212.103	134770 (CHINANET-...) (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network)
3	112.34.113.91 112.34.113.91	9808 (CMNET-GD ...) (CMNET-GD Guangdong Mobile Communication Co.Ltd.)
19	240e:97e:1000... 240e:97e:1000:400::7171:4323	58543 (CHINATELE...) (CHINATELECOM-GUANGDONG-IDC Guangdong)
1	125.74.40.36 125.74.40.36	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
52	13

1 124.156.105.121 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

site.ip138.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:1980:2::24 (United States)

ASN54994 (QUANTILNETWORKS, US)

cache.ip138.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ip138.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 113.105.172.35 (Dongguan, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

cpro.baidustatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 120.237.55.18 (Huizhou, China)

ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN)

site.liantu.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 113.113.73.48 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

push.zhanzhang.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:6600:0:e2b1:a380:93a1 (United States)

ASN16509 (AMAZON-02, US)

jspassport.ssl.qhimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 182.61.200.109 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

pos.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.101.212.103 (China)

ASN134770 (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network, CN)

api.share.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 112.34.113.91 (China)

ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN)

wn.pos.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 240e:97e:1000:400::7171:4323 (China)

ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN)

lupic.cdn.bcebos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 125.74.40.36 (Jiayuguan City, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

t11.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	bcebos.com lupic.cdn.bcebos.com — Cisco Umbrella Rank: 34204	475 KB
13	baidu.com push.zhanzhang.baidu.com — Cisco Umbrella Rank: 68837 hm.baidu.com — Cisco Umbrella Rank: 7901 pos.baidu.com — Cisco Umbrella Rank: 23637 api.share.baidu.com — Cisco Umbrella Rank: 45207 wn.pos.baidu.com — Cisco Umbrella Rank: 30249 t11.baidu.com — Cisco Umbrella Rank: 31500	64 KB
12	ip138.com site.ip138.com cache.ip138.com — Cisco Umbrella Rank: 565472 www.ip138.com	74 KB
5	baidustatic.com cpro.baidustatic.com — Cisco Umbrella Rank: 23284	55 KB
1	qhimg.com jspassport.ssl.qhimg.com — Cisco Umbrella Rank: 84111	452 B
1	liantu.cn site.liantu.cn	1003 B
0	qhres.com Failed s.ssl.qhres.com Failed
52	7

	Domain	Requested by
19	lupic.cdn.bcebos.com	pos.baidu.com
10	cache.ip138.com	site.ip138.com cache.ip138.com
5	pos.baidu.com	cpro.baidustatic.com
5	cpro.baidustatic.com	site.ip138.com pos.baidu.com
3	wn.pos.baidu.com	site.ip138.com pos.baidu.com
2	hm.baidu.com	site.ip138.com
1	www.ip138.com	cache.ip138.com
1	t11.baidu.com	pos.baidu.com
1	api.share.baidu.com	site.ip138.com
1	jspassport.ssl.qhimg.com	site.ip138.com
1	push.zhanzhang.baidu.com	site.ip138.com
1	site.liantu.cn	site.ip138.com
1	site.ip138.com
0	s.ssl.qhres.com Failed	jspassport.ssl.qhimg.com
52	14

This site contains links to these domains. Also see Links.

Domain
www.ip138.com
qq.ip138.com
www.liantu.com
caipiao.ip138.com
bifen.ip138.com
www.yitaifang.com
10.ip138.com
www.dnsdblookup.com
ym.zhongjie.com
wpa.qq.com
cdn.huashengdaili.com
www.fdaase.cn
www.chajiechi.com
chaziyu.com
chapangzhan.com
wenda.ip138.com
qq.3533.com

Subject Issuer	Validity	Valid
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-07-01` - `2022-08-02`	a year	crt.sh
*.ssl.qhimg.com WoTrus OV SSL CA	`2020-02-11` - `2022-05-11`	2 years	crt.sh
webssl.chinanetcenter.com DigiCert Basic RSA CN CA G2	`2021-07-09` - `2022-03-13`	8 months	crt.sh
*.cdn.bcebos.com DigiCert Secure Site Pro CN CA G3	`2021-04-14` - `2022-05-08`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://site.ip138.com/
Frame ID: B08763F17F74FB08EE731E63CF37A5D3
Requests: 24 HTTP requests in this frame

Frame: https://pos.baidu.com/mcfm?conwid=504&conhei=152&rdid=3920846&dc=3&di=u3920846&s1=1017190713&s2=1589993310&tr=1642683346&mt=d89f1c3dfe2cf91a&dri=1&dis=0&dai=2&ps=1386x675&enu=encoding&exps=110259,110252,110011&ant=0&aa=1&psi=7062524f1555fb1c&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1642683344357&ti=%E5%9F%9F%E5%90%8D%E6%9F%A5iP%20%E5%9F%9F%E5%90%8D%E8%A7%A3%E6%9E%90%20iP%E6%9F%A5%E8%AF%A2%E7%BD%91%E7%AB%99%20iP%E5%8F%8D%E6%9F%A5%E5%9F%9F%E5%90%8D%20iP%E5%8F%8D%E6%9F%A5%E7%BD%91%E7%AB%99%20%E5%90%8C%E4%B8%80iP%E7%BD%91%E7%AB%99%20%E5%90%8CiP%E7%BD%91%E7%AB%99%E5%9F%9F%E5%90%8DiP%E6%9F%A5%E8%AF%A2&ari=2&ver=0119&dbv=2&drs=1&pcs=1600x1200&pss=1600x1669&cfv=0&cpl=3&chi=2&cce=true&cec=UTF-8&tlm=1642683344&prot=2&rw=1200&ltu=http%3A%2F%2Fsite.ip138.com%2F&ecd=1&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1642683344&qn=a86a877526613a5e&fp=513d228219b81fb4a1022f419bb5e027
Frame ID: 6C00E166973F5D4B37CF0DC07483EE45
Requests: 16 HTTP requests in this frame

Frame: https://pos.baidu.com/mcfm?conwid=504&conhei=152&rdid=3920846&dc=3&di=u3920846&s1=1744986891&s2=2092269561&tr=1642683346&mt=c18a47de6a82a722&dri=0&dis=0&dai=1&ps=837x675&enu=encoding&exps=110259,110252,110011&ant=0&aa=1&psi=7062524f1555fb1c&dcb=___adblockplus_&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tpr=1642683344357&ti=%E5%9F%9F%E5%90%8D%E6%9F%A5iP%20%E5%9F%9F%E5%90%8D%E8%A7%A3%E6%9E%90%20iP%E6%9F%A5%E8%AF%A2%E7%BD%91%E7%AB%99%20iP%E5%8F%8D%E6%9F%A5%E5%9F%9F%E5%90%8D%20iP%E5%8F%8D%E6%9F%A5%E7%BD%91%E7%AB%99%20%E5%90%8C%E4%B8%80iP%E7%BD%91%E7%AB%99%20%E5%90%8CiP%E7%BD%91%E7%AB%99%E5%9F%9F%E5%90%8DiP%E6%9F%A5%E8%AF%A2&ari=2&ver=0119&dbv=2&drs=1&pcs=1600x1200&pss=1600x1669&cfv=0&cpl=3&chi=2&cce=true&cec=UTF-8&tlm=1642683344&prot=2&rw=1200&ltu=http%3A%2F%2Fsite.ip138.com%2F&ecd=1&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1642683344&qn=af5fb7ec94bde45a&fp=513d228219b81fb4a1022f419bb5e027
Frame ID: 366BADABB2720EFA90EB12B8F72CB2AE
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

域名查iP 域名解析 iP查询网站 iP反查域名 iP反查网站同一iP网站同iP网站域名iP查询

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Page Statistics

52
Requests

71 %
HTTPS

25 %
IPv6

7
Domains

14
Subdomains

13
IPs

3
Countries

669 kB
Transfer

885 kB
Size

4
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: http://www.ip138.com/

Search URL Search Domain Scan URL

URL: http://qq.ip138.com/weather/
Title: 天气预报

Search URL Search Domain Scan URL

URL: http://www.ip138.com/sj/
Title: 手机号码归属地查询

Search URL Search Domain Scan URL

URL: https://www.liantu.com/
Title: 二维码生成器

Search URL Search Domain Scan URL

URL: https://caipiao.ip138.com/
Title: 彩票开奖查询

Search URL Search Domain Scan URL

URL: http://bifen.ip138.com/
Title: 体育比赛比分

Search URL Search Domain Scan URL

URL: https://www.yitaifang.com/
Title: 以太坊区块浏览器

Search URL Search Domain Scan URL

URL: http://www.ip138.com/weizhang.htm
Title: 车辆交通违章查询

Search URL Search Domain Scan URL

URL: http://10.ip138.com/
Title: 品牌排行榜

Search URL Search Domain Scan URL

URL: http://qq.ip138.com/hl.asp
Title: 汇率查询

Search URL Search Domain Scan URL

URL: http://www.ip138.com/jb.htm
Title: 国内国际机票查询

Search URL Search Domain Scan URL

URL: http://qq.ip138.com/train/
Title: 国内列车时刻表查询

Search URL Search Domain Scan URL

URL: http://qq.ip138.com/tran.htm
Title: 在线翻译

Search URL Search Domain Scan URL

URL: http://www.ip138.com/ems/
Title: 快递查询

Search URL Search Domain Scan URL

URL: http://www.ip138.com/post/
Title: 区号查询

Search URL Search Domain Scan URL

URL: http://qq.ip138.com/idsearch/
Title: 身份证号码查询验证

Search URL Search Domain Scan URL

URL: http://qq.ip138.com/wb/wb.asp
Title: 拼音查询

Search URL Search Domain Scan URL

URL: http://qq.ip138.com/zt.htm
Title: 转贴工具

Search URL Search Domain Scan URL

URL: http://qq.ip138.com/day/
Title: 阴阳转换万年历

Search URL Search Domain Scan URL

URL: http://www.ip138.com/carlist.htm
Title: 全国各地车牌查询表

Search URL Search Domain Scan URL

URL: http://qq.ip138.com/converter.htm
Title: 在线度衡量转换器

Search URL Search Domain Scan URL

URL: http://www.ip138.com/gb.htm
Title: 汉字简体繁体转换

Search URL Search Domain Scan URL

URL: http://www.dnsdblookup.com/
Title: 跳转 (Yes)

Search URL Search Domain Scan URL

URL: https://ym.zhongjie.com/?ip138.com
Title: 域名注册com49元

Search URL Search Domain Scan URL

URL: http://wpa.qq.com/msgrd?v=3&uin=3083352837&site=qq&menu=yes
Title: 广告QQ:3083352837

Search URL Search Domain Scan URL

URL: https://cdn.huashengdaili.com/ip138/

Search URL Search Domain Scan URL

URL: http://www.fdaase.cn/vap/official_website_3/index.html

Search URL Search Domain Scan URL

URL: http://www.ip138.com/mp/
Title: 媒体号

Search URL Search Domain Scan URL

URL: https://www.chajiechi.com/
Title: 劫持检测

Search URL Search Domain Scan URL

URL: https://chaziyu.com/
Title: 查子域

Search URL Search Domain Scan URL

URL: https://chapangzhan.com/
Title: 旁站查询

Search URL Search Domain Scan URL

URL: https://wenda.ip138.com/
Title: 知识问答

Search URL Search Domain Scan URL

URL: http://www.ip138.com/mail.htm
Title: 发email

Search URL Search Domain Scan URL

URL: http://qq.3533.com:8080/book.asp?siteid=7
Title: 我们留言

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
site.ip138.com/ 12 KB
4 KB 896ms
347ms Document
text/html 124.156.105.121
TENCENT-NET-AP-CN...

General

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: 10BDC433CF96FDDD
.site.ip138.com/	1970-01-20 09:03:39	Name: Hm_lvt_d39191a0b09bb1eb023933edaa468cd5 Value: 1642683344
.site.ip138.com/	1969-12-31 23:59:59	Name: Hm_lpvt_d39191a0b09bb1eb023933edaa468cd5 Value: 1642683344
.baidu.com/	1970-01-20 09:03:39	Name: BAIDUID_BFESS Value: BB5F3AF3D4AAA05485E3EC0C7716A2FE:FG=1

Source	Level	URL Text
javascript	warning	URL: http://site.ip138.com/(Line 260) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://site.ip138.com/(Line 260) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.ssl.qhres.com/ssl/ab77b6ea7f3fbf79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.ssl.qhres.com/ssl/ab77b6ea7f3fbf79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://s.ssl.qhres.com/ssl/ab77b6ea7f3fbf79.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

site.ip138.com Open in urlscan Pro 124.156.105.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

52 Requests

71 %HTTPS

25 %IPv6

7 Domains

14 Subdomains

13 IPs

3 Countries

669 kBTransfer

885 kBSize

4 Cookies

34 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

site.ip138.com Open in urlscan Pro
124.156.105.121 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

71 %
HTTPS

25 %
IPv6

7
Domains

14
Subdomains

13
IPs

3
Countries

669 kB
Transfer

885 kB
Size

4
Cookies

52 HTTP transactions
4 data transactions