urlscan.io logo urlscan.io
SecurityTrails logo

www.ciie.org Open in urlscan Pro
183.131.200.246  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://helium.imailglobal.com/l/Jdhp6b58b9K404O3YnPy2Q/rboOkcffj892vtzTINvQ892POg/0fBFqSnK79SpmQwJKQuWqA
Effective URL: https://www.ciie.org/zbh/cn/19BusEx/SerArea/ProAud/sczl/20190829/18181.html
Submission Tags: falconsandbox
Submission: On May 23 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 2 HTTP transactions. The main IP is 183.131.200.246, located in China and belongs to CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN. The main domain is www.ciie.org.
TLS certificate: Issued by GeoTrust CN RSA CA G1 on February 18th 2021. Valid for: a year.
This is the only time www.ciie.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.139.57.120 16509 (AMAZON-02)
1 183.131.200.246 136190 (CHINATELE...)
1 47.246.43.224 24429 (TAOBAO Zh...)
2 2
Apex Domain
Subdomains		 Transfer
1 yundun.com
yundunarticle.yundun.com
63 KB
1 ciie.org
www.ciie.org
747 B
1 imailglobal.com
helium.imailglobal.com
293 B
2 3
Domain Requested by
1 yundunarticle.yundun.com www.ciie.org
1 www.ciie.org
1 helium.imailglobal.com 1 redirects
2 3

This site contains no links.

Subject Issuer Validity Valid
*.ciie.org
GeoTrust CN RSA CA G1		 2021-02-18 -
2022-03-20		 a year crt.sh
*.yundun.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-11 -
2022-08-10		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.ciie.org/zbh/cn/19BusEx/SerArea/ProAud/sczl/20190829/18181.html
Frame ID: 825F7C6EF967697F149FE307D6A8FCE9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://helium.imailglobal.com/l/Jdhp6b58b9K404O3YnPy2Q/rboOkcffj892vtzTINvQ892POg/0fBFqSnK79SpmQwJKQuWqA HTTP 302
    https://www.ciie.org/zbh/cn/19BusEx/SerArea/ProAud/sczl/20190829/18181.html Page URL

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

64 kB
Transfer

62 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://helium.imailglobal.com/l/Jdhp6b58b9K404O3YnPy2Q/rboOkcffj892vtzTINvQ892POg/0fBFqSnK79SpmQwJKQuWqA HTTP 302
    https://www.ciie.org/zbh/cn/19BusEx/SerArea/ProAud/sczl/20190829/18181.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 18181.html
www.ciie.org/zbh/cn/19BusEx/SerArea/ProAud/sczl/20190829/
Redirect Chain
  • https://helium.imailglobal.com/l/Jdhp6b58b9K404O3YnPy2Q/rboOkcffj892vtzTINvQ892POg/0fBFqSnK79SpmQwJKQuWqA
  • https://www.ciie.org/zbh/cn/19BusEx/SerArea/ProAud/sczl/20190829/18181.html
103 B
747 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ciie.org/zbh/cn/19BusEx/SerArea/ProAud/sczl/20190829/18181.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
183.131.200.246 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
WAF/2.4-12.1 /
Resource Hash
877052e8ae35fb57f5254761f9c26a62ccb672b3390eb96117c5ff54851ca643

Request headers

Host
www.ciie.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 23 May 2021 00:03:23 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Last-Modified
Fri, 27 Jul 2018 16:54:32 GMT
cache-control
max-age=300
S-Cnection
close
Set-Cookie
SF_cookie_1=96260894; path=/ yd_srvbl=b992791b0321c15d3922709da029d1e1; Expires=Sun, 23 May 2021 01:03:24 GMT; Path=/ waf_srvbl=609505894424688c7519bf3328e90c6b; Expires=Sun, 23 May 2021 01:03:23 GMT; Path=/
X-Cache
MISS
X-Request-Id
54ee7c76ab384b7586f9a0d49b15b186
Server
WAF/2.4-12.1
Content-Encoding
gzip

Redirect headers

Date
Sun, 23 May 2021 00:03:22 GMT
Server
Apache/2.4.29 (Ubuntu)
Location
https://www.ciie.org/zbh/cn/19BusEx/SerArea/ProAud/sczl/20190829/18181.html
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Network.png
yundunarticle.yundun.com/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yundunarticle.yundun.com/Network.png
Requested by
Host: www.ciie.org
URL: https://www.ciie.org/zbh/cn/19BusEx/SerArea/ProAud/sczl/20190829/18181.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.43.224 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
68fc1725db8de38df4737fa796b86c9fd449b47a41d82804439b6b1fb52ecdae

Request headers

Referer
https://www.ciie.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-qiniu-zone
0
x-log
X-Log
date
Wed, 05 May 2021 17:22:42 GMT
via
cache30.l2ot7-1[0,304-0,H], cache7.l2ot7-1[1,0], cache10.de2[0,150,200-0,H], cache7.de2[152,0]
x-svr
IO
content-md5
FUJMoEdhELz4kFX4v4cYyw==
age
1492842
x-cache
HIT TCP_HIT dirn:11:345064044
content-transfer-encoding
binary
x-swift-cachetime
2592000
content-disposition
inline; filename="Network.png"; filename*=utf-8''Network.png
x-swift-savetime
Mon, 10 May 2021 07:32:15 GMT
content-length
63602
x-m-reqid
DEQAAItv7m56O3wW
x-m-log
QNM:xs462;QNM3:1/304
last-modified
Thu, 29 Aug 2019 08:41:50 GMT
server
Tengine
etag
"Frme5c1fWnnduUdTwl0V8ul9VEvQ"
access-control-max-age
2592000
ali-swift-global-savetime
1598876655
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-qnm-cache
Hit
eagleid
2ff62b9b16217282046914095e
x-reqid
GgsAAACTF9n1gmkW

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated

3 Cookies

Domain/Path Name / Value
www.ciie.org/ Name: waf_srvbl
Value: 609505894424688c7519bf3328e90c6b
www.ciie.org/ Name: yd_srvbl
Value: b992791b0321c15d3922709da029d1e1
www.ciie.org/ Name: SF_cookie_1
Value: 96260894

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

helium.imailglobal.com
www.ciie.org
yundunarticle.yundun.com
18.139.57.120
183.131.200.246
47.246.43.224
68fc1725db8de38df4737fa796b86c9fd449b47a41d82804439b6b1fb52ecdae
877052e8ae35fb57f5254761f9c26a62ccb672b3390eb96117c5ff54851ca643