urlscan.io logo urlscan.io
SecurityTrails logo

www.watertownautoct.com Open in urlscan Pro
156.245.78.169  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.watertownautoct.com/ksap/?iwy=zqvc/mni1vgd00pf3odqflqizrnx9zgspjc9bqkegnxpjmeifrzzpl257y53ahzswr25whgsv74m9gkzfbf4+p...
Submission: On February 22 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 10 HTTP transactions. The main IP is 156.245.78.169, located in Hong Kong, Hong Kong and belongs to MULTA-ASN1, US. The main domain is www.watertownautoct.com.
This is the only time www.watertownautoct.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 156.245.78.169 35916 (MULTA-ASN1)
2 103.235.46.191 55967 (BAIDU Bei...)
1 2 61.111.133.208 4670 (HYUNDAI-K...)
2 103.215.36.141 ()
10 5
Apex Domain
Subdomains		 Transfer
2 muguacdn.com
www.muguacdn.com
34 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 13047
12 KB
1 3601470.xyz
3601470.xyz
1 KB
1 0158214.cc
sg.0158214.cc
133 B
1 watertownautoct.com
www.watertownautoct.com
1 KB
10 5
Domain Requested by
2 www.muguacdn.com 3601470.xyz
2 hm.baidu.com www.watertownautoct.com
1 3601470.xyz www.watertownautoct.com
1 sg.0158214.cc 1 redirects
1 www.watertownautoct.com
10 5

This site contains no links.

Subject Issuer Validity Valid
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
polo58.cc
R3		 2024-02-20 -
2024-05-20		 3 months crt.sh
muguacdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-21 -
2024-06-20		 a year crt.sh

This page contains 2 frames:

Primary Page: http://www.watertownautoct.com/ksap/?iwy=zqvc/mni1vgd00pf3odqflqizrnx9zgspjc9bqkegnxpjmeifrzzpl257y53ahzswr25whgsv74m9gkzfbf4+pjqkp+3f5tk/an173gcb8biatzfympfcqu=&jn=-bhlgk8baj4wvnbc
Frame ID: B7FC159C24ADC75EA6FFA65ED6445440
Requests: 3 HTTP requests in this frame

Frame: https://3601470.xyz/my/445.html?channelCode=SEO2-sogo
Frame ID: 9685ABE033BF64062D3605102A5E9F08
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

50 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

48 kB
Transfer

119 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://sg.0158214.cc/ HTTP 301
  • https://3601470.xyz/my/445.html?channelCode=SEO2-sogo

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.watertownautoct.com/ksap/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.watertownautoct.com/ksap/?iwy=zqvc/mni1vgd00pf3odqflqizrnx9zgspjc9bqkegnxpjmeifrzzpl257y53ahzswr25whgsv74m9gkzfbf4+pjqkp+3f5tk/an173gcb8biatzfympfcqu=&jn=-bhlgk8baj4wvnbc
Protocol
HTTP/1.1
Server
156.245.78.169 Hong Kong, Hong Kong, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
c559c039bb38340ca776c4da36622cef330893234860ff39ff094eb094f7b2aa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 22 Feb 2024 22:24:34 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?6b0f342becdc1367d11215dc6f1ca5fb
Requested by
Host: www.watertownautoct.com
URL: http://www.watertownautoct.com/ksap/?iwy=zqvc/mni1vgd00pf3odqflqizrnx9zgspjc9bqkegnxpjmeifrzzpl257y53ahzswr25whgsv74m9gkzfbf4+pjqkp+3f5tk/an173gcb8biatzfympfcqu=&jn=-bhlgk8baj4wvnbc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
eff050344267ce67afbd89dc6083559e3df77ad55b8d3cb23f9d1a90aa714963
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.watertownautoct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Date
Thu, 22 Feb 2024 22:24:35 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
373bff5bc01b67327802771b79f83c45
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11258
445.html
3601470.xyz/my/ Frame 9685
Redirect Chain
  • https://sg.0158214.cc/
  • https://3601470.xyz/my/445.html?channelCode=SEO2-sogo
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3601470.xyz/my/445.html?channelCode=SEO2-sogo
Requested by
Host: www.watertownautoct.com
URL: http://www.watertownautoct.com/ksap/?iwy=zqvc/mni1vgd00pf3odqflqizrnx9zgspjc9bqkegnxpjmeifrzzpl257y53ahzswr25whgsv74m9gkzfbf4+pjqkp+3f5tk/an173gcb8biatzfympfcqu=&jn=-bhlgk8baj4wvnbc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
61.111.133.208 , Korea, Republic Of, ASN4670 (HYUNDAI-KR Shinbiro, KR),
Reverse DNS
Software
nginx /
Resource Hash
20f38428b7cae5946c5f3d8b45225e3f4f1cd050d3517b4d6cb002a3bec142a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.watertownautoct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 22 Feb 2024 22:24:37 GMT
etag
W/"65d48ad1-bde"
last-modified
Tue, 20 Feb 2024 11:19:45 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

content-length
162
content-type
text/html
date
Thu, 22 Feb 2024 22:24:35 GMT
location
https://3601470.xyz/my/445.html?channelCode=SEO2-sogo
server
nginx
strict-transport-security
max-age=31536000
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1082924635&si=6b0f342becdc1367d11215dc6f1ca5fb&v=1.3.0&lv=1&sn=12156&r=0&ww=1600&u=http%3A%2F%2Fwww.watertownautoct.com%2Fksap%2F%3Fiwy%3Dzqvc%2Fmni1vgd00pf3odqflqizrnx9zgspjc9bqkegnxpjmeifrzzpl257y53ahzswr25whgsv74m9gkzfbf4%2Bpjqkp%2B3f5tk%2Fan173gcb8biatzfympfcqu%3D%26jn%3D-bhlgk8baj4wvnbc
Requested by
Host: www.watertownautoct.com
URL: http://www.watertownautoct.com/ksap/?iwy=zqvc/mni1vgd00pf3odqflqizrnx9zgspjc9bqkegnxpjmeifrzzpl257y53ahzswr25whgsv74m9gkzfbf4+pjqkp+3f5tk/an173gcb8biatzfympfcqu=&jn=-bhlgk8baj4wvnbc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.watertownautoct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Feb 2024 22:24:36 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
index.css
www.muguacdn.com/P/static/css/ Frame 9685 		2 KB
946 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.muguacdn.com:8888/P/static/css/index.css
Requested by
Host: 3601470.xyz
URL: https://3601470.xyz/my/445.html?channelCode=SEO2-sogo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.215.36.141 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
c8df4f8e5733a14afad0711a563ac7a3669a48e6aae284a56d3167b728746d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3601470.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 22:24:38 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 30 Jan 2024 09:34:56 GMT
server
nginx
etag
W/"65b8c2c0-700"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
jquery-2.2.4.min.js
www.muguacdn.com/P/static/js/ Frame 9685 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.muguacdn.com:8888/P/static/js/jquery-2.2.4.min.js
Requested by
Host: 3601470.xyz
URL: https://3601470.xyz/my/445.html?channelCode=SEO2-sogo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.215.36.141 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://3601470.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 22:24:38 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 30 Jan 2024 09:34:57 GMT
server
nginx
etag
W/"65b8c2c1-14e4a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
appinstall.js
www.muguacdn.com/P/static/js/ Frame 9685 		0
0
8.js
www.muguacdn.com/P/static/picture/ Frame 9685 		0
0
88.js
www.muguacdn.com/P/static/picture/ Frame 9685 		0
0
888.js
www.muguacdn.com/P/static/picture/ Frame 9685 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.muguacdn.com
URL
https://www.muguacdn.com:8888/P/static/js/appinstall.js
Domain
www.muguacdn.com
URL
https://www.muguacdn.com:8888/P/static/picture/8.js
Domain
www.muguacdn.com
URL
https://www.muguacdn.com:8888/P/static/picture/88.js
Domain
www.muguacdn.com
URL
https://www.muguacdn.com:8888/P/static/picture/888.js

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _hmt string| IsYqkUK1 function| setFrame boolean| _bdhm_loaded_6b0f342becdc1367d11215dc6f1ca5fb object| mini_tangram_log_t6hgjj

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 4C4FDC20B67256A8
.www.watertownautoct.com/ Name: Hm_lvt_6b0f342becdc1367d11215dc6f1ca5fb
Value: 1708640676
.www.watertownautoct.com/ Name: Hm_lpvt_6b0f342becdc1367d11215dc6f1ca5fb
Value: 1708640676

2 Console Messages

Source Level URL
Text
other warning URL: http://www.watertownautoct.com/ksap/?iwy=zqvc/mni1vgd00pf3odqflqizrnx9zgspjc9bqkegnxpjmeifrzzpl257y53ahzswr25whgsv74m9gkzfbf4+pjqkp+3f5tk/an173gcb8biatzfympfcqu=&jn=-bhlgk8baj4wvnbc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://www.watertownautoct.com/ksap/?iwy=zqvc/mni1vgd00pf3odqflqizrnx9zgspjc9bqkegnxpjmeifrzzpl257y53ahzswr25whgsv74m9gkzfbf4+pjqkp+3f5tk/an173gcb8biatzfympfcqu=&jn=-bhlgk8baj4wvnbc
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.