urlscan.io logo urlscan.io
SecurityTrails logo

028sbt.com Open in urlscan Pro
38.55.177.21  Public Scan

Go To Rescan Add Verdict Report
URL: http://028sbt.com/gfherrt5.php?046332.html
Submission: On May 18 via api from BY — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 9 HTTP transactions. The main IP is 38.55.177.21, located in Los Angeles, United States and belongs to PEG-SV, US. The main domain is 028sbt.com.
This is the only time 028sbt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 38.55.177.21 54600 (PEG-SV)
3 38.239.53.103 134548 (DXTL-HK D...)
1 38.239.53.124 134548 (DXTL-HK D...)
1 2401:b180:1:6... 37963 (ALIBABA-C...)
9 5
Domain Requested by
3 go.siwjhfgokpp.vip www.028sbt.com
go.siwjhfgokpp.vip
2 028sbt.com go.siwjhfgokpp.vip
1 batit.aliyun.com js.vxfektajm111.com
1 js.vxfektajm111.com www.028sbt.com
1 www.028sbt.com 028sbt.com
9 5

This site contains no links.

Subject Issuer Validity Valid
js.vxfektajm111.com
R3		 2024-04-23 -
2024-07-22		 3 months crt.sh
*.aliyun.com
GlobalSign Organization Validation CA - SHA256 - G3		 2023-12-07 -
2024-12-30		 a year crt.sh

This page contains 2 frames:

Primary Page: http://028sbt.com/gfherrt5.php?046332.html
Frame ID: BAC199B4689E49AFCD3F77DC604DEBC6
Requests: 8 HTTP requests in this frame

Frame: https://batit.aliyun.com/
Frame ID: D4376E869DFBBA231AD21A18670D21B5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

樱桃黄色视频APP_樱桃视频黄色网站_樱桃视频APP污下载_樱桃成人黄色视频APP

Page URL History Show full URLs

  1. http://028sbt.com/gfherrt5.php?046332.html HTTP 307
    https://028sbt.com/gfherrt5.php?046332.html HTTP 307
    http://028sbt.com/gfherrt5.php?046332.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

9
Requests

22 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

31 kB
Transfer

78 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://028sbt.com/gfherrt5.php?046332.html HTTP 307
    https://028sbt.com/gfherrt5.php?046332.html HTTP 307
    http://028sbt.com/gfherrt5.php?046332.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://028sbt.com/favicon.ico HTTP 301
  • http://www.028sbt.com/favicon.ico

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request gfherrt5.php
028sbt.com/
Redirect Chain
  • http://028sbt.com/gfherrt5.php?046332.html
  • https://028sbt.com/gfherrt5.php?046332.html
  • http://028sbt.com/gfherrt5.php?046332.html
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://028sbt.com/gfherrt5.php?046332.html
Protocol
HTTP/1.1
Server
38.55.177.21 Los Angeles, United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
d91087e5bc47348a5c1097654f49e50cbab0171157ef51189f6cae3255e5f465

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 18 May 2024 06:06:35 GMT
Location
http://www.028sbt.com/gfherrt5.php?046332.html
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Location
http://028sbt.com/gfherrt5.php?046332.html
Non-Authoritative-Reason
HttpsUpgrades
cob.js
www.028sbt.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.028sbt.com/cob.js?2024051814
Requested by
Host: 028sbt.com
URL: http://028sbt.com/gfherrt5.php?046332.html
Protocol
HTTP/1.1
Server
38.55.177.21 Los Angeles, United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
72e9d1b9e02037bb773ba05a223758d839f9b37b00b232c912d423342075e06a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://028sbt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Sat, 18 May 2024 06:06:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 May 2024 08:18:55 GMT
Server
nginx
ETag
W/"6645c16f-1366"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 18 May 2024 18:06:36 GMT
matomo.js
go.siwjhfgokpp.vip/matomo/ 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://go.siwjhfgokpp.vip/matomo/matomo.js
Requested by
Host: www.028sbt.com
URL: http://www.028sbt.com/cob.js?2024051814
Protocol
HTTP/1.1
Server
38.239.53.103 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://028sbt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Sat, 18 May 2024 06:06:38 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2024 23:35:49 GMT
Server
nginx
ETag
W/"65ea4f55-1042f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 18 May 2024 18:06:38 GMT
translation.js
js.vxfektajm111.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.vxfektajm111.com/js/translation.js?20244188
Requested by
Host: www.028sbt.com
URL: http://www.028sbt.com/cob.js?2024051814
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.239.53.124 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
b4b20ab65eedd2aab98a3faea073dba9eb7fb9a23ce5b0a802f4777c1e7df5eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
http://028sbt.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 06:06:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 15 May 2024 02:57:50 GMT
server
nginx
etag
W/"664424ae-8c1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 18 May 2024 18:06:37 GMT
/
batit.aliyun.com/ Frame D437 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://batit.aliyun.com/
Requested by
Host: js.vxfektajm111.com
URL: https://js.vxfektajm111.com/js/translation.js?20244188
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2401:b180:1:60::5 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://028sbt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=gbk
date
Sat, 18 May 2024 06:06:39 GMT
eagleeye-traceid
0b16392117160123994738439e19ef
server
Tengine
strict-transport-security
max-age=0
timing-allow-origin
*
vary
Accept-Encoding
gfherrt5.php
028sbt.com/ 		4 KB
2 KB 		Ping
General
Check archive.org
Download Go to
Full URL
http://028sbt.com/gfherrt5.php?action_name=%E6%A8%B1%E6%A1%83%E9%BB%84%E8%89%B2%E8%A7%86%E9%A2%91APP_%E6%A8%B1%E6%A1%83%E8%A7%86%E9%A2%91%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99_%E6%A8%B1%E6%A1%83%E8%A7%86%E9%A2%91APP%E6%B1%A1%E4%B8%8B%E8%BD%BD_%E6%A8%B1%E6%A1%83%E6%88%90%E4%BA%BA%E9%BB%84%E8%89%B2%E8%A7%86%E9%A2%91APP&idsite=&rec=1&r=538202&h=8&m=6&s=38&url=http%3A%2F%2F028sbt.com%2Fgfherrt5.php%3F046332.html&_id=0147ec57c9319358&_idn=1&send_image=0&_refts=0&pv_id=D2SOhf&pf_net=0&pf_srv=159&pf_tfr=1&pf_dm1=2127&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: go.siwjhfgokpp.vip
URL: http://go.siwjhfgokpp.vip/matomo/matomo.js
Protocol
HTTP/1.1
Server
38.55.177.21 Los Angeles, United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
0cd5037c6ae29a54ef2d9591b70de689172c1dc4ea3b9f5357675c3b7e2377b2

Request headers

Referer
http://028sbt.com/gfherrt5.php?046332.html
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Date
Sat, 18 May 2024 06:06:38 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Location
http://www.028sbt.com/gfherrt5.php?action_name=%E6%A8%B1%E6%A1%83%E9%BB%84%E8%89%B2%E8%A7%86%E9%A2%91APP_%E6%A8%B1%E6%A1%83%E8%A7%86%E9%A2%91%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99_%E6%A8%B1%E6%A1%83%E8%A7%86%E9%A2%91APP%E6%B1%A1%E4%B8%8B%E8%BD%BD_%E6%A8%B1%E6%A1%83%E6%88%90%E4%BA%BA%E9%BB%84%E8%89%B2%E8%A7%86%E9%A2%91APP&idsite=&rec=1&r=538202&h=8&m=6&s=38&url=http%3A%2F%2F028sbt.com%2Fgfherrt5.php%3F046332.html&_id=0147ec57c9319358&_idn=1&send_image=0&_refts=0&pv_id=D2SOhf&pf_net=0&pf_srv=159&pf_tfr=1&pf_dm1=2127&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Connection
keep-alive
matomo.php
go.siwjhfgokpp.vip/matomo/ 		0
277 B 		Ping
General
Check archive.org
Download Go to
Full URL
http://go.siwjhfgokpp.vip/matomo/matomo.php?action_name=%E6%A8%B1%E6%A1%83%E9%BB%84%E8%89%B2%E8%A7%86%E9%A2%91APP_%E6%A8%B1%E6%A1%83%E8%A7%86%E9%A2%91%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99_%E6%A8%B1%E6%A1%83%E8%A7%86%E9%A2%91APP%E6%B1%A1%E4%B8%8B%E8%BD%BD_%E6%A8%B1%E6%A1%83%E6%88%90%E4%BA%BA%E9%BB%84%E8%89%B2%E8%A7%86%E9%A2%91APP&idsite=1&rec=1&r=492683&h=8&m=6&s=38&url=http%3A%2F%2F028sbt.com%2Fgfherrt5.php%3F046332.html&_id=fe2d9417c1b848a5&_idn=1&send_image=0&_refts=0&pv_id=Rjgry0&pf_net=0&pf_srv=159&pf_tfr=1&pf_dm1=2127&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: go.siwjhfgokpp.vip
URL: http://go.siwjhfgokpp.vip/matomo/matomo.js
Protocol
HTTP/1.1
Server
38.239.53.103 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://028sbt.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Access-Control-Allow-Origin
http://028sbt.com
Date
Sat, 18 May 2024 06:06:39 GMT
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
matomo.php
go.siwjhfgokpp.vip/matomo/ 		0
277 B 		Ping
General
Check archive.org
Download Go to
Full URL
http://go.siwjhfgokpp.vip/matomo/matomo.php?action_name=%E6%A8%B1%E6%A1%83%E9%BB%84%E8%89%B2%E8%A7%86%E9%A2%91APP_%E6%A8%B1%E6%A1%83%E8%A7%86%E9%A2%91%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99_%E6%A8%B1%E6%A1%83%E8%A7%86%E9%A2%91APP%E6%B1%A1%E4%B8%8B%E8%BD%BD_%E6%A8%B1%E6%A1%83%E6%88%90%E4%BA%BA%E9%BB%84%E8%89%B2%E8%A7%86%E9%A2%91APP&idsite=15&rec=1&r=295495&h=8&m=6&s=38&url=http%3A%2F%2F028sbt.com%2Fgfherrt5.php%3F046332.html&_id=35e3c1b3ea6c13a6&_idn=1&send_image=0&_refts=0&pv_id=UGHdlR&pf_net=0&pf_srv=159&pf_tfr=1&pf_dm1=2127&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: go.siwjhfgokpp.vip
URL: http://go.siwjhfgokpp.vip/matomo/matomo.js
Protocol
HTTP/1.1
Server
38.239.53.103 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://028sbt.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Access-Control-Allow-Origin
http://028sbt.com
Date
Sat, 18 May 2024 06:06:39 GMT
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
favicon.ico
www.028sbt.com/
Redirect Chain
  • http://028sbt.com/favicon.ico
  • http://www.028sbt.com/favicon.ico
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.028sbt.com
URL
http://www.028sbt.com/favicon.ico

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| _0x9e15 number| _0xf object| _paq function| _0x16b89d function| _0x16a51c function| _0x4130 object| myDate string| time function| checkMobile object| str string| url2 object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

5 Cookies

Domain/Path Name / Value
028sbt.com/ Name: _pk_ses..8b51
Value: 1
028sbt.com/ Name: _pk_id.1.8b51
Value: fe2d9417c1b848a5.1716012399.
028sbt.com/ Name: _pk_ses.1.8b51
Value: 1
028sbt.com/ Name: _pk_id.15.8b51
Value: 35e3c1b3ea6c13a6.1716012399.
028sbt.com/ Name: _pk_ses.15.8b51
Value: 1

2 Console Messages

Source Level URL
Text
javascript warning URL: http://www.028sbt.com/cob.js?2024051814(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.vxfektajm111.com/js/translation.js?20244188, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://www.028sbt.com/cob.js?2024051814(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.vxfektajm111.com/js/translation.js?20244188, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.