urlscan.io logo urlscan.io
SecurityTrails logo

app-fifa.com Open in urlscan Pro
156.234.20.59  Public Scan

Go To Rescan Add Verdict Report
URL: http://app-fifa.com/
Submission: On October 01 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 156.234.20.59, located in Central, Hong Kong and belongs to SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone, HK. The main domain is app-fifa.com.
This is the only time app-fifa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 156.234.20.59 136800 (SUNHK-DAT...)
2 103.235.46.191 55967 (BAIDU Bei...)
2 220.185.164.250 136190 (CHINATELE...)
12 3
Apex Domain
Subdomains		 Transfer
8 app-fifa.com
app-fifa.com
130 KB
2 cnzz.com
s22.cnzz.com — Cisco Umbrella Rank: 168533
s13.cnzz.com — Cisco Umbrella Rank: 166704
1 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8735
12 KB
12 3
Domain Requested by
8 app-fifa.com app-fifa.com
2 hm.baidu.com app-fifa.com
1 s13.cnzz.com app-fifa.com
1 s22.cnzz.com app-fifa.com
12 4

This site contains links to these domains. Also see Links.

Domain
tb1558.com
Subject Issuer Validity Valid
baidu.com
GlobalSign RSA OV SSL CA 2018		 2022-07-05 -
2023-08-06		 a year crt.sh

This page contains 1 frames:

Primary Page: http://app-fifa.com/
Frame ID: 35317EA158719BC22051AD2612B7DD17
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FIFA官网_FIFA登录_FIFA手机端app

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • //[^./]+\.cnzz\.com/(?:z_stat.php|core)\?
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

17 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

143 kB
Transfer

166 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app-fifa.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://app-fifa.com/
Protocol
HTTP/1.1
Server
156.234.20.59 Central, Hong Kong, ASN136800 (SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone, HK),
Reverse DNS
Software
nginx /
Resource Hash
647c63efa88e4744f9582a881f722217b2fb2fe015d500cdfee5f2811239c80c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 01 Oct 2022 10:56:59 GMT
ETag
W/"63353539-f69"
Last-Modified
Thu, 29 Sep 2022 06:03:37 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
comn.css
app-fifa.com/static/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://app-fifa.com/static/css/comn.css
Requested by
Host: app-fifa.com
URL: http://app-fifa.com/
Protocol
HTTP/1.1
Server
156.234.20.59 Central, Hong Kong, ASN136800 (SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone, HK),
Reverse DNS
Software
nginx /
Resource Hash
2863822678fec1cc5f4398b9ff21f40d84bd16fa6a0c31115ea433d7a1c3cdd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://app-fifa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 10:56:59 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Wed, 03 Aug 2022 04:39:02 GMT
Server
nginx
ETag
W/"62e9fbe6-1937"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 01 Oct 2022 22:56:59 GMT
jquery-1.10.2.min.js
app-fifa.com/static/js/ 		260 B
619 B 		Script
General
Check archive.org
Download Go to
Full URL
http://app-fifa.com/static/js/jquery-1.10.2.min.js
Requested by
Host: app-fifa.com
URL: http://app-fifa.com/
Protocol
HTTP/1.1
Server
156.234.20.59 Central, Hong Kong, ASN136800 (SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone, HK),
Reverse DNS
Software
nginx /
Resource Hash
addf18339204843f8e2c653863a6dac491bc18f13fe5f29acbb4499033e2e71b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://app-fifa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 10:56:59 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 04 Aug 2022 07:23:22 GMT
Server
nginx
ETag
"62eb73ea-104"
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
260
Expires
Sat, 01 Oct 2022 22:56:59 GMT
home.css
app-fifa.com/static/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://app-fifa.com/static/css/home.css
Requested by
Host: app-fifa.com
URL: http://app-fifa.com/
Protocol
HTTP/1.1
Server
156.234.20.59 Central, Hong Kong, ASN136800 (SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone, HK),
Reverse DNS
Software
nginx /
Resource Hash
46bd3f82901a7bfdd6de551dfe7a45dfcb4ce54af0fb66229b7f205660b8a1ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://app-fifa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 10:57:00 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Wed, 03 Aug 2022 04:39:02 GMT
Server
nginx
ETag
W/"62e9fbe6-f47"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 01 Oct 2022 22:57:00 GMT
sport_logo.jpg
app-fifa.com/static/picture/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://app-fifa.com/static/picture/sport_logo.jpg
Requested by
Host: app-fifa.com
URL: http://app-fifa.com/
Protocol
HTTP/1.1
Server
156.234.20.59 Central, Hong Kong, ASN136800 (SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone, HK),
Reverse DNS
Software
nginx /
Resource Hash
1edbd84fc44a2ce4f4d4eb4c2971d0a3c056542bad65ce17ec8f4989deddc422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://app-fifa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 10:57:00 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 03 Aug 2022 04:39:02 GMT
Server
nginx
ETag
"62e9fbe6-180c"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6156
Expires
Mon, 31 Oct 2022 10:57:00 GMT
1469114331_classify_img.png
app-fifa.com/static/picture/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://app-fifa.com/static/picture/1469114331_classify_img.png
Requested by
Host: app-fifa.com
URL: http://app-fifa.com/
Protocol
HTTP/1.1
Server
156.234.20.59 Central, Hong Kong, ASN136800 (SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone, HK),
Reverse DNS
Software
nginx /
Resource Hash
a3c3140135cddc2716e353ba683174742ff28230d98b74f62050b1aa3886d7b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://app-fifa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 10:57:00 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 03 Aug 2022 04:39:02 GMT
Server
nginx
ETag
"62e9fbe6-173f6"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95222
Expires
Mon, 31 Oct 2022 10:57:00 GMT
sport_bj.jpg
app-fifa.com/static/picture/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://app-fifa.com/static/picture/sport_bj.jpg
Requested by
Host: app-fifa.com
URL: http://app-fifa.com/
Protocol
HTTP/1.1
Server
156.234.20.59 Central, Hong Kong, ASN136800 (SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone, HK),
Reverse DNS
Software
nginx /
Resource Hash
2d876cae4187ff3c03dac264dbc4dfe0e0810498df8f6611e72021f95ddb3763
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://app-fifa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 10:57:00 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 03 Aug 2022 04:39:02 GMT
Server
nginx
ETag
"62e9fbe6-520f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21007
Expires
Mon, 31 Oct 2022 10:57:00 GMT
hm.js
hm.baidu.com/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?aeb7a80c13964eebb6093c1ae6539e98
Requested by
Host: app-fifa.com
URL: http://app-fifa.com/static/js/jquery-1.10.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
571263fe5e7b2633d04aab2188b66d17c9732f088f56afff2dc26e37d44dc2a4
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://app-fifa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 10:57:00 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
9c154363b37f5a25d0451b584ba4e5cb
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11339
h5-but.png
app-fifa.com/static/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://app-fifa.com/static/images/h5-but.png
Requested by
Host: app-fifa.com
URL: http://app-fifa.com/
Protocol
HTTP/1.1
Server
156.234.20.59 Central, Hong Kong, ASN136800 (SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone, HK),
Reverse DNS
Software
nginx /
Resource Hash
71b8bcfd79a1c10c85958e0634ed3c80b3d0e9af058d17f952c7bfd0b63a65d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://app-fifa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Sat, 01 Oct 2022 10:57:00 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 03 Aug 2022 04:39:02 GMT
Server
nginx
ETag
"62e9fbe6-8a0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2208
Expires
Mon, 31 Oct 2022 10:57:00 GMT
z_stat.php
s22.cnzz.com/ 		0
673 B 		Script
General
Check archive.org
Download Go to
Full URL
http://s22.cnzz.com/z_stat.php?id=1274792645&show=pic1
Requested by
Host: app-fifa.com
URL: http://app-fifa.com/
Protocol
HTTP/1.1
Server
220.185.164.250 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://app-fifa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 01 Oct 2022 10:56:17 GMT
Content-Encoding
gzip
Via
cache5.l2cn1807[70,70,200-0,M], cache2.l2cn1807[72,0], cache16.cn4100[0,0,200-0,H], cache12.cn4100[2,0]
Age
42
X-Swift-CacheTime
3600
X-Powered-By
PHP/5.5.25
X-Cache
HIT TCP_MEM_HIT dirn:6:305599529
Connection
keep-alive
X-Swift-SaveTime
Sat, 01 Oct 2022 10:56:18 GMT
Content-Length
20
Last-Modified
Sat, 01 Oct 2022 10:56:17 GMT
Server
Tengine
Vary
Accept-Encoding
Ali-Swift-Global-Savetime
1664621778
Content-Type
application/javascript
Cache-Control
max-age=1800,s-maxage=3600
Timing-Allow-Origin
*
EagleId
dcb9a4a016646218208071837e
z_stat.php
s13.cnzz.com/ 		0
675 B 		Script
General
Check archive.org
Download Go to
Full URL
http://s13.cnzz.com/z_stat.php?id=1264505693&show=pic1
Requested by
Host: app-fifa.com
URL: http://app-fifa.com/
Protocol
HTTP/1.1
Server
220.185.164.250 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://app-fifa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 01 Oct 2022 10:56:22 GMT
Content-Encoding
gzip
Via
cache46.l2cn1807[61,61,200-0,M], cache21.l2cn1807[62,0], cache20.cn4100[0,0,200-0,H], cache10.cn4100[3,0]
Age
39
X-Swift-CacheTime
3600
X-Powered-By
PHP/5.5.25
X-Cache
HIT TCP_MEM_HIT dirn:0:153151513
Connection
keep-alive
X-Swift-SaveTime
Sat, 01 Oct 2022 10:56:22 GMT
Content-Length
20
Last-Modified
Sat, 01 Oct 2022 10:56:22 GMT
Server
Tengine
Vary
Accept-Encoding
Ali-Swift-Global-Savetime
1664621782
Content-Type
application/javascript
Cache-Control
max-age=1800,s-maxage=3600
Timing-Allow-Origin
*
EagleId
dcb9a49e16646218214745919e
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=872753159&si=aeb7a80c13964eebb6093c1ae6539e98&v=1.2.97&lv=1&sn=32822&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fapp-fifa.com%2F&tt=FIFA%E5%AE%98%E7%BD%91_FIFA%E7%99%BB%E5%BD%95_FIFA%E6%89%8B%E6%9C%BA%E7%AB%AFapp
Requested by
Host: app-fifa.com
URL: http://app-fifa.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://app-fifa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Oct 2022 10:57:01 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| _hmt string| cnzz_protocol boolean| _bdhm_loaded_aeb7a80c13964eebb6093c1ae6539e98 object| mini_tangram_log_z13nm

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: B289DD2CABACAA33
.app-fifa.com/ Name: Hm_lvt_aeb7a80c13964eebb6093c1ae6539e98
Value: 1664621822
.app-fifa.com/ Name: Hm_lpvt_aeb7a80c13964eebb6093c1ae6539e98
Value: 1664621822

4 Console Messages

Source Level URL
Text
javascript warning URL: http://app-fifa.com/(Line 49)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://s22.cnzz.com/z_stat.php?id=1274792645&show=pic1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://app-fifa.com/(Line 49)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://s22.cnzz.com/z_stat.php?id=1274792645&show=pic1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://app-fifa.com/(Line 51)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://s13.cnzz.com/z_stat.php?id=1264505693&show=pic1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://app-fifa.com/(Line 51)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://s13.cnzz.com/z_stat.php?id=1264505693&show=pic1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000