urlscan.io logo urlscan.io
SecurityTrails logo

ftp.wellingtonfire.com Open in urlscan Pro
45.192.109.24  Public Scan

Go To Rescan Add Verdict Report
URL: http://ftp.wellingtonfire.com/
Submission: On April 02 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 45.192.109.24, located in Hong Kong and belongs to DXTL-HK DXTL Tseung Kwan O Service, HK. The main domain is ftp.wellingtonfire.com.
This is the only time ftp.wellingtonfire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 45.192.109.24 134548 (DXTL-HK D...)
6 103.235.46.191 55967 (BAIDU Bei...)
3 38.162.85.60 8796 (FD-298-8796)
11 3
Apex Domain
Subdomains		 Transfer
6 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8013
35 KB
3 bandaoty1.cn
bandaoty1.cn
69 KB
2 wellingtonfire.com
ftp.wellingtonfire.com
2 KB
11 3
Domain Requested by
6 hm.baidu.com ftp.wellingtonfire.com
bandaoty1.cn
3 bandaoty1.cn ftp.wellingtonfire.com
bandaoty1.cn
2 ftp.wellingtonfire.com ftp.wellingtonfire.com
11 3

This site contains no links.

Subject Issuer Validity Valid
baidu.com
GlobalSign RSA OV SSL CA 2018		 2022-07-05 -
2023-08-06		 a year crt.sh
bandaoty1.cn
R3		 2023-03-24 -
2023-06-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://ftp.wellingtonfire.com/
Frame ID: B6F23339BD13806F50FA1C6C7D5F6C9B
Requests: 6 HTTP requests in this frame

Frame: https://bandaoty1.cn/
Frame ID: AB3013870D3324CEB8501228DC632E58
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

半岛体育-官网

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Page Statistics

11
Requests

82 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

106 kB
Transfer

161 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ftp.wellingtonfire.com/ 		942 B
667 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ftp.wellingtonfire.com/
Protocol
HTTP/1.1
Server
45.192.109.24 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
c4ad3dcf0d7674764ac87c2d7c9cb89de32ea85cc1f7fd8e592dbbac212dafb8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 02 Apr 2023 17:36:01 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
index.js
ftp.wellingtonfire.com/js/ 		1 KB
878 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ftp.wellingtonfire.com/js/index.js?t=0.42932418979777087
Requested by
Host: ftp.wellingtonfire.com
URL: http://ftp.wellingtonfire.com/
Protocol
HTTP/1.1
Server
45.192.109.24 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
6f3621fa8ce2de58956c0e9b4a5f97b952960c75b010af4dba10d5bd2b204ff8

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ftp.wellingtonfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 17:36:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Mar 2023 06:31:37 GMT
Server
nginx
ETag
W/"641d43c9-498"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Mon, 03 Apr 2023 05:36:01 GMT
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?f1eb209810051b428f55c53033e04f3d
Requested by
Host: ftp.wellingtonfire.com
URL: http://ftp.wellingtonfire.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
c356585c693e43f95b948e62e9ffbf6a7493201880d7385699be086413479d65
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ftp.wellingtonfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 17:36:03 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
0a843b797e63340781695fe3a3ee09d9
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11256
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?6f5dcfa91a116856dfaf00601a947dd2
Requested by
Host: ftp.wellingtonfire.com
URL: http://ftp.wellingtonfire.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
ab191143d2ac8d66d644cc9bdc51e1bccedd80d2ebba2369d2f5e23445545866
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ftp.wellingtonfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 17:36:03 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
ba8dd97bd5d8986d7e9a1dab9d86fbad
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11259
/
bandaoty1.cn/ Frame AB30 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bandaoty1.cn/
Requested by
Host: ftp.wellingtonfire.com
URL: http://ftp.wellingtonfire.com/js/index.js?t=0.42932418979777087
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.162.85.60 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash
9dd7ab8631f6f8eb2ed6b399a0ffab7e0bfb513c48812237524de27fce85f871
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ftp.wellingtonfire.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 02 Apr 2023 17:36:03 GMT
etag
W/"64197bdf-d24"
last-modified
Tue, 21 Mar 2023 09:41:51 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1375582051&si=f1eb209810051b428f55c53033e04f3d&v=1.3.0&lv=1&sn=8494&r=0&ww=1600&u=http%3A%2F%2Fftp.wellingtonfire.com%2F&tt=%E5%8D%8A%E5%B2%9B%E4%BD%93%E8%82%B2-%E5%AE%98%E7%BD%91
Requested by
Host: ftp.wellingtonfire.com
URL: http://ftp.wellingtonfire.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ftp.wellingtonfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 17:36:03 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1079337999&si=6f5dcfa91a116856dfaf00601a947dd2&v=1.3.0&lv=1&sn=8494&r=0&ww=1600&u=http%3A%2F%2Fftp.wellingtonfire.com%2F&tt=%E5%8D%8A%E5%B2%9B%E4%BD%93%E8%82%B2-%E5%AE%98%E7%BD%91
Requested by
Host: ftp.wellingtonfire.com
URL: http://ftp.wellingtonfire.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ftp.wellingtonfire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 17:36:03 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.js
hm.baidu.com/ Frame AB30 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?5d4f12456fb299ec4136afc1f49b5cc4
Requested by
Host: bandaoty1.cn
URL: https://bandaoty1.cn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
3d3fa5786bedf4b9d41ac222fdff96b35f17783bc6632105bdc81880d62747e7
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bandaoty1.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 02 Apr 2023 17:36:04 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
c3d86be600931ae55f0088adfc6dc5f6
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11257
body.js
bandaoty1.cn/static/js/ Frame AB30 		1 KB
774 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bandaoty1.cn/static/js/body.js?t=0.46253377809114626
Requested by
Host: bandaoty1.cn
URL: https://bandaoty1.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.162.85.60 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash
57ef07db565bbaece4c01d4363f1898a8395cc4d1484c1e45907be91099039a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bandaoty1.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 17:36:04 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 29 Mar 2023 03:52:19 GMT
server
nginx
etag
W/"6423b5f3-4af"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 03 Apr 2023 05:36:04 GMT
oqru31rfxq9.jpg
bandaoty1.cn/static/images/ Frame AB30 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bandaoty1.cn/static/images/oqru31rfxq9.jpg
Requested by
Host: bandaoty1.cn
URL: https://bandaoty1.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.162.85.60 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash
0989180b9f8a28894c823166ef8b9280993f2f4786c8c314a36ae3c1526901d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bandaoty1.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 17:36:04 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 10 Mar 2023 13:28:36 GMT
server
nginx
etag
"640b3084-10bb2"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
68530
expires
Tue, 02 May 2023 17:36:04 GMT
hm.gif
hm.baidu.com/ Frame AB30 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=351825437&si=5d4f12456fb299ec4136afc1f49b5cc4&su=http%3A%2F%2Fftp.wellingtonfire.com%2F&v=1.3.0&lv=1&sn=8495&r=0&ww=1600&u=https%3A%2F%2Fbandaoty1.cn%2F&tt=404%20Not%20Found
Requested by
Host: bandaoty1.cn
URL: https://bandaoty1.cn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bandaoty1.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Apr 2023 17:36:04 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _hmt boolean| _bdhm_loaded_f1eb209810051b428f55c53033e04f3d object| mini_tangram_log_66pqea boolean| _bdhm_loaded_6f5dcfa91a116856dfaf00601a947dd2 object| mini_tangram_log_acxxpi

5 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 0CD0A91C285D2244
.ftp.wellingtonfire.com/ Name: Hm_lvt_f1eb209810051b428f55c53033e04f3d
Value: 1680456964
.ftp.wellingtonfire.com/ Name: Hm_lpvt_f1eb209810051b428f55c53033e04f3d
Value: 1680456964
.ftp.wellingtonfire.com/ Name: Hm_lvt_6f5dcfa91a116856dfaf00601a947dd2
Value: 1680456964
.ftp.wellingtonfire.com/ Name: Hm_lpvt_6f5dcfa91a116856dfaf00601a947dd2
Value: 1680456964