urlscan.io logo urlscan.io
SecurityTrails logo

rm.aicai.com Open in urlscan Pro
116.162.88.71  Public Scan

Go To Rescan Add Verdict Report
URL: https://rm.aicai.com/
Submission: On February 09 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 116.162.88.71, located in Changsha, China and belongs to CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN. The main domain is rm.aicai.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on November 23rd 2021. Valid for: a year.
This is the only time rm.aicai.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 116.162.88.71 4837 (CHINA169-...)
5 2
Apex Domain
Subdomains		 Transfer
1 aicai.com
rm.aicai.com
r.aicai.com Failed
rg.aicai.com Failed
11 KB
5 1
Domain Requested by
1 rm.aicai.com
0 rg.aicai.com Failed rm.aicai.com
0 r.aicai.com Failed rm.aicai.com
5 3

This site contains links to these domains. Also see Links.

Domain
r.aicai.com
www.beian.miit.gov.cn
beian.miit.gov.cn
Subject Issuer Validity Valid
*.aicai.com
GeoTrust RSA CA 2018		 2021-11-23 -
2022-11-23		 a year crt.sh

This page contains 1 frames:

Primary Page: https://rm.aicai.com/
Frame ID: 17F2F5F74FE6BF3E4077ECB2C1E31AFB
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

5
Requests

20 %
HTTPS

0 %
IPv6

1
Domains

3
Subdomains

2
IPs

1
Countries

11 kB
Transfer

10 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rm.aicai.com/ 		10 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rm.aicai.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.162.88.71 Changsha, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWS_TCloud_static_msoc2 /
Resource Hash
3f1fbd4ad4b0ebbb38e545e66c542059dffb53700db22ccbf64c5c2222d87d46

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9

Response headers

Server
NWS_TCloud_static_msoc2
Date
Wed, 09 Feb 2022 00:52:55 GMT
Expires
Wed, 09 Feb 2022 01:02:55 GMT
Content-Type
text/html;charset=utf-8
X-NWS-UUID-VERIFY
da627166c1589eaa8e4e155afbc08896
X-Cache-Lookup
Hit From Disktank3 Hit From Inner Cluster Cache Miss Hit From Inner Cluster
Vary
Accept-Encoding
X-Daa-Tunnel
hop_count=1
Accept-Ranges
bytes
Last-Modified
Wed, 09 Feb 2022 00:40:00 GMT
Cache-Control
max-age=600
Content-Length
10204
X-NWS-LOG-UUID
1218806302023670267
Connection
keep-alive
/
r.aicai.com/v2/styles/ 		0
0
/
rg.aicai.com/g/common/ 		0
0
/
r.aicai.com/v2/js/member/passport/login/ 		0
0
seaBase.js
r.aicai.com/v2/js/common/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
r.aicai.com
URL
http://r.aicai.com/v2/styles/??common/global-2014.css,common/common.css,member/passport/login/loginReg2.css?v=20160114004
Domain
rg.aicai.com
URL
http://rg.aicai.com/g/common/??widget/jquery/1.7/jquery.min.js,skyjs/passport/jsencrypt-rsa.js
Domain
r.aicai.com
URL
http://r.aicai.com/v2/js/member/passport/login/??member_login_page2015.js,member_validate_frame.js,alipay_weibo_login.js?v=20160114004
Domain
r.aicai.com
URL
http://r.aicai.com/v2/js/common/seaBase.js?v=20160114004

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $CONFIG string| currentDomain string| subsystem_webclient string| subsystem_passport string| subsystem_cashier string| subsystem_member string| subsystem_uc string| subsystem_payment string| subsystem_ggtj string| subsystem_kjgg string| subsystem_cmsclient string| subsystem_zst string| subsystem_hd string| currentDomainPartner string| replace_css_2caipiao string| replace_g_aicai string| replace_res_aicai object| errFldMsg function| login_register string| r function| chgCodeImgsrc undefined| _hostname

0 Cookies

4 Console Messages

Source Level URL
Text
security error URL: https://rm.aicai.com/(Line 11)
Message:
Mixed Content: The page at 'https://rm.aicai.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://r.aicai.com/v2/styles/??common/global-2014.css,common/common.css,member/passport/login/loginReg2.css?v=20160114004'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://rm.aicai.com/
Message:
Mixed Content: The page at 'https://rm.aicai.com/' was loaded over HTTPS, but requested an insecure script 'http://rg.aicai.com/g/common/??widget/jquery/1.7/jquery.min.js,skyjs/passport/jsencrypt-rsa.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://rm.aicai.com/
Message:
Mixed Content: The page at 'https://rm.aicai.com/' was loaded over HTTPS, but requested an insecure script 'http://r.aicai.com/v2/js/member/passport/login/??member_login_page2015.js,member_validate_frame.js,alipay_weibo_login.js?v=20160114004'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://rm.aicai.com/
Message:
Mixed Content: The page at 'https://rm.aicai.com/' was loaded over HTTPS, but requested an insecure script 'http://r.aicai.com/v2/js/common/seaBase.js?v=20160114004'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

r.aicai.com
rg.aicai.com
rm.aicai.com
r.aicai.com
rg.aicai.com
116.162.88.71
3f1fbd4ad4b0ebbb38e545e66c542059dffb53700db22ccbf64c5c2222d87d46