urlscan.io logo urlscan.io
SecurityTrails logo

security.new-rand.cn Open in urlscan Pro
106.3.142.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pay.new-rand.cn/
Effective URL: https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
Submission: On January 22 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 2 domains to perform 23 HTTP transactions. The main IP is 106.3.142.168, located in China and belongs to CHINA169-BJ China Unicom Beijing Province Network, CN. The main domain is security.new-rand.cn.
TLS certificate: Issued by TrustAsia TLS RSA CA on January 30th 2020. Valid for: a year.
This is the only time security.new-rand.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 106.3.142.168 4808 (CHINA169-...)
16 123.157.77.230 4837 (CHINA169-...)
2 103.235.46.191 55967 (BAIDU Bei...)
2 106.3.142.174 4808 (CHINA169-...)
23 5
4    106.3.142.168 (China)

ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)
pay.new-rand.cn
security.new-rand.cn
16    123.157.77.230 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
css.new-rand.cn
js.new-rand.cn
img.new-rand.cn
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
2    106.3.142.174 (China)

ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)
act.new-rand.cn
Domain Requested by
8 js.new-rand.cn security.new-rand.cn
js.new-rand.cn
7 css.new-rand.cn security.new-rand.cn
css.new-rand.cn
2 act.new-rand.cn security.new-rand.cn
2 hm.baidu.com js.new-rand.cn
security.new-rand.cn
2 security.new-rand.cn security.new-rand.cn
2 pay.new-rand.cn 2 redirects
1 img.new-rand.cn security.new-rand.cn
23 7
Subject Issuer Validity Valid
security.new-rand.cn
TrustAsia TLS RSA CA		 2020-01-30 -
2021-01-29		 a year crt.sh
css.new-rand.cn
TrustAsia TLS RSA CA		 2020-01-30 -
2021-01-29		 a year crt.sh
js.new-rand.cn
TrustAsia TLS RSA CA		 2020-01-30 -
2021-01-29		 a year crt.sh
img.new-rand.cn
TrustAsia TLS RSA CA		 2020-01-30 -
2021-01-29		 a year crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-10-20 -
2021-07-26		 9 months crt.sh
act.new-rand.cn
Encryption Everywhere DV TLS CA - G1		 2020-03-17 -
2021-03-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
Frame ID: 6A825049C2038DC8F4B8CC70E14F2EEC
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://pay.new-rand.cn/ HTTP 302
    http://pay.new-rand.cn/bank/tobankHall.action?role=1 HTTP 302
    https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

23
Requests

96 %
HTTPS

0 %
IPv6

2
Domains

7
Subdomains

5
IPs

2
Countries

512 kB
Transfer

535 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pay.new-rand.cn/ HTTP 302
    http://pay.new-rand.cn/bank/tobankHall.action?role=1 HTTP 302
    https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request quickLogin.action
security.new-rand.cn/
Redirect Chain
  • https://pay.new-rand.cn/
  • http://pay.new-rand.cn/bank/tobankHall.action?role=1
  • https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
106.3.142.168 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
nginx /
Resource Hash
dc373fcd878f1c72b929a97e936140bd0b181cd6f0fcd629e8a93cbfce5495df

Request headers

:method
GET
:authority
security.new-rand.cn
:scheme
https
:path
/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Fri, 22 Jan 2021 05:50:32 GMT
content-type
text/html;charset=UTF-8
set-cookie
cowboy_website=ba6b447b-de7f-428e-88df-4421707a27c8; Max-Age=31536000; Expires=Sat, 22-Jan-2022 05:50:32 GMT; Domain=new-rand.cn; Path=/ cowboy_visit_time=1611294632613; Max-Age=31536000; Expires=Sat, 22-Jan-2022 05:50:32 GMT; Domain=new-rand.cn; Path=/ JSESSIONID=4E4D32B74D380BEF21CB2829AE3A06FE; Path=/; HttpOnly
content-language
en-US
content-encoding
gzip
vary
Accept-Encoding
cache-control
no-store private

Redirect headers

Server
nn
Date
Fri, 22 Jan 2021 05:50:30 GMT
Content-Length
0
Connection
close
Location
https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
Cache-Control
no-store private
reset2015.css
css.new-rand.cn/sr/css/common/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css.new-rand.cn/sr/css/common/reset2015.css?ver=1610442339385
Requested by
Host: security.new-rand.cn
URL: https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.157.77.230 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
5f59321450e5438dc73fc3cf85fcfb7d8a77cd6b12af0594ba1e5b16fb7c83bf

Request headers

Referer
https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:50:34 GMT
last-modified
Wed, 12 Feb 2020 01:44:49 GMT
server
openresty
etag
"5e435891-ce2"
x-cache
HIT from sal-tln-sdjn-p1-52-148, HIT from sal-cnc-zjzs-n-77-231
content-type
text/css
accept-ranges
bytes
content-length
3298
common.css
css.new-rand.cn/sr/css/common/2015/ 		14 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css.new-rand.cn/sr/css/common/2015/common.css?ver=1610442339385
Requested by
Host: security.new-rand.cn
URL: https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.157.77.230 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
25d443318fdccd8230ae0fb775bd418e9966c2da94b6118af2bd3b2e3729e5a5

Request headers

Referer
https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:50:34 GMT
last-modified
Fri, 03 Apr 2020 10:22:16 GMT
server
openresty
etag
"5e870e58-367f"
x-cache
HIT from sal-tln-sdjn-p1-52-144, HIT from sal-cnc-zjzs-n-77-231
content-type
text/css
accept-ranges
bytes
content-length
13951
183.js
js.new-rand.cn/sr/js/lib/jquery/ 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.new-rand.cn/sr/js/lib/jquery/183.js?ver=1610442339385
Requested by
Host: security.new-rand.cn
URL: https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.157.77.230 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer
https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:50:33 GMT
last-modified
Sat, 18 Jan 2020 12:51:07 GMT
server
openresty
etag
"5e22ff3b-16dc4"
x-cache
HIT from sal-tln-sdjn-p1-52-144, HIT from sal-cnc-zjzs-n-77-231
content-type
application/javascript
accept-ranges
bytes
content-length
93636
jquery.SuperSlide.2.1.1.js
js.new-rand.cn/sr/v1/security/2018/js/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.new-rand.cn/sr/v1/security/2018/js/jquery.SuperSlide.2.1.1.js?ver=1610442339385
Requested by
Host: security.new-rand.cn
URL: https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.157.77.230 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
b505ebb752567f3fe962d4334da0250a14b22174c7ac1d35013bc115ab8b8a58

Request headers

Referer
https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:50:33 GMT
last-modified
Sun, 09 Feb 2020 09:02:09 GMT
server
openresty
etag
"5e3fca91-2af8"
x-cache
HIT from sal-tln-sdjn-p1-52-148, HIT from sal-cnc-zjzs-n-77-231
content-type
application/javascript
accept-ranges
bytes
content-length
11000
layer.js
js.new-rand.cn/sr/js/lib/layer/v3.0.3/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.new-rand.cn/sr/js/lib/layer/v3.0.3/layer.js?ver=1610442339385
Requested by
Host: security.new-rand.cn
URL: https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.157.77.230 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
d7d4f85d003a88312336f7b66ac0bf48e20b2da1768b01f0fff410b49da56742

Request headers

Referer
https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:50:33 GMT
last-modified
Sat, 18 Jan 2020 12:51:08 GMT
server
openresty
etag
"5e22ff3c-54fa"
x-cache
HIT from sal-tln-jsnt-p1-230-54, HIT from sal-cnc-zjzs-n-77-231
content-type
application/javascript
accept-ranges
bytes
content-length
21754
quickLogin.css
css.new-rand.cn/sr/v1/security/2018/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css.new-rand.cn/sr/v1/security/2018/css/quickLogin.css?ver=1610442339385
Requested by
Host: security.new-rand.cn
URL: https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.157.77.230 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
d9fa0816a82eb6676092324ad0654975f707cb731b0b2590c3c023201d2eea2e

Request headers

Referer
https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:50:34 GMT
last-modified
Mon, 10 Feb 2020 06:49:59 GMT
server
openresty
etag
"5e40fd17-fb3"
x-cache
EXPIRED from sal-tln-jsnt-p1-230-54, HIT from sal-cnc-zjzs-n-77-231
content-type
text/css
accept-ranges
bytes
content-length
4019
captcha.action
security.new-rand.cn/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://security.new-rand.cn/captcha.action
Requested by
Host: security.new-rand.cn
URL: https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
106.3.142.168 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
nginx /
Resource Hash
727eca8ece9ccce9579dd90f505bc7c33b1d516831d8b2c5fd431428e035f4ae

Request headers

Referer
https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
No-cache
date
Fri, 22 Jan 2021 05:50:34 GMT
cache-control
no-cache, no-store, private
server
nginx
content-type
image/gif;charset=UTF-8
expires
Thu, 01 Jan 1970 00:00:00 GMT
quickLogin.js
js.new-rand.cn/sr/js/security/2020/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.new-rand.cn/sr/js/security/2020/quickLogin.js?ver=1610442339385
Requested by
Host: security.new-rand.cn
URL: https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.157.77.230 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
73151857949f28edd870e313491df07f9a5ad0cade3d29d48a9dc9ac5f9df601

Request headers

Referer
https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:50:34 GMT
last-modified
Thu, 05 Nov 2020 07:58:26 GMT
server
openresty
etag
"5fa3b0a2-127f"
x-cache
HIT from sal-tln-sdjn-p1-52-144, HIT from sal-cnc-zjzs-n-77-231
content-type
application/javascript
accept-ranges
bytes
content-length
4735
global_foot.js
js.new-rand.cn/sr/js/common/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.new-rand.cn/sr/js/common/global_foot.js?ver=1610442339385
Requested by
Host: security.new-rand.cn
URL: https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.157.77.230 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
bcba726d2b5c70e7317d73b58dfa8d454b7150ee0c45c0fb98043b3dd7c846ee

Request headers

Referer
https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:50:34 GMT
last-modified
Tue, 12 Jan 2021 08:01:28 GMT
server
openresty
etag
"5ffd5758-269a"
x-cache
HIT from sal-tln-sdjn-p1-52-151, HIT from sal-cnc-zjzs-n-77-231
content-type
application/javascript
accept-ranges
bytes
content-length
9882
quickLogin.js
js.new-rand.cn/sr/v1/security/2018/js/ 		427 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.new-rand.cn/sr/v1/security/2018/js/quickLogin.js?ver=1610442339385
Requested by
Host: security.new-rand.cn
URL: https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.157.77.230 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
909eff03d5c95fecebe8fc1e7ef3e5542f1a562e167b36108d11bbf171b51a03

Request headers

Referer
https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:50:34 GMT
last-modified
Sun, 09 Feb 2020 09:02:09 GMT
server
openresty
etag
"5e3fca91-1ab"
x-cache
HIT from sal-tln-jsnt-p1-230-54, HIT from sal-cnc-zjzs-n-77-231
content-type
application/javascript
accept-ranges
bytes
content-length
427
layer.css
js.new-rand.cn/sr/js/lib/layer/v3.0.3/skin/default/ 		14 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.new-rand.cn/sr/js/lib/layer/v3.0.3/skin/default/layer.css?v=3.0.3303
Requested by
Host: js.new-rand.cn
URL: https://js.new-rand.cn/sr/js/lib/layer/v3.0.3/layer.js?ver=1610442339385
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.157.77.230 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
fefc5c5314aa67b5e56ab4d5e8aab61af50a9ca93df64786b24f77a46a5c22f8

Request headers

Referer
https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:50:34 GMT
last-modified
Sat, 18 Jan 2020 12:51:12 GMT
server
openresty
etag
"5e22ff40-38a3"
x-cache
HIT from sal-tln-jsnt-p1-230-54, HIT from sal-cnc-zjzs-n-77-231
content-type
text/css
accept-ranges
bytes
content-length
14499
login-bg.png
css.new-rand.cn/sr/v1/security/2018/img/ 		220 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://css.new-rand.cn/sr/v1/security/2018/img/login-bg.png
Requested by
Host: css.new-rand.cn
URL: https://css.new-rand.cn/sr/v1/security/2018/css/quickLogin.css?ver=1610442339385
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.157.77.230 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
38478f131aa2619c23aa57f7680b1b17e974acf21c23ea90b22dd8b006a94af8

Request headers

Referer
https://css.new-rand.cn/sr/v1/security/2018/css/quickLogin.css?ver=1610442339385
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:50:34 GMT
last-modified
Thu, 06 Feb 2020 09:05:57 GMT
server
openresty
etag
"5e3bd6f5-370bc"
x-cache
HIT from sal-tln-jsnt-p1-230-54, HIT from sal-cnc-zjzs-n-77-231
content-type
image/png
accept-ranges
bytes
content-length
225468
15809787835.png
img.new-rand.cn/pic/20200206/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.new-rand.cn/pic/20200206/15809787835.png
Requested by
Host: security.new-rand.cn
URL: https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.157.77.230 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
1a02b3520fd9d458f0da8d7fd744d9b53e49dc8b793c89ac6dacf016d36b692c

Request headers

Referer
https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:50:36 GMT
last-modified
Sat, 18 Apr 2020 00:36:48 GMT
server
openresty
etag
"5e9a4ba0-14ffb"
x-cache
HIT from sal-tln-sdjn-p1-52-144, HIT from sal-cnc-zjzs-n-77-231
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
86011
input-clear.png
css.new-rand.cn/sr/v1/security/2018/img/ 		444 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://css.new-rand.cn/sr/v1/security/2018/img/input-clear.png
Requested by
Host: css.new-rand.cn
URL: https://css.new-rand.cn/sr/v1/security/2018/css/quickLogin.css?ver=1610442339385
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.157.77.230 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
ffdc814b3b21a7aeb32bba10920060c5adc9983f6b38efaca3f1a3961aaf40b7

Request headers

Referer
https://css.new-rand.cn/sr/v1/security/2018/css/quickLogin.css?ver=1610442339385
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:50:34 GMT
last-modified
Sun, 19 Jan 2020 01:39:40 GMT
server
openresty
etag
"5e23b35c-1bc"
x-cache
HIT from sal-tln-sdjn-p1-52-151, HIT from sal-cnc-zjzs-n-77-231
content-type
image/png
accept-ranges
bytes
content-length
444
input-icon.png
css.new-rand.cn/sr/v1/security/2018/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://css.new-rand.cn/sr/v1/security/2018/img/input-icon.png
Requested by
Host: css.new-rand.cn
URL: https://css.new-rand.cn/sr/v1/security/2018/css/quickLogin.css?ver=1610442339385
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.157.77.230 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
6465a831a92ee1289237cd63fc5a52b5a336de3760516ec126a30cefee0f75b8

Request headers

Referer
https://css.new-rand.cn/sr/v1/security/2018/css/quickLogin.css?ver=1610442339385
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:50:34 GMT
last-modified
Sun, 19 Jan 2020 01:39:40 GMT
server
openresty
etag
"5e23b35c-77b"
x-cache
HIT from sal-tln-sdjn-p1-52-148, HIT from sal-cnc-zjzs-n-77-231
content-type
image/png
accept-ranges
bytes
content-length
1915
input-checked.png
css.new-rand.cn/sr/v1/security/2018/img/ 		286 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://css.new-rand.cn/sr/v1/security/2018/img/input-checked.png
Requested by
Host: css.new-rand.cn
URL: https://css.new-rand.cn/sr/v1/security/2018/css/quickLogin.css?ver=1610442339385
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.157.77.230 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
3c0e0339f9efdcd9f6421f5286451c171fd1cad9ae632a2c40074b5525d10520

Request headers

Referer
https://css.new-rand.cn/sr/v1/security/2018/css/quickLogin.css?ver=1610442339385
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:50:34 GMT
last-modified
Sun, 19 Jan 2020 01:39:40 GMT
server
openresty
etag
"5e23b35c-11e"
x-cache
HIT from sal-tln-sdjn-p1-52-148, HIT from sal-cnc-zjzs-n-77-231
content-type
image/png
accept-ranges
bytes
content-length
286
tongji_setcookie.js
js.new-rand.cn/sr/js/common/2016/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.new-rand.cn/sr/js/common/2016/tongji_setcookie.js?ver=1610442339385?v=1610442339385
Requested by
Host: js.new-rand.cn
URL: https://js.new-rand.cn/sr/js/common/global_foot.js?ver=1610442339385
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
123.157.77.230 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
86c0fb48e93db7a16eac71843e635c6fc18452be01bfd5dce739395eb044f022

Request headers

Referer
https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:50:35 GMT
last-modified
Tue, 12 Jan 2021 08:01:28 GMT
server
openresty
etag
"5ffd5758-c56"
x-cache
HIT from sal-tln-sdjn-p1-52-144, HIT from sal-cnc-zjzs-n-77-231
content-type
application/javascript
accept-ranges
bytes
content-length
3158
hm.js
hm.baidu.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?4755dbd40e0b922e2e50f6cc3e7759d8
Requested by
Host: js.new-rand.cn
URL: https://js.new-rand.cn/sr/js/common/global_foot.js?ver=1610442339385
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
ed8ea65f0d74522fa41a1e5f81329660aab573b8d66e6cf4bbef0feb20bbf83d
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 05:50:36 GMT
Content-Encoding
gzip
Server
apache
Etag
078b737c169b68e1b1bb408ff83b5233
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14045
a.gif
act.new-rand.cn/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.new-rand.cn/a.gif?url=https%3A%2F%2Fsecurity.new-rand.cn%2FquickLogin.action%3FreturnUrl%3Dhttp%253A%252F%252Fpay.new-rand.cn%252Fbank%252FtobankHall.action%253Frole%253D1&focus=1&interval=0&platform=nnjp&t=88d3sd
Requested by
Host: security.new-rand.cn
URL: https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
106.3.142.174 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:50:39 GMT
last-modified
Mon, 13 Apr 2020 06:10:47 GMT
server
nginx
accept-ranges
bytes
etag
"5e940267-2b"
content-length
43
content-type
image/gif
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1814318123&si=4755dbd40e0b922e2e50f6cc3e7759d8&v=1.2.80&lv=1&sn=51127&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fsecurity.new-rand.cn%2FquickLogin.action%3FreturnUrl%3Dhttp%253A%252F%252Fpay.new-rand.cn%252Fbank%252FtobankHall.action%253Frole%253D1&tt=%E7%89%9B%E7%89%9B%E8%A7%A3%E7%9B%98_%E7%99%BB%E5%BD%95
Requested by
Host: security.new-rand.cn
URL: https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 22 Jan 2021 05:50:37 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
a.gif
act.new-rand.cn/ 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.new-rand.cn/a.gif?url=https%3A%2F%2Fsecurity.new-rand.cn%2FquickLogin.action%3FreturnUrl%3Dhttp%253A%252F%252Fpay.new-rand.cn%252Fbank%252FtobankHall.action%253Frole%253D1&focus=1&interval=5&platform=nnjp&t=ka2a6m
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
106.3.142.174 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 05:50:41 GMT
last-modified
Mon, 13 Apr 2020 06:10:47 GMT
server
nginx
accept-ranges
bytes
etag
"5e940267-2b"
content-length
43
content-type
image/gif
a.gif
act.new-rand.cn/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
act.new-rand.cn
URL
https://act.new-rand.cn/a.gif?url=https%3A%2F%2Fsecurity.new-rand.cn%2FquickLogin.action%3FreturnUrl%3Dhttp%253A%252F%252Fpay.new-rand.cn%252Fbank%252FtobankHall.action%253Frole%253D1&focus=1&interval=10&platform=nnjp&t=3ryv48

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| layer object| storage boolean| isShowCaptcha string| returnUrlf object| quickPhone object| pwdPhone object| tabIndex object| quickLogin object| CBcfg function| addBookmark function| loadJs function| addBookmarkCB function| jsonStrFilter function| cb_global_js string| serviceTelephone object| CBconfig object| JPlaceHolder function| HtmlAttributeEncode function| HtmlAttributeDecode object| xeixinTips object| _hmt object| _gaq object| CBfn number| eleHeight string| loginType function| logadd object| project_log_spwttv boolean| _bdhm_loaded_4755dbd40e0b922e2e50f6cc3e7759d8 object| mini_tangram_log_9j25hv object| project_log_hyval3 object| project_log_n0ehxb

2 Cookies

Domain/Path Name / Value
.security.new-rand.cn/ Name: Hm_lpvt_4755dbd40e0b922e2e50f6cc3e7759d8
Value: 1611294637
.security.new-rand.cn/ Name: Hm_lvt_4755dbd40e0b922e2e50f6cc3e7759d8
Value: 1611294637

1 Console Messages

Source Level URL
Text
console-api log URL: https://security.new-rand.cn/quickLogin.action?returnUrl=http%3A%2F%2Fpay.new-rand.cn%2Fbank%2FtobankHall.action%3Frole%3D1(Line 229)
Message:
0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.new-rand.cn
css.new-rand.cn
hm.baidu.com
img.new-rand.cn
js.new-rand.cn
pay.new-rand.cn
security.new-rand.cn
act.new-rand.cn
103.235.46.191
106.3.142.168
106.3.142.174
123.157.77.230
1a02b3520fd9d458f0da8d7fd744d9b53e49dc8b793c89ac6dacf016d36b692c
25d443318fdccd8230ae0fb775bd418e9966c2da94b6118af2bd3b2e3729e5a5
38478f131aa2619c23aa57f7680b1b17e974acf21c23ea90b22dd8b006a94af8
3c0e0339f9efdcd9f6421f5286451c171fd1cad9ae632a2c40074b5525d10520
5f59321450e5438dc73fc3cf85fcfb7d8a77cd6b12af0594ba1e5b16fb7c83bf
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6465a831a92ee1289237cd63fc5a52b5a336de3760516ec126a30cefee0f75b8
727eca8ece9ccce9579dd90f505bc7c33b1d516831d8b2c5fd431428e035f4ae
73151857949f28edd870e313491df07f9a5ad0cade3d29d48a9dc9ac5f9df601
86c0fb48e93db7a16eac71843e635c6fc18452be01bfd5dce739395eb044f022
909eff03d5c95fecebe8fc1e7ef3e5542f1a562e167b36108d11bbf171b51a03
b505ebb752567f3fe962d4334da0250a14b22174c7ac1d35013bc115ab8b8a58
bcba726d2b5c70e7317d73b58dfa8d454b7150ee0c45c0fb98043b3dd7c846ee
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d7d4f85d003a88312336f7b66ac0bf48e20b2da1768b01f0fff410b49da56742
d9fa0816a82eb6676092324ad0654975f707cb731b0b2590c3c023201d2eea2e
dc373fcd878f1c72b929a97e936140bd0b181cd6f0fcd629e8a93cbfce5495df
ed8ea65f0d74522fa41a1e5f81329660aab573b8d66e6cf4bbef0feb20bbf83d
fefc5c5314aa67b5e56ab4d5e8aab61af50a9ca93df64786b24f77a46a5c22f8
ffdc814b3b21a7aeb32bba10920060c5adc9983f6b38efaca3f1a3961aaf40b7