exservice.12306.cn Open in urlscan Pro
113.142.160.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://exservice.12306.cn/exinv/output-tax/s/41a2e8c2cf9f387ea3fa60f451c8664b
Effective URL:
https://exservice.12306.cn/exinv/ent-views/fpExtract/extract.html?c=41a2e8c2cf9f387ea3fa60f451c8664b
Submission: On September 03 via manual (September 3rd 2022, 3:47:04 pm UTC) from IN — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 113.142.160.15, located in China and belongs to CHINANET-SHAANXI-CLOUD-BASE CHINANET SHAANXI province Cloud Base network, CN. The main domain is exservice.12306.cn. The Cisco Umbrella rank of the primary domain is 486680.
TLS certificate: Issued by DigiCert CN RSA CA G1 on November 16th 2021. Valid for: a year.

This is the only time exservice.12306.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 10	113.142.160.15 113.142.160.15		134768 (CHINANET-...) (CHINANET-SHAANXI-CLOUD-BASE CHINANET SHAANXI province Cloud Base network)
8	1

10 113.142.160.15 (China) 2 redirects

ASN134768 (CHINANET-SHAANXI-CLOUD-BASE CHINANET SHAANXI province Cloud Base network, CN)

exservice.12306.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	12306.cn 2 redirects exservice.12306.cn — Cisco Umbrella Rank: 486680	133 KB
8	1

	Domain	Requested by
10	exservice.12306.cn	2 redirects exservice.12306.cn
8	1

This site contains no links.

Subject Issuer	Validity	Valid
*.12306.cn DigiCert CN RSA CA G1	`2021-11-16` - `2022-11-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://exservice.12306.cn/exinv/ent-views/fpExtract/extract.html?c=41a2e8c2cf9f387ea3fa60f451c8664b
Frame ID: 91271224D1747DCA9D4DE27B737099BE
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://exservice.12306.cn/exinv/output-tax/s/41a2e8c2cf9f387ea3fa60f451c8664b HTTP 302
https://exservice.12306.cn/exinv/output-tax/s/41a2e8c2cf9f387ea3fa60f451c8664b HTTP 302
https://exservice.12306.cn/exinv/ent-views/fpExtract/extract.html?c=41a2e8c2cf9f387ea3fa60f451c8664b Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

132 kB
Transfer

197 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://exservice.12306.cn/exinv/output-tax/s/41a2e8c2cf9f387ea3fa60f451c8664b HTTP 302
https://exservice.12306.cn/exinv/output-tax/s/41a2e8c2cf9f387ea3fa60f451c8664b HTTP 302
https://exservice.12306.cn/exinv/ent-views/fpExtract/extract.html?c=41a2e8c2cf9f387ea3fa60f451c8664b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request extract.html Show response exservice.12306.cn/exinv/ent-views/fpExtract/ Redirect Chain http://exservice.12306.cn/exinv/output-tax/s/41a2e8c2cf9f387ea3fa60f451c8664b https://exservice.12306.cn/exinv/output-tax/s/41a2e8c2cf9f387ea3fa60f451c8664b https://exservice.12306.cn/exinv/ent-views/fpExtract/extract.html?c=41a2e8c2cf9f387ea3fa60f451c8664b	2 KB 1 KB	242ms 242ms	Document text/html	113.142.160.15 CHINANET-SHAANXI-...
General Check archive.org Show headers Download Go to Full URL https://exservice.12306.cn/exinv/ent-views/fpExtract/extract.html?c=41a2e8c2cf9f387ea3fa60f451c8664b Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 113.142.160.15 , China, ASN134768 (CHINANET-SHAANXI-CLOUD-BASE CHINANET SHAANXI province Cloud Base network, CN), Reverse DNS Software / Resource Hash `1e3a5089e4e8e2749a07d4bedfbdfd8f3c7604435733a0130b9444488f90edfe` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache, no-store, max-age=0, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sat, 03 Sep 2022 15:47:01 GMT Last-Modified Mon, 12 Nov 2018 19:31:04 GMT Transfer-Encoding chunked X-Via 1.1 wj57:13 (Cdn Cache Server V2.0), 1.1 PS-XIY-01VrT178:29 (Cdn Cache Server V2.0) X-Ws-Request-Id 631376f5_PS-XIY-01rQA176_19248-10843 Redirect headers Cache-Control no-cache, no-store, max-age=0, must-revalidate Connection keep-alive Content-Language de-DE Content-Length 0 Date Sat, 03 Sep 2022 15:47:01 GMT Expires 0 Location https://exservice.12306.cn/exinv/ent-views/fpExtract/extract.html?c=41a2e8c2cf9f387ea3fa60f451c8664b Pragma no-cache X-Application-Context gateway:8085 X-Content-Type-Options nosniff X-Frame-Options DENY X-Via 1.1 wj57:13 (Cdn Cache Server V2.0), 1.1 PS-XIY-01gGJ173:33 (Cdn Cache Server V2.0) X-Ws-Request-Id 631376f5_PS-XIY-01rQA176_19248-10810 X-XSS-Protection 1; mode=block request_id 46832fd5-7dab-4ecc-ab42-962f59cbc57e
GET H/1.1	200 OK	jquery-1.11.2.min.js Show response exservice.12306.cn/exinv/ent-views/fpExtract/vendor/jquery/	94 KB 34 KB	191ms 190ms	Script application/javascript	113.142.160.15 CHINANET-SHAANXI-...
General Check archive.org Show headers Download Go to Full URL https://exservice.12306.cn/exinv/ent-views/fpExtract/vendor/jquery/jquery-1.11.2.min.js Requested by Host: exservice.12306.cn URL: https://exservice.12306.cn/exinv/ent-views/fpExtract/extract.html?c=41a2e8c2cf9f387ea3fa60f451c8664b Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 113.142.160.15 , China, ASN134768 (CHINANET-SHAANXI-CLOUD-BASE CHINANET SHAANXI province Cloud Base network, CN), Reverse DNS Software / Resource Hash `2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0` Request headers accept-language de-DE,de;q=0.9 Referer https://exservice.12306.cn/exinv/ent-views/fpExtract/extract.html?c=41a2e8c2cf9f387ea3fa60f451c8664b User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers Date Sat, 03 Sep 2022 15:47:01 GMT Content-Encoding gzip Last-Modified Mon, 12 Nov 2018 19:31:04 GMT Age 1 X-Ws-Request-Id 631376f5_PS-XIY-01rQA176_19248-10887 Content-Type application/javascript Cache-Control public, max-age=10, must-revalidate Transfer-Encoding chunked Connection keep-alive X-Via 1.1 PSbjwjBGP2ks135:7 (Cdn Cache Server V2.0), 1.1 ian20:4 (Cdn Cache Server V2.0), 1.1 PS-FOC-01KG494:3 (Cdn Cache Server V2.0), 1.1 PS-XIY-01lNc174:13 (Cdn Cache Server V2.0)
GET H/1.1	200 OK	pdfPwd.js Show response exservice.12306.cn/exinv/ent-views/fpExtract/js/	4 KB 2 KB	631ms 207ms	Script application/javascript	113.142.160.15 CHINANET-SHAANXI-...
General Check archive.org Show headers Download Go to Full URL https://exservice.12306.cn/exinv/ent-views/fpExtract/js/pdfPwd.js Requested by Host: exservice.12306.cn URL: https://exservice.12306.cn/exinv/ent-views/fpExtract/extract.html?c=41a2e8c2cf9f387ea3fa60f451c8664b Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 113.142.160.15 , China, ASN134768 (CHINANET-SHAANXI-CLOUD-BASE CHINANET SHAANXI province Cloud Base network, CN), Reverse DNS Software / Resource Hash `7d2762ff1603db76f75df990097f3f40e61a68d197e6e2a3f1810f895412a165` Request headers accept-language de-DE,de;q=0.9 Referer https://exservice.12306.cn/exinv/ent-views/fpExtract/extract.html?c=41a2e8c2cf9f387ea3fa60f451c8664b User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers Date Sat, 03 Sep 2022 15:47:02 GMT Content-Encoding gzip Last-Modified Mon, 12 Nov 2018 19:31:04 GMT Age 1 X-Ws-Request-Id 631376f6_PS-XIY-01rQA176_21618-20030 Content-Type application/javascript Cache-Control public, max-age=10, must-revalidate Transfer-Encoding chunked Connection keep-alive X-Via 1.1 PSbjwjBGP2ks135:7 (Cdn Cache Server V2.0), 1.1 sxian25:4 (Cdn Cache Server V2.0), 1.1 in27:14 (Cdn Cache Server V2.0), 1.1 PS-XIY-01lNc174:18 (Cdn Cache Server V2.0)
GET H/1.1	200 OK	public.css exservice.12306.cn/exinv/ent-views/fpExtract/css/	2 KB 1 KB	408ms 187ms	Stylesheet text/css	113.142.160.15 CHINANET-SHAANXI-...
General Check archive.org Show headers Download Go to Full URL https://exservice.12306.cn/exinv/ent-views/fpExtract/css/public.css Requested by Host: exservice.12306.cn URL: https://exservice.12306.cn/exinv/ent-views/fpExtract/extract.html?c=41a2e8c2cf9f387ea3fa60f451c8664b Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 113.142.160.15 , China, ASN134768 (CHINANET-SHAANXI-CLOUD-BASE CHINANET SHAANXI province Cloud Base network, CN), Reverse DNS Software / Resource Hash `8f09bffc9d6656e4c2806acdb9e2e0c319d13fc255c8928928b3a75379cf2ab2` Request headers accept-language de-DE,de;q=0.9 Referer https://exservice.12306.cn/exinv/ent-views/fpExtract/extract.html?c=41a2e8c2cf9f387ea3fa60f451c8664b User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers Date Sat, 03 Sep 2022 15:47:01 GMT Content-Encoding gzip Last-Modified Mon, 12 Nov 2018 19:31:04 GMT Age 1 X-Ws-Request-Id 631376f5_PS-XIY-01rQA176_19248-10916 Content-Type text/css Cache-Control public, max-age=10, must-revalidate Transfer-Encoding chunked Connection keep-alive X-Via 1.1 PSbjwjBGP2yt134:5 (Cdn Cache Server V2.0), 1.1 ian20:0 (Cdn Cache Server V2.0), 1.1 houdxin26:12 (Cdn Cache Server V2.0), 1.1 PS-XIY-01rW3175:4 (Cdn Cache Server V2.0)
GET H/1.1	200 OK	pc_pdfPayer.css exservice.12306.cn/exinv/ent-views/fpExtract/css/	3 KB 1 KB	599ms 189ms	Stylesheet text/css	113.142.160.15 CHINANET-SHAANXI-...
General Check archive.org Show headers Download Go to Full URL https://exservice.12306.cn/exinv/ent-views/fpExtract/css/pc_pdfPayer.css Requested by Host: exservice.12306.cn URL: https://exservice.12306.cn/exinv/ent-views/fpExtract/extract.html?c=41a2e8c2cf9f387ea3fa60f451c8664b Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 113.142.160.15 , China, ASN134768 (CHINANET-SHAANXI-CLOUD-BASE CHINANET SHAANXI province Cloud Base network, CN), Reverse DNS Software / Resource Hash `6959bb2203e0649b62c73b0af247ba9b6d44198aa5919f51353b0fe5eec0f04e` Request headers accept-language de-DE,de;q=0.9 Referer https://exservice.12306.cn/exinv/ent-views/fpExtract/extract.html?c=41a2e8c2cf9f387ea3fa60f451c8664b User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers Date Sat, 03 Sep 2022 15:47:02 GMT Content-Encoding gzip Last-Modified Mon, 12 Nov 2018 19:31:04 GMT Age 1 X-Ws-Request-Id 631376f6_PS-XIY-01rQA176_19248-10951 Content-Type text/css Cache-Control public, max-age=10, must-revalidate Transfer-Encoding chunked Connection keep-alive X-Via 1.1 PSbjwjBGP2yt134:5 (Cdn Cache Server V2.0), 1.1 ian26:13 (Cdn Cache Server V2.0), 1.1 zhdx28:9 (Cdn Cache Server V2.0), 1.1 PS-XIY-01rQA176:23 (Cdn Cache Server V2.0)
GET H/1.1	200 OK	invoiceLogo.png exservice.12306.cn/exinv/ent-views/fpExtract/static/	3 KB 3 KB	655ms 654ms	Image image/png	113.142.160.15 CHINANET-SHAANXI-...
General Check archive.org Show headers Download Go to Show image Full URL https://exservice.12306.cn/exinv/ent-views/fpExtract/static/invoiceLogo.png Requested by Host: exservice.12306.cn URL: https://exservice.12306.cn/exinv/ent-views/fpExtract/extract.html?c=41a2e8c2cf9f387ea3fa60f451c8664b Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 113.142.160.15 , China, ASN134768 (CHINANET-SHAANXI-CLOUD-BASE CHINANET SHAANXI province Cloud Base network, CN), Reverse DNS Software / Resource Hash `3f2dc32d41b37677a6bb3afa353de3f7cc25fece7314dc5ccd236452518d6a3a` Request headers accept-language de-DE,de;q=0.9 Referer https://exservice.12306.cn/exinv/ent-views/fpExtract/extract.html?c=41a2e8c2cf9f387ea3fa60f451c8664b User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers Date Sat, 03 Sep 2022 15:47:02 GMT Last-Modified Mon, 12 Nov 2018 19:31:04 GMT Age 1 ETag "5be9d4f8-a2b" X-Ws-Request-Id 631376f6_PS-XIY-01rQA176_19248-11062 Content-Type image/png Cache-Control public, max-age=10, must-revalidate Connection keep-alive Accept-Ranges bytes Content-Length 2603 X-Via 1.1 sanxian23:5 (Cdn Cache Server V2.0), 1.1 anxian149:0 (Cdn Cache Server V2.0), 1.1 houdxin26:13 (Cdn Cache Server V2.0), 1.1 PS-XIY-01rQA176:27 (Cdn Cache Server V2.0)
GET H/1.1	200 OK	mobile_pdfPayer.css exservice.12306.cn/exinv/ent-views/fpExtract/css/	3 KB 1 KB	205ms 204ms	Stylesheet text/css	113.142.160.15 CHINANET-SHAANXI-...
General Check archive.org Show headers Download Go to Full URL https://exservice.12306.cn/exinv/ent-views/fpExtract/css/mobile_pdfPayer.css Requested by Host: exservice.12306.cn URL: https://exservice.12306.cn/exinv/ent-views/fpExtract/extract.html?c=41a2e8c2cf9f387ea3fa60f451c8664b Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 113.142.160.15 , China, ASN134768 (CHINANET-SHAANXI-CLOUD-BASE CHINANET SHAANXI province Cloud Base network, CN), Reverse DNS Software / Resource Hash `3fe391a5e98eedb559955fce1ead9f990cdb8079e039dff102d1969487782b89` Request headers accept-language de-DE,de;q=0.9 Referer https://exservice.12306.cn/exinv/ent-views/fpExtract/extract.html?c=41a2e8c2cf9f387ea3fa60f451c8664b User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers Date Sat, 03 Sep 2022 15:47:02 GMT Content-Encoding gzip Last-Modified Mon, 12 Nov 2018 19:31:04 GMT Age 1 X-Ws-Request-Id 631376f6_PS-XIY-01rQA176_21618-20060 Content-Type text/css Cache-Control public, max-age=10, must-revalidate Transfer-Encoding chunked Connection keep-alive X-Via 1.1 PSbjwjBGP2yt134:5 (Cdn Cache Server V2.0), 1.1 ian26:12 (Cdn Cache Server V2.0), 1.1 zhoudianxin30:4 (Cdn Cache Server V2.0), 1.1 PS-XIY-01gGJ173:24 (Cdn Cache Server V2.0)
GET H/1.1	200 OK	bg.png exservice.12306.cn/exinv/ent-views/fpExtract/static/	87 KB 87 KB	223ms 223ms	Image image/png	113.142.160.15 CHINANET-SHAANXI-...
General Check archive.org Show headers Download Go to Show image Full URL https://exservice.12306.cn/exinv/ent-views/fpExtract/static/bg.png Requested by Host: exservice.12306.cn URL: https://exservice.12306.cn/exinv/ent-views/fpExtract/css/pc_pdfPayer.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 113.142.160.15 , China, ASN134768 (CHINANET-SHAANXI-CLOUD-BASE CHINANET SHAANXI province Cloud Base network, CN), Reverse DNS Software / Resource Hash `8f9160c6e9c5dcca390151f9ac93f558cc54e6ee0cf4127f87d5a828629fc98d` Request headers accept-language de-DE,de;q=0.9 Referer https://exservice.12306.cn/exinv/ent-views/fpExtract/css/pc_pdfPayer.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers Date Sat, 03 Sep 2022 15:47:02 GMT Last-Modified Mon, 12 Nov 2018 19:31:04 GMT Age 1 ETag "5be9d4f8-15aa0" X-Ws-Request-Id 631376f6_PS-XIY-01rQA176_21879-1790 Content-Type image/png Cache-Control public, max-age=10, must-revalidate Connection keep-alive Accept-Ranges bytes Content-Length 88736 X-Via 1.1 sx24:10 (Cdn Cache Server V2.0), 1.1 PSfjfzsx3gh125:8 (Cdn Cache Server V2.0), 1.1 PS-000-01nBa52:5 (Cdn Cache Server V2.0), 1.1 PS-XIY-01gGJ173:4 (Cdn Cache Server V2.0)

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			exservice.12306.cn/	1969-12-31 23:59:59	Name: sid Value: 3e6f589a-88c9-461c-851a-64e49561bce2
			exservice.12306.cn/	1969-12-31 23:59:59	Name: BIGipServerpool_exinv Value: 1106182666.36895.0000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

exservice.12306.cn
113.142.160.15
1e3a5089e4e8e2749a07d4bedfbdfd8f3c7604435733a0130b9444488f90edfe
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3f2dc32d41b37677a6bb3afa353de3f7cc25fece7314dc5ccd236452518d6a3a
3fe391a5e98eedb559955fce1ead9f990cdb8079e039dff102d1969487782b89
6959bb2203e0649b62c73b0af247ba9b6d44198aa5919f51353b0fe5eec0f04e
7d2762ff1603db76f75df990097f3f40e61a68d197e6e2a3f1810f895412a165
8f09bffc9d6656e4c2806acdb9e2e0c319d13fc255c8928928b3a75379cf2ab2
8f9160c6e9c5dcca390151f9ac93f558cc54e6ee0cf4127f87d5a828629fc98d

exservice.12306.cn Open in urlscan Pro 113.142.160.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

132 kBTransfer

197 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

2 Cookies

Indicators

exservice.12306.cn Open in urlscan Pro
113.142.160.15 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

132 kB
Transfer

197 kB
Size

2
Cookies

8 HTTP transactions
0 data transactions