activity3.oldbiga1.cn
Open in
urlscan Pro
47.111.36.14
Public Scan
Submitted URL: https://u.qushaia.cn/289c
Effective URL: https://activity3.oldbiga1.cn/activity/index?id=34235&slotId=433989&login=normal&appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&deviceId=...
Submission Tags: falconsandbox
Submission: On May 09 via api from US — Scanned from DE
Effective URL: https://activity3.oldbiga1.cn/activity/index?id=34235&slotId=433989&login=normal&appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&deviceId=...
Submission Tags: falconsandbox
Submission: On May 09 via api from US — Scanned from DE
Summary
This website contacted 5 IPs
in 2 countries
across 8 domains to perform 18 HTTP transactions.
The main IP is 47.111.36.14, located in
Hangzhou, China and
belongs to ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN.
The main domain is activity3.oldbiga1.cn.
TLS certificate: Issued by vTrus DV SSL CA G1 on March 1st 2023. Valid for: a year.
This is the only time activity3.oldbiga1.cn was scanned on urlscan.io!
TLS certificate: Issued by vTrus DV SSL CA G1 on March 1st 2023. Valid for: a year.
This is the only time activity3.oldbiga1.cn was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 2 | 101.37.243.106 101.37.243.106 | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
| 2 2 | 120.26.53.4 120.26.53.4 | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
| 1 | 159.75.57.36 159.75.57.36 | 45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited) | |
| 1 | 240e:944:e:4:... 240e:944:e:4::968a:6e23 | 58541 (CHINATELE...) (CHINATELECOM-SHANDONG-QINGDAO-IDC Qingdao) | |
| 1 | 163.181.56.174 163.181.56.174 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
| 1 2 | 47.111.36.14 47.111.36.14 | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
| 18 | 5 |
2
101.37.243.106
(Hangzhou, China)
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
| u.qushaia.cn |
2
120.26.53.4
(Hangzhou, China)
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
| domain.haoxuexiba.cn |
1
159.75.57.36
(China)
ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
| svt8-1312109307.cos.ap-guangzhou.myqcloud.com |
1
240e:944:e:4::968a:6e23
(China)
ASN58541 (CHINATELECOM-SHANDONG-QINGDAO-IDC Qingdao,266000, CN)
ASN58541 (CHINATELECOM-SHANDONG-QINGDAO-IDC Qingdao,266000, CN)
| statres.quickapp.cn |
1
163.181.56.174
(Frankfurt am Main, Germany)
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
| yun.dui88.com |
2
47.111.36.14
(Hangzhou, China)
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
| engine.tuia.cn | |
| activity3.oldbiga1.cn |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 2 |
haoxuexiba.cn
2 redirects
domain.haoxuexiba.cn |
423 B |
| 2 |
qushaia.cn
2 redirects
u.qushaia.cn |
285 B |
| 1 |
oldbiga1.cn
activity3.oldbiga1.cn |
11 KB |
| 1 |
tuia.cn
1 redirects
engine.tuia.cn |
616 B |
| 1 |
dui88.com
yun.dui88.com hunter-report.dui88.com Failed |
4 KB |
| 1 |
quickapp.cn
statres.quickapp.cn — Cisco Umbrella Rank: 118151 |
3 KB |
| 1 |
myqcloud.com
svt8-1312109307.cos.ap-guangzhou.myqcloud.com |
2 KB |
| 0 |
tuisnake.com
Failed
yun.tuisnake.com Failed |
|
| 18 | 8 |
| Domain | Requested by | |
|---|---|---|
| 2 | domain.haoxuexiba.cn | 2 redirects |
| 2 | u.qushaia.cn | 2 redirects |
| 1 | activity3.oldbiga1.cn |
yun.dui88.com
activity3.oldbiga1.cn |
| 1 | engine.tuia.cn | 1 redirects |
| 1 | yun.dui88.com |
svt8-1312109307.cos.ap-guangzhou.myqcloud.com
|
| 1 | statres.quickapp.cn |
svt8-1312109307.cos.ap-guangzhou.myqcloud.com
activity3.oldbiga1.cn |
| 1 | svt8-1312109307.cos.ap-guangzhou.myqcloud.com | |
| 0 | hunter-report.dui88.com Failed |
activity3.oldbiga1.cn
|
| 0 | yun.tuisnake.com Failed |
activity3.oldbiga1.cn
|
| 18 | 9 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.cos.ap-guangzhou.myqcloud.com GlobalSign Organization Validation CA - SHA256 - G3 |
2023-03-12 - 2024-04-12 |
a year | crt.sh |
| *.quickapp.cn RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2023-04-18 - 2024-04-23 |
a year | crt.sh |
| *.dui88.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2022-06-21 - 2023-07-08 |
a year | crt.sh |
| *.oldbiga1.cn vTrus DV SSL CA G1 |
2023-03-01 - 2024-02-29 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://activity3.oldbiga1.cn/activity/index?id=34235&slotId=433989&login=normal&appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&deviceId=8322baa7-805d-4bfa-8789-84ea78a76f42&dsm=1.433989.0.0&dsm2=1.433989.2.34235&tenter=SOW&subActivityWay=1&tck_rid_6c8=0a379eeblha64d1s-4544172&tck_loc_c5d=tactivity-34235&dcm=401.433989.0.0&netType=2&tenter=SOW&visType=0&specialType=0&sourcePage=34235&deviceIdType=2&formUserId=null&isTestActivityType=0&userType=1&ep=00wFVHgK4sTa43YHr8saoyAhwJNYZAOr_PCVPWMbbuWoRzQBErvs-41FWu99InKLL8791x1Ns_qji-bH7oL4mw==&iframe=1&openStyleType=850&sign=A595025ECED7E0FE4D239DA26C9A4E7E
Frame ID: A0D41CEADB540E59A7CC4135C7FB67D1
Requests: 18 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://u.qushaia.cn/289c
HTTP 302
https://u.qushaia.cn/289c?us_ts_tmp_=1683603514073 HTTP 301
http://domain.haoxuexiba.cn/lookup/s?shortUk=289c HTTP 307
https://domain.haoxuexiba.cn/lookup/s?shortUk=289c HTTP 302
https://svt8-1312109307.cos.ap-guangzhou.myqcloud.com/sh.html?appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&adslotId=433989& Page URL
-
https://engine.tuia.cn/index/activity?appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&adslotId=433989&&deviceId...
HTTP 302
https://activity3.oldbiga1.cn/activity/index?id=34235&slotId=433989&login=normal&appKey=32DAu27S9eNFBGmWU4... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://u.qushaia.cn/289c
HTTP 302
https://u.qushaia.cn/289c?us_ts_tmp_=1683603514073 HTTP 301
http://domain.haoxuexiba.cn/lookup/s?shortUk=289c HTTP 307
https://domain.haoxuexiba.cn/lookup/s?shortUk=289c HTTP 302
https://svt8-1312109307.cos.ap-guangzhou.myqcloud.com/sh.html?appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&adslotId=433989& Page URL
-
https://engine.tuia.cn/index/activity?appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&adslotId=433989&&deviceId=8322baa7-805d-4bfa-8789-84ea78a76f42
HTTP 302
https://activity3.oldbiga1.cn/activity/index?id=34235&slotId=433989&login=normal&appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&deviceId=8322baa7-805d-4bfa-8789-84ea78a76f42&dsm=1.433989.0.0&dsm2=1.433989.2.34235&tenter=SOW&subActivityWay=1&tck_rid_6c8=0a379eeblha64d1s-4544172&tck_loc_c5d=tactivity-34235&dcm=401.433989.0.0&netType=2&tenter=SOW&visType=0&specialType=0&sourcePage=34235&deviceIdType=2&formUserId=null&isTestActivityType=0&userType=1&ep=00wFVHgK4sTa43YHr8saoyAhwJNYZAOr_PCVPWMbbuWoRzQBErvs-41FWu99InKLL8791x1Ns_qji-bH7oL4mw==&iframe=1&openStyleType=850&sign=A595025ECED7E0FE4D239DA26C9A4E7E Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://u.qushaia.cn/289c HTTP 302
- https://u.qushaia.cn/289c?us_ts_tmp_=1683603514073 HTTP 301
- http://domain.haoxuexiba.cn/lookup/s?shortUk=289c HTTP 307
- https://domain.haoxuexiba.cn/lookup/s?shortUk=289c HTTP 302
- https://svt8-1312109307.cos.ap-guangzhou.myqcloud.com/sh.html?appKey=32DAu27S9eNFBGmWU4Jg5frkTVuT&adslotId=433989&
18 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
sh.html
svt8-1312109307.cos.ap-guangzhou.myqcloud.com/ Redirect Chain
|
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
routerinline.min.js
statres.quickapp.cn/quickapp/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
silverlining.min.js
yun.dui88.com/h5-mami/activity/wx/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
index
activity3.oldbiga1.cn/activity/ Redirect Chain
|
23 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
jimu-sdk-640.js
yun.tuisnake.com/jimu-sdk/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
core.f8070368.css
yun.tuisnake.com/tact/core/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
routerinline.min.js
statres.quickapp.cn/quickapp/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
qa_router.min.js
statres.quickapp.cn/quickapp/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
redpacket_jumpqka.38887fa8.css
yun.tuisnake.com/tact/redpacket_jumpqka/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
qka_wake.2a5a2f77.js
yun.tuisnake.com/tact/quickapp/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
vendor.6c6e6c1d.js
yun.tuisnake.com/tact/vendor/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
core.umd.min.48ba07ba.js
yun.tuisnake.com/tact/core/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
redpacket_jumpqka.f7128b01.js
yun.tuisnake.com/tact/redpacket_jumpqka/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
tuiaExtLog
hunter-report.dui88.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
5084ed26-moyqjxxtzc.gif
yun.tuisnake.com/mami-media/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
30cd25c8-1s2yvot3st.png
yun.tuisnake.com/mami-media/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
null
activity3.oldbiga1.cn/activity/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
3cc1d16c-wlp2rq3fho.gif
yun.tuisnake.com/mami-media/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- yun.tuisnake.com
- URL
- https://yun.tuisnake.com/jimu-sdk/jimu-sdk-640.js
- Domain
- yun.tuisnake.com
- URL
- https://yun.tuisnake.com/tact/core/core.f8070368.css
- Domain
- statres.quickapp.cn
- URL
- https://statres.quickapp.cn/quickapp/js/routerinline.min.js
- Domain
- statres.quickapp.cn
- URL
- https://statres.quickapp.cn/quickapp/js/qa_router.min.js
- Domain
- yun.tuisnake.com
- URL
- https://yun.tuisnake.com/tact/redpacket_jumpqka/css/redpacket_jumpqka.38887fa8.css
- Domain
- yun.tuisnake.com
- URL
- https://yun.tuisnake.com/tact/quickapp/qka_wake.2a5a2f77.js
- Domain
- yun.tuisnake.com
- URL
- https://yun.tuisnake.com/tact/vendor/vendor.6c6e6c1d.js
- Domain
- yun.tuisnake.com
- URL
- https://yun.tuisnake.com/tact/core/core.umd.min.48ba07ba.js
- Domain
- yun.tuisnake.com
- URL
- https://yun.tuisnake.com/tact/redpacket_jumpqka/js/redpacket_jumpqka.f7128b01.js
- Domain
- hunter-report.dui88.com
- URL
- https://hunter-report.dui88.com/tuiaExtLog?group=1&type=9&json=%7B%22subtype%22%3A%22head%22%2C%22tck_rid_6c8%22%3A%220a379eeblha64d1s-4544172%22%2C%22slotId%22%3A%22433989%22%2C%22activityId%22%3A%2234235%22%2C%22consumerId%22%3A%2236330611193%22%2C%22timestamp%22%3A1683603528224%7D
- Domain
- yun.tuisnake.com
- URL
- https://yun.tuisnake.com/mami-media/img/5084ed26-moyqjxxtzc.gif?x-oss-process=image/format,webp
- Domain
- yun.tuisnake.com
- URL
- https://yun.tuisnake.com/mami-media/img/30cd25c8-1s2yvot3st.png?x-oss-process=image/format,webp
- Domain
- activity3.oldbiga1.cn
- URL
- https://activity3.oldbiga1.cn/activity/null
- Domain
- yun.tuisnake.com
- URL
- https://yun.tuisnake.com/mami-media/img/3cc1d16c-wlp2rq3fho.gif?x-oss-process=image/format,webp
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
activity3.oldbiga1.cn
domain.haoxuexiba.cn
engine.tuia.cn
hunter-report.dui88.com
statres.quickapp.cn
svt8-1312109307.cos.ap-guangzhou.myqcloud.com
u.qushaia.cn
yun.dui88.com
yun.tuisnake.com
activity3.oldbiga1.cn
hunter-report.dui88.com
statres.quickapp.cn
yun.tuisnake.com
101.37.243.106
120.26.53.4
159.75.57.36
163.181.56.174
240e:944:e:4::968a:6e23
47.111.36.14
0b41d7d428380ae612e579b0a6ec5f23dc4f780b4eefcf454bb6d75f6399d34f
60238ca2d7090b622b54c8b2a199938cea3fdcabd74f16d88fdcce9d2a989971
6cca0a2fc5b6faa7803c85b43cb5ecf4713c419182abc03c0067ce7122639d9b
6d9d0824c49eee0d6b5c1da5c614523346dc15b8ad82f121a5b715c3576a1cf7