urlscan.io logo urlscan.io
SecurityTrails logo

rulovers.cn Open in urlscan Pro
160.124.106.249  Public Scan

Go To Rescan Add Verdict Report
URL: http://rulovers.cn/
Submission Tags: falconsandbox
Submission: On December 09 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 10 HTTP transactions. The main IP is 160.124.106.249, located in South Africa and belongs to POWERLINE-AS-AP POWER LINE DATACENTER, HK. The main domain is rulovers.cn.
This is the only time rulovers.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 160.124.106.249 132839 (POWERLINE...)
1 1 163.181.56.226 24429 (TAOBAO Zh...)
1 163.181.56.232 24429 (TAOBAO Zh...)
1 61.135.185.248 4808 (CHINA169-...)
4 103.235.46.191 55967 (BAIDU Bei...)
1 43.242.201.187 139640 (HKNEWCLOU...)
10 5
3    160.124.106.249 (South Africa)

ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK)
rulovers.cn
1    163.181.56.226 (San Mateo, United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
s8.sinaimg.cn
1    163.181.56.232 (San Mateo, United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
image2.sina.com.cn
1    61.135.185.248 (Beijing, China)

ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)
api.share.baidu.com
4    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    43.242.201.187 (Hong Kong)

ASN139640 (HKNEWCLOUD-AS-AP HK NEW CLOUD TECHNOLOGY LIMITED, HK)
xkd26.xyz
Domain Requested by
4 hm.baidu.com rulovers.cn
3 rulovers.cn rulovers.cn
1 xkd26.xyz rulovers.cn
1 api.share.baidu.com rulovers.cn
1 image2.sina.com.cn rulovers.cn
1 s8.sinaimg.cn 1 redirects
10 6

This site contains links to these domains. Also see Links.

Domain
sztuoda.cn
Subject Issuer Validity Valid
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-10-20 -
2021-07-26		 9 months crt.sh
www.xkd26.xyz
Let's Encrypt Authority X3		 2020-11-27 -
2021-02-25		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://rulovers.cn/
Frame ID: 23924722B2524F986E1F292660DB6DDB
Requests: 9 HTTP requests in this frame

Frame: https://xkd26.xyz/
Frame ID: 4CF1B027227FBE1BD83AB80B8327F170
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

10
Requests

50 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

5
IPs

4
Countries

42 kB
Transfer

91 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://s8.sinaimg.cn/mw690/005JH6wMzy7m8t7apDh67&690 HTTP 302
  • http://image2.sina.com.cn/blog/tmpl/v3/images/default_s_bmiddle.gif

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rulovers.cn/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://rulovers.cn/
Protocol
HTTP/1.1
Server
160.124.106.249 , South Africa, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
54b695a74aa06ccb62af881502256ea1625b43d90468596f12ca31bc1876c8c2

Request headers

Host
rulovers.cn
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Wed, 09 Dec 2020 17:05:20 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
tongji.js
rulovers.cn/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://rulovers.cn/tongji.js
Requested by
Host: rulovers.cn
URL: http://rulovers.cn/
Protocol
HTTP/1.1
Server
160.124.106.249 , South Africa, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
415d11c72f104591b87a61ca31e85900e222747b630d93ae6cba9687873f2334

Request headers

Referer
http://rulovers.cn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 17:05:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Nov 2020 04:57:47 GMT
Server
nginx
ETag
W/"5fbde44b-5ec"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 10 Dec 2020 05:05:21 GMT
/
rulovers.cn/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://rulovers.cn/
Requested by
Host: rulovers.cn
URL: http://rulovers.cn/
Protocol
HTTP/1.1
Server
160.124.106.249 , South Africa, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
9ac70ddddace29a5004191c4668a93846aeacdcc398d97f8d12a074be6f0c9f0

Request headers

Referer
http://rulovers.cn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 17:05:21 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
default_s_bmiddle.gif
image2.sina.com.cn/blog/tmpl/v3/images/
Redirect Chain
  • http://s8.sinaimg.cn/mw690/005JH6wMzy7m8t7apDh67&690
  • http://image2.sina.com.cn/blog/tmpl/v3/images/default_s_bmiddle.gif
7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://image2.sina.com.cn/blog/tmpl/v3/images/default_s_bmiddle.gif
Requested by
Host: rulovers.cn
URL: http://rulovers.cn/
Protocol
HTTP/1.1
Server
163.181.56.232 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d2b5a30568572332968808f1fd3d0218cd8a8ca41889627168fc6d9ca487e766

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 07 Dec 2020 02:09:31 GMT
Via
https/1.1 ctc.qingdao.union.68 (ApacheTrafficServer/6.2.1 [cRs f ]), cache10.l2nu20-1[0,304-0,H], cache10.l2nu20-1[0,0], cache29.l2ot7-1[0,304-0,H], cache15.l2ot7-1[1,0], cache4.de3[0,200-0,H], cache7.de3[0,0]
X-RequestId
0ab424bd-2011-0706-2234-6c92bf4c9b66
Age
226550
X-Via-Edge
16073069710750a638a963105f98c7d09f448
X-Via-SSL
ssl.95.sinag1.qxg.lb.sinanode.com
X-Cache
HIT TCP_MEM_HIT dirn:13:802453788
X-Requester
GRPS000000ANONYMOUSE
X-Swift-CacheTime
604702
x-amz-meta-uploadlocation
/image2
X-Swift-SaveTime
Mon, 07 Dec 2020 02:11:09 GMT
Content-Length
7092
X-Via-CDN
f=alicdn,s=cache7.de3,c=82.102.20.235;
Timing-Allow-Origin
*
X-Filesize
7092
Edge-Copy-Time
1604798645332
Last-Modified
Fri, 02 Oct 2020 08:40:04 GMT
Server
Tengine
Cache-Control
max-age=604800
Etag
"335357111fe0d64b6974b5136c422cfb"
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS, HEAD
Access-Control-Max-Age
31536000
Ali-Swift-Global-Savetime
1604887771
x-amz-meta-crc32
FC5C4D84
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Type
image/gif
Access-Control-Allow-Headers
Origin, Content-Type, Accept, Range, Content-Length
EagleId
a3b5389b16075335216133839e
Expires
Sun, 13 Dec 2020 18:29:49 GMT

Redirect headers

Date
Wed, 09 Dec 2020 17:05:21 GMT
Via
cache3.de3[,0]
Server
Tengine
Content-Type
text/html
Location
http://image2.sina.com.cn/blog/tmpl/v3/images/default_s_bmiddle.gif
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
258
EagleId
a3b5389716075335215488984e
X-Via-CDN
f=alicdn,s=cache3.de3,c=82.102.20.235;
s.gif
api.share.baidu.com/ 		0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://api.share.baidu.com/s.gif?l=http://rulovers.cn/
Requested by
Host: rulovers.cn
URL: http://rulovers.cn/
Protocol
HTTP/1.1
Server
61.135.185.248 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://rulovers.cn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 17:05:21 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8
hm.js
hm.baidu.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?5f7f4b776ce20eafd240e8af762cf7d4
Requested by
Host: rulovers.cn
URL: http://rulovers.cn/tongji.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
db54c7a58026fc7508da44c6116557aa9c2117d67302ca74ec59624e3c45fab3
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
http://rulovers.cn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 17:05:21 GMT
Content-Encoding
gzip
Server
apache
Etag
73806e3d2872d311ae4a148588b2ccb5
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14038
hm.js
hm.baidu.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?6fd358119ef8eecac0e1cd81b3c0e372
Requested by
Host: rulovers.cn
URL: http://rulovers.cn/tongji.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
c2b2472f361d7b38fc2ce058988480b414f499eff1c88d33c45ebb640b41d954
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
http://rulovers.cn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 09 Dec 2020 17:05:21 GMT
Content-Encoding
gzip
Server
apache
Etag
e641325d1c0ee7e8486249c038740093
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14041
/
xkd26.xyz/ Frame 4CF1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xkd26.xyz/
Requested by
Host: rulovers.cn
URL: http://rulovers.cn/tongji.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.242.201.187 , Hong Kong, ASN139640 (HKNEWCLOUD-AS-AP HK NEW CLOUD TECHNOLOGY LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
xkd26.xyz
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://rulovers.cn/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://rulovers.cn/

Response headers

server
nginx
date
Wed, 09 Dec 2020 17:05:21 GMT
content-type
text/html
last-modified
Wed, 09 Dec 2020 05:37:41 GMT
vary
Accept-Encoding
etag
W/"5fd062a5-1d46"
content-encoding
gzip
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=313777305&si=5f7f4b776ce20eafd240e8af762cf7d4&v=1.2.80&lv=1&sn=25508&r=0&ww=1600&ct=!!&u=http%3A%2F%2Frulovers.cn%2F&tt=%E6%9C%AA%E5%A4%87%E6%A1%88%20%E9%98%BB%E6%96%AD%E6%8F%90%E7%A4%BA%EF%BC%81
Requested by
Host: rulovers.cn
URL: http://rulovers.cn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
http://rulovers.cn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 17:05:23 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=862019840&si=6fd358119ef8eecac0e1cd81b3c0e372&v=1.2.80&lv=1&sn=25508&r=0&ww=1600&ct=!!&u=http%3A%2F%2Frulovers.cn%2F&tt=%E6%9C%AA%E5%A4%87%E6%A1%88%20%E9%98%BB%E6%96%AD%E6%8F%90%E7%A4%BA%EF%BC%81
Requested by
Host: rulovers.cn
URL: http://rulovers.cn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
http://rulovers.cn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Dec 2020 17:05:23 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| _hmt string| a function| getClient string| client boolean| _bdhm_loaded_5f7f4b776ce20eafd240e8af762cf7d4 object| mini_tangram_log_9dg6ml boolean| _bdhm_loaded_6fd358119ef8eecac0e1cd81b3c0e372 object| mini_tangram_log_4quznr

0 Cookies