buff.163.com Open in urlscan Pro
34.252.57.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ghjhgjhgjhg.com/?airbridge_referrer=airbridge
Effective URL:
https://buff.163.com/s/goods.html?game=tf2&goods_id=798055
Submission: On October 14 via api (October 14th 2023, 12:09:10 pm UTC) from NL — Scanned from NL

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 18 HTTP transactions. The main IP is 34.252.57.28, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is buff.163.com. The Cisco Umbrella rank of the primary domain is 118517.
TLS certificate: Issued by GeoTrust RSA CN CA G2 on March 23rd 2023. Valid for: a year.

This is the only time buff.163.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 15	34.252.57.28 34.252.57.28	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:480... 2a02:26f0:480:6bc::31fc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2602:ffe4:c49... 2602:ffe4:c49:0:3::3fa	21859 (ZEN-ECN) (ZEN-ECN)
18	3

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ghjhgjhgjhg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 34.252.57.28 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-57-28.eu-west-1.compute.amazonaws.com

buff.163.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:6bc::31fc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

g.fp.ps.netease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:ffe4:c49:0:3::3fa (United States)

ASN21859 (ZEN-ECN, US)

market.fp.ps.netease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	163.com 1 redirects buff.163.com — Cisco Umbrella Rank: 118517	95 KB
4	netease.com g.fp.ps.netease.com — Cisco Umbrella Rank: 347119 market.fp.ps.netease.com — Cisco Umbrella Rank: 513162	113 KB
1	ghjhgjhgjhg.com 1 redirects ghjhgjhgjhg.com	466 B
18	3

	Domain	Requested by
15	buff.163.com	1 redirects buff.163.com
2	market.fp.ps.netease.com
2	g.fp.ps.netease.com	buff.163.com
1	ghjhgjhgjhg.com	1 redirects
18	4

This site contains no links.

Subject Issuer	Validity	Valid
*.163.com GeoTrust RSA CN CA G2	`2023-03-23` - `2024-04-22`	a year	crt.sh
netease.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-17` - `2024-02-17`	a year	crt.sh
*.fp.ps.netease.com GeoTrust RSA CN CA G2	`2023-07-04` - `2024-08-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://buff.163.com/s/goods.html?game=tf2&goods_id=798055
Frame ID: 1B9573CE79CEECAE79A533841C121E4F
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BUFF163 Skins marketplace

Page URL History Show full URLs

https://ghjhgjhgjhg.com/?airbridge_referrer=airbridge HTTP 302
https://buff.163.com/goods/798055?airbridge_referrer=airbridge HTTP 302
https://buff.163.com/s/goods.html?game=tf2&goods_id=798055 Page URL

Page Statistics

18
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

208 kB
Transfer

352 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ghjhgjhgjhg.com/?airbridge_referrer=airbridge HTTP 302
https://buff.163.com/goods/798055?airbridge_referrer=airbridge HTTP 302
https://buff.163.com/s/goods.html?game=tf2&goods_id=798055 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request goods.html Show response buff.163.com/s/ Redirect Chain https://ghjhgjhgjhg.com/?airbridge_referrer=airbridge https://buff.163.com/goods/798055?airbridge_referrer=airbridge https://buff.163.com/s/goods.html?game=tf2&goods_id=798055	13 KB 3 KB	586ms 585ms	Document text/html	34.252.57.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://buff.163.com/s/goods.html?game=tf2&goods_id=798055 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.252.57.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-252-57-28.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `4d58bd1753536b259477b658bf9f9f0ae1f2b74573fed9ad7caf7e3dd7cfe0f1` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language nl-NL,nl;q=0.9 Response headers Content-Encoding gzip Content-Type text/html Date Sat, 14 Oct 2023 12:09:05 GMT Server nginx/1.13.5 Transfer-Encoding chunked X-Trace-ID 49d1cae7667bc88b75ad306c2c5fce8a cache-control max-age=3600 etag W/"65297250-3310" expires Sat, 14 Oct 2023 13:09:05 GMT last-modified Fri, 13 Oct 2023 16:37:36 GMT ntes-trace-id e7c48d05ca6c9e95:e7c48d05ca6c9e95:0:1 x-envoy-upstream-service-time 0 Redirect headers Content-Length 331 Content-Type text/html; charset=utf-8 Date Sat, 14 Oct 2023 12:09:04 GMT Server nginx/1.13.5 X-Trace-ID 2f7914a4a575999ddf46e984e6e8d733 location https://buff.163.com/s/goods.html?game=tf2&goods_id=798055 ntes-trace-id 45d91514469ee59d:45d91514469ee59d:0:1 x-envoy-upstream-service-time 11
GET H/1.1	200 OK	style.min.css buff.163.com/css/	93 KB 25 KB	629ms 628ms	Stylesheet text/css	34.252.57.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://buff.163.com/css/style.min.css Requested by Host: buff.163.com URL: https://buff.163.com/s/goods.html?game=tf2&goods_id=798055 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.252.57.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-252-57-28.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `d0c7050ca6b580c7bfc5294ecad381f5ae6c9febf6c32e31bae20744650cbf04` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/s/goods.html?game=tf2&goods_id=798055 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID 2c3615eb24d33ca48372aaaacbf02ac8 Date Sat, 14 Oct 2023 12:09:06 GMT Content-Encoding gzip last-modified Fri, 13 Oct 2023 16:37:36 GMT Server nginx/1.13.5 etag W/"65297250-17541" ntes-trace-id a3fbf11e932d9597:a3fbf11e932d9597:0:1 Transfer-Encoding chunked Content-Type text/css cache-control max-age=3600 x-envoy-upstream-service-time 0 expires Sat, 14 Oct 2023 13:09:05 GMT
GET H/1.1	200 OK	lib.min.js Show response buff.163.com/js/	68 KB 27 KB	675ms 614ms	Script application/javascript	34.252.57.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://buff.163.com/js/lib.min.js Requested by Host: buff.163.com URL: https://buff.163.com/s/goods.html?game=tf2&goods_id=798055 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.252.57.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-252-57-28.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `1b6cd68df8cd77fba17c102ae045ab38c3511e9887d476491d6dc0473fbfe021` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/s/goods.html?game=tf2&goods_id=798055 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID 50db04c5c3287f87ede6fc13e6e62abf Date Sat, 14 Oct 2023 12:09:06 GMT Content-Encoding gzip last-modified Fri, 13 Oct 2023 16:37:36 GMT Server nginx/1.13.5 etag W/"65297250-1103f" ntes-trace-id e647883418baab91:e647883418baab91:0:1 Transfer-Encoding chunked Content-Type application/javascript cache-control max-age=3600 x-envoy-upstream-service-time 0 expires Sat, 14 Oct 2023 13:09:06 GMT
GET H/1.1	200 OK	app.min.js Show response buff.163.com/js/	19 KB 8 KB	682ms 589ms	Script application/javascript	34.252.57.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://buff.163.com/js/app.min.js Requested by Host: buff.163.com URL: https://buff.163.com/s/goods.html?game=tf2&goods_id=798055 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.252.57.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-252-57-28.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `b4b30577f27d467f600fe8e778acee2784ce56b90fbe7ceb24e04a15ab2519a4` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/s/goods.html?game=tf2&goods_id=798055 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID c2e07c90c75deddeabec2e2db1299cd4 Date Sat, 14 Oct 2023 12:09:06 GMT Content-Encoding gzip last-modified Fri, 13 Oct 2023 16:37:36 GMT Server nginx/1.13.5 etag W/"65297250-4ae2" ntes-trace-id 575fa9023a16a5b8:575fa9023a16a5b8:0:1 Transfer-Encoding chunked Content-Type application/javascript cache-control max-age=3600 x-envoy-upstream-service-time 0 expires Sat, 14 Oct 2023 13:09:06 GMT
GET H/1.1	200 OK	marcket.js Show response buff.163.com/js/	4 KB 1 KB	686ms 593ms	Script application/javascript	34.252.57.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://buff.163.com/js/marcket.js?20220706 Requested by Host: buff.163.com URL: https://buff.163.com/s/goods.html?game=tf2&goods_id=798055 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.252.57.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-252-57-28.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `cd294da2fd54e61259552a9dbda18295d8cd4673ee8167053a7984dc7afb3009` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/s/goods.html?game=tf2&goods_id=798055 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID 9500164f3f277c9e6012aea589155a3b Date Sat, 14 Oct 2023 12:09:06 GMT Content-Encoding gzip last-modified Fri, 13 Oct 2023 16:37:36 GMT Server nginx/1.13.5 etag W/"65297250-f86" ntes-trace-id e8ed2e2654f5a8e2:e8ed2e2654f5a8e2:0:1 Transfer-Encoding chunked Content-Type application/javascript cache-control max-age=3600 x-envoy-upstream-service-time 0 expires Sat, 14 Oct 2023 13:09:06 GMT
GET H/1.1	200 OK	info Show response buff.163.com/api/market/goods/	2 KB 2 KB	615ms 615ms	XHR application/json	34.252.57.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://buff.163.com/api/market/goods/info?game=tf2&goods_id=798055 Requested by Host: buff.163.com URL: https://buff.163.com/js/lib.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.252.57.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-252-57-28.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `09660457c47ee22930718ede706adff781e945f661142e7587e299b8f16d0112` Request headers Accept / Referer https://buff.163.com/s/goods.html?game=tf2&goods_id=798055 X-Requested-With XMLHttpRequest accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID 1a0d84fb6e2b07195288a5c0ae064bfd Date Sat, 14 Oct 2023 12:09:07 GMT Content-Encoding gzip Server nginx/1.13.5 ntes-trace-id 875d0e483e0edf6f:875d0e483e0edf6f:0:1 Transfer-Encoding chunked Content-Type application/json x-envoy-upstream-service-time 19
GET H/1.1	200 OK	pic_null.png buff.163.com/images/icons/	5 KB 6 KB	596ms 596ms	Image image/png	34.252.57.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://buff.163.com/images/icons/pic_null.png Requested by Host: buff.163.com URL: https://buff.163.com/css/style.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.252.57.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-252-57-28.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `561cd661faddb1a8c76aa96c23505a04d55a375b306d75755e9d197b6e8fc583` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/css/style.min.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID 27eb2e1206dad83086c576870e86c620 Date Sat, 14 Oct 2023 12:09:07 GMT last-modified Fri, 13 Oct 2023 16:37:36 GMT Server nginx/1.13.5 etag "65297250-14d0" ntes-trace-id 8b5f28cf83a00935:8b5f28cf83a00935:0:1 Content-Type image/png cache-control max-age=3600 x-envoy-upstream-service-time 1 accept-ranges bytes Content-Length 5328 expires Sat, 14 Oct 2023 13:09:06 GMT
GET H/1.1	200 OK	head_bg_csgo.jpg buff.163.com/images/bg/	7 KB 7 KB	593ms 593ms	Image image/jpeg	34.252.57.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://buff.163.com/images/bg/head_bg_csgo.jpg Requested by Host: buff.163.com URL: https://buff.163.com/css/style.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.252.57.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-252-57-28.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `6f0fa9e4a33ee3e1603156fc62dab11ffbc339ffd684503a70ae76b9b4dda083` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/css/style.min.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID 4ac7f3f8933b0ce8fecfd960f7d4529c Date Sat, 14 Oct 2023 12:09:07 GMT last-modified Fri, 13 Oct 2023 16:37:36 GMT Server nginx/1.13.5 etag "65297250-1b2c" ntes-trace-id b490d2373ea00260:b490d2373ea00260:0:1 Content-Type image/jpeg cache-control max-age=3600 x-envoy-upstream-service-time 0 accept-ranges bytes Content-Length 6956 expires Sat, 14 Oct 2023 13:09:07 GMT
GET H/1.1	200 OK	thum_bg.png buff.163.com/images/bg/	5 KB 6 KB	601ms 601ms	Image image/png	34.252.57.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://buff.163.com/images/bg/thum_bg.png Requested by Host: buff.163.com URL: https://buff.163.com/css/style.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.252.57.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-252-57-28.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `5c1d5ad5b4a356d739d4ebcf152933d41b574443ec0e2c7296efd6f64daac5fc` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/css/style.min.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID 609de3393596b25ee810786c4618ffe0 Date Sat, 14 Oct 2023 12:09:07 GMT last-modified Fri, 13 Oct 2023 16:37:36 GMT Server nginx/1.13.5 etag "65297250-14b1" ntes-trace-id fada77ef536524c5:fada77ef536524c5:0:1 Content-Type image/png cache-control max-age=3600 x-envoy-upstream-service-time 0 accept-ranges bytes Content-Length 5297 expires Sat, 14 Oct 2023 13:09:07 GMT
GET H/1.1	200 OK	sell_order Show response buff.163.com/api/market/goods/	19 KB 2 KB	603ms 603ms	XHR application/json	34.252.57.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://buff.163.com/api/market/goods/sell_order?game=tf2&goods_id=798055&page_num=1&page_size=20 Requested by Host: buff.163.com URL: https://buff.163.com/js/lib.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.252.57.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-252-57-28.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `d1a3ed27b5b2b108164cf8d7cb274fb45c13c462e5235a08ce5c9c0f34028a14` Request headers Accept / Referer https://buff.163.com/s/goods.html?game=tf2&goods_id=798055 X-Requested-With XMLHttpRequest accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID 85e819265217ab36075fb3cb87ce430d Date Sat, 14 Oct 2023 12:09:07 GMT Content-Encoding gzip Server nginx/1.13.5 ntes-trace-id dd6734374794d50d:dd6734374794d50d:0:1 Transfer-Encoding chunked Content-Type application/json x-envoy-upstream-service-time 13
GET H/1.1	200 OK	logo@2x.png buff.163.com/images/site/	2 KB 2 KB	594ms 594ms	Image image/png	34.252.57.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://buff.163.com/images/site/logo@2x.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.252.57.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-252-57-28.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `58cfd7822c170dd18135a3ae4f85022dc350fd74a25bc805e1fd5f4344e2360a` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/s/goods.html?game=tf2&goods_id=798055 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID 6d533de66a9e28715bda786e021e06e3 Date Sat, 14 Oct 2023 12:09:07 GMT last-modified Fri, 13 Oct 2023 16:37:36 GMT Server nginx/1.13.5 etag "65297250-68f" ntes-trace-id dfc20aea32fd7b5:dfc20aea32fd7b5:0:1 Content-Type image/png cache-control max-age=3600 x-envoy-upstream-service-time 0 accept-ranges bytes Content-Length 1679 expires Sat, 14 Oct 2023 13:09:07 GMT
GET H2	200	5eddf65c96dee4ee61ae26fa1TULALtT02 g.fp.ps.netease.com/market/file/	48 KB 49 KB	313ms 21ms	Image image/png	2a02:26f0:480:6bc::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/5eddf65c96dee4ee61ae26fa1TULALtT02 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:480:6bc::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `17e4b64ac3da03a8f54651a645b4715db3d69946a0d49fa7619eccea30256d24` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 14 Oct 2023 12:09:07 GMT last-modified Mon, 08 Jun 2020 08:27:08 GMT server nginx/1.14.2 content-md5 ea07e11884b02dd03d80758d3794b259 etag "BfmktyOehUy:49430" content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=54158 x-cache-ip 2a02:26f0:480:6bc::31fc content-length 49430
GET H2	200	5eddf65c96dee4ee61ae26fa1TULALtT02 g.fp.ps.netease.com/market/file/	48 KB 49 KB	21ms 21ms	Image image/png	2a02:26f0:480:6bc::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/5eddf65c96dee4ee61ae26fa1TULALtT02 Requested by Host: buff.163.com URL: https://buff.163.com/js/lib.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:480:6bc::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `17e4b64ac3da03a8f54651a645b4715db3d69946a0d49fa7619eccea30256d24` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 14 Oct 2023 12:09:07 GMT last-modified Mon, 08 Jun 2020 08:27:08 GMT server nginx/1.14.2 content-md5 ea07e11884b02dd03d80758d3794b259 etag "BfmktyOehUy:49430" content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=54158 x-cache-ip 2a02:26f0:480:6bc::31fc content-length 49430
GET H2	200	646d3a2ebb51423998862c2breEoFhOE04 market.fp.ps.netease.com/file/	3 KB 4 KB	1133ms 219ms	Image image/jpeg	2602:ffe4:c49:0:3::3fa ZEN-ECN
General Check archive.org Show headers Download Go to Show image Full URL https://market.fp.ps.netease.com/file/646d3a2ebb51423998862c2breEoFhOE04 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2602:ffe4:c49:0:3::3fa , United States, ASN21859 (ZEN-ECN, US), Reverse DNS Software Tengine / Resource Hash `58f08592a940bcd85a9620b52c262b6ce1cd7a4b6cb6a3b6494028614794d2b2` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Fri, 13 Oct 2023 01:34:04 GMT via cache29.l2vn1[0,0,304-0,H], cache17.l2vn1[2,0], cache12.vn15[0,0,200-0,H], cache3.vn15[2,0] content-md5 fafa340202b7f16015984c90062f7b2a age 124504 x-swift-cachetime 172672 ntes-trace-id 8a111aac2b1a6d54:8a111aac2b1a6d54:0:1 x-cache HIT TCP_HIT dirn:12:880596344 x-swift-savetime Fri, 13 Oct 2023 01:36:12 GMT content-length 3409 x-trace-id 44b7725cbee0aa21b9126828e6d1fb39 last-modified Tue, 23 May 2023 22:11:58 GMT server Tengine etag "646d3a2ebb51423998862c2cphFp:3409" ali-swift-global-savetime 1697160844 content-type image/jpeg; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=172800 x-cache-ip 2602:ffe4:c49:0:3::3fa timing-allow-origin * eagleid 6b9b3e1716972853487422143e
GET H2	200	64da7a3d612e991441ad6b7fxeqZpuCY05 market.fp.ps.netease.com/file/	12 KB 12 KB	1338ms 424ms	Image image/jpeg	2602:ffe4:c49:0:3::3fa ZEN-ECN
General Check archive.org Show headers Download Go to Show image Full URL https://market.fp.ps.netease.com/file/64da7a3d612e991441ad6b7fxeqZpuCY05 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2602:ffe4:c49:0:3::3fa , United States, ASN21859 (ZEN-ECN, US), Reverse DNS Software Tengine / Resource Hash `04429e65cbc0ffb2dc26fb623098b33938c1d006cd22fdbe4293b8fe043cecb2` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Fri, 13 Oct 2023 15:19:00 GMT via cache34.l2vn1[0,0,206-0,H], cache39.l2vn1[1,0], cache14.vn15[0,0,200-0,H], cache3.vn15[1,0] content-md5 fba516f59c363093817c4c2b9e16d6cb age 75008 x-swift-cachetime 97883 x-cache HIT TCP_MEM_HIT dirn:13:532626867 x-swift-savetime Sat, 14 Oct 2023 12:07:37 GMT content-length 12409 last-modified Mon, 14 Aug 2023 19:02:21 GMT server Tengine etag "64da7a3d612e991441ad6b809CSX:12409" ali-swift-global-savetime 1697210340 content-type image/jpeg; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=172800 x-cache-ip 2602:ffe4:c49:0:3::3fa timing-allow-origin * eagleid 6b9b3e1716972853487432146e
GET H/1.1	200 OK	icon_p2pdelivery@3x.png buff.163.com/images/icons/	2 KB 2 KB	584ms 583ms	Image image/png	34.252.57.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://buff.163.com/images/icons/icon_p2pdelivery@3x.png Requested by Host: buff.163.com URL: https://buff.163.com/css/style.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.252.57.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-252-57-28.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `cc2d49310a80c173b25afbe9aab157bb4e735543a202c2b91a81faace04a23e3` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/css/style.min.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID d0e819208aeab46c106fcf5ad9802bce Date Sat, 14 Oct 2023 12:09:08 GMT last-modified Fri, 13 Oct 2023 16:37:36 GMT Server nginx/1.13.5 etag "65297250-6f9" ntes-trace-id 195cb102a377dd2f:195cb102a377dd2f:0:1 Content-Type image/png cache-control max-age=3600 x-envoy-upstream-service-time 0 accept-ranges bytes Content-Length 1785 expires Sat, 14 Oct 2023 13:09:08 GMT
GET H/1.1	200 OK	icon_Pay_Alipay_grey.png buff.163.com/images/icons/	895 B 1 KB	593ms 593ms	Image image/png	34.252.57.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://buff.163.com/images/icons/icon_Pay_Alipay_grey.png Requested by Host: buff.163.com URL: https://buff.163.com/css/style.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.252.57.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-252-57-28.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `86b0bea839f89189be487db3aa7daf1c6358193160da80e204a4b15dcc5f85e8` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/css/style.min.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID 2fcc688812cef93d33b0561e884cf290 Date Sat, 14 Oct 2023 12:09:08 GMT last-modified Fri, 13 Oct 2023 16:37:36 GMT Server nginx/1.13.5 etag "65297250-37f" ntes-trace-id 5249f4adb40dc138:5249f4adb40dc138:0:1 Content-Type image/png cache-control max-age=3600 x-envoy-upstream-service-time 0 accept-ranges bytes Content-Length 895 expires Sat, 14 Oct 2023 13:09:08 GMT
GET H/1.1	200 OK	icon_Pay_otherspay_grey.png buff.163.com/images/icons/	820 B 1 KB	594ms 594ms	Image image/png	34.252.57.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://buff.163.com/images/icons/icon_Pay_otherspay_grey.png Requested by Host: buff.163.com URL: https://buff.163.com/css/style.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.252.57.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-252-57-28.eu-west-1.compute.amazonaws.com Software nginx/1.13.5 / Resource Hash `833a3b7a1ed72b9130f2e1753f45e5b590c1387af9ac155585b156f262e4c4b3` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buff.163.com/css/style.min.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers X-Trace-ID d60f04118dafb95c7d57169c47f7d462 Date Sat, 14 Oct 2023 12:09:08 GMT last-modified Fri, 13 Oct 2023 16:37:36 GMT Server nginx/1.13.5 etag "65297250-334" ntes-trace-id 37484e4efdb62dcf:37484e4efdb62dcf:0:1 Content-Type image/png cache-control max-age=3600 x-envoy-upstream-service-time 0 accept-ranges bytes Content-Length 820 expires Sat, 14 Oct 2023 13:09:08 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
buff.163.com/	1969-12-31 23:59:59	Name: client_id Value: _B5pAJUpnxq9dGIKpJn9Xg
buff.163.com/	1970-01-21 01:04:05	Name: Device-Id Value: aezXLdOMRGfl2Mb6rskD
buff.163.com/	1969-12-31 23:59:59	Name: csrf_token Value: IjkzMDI4MzAwMzkzMTNiNzRhZTMwMDdhNWM1MzRhMTI0YmFiZDBjOTUi.GAwWYw.DogLvkc3QGH-1dgHdmHvBWNbtis

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buff.163.com
g.fp.ps.netease.com
ghjhgjhgjhg.com
market.fp.ps.netease.com
2602:ffe4:c49:0:3::3fa
2a02:26f0:480:6bc::31fc
2a06:98c1:3120::3
34.252.57.28
04429e65cbc0ffb2dc26fb623098b33938c1d006cd22fdbe4293b8fe043cecb2
09660457c47ee22930718ede706adff781e945f661142e7587e299b8f16d0112
17e4b64ac3da03a8f54651a645b4715db3d69946a0d49fa7619eccea30256d24
1b6cd68df8cd77fba17c102ae045ab38c3511e9887d476491d6dc0473fbfe021
4d58bd1753536b259477b658bf9f9f0ae1f2b74573fed9ad7caf7e3dd7cfe0f1
561cd661faddb1a8c76aa96c23505a04d55a375b306d75755e9d197b6e8fc583
58cfd7822c170dd18135a3ae4f85022dc350fd74a25bc805e1fd5f4344e2360a
58f08592a940bcd85a9620b52c262b6ce1cd7a4b6cb6a3b6494028614794d2b2
5c1d5ad5b4a356d739d4ebcf152933d41b574443ec0e2c7296efd6f64daac5fc
6f0fa9e4a33ee3e1603156fc62dab11ffbc339ffd684503a70ae76b9b4dda083
833a3b7a1ed72b9130f2e1753f45e5b590c1387af9ac155585b156f262e4c4b3
86b0bea839f89189be487db3aa7daf1c6358193160da80e204a4b15dcc5f85e8
b4b30577f27d467f600fe8e778acee2784ce56b90fbe7ceb24e04a15ab2519a4
cc2d49310a80c173b25afbe9aab157bb4e735543a202c2b91a81faace04a23e3
cd294da2fd54e61259552a9dbda18295d8cd4673ee8167053a7984dc7afb3009
d0c7050ca6b580c7bfc5294ecad381f5ae6c9febf6c32e31bae20744650cbf04
d1a3ed27b5b2b108164cf8d7cb274fb45c13c462e5235a08ce5c9c0f34028a14

buff.163.com Open in urlscan Pro 34.252.57.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

18 Requests

100 %HTTPS

75 %IPv6

3 Domains

4 Subdomains

3 IPs

3 Countries

208 kBTransfer

352 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

3 Cookies

Indicators

buff.163.com Open in urlscan Pro
34.252.57.28 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

208 kB
Transfer

352 kB
Size

3
Cookies

18 HTTP transactions
0 data transactions