urlscan.io logo urlscan.io
SecurityTrails logo

www.131313.com Open in urlscan Pro
154.209.246.99  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sitelogrs.com/etiquette.FigaroVox.Chauffage/meeeerede/Croates/Covert
Effective URL: https://www.131313.com/
Submission: On January 05 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 154.209.246.99, located in Hong Kong and belongs to ANCHNET Shanghai Anchang Network Security Technology Co.,Ltd., CN. The main domain is www.131313.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 16th 2019. Valid for: 3 months.
This is the only time www.131313.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 154.211.56.23 134705 (ITACE-AS-...)
3 23.106.186.33 7203 (LEASEWEB-...)
4 103.235.46.191 55967 (CNNIC-BAI...)
2 154.209.246.99 58879 (ANCHNET S...)
12 5
3    154.211.56.23 (Hong Kong)

ASN134705 (ITACE-AS-AP Itace International Limited, HK)
sitelogrs.com
www.sitelogrs.com
3    23.106.186.33 (Phoenix, United States)

ASN7203 (LEASEWEB-USA-SFO-12 - Leaseweb USA, Inc., US)
PTR: mta35.inboxguru.us
1618111.com
4    103.235.46.191 (Hong Kong)

ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
2    154.209.246.99 (Hong Kong)

ASN58879 (ANCHNET Shanghai Anchang Network Security Technology Co.,Ltd., CN)
www.131313.com
Apex Domain
Subdomains		 Transfer
4 baidu.com
push.zhanzhang.baidu.com Failed
hm.baidu.com
28 KB
3 1618111.com
1618111.com
6 KB
3 sitelogrs.com
sitelogrs.com
www.sitelogrs.com
2 KB
2 131313.com
www.131313.com
11 KB
12 4
Domain Requested by
4 hm.baidu.com 1618111.com
www.sitelogrs.com
3 1618111.com www.sitelogrs.com
1618111.com
2 www.131313.com www.131313.com
2 www.sitelogrs.com www.sitelogrs.com
1 sitelogrs.com 1 redirects
0 push.zhanzhang.baidu.com Failed www.sitelogrs.com
12 6

This site contains no links.

Subject Issuer Validity Valid
1618111.com
Let's Encrypt Authority X3		 2019-12-29 -
2020-03-28		 3 months crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2019-10-24 -
2020-06-25		 8 months crt.sh
*.131313.com
Let's Encrypt Authority X3		 2019-11-16 -
2020-02-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.131313.com/
Frame ID: BC792DB832846B9E21BEA7EC647856AC
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://sitelogrs.com/etiquette.FigaroVox.Chauffage/meeeerede/Croates/Covert HTTP 301
    http://www.sitelogrs.com/etiquette.FigaroVox.Chauffage/meeeerede/Croates/Covert Page URL
  2. https://1618111.com/cp.html Page URL
  3. https://www.131313.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Tengine/i

Page Statistics

12
Requests

75 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

46 kB
Transfer

108 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sitelogrs.com/etiquette.FigaroVox.Chauffage/meeeerede/Croates/Covert HTTP 301
    http://www.sitelogrs.com/etiquette.FigaroVox.Chauffage/meeeerede/Croates/Covert Page URL
  2. https://1618111.com/cp.html Page URL
  3. https://www.131313.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://sitelogrs.com/etiquette.FigaroVox.Chauffage/meeeerede/Croates/Covert HTTP 301
  • http://www.sitelogrs.com/etiquette.FigaroVox.Chauffage/meeeerede/Croates/Covert

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Covert
www.sitelogrs.com/etiquette.FigaroVox.Chauffage/meeeerede/Croates/
Redirect Chain
  • http://sitelogrs.com/etiquette.FigaroVox.Chauffage/meeeerede/Croates/Covert
  • http://www.sitelogrs.com/etiquette.FigaroVox.Chauffage/meeeerede/Croates/Covert
1 KB
981 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.sitelogrs.com/etiquette.FigaroVox.Chauffage/meeeerede/Croates/Covert
Protocol
HTTP/1.1
Server
154.211.56.23 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Tengine / PHP/7.0.19
Resource Hash
68a3d96a6430983b290272cd9f5fb658cd86ff8674ecf3111a82d2872e4d17ea

Request headers

Host
www.sitelogrs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Server
Tengine
Date
Sun, 05 Jan 2020 17:34:14 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.0.19
Content-Encoding
gzip

Redirect headers

Server
Tengine
Date
Sun, 05 Jan 2020 17:34:14 GMT
Content-Type
text/html
Content-Length
278
Connection
keep-alive
Location
http://www.sitelogrs.com/etiquette.FigaroVox.Chauffage/meeeerede/Croates/Covert
commons.js
1618111.com/ 		1 KB
793 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1618111.com/commons.js
Requested by
Host: www.sitelogrs.com
URL: http://www.sitelogrs.com/etiquette.FigaroVox.Chauffage/meeeerede/Croates/Covert
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.106.186.33 Phoenix, United States, ASN7203 (LEASEWEB-USA-SFO-12 - Leaseweb USA, Inc., US),
Reverse DNS
mta35.inboxguru.us
Software
tengine /
Resource Hash
efb4f12d45010aa85c87513440c16e37439464ca355e1ca6f4341d7ef93289ee

Request headers

Referer
http://www.sitelogrs.com/etiquette.FigaroVox.Chauffage/meeeerede/Croates/Covert
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 05 Jan 2020 17:34:19 GMT
content-encoding
gzip
last-modified
Fri, 06 Dec 2019 12:57:46 GMT
server
tengine
etag
W/"5dea504a-4d5"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=43200
expires
Mon, 06 Jan 2020 05:34:19 GMT
tj.js
www.sitelogrs.com/ 		252 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.sitelogrs.com/tj.js
Requested by
Host: www.sitelogrs.com
URL: http://www.sitelogrs.com/etiquette.FigaroVox.Chauffage/meeeerede/Croates/Covert
Protocol
HTTP/1.1
Server
154.211.56.23 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software
Tengine /
Resource Hash
ca4c7966b931ebfbfc72027a5770ba36d037a005322ca7b3cdb5caa45fb71032

Request headers

Referer
http://www.sitelogrs.com/etiquette.FigaroVox.Chauffage/meeeerede/Croates/Covert
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 05 Jan 2020 17:34:15 GMT
Last-Modified
Wed, 04 Dec 2019 08:37:02 GMT
Server
Tengine
ETag
"5de7702e-fc"
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
252
Expires
Mon, 06 Jan 2020 05:34:15 GMT
push.js
push.zhanzhang.baidu.com/ 		0
0
hm.js
hm.baidu.com/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?abd9011e1c36d2ee920cddc990417ac6
Requested by
Host: 1618111.com
URL: https://1618111.com/commons.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
9425b388de43502f03d04240e9640ee7b075f8a7eee756038d254e0abc61344d
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
http://www.sitelogrs.com/etiquette.FigaroVox.Chauffage/meeeerede/Croates/Covert
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 05 Jan 2020 17:34:20 GMT
Content-Encoding
gzip
Server
apache
Etag
081eccb678a37cc0e654b7160862a256
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
13379
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1416624903&si=abd9011e1c36d2ee920cddc990417ac6&v=1.2.67&lv=1&sn=31791&ct=!!&tt=%E4%BA%91%E6%9E%97%E5%8E%BF%E5%A4%AA%E5%B9%B3%E6%97%BA%E8%8C%82%E9%A5%B2%E6%96%99%E7%BB%8F%E8%90%A5%E9%83%A8
Requested by
Host: www.sitelogrs.com
URL: http://www.sitelogrs.com/etiquette.FigaroVox.Chauffage/meeeerede/Croates/Covert
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
http://www.sitelogrs.com/etiquette.FigaroVox.Chauffage/meeeerede/Croates/Covert
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Jan 2020 17:34:21 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
cp.html
1618111.com/ 		1 KB
813 B 		Document
General
Check archive.org
Download Go to
Full URL
https://1618111.com/cp.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.106.186.33 Phoenix, United States, ASN7203 (LEASEWEB-USA-SFO-12 - Leaseweb USA, Inc., US),
Reverse DNS
mta35.inboxguru.us
Software
tengine /
Resource Hash
b4e778b710f42a8c8943ae05c84b81c55d4d83d3b139c1281e76ba3fff57de84

Request headers

:method
GET
:authority
1618111.com
:scheme
https
:path
/cp.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://www.sitelogrs.com/etiquette.FigaroVox.Chauffage/meeeerede/Croates/Covert
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
http://www.sitelogrs.com/etiquette.FigaroVox.Chauffage/meeeerede/Croates/Covert

Response headers

status
200
server
tengine
date
Sun, 05 Jan 2020 17:34:30 GMT
content-type
text/html
last-modified
Sun, 14 Jul 2019 05:07:37 GMT
vary
Accept-Encoding
etag
W/"5d2ab899-4de"
content-encoding
gzip
hm.js
hm.baidu.com/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?07a9990d8a9c7fc42e9eaa711909ed83
Requested by
Host: 1618111.com
URL: https://1618111.com/cp.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
13737eaebff52b434e19fd0e9fd2760ca135e9e97f341c0c5cbb0aa2995c9232
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://1618111.com/cp.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 05 Jan 2020 17:34:30 GMT
Content-Encoding
gzip
Server
apache
Etag
d93be11d38c139f441a0df2af33753aa
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
13381
load.gif
1618111.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1618111.com/load.gif
Requested by
Host: 1618111.com
URL: https://1618111.com/cp.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.106.186.33 Phoenix, United States, ASN7203 (LEASEWEB-USA-SFO-12 - Leaseweb USA, Inc., US),
Reverse DNS
mta35.inboxguru.us
Software
tengine /
Resource Hash
794e941edf03c7f1c77ac1308cb5aaf80ac35e889f6b2a942d5081d6063c924b

Request headers

Referer
https://1618111.com/cp.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 05 Jan 2020 17:34:30 GMT
last-modified
Thu, 04 Jul 2019 08:32:40 GMT
server
tengine
etag
"5d1db9a8-1233"
content-type
image/gif
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4659
expires
Tue, 04 Feb 2020 17:34:30 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1004850674&si=07a9990d8a9c7fc42e9eaa711909ed83&su=http%3A%2F%2Fwww.sitelogrs.com%2Fetiquette.FigaroVox.Chauffage%2Fmeeeerede%2FCroates%2FCovert&v=1.2.67&lv=1&sn=31801&ct=!!
Requested by
Host: 1618111.com
URL: https://1618111.com/cp.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://1618111.com/cp.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Jan 2020 17:34:31 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
Primary Request /
www.131313.com/ 		15 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.131313.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.209.246.99 , Hong Kong, ASN58879 (ANCHNET Shanghai Anchang Network Security Technology Co.,Ltd., CN),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
d04e835e87c06141f5af584dd85943fbd26c2e51f43c49200228845b76d3af6c

Request headers

:method
GET
:authority
www.131313.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://1618111.com/cp.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://1618111.com/cp.html

Response headers

status
200
date
Sun, 05 Jan 2020 17:34:33 GMT
content-type
text/html; charset=utf-8
expires
Sun, 05 Jan 2020 17:34:32 GMT
cache-control
no-cache no-store no-cache max-age=0
content-encoding
gzip
server
nginx/1.17.3
guard_cache
BYPASS
configjs.js
www.131313.com/static/data/ 		28 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.131313.com/static/data/configjs.js
Requested by
Host: www.131313.com
URL: https://www.131313.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.209.246.99 , Hong Kong, ASN58879 (ANCHNET Shanghai Anchang Network Security Technology Co.,Ltd., CN),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
8d62c1f0a7b5704e7aaba8f463ea4330a31f133b8250b2f1cf21d0334a8a15bc

Request headers

Referer
https://www.131313.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 05 Jan 2020 17:34:33 GMT
last-modified
Sun, 27 Jan 2019 03:06:41 GMT
server
nginx/1.17.3
etag
"5c4d2041-1c"
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=10800
accept-ranges
bytes
guard_cache
MISS
content-length
28
expires
Sun, 05 Jan 2020 20:34:33 GMT
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a3022dc00c0d68520e04e0daf6bc3c20402caa6fb473b275c58474043dee22a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
push.zhanzhang.baidu.com
URL
http://push.zhanzhang.baidu.com/push.js

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| CONFIG_MAP function| BBOnlineService

0 Cookies