ad.winrar.com.cn Open in urlscan Pro
219.128.79.155  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set show_2.html Show response ad.winrar.com.cn/	3 KB 2 KB	3558ms 1747ms	Document text/html	219.128.79.155 CT-FOSHAN-IDC CHI...
General Check archive.org Show headers Download Go to Full URL http://ad.winrar.com.cn/show_2.html?L=7&bl=7&v=571personal&a=64&src=pe001 Protocol HTTP/1.1 Server 219.128.79.155 Zhuhai, China, ASN134764 (CT-FOSHAN-IDC CHINANET Guangdong province network, CN), Reverse DNS 155.79.128.219.broad.fs.gd.dynamic.163data.com.cn Software / Resource Hash af3e69d01f93fc30f7f02cf279f575e87214976df545e3ff92cc0fb249d014fc Request headers Host ad.winrar.com.cn Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 13 Mar 2020 08:35:19 GMT Content-Type text/html; charset=utf-8 Cache-Control private, max-age=0, no-cache, no-store, must-revalidate Content-Encoding gzip Pragma no-cache Set-Cookie winrar_2_571personal=%7B%22Guid%22%3A%22fa768ceee24d362b454d49e5db1fbef2%22%2C%22AppName%22%3A%22winrar_2_571personal%22%2C%22Favorite%22%3A%5B%5D%7D; Path=/ X-Cache MISS from 高防 Content-Length 1399
GET H/1.1	200 OK	jquery.min.js Show response apps.bdimg.com/libs/jquery/1.8.3/	91 KB 33 KB	1650ms 1456ms	Script application/x-javascript	36.104.142.49 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL http://apps.bdimg.com/libs/jquery/1.8.3/jquery.min.js Requested by Host: ad.winrar.com.cn URL: http://ad.winrar.com.cn/show_2.html?L=7&bl=7&v=571personal&a=64&src=pe001 Protocol HTTP/1.1 Server 36.104.142.49 Changchun, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software JSP3/2.0.14 / Resource Hash ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32 Request headers Referer http://ad.winrar.com.cn/show_2.html?L=7&bl=7&v=571personal&a=64&src=pe001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 13 Mar 2020 08:35:21 GMT Ohc-Cache-HIT cc2ct56 [4] Ohc-Response-Time 1 0 0 0 0 0 Last-Modified Thu, 21 Mar 2013 03:13:28 GMT Server JSP3/2.0.14 Age 801103 Vary Accept-Encoding Content-Type application/x-javascript Cache-Control max-age=2592000 Transfer-Encoding chunked Connection keep-alive Accept-Ranges bytes Content-Encoding gzip Expires Fri, 03 Apr 2020 02:03:38 GMT
GET H/1.1	200 OK	json2.min.js Show response cdn.staticfile.org/json2/20140204/	3 KB 2 KB	96ms 29ms	Script application/javascript	47.246.48.206 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://cdn.staticfile.org/json2/20140204/json2.min.js Requested by Host: ad.winrar.com.cn URL: http://ad.winrar.com.cn/show_2.html?L=7&bl=7&v=571personal&a=64&src=pe001 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.246.48.206 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash cad748d566493b79033ce00a0c0e6df797a1340a6992f731d283d1440b0e346a Request headers Referer http://ad.winrar.com.cn/show_2.html?L=7&bl=7&v=571personal&a=64&src=pe001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers X-Log X-Log Date Fri, 13 Mar 2020 01:19:32 GMT Content-Encoding gzip Vary Accept-Encoding X-Svr IO Age 26147 X-Cache HIT TCP_MEM_HIT dirn:-2:-2 Content-Transfer-Encoding binary X-Swift-CacheTime 86400 Content-Disposition inline; filename="json2.min.js"; filename*=utf-8' 'json2.min.js Connection keep-alive Content-Length 1296 X-M-Reqid ynAAAO6Sz8BVuPsV Timing-Allow-Origin * X-M-Log QNM:jjh1905;QNM3/304 Last-Modified Tue, 16 Feb 2016 04:26:50 GMT Server Tengine Etag "FoOmq73hbUxyz-FBnXLeNh5KKS-g.gz" Access-Control-Max-Age 2592000 Ali-Swift-Global-Savetime 1569993809 Content-Type application/javascript Via cache18.l2de1[0,200-0,H], cache27.l2de1[1,0], cache6.nl2[0,200-0,H], cache8.nl2[1,0] Access-Control-Expose-Headers X-Log, X-Reqid Cache-Control public, max-age=31536000 Accept-Ranges bytes X-Qiniu-Zone 0 Access-Control-Allow-Origin * X-Qnm-Cache Hit EagleId 2ff6309c15840885196074747e X-Reqid bCAAAABmwxcGvckV X-Swift-SaveTime Fri, 13 Mar 2020 08:35:17 GMT
GET H/1.1	200 OK	jquery.cookie.min.js Show response apps.bdimg.com/libs/jquery.cookie/1.4.1/	1 KB 1 KB	705ms 512ms	Script application/x-javascript	36.104.142.49 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL http://apps.bdimg.com/libs/jquery.cookie/1.4.1/jquery.cookie.min.js Requested by Host: ad.winrar.com.cn URL: http://ad.winrar.com.cn/show_2.html?L=7&bl=7&v=571personal&a=64&src=pe001 Protocol HTTP/1.1 Server 36.104.142.49 Changchun, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software JSP3/2.0.14 / Resource Hash 239011ddd00345611806d77467c81dc5a4c90d15fec6f66357671b73920287dc Request headers Referer http://ad.winrar.com.cn/show_2.html?L=7&bl=7&v=571personal&a=64&src=pe001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 13 Mar 2020 08:35:20 GMT Ohc-Cache-HIT cc2ct54 [4] Ohc-Response-Time 1 1 0 0 0 1 Last-Modified Thu, 07 Jan 2016 09:39:58 GMT Server JSP3/2.0.14 Age 608675 Vary Accept-Encoding Content-Type application/x-javascript Cache-Control max-age=2592000 Transfer-Encoding chunked Connection keep-alive Accept-Ranges bytes Content-Encoding gzip Expires Sun, 05 Apr 2020 07:30:44 GMT
GET H/1.1	200 OK	swfobject.min.js Show response cdn.staticfile.org/swfobject/2.2/	9 KB 5 KB	96ms 30ms	Script application/javascript	47.246.48.206 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://cdn.staticfile.org/swfobject/2.2/swfobject.min.js Requested by Host: ad.winrar.com.cn URL: http://ad.winrar.com.cn/show_2.html?L=7&bl=7&v=571personal&a=64&src=pe001 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.246.48.206 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5 Request headers Referer http://ad.winrar.com.cn/show_2.html?L=7&bl=7&v=571personal&a=64&src=pe001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Content-Encoding gzip Age 26148 X-Swift-CacheTime 86400 Content-Disposition inline; filename="swfobject.min.js"; filename*=utf-8' 'swfobject.min.js X-Swift-SaveTime Fri, 13 Mar 2020 08:35:17 GMT X-M-Reqid umwAAMMr5pBVuPsV X-M-Log QNM:xs441;QNM3:1/304 Etag "FrFeQrxBkXuUVMdvzu20No9g3pDC.gz" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Log, X-Reqid Cache-Control max-age=86400 X-Qiniu-Zone 0 X-Qnm-Cache Hit EagleId 2ff6309b15840885196114493e Expires Sat, 14 Mar 2020 01:19:31 GMT X-Log X-Log Date Fri, 13 Mar 2020 01:19:31 GMT Via cache29.l2de1[0,304-0,H], cache13.l2de1[1,0], cache8.nl2[0,200-0,H], cache7.nl2[0,0] X-Svr IO X-Reqid mPgAAAADne77b-IV Connection keep-alive Content-Transfer-Encoding binary Content-Length 3685 X-Cache HIT TCP_MEM_HIT dirn:11:199879748 Last-Modified Tue, 16 Feb 2016 07:49:36 GMT Server Tengine Access-Control-Max-Age 2592000 Ali-Swift-Global-Savetime 1569910431 Accept-Ranges bytes Timing-Allow-Origin *
GET H/1.1	200 OK	55532846f0f495d648b3fa4f1e20fe5d.jpg ad.winrar.com.cn/static/images/Advicetises/	45 KB 43 KB	288ms 286ms	Image image/jpeg	219.128.79.155 CT-FOSHAN-IDC CHI...
General Check archive.org Show headers Download Go to Show image Full URL http://ad.winrar.com.cn/static/images/Advicetises/55532846f0f495d648b3fa4f1e20fe5d.jpg Requested by Host: ad.winrar.com.cn URL: http://ad.winrar.com.cn/show_2.html?L=7&bl=7&v=571personal&a=64&src=pe001 Protocol HTTP/1.1 Server 219.128.79.155 Zhuhai, China, ASN134764 (CT-FOSHAN-IDC CHINANET Guangdong province network, CN), Reverse DNS 155.79.128.219.broad.fs.gd.dynamic.163data.com.cn Software / Resource Hash 1ee5eaa0b67aba7a759c33adbed4770618b0d84a3d225a1ce5f77fe95d704956 Request headers Referer http://ad.winrar.com.cn/show_2.html?L=7&bl=7&v=571personal&a=64&src=pe001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 07 Mar 2020 16:29:55 GMT Content-Encoding gzip Last-Modified Fri, 06 Mar 2020 14:18:35 GMT X-Cache HIT from 高防 Content-Type image/jpeg Cache-Control max-age=86400 Content-Length 43880 Expires Sun, 08 Mar 2020 16:29:56 GMT
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	38 KB 14 KB	652ms 580ms	Script application/javascript	103.235.46.191 CNNIC-BAIDU-AP Be...
General Check archive.org Show headers Download Go to Full URL http://hm.baidu.com/hm.js?67c3c1e371a2bc5fd6bbb401d602dbc8 Requested by Host: ad.winrar.com.cn URL: http://ad.winrar.com.cn/show_2.html?L=7&bl=7&v=571personal&a=64&src=pe001 Protocol HTTP/1.1 Server 103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash 0d15b42a03dc3ae00baa833bb48bcab946f789eca5468f39c853ae147931e22f Request headers Referer http://ad.winrar.com.cn/show_2.html?L=7&bl=7&v=571personal&a=64&src=pe001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 13 Mar 2020 08:35:21 GMT Content-Encoding gzip Server apache Etag b0be3896e4861bef899ec8c755ea7836 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Cache-Control max-age=0, must-revalidate Content-Type application/javascript Content-Length 13516
GET H/1.1	200 OK	viewadvertise Show response ad.winrar.com.cn/	0 233 B	290ms 289ms	XHR text/plain	219.128.79.155 CT-FOSHAN-IDC CHI...
General Check archive.org Show headers Download Go to Full URL http://ad.winrar.com.cn/viewadvertise?callback=jQuery18307128412846211787_1584088521494&AdvertiseID=6490&AdvertisesType=%E6%95%99%E8%82%B2&appname=winrar_2_571personal&_=1584088521552 Requested by Host: apps.bdimg.com URL: http://apps.bdimg.com/libs/jquery/1.8.3/jquery.min.js Protocol HTTP/1.1 Server 219.128.79.155 Zhuhai, China, ASN134764 (CT-FOSHAN-IDC CHINANET Guangdong province network, CN), Reverse DNS 155.79.128.219.broad.fs.gd.dynamic.163data.com.cn Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer http://ad.winrar.com.cn/show_2.html?L=7&bl=7&v=571personal&a=64&src=pe001 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Fri, 13 Mar 2020 08:35:21 GMT Cache-Control private, max-age=0, no-cache, no-store, must-revalidate Content-Length 0 X-Cache MISS from 高防 Content-Type text/plain; charset=utf-8
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 256 B	428ms 354ms	Image image/gif	103.235.46.191 CNNIC-BAIDU-AP Be...
General Check archive.org Show headers Download Go to Show image Full URL http://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2038695258&si=67c3c1e371a2bc5fd6bbb401d602dbc8&v=1.2.68&lv=1&sn=42037&ct=!!&tt=WinRAR Requested by Host: ad.winrar.com.cn URL: http://ad.winrar.com.cn/show_2.html?L=7&bl=7&v=571personal&a=64&src=pe001 Protocol HTTP/1.1 Server 103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://ad.winrar.com.cn/show_2.html?L=7&bl=7&v=571personal&a=64&src=pe001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Fri, 13 Mar 2020 08:35:22 GMT Cache-Control private, max-age=0, no-cache X-Content-Type-Options nosniff Server apache Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 256 B	351ms 350ms	Image image/gif	103.235.46.191 CNNIC-BAIDU-AP Be...
General Check archive.org Show headers Download Go to Show image Full URL http://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=winrar_2_571personal*view*40&et=4&ja=0&ln=en-us&lo=0&rnd=1606351680&si=67c3c1e371a2bc5fd6bbb401d602dbc8&v=1.2.68&lv=1&api=8_0&sn=42037 Requested by Host: ad.winrar.com.cn URL: http://ad.winrar.com.cn/show_2.html?L=7&bl=7&v=571personal&a=64&src=pe001 Protocol HTTP/1.1 Server 103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://ad.winrar.com.cn/show_2.html?L=7&bl=7&v=571personal&a=64&src=pe001 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Fri, 13 Mar 2020 08:35:22 GMT Cache-Control private, max-age=0, no-cache X-Content-Type-Options nosniff Server apache Content-Length 43 Content-Type image/gif

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| swfobject object| _hmt function| bodyOnClick function| OnClickHerf undefined| jQuery18307128412846211787_1584088521494 boolean| _bdhm_loaded_67c3c1e371a2bc5fd6bbb401d602dbc8 object| mini_tangram_log_1s2j8g object| mini_tangram_log_pwgpvt

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ad.winrar.com.cn/	1969-12-31 23:59:59	Name: Hm_lpvt_67c3c1e371a2bc5fd6bbb401d602dbc8 Value: 1584088522
			.ad.winrar.com.cn/	1970-01-19 16:47:04	Name: Hm_lvt_67c3c1e371a2bc5fd6bbb401d602dbc8 Value: 1584088522

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.winrar.com.cn
apps.bdimg.com
cdn.staticfile.org
hm.baidu.com
103.235.46.191
219.128.79.155
36.104.142.49
47.246.48.206
0d15b42a03dc3ae00baa833bb48bcab946f789eca5468f39c853ae147931e22f
1ee5eaa0b67aba7a759c33adbed4770618b0d84a3d225a1ce5f77fe95d704956
239011ddd00345611806d77467c81dc5a4c90d15fec6f66357671b73920287dc
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5
af3e69d01f93fc30f7f02cf279f575e87214976df545e3ff92cc0fb249d014fc
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
cad748d566493b79033ce00a0c0e6df797a1340a6992f731d283d1440b0e346a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855