urlscan.io logo urlscan.io
SecurityTrails logo

bbs.star-skin.cn Open in urlscan Pro
103.149.201.136  Public Scan

Go To Rescan Add Verdict Report
URL: https://bbs.star-skin.cn/
Submission Tags: phishingrod
Submission: On December 28 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 103.149.201.136, located in Hong Kong and belongs to HFTCL-AS-AP High Family Technology Co., Limited, HK. The main domain is bbs.star-skin.cn.
TLS certificate: Issued by R3 on December 27th 2023. Valid for: 3 months.
This is the only time bbs.star-skin.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 103.149.201.136 142032 (HFTCL-AS-...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
13 4
Apex Domain
Subdomains		 Transfer
8 star-skin.cn
bbs.star-skin.cn
pic-up.star-skin.cn
632 KB
3 shanrenyi.top
assets.shanrenyi.top
20 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5770
12 KB
1 i-meto.com
api.i-meto.com
546 B
13 4
Domain Requested by
7 bbs.star-skin.cn bbs.star-skin.cn
3 assets.shanrenyi.top bbs.star-skin.cn
2 challenges.cloudflare.com 1 redirects bbs.star-skin.cn
1 pic-up.star-skin.cn bbs.star-skin.cn
1 api.i-meto.com assets.shanrenyi.top
13 5

This site contains no links.

Subject Issuer Validity Valid
bbs.star-skin.cn
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
assets.shanrenyi.top
R3		 2023-12-09 -
2024-03-08		 3 months crt.sh
i-meto.com
E1		 2023-12-25 -
2024-03-24		 3 months crt.sh
star-skin.cn
GTS CA 1P5		 2023-12-17 -
2024-03-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bbs.star-skin.cn/
Frame ID: FBDD5E4BAD6D3636CBB08521875BDE54
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

StarSkin 论坛

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div id="flarum-loading"
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

13
Requests

92 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

665 kB
Transfer

1666 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/74bd6362/api.js?render=explicit

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bbs.star-skin.cn/ 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bbs.star-skin.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.149.201.136 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx / Flarum
Resource Hash
d88001875b262468c62f28b9a706792a0f1f16581c1c68ae7d18c5f1c2afcd8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 28 Dec 2023 00:11:37 GMT
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-csrf-token
jDAlEnF6P6TEImnnERDUwxq45OtTDFSaJQT7D4Iw
x-powered-by
Flarum
forum.css
bbs.star-skin.cn/assets/ 		243 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bbs.star-skin.cn/assets/forum.css?v=03a5d028
Requested by
Host: bbs.star-skin.cn
URL: https://bbs.star-skin.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.149.201.136 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
bcd63cf5159aa03bd31575e8a68f90a6355f67645481e6a692927b15bd6532a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbs.star-skin.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 00:11:37 GMT
content-encoding
gzip
last-modified
Fri, 01 Dec 2023 10:35:40 GMT
server
nginx
etag
W/"6569b6fc-3ca6e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
forum.js
bbs.star-skin.cn/assets/ 		973 KB
289 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bbs.star-skin.cn/assets/forum.js?v=060267e5
Requested by
Host: bbs.star-skin.cn
URL: https://bbs.star-skin.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.149.201.136 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
2d9854ffe0fb2add71c09762ad7d18b921ab10e72efe8d4735a613afeb794d3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbs.star-skin.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 00:11:37 GMT
content-encoding
gzip
last-modified
Fri, 01 Dec 2023 10:35:37 GMT
server
nginx
etag
W/"6569b6f9-f33c1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
forum-zh-Hans.js
bbs.star-skin.cn/assets/ 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bbs.star-skin.cn/assets/forum-zh-Hans.js?v=992d40f8
Requested by
Host: bbs.star-skin.cn
URL: https://bbs.star-skin.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.149.201.136 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
1b467bd9e7de2e0509e9989b603151405bfa82352647c2a2cbb9b5218045761c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbs.star-skin.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 00:11:37 GMT
content-encoding
gzip
last-modified
Fri, 01 Dec 2023 10:35:38 GMT
server
nginx
etag
W/"6569b6fa-adea"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
fa-brands-400.woff2
bbs.star-skin.cn/assets/extensions/blomstra-fontawesome/fontawesome-6-free/ 		103 KB
103 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bbs.star-skin.cn/assets/extensions/blomstra-fontawesome/fontawesome-6-free/fa-brands-400.woff2
Requested by
Host: bbs.star-skin.cn
URL: https://bbs.star-skin.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.149.201.136 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
404c746c8f7e3f9b7611a8f23d908c1a32a5c972236b9d89bb68b05d9bf4b905

Request headers

Referer
https://bbs.star-skin.cn/
Origin
https://bbs.star-skin.cn
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 00:11:37 GMT
last-modified
Sun, 12 Nov 2023 01:46:29 GMT
server
nginx
etag
"65502e75-19c40"
content-type
font/woff2
cache-control
max-age=2592000
accept-ranges
bytes
content-length
105536
fa-regular-400.woff2
bbs.star-skin.cn/assets/extensions/blomstra-fontawesome/fontawesome-6-free/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bbs.star-skin.cn/assets/extensions/blomstra-fontawesome/fontawesome-6-free/fa-regular-400.woff2
Requested by
Host: bbs.star-skin.cn
URL: https://bbs.star-skin.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.149.201.136 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
6a274e7629c0d71dcf8cab1e7733687ebfe32e2c53b4ca9fad050b4f1d5471f3

Request headers

Referer
https://bbs.star-skin.cn/
Origin
https://bbs.star-skin.cn
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 00:11:37 GMT
last-modified
Sun, 12 Nov 2023 01:46:29 GMT
server
nginx
etag
"65502e75-5d84"
content-type
font/woff2
cache-control
max-age=2592000
accept-ranges
bytes
content-length
23940
fa-solid-900.woff2
bbs.star-skin.cn/assets/extensions/blomstra-fontawesome/fontawesome-6-free/ 		151 KB
151 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bbs.star-skin.cn/assets/extensions/blomstra-fontawesome/fontawesome-6-free/fa-solid-900.woff2
Requested by
Host: bbs.star-skin.cn
URL: https://bbs.star-skin.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.149.201.136 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73

Request headers

Referer
https://bbs.star-skin.cn/
Origin
https://bbs.star-skin.cn
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 00:11:37 GMT
last-modified
Sun, 12 Nov 2023 01:46:29 GMT
server
nginx
etag
"65502e75-25a74"
content-type
font/woff2
cache-control
max-age=2592000
accept-ranges
bytes
content-length
154228
api.js
challenges.cloudflare.com/turnstile/v0/g/74bd6362/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/g/74bd6362/api.js?render=explicit
34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/74bd6362/api.js?render=explicit
Requested by
Host: bbs.star-skin.cn
URL: https://bbs.star-skin.cn/
Protocol
H2
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd9ac3177195b3d9537e0cf71222057ec70de67715715b570a80287ba78c8d3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 00:11:37 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
83c59647791f9052-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 28 Dec 2023 00:11:37 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/g/74bd6362/api.js?render=explicit
cache-control
max-age=300, public
cf-ray
83c5964748fd9052-FRA
alt-svc
h3=":443"; ma=86400
APlayer.min.css
assets.shanrenyi.top/APlayer/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.shanrenyi.top/APlayer/APlayer.min.css
Requested by
Host: bbs.star-skin.cn
URL: https://bbs.star-skin.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.149.201.136 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
baa4101a70dc9912af84ac1ce559b85d3d46436a15eadd54d0d47637db55f814
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 00:11:38 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sun, 19 Nov 2023 02:53:32 GMT
server
nginx
etag
W/"655978ac-30f0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Thu, 28 Dec 2023 12:11:38 GMT
APlayer.min.js
assets.shanrenyi.top/APlayer/ 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.shanrenyi.top/APlayer/APlayer.min.js
Requested by
Host: bbs.star-skin.cn
URL: https://bbs.star-skin.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.149.201.136 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
e98ec22436a5b6878d824f997ed8020fd8cb8261afe31294a3c9d0d07800c15a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 00:11:38 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sun, 19 Nov 2023 02:54:22 GMT
server
nginx
etag
W/"655978de-e7bd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 28 Dec 2023 12:11:38 GMT
Meting.min.js
assets.shanrenyi.top/APlayer/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.shanrenyi.top/APlayer/Meting.min.js
Requested by
Host: bbs.star-skin.cn
URL: https://bbs.star-skin.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.149.201.136 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
94e50ffa5f6a2db31368260a2cd74beac05917ef0966b1715e65eb55bcd2823d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 00:11:38 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sun, 19 Nov 2023 02:53:31 GMT
server
nginx
etag
W/"655978ab-d90"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 28 Dec 2023 12:11:38 GMT
api
api.i-meto.com/meting/ 		2 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.i-meto.com/meting/api?server=tencent&type=song&id=002RGrEX3ija5X&r=0.12637812329314757
Requested by
Host: assets.shanrenyi.top
URL: https://assets.shanrenyi.top/APlayer/Meting.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:353d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 00:11:39 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPy%2BbYXwWxNKbAcCznuW8DLAeNs5TpOwavbg8XZHylWIsSu%2BpfRDKZuXUdwDvJ7YDu2W9mLdDgez9dPO%2BgTW6Jf66FoqQVCCDJE%2Byvl8uxBCCiOovcSTDzm7zn98TP48gvHnW6Cf8AXQ5DwH2A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-cache
miss
access-control-allow-origin
https://bbs.star-skin.cn
content-type
application/json; charset=utf-8
cf-ray
83c596500b062bd9-FRA
alt-svc
h3=":443"; ma=86400
content-length
2
af7c4005-9ec1-3315-8230-9c2c1945de35.png
pic-up.star-skin.cn/i/2023/11/04/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic-up.star-skin.cn/i/2023/11/04/af7c4005-9ec1-3315-8230-9c2c1945de35.png
Requested by
Host: bbs.star-skin.cn
URL: https://bbs.star-skin.cn/assets/forum.css?v=03a5d028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
074db78e44b97f97f9e7efc7e2893c4d48af9f3483a745c92d44e0a7ca94258b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bbs.star-skin.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 00:11:39 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
6333
last-modified
Sat, 04 Nov 2023 12:39:39 GMT
server
cloudflare
etag
"65463b8b-18bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJ1KomxT%2FElb67ipznhx9f2OucELYS4%2F%2Fzi9c9nVet4Yi%2FNBTzHf27iDob8kMhdJYPX3D9mvuaeA1oAGwxEG%2B4fzswGGtfqx%2Bq1QMmx9we8O69XULJMlJklqmWrAq2Rp1Lhtjkotk%2FCHmBShlOZM2XUM"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
83c59650ad371d92-FRA
expires
Sat, 27 Jan 2024 00:11:39 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| turnstile function| setImmediate function| clearImmediate function| APlayer function| _objectSpread function| _defineProperty function| MetingJSElement object| flarum object| module function| $ function| jQuery function| m function| dayjs object| punycode function| ColorThief object| regeneratorRuntime object| app object| s9e undefined| error

1 Cookies

Domain/Path Name / Value
bbs.star-skin.cn/ Name: flarum_session
Value: cp72kJeKGPjMpIkJCUrVYVP7BdDVHjI3LWbbWg25

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff