ad.cjccpc.com Open in urlscan Pro
23.252.171.158 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ad.cjccpc.com/code/Ncode20161123.php?&size=1&b=1&zi=2d374b&u=118328
Submission: On April 14 via manual (April 14th 2020, 7:13:08 am UTC) from IE

Summary HTTP 20 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 20 HTTP transactions. The main IP is 23.252.171.158, located in Rowland Heights, United States and belongs to IKGUL-26484, US. The main domain is ad.cjccpc.com.

This is the only time ad.cjccpc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	23.252.171.158 23.252.171.158	26484 (IKGUL-26484) (IKGUL-26484)
1	61.216.165.206 61.216.165.206	3462 (HINET Dat...) (HINET Data Communication Business Group)
20	3

1 23.252.171.158 (Rowland Heights, United States)

ASN26484 (IKGUL-26484, US)

ad.cjccpc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.216.165.206 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 61-216-165-206.HINET-IP.hinet.net

t.uumet.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	uumet.cn t.uumet.cn
1	cjccpc.com ad.cjccpc.com	3 KB
0	51.la Failed js.users.51.la Failed
0	Failed function sub() { [native code] }. Failed
20	4

	Domain	Requested by
1	t.uumet.cn	ad.cjccpc.com
1	ad.cjccpc.com
0	js.users.51.la Failed	ad.cjccpc.com
0	112.30.128.131 Failed	ad.cjccpc.com
20	4

This site contains links to these domains. Also see Links.

Domain
www.milicpc.com

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://ad.cjccpc.com/code/Ncode20161123.php?&size=1&b=1&zi=2d374b&u=118328
Frame ID: 3DA743F8FE3D6ED8AD599AD226FF5D8B
Requests: 19 HTTP requests in this frame

Frame: http://t.uumet.cn:8090/uuu.html
Frame ID: 55FA95DDF8BF777CD19E525BDEFB55C2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

20
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

3 kB
Transfer

11 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.milicpc.com/reg.php?u=116595

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Ncode20161123.php Show response ad.cjccpc.com/code/	11 KB 3 KB	616ms 322ms	Document text/html	23.252.171.158 IKGUL-26484
General Check archive.org Show headers Download Go to Full URL http://ad.cjccpc.com/code/Ncode20161123.php?&size=1&b=1&zi=2d374b&u=118328 Protocol HTTP/1.1 Server 23.252.171.158 Rowland Heights, United States, ASN26484 (IKGUL-26484, US), Reverse DNS Software nginx/1.0.15 / PHP/5.2.17p1 Resource Hash `47a2598b263544e3edb1fa18ee0976a490dc4d698aa2ef640c5b94af693f8df8` Request headers Host ad.cjccpc.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx/1.0.15 Date Tue, 14 Apr 2020 07:09:07 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding X-Powered-By PHP/5.2.17p1 Content-Encoding gzip
GET		cq.png 112.30.128.131/pic/playimge/	0 0

GET		36.jpg 112.30.128.131/pic/playimge/	0 0

GET		7.jpg 112.30.128.131/pic/playimge/	0 0

GET		bq.png 112.30.128.131/pic/playimge/	0 0

GET		0.jpg 112.30.128.131/pic/playimge/	0 0

GET		gq.png 112.30.128.131/pic/playimge/	0 0

GET		19.jpg 112.30.128.131/pic/playimge/	0 0

GET		28.jpg 112.30.128.131/pic/playimge/	0 0

GET		14.jpg 112.30.128.131/pic/playimge/	0 0

GET		1.jpg 112.30.128.131/pic/playimge/	0 0

GET		33.jpg 112.30.128.131/pic/playimge/	0 0

GET		2.jpg 112.30.128.131/pic/playimge/	0 0

GET		20.jpg 112.30.128.131/pic/playimge/	0 0

GET		3.jpg 112.30.128.131/pic/playimge/	0 0

GET		30.jpg 112.30.128.131/pic/playimge/	0 0

GET		19044366.js js.users.51.la/	0 0

GET H/1.1	200 OK	uuu.html t.uumet.cn/ Frame 55FA	0 0	1111ms 263ms	Document text/html	61.216.165.206 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL http://t.uumet.cn:8090/uuu.html Requested by Host: ad.cjccpc.com URL: http://ad.cjccpc.com/code/Ncode20161123.php?&size=1&b=1&zi=2d374b&u=118328 Protocol HTTP/1.1 Server 61.216.165.206 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 61-216-165-206.HINET-IP.hinet.net Software Microsoft-IIS/7.5 / ASP.NET Resource Hash Request headers Host t.uumet.cn:8090 Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://ad.cjccpc.com/code/Ncode20161123.php?&size=1&b=1&zi=2d374b&u=118328 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://ad.cjccpc.com/code/Ncode20161123.php?&size=1&b=1&zi=2d374b&u=118328 Response headers Content-Type text/html Content-Encoding gzip Last-Modified Mon, 06 Jan 2020 08:40:59 GMT Accept-Ranges bytes ETag "24c95556dc4d51:0" Vary Accept-Encoding Server Microsoft-IIS/7.5 X-Powered-By ASP.NET Date Tue, 14 Apr 2020 07:12:35 GMT Content-Length 549
GET		ad.jpg 112.30.128.131/pic/ad_logo/	0 0

GET		bg_bt.jpg 112.30.128.131/pic/playimge/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 112.30.128.131
URL: http://112.30.128.131:8012/pic/playimge/cq.png

Domain: 112.30.128.131
URL: http://112.30.128.131:8012/pic/playimge/36.jpg

Domain: 112.30.128.131
URL: http://112.30.128.131:8012/pic/playimge/7.jpg

Domain: 112.30.128.131
URL: http://112.30.128.131:8012/pic/playimge/bq.png

Domain: 112.30.128.131
URL: http://112.30.128.131:8012/pic/playimge/0.jpg

Domain: 112.30.128.131
URL: http://112.30.128.131:8012/pic/playimge/gq.png

Domain: 112.30.128.131
URL: http://112.30.128.131:8012/pic/playimge/19.jpg

Domain: 112.30.128.131
URL: http://112.30.128.131:8012/pic/playimge/28.jpg

Domain: 112.30.128.131
URL: http://112.30.128.131:8012/pic/playimge/14.jpg

Domain: 112.30.128.131
URL: http://112.30.128.131:8012/pic/playimge/1.jpg

Domain: 112.30.128.131
URL: http://112.30.128.131:8012/pic/playimge/33.jpg

Domain: 112.30.128.131
URL: http://112.30.128.131:8012/pic/playimge/2.jpg

Domain: 112.30.128.131
URL: http://112.30.128.131:8012/pic/playimge/20.jpg

Domain: 112.30.128.131
URL: http://112.30.128.131:8012/pic/playimge/3.jpg

Domain: 112.30.128.131
URL: http://112.30.128.131:8012/pic/playimge/30.jpg

Domain: js.users.51.la
URL: http://js.users.51.la/19044366.js

Domain: 112.30.128.131
URL: http://112.30.128.131:8012/pic/ad_logo/ad.jpg

Domain: 112.30.128.131
URL: http://112.30.128.131:8012/pic/playimge/bg_bt.jpg

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

112.30.128.131
ad.cjccpc.com
js.users.51.la
t.uumet.cn
112.30.128.131
js.users.51.la
23.252.171.158
61.216.165.206
47a2598b263544e3edb1fa18ee0976a490dc4d698aa2ef640c5b94af693f8df8

ad.cjccpc.com Open in urlscan Pro 23.252.171.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

20 Requests

0 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

3 kBTransfer

11 kBSize

0 Cookies

1 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

0 Cookies

Indicators

ad.cjccpc.com Open in urlscan Pro
23.252.171.158 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

3 kB
Transfer

11 kB
Size

0
Cookies

20 HTTP transactions
0 data transactions