Submitted URL: http://heji0018.com/
Effective URL: https://m.sogou.com/tc?url=https%3A%2F%2F35.220.207.217:3333%2Fhome
Submission: On May 26 via api from IN — Scanned from DE

Summary

This website contacted 6 IPs in 4 countries across 4 domains to perform 7 HTTP transactions. The main IP is 119.28.109.132, located in Singapore, Singapore and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is m.sogou.com. The Cisco Umbrella rank of the primary domain is 173855.
TLS certificate: Issued by GlobalSign Organization Validation CA... on July 6th 2023. Valid for: a year.
This is the only time m.sogou.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 154.204.210.100 135097 (MYCLOUD-A...)
1 163.181.92.250 24429 (TAOBAO Zh...)
1 163.181.157.43 24429 (TAOBAO Zh...)
1 119.28.109.132 132203 (TENCENT-N...)
1 43.152.26.154 139341 (ACE-AS-AP...)
7 6
Apex Domain
Subdomains
Transfer
3 heji0018.com
heji0018.com
www.heji0018.com
2 KB
2 51.la
sdk.51.la — Cisco Umbrella Rank: 76214
collect-v6.51.la — Cisco Umbrella Rank: 62126
14 KB
1 sogoucdn.com
dlweb.sogoucdn.com — Cisco Umbrella Rank: 290728
6 KB
1 sogou.com
m.sogou.com — Cisco Umbrella Rank: 173855
logo.wap.sogou.com Failed
2 KB
7 4
Domain Requested by
2 www.heji0018.com
1 dlweb.sogoucdn.com m.sogou.com
1 m.sogou.com
1 collect-v6.51.la sdk.51.la
1 sdk.51.la www.heji0018.com
1 heji0018.com 1 redirects
0 logo.wap.sogou.com Failed
7 7

This site contains links to these domains. Also see Links.

Domain
35.220.207.217
Subject Issuer Validity Valid
heji0018.com
R3
2024-05-25 -
2024-08-23
3 months crt.sh
*.51.la
GlobalSign RSA OV SSL CA 2018
2024-03-19 -
2025-04-20
a year crt.sh
*.sogou.com
GlobalSign Organization Validation CA - SHA256 - G3
2023-07-06 -
2024-07-13
a year crt.sh
*.sogoucdn.com
DigiCert Secure Site CN CA G3
2023-06-12 -
2024-07-12
a year crt.sh

This page contains 1 frames:

Primary Page: https://m.sogou.com/tc?url=https%3A%2F%2F35.220.207.217:3333%2Fhome
Frame ID: BB6771AEE7ED964E99DC93D431F1FA08
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

您访问的页面为第三方网站

Page URL History Show full URLs

  1. http://heji0018.com/ HTTP 307
    https://heji0018.com/ HTTP 301
    https://www.heji0018.com/ Page URL
  2. https://m.sogou.com/tc?url=https%3A%2F%2F35.220.207.217:3333%2Fhome Page URL

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

4
Domains

7
Subdomains

6
IPs

4
Countries

23 kB
Transfer

43 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://heji0018.com/ HTTP 307
    https://heji0018.com/ HTTP 301
    https://www.heji0018.com/ Page URL
  2. https://m.sogou.com/tc?url=https%3A%2F%2F35.220.207.217:3333%2Fhome Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://heji0018.com/ HTTP 307
  • https://heji0018.com/ HTTP 301
  • https://www.heji0018.com/

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.heji0018.com/
Redirect Chain
  • http://heji0018.com/
  • https://heji0018.com/
  • https://www.heji0018.com/
721 B
843 B
Document
General
Full URL
https://www.heji0018.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.204.210.100 , Hong Kong, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
4da7938f5c08f0775c8c98842dfbb3bc3b7970e9376369da7c2cf420fafa4e70

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
721
content-type
text/html
date
Sun, 26 May 2024 17:41:37 GMT
etag
"6651b664-2d1"
last-modified
Sat, 25 May 2024 09:59:00 GMT
server
nginx

Redirect headers

content-length
162
content-type
text/html
date
Sun, 26 May 2024 17:41:36 GMT
location
https://www.heji0018.com/
server
nginx
js-sdk-pro.min.js
sdk.51.la/
34 KB
13 KB
Script
General
Full URL
https://sdk.51.la/js-sdk-pro.min.js
Requested by
Host: www.heji0018.com
URL: https://www.heji0018.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.250 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.heji0018.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 24 May 2024 19:36:19 GMT
via
cache15.l2de2[1178,908,304-0,C], cache21.l2de2[910,0], ens-cache1.de5[0,0,200-0,H], ens-cache4.de5[1,0]
content-encoding
gzip
x-oss-request-id
6650EC338A8E40393022C8B7
content-md5
JLtSDpUX8u0+2Ye0aur3Iw==
age
165918
x-swift-cachetime
1296000
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-oss-cdn-auth
success
x-swift-savetime
Fri, 24 May 2024 19:36:19 GMT
content-length
12846
x-oss-object-type
Normal
last-modified
Thu, 08 Jun 2023 02:24:34 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1716579379
content-type
application/javascript
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
5143829838470429443
eagleid
a3b55c9817167452978117542e
x-oss-server-time
2
collect
collect-v6.51.la/v6/
0
623 B
XHR
General
Full URL
https://collect-v6.51.la/v6/collect?dt=4
Requested by
Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.157.43 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.heji0018.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 26 May 2024 17:41:38 GMT
Via
cache23.l2de2[184,184,200-0,M], cache23.l2de2[185,0], ens-cache12.de7[187,187,200-0,M], ens-cache12.de7[188,0]
Server
Tengine
X-Swift-CacheTime
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Ali-Swift-Global-Savetime
1716745298
X-Cache
MISS TCP_MISS dirn:-2:-2
Access-Control-Allow-Origin
https://www.heji0018.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Swift-SaveTime
Sun, 26 May 2024 17:41:38 GMT
Timing-Allow-Origin
*
Content-Length
0
EagleId
a3b583a017167452979152235e
Primary Request tc
m.sogou.com/
2 KB
2 KB
Document
General
Full URL
https://m.sogou.com/tc?url=https%3A%2F%2F35.220.207.217:3333%2Fhome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.28.109.132 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
00228b66d47a074f87f86012c02a9fa68f070ca06bf405e5ea759815cf502343

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.heji0018.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 26 May 2024 17:41:39 GMT
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server
nginx
Transfer-Encoding
chunked
UUID
176962ee-097e-42a8-9b7b-9fefc8a642ab
favicon.ico
www.heji0018.com/
721 B
843 B
Other
General
Full URL
https://www.heji0018.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.204.210.100 , Hong Kong, ASN135097 (MYCLOUD-AS-AP LUOGELANG FRANCE LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.heji0018.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 17:41:37 GMT
last-modified
Sat, 25 May 2024 09:59:00 GMT
server
nginx
accept-ranges
bytes
etag
"6651b664-2d1"
content-length
721
content-type
text/html
logo_transanti.png
dlweb.sogoucdn.com/special/images/
6 KB
6 KB
Image
General
Full URL
https://dlweb.sogoucdn.com/special/images/logo_transanti.png
Requested by
Host: m.sogou.com
URL: https://m.sogou.com/tc?url=https%3A%2F%2F35.220.207.217:3333%2Fhome
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.154 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
81025c2f3f3f57cbed9a823656204b20b111b641ce30aa361a284bb508b89060

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://m.sogou.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 05:27:55 GMT
x-cache-lookup
Cache Hit
last-modified
Tue, 02 Jun 2020 05:24:57 GMT
server
nginx
etag
"5ed5e2a9-1669"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
x-nws-log-uuid
2953157480699798955
accept-ranges
bytes
content-length
5737
expires
Sat, 17 May 2025 05:27:55 GMT
favicon.ico
logo.wap.sogou.com/images/logo2014/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
logo.wap.sogou.com
URL
http://logo.wap.sogou.com/images/logo2014/favicon.ico

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Domain/Path Name / Value
www.heji0018.com/ Name: __vtins__K4n629xQvS8C65gV
Value: %7B%22sid%22%3A%20%22be2d33f0-fe5b-5c33-8cae-ce3266dc52a0%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201716747097821%2C%20%22ct%22%3A%201716745297821%7D
www.heji0018.com/ Name: __51uvsct__K4n629xQvS8C65gV
Value: 1
www.heji0018.com/ Name: __51vcke__K4n629xQvS8C65gV
Value: e0564bc5-747e-5ee3-8a16-8fd7b8454961
www.heji0018.com/ Name: __51vuft__K4n629xQvS8C65gV
Value: 1716745297823
m.sogou.com/ Name: ABTEST
Value: 0|1716745299|v1
.sogou.com/ Name: SUV
Value: 004D50618AC72685665374539A2AE766

1 Console Messages

Source Level URL
Text
security error URL: https://m.sogou.com/tc?url=https%3A%2F%2F35.220.207.217:3333%2Fhome
Message:
Mixed Content: The page at 'https://m.sogou.com/tc?url=https%3A%2F%2F35.220.207.217:3333%2Fhome' was loaded over HTTPS, but requested an insecure favicon 'http://logo.wap.sogou.com/images/logo2014/favicon.ico'. This request has been blocked; the content must be served over HTTPS.