gbs228.com Open in urlscan Pro
43.241.196.166 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://gbs228.com/
Submission: On June 02 via api (June 2nd 2019, 10:22:48 am UTC) from CA

Summary HTTP 9 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 9 HTTP transactions. The main IP is 43.241.196.166, located in China and belongs to ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK. The main domain is gbs228.com.

This is the only time gbs228.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
4	43.241.196.166 43.241.196.166		137443 (ANCHGLOBA...) (ANCHGLOBAL-AS-AP Anchnet Asia Limited)
1	2a00:1450:400... 2a00:1450:4001:81f::2008		15169 (GOOGLE) (GOOGLE - Google LLC)
1	59.111.181.52 59.111.181.52		45062 (NETEASE-A...) (NETEASE-AS Guangzhou NetEase Computer System Co.)
2	103.242.145.107 103.242.145.107		55303 (EAGLENET-...) (EAGLENET-AP 60 Market Square)
1	2a00:1450:400... 2a00:1450:4001:814::200e		15169 (GOOGLE) (GOOGLE - Google LLC)
9	5

4 43.241.196.166 (China)

ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK)

gbs228.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 59.111.181.52 (China)

ASN45062 (NETEASE-AS Guangzhou NetEase Computer System Co., Ltd., CN)

ip.ws.126.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.242.145.107 (Thailand)

ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH)

baizun2012.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	gbs228.com gbs228.com	50 KB
2	baizun2012.com baizun2012.com
1	google-analytics.com www.google-analytics.com	17 KB
1	126.net ip.ws.126.net	318 B
1	googletagmanager.com www.googletagmanager.com	25 KB
9	5

	Domain	Requested by
4	gbs228.com	gbs228.com
2	baizun2012.com	gbs228.com
1	www.google-analytics.com	www.googletagmanager.com
1	ip.ws.126.net	gbs228.com
1	www.googletagmanager.com	gbs228.com
9	5

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
*.baizun2012.com RapidSSL RSA CA 2018	`2018-10-17` - `2019-10-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://gbs228.com/
Frame ID: C1F49FA7D5D3599AD4FF96109DAD261A
Requests: 7 HTTP requests in this frame

Frame: https://baizun2012.com/entrance/page/soya?gapv=1
Frame ID: 7458EAAE1A967ECDA2E1AF0E7BBC4803
Requests: 1 HTTP requests in this frame

Frame: https://baizun2012.com/app/member/upupFlash.php?uid=
Frame ID: EC6DA74C1240674110E1BD9AAB661C17
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

9
Requests

44 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

93 kB
Transfer

217 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
gbs228.com/ 4 KB
2 KB 1232ms
800ms Document
text/html 43.241.196.166
ANCHGLOBAL-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: http://gbs228.com/
Protocol: HTTP/1.1
Server: 43.241.196.166 , China, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK),
Reverse DNS
Software: Microsoft-IIS/7.5 / PHP/5.4.45 ASP.NET
Resource Hash: 9ecca4c9910727480cb604b1e7195b07cd3877c4e04a6420d9f5a9be244678b3

Request headers

Host: gbs228.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: PHP/5.4.45 ASP.NET
Set-Cookie: ZDEDebuggerPresent=php,phtml,php3; path=/
Date: Sun, 02 Jun 2019 10:22:19 GMT
Content-Length: 1954

GET
H/1.1 200
OK jquery.php Show response
gbs228.com/ 9 KB
5 KB 207ms
206ms Script
text/html 43.241.196.166
ANCHGLOBAL-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: http://gbs228.com/jquery.php
Requested by: Host: gbs228.com
URL: http://gbs228.com/
Protocol: HTTP/1.1
Server: 43.241.196.166 , China, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK),
Reverse DNS
Software: Microsoft-IIS/7.5 / PHP/5.4.45, ASP.NET
Resource Hash: c7aceec64e3bdcee6414a58eb974e54c44fa7239a6f22795a76ee135d4542023

Request headers

Referer: http://gbs228.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 02 Jun 2019 10:22:19 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-Powered-By: PHP/5.4.45, ASP.NET
Content-Length: 4455
Vary: Accept-Encoding
Content-Type: text/html

GET
H/1.1 200
OK jquery.js Show response
gbs228.com/ 59 B
487 B 201ms
200ms Script
application/x-javascript 43.241.196.166
ANCHGLOBAL-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: http://gbs228.com/jquery.js
Requested by: Host: gbs228.com
URL: http://gbs228.com/
Protocol: HTTP/1.1
Server: 43.241.196.166 , China, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 65de27661591371f2c4e456a10511dce38386275a15300aa096d759502b8b158

Request headers

Referer: http://gbs228.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 02 Jun 2019 10:22:19 GMT
Content-Encoding: gzip
ETag: "b2fc6ab596ced41:0"
Last-Modified: Wed, 27 Feb 2019 12:19:38 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 178

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 64 KB
25 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:81f::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: gbs228.com
URL: http://gbs228.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

b3488ec10052969fd0f25251a6981bd64979144cee9e99fc71d788ef1cafafda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://gbs228.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 02 Jun 2019 10:22:21 GMT
content-encoding: br
last-modified: Thu, 30 May 2019 16:41:01 GMT
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 25329
x-xss-protection: 0
expires: Sun, 02 Jun 2019 10:22:21 GMT

GET
H/1.1 200
OK ipquery Show response
ip.ws.126.net/ 84 B
318 B 1336ms
349ms Script
text/html 59.111.181.52
NETEASE-AS Guangz...

General

Check archive.org

Show headers Download Go to

Full URL: http://ip.ws.126.net/ipquery
Requested by: Host: gbs228.com
URL: http://gbs228.com/
Protocol: HTTP/1.1
Server: 59.111.181.52 , China, ASN45062 (NETEASE-AS Guangzhou NetEase Computer System Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: d9db0d91eaad86d6c7cec9326d43e9c6ab460885a6fa73d77c35bcfba7dfd295

Request headers

Referer: http://gbs228.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 02 Jun 2019 10:22:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html;charset=GBK

GET
H/1.1 200
OK jquery.min.js Show response
gbs228.com/ 96 KB
43 KB 404ms
204ms Script
application/x-javascript 43.241.196.166
ANCHGLOBAL-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: http://gbs228.com/jquery.min.js?t=99
Requested by: Host: gbs228.com
URL: http://gbs228.com/
Protocol: HTTP/1.1
Server: 43.241.196.166 , China, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: bc47d388cf55067ab66fae8d873e6ca3919458bed0623716e4b3cb67d4342d3f

Request headers

Referer: http://gbs228.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 02 Jun 2019 10:22:20 GMT
Content-Encoding: gzip
ETag: "b2f0b79d5918d51:0"
Last-Modified: Sat, 01 Jun 2019 09:08:45 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 43926

GET
H/1.1 200
OK Cookie set soya
baizun2012.com/entrance/page/ Frame 7458 0
0 5413ms
367ms Document
text/html 103.242.145.107
EAGLENET-AP 60 Ma...

General

Check archive.org

Show headers Download Go to

Full URL

https://baizun2012.com/entrance/page/soya?gapv=1

Requested by

Host: gbs228.com
URL: http://gbs228.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.242.145.107 , Thailand, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Host: baizun2012.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://gbs228.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://gbs228.com/

Response headers

Date: Sun, 02 Jun 2019 10:22:27 GMT
Set-Cookie: lang=zh-cn; path=/ lang=zh-cn; path=/ langx=zh-cn; path=/ IBCACHE=lyh_bgaTYoye3DJzH3fhSpI4SiXd2Njs2BPLN00a7CSpqJ4ZE4_2-uU23VNLXah1Q3RLN1FIMWJpOXRFenNQUnM2ODd3bF9JUEFaaWZiVkNfNkNDNnJEakE2QQ; expires=Sun, 02-Jun-2019 10:23:27 GMT; Max-Age=60; path=/; domain=baizun2012.com; HttpOnly SESSION_ID=guest; path=/; domain=baizun2012.com ICCACHE=244c66096bbf96dab3f7c254e1669c7e9707754fe9880fd09b53e54eb1787370; path=/; domain=baizun2012.com page_site=first; path=/ T0_IPL_AVRbbbbbbbbbbbbbbbb=CILOJIOBBMCPDNFPJFLKLPJCODDBJPLHEABACAADDEKAHAMPMIDFPNINAIIIDBICJBCDDJHCLFFDGJGNMMCDOIDFCIOACICABBIEEKLEDEPBNILIKKDILGFJHPDPEBPJ; HttpOnly
Vary: Accept-Encoding
Keep-Alive: timeout=30, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Server: Apache
Content-Encoding: gzip
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000;

GET
H/1.1 200
OK Cookie set upupFlash.php
baizun2012.com/app/member/ Frame EC6D 0
0 5326ms
259ms Document
text/html 103.242.145.107
EAGLENET-AP 60 Ma...

General

Check archive.org

Show headers Download Go to

Full URL

https://baizun2012.com/app/member/upupFlash.php?uid=

Requested by

Host: gbs228.com
URL: http://gbs228.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.242.145.107 , Thailand, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Host: baizun2012.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://gbs228.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://gbs228.com/

Response headers

Date: Sun, 02 Jun 2019 10:22:27 GMT
Vary: Accept-Encoding
Keep-Alive: timeout=30, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Server: Apache
Content-Encoding: gzip
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000;
Set-Cookie: T0_IPL_AVRbbbbbbbbbbbbbbbb=DFHEPKABNJIIGDJILIECFHDLOJOEJNCKBLCOBJDIMKCOBKABGNPPCGJOIIDEGNKGEJLJGFGIFOHDCGFHNFDNFCFBPICACPPHBBJLNDKKLKIJNJDDKKINKDOPKFEBNOBB; HttpOnly

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://gbs228.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 May 2019 23:53:44 GMT
server: Golfe2
age: 2987
date: Sun, 02 Jun 2019 09:32:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17595
expires: Sun, 02 Jun 2019 11:32:35 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask string| srwr3r23 string| t function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal string| lo string| lc object| localAddress object| res boolean| isDesignAddress boolean| isWinning string| html function| $ function| jQuery object| xhttp object| getCookie boolean| recycleLock function| getcookie

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.baizun2012.com/	1969-12-31 23:59:59	Name: ICCACHE Value: edad8da653b217459dbb91529c388bfe5440ba0e3fc1aa87b4b18b88a4f0d486
			.baizun2012.com/	1970-01-19 01:11:11	Name: IBCACHE Value: lyh_bgaTYoye3DJzH3fhSp4uQjfnYCK_4R-k7IyRCA1-ZzHGJ8A9-qmxmentk1Xjam1KZ2ZTaWtNMWVpOFNyUG5ycmJJbnBsZEdkNWpZa1VuYnVNM0VIdjBfaw
			baizun2012.com/	1969-12-31 23:59:59	Name: langx Value: zh-cn
			.baizun2012.com/	1969-12-31 23:59:59	Name: SESSION_ID Value: guest
			.baizun2012.com/	1970-01-19 01:12:37	Name: _gid Value: GA1.2.563235183.1559470950
			baizun2012.com/	1969-12-31 23:59:59	Name: lang Value: zh-cn
			.baizun2012.com/	1970-01-19 18:42:22	Name: _ga Value: GA1.2.2098097853.1559470950

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

baizun2012.com
gbs228.com
ip.ws.126.net
www.google-analytics.com
www.googletagmanager.com
103.242.145.107
2a00:1450:4001:814::200e
2a00:1450:4001:81f::2008
43.241.196.166
59.111.181.52
65de27661591371f2c4e456a10511dce38386275a15300aa096d759502b8b158
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
9ecca4c9910727480cb604b1e7195b07cd3877c4e04a6420d9f5a9be244678b3
b3488ec10052969fd0f25251a6981bd64979144cee9e99fc71d788ef1cafafda
bc47d388cf55067ab66fae8d873e6ca3919458bed0623716e4b3cb67d4342d3f
c7aceec64e3bdcee6414a58eb974e54c44fa7239a6f22795a76ee135d4542023
d9db0d91eaad86d6c7cec9326d43e9c6ab460885a6fa73d77c35bcfba7dfd295