urlscan.io logo urlscan.io
SecurityTrails logo

xsgzz.com Open in urlscan Pro
103.116.214.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xsgzz.com/
Effective URL: https://xsgzz.com/
Submission: On December 03 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 7 countries across 8 domains to perform 35 HTTP transactions. The main IP is 103.116.214.10, located in and belongs to XIAOZHIYUN1-AS-AP ICIDC NETWORK, US. The main domain is xsgzz.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 1st 2018. Valid for: 3 months.
This is the only time xsgzz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 103.116.214.10 136800 (XIAOZHIYU...)
1 156.239.112.102 134548 (DXTL-HK D...)
2 163.171.140.176 54994 (QUANTILNE...)
11 163.171.128.148 54994 (QUANTILNE...)
2 101.132.138.217 37963 (CNNIC-ALI...)
1 104.111.239.8 16625 (AKAMAI-AS)
1 220.243.212.50 54994 (QUANTILNE...)
4 54.223.34.2 55960 (BJ-GUANGH...)
1 183.131.207.78 136190 (CHINATELE...)
1 104.37.244.89 46844 (ST-BGP)
3 103.235.46.191 55967 (CNNIC-BAI...)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.80.248.13 55960 (BJ-GUANGH...)
35 14
3    103.116.214.10 (None, )

ASN136800 (XIAOZHIYUN1-AS-AP ICIDC NETWORK, US)
xsgzz.com
1    156.239.112.102 (United States)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)
news.zhgrf.cn
2    163.171.140.176 (European Union)

ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US)
static.niwodai.com
11    163.171.128.148 (European Union)

ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US)
static3.niwodai.com
static5.niwodai.com
2    101.132.138.217 (Hangzhou, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
report.niwodai.com
1    104.111.239.8 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-239-8.deploy.static.akamaitechnologies.com
assets.growingio.com
1    220.243.212.50 (Beijing, China)

ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US)
js.users.51.la
4    54.223.34.2 (Beijing, China)

ASN55960 (BJ-GUANGHUAN-AP Beijing Guanghuan Xinwang Digital, CN)
PTR: ec2-54-223-34-2.cn-north-1.compute.amazonaws.com.cn
api.growingio.com
1    183.131.207.78 (Jinhua, China)

ASN136190 (CHINATELECOM-YUNNAN-DALI-MAN DaLi, CN)
ia.51.la
1    104.37.244.89 (Las Vegas, United States)

ASN46844 (ST-BGP - Sharktech, US)
PTR: node-104-37-244-89.reverse.x4b.me
hao123.hnkejizz.net
3    103.235.46.191 (Central District, Hong Kong)

ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    2a00:1450:4001:81f::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    52.80.248.13 (Beijing, China)

ASN55960 (BJ-GUANGHUAN-AP Beijing Guanghuan Xinwang Digital, CN)
PTR: ec2-52-80-248-13.cn-north-1.compute.amazonaws.com.cn
tags.growingio.com
Domain Requested by
7 static5.niwodai.com xsgzz.com
4 api.growingio.com assets.growingio.com
4 static3.niwodai.com xsgzz.com
3 hm.baidu.com xsgzz.com
3 xsgzz.com 1 redirects xsgzz.com
2 report.niwodai.com xsgzz.com
report.niwodai.com
2 static.niwodai.com xsgzz.com
1 tags.growingio.com assets.growingio.com
1 www.googletagmanager.com xsgzz.com
1 hao123.hnkejizz.net xsgzz.com
1 ia.51.la xsgzz.com
1 js.users.51.la news.zhgrf.cn
1 assets.growingio.com xsgzz.com
1 news.zhgrf.cn xsgzz.com
35 14

This site contains links to these domains. Also see Links.

Domain
www.51.la
Subject Issuer Validity Valid
www.xsgzz.com
Let's Encrypt Authority X3		 2018-12-01 -
2019-03-01		 3 months crt.sh
news.zhgrf.cn
TrustAsia TLS RSA CA		 2018-07-30 -
2019-07-30		 a year crt.sh
*.niwodai.com
COMODO RSA Domain Validation Secure Server CA		 2016-05-05 -
2019-05-13		 3 years crt.sh
testcdn5.growingio.com
Let's Encrypt Authority X3		 2018-11-29 -
2019-02-27		 3 months crt.sh
*.users.51.la
GlobalSign Domain Validation CA - SHA256 - G2		 2018-01-15 -
2021-03-19		 3 years crt.sh
*.growingio.com
COMODO RSA Domain Validation Secure Server CA		 2017-09-23 -
2019-09-23		 2 years crt.sh
*.51.la
GlobalSign Domain Validation CA - SHA256 - G2		 2018-01-15 -
2021-04-15		 3 years crt.sh
hao123.hnkejizz.net
TrustAsia TLS RSA CA		 2018-11-24 -
2019-11-24		 a year crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-08-28 -
2019-05-26		 9 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-11-07 -
2019-01-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://xsgzz.com/
Frame ID: F655FD404E4FCD1695E8413B692CA6E3
Requests: 34 HTTP requests in this frame

Frame: https://hao123.hnkejizz.net/kkk999/
Frame ID: F9A76460FE00C0B73FE666573462190B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://xsgzz.com/ HTTP 301
    https://xsgzz.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Page Statistics

35
Requests

57 %
HTTPS

8 %
IPv6

8
Domains

14
Subdomains

14
IPs

7
Countries

1945 kB
Transfer

2066 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xsgzz.com/ HTTP 301
    https://xsgzz.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xsgzz.com/
Redirect Chain
  • http://xsgzz.com/
  • https://xsgzz.com/
61 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xsgzz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.116.214.10 -, , ASN136800 (XIAOZHIYUN1-AS-AP ICIDC NETWORK, US),
Reverse DNS
Software
Apache / PHP/5.4.45
Resource Hash
61d73a5c570ba4577a8d84dfbdd46f52db81d67c8361a9dedddeb0fb3a63e099

Request headers

:method
GET
:authority
xsgzz.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Mon, 03 Dec 2018 00:47:18 GMT
server
Apache
x-powered-by
PHP/5.4.45
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
set-cookie
PHPSESSID=0k88kjsru1vb032vfd8b6inbl4; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
14009
content-type
text/html; charset=gbk

Redirect headers

Date
Mon, 03 Dec 2018 00:47:17 GMT
Server
Apache
Location
https://xsgzz.com/
Content-Length
285
Connection
close
Content-Type
text/html; charset=iso-8859-1
ty.js
news.zhgrf.cn/baidu/ 		1 KB
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://news.zhgrf.cn/baidu/ty.js
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
HTTP/1.1
Security
TLS 1.0, ECDHE_RSA, AES_256_CBC
Server
156.239.112.102 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
dd98d4c8da93269f99646d535d19408a9170061c889bc3322ad93ed41f4ffa57

Request headers

Referer
https://xsgzz.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 03 Dec 2018 00:45:31 GMT
Content-Encoding
gzip
Last-Modified
Sat, 01 Dec 2018 12:42:38 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"de87da577389d41:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
709
topbg_b14925.png
static.niwodai.com/Public/Static/201603/css/font/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.niwodai.com/Public/Static/201603/css/font/topbg_b14925.png
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.140.176 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
/
Resource Hash
cbeffe32faebadad86f6bd14239b0a8c5ed141e9d2c4439566f4ba68a8f1d12c

Request headers

Referer
https://xsgzz.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 03 Dec 2018 00:46:28 GMT
Last-Modified
Thu, 22 Nov 2018 08:28:48 GMT
ETag
"5bf668c0-5843"
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With
Content-Length
22595
X-Via
1.1 shx250:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1oo123:7 (Cdn Cache Server V2.0)
topbg_b14926.png
static.niwodai.com/Public/Static/201603/css/font/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.niwodai.com/Public/Static/201603/css/font/topbg_b14926.png
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.140.176 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
/
Resource Hash
420b753ae33d90b0b6efaad89e0e835d6f17c8a890983c00deb071402d21817c

Request headers

Referer
https://xsgzz.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 03 Dec 2018 00:46:28 GMT
Last-Modified
Mon, 10 Sep 2018 03:14:14 GMT
ETag
"5b95e186-97b6"
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With
Content-Length
38838
X-Via
1.1 shx250:9 (Cdn Cache Server V2.0), 1.1 PShlamstdAMS1oo123:5 (Cdn Cache Server V2.0)
logo.png
static3.niwodai.com/Public/Static/201603/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static3.niwodai.com/Public/Static/201603/images/logo.png
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
HTTP/1.1
Server
163.171.128.148 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
/
Resource Hash
88c8f8ae08e688d507e25b2c53a8480a4ad18ed0b4c2ca731bf97f79c092c0ab
Security Headers
Name Value
X-Frame-Options ALLOW-FROM

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 02 Dec 2018 04:56:30 GMT
Last-Modified
Mon, 02 Jul 2018 12:25:26 GMT
Age
1
ETag
"5b3a19b6-1dee"
X-Frame-Options
ALLOW-FROM
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7662
X-Via
1.1 PSdgflkfFRA1lr89:4 (Cdn Cache Server V2.0)
slogan.png
static3.niwodai.com/Public/Static/201603/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static3.niwodai.com/Public/Static/201603/images/slogan.png
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
HTTP/1.1
Server
163.171.128.148 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
/
Resource Hash
b27d510cb711fd8cd8264a290714cfc6fb3f5922b13b55032af1ff794e8418d2
Security Headers
Name Value
X-Frame-Options ALLOW-FROM

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 02 Dec 2018 04:56:30 GMT
Last-Modified
Mon, 02 Jul 2018 12:17:16 GMT
Age
1
ETag
"5b3a17cc-e6c"
X-Frame-Options
ALLOW-FROM
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3692
X-Via
1.1 xxz208:10 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1yq93:6 (Cdn Cache Server V2.0)
%2Fcms%2Fimage%2Fa9cbc637-9717-4b27-b3f5-bfa8f8e18275.png
static5.niwodai.com/ 		391 KB
391 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static5.niwodai.com/%2Fcms%2Fimage%2Fa9cbc637-9717-4b27-b3f5-bfa8f8e18275.png
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
HTTP/1.1
Server
163.171.128.148 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
/
Resource Hash
95d9bf4399a99751496b155df06e650e4ff67bede76880ba0a3e2767b08fc005
Security Headers
Name Value
X-Frame-Options ALLOW-FROM

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 02 Dec 2018 04:56:31 GMT
Last-Modified
Fri, 17 Mar 2017 03:13:22 GMT
Age
1
ETag
"58cb5452-61c20"
X-Frame-Options
ALLOW-FROM
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
400416
X-Via
1.1 PSdgflkfFRA1vg90:16 (Cdn Cache Server V2.0)
articleLogo%2F20160706%2F44c0ef94-9fb8-4503-854f-3d2aee124105.png
static5.niwodai.com/ 		380 KB
380 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static5.niwodai.com/articleLogo%2F20160706%2F44c0ef94-9fb8-4503-854f-3d2aee124105.png
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
HTTP/1.1
Server
163.171.128.148 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
/
Resource Hash
6b4cb6364e01a32aa1c2385aa2a3e7829527147af3ddd9b3437da52391939ef0
Security Headers
Name Value
X-Frame-Options ALLOW-FROM

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 02 Dec 2018 04:56:31 GMT
Last-Modified
Wed, 06 Jul 2016 06:37:18 GMT
Age
1
ETag
"577ca71e-5efed"
X-Frame-Options
ALLOW-FROM
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
389101
X-Via
1.1 xinxzai211:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1gi91:14 (Cdn Cache Server V2.0)
nwd_common.css
static3.niwodai.com/Public/Static/201603/css/ 		0
0
nwd_perCenter.css
static3.niwodai.com/Public/Static/201603/manage/css/ 		0
0
nwd_vipStyle.css
static3.niwodai.com/Public/Static/201603/manage/css/ 		0
0
Specter.Tracker.min.js
report.niwodai.com/collector/statics/ 		69 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://report.niwodai.com/collector/statics/Specter.Tracker.min.js
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.132.138.217 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash
68c4dcb99d3a3f28cd05fd468e72a79ef246e3020debcc8f9fd9025f07d405f2

Request headers

Referer
https://xsgzz.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 03 Dec 2018 00:46:30 GMT
Connection
keep-alive
Content-Length
70364
Content-Type
application/javascript; charset=UTF-8
gio.js
assets.growingio.com/2.1/ 		112 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.growingio.com/2.1/gio.js
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.239.8 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-239-8.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2c9b2abd305c74f0cbad8e6b7af9b6a869b1802e7041792c2580ba5211b91621

Request headers

Referer
https://xsgzz.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 03 Dec 2018 00:46:30 GMT
x-amz-request-id
8F3DEADCAF1DBBC9
Akamai-Mon-Iucid-Del
755190
Content-Length
114604
x-amz-id-2
VgZ8eXwLjs1eE4abOCZ/1r24F5V7Lcz0lIVj31RUaOo1fPnWdmJC3lQwcGfUm9JtZWf/xDAs2ZY=
Last-Modified
Mon, 19 Nov 2018 15:07:54 GMT
Server
AmazonS3
ETag
"1f5b4b48aa866785f929e052bae16c6a"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del
Connection
keep-alive
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
index.css
static3.niwodai.com/Public/Static/201603/css/ 		0
0
footclose.png
static3.niwodai.com/Public/Static/201603/css/index/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static3.niwodai.com/Public/Static/201603/css/index/footclose.png
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
HTTP/1.1
Server
163.171.128.148 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
/
Resource Hash
4187c7f696d096e92e20bbdf627ba7ab4b02d8b2069ba5b064f649a0852aec95
Security Headers
Name Value
X-Frame-Options ALLOW-FROM

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 02 Dec 2018 04:56:30 GMT
Last-Modified
Mon, 06 Mar 2017 05:30:51 GMT
Age
1
ETag
"58bcf40b-598"
X-Frame-Options
ALLOW-FROM
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1432
X-Via
1.1 PSdgflkfFRA1je97:14 (Cdn Cache Server V2.0)
footer_small.png
static3.niwodai.com/Public/Static/201603/css/index/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static3.niwodai.com/Public/Static/201603/css/index/footer_small.png
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
HTTP/1.1
Server
163.171.128.148 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
/
Resource Hash
dc1ef4001b623e9a15f0306756535d327451d6b806f3b8cd8fa139027725e8a5
Security Headers
Name Value
X-Frame-Options ALLOW-FROM

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 02 Dec 2018 04:56:31 GMT
Last-Modified
Mon, 06 Mar 2017 06:41:13 GMT
Age
1
ETag
"58bd0489-1aed"
X-Frame-Options
ALLOW-FROM
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6893
X-Via
1.1 PSdgflkfFRA1vg90:8 (Cdn Cache Server V2.0)
newIndex.js
xsgzz.com/portal/js/intebid/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xsgzz.com/portal/js/intebid/newIndex.js
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.116.214.10 -, , ASN136800 (XIAOZHIYUN1-AS-AP ICIDC NETWORK, US),
Reverse DNS
Software
Apache / PHP/5.4.45
Resource Hash
ea11ddca1392d2d52f2c6bf5d7c49714c984c1c2f13ffff0990e6a20841a6d59

Request headers

:path
/portal/js/intebid/newIndex.js
pragma
no-cache
cookie
PHPSESSID=0k88kjsru1vb032vfd8b6inbl4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
xsgzz.com
referer
https://xsgzz.com/
:scheme
https
:method
GET
Referer
https://xsgzz.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Dec 2018 00:47:19 GMT
content-encoding
gzip
server
Apache
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
2495
expires
Thu, 19 Nov 1981 08:52:00 GMT
19773979.js
js.users.51.la/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.users.51.la/19773979.js
Requested by
Host: news.zhgrf.cn
URL: https://news.zhgrf.cn/baidu/ty.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.243.212.50 Beijing, China, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
76b990c5ebffca9197b5690fc532ee5076d3bc2eb8efdc220f14c175c207ff2f

Request headers

Referer
https://xsgzz.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-id
19773979
id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSC0XyuNRBo9r8mx/BfYiC4M152VXYxa
Last-Modified
Sat Dec 01 20:37:50 CST 2018
Server
nginx/1.14.0
Age
43644
ETag
"0d31af781668e571b0dec0712869e92c"
Content-Type
application/javascript;charset=UTF-8
version-id
G001116769C66C42FFFF900600761830
Date
Mon, 03 Dec 2018 00:46:30 GMT
Content-Disposition
inline;filename=f.txt
Connection
keep-alive
request-id
000001676EEDEFF4904B906182AD29E3
x-reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Content-Length
5068
X-Via
1.1 luoshan74:4 (Cdn Cache Server V2.0)[365 200 2], 1.1 lsh187:3 (Cdn Cache Server V2.0)[0 200 0]
touch
api.growingio.com/ 		52 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.growingio.com/touch
Requested by
Host: assets.growingio.com
URL: https://assets.growingio.com/2.1/gio.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.223.34.2 Beijing, China, ASN55960 (BJ-GUANGHUAN-AP Beijing Guanghuan Xinwang Digital, CN),
Reverse DNS
ec2-54-223-34-2.cn-north-1.compute.amazonaws.com.cn
Software
nginx /
Resource Hash
788d28629ad46053d402c88aa3d04e733d58bc9128d7cb2a5347cee016fd8570

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xsgzz.com/
Origin
https://xsgzz.com

Response headers

Date
Mon, 03 Dec 2018 00:46:31 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP PSAa OUR BUS IND ONL UNI COM NAV INT LOC"
Access-Control-Allow-Origin
https://xsgzz.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Headers
x-requested-with,content-type,Cache-Control,Pragma,Date,x-timestamp
Content-Length
52
pv
api.growingio.com/v2/9937adf3fb8f24b9/web/ 		0
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.growingio.com/v2/9937adf3fb8f24b9/web/pv?stm=1543797990332
Requested by
Host: assets.growingio.com
URL: https://assets.growingio.com/2.1/gio.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.223.34.2 Beijing, China, ASN55960 (BJ-GUANGHUAN-AP Beijing Guanghuan Xinwang Digital, CN),
Reverse DNS
ec2-54-223-34-2.cn-north-1.compute.amazonaws.com.cn
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xsgzz.com/
Origin
https://xsgzz.com

Response headers

Date
Mon, 03 Dec 2018 00:46:32 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP PSAa OUR BUS IND ONL UNI COM NAV INT LOC"
Access-Control-Allow-Origin
https://xsgzz.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Headers
x-requested-with,content-type,Cache-Control,Pragma,Date,x-timestamp
Content-Length
0
go1
ia.51.la/ 		0
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ia.51.la/go1?id=19773979&rt=1543797990848&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=bet365%25E4%25BD%2593%25E8%2582%25B2%252Cbet%25E4%25BD%2593%25E8%2582%25B2%25E5%25A4%2587%25E7%2594%25A8%252Cbet356%25E4%25BD%2593%25E8%2582%25B2%25E6%258A%2595%25E6%25B3%25A8%25E5%25AE%2598%25E7%25BD%2591%252C&ing=1&ekc=&sid=1543797990848&tt=bet356%25E4%25BD%2593%25E8%2582%25B2%25E6%258A%2595%25E6%25B3%25A8%25E2%2580%2594-%25E9%25A6%2596%25E9%25A1%25B5&kw=bet356%25E4%25BD%2593%25E8%2582%25B2%25E6%258A%2595%25E6%25B3%25A8&cu=https%253A%252F%252Fxsgzz.com%252F&pu=
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
183.131.207.78 Jinhua, China, ASN136190 (CHINATELECOM-YUNNAN-DALI-MAN DaLi, CN),
Reverse DNS
Software
HuaweiCloudWAF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xsgzz.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 03 Dec 2018 00:46:32 GMT
Server
HuaweiCloudWAF
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
/
hao123.hnkejizz.net/kkk999/ Frame F9A7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hao123.hnkejizz.net/kkk999/
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.37.244.89 Las Vegas, United States, ASN46844 (ST-BGP - Sharktech, US),
Reverse DNS
node-104-37-244-89.reverse.x4b.me
Software
Apache/2.4.27 (Win32) OpenSSL/1.0.2l mod_fcgid/2.3.9 /
Resource Hash

Request headers

Host
hao123.hnkejizz.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://xsgzz.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xsgzz.com/

Response headers

Date
Mon, 03 Dec 2018 00:39:17 GMT
Server
Apache/2.4.27 (Win32) OpenSSL/1.0.2l mod_fcgid/2.3.9
Last-Modified
Tue, 06 Nov 2018 15:23:50 GMT
ETag
"ce0-57a0096ac0d80"
Accept-Ranges
bytes
Content-Length
3296
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
hm.js
hm.baidu.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?4f643b1bed1b7877882f11df6638e800
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
7cbfd29c7269c9e66a2bc3e58355ceb6264f9829aa15be77762f0e91b07453ed
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://xsgzz.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 03 Dec 2018 00:46:31 GMT
Content-Encoding
gzip
Server
apache
Etag
3393ec14b3570ab138790f3beef194fb
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
9195
gtm.js
www.googletagmanager.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T6K884
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
b0338abd6e651116bac98d1a8a9507dca11ec6d30b7433d521a673fb571e7387
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xsgzz.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 03 Dec 2018 00:46:30 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
27515
x-xss-protection
1; mode=block
expires
Mon, 03 Dec 2018 00:46:30 GMT
general
tags.growingio.com/products/9937adf3fb8f24b9/web/xsgzz.com/settings/ 		13 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.growingio.com/products/9937adf3fb8f24b9/web/xsgzz.com/settings/general
Requested by
Host: assets.growingio.com
URL: https://assets.growingio.com/2.1/gio.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.80.248.13 Beijing, China, ASN55960 (BJ-GUANGHUAN-AP Beijing Guanghuan Xinwang Digital, CN),
Reverse DNS
ec2-52-80-248-13.cn-north-1.compute.amazonaws.com.cn
Software
GrowingIO /
Resource Hash
87ff912d0d46caf98743adc68cde8c4e1439bd402dfd1c7694d13bb337903a62

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xsgzz.com/
Origin
https://xsgzz.com

Response headers

status
200
date
Mon, 03 Dec 2018 00:46:42 GMT
access-control-allow-credentials
true
server
GrowingIO
access-control-allow-origin
https://xsgzz.com
content-type
application/json; charset=utf-8
%2Fcms%2Fimage%2F3358cb0d-a078-4c00-84ea-284632393dcc.jpg
static5.niwodai.com/ 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static5.niwodai.com/%2Fcms%2Fimage%2F3358cb0d-a078-4c00-84ea-284632393dcc.jpg
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
HTTP/1.1
Server
163.171.128.148 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
/
Resource Hash
1990a14a990a6a514a68f270ee3426bd27419b03cfdd7c1db64cfe87cd4a7e52
Security Headers
Name Value
X-Frame-Options ALLOW-FROM

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 02 Dec 2018 04:56:31 GMT
Last-Modified
Wed, 24 Oct 2018 07:58:08 GMT
Age
1
ETag
"5bd02610-17932"
X-Frame-Options
ALLOW-FROM
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
96562
X-Via
1.1 xinxzai205:10 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:13 (Cdn Cache Server V2.0)
%2Fcms%2Fimage%2F2d116157-fdbd-4622-a831-cd5386fe4760.jpg
static5.niwodai.com/ 		351 KB
352 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static5.niwodai.com/%2Fcms%2Fimage%2F2d116157-fdbd-4622-a831-cd5386fe4760.jpg
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
HTTP/1.1
Server
163.171.128.148 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
/
Resource Hash
226419bf3d23cbc1447d6ed2313cf260a6f5c338dfc29aa9443bf3358c693e79
Security Headers
Name Value
X-Frame-Options ALLOW-FROM

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 02 Dec 2018 04:56:31 GMT
Last-Modified
Fri, 09 Nov 2018 10:27:35 GMT
Age
1
ETag
"5be56117-57deb"
X-Frame-Options
ALLOW-FROM
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
359915
X-Via
1.1 PSdgflkfFRA1lr89:12 (Cdn Cache Server V2.0)
%2Fcms%2Fimage%2F25457611-6392-4c36-baf4-b35a19dd4660.jpg
static5.niwodai.com/ 		174 KB
174 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static5.niwodai.com/%2Fcms%2Fimage%2F25457611-6392-4c36-baf4-b35a19dd4660.jpg
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
HTTP/1.1
Server
163.171.128.148 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
/
Resource Hash
5cb7613af7008595e0c544dea8156552a5598e80afbf47187182ba0a2d11fac3
Security Headers
Name Value
X-Frame-Options ALLOW-FROM

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 02 Dec 2018 04:56:31 GMT
Last-Modified
Thu, 01 Nov 2018 03:15:02 GMT
Age
1
ETag
"5bda6fb6-2b81b"
X-Frame-Options
ALLOW-FROM
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
178203
X-Via
1.1 dx111:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1gi91:4 (Cdn Cache Server V2.0)
%2Fcms%2Fimage%2F0f673049-2e07-4af2-96a8-33bdf4028232.jpg
static5.niwodai.com/ 		152 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static5.niwodai.com/%2Fcms%2Fimage%2F0f673049-2e07-4af2-96a8-33bdf4028232.jpg
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
HTTP/1.1
Server
163.171.128.148 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
/
Resource Hash
08fcfb0b49e0760f1e9880a3ebff0a83b59b6f89658575e94a7958db0914cb72
Security Headers
Name Value
X-Frame-Options ALLOW-FROM

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 02 Dec 2018 11:39:15 GMT
Last-Modified
Mon, 26 Nov 2018 10:16:12 GMT
Age
1
ETag
"5bfbc7ec-2610f"
X-Frame-Options
ALLOW-FROM
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
155919
X-Via
1.1 xinxzai205:2 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:4 (Cdn Cache Server V2.0)
%2Fcms%2Fimage%2F03b18b5c-01e6-49e2-be85-5eb88d90023d.jpg
static5.niwodai.com/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static5.niwodai.com/%2Fcms%2Fimage%2F03b18b5c-01e6-49e2-be85-5eb88d90023d.jpg
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
HTTP/1.1
Server
163.171.128.148 , European Union, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
/
Resource Hash
9d6ade78f9b2eead5d198ed146fa107faa7dc416599d85089ff057408a89b31a
Security Headers
Name Value
X-Frame-Options ALLOW-FROM

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 02 Dec 2018 11:39:16 GMT
Last-Modified
Fri, 30 Nov 2018 13:19:55 GMT
Age
1
ETag
"5c0138fb-126e1"
X-Frame-Options
ALLOW-FROM
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
75489
X-Via
1.1 xinxzai206:7 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:4 (Cdn Cache Server V2.0)
track
report.niwodai.com/collector/web/ 		39 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://report.niwodai.com/collector/web/track?stm=1543797991667
Requested by
Host: report.niwodai.com
URL: https://report.niwodai.com/collector/statics/Specter.Tracker.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.132.138.217 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e41ce9c2257996a84d49fa863bd1671695597e11fa291065c00e4894ed502edb

Request headers

Referer
https://xsgzz.com/
Origin
https://xsgzz.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://xsgzz.com
Date
Mon, 03 Dec 2018 00:46:31 GMT
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
39
vary
origin
Content-Type
text/plain; charset=UTF-8
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1405840908&si=4f643b1bed1b7877882f11df6638e800&v=1.2.35&lv=1&ct=!!&tt=bet356%E4%BD%93%E8%82%B2%E6%8A%95%E6%B3%A8%E2%80%94-%E9%A6%96%E9%A1%B5&sn=55532
Requested by
Host: xsgzz.com
URL: https://xsgzz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://xsgzz.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Dec 2018 00:46:32 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
pv
api.growingio.com/v2/9937adf3fb8f24b9/web/ 		0
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.growingio.com/v2/9937adf3fb8f24b9/web/pv?stm=1543797992241
Requested by
Host: assets.growingio.com
URL: https://assets.growingio.com/2.1/gio.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.223.34.2 Beijing, China, ASN55960 (BJ-GUANGHUAN-AP Beijing Guanghuan Xinwang Digital, CN),
Reverse DNS
ec2-54-223-34-2.cn-north-1.compute.amazonaws.com.cn
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xsgzz.com/
Origin
https://xsgzz.com

Response headers

Date
Mon, 03 Dec 2018 00:46:32 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP PSAa OUR BUS IND ONL UNI COM NAV INT LOC"
Access-Control-Allow-Origin
https://xsgzz.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Headers
x-requested-with,content-type,Cache-Control,Pragma,Date,x-timestamp
Content-Length
0
action
api.growingio.com/v2/9937adf3fb8f24b9/web/ 		0
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.growingio.com/v2/9937adf3fb8f24b9/web/action?stm=1543797992412
Requested by
Host: assets.growingio.com
URL: https://assets.growingio.com/2.1/gio.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.223.34.2 Beijing, China, ASN55960 (BJ-GUANGHUAN-AP Beijing Guanghuan Xinwang Digital, CN),
Reverse DNS
ec2-54-223-34-2.cn-north-1.compute.amazonaws.com.cn
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://xsgzz.com/
Origin
https://xsgzz.com

Response headers

Date
Mon, 03 Dec 2018 00:46:34 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP PSAa OUR BUS IND ONL UNI COM NAV INT LOC"
Access-Control-Allow-Origin
https://xsgzz.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Headers
x-requested-with,content-type,Cache-Control,Pragma,Date,x-timestamp
Content-Length
0
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=%7B%22netAll%22%3A1270%2C%22netDns%22%3A19%2C%22netTcp%22%3A442%2C%22srv%22%3A353%2C%22dom%22%3A3595%2C%22loadEvent%22%3A6735%7D&et=87&ja=0&ln=en-us&lo=0&rnd=1652746180&si=4f643b1bed1b7877882f11df6638e800&v=1.2.35&lv=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://xsgzz.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Dec 2018 00:46:33 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static3.niwodai.com
URL
http://static3.niwodai.com/Public/Static/201603/css/nwd_common.css?v=20181202120434.css
Domain
static3.niwodai.com
URL
http://static3.niwodai.com/Public/Static/201603/manage/css/nwd_perCenter.css?v=20181202120434.css
Domain
static3.niwodai.com
URL
http://static3.niwodai.com/Public/Static/201603/manage/css/nwd_vipStyle.css?v=20181202120434.css
Domain
static3.niwodai.com
URL
http://static3.niwodai.com/Public/Static/201603/css/index.css?v=20181202120434.css

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| V_PATH function| specter function| gio object| tag function| gios string| ss function| GrLocalStore function| MutationSummary object| grSource boolean| _gr_support_circle_pop_out boolean| grSdkInstalled object| vds boolean| grBlind number| grWaitTime string| trackHostUrl object| gioGlobalArray object| _vds object| _hmt string| staticCss string| cssVersion string| staticUrl object| theBody string| httpsUrl string| httpUrl number| startYear number| startMonth number| startDay object| date number| endYear number| endMonth number| diffYear number| diffMonth number| diffDay number| endDay function| goTopEx undefined| newright object| dataLayer number| grImpCtrl object| google_tag_manager object| sSource object| _specter object| customs number| start number| sWaitTime boolean| _bdhm_loaded_4f643b1bed1b7877882f11df6638e800 object| mini_tangram_log_5bjvf3 object| mini_tangram_log_985e8q

13 Cookies

Domain/Path Name / Value
.xsgzz.com/ Name: 9937adf3fb8f24b9_gr_session_id_709cd7b5-4a28-4d1e-abca-dccbf5f539df
Value: true
.xsgzz.com/ Name: Hm_lpvt_4f643b1bed1b7877882f11df6638e800
Value: 1543797992
.xsgzz.com/ Name: specter_time_abef8227d49d8d54d8eabde3b2fea08d
Value: 1543797991658%7Chttps%3A%2F%2Fxsgzz.com%2F
.xsgzz.com/ Name: specter_fpid
Value: 9525ab07-e35e-4ddf-8676-d856ec25b57f
.xsgzz.com/ Name: Hm_lvt_4f643b1bed1b7877882f11df6638e800
Value: 1543797992
.xsgzz.com/ Name: grwng_uid
Value: 6d0d47b8-facb-43f6-ba8f-fa2255f72f02
.xsgzz.com/ Name: specter_sid_abef8227d49d8d54d8eabde3b2fea08d
Value: 615cc698-8ea9-4d65-adf2-82a8318e365e
.xsgzz.com/ Name: specter_campaign_abef8227d49d8d54d8eabde3b2fea08d
Value: %7B%22%24utm_source%22%3A%22%22%2C%22%24utm_medium%22%3A%22%22%2C%22%24utm_campaign%22%3A%22%22%2C%22%24utm_content%22%3A%22%22%2C%22%24utm_term%22%3A%22%22%2C%22%24source_id%22%3A%22%22%2C%22%24nwd_ext_aid%22%3A%22%22%7D
xsgzz.com/ Name: __51laig__
Value: 1
.xsgzz.com/ Name: 9937adf3fb8f24b9_gr_session_id
Value: 709cd7b5-4a28-4d1e-abca-dccbf5f539df
xsgzz.com/ Name: __51cke__
Value:
xsgzz.com/ Name: __tins__19773979
Value: %7B%22sid%22%3A%201543797990848%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201543799790848%7D
.xsgzz.com/ Name: gr_user_id
Value: 25acb7c1-0fb3-45f0-a1ca-d01953096d48

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.growingio.com
assets.growingio.com
hao123.hnkejizz.net
hm.baidu.com
ia.51.la
js.users.51.la
news.zhgrf.cn
report.niwodai.com
static.niwodai.com
static3.niwodai.com
static5.niwodai.com
tags.growingio.com
www.googletagmanager.com
xsgzz.com
static3.niwodai.com
101.132.138.217
103.116.214.10
103.235.46.191
104.111.239.8
104.37.244.89
156.239.112.102
163.171.128.148
163.171.140.176
183.131.207.78
220.243.212.50
2a00:1450:4001:81f::2008
52.80.248.13
54.223.34.2
08fcfb0b49e0760f1e9880a3ebff0a83b59b6f89658575e94a7958db0914cb72
1990a14a990a6a514a68f270ee3426bd27419b03cfdd7c1db64cfe87cd4a7e52
226419bf3d23cbc1447d6ed2313cf260a6f5c338dfc29aa9443bf3358c693e79
2c9b2abd305c74f0cbad8e6b7af9b6a869b1802e7041792c2580ba5211b91621
4187c7f696d096e92e20bbdf627ba7ab4b02d8b2069ba5b064f649a0852aec95
420b753ae33d90b0b6efaad89e0e835d6f17c8a890983c00deb071402d21817c
5cb7613af7008595e0c544dea8156552a5598e80afbf47187182ba0a2d11fac3
61d73a5c570ba4577a8d84dfbdd46f52db81d67c8361a9dedddeb0fb3a63e099
68c4dcb99d3a3f28cd05fd468e72a79ef246e3020debcc8f9fd9025f07d405f2
6b4cb6364e01a32aa1c2385aa2a3e7829527147af3ddd9b3437da52391939ef0
76b990c5ebffca9197b5690fc532ee5076d3bc2eb8efdc220f14c175c207ff2f
788d28629ad46053d402c88aa3d04e733d58bc9128d7cb2a5347cee016fd8570
7cbfd29c7269c9e66a2bc3e58355ceb6264f9829aa15be77762f0e91b07453ed
87ff912d0d46caf98743adc68cde8c4e1439bd402dfd1c7694d13bb337903a62
88c8f8ae08e688d507e25b2c53a8480a4ad18ed0b4c2ca731bf97f79c092c0ab
95d9bf4399a99751496b155df06e650e4ff67bede76880ba0a3e2767b08fc005
9d6ade78f9b2eead5d198ed146fa107faa7dc416599d85089ff057408a89b31a
b0338abd6e651116bac98d1a8a9507dca11ec6d30b7433d521a673fb571e7387
b27d510cb711fd8cd8264a290714cfc6fb3f5922b13b55032af1ff794e8418d2
cbeffe32faebadad86f6bd14239b0a8c5ed141e9d2c4439566f4ba68a8f1d12c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dc1ef4001b623e9a15f0306756535d327451d6b806f3b8cd8fa139027725e8a5
dd98d4c8da93269f99646d535d19408a9170061c889bc3322ad93ed41f4ffa57
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41ce9c2257996a84d49fa863bd1671695597e11fa291065c00e4894ed502edb
ea11ddca1392d2d52f2c6bf5d7c49714c984c1c2f13ffff0990e6a20841a6d59