www.xinhuaguomao.com Open in urlscan Pro
107.165.39.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xinhuaguomao.com/
Effective URL:
http://www.xinhuaguomao.com/
Submission: On July 08 via manual (July 8th 2022, 2:04:56 pm UTC) from US — Scanned from SE

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 33 HTTP transactions. The main IP is 107.165.39.133, located in United States and belongs to EGIHOSTING, US. The main domain is www.xinhuaguomao.com.

This is the only time www.xinhuaguomao.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete 78.apk 32 MB

Size: 32 MB (33495274 bytes, 60% done)

Downloaded from: https://buket1990.oss-cn-shenzhen.aliyuncs.com/download/78.apk

Domain & IP information

	IP Address	AS Autonomous System
1 4	107.165.39.133 107.165.39.133	18779 (EGIHOSTING) (EGIHOSTING)
2	182.61.201.94 182.61.201.94	38365 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	183.131.207.66 183.131.207.66	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
1	154.23.138.212 154.23.138.212	140224 (SGPL-AS-A...) (SGPL-AS-AP STARCLOUD GLOBAL PTE.)
5	154.23.138.242 154.23.138.242	140224 (SGPL-AS-A...) (SGPL-AS-AP STARCLOUD GLOBAL PTE.)
1	115.126.91.3 115.126.91.3	38186 (FTG-AS-AP...) (FTG-AS-AP Forewin Telecom Group Limited)
14	172.247.73.236 172.247.73.236	40065 (CNSERVERS) (CNSERVERS)
3	115.126.68.13 115.126.68.13	38186 (FTG-AS-AP...) (FTG-AS-AP Forewin Telecom Group Limited)
1 1	115.126.91.14 115.126.91.14	38186 (FTG-AS-AP...) (FTG-AS-AP Forewin Telecom Group Limited)
1	120.77.166.114 120.77.166.114	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
33	10

4 107.165.39.133 (United States) 1 redirects

ASN18779 (EGIHOSTING, US)

xinhuaguomao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.xinhuaguomao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.61.201.94 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

push.zhanzhang.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.share.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.131.207.66 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.23.138.212 (United States)

ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG)

api-nntv44.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 154.23.138.242 (United States)

ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG)

niujzc3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 115.126.91.3 (Hong Kong)

ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK)

rmj6w.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.247.73.236 (United States)

ASN40065 (CNSERVERS, US)

rmjloveyue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 115.126.68.13 (Hong Kong)

ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK)

sdk.helloins.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 115.126.91.14 (Hong Kong) 1 redirects

ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK)

app-a0e588xd.helloins.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 120.77.166.114 (Shenzhen, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

buket1990.oss-cn-shenzhen.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	rmjloveyue.com rmjloveyue.com	457 KB
5	niujzc3.com niujzc3.com	50 KB
4	helloins.cc 1 redirects sdk.helloins.cc app-a0e588xd.helloins.cc	21 KB
4	baidu.com push.zhanzhang.baidu.com — Cisco Umbrella Rank: 66055 hm.baidu.com — Cisco Umbrella Rank: 7790 api.share.baidu.com — Cisco Umbrella Rank: 48124	13 KB
4	xinhuaguomao.com 1 redirects xinhuaguomao.com www.xinhuaguomao.com	12 KB
1	aliyuncs.com buket1990.oss-cn-shenzhen.aliyuncs.com
1	rmj6w.cc rmj6w.cc	352 B
1	api-nntv44.com api-nntv44.com	344 B
1	51.la ia.51.la — Cisco Umbrella Rank: 53210	216 B
33	9

	Domain	Requested by
14	rmjloveyue.com	rmj6w.cc rmjloveyue.com www.xinhuaguomao.com
5	niujzc3.com	www.xinhuaguomao.com niujzc3.com
3	sdk.helloins.cc	rmjloveyue.com sdk.helloins.cc
3	www.xinhuaguomao.com	www.xinhuaguomao.com
2	hm.baidu.com	www.xinhuaguomao.com
1	buket1990.oss-cn-shenzhen.aliyuncs.com	sdk.helloins.cc
1	app-a0e588xd.helloins.cc	1 redirects
1	rmj6w.cc	niujzc3.com
1	api.share.baidu.com	www.xinhuaguomao.com
1	api-nntv44.com	www.xinhuaguomao.com
1	ia.51.la	www.xinhuaguomao.com
1	push.zhanzhang.baidu.com	www.xinhuaguomao.com
1	xinhuaguomao.com	1 redirects
33	13

This site contains no links.

Subject Issuer	Validity	Valid
baidu.com GlobalSign RSA OV SSL CA 2018	`2021-11-15` - `2022-08-02`	9 months	crt.sh
niujzc1.com R3	`2022-06-29` - `2022-09-27`	3 months	crt.sh
niujzc3.com R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
rmj6w.cc R3	`2022-07-01` - `2022-09-29`	3 months	crt.sh
rmjloveyue.com R3	`2022-07-07` - `2022-10-05`	3 months	crt.sh
helloins.cc R3	`2022-05-05` - `2022-08-03`	3 months	crt.sh
*.oss-cn-shenzhen.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-01-20` - `2023-02-21`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://www.xinhuaguomao.com/
Frame ID: 03EF096372E47C8E15C8121B776000A6
Requests: 9 HTTP requests in this frame

Frame: https://buket1990.oss-cn-shenzhen.aliyuncs.com/download/78.apk
Frame ID: FD315194EFBB81BB1CEC1F60E694E168
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

周口僦敦传媒广告有限公司

Page URL History Show full URLs

http://xinhuaguomao.com/ HTTP 301
http://www.xinhuaguomao.com/ Page URL

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

82 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

10
IPs

3
Countries

553 kB
Transfer

2079 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xinhuaguomao.com/ HTTP 301
http://www.xinhuaguomao.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://app-a0e588xd.helloins.cc/page/a0e588xd/install/c/eyJjIjoiVyIsIm0iOiJxU0RBQVZSa19wc0FBQUdCM2h6eGQ2LXN5U0ZFMzBkQkhiRFV3LU9IS0RacklwZTI2WmxJbjJtcWZndm8ifQ==?p=0 HTTP 302
https://buket1990.oss-cn-shenzhen.aliyuncs.com/download/78.apk

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.xinhuaguomao.com/
Redirect Chain

http://xinhuaguomao.com/
http://www.xinhuaguomao.com/

2 KB
2 KB

397ms
196ms

Document
text/html

107.165.39.133
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://www.xinhuaguomao.com/
Protocol: HTTP/1.1
Server: 107.165.39.133 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: nginx /
Resource Hash: 5aa4a6b3c81ad9bfbc783b65f1c7c348321dae8194408866dff834ac5f8a4ca5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Content-Length: 2096
Content-Type: text/html
Date: Fri, 08 Jul 2022 14:04:10 GMT
Server: nginx

Redirect headers

Content-Length: 0
Content-Type: text/html
Location: http://www.xinhuaguomao.com/
Server: nginx

GET
H/1.1 200
OK tj.js Show response
www.xinhuaguomao.com/ 5 KB
5 KB 196ms
195ms Script
application/x-javascript 107.165.39.133
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://www.xinhuaguomao.com/tj.js
Requested by: Host: www.xinhuaguomao.com
URL: http://www.xinhuaguomao.com/
Protocol: HTTP/1.1
Server: 107.165.39.133 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: nginx /
Resource Hash: 64143f51d79a598e852bd16cc6b7d33e97831bf8a7d762b6ab94420eaaf6d5d8

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.xinhuaguomao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 14:04:10 GMT
Server: nginx
Content-Length: 5160
Content-Type: application/x-javascript

GET
H/1.1 200
OK common.js Show response
www.xinhuaguomao.com/ 4 KB
4 KB 401ms
204ms Script
application/x-javascript 107.165.39.133
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://www.xinhuaguomao.com/common.js
Requested by: Host: www.xinhuaguomao.com
URL: http://www.xinhuaguomao.com/
Protocol: HTTP/1.1
Server: 107.165.39.133 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: nginx /
Resource Hash: b7da23346bec7fc249269b3e6f06b8a0f6190e24f678052bd2ae26afe54a01db

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.xinhuaguomao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 14:04:10 GMT
Server: nginx
Content-Length: 4143
Content-Type: application/x-javascript

GET
H/1.1 200
OK push.js Show response
push.zhanzhang.baidu.com/ 281 B
752 B 1438ms
348ms Script
text/javascript 182.61.201.94
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL: http://push.zhanzhang.baidu.com/push.js
Requested by: Host: www.xinhuaguomao.com
URL: http://www.xinhuaguomao.com/
Protocol: HTTP/1.1
Server: 182.61.201.94 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: apache /
Resource Hash: 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.xinhuaguomao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 14:04:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
Server: apache
Etag: "4078521116"
Vary: Accept-Encoding
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 227
Expires: Sat, 08 Jul 2023 14:04:13 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 1324ms
458ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?429ce1c01926c587548c8f0813ca5ecd

Requested by

Host: www.xinhuaguomao.com
URL: http://www.xinhuaguomao.com/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

72bba1e87435200adf1cd522997f51624c067f3bc2a1f6e0ed4439abb46f86bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.xinhuaguomao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 14:04:13 GMT
Content-Encoding: gzip
Server: apache
Etag: 33c2a91d71c18fb721d32124b3f5776c
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11339

GET
H/1.1 200 go1
ia.51.la/ 0
216 B 1849ms
901ms Image
text/plain 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ia.51.la/go1?id=21145099&rt=1657289056920&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=2022%25E5%25B9%25B4%25E3%2580%2590ktv%25E9%2599%25AA%25E5%2594%25B1%25E5%25A4%259A%25E5%25B0%2591%25E9%2592%25B1_%25E5%2587%25BA%25E5%258F%25B0%25E5%25B0%258F%25E5%25A7%2590%252C%25E6%25AC%25A2%25E8%25BF%258E%25E6%2582%25A8%25E7%259A%2584%25E5%2585%2589%25E4%25B8%25B4%25E3%2580%2591ktv&ing=1&ekc=&sid=1657289056920&tt=%25E5%2591%25A8%25E5%258F%25A3%25E5%2583%25A6%25E6%2595%25A6%25E4%25BC%25A0%25E5%25AA%2592%25E5%25B9%25BF%25E5%2591%258A%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=ktv%25E9%2599%25AA%25E5%2594%25B1%25E5%25A4%259A%25E5%25B0%2591%25E9%2592%25B1%252Cktv%25E9%2599%25AA%25E5%2594%25B1%25E7%259A%2584%25E5%258F%25AF%25E4%25BB%25A5%25E5%25B8%25A6%25E5%2587%25BA%25E5%258E%25BB%25E7%259D%25A1%25E8%25A7%2589%25E5%2590%2597%252Cktv%25E9%2599%25AA%25E5%2594%25B1%25E7%259A%2584%25E5%25B9%25B2%25E5%2587%2580%25E5%2590%2597%252Cktv%25E9%2599%25AA%25E5%2594%25B1500%25E8%2583%25BD%25E5%25AF%25B9%25E5%25A5%25B9%25E5%2581%259A%25E4%25BB%2580%25E4%25B9%2588&cu=http%253A%252F%252Fwww.xinhuaguomao.com%252F&pu=
Requested by: Host: www.xinhuaguomao.com
URL: http://www.xinhuaguomao.com/
Protocol: HTTP/1.1
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.xinhuaguomao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 14:04:14 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0

GET
H2 200 common.php Show response
api-nntv44.com/ 80 B
344 B 740ms
241ms XHR
application/json 154.23.138.212
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-nntv44.com/common.php?val=niuniujzc&t=0.024995384219248074?v=012491388387422186

Requested by

Host: www.xinhuaguomao.com
URL: http://www.xinhuaguomao.com/common.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.23.138.212 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),

Reverse DNS

Software

nginx /

Resource Hash

9b7e9ec32b9edcb7789e4b5030aa6b22c583cbc37a2f80150b92c7305def7159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.xinhuaguomao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 14:04:12 GMT
server: nginx
strict-transport-security: max-age=31536000
access-control-allow-methods: POST,GET,OPTIONS,DELETE
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin

GET
H2 200 / Show response
niujzc3.com/ Frame FD31 528 B
681 B 775ms
253ms Document
text/html 154.23.138.242
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL

https://niujzc3.com/?tt=1657289052

Requested by

Host: www.xinhuaguomao.com
URL: http://www.xinhuaguomao.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.23.138.242 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),

Reverse DNS

Software

nginx /

Resource Hash

8e4bc86f547826436987517fe678376d8555fbb087289d484b5a58fc16ab324b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.xinhuaguomao.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
content-length: 528
content-type: text/html
date: Fri, 08 Jul 2022 14:04:13 GMT
etag: "607dabe4-210"
last-modified: Mon, 19 Apr 2021 16:12:20 GMT
server: nginx
strict-transport-security: max-age=31536000

GET
H/1.1 200
OK s.gif
api.share.baidu.com/ 0
116 B 975ms
325ms Image
text/plain 182.61.201.94
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.share.baidu.com/s.gif?l=http://www.xinhuaguomao.com/
Requested by: Host: www.xinhuaguomao.com
URL: http://www.xinhuaguomao.com/
Protocol: HTTP/1.1
Server: 182.61.201.94 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.xinhuaguomao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 14:04:14 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H2 200 jquery-3.5.1.min.js Show response
niujzc3.com/js/ Frame FD31 87 KB
34 KB 509ms
508ms Script
application/javascript 154.23.138.242
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL

https://niujzc3.com/js/jquery-3.5.1.min.js

Requested by

Host: niujzc3.com
URL: https://niujzc3.com/?tt=1657289052

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.23.138.242 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),

Reverse DNS

Software

nginx /

Resource Hash

f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://niujzc3.com/?tt=1657289052
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 14:04:13 GMT
content-encoding: gzip
last-modified: Tue, 05 Jan 2021 12:17:50 GMT
server: nginx
etag: W/"5ff458ee-15d86"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Sat, 09 Jul 2022 02:04:13 GMT

GET
H2 200 json.js Show response
niujzc3.com/js/ Frame FD31 5 KB
2 KB 555ms
555ms Script
application/javascript 154.23.138.242
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL

https://niujzc3.com/js/json.js

Requested by

Host: niujzc3.com
URL: https://niujzc3.com/?tt=1657289052

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.23.138.242 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),

Reverse DNS

Software

nginx /

Resource Hash

9a31fd4de5d1354c8fa58d50a2d029f7bdd74ba59cab8197eec2d660fcab6269

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://niujzc3.com/?tt=1657289052
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 14:04:13 GMT
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 17:47:46 GMT
server: nginx
etag: W/"61783f42-13f1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Sat, 09 Jul 2022 02:04:13 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 450ms
449ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?si=429ce1c01926c587548c8f0813ca5ecd&n=TypeError&m=Cannot%20read%20properties%20of%20undefined%20(reading%20%27parentNode%27)&r=

Requested by

Host: www.xinhuaguomao.com
URL: http://www.xinhuaguomao.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.xinhuaguomao.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 14:04:14 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 config.json Show response
niujzc3.com/js/ Frame FD31 207 B
362 B 253ms
253ms XHR
application/json 154.23.138.242
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL

https://niujzc3.com/js/config.json?refresh=202278Fri%20Jul%2008%202022%2014:04:19%20GMT+0000%20(GMT)

Requested by

Host: niujzc3.com
URL: https://niujzc3.com/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.23.138.242 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),

Reverse DNS

Software

nginx /

Resource Hash

8218c325729786974d74d2746cbc713e9b3b8a381448131b81b0917f4f0663cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://niujzc3.com/?tt=1657289052
X-Requested-With: XMLHttpRequest
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 14:04:14 GMT
last-modified: Sun, 03 Jul 2022 16:07:33 GMT
server: nginx
etag: "62c1bec5-cf"
strict-transport-security: max-age=31536000
content-type: application/json
accept-ranges: bytes
content-length: 207

GET
H2 200 loading.gif
niujzc3.com/img/ Frame FD31 12 KB
12 KB 254ms
253ms Image
image/gif 154.23.138.242
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://niujzc3.com/img/loading.gif

Requested by

Host: www.xinhuaguomao.com
URL: http://www.xinhuaguomao.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.23.138.242 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),

Reverse DNS

Software

nginx /

Resource Hash

9e075ecd6d4df0e289dda0525e9c1974d2d4534762c819e7bc04e693698e4efe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://niujzc3.com/?tt=1657289052
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 14:04:14 GMT
last-modified: Mon, 19 Apr 2021 15:47:33 GMT
server: nginx
etag: "607da615-306d"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12397
expires: Sun, 07 Aug 2022 14:04:14 GMT

GET
H/1.1 200
OK / Show response
rmj6w.cc/ Frame FD31 103 B
352 B 3557ms
250ms Document
text/html 115.126.91.3
FTG-AS-AP Forewin...

General

Check archive.org

Show headers Download Go to

Full URL: https://rmj6w.cc/
Requested by: Host: niujzc3.com
URL: https://niujzc3.com/js/json.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 115.126.91.3 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software: cdn /
Resource Hash: 976e7deddb5a6722bab5588678bbd5dcc650ac2cbb2318331091e455ef53d681

Request headers

Referer: https://niujzc3.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 103
Content-Type: text/html
Date: Fri, 08 Jul 2022 14:04:18 GMT
ETag: "62c70738-67"
Last-Modified: Thu, 07 Jul 2022 16:18:00 GMT
Server: cdn
X-Cache-Status: HIT

GET
H2 200 / Show response
rmjloveyue.com/ Frame FD31 8 KB
3 KB 6956ms
492ms Document
text/html 172.247.73.236
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://rmjloveyue.com/?channelCode=W
Requested by: Host: rmj6w.cc
URL: https://rmj6w.cc/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.73.236 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash: 0813ad5eb43c450256d2e9698e8fb17575408f19d204ea839f8ed87ff5432264

Request headers

Referer: https://rmj6w.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 08 Jul 2022 14:04:25 GMT
etag: W/"62c462ab-2059"
last-modified: Tue, 05 Jul 2022 16:11:23 GMT
server: cdn-ddos-cc
vary: Accept-Encoding
x-cache-status: MISS

GET
H2 200 index.css
rmjloveyue.com/css/ Frame FD31 5 KB
2 KB 494ms
493ms Stylesheet
text/css 172.247.73.236
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://rmjloveyue.com/css/index.css
Requested by: Host: rmjloveyue.com
URL: https://rmjloveyue.com/?channelCode=W
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.73.236 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash: e2633850ac6591484e78a5e9126fa411d19e60ec19d8d4ffe782458087acc869

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://rmjloveyue.com/?channelCode=W
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 14:04:25 GMT
content-encoding: gzip
last-modified: Tue, 21 Jun 2022 10:04:38 GMT
server: cdn-ddos-cc
etag: W/"62b197b6-128c"
x-cache-status: MISS
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 09 Jul 2022 02:04:25 GMT

GET
H/1.1 200 appsharepro.js Show response
sdk.helloins.cc/web/ Frame FD31 46 KB
19 KB 2287ms
502ms Script
text/javascript 115.126.68.13
FTG-AS-AP Forewin...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.helloins.cc/web/appsharepro.js
Requested by: Host: rmjloveyue.com
URL: https://rmjloveyue.com/?channelCode=W
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 115.126.68.13 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software: cdn /
Resource Hash: 247f7b6f1d9154effd68f3956dd4089eaee33da3781cfc0b316a41f5f97fc9be

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://rmjloveyue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 14:04:27 GMT
Content-Encoding: gzip
Server: cdn
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 logo.png
rmjloveyue.com/images/ Frame FD31 42 KB
42 KB 1089ms
1089ms Image
image/png 172.247.73.236
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rmjloveyue.com/images/logo.png
Requested by: Host: rmjloveyue.com
URL: https://rmjloveyue.com/?channelCode=W
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.73.236 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash: ea7bd37d522c83fd0c1fccda2a32e3a4869f757001dcb46bc97d9cbb612ca1f7

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://rmjloveyue.com/?channelCode=W
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 14:04:25 GMT
last-modified: Mon, 04 Jul 2022 06:00:40 GMT
server: cdn-ddos-cc
etag: "62c28208-a7d8"
x-cache-status: MISS
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 42968
expires: Sun, 07 Aug 2022 14:04:25 GMT

GET
H2 200 img_text.png
rmjloveyue.com/images/ Frame FD31 40 KB
40 KB 1089ms
1089ms Image
image/png 172.247.73.236
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rmjloveyue.com/images/img_text.png
Requested by: Host: rmjloveyue.com
URL: https://rmjloveyue.com/?channelCode=W
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.73.236 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash: eff0273fd3dbf580fa6bcc733f2316c638f235b6fae1d3072dbcf06a9e69cc55

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://rmjloveyue.com/?channelCode=W
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 14:04:25 GMT
last-modified: Tue, 21 Jun 2022 08:43:42 GMT
server: cdn-ddos-cc
etag: "62b184be-9f03"
x-cache-status: MISS
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 40707
expires: Sun, 07 Aug 2022 14:04:25 GMT

GET
H2 200 icon_android.png
rmjloveyue.com/images/ Frame FD31 1 KB
2 KB 1088ms
1088ms Image
image/png 172.247.73.236
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rmjloveyue.com/images/icon_android.png
Requested by: Host: rmjloveyue.com
URL: https://rmjloveyue.com/?channelCode=W
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.73.236 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash: 75c9e254700188ae1de3a7cd7cc714500d554f8d3d95ee5ecd164ce98281abc3

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://rmjloveyue.com/?channelCode=W
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 14:04:25 GMT
last-modified: Tue, 21 Jun 2022 08:43:36 GMT
server: cdn-ddos-cc
etag: "62b184b8-5f1"
x-cache-status: MISS
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1521
expires: Sun, 07 Aug 2022 14:04:25 GMT

GET
H2 200 icon_ios.png
rmjloveyue.com/images/ Frame FD31 1 KB
2 KB 1299ms
1298ms Image
image/png 172.247.73.236
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rmjloveyue.com/images/icon_ios.png
Requested by: Host: rmjloveyue.com
URL: https://rmjloveyue.com/?channelCode=W
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.73.236 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash: b4daf8c6a33eb461598d420c2e0b41c9bf7d649d457bf7f853a3a9e9d5311256

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://rmjloveyue.com/?channelCode=W
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 14:04:26 GMT
last-modified: Tue, 21 Jun 2022 08:43:38 GMT
server: cdn-ddos-cc
etag: "62b184ba-55e"
x-cache-status: MISS
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1374
expires: Sun, 07 Aug 2022 14:04:25 GMT

GET
H2 200 logo-w.png
rmjloveyue.com/images/ Frame FD31 42 KB
42 KB 1088ms
1087ms Image
image/png 172.247.73.236
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rmjloveyue.com/images/logo-w.png
Requested by: Host: rmjloveyue.com
URL: https://rmjloveyue.com/?channelCode=W
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.73.236 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash: ea7bd37d522c83fd0c1fccda2a32e3a4869f757001dcb46bc97d9cbb612ca1f7

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://rmjloveyue.com/?channelCode=W
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 14:04:26 GMT
last-modified: Mon, 04 Jul 2022 06:00:55 GMT
server: cdn-ddos-cc
etag: "62c28217-a7d8"
x-cache-status: MISS
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 42968
expires: Sun, 07 Aug 2022 14:04:25 GMT

GET
H2 200 img_text_m.png
rmjloveyue.com/images/ Frame FD31 15 KB
15 KB 1087ms
1086ms Image
image/png 172.247.73.236
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rmjloveyue.com/images/img_text_m.png
Requested by: Host: rmjloveyue.com
URL: https://rmjloveyue.com/?channelCode=W
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.73.236 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash: d845bbf251fd013e4b9f8cb8e64f963cd466da4b7369f31c78813f8e50faf276

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://rmjloveyue.com/?channelCode=W
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 14:04:26 GMT
last-modified: Tue, 21 Jun 2022 08:43:46 GMT
server: cdn-ddos-cc
etag: "62b184c2-3b61"
x-cache-status: MISS
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15201
expires: Sun, 07 Aug 2022 14:04:25 GMT

GET
H2 200 safair_banner_new.png
rmjloveyue.com/images/ Frame FD31 254 KB
254 KB 1085ms
1082ms Image
image/png 172.247.73.236
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rmjloveyue.com/images/safair_banner_new.png
Requested by: Host: rmjloveyue.com
URL: https://rmjloveyue.com/?channelCode=W
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.73.236 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash: 32cf1cf9503836f1ee31e05ee340393c41bf92441917343720a8b6810bd3e81a

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://rmjloveyue.com/?channelCode=W
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 14:04:25 GMT
last-modified: Tue, 21 Jun 2022 08:44:02 GMT
server: cdn-ddos-cc
etag: "62b184d2-3f6ec"
x-cache-status: MISS
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 259820
expires: Sun, 07 Aug 2022 14:04:25 GMT

GET
H2 200 andriod_banner_new.png
rmjloveyue.com/images/ Frame FD31 10 KB
10 KB 1500ms
1500ms Image
image/png 172.247.73.236
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rmjloveyue.com/images/andriod_banner_new.png
Requested by: Host: rmjloveyue.com
URL: https://rmjloveyue.com/?channelCode=W
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.73.236 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash: 13ee197411f9aea4cb91cb0e50e390bcac7ea7a8e4a03391018b56b41b6fb996

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://rmjloveyue.com/?channelCode=W
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 14:04:26 GMT
last-modified: Tue, 21 Jun 2022 08:43:30 GMT
server: cdn-ddos-cc
etag: "62b184b2-268a"
x-cache-status: MISS
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9866
expires: Sun, 07 Aug 2022 14:04:25 GMT

GET
H2 200 config.js Show response
rmjloveyue.com/js/ Frame FD31 442 B
660 B 494ms
494ms Script
application/javascript 172.247.73.236
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://rmjloveyue.com/js/config.js
Requested by: Host: rmjloveyue.com
URL: https://rmjloveyue.com/?channelCode=W
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.73.236 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash: 43a2fb8d853f17b3f1f4707e9d160b4c0a0892b7936f4bc25fa9fd2a3db8bc71

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://rmjloveyue.com/?channelCode=W
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 14:04:25 GMT
last-modified: Tue, 21 Jun 2022 08:44:14 GMT
server: cdn-ddos-cc
etag: "62b184de-1ba"
x-cache-status: MISS
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 442
expires: Sat, 09 Jul 2022 02:04:25 GMT

GET
H2 206 videolove.mp4
rmjloveyue.com/images/ Frame FD31 48 KB
0 1399ms
1398ms Media
video/mp4 172.247.73.236
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://rmjloveyue.com/images/videolove.mp4
Requested by: Host: rmjloveyue.com
URL: https://rmjloveyue.com/?channelCode=W
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.73.236 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash

Request headers

Referer: https://rmjloveyue.com/?channelCode=W
Accept-Encoding: identity;q=1, *;q=0
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 08 Jul 2022 14:04:28 GMT
last-modified: Tue, 21 Jun 2022 09:56:32 GMT
server: cdn-ddos-cc
etag: "62b195d0-4cb2ef"
x-cache-status: MISS
content-type: video/mp4
Content-Range: bytes 0-5026542/5026543
Content-Length: 5026543

POST
H/1.1 200 init Show response
sdk.helloins.cc/web/a0e588xd/W/ Frame FD31 443 B
1 KB 255ms
255ms XHR
application/json 115.126.68.13
FTG-AS-AP Forewin...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.helloins.cc/web/a0e588xd/W/init?channelCode=W&av=0&cv=0&hash=&sw=p6Cmpg&sh=p6Smpg&sp=1
Requested by: Host: sdk.helloins.cc
URL: https://sdk.helloins.cc/web/appsharepro.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 115.126.68.13 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software: cdn /
Resource Hash: 22ca21cbae3b7324e3e0bcf0350b002946ca04ef4b3886f356f61d09b31afa17

Request headers

Referer: https://rmjloveyue.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 08 Jul 2022 14:04:28 GMT
Server: cdn
X-Cache-Status: MISS
Vary: Origin
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://rmjloveyue.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 443

GET
H2 206 videolove.mp4
rmjloveyue.com/images/ Frame FD31 45 KB
45 KB 757ms
756ms Media
video/mp4 172.247.73.236
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://rmjloveyue.com/images/videolove.mp4
Requested by: Host: rmjloveyue.com
URL: https://rmjloveyue.com/?channelCode=W
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.73.236 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash: a6049204934e6a040a7cf2c7176380d27d60479c5636768dc9437466e4a95440

Request headers

Referer: https://rmjloveyue.com/?channelCode=W
Accept-Encoding: identity;q=1, *;q=0
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=4980736-

Response headers

date: Fri, 08 Jul 2022 14:04:30 GMT
last-modified: Tue, 21 Jun 2022 09:56:32 GMT
server: cdn-ddos-cc
etag: "62b195d0-4cb2ef"
x-cache-status: MISS
content-type: video/mp4
Content-Range: bytes 4980736-5026542/5026543
Content-Length: 45807

POST
H/1.1 200 clicked
sdk.helloins.cc/web/a0e588xd/W/ Frame FD31 0
474 B 255ms
255ms Ping
text/plain 115.126.68.13
FTG-AS-AP Forewin...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.helloins.cc/web/a0e588xd/W/clicked?channelCode=W&p=0&ref=https%3A%2F%2Frmjloveyue.com%2F%3FchannelCode%3DW&ac=0&cc=0
Requested by: Host: sdk.helloins.cc
URL: https://sdk.helloins.cc/web/appsharepro.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 115.126.68.13 , Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software: cdn /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://rmjloveyue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 14:04:31 GMT
Server: cdn
X-Cache-Status: MISS
Vary: Origin
Access-Control-Allow-Origin: https://rmjloveyue.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

78.apk
buket1990.oss-cn-shenzhen.aliyuncs.com/download/ Frame FD31
Redirect Chain

https://app-a0e588xd.helloins.cc/page/a0e588xd/install/c/eyJjIjoiVyIsIm0iOiJxU0RBQVZSa19wc0FBQUdCM2h6eGQ2LXN5U0ZFMzBkQkhiRFV3LU9IS0RacklwZTI2WmxJbjJtcWZndm8ifQ==?p=0
https://buket1990.oss-cn-shenzhen.aliyuncs.com/download/78.apk

0
0

1547ms
314ms

Document
application/vnd.android.package-archive

120.77.166.114
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://buket1990.oss-cn-shenzhen.aliyuncs.com/download/78.apk
Requested by: Host: sdk.helloins.cc
URL: https://sdk.helloins.cc/web/appsharepro.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 120.77.166.114 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash

Request headers

Referer: https://rmjloveyue.com/?channelCode=W
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 33495274
Content-MD5: It88z5LmGU/Yx/wdERRqTw==
Content-Type: application/vnd.android.package-archive
Date: Fri, 08 Jul 2022 14:04:34 GMT
ETag: "22DF3CCF92E6194FD8C7FC1D11146A4F"
Last-Modified: Fri, 08 Jul 2022 14:00:51 GMT
Server: AliyunOSS
x-oss-hash-crc64ecma: 764050796062373923
x-oss-object-type: Normal
x-oss-request-id: 62C83972FFF71A30388FA926
x-oss-server-time: 3
x-oss-storage-class: Standard

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Fri, 08 Jul 2022 14:04:32 GMT
Location: https://buket1990.oss-cn-shenzhen.aliyuncs.com/download/78.apk
Server: cdn
X-Cache-Status: MISS

GET
H2 206 videolove.mp4
rmjloveyue.com/images/ Frame FD31 1 MB
0 1914ms
1913ms Media
video/mp4 172.247.73.236
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://rmjloveyue.com/images/videolove.mp4
Requested by: Host: www.xinhuaguomao.com
URL: http://www.xinhuaguomao.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.73.236 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: cdn-ddos-cc /
Resource Hash

Request headers

Referer: https://rmjloveyue.com/?channelCode=W
Accept-Encoding: identity;q=1, *;q=0
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=32768-

Response headers

date: Fri, 08 Jul 2022 14:04:32 GMT
last-modified: Tue, 21 Jun 2022 09:56:32 GMT
server: cdn-ddos-cc
etag: "62b195d0-4cb2ef"
x-cache-status: MISS
content-type: video/mp4
Content-Range: bytes 32768-5026542/5026543
Content-Length: 4993775

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.xinhuaguomao.com/	1969-12-31 23:59:59	Name: __tins__21145099 Value: %7B%22sid%22%3A%201657289056920%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201657290856920%7D
www.xinhuaguomao.com/	1969-12-31 23:59:59	Name: __51cke__ Value:
www.xinhuaguomao.com/	1969-12-31 23:59:59	Name: __51laig__ Value: 1
www.xinhuaguomao.com/	1970-01-20 04:21:29	Name: Cookies_KL Value: 1
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: 8CE62A57F2DA141F
.www.xinhuaguomao.com/	1970-01-20 13:07:05	Name: Hm_lvt_429ce1c01926c587548c8f0813ca5ecd Value: 1657289059
.www.xinhuaguomao.com/	1969-12-31 23:59:59	Name: Hm_lpvt_429ce1c01926c587548c8f0813ca5ecd Value: 1657289059

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-nntv44.com
api.share.baidu.com
app-a0e588xd.helloins.cc
buket1990.oss-cn-shenzhen.aliyuncs.com
hm.baidu.com
ia.51.la
niujzc3.com
push.zhanzhang.baidu.com
rmj6w.cc
rmjloveyue.com
sdk.helloins.cc
www.xinhuaguomao.com
xinhuaguomao.com
103.235.46.191
107.165.39.133
115.126.68.13
115.126.91.14
115.126.91.3
120.77.166.114
154.23.138.212
154.23.138.242
172.247.73.236
182.61.201.94
183.131.207.66
0813ad5eb43c450256d2e9698e8fb17575408f19d204ea839f8ed87ff5432264
13ee197411f9aea4cb91cb0e50e390bcac7ea7a8e4a03391018b56b41b6fb996
22ca21cbae3b7324e3e0bcf0350b002946ca04ef4b3886f356f61d09b31afa17
247f7b6f1d9154effd68f3956dd4089eaee33da3781cfc0b316a41f5f97fc9be
32cf1cf9503836f1ee31e05ee340393c41bf92441917343720a8b6810bd3e81a
43a2fb8d853f17b3f1f4707e9d160b4c0a0892b7936f4bc25fa9fd2a3db8bc71
5aa4a6b3c81ad9bfbc783b65f1c7c348321dae8194408866dff834ac5f8a4ca5
64143f51d79a598e852bd16cc6b7d33e97831bf8a7d762b6ab94420eaaf6d5d8
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
72bba1e87435200adf1cd522997f51624c067f3bc2a1f6e0ed4439abb46f86bb
75c9e254700188ae1de3a7cd7cc714500d554f8d3d95ee5ecd164ce98281abc3
8218c325729786974d74d2746cbc713e9b3b8a381448131b81b0917f4f0663cf
8e4bc86f547826436987517fe678376d8555fbb087289d484b5a58fc16ab324b
976e7deddb5a6722bab5588678bbd5dcc650ac2cbb2318331091e455ef53d681
9a31fd4de5d1354c8fa58d50a2d029f7bdd74ba59cab8197eec2d660fcab6269
9b7e9ec32b9edcb7789e4b5030aa6b22c583cbc37a2f80150b92c7305def7159
9e075ecd6d4df0e289dda0525e9c1974d2d4534762c819e7bc04e693698e4efe
a6049204934e6a040a7cf2c7176380d27d60479c5636768dc9437466e4a95440
b4daf8c6a33eb461598d420c2e0b41c9bf7d649d457bf7f853a3a9e9d5311256
b7da23346bec7fc249269b3e6f06b8a0f6190e24f678052bd2ae26afe54a01db
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d845bbf251fd013e4b9f8cb8e64f963cd466da4b7369f31c78813f8e50faf276
e2633850ac6591484e78a5e9126fa411d19e60ec19d8d4ffe782458087acc869
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea7bd37d522c83fd0c1fccda2a32e3a4869f757001dcb46bc97d9cbb612ca1f7
eff0273fd3dbf580fa6bcc733f2316c638f235b6fae1d3072dbcf06a9e69cc55
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

www.xinhuaguomao.com Open in urlscan Pro 107.165.39.133 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

82 %HTTPS

0 %IPv6

9 Domains

13 Subdomains

10 IPs

3 Countries

553 kBTransfer

2079 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xinhuaguomao.com Open in urlscan Pro
107.165.39.133 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

82 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

10
IPs

3
Countries

553 kB
Transfer

2079 kB
Size

7
Cookies

33 HTTP transactions
0 data transactions