gd-pub.jinshujufiles.com

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 175.6.29.184, located in Changsha, China and belongs to CT-HUNAN-CHANGSHA-IDC No.293,Wanbao Avenue, CN. The main domain is gd-pub.jinshujufiles.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on April 11th 2024. Valid for: a year.

This is the only time gd-pub.jinshujufiles.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	38.47.101.22 38.47.101.22	55933 (CLOUDIE-A...) (CLOUDIE-AS-AP Cloudie Limited)
2	175.6.29.184 175.6.29.184	63835 (CT-HUNAN-...) (CT-HUNAN-CHANGSHA-IDC No.293)
2	106.14.228.251 106.14.228.251	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
5	3

2 38.47.101.22 (Central, Hong Kong) 1 redirects

ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK)

97kc.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 175.6.29.184 (Changsha, China)

ASN63835 (CT-HUNAN-CHANGSHA-IDC No.293,Wanbao Avenue, CN)

gd-pub.jinshujufiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 106.14.228.251 (Shanghai, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

ndai.oss-cn-shanghai.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	aliyuncs.com ndai.oss-cn-shanghai.aliyuncs.com	18 KB
2	jinshujufiles.com gd-pub.jinshujufiles.com	2 KB
2	97kc.cc 1 redirects 97kc.cc	960 B
5	3

	Domain	Requested by
2	ndai.oss-cn-shanghai.aliyuncs.com	gd-pub.jinshujufiles.com
2	gd-pub.jinshujufiles.com	97kc.cc
2	97kc.cc	1 redirects
5	3

This site contains no links.

Subject Issuer	Validity	Valid
*.jinshujufiles.com Encryption Everywhere DV TLS CA - G1	`2024-04-11` - `2025-04-11`	a year	crt.sh
cn-shanghai.oss.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G3	`2024-02-19` - `2025-03-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://gd-pub.jinshujufiles.com/hi/gu33HpMKX4/20240417022808_724ab3?dd=zGFcvxPoamMlVSiWh1Mv8gBbBBbB&t=2420
Frame ID: B73263CAE950B35356467FF1E256988E
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://97kc.cc/ HTTP 307
https://97kc.cc/ HTTP 307
http://97kc.cc/ Page URL
http://97kc.cc/?&rand=595143d106ffc96b846007b30b036c8f HTTP 302
https://gd-pub.jinshujufiles.com/hi/gu33HpMKX4/20240417022808_724ab3?dd=zGFcvxPoamMlVSiWh1Mv8gBbBBbB&t=2420 Page URL

Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

21 kB
Transfer

49 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://97kc.cc/ HTTP 307
https://97kc.cc/ HTTP 307
http://97kc.cc/ Page URL
http://97kc.cc/?&rand=595143d106ffc96b846007b30b036c8f HTTP 302
https://gd-pub.jinshujufiles.com/hi/gu33HpMKX4/20240417022808_724ab3?dd=zGFcvxPoamMlVSiWh1Mv8gBbBBbB&t=2420 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://97kc.cc/ HTTP 307
https://97kc.cc/ HTTP 307
http://97kc.cc/

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ 97kc.cc/ Redirect Chain http://97kc.cc/ https://97kc.cc/ http://97kc.cc/	102 B 526 B	327ms 327ms	Document text/html	38.47.101.22 CLOUDIE-AS-AP Clo...
General Check archive.org Show headers Download Go to Full URL http://97kc.cc/ Protocol HTTP/1.1 Server 38.47.101.22 Central, Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK), Reverse DNS Software nginx / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sun, 12 May 2024 05:19:13 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server nginx Transfer-Encoding chunked Vary Accept-Encoding Redirect headers Location http://97kc.cc/ Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	200 OK	Primary Request 20240417022808_724ab3 Show response gd-pub.jinshujufiles.com/hi/gu33HpMKX4/ Redirect Chain http://97kc.cc/?&rand=595143d106ffc96b846007b30b036c8f https://gd-pub.jinshujufiles.com/hi/gu33HpMKX4/20240417022808_724ab3?dd=zGFcvxPoamMlVSiWh1Mv8gBbBBbB&t=2420	462 B 1 KB	2448ms 1549ms	Document image/svg+xml	175.6.29.184 CT-HUNAN-CHANGSHA...
General Check archive.org Show headers Download Go to Full URL https://gd-pub.jinshujufiles.com/hi/gu33HpMKX4/20240417022808_724ab3?dd=zGFcvxPoamMlVSiWh1Mv8gBbBBbB&t=2420 Requested by Host: 97kc.cc URL: http://97kc.cc/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 175.6.29.184 Changsha, China, ASN63835 (CT-HUNAN-CHANGSHA-IDC No.293,Wanbao Avenue, CN), Reverse DNS Software openresty / Resource Hash `f8c9638c0a23047f584404c739007208ae1bdf3755bfb3fc44765dababd66ac3` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://97kc.cc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Log, X-Reqid Access-Control-Max-Age 2592000 Cache-Control public, max-age=31536000 Connection keep-alive Content-Disposition inline; filename="20240417022808_724ab3"; filename=utf-8''20240417022808_724ab3 Content-Length* 462 Content-MD5 8FUJ+mynPbelmFIEFzYm7g== Content-Transfer-Encoding binary Content-Type image/svg+xml Date Sun, 12 May 2024 05:19:16 GMT ETag "Ft0eFFOWVi1hApGPVPtcvkOw58JT" Last-Modified Tue, 16 Apr 2024 18:28:08 GMT Server openresty X-Cache HIT from BC135_dx-hunan-changsha-20-cache-1(baishan) X-Log X-Log X-M-Log QNM:xs1185;SRCPROXY:xs482;SRC:30;SRCPROXY:30;QNM3:31 X-M-Reqid tQkAAHMfRoXcTMsX X-Qiniu-Zone 0 X-Qnm-Cache Miss X-Reqid 1DQAAAAiuoTcTMsX X-Ser BC129_dx-lt-yd-zhejiang-jinhua-12-cache-8, BC135_dx-hunan-changsha-20-cache-1 X-Svr IO Redirect headers Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection keep-alive Content-Type text/html; charset=UTF-8 Date Sun, 12 May 2024 05:19:13 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Location https://gd-pub.jinshujufiles.com/hi/gu33HpMKX4/20240417022808_724ab3?dd=zGFcvxPoamMlVSiWh1Mv8gBbBBbB&t=2420 Pragma no-cache Server nginx Transfer-Encoding chunked
GET H/1.1	200 OK	crypto-js.min.js Show response ndai.oss-cn-shanghai.aliyuncs.com/	47 KB 17 KB	656ms 218ms	Script application/javascript	106.14.228.251 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://ndai.oss-cn-shanghai.aliyuncs.com/crypto-js.min.js Requested by Host: gd-pub.jinshujufiles.com URL: https://gd-pub.jinshujufiles.com/hi/gu33HpMKX4/20240417022808_724ab3?dd=zGFcvxPoamMlVSiWh1Mv8gBbBBbB&t=2420 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 106.14.228.251 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software AliyunOSS / Resource Hash `8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://gd-pub.jinshujufiles.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-oss-object-type Normal Date Sun, 12 May 2024 05:19:16 GMT Content-Encoding gzip x-oss-request-id 664051540EF7D036398F677F Last-Modified Thu, 25 Jan 2024 09:20:07 GMT Server AliyunOSS Content-MD5 LKA62HiFq5g1QQkrh62ymQ== Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript x-oss-storage-class Standard Connection keep-alive x-oss-hash-crc64ecma 2111864505403207597 x-oss-server-time 10
GET H/1.1	200 OK	d.js Show response ndai.oss-cn-shanghai.aliyuncs.com/	1 KB 1 KB	224ms 223ms	Script application/javascript	106.14.228.251 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://ndai.oss-cn-shanghai.aliyuncs.com/d.js?c1 Requested by Host: gd-pub.jinshujufiles.com URL: https://gd-pub.jinshujufiles.com/hi/gu33HpMKX4/20240417022808_724ab3?dd=zGFcvxPoamMlVSiWh1Mv8gBbBBbB&t=2420 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 106.14.228.251 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software AliyunOSS / Resource Hash `fdf39f77c59ce3455c09a164d4c0f02014233f7121832f25b0bb8db18be85845` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://gd-pub.jinshujufiles.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-oss-object-type Normal Date Sun, 12 May 2024 05:19:17 GMT Content-Encoding gzip x-oss-request-id 664051540EF7D0363941687F Last-Modified Fri, 03 May 2024 12:19:36 GMT Server AliyunOSS Content-MD5 BQr+AobXNwde/RPj5a1prw== Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript x-oss-storage-class Standard Connection keep-alive x-oss-hash-crc64ecma 6650190039452165447 x-oss-server-time 1
GET H/1.1	404 Not Found	favicon.ico gd-pub.jinshujufiles.com/	30 B 669 B	347ms 346ms	Other application/json	175.6.29.184 CT-HUNAN-CHANGSHA...
General Check archive.org Show headers Download Go to Full URL https://gd-pub.jinshujufiles.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 175.6.29.184 Changsha, China, ASN63835 (CT-HUNAN-CHANGSHA-IDC No.293,Wanbao Avenue, CN), Reverse DNS Software openresty / Resource Hash `63f167d2adce5d2b33fc90c8a437615e605ac1ab3dd8b6e028dbc502da3b663e` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://gd-pub.jinshujufiles.com/hi/gu33HpMKX4/20240417022808_724ab3?dd=zGFcvxPoamMlVSiWh1Mv8gBbBBbB&t=2420 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers X-Log X-Log Date Sun, 12 May 2024 05:19:17 GMT Content-Encoding br X-Svr IO X-Reqid ukcAAAD2tWcdps4X Transfer-Encoding chunked X-Cache MISS from BC134_dx-hunan-changsha-20-cache-1(baishan) Connection keep-alive X-M-Reqid dygAANnjZFUeps4X X-M-Log QNM:xs1181;QNM3/404 Server openresty Vary Accept-Encoding, Accept-Encoding Access-Control-Max-Age 2592000 Content-Type application/json Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Log, X-Reqid X-Qnm-Cache Hit X-Ser BC144_dx-lt-yd-jiangsu-yancheng-8-cache-16, BC134_dx-hunan-changsha-20-cache-1

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CryptoJS object| textname undefined| dd function| getParam

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			97kc.cc/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8a0rdppupoqbeng7ov1miagb65

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gd-pub.jinshujufiles.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

97kc.cc
gd-pub.jinshujufiles.com
ndai.oss-cn-shanghai.aliyuncs.com
106.14.228.251
175.6.29.184
38.47.101.22
63f167d2adce5d2b33fc90c8a437615e605ac1ab3dd8b6e028dbc502da3b663e
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
f8c9638c0a23047f584404c739007208ae1bdf3755bfb3fc44765dababd66ac3
fdf39f77c59ce3455c09a164d4c0f02014233f7121832f25b0bb8db18be85845

gd-pub.jinshujufiles.com Open in urlscan Pro 175.6.29.184 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

5 Requests

80 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

21 kBTransfer

49 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

gd-pub.jinshujufiles.com Open in urlscan Pro
175.6.29.184 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

80 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

21 kB
Transfer

49 kB
Size

1
Cookies

5 HTTP transactions
0 data transactions