mh.hacksafe.cc Open in urlscan Pro
129.226.168.113 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mh.hacksafe.cc/
Submission: On December 08 via automatic, source certstream-suspicious (December 8th 2019, 10:38:56 am UTC)

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 129.226.168.113, located in Singapore and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is mh.hacksafe.cc.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 8th 2019. Valid for: 3 months.

This is the only time mh.hacksafe.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	129.226.168.113 129.226.168.113	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	47.246.43.251 47.246.43.251	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
7	3

6 129.226.168.113 (Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

mh.hacksafe.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.43.251 (San Mateo, United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

at.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	hacksafe.cc mh.hacksafe.cc	188 KB
1	alicdn.com at.alicdn.com	11 KB
7	2

	Domain	Requested by
6	mh.hacksafe.cc	mh.hacksafe.cc
1	at.alicdn.com	mh.hacksafe.cc
7	2

This site contains no links.

Subject Issuer	Validity	Valid
mh.hacksafe.cc Let's Encrypt Authority X3	`2019-12-08` - `2020-03-07`	3 months	crt.sh
*.alicdn.com GlobalSign Organization Validation CA - SHA256 - G2	`2019-09-03` - `2020-09-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://mh.hacksafe.cc/
Frame ID: 31E0FB3DB3612CB9E8C02D61CDDCAB7C
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

208 kB
Transfer

299 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response mh.hacksafe.cc/	2 KB 1 KB	810ms 269ms	Document text/html	129.226.168.113 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://mh.hacksafe.cc/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 129.226.168.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software Mimi / Resource Hash `fc7e2a60571617837136c805f1d2f59f63f4a429b200a0e821131e228a460902` Request headers :method GET :authority mh.hacksafe.cc :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none sec-fetch-mode navigate accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-User ?1 Response headers status 200 content-type text/html; charset=utf-8 vary Accept-Encoding set-cookie PHPSESSID=59usuott8qnccr2rtmpbvdgmmk; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache server Mimi date 2019/12/08 18:38:36 author 380943047@qq.com content-encoding gzip
GET H2	200	animate.css mh.hacksafe.cc/public/css/	41 KB 4 KB	261ms 256ms	Stylesheet text/css	129.226.168.113 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://mh.hacksafe.cc/public/css/animate.css Requested by Host: mh.hacksafe.cc URL: https://mh.hacksafe.cc/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 129.226.168.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `acd4dcf96c8b5f8b2ff506897cbc8f07ba0d30248b6f19b58c66d5a70f132821` Request headers Referer https://mh.hacksafe.cc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 08 Dec 2019 10:38:36 GMT content-encoding gzip last-modified Mon, 26 Feb 2018 14:49:56 GMT server nginx etag W/"5a941e94-a29a" vary Accept-Encoding content-type text/css status 200 cache-control max-age=43200 expires Sun, 08 Dec 2019 22:38:36 GMT
GET H2	200	font_444487_e72sv7swhsx4unmi.css at.alicdn.com/t/	15 KB 11 KB	88ms 33ms	Stylesheet text/css	47.246.43.251 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://at.alicdn.com/t/font_444487_e72sv7swhsx4unmi.css Requested by Host: mh.hacksafe.cc URL: https://mh.hacksafe.cc/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 47.246.43.251 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `9dd574a7b5864679722f2fb8049a06d815e59b22a0acdf5a7767b8d02520b87a` Request headers Referer https://mh.hacksafe.cc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 20 Feb 2019 15:54:25 GMT content-encoding gzip x-oss-request-id 5C6D783164F7BBFD5F6AA095 content-md5 zTq9kAG/phtI9vobbYRofA== age 0 x-cache MISS TCP_MISS dirn:-2:-2 status 200 x-swift-cachetime 37948549 x-swift-savetime Sun, 08 Dec 2019 10:38:36 GMT content-length 10353 via cache57.l2de1[0,200-0,H], cache6.l2de1[1,0], cache4.de2[2,200-0,M], cache1.de2[3,0] x-oss-object-type Normal last-modified Thu, 11 Jan 2018 19:48:50 GMT server Tengine vary Accept-Encoding ali-swift-global-savetime 1550678065 content-type text/css access-control-allow-origin * cache-control max-age=63072000 x-oss-storage-class Standard timing-allow-origin * x-oss-hash-crc64ecma 6396992163156957446 eagleid 2ff62b9515758015162577884e x-oss-server-time 92
GET H2	200	home.css mh.hacksafe.cc/public/css/	2 KB 818 B	262ms 258ms	Stylesheet text/css	129.226.168.113 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://mh.hacksafe.cc/public/css/home.css Requested by Host: mh.hacksafe.cc URL: https://mh.hacksafe.cc/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 129.226.168.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `0a5371bfdcd8d7c11b1023896b29cf43a7a89415ab4ea4805d6467968d258910` Request headers Referer https://mh.hacksafe.cc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 08 Dec 2019 10:38:36 GMT content-encoding gzip last-modified Fri, 02 Mar 2018 12:43:12 GMT server nginx etag W/"5a9946e0-71a" vary Accept-Encoding content-type text/css status 200 cache-control max-age=43200 expires Sun, 08 Dec 2019 22:38:36 GMT
GET H2	200	logo.png mh.hacksafe.cc/public/image/	4 KB 4 KB	263ms 259ms	Image image/png	129.226.168.113 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://mh.hacksafe.cc/public/image/logo.png Requested by Host: mh.hacksafe.cc URL: https://mh.hacksafe.cc/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 129.226.168.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `00fdf82fc9960216f2f7a3547527672a9fe12c7d1de93aaa7188717b3257c525` Request headers Referer https://mh.hacksafe.cc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 08 Dec 2019 10:38:36 GMT last-modified Mon, 26 Feb 2018 10:55:12 GMT server nginx etag "5a93e790-113a" content-type image/png status 200 cache-control max-age=2592000 accept-ranges bytes content-length 4410 expires Tue, 07 Jan 2020 10:38:36 GMT
GET H2	200	1.jpg mh.hacksafe.cc/public/image/	144 KB 145 KB	504ms 500ms	Image image/jpeg	129.226.168.113 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://mh.hacksafe.cc/public/image/1.jpg Requested by Host: mh.hacksafe.cc URL: https://mh.hacksafe.cc/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 129.226.168.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `4f959010a3e9dfaf9837fb588414f3774fd418f8f95646130e8c983ab1e678bc` Request headers Referer https://mh.hacksafe.cc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 08 Dec 2019 10:38:36 GMT last-modified Mon, 26 Feb 2018 14:21:18 GMT server nginx etag "5a9417de-241b2" content-type image/jpeg status 200 cache-control max-age=2592000 accept-ranges bytes content-length 147890 expires Tue, 07 Jan 2020 10:38:36 GMT
GET H2	200	jquery.js Show response mh.hacksafe.cc/public/js/	82 KB 33 KB	748ms 745ms	Script application/javascript	129.226.168.113 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://mh.hacksafe.cc/public/js/jquery.js Requested by Host: mh.hacksafe.cc URL: https://mh.hacksafe.cc/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 129.226.168.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nginx / Resource Hash `38cb87fc5e76bfca69c11637716100e61ce8ed23974e162c370cf1e16f25b754` Request headers Referer https://mh.hacksafe.cc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 08 Dec 2019 10:38:36 GMT content-encoding gzip last-modified Mon, 05 Feb 2018 08:46:54 GMT server nginx etag W/"5a7819fe-1496a" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=43200 expires Sun, 08 Dec 2019 22:38:36 GMT
GET DATA	200 OK	truncated /	9 KB 9 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `16344a50c0c9f5da8b57794abec6dee170fd8a421c4836391c0e82b47625fcb8` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Origin https://mh.hacksafe.cc Response headers Content-Type application/x-font-woff;charset=utf-8

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mh.hacksafe.cc/	1969-12-31 23:59:59	Name: PHPSESSID Value: 59usuott8qnccr2rtmpbvdgmmk

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at.alicdn.com
mh.hacksafe.cc
129.226.168.113
47.246.43.251
00fdf82fc9960216f2f7a3547527672a9fe12c7d1de93aaa7188717b3257c525
0a5371bfdcd8d7c11b1023896b29cf43a7a89415ab4ea4805d6467968d258910
16344a50c0c9f5da8b57794abec6dee170fd8a421c4836391c0e82b47625fcb8
38cb87fc5e76bfca69c11637716100e61ce8ed23974e162c370cf1e16f25b754
4f959010a3e9dfaf9837fb588414f3774fd418f8f95646130e8c983ab1e678bc
9dd574a7b5864679722f2fb8049a06d815e59b22a0acdf5a7767b8d02520b87a
acd4dcf96c8b5f8b2ff506897cbc8f07ba0d30248b6f19b58c66d5a70f132821
fc7e2a60571617837136c805f1d2f59f63f4a429b200a0e821131e228a460902

mh.hacksafe.cc Open in urlscan Pro 129.226.168.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

208 kBTransfer

299 kBSize

1 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

Indicators

mh.hacksafe.cc Open in urlscan Pro
129.226.168.113 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

208 kB
Transfer

299 kB
Size

1
Cookies

7 HTTP transactions
1 data transactions