nhseyc.gdn Open in urlscan Pro
172.252.55.75 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://nhseyc.gdn/
Submission: On November 29 via manual (November 29th 2018, 9:36:20 am UTC) from GB

Summary HTTP 16 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 172.252.55.75, located in Xiamen, China and belongs to EGIHOSTING - EGIHosting, US. The main domain is nhseyc.gdn.

This is the only time nhseyc.gdn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
13	172.252.55.75 172.252.55.75		18779 (EGIHOSTING) (EGIHOSTING - EGIHosting)
1	192.186.23.90 192.186.23.90		395776 (FEDERAL-O...) (FEDERAL-ONLINE-GROUP-LLC - FEDERAL ONLINE GROUP LLC)
1	140.205.135.3 140.205.135.3		37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
16	4

13 172.252.55.75 (Xiamen, China)

ASN18779 (EGIHOSTING - EGIHosting, US)

nhseyc.gdn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.186.23.90 (Thousand Oaks, United States)

ASN395776 (FEDERAL-ONLINE-GROUP-LLC - FEDERAL ONLINE GROUP LLC, US)

hk.gannimei.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 140.205.135.3 (Hangzhou, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

batit.aliyun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	nhseyc.gdn nhseyc.gdn	232 KB
1	aliyun.com batit.aliyun.com
1	gannimei.club hk.gannimei.club	2 KB
0	baidu.com Failed push.zhanzhang.baidu.com Failed
16	4

	Domain	Requested by
13	nhseyc.gdn	nhseyc.gdn
1	batit.aliyun.com	hk.gannimei.club
1	hk.gannimei.club	nhseyc.gdn
0	push.zhanzhang.baidu.com Failed	nhseyc.gdn
16	4

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://nhseyc.gdn/
Frame ID: 9EFAB24D9792212F6E4A079096FED211
Requests: 15 HTTP requests in this frame

Frame: http://batit.aliyun.com/
Frame ID: 0137710F65DBFF46923C56FF5381AAE0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

UNIX (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Unix/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

mod_ssl (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /mod_ssl(?:\/([\d.]+))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
headers server /mod_ssl(?:\/([\d.]+))?/i

Page Statistics

16
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

233 kB
Transfer

232 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response nhseyc.gdn/	3 KB 2 KB	1528ms 198ms	Document text/html	172.252.55.75 EGIHosting
General Check archive.org Show headers Download Go to Full URL http://nhseyc.gdn/ Protocol HTTP/1.1 Server 172.252.55.75 Xiamen, China, ASN18779 (EGIHOSTING - EGIHosting, US), Reverse DNS Software Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 / PHP/5.5.38 Resource Hash `6620f2b12ec0be6344beea4b2b32b72c2a468ed4f4b086f8f5d2b2c8d4cafdd2` Request headers Host nhseyc.gdn Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 29 Nov 2018 09:36:39 GMT Server Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 X-Powered-By PHP/5.5.38 Vary Accept-Encoding Content-Encoding gzip Content-Length 1366 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	tw2.js Show response nhseyc.gdn/js/	119 B 514 B	173ms 173ms	Script application/javascript	172.252.55.75 EGIHosting
General Check archive.org Show headers Download Go to Full URL http://nhseyc.gdn/js/tw2.js Requested by Host: nhseyc.gdn URL: http://nhseyc.gdn/ Protocol HTTP/1.1 Server 172.252.55.75 Xiamen, China, ASN18779 (EGIHOSTING - EGIHosting, US), Reverse DNS Software Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 / Resource Hash `8723020c3afaa0a0e27c1264a283babf2bbdba747fb96ac42c48dd7fc63e39a7` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nhseyc.gdn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://nhseyc.gdn/ Connection keep-alive Cache-Control no-cache Referer http://nhseyc.gdn/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 29 Nov 2018 09:36:39 GMT Content-Encoding gzip Last-Modified Tue, 27 Nov 2018 11:10:02 GMT Server Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 ETag "3120029-77-57ba37dae1680" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 113
GET H/1.1	200 OK	tu_05340.jpg nhseyc.gdn/uploads/	18 KB 18 KB	346ms 172ms	Image image/jpeg	172.252.55.75 EGIHosting
General Check archive.org Show headers Download Go to Show image Full URL http://nhseyc.gdn/uploads/tu_05340.jpg Requested by Host: nhseyc.gdn URL: http://nhseyc.gdn/ Protocol HTTP/1.1 Server 172.252.55.75 Xiamen, China, ASN18779 (EGIHOSTING - EGIHosting, US), Reverse DNS Software Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 / Resource Hash `47dcc9acbb8ed9aa1d52f872166e9c88907d0809ff873f4988c013945222da93` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nhseyc.gdn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://nhseyc.gdn/ Connection keep-alive Cache-Control no-cache Referer http://nhseyc.gdn/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 29 Nov 2018 09:36:39 GMT Content-Encoding gzip Last-Modified Fri, 23 Jun 2017 05:56:02 GMT Server Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 ETag "31079e0-4892-5529a4190c080" Vary Accept-Encoding Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 18508
GET H/1.1	200 OK	pic_3ydbw.jpg nhseyc.gdn/uploads/	29 KB 30 KB	381ms 169ms	Image image/jpeg	172.252.55.75 EGIHosting
General Check archive.org Show headers Download Go to Show image Full URL http://nhseyc.gdn/uploads/pic_3ydbw.jpg Requested by Host: nhseyc.gdn URL: http://nhseyc.gdn/ Protocol HTTP/1.1 Server 172.252.55.75 Xiamen, China, ASN18779 (EGIHOSTING - EGIHosting, US), Reverse DNS Software Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 / Resource Hash `252e377f348b694f6ebd51dcb0c9dd4c2a9bce5d1c12d120188cf9362edaee8b` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nhseyc.gdn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://nhseyc.gdn/ Connection keep-alive Cache-Control no-cache Referer http://nhseyc.gdn/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 29 Nov 2018 09:36:39 GMT Content-Encoding gzip Last-Modified Mon, 12 Nov 2018 10:42:22 GMT Server Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 ETag "310785d-752e-57a755b1ddf80" Vary Accept-Encoding Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 29939
GET H/1.1	200 OK	pic_gWo4L.jpg nhseyc.gdn/uploads/	25 KB 26 KB	165ms 163ms	Image image/jpeg	172.252.55.75 EGIHosting
General Check archive.org Show headers Download Go to Show image Full URL http://nhseyc.gdn/uploads/pic_gWo4L.jpg Requested by Host: nhseyc.gdn URL: http://nhseyc.gdn/ Protocol HTTP/1.1 Server 172.252.55.75 Xiamen, China, ASN18779 (EGIHOSTING - EGIHosting, US), Reverse DNS Software Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 / Resource Hash `897901b8c1230c110ceb739f46c590593007fa4a92349d765cdc4efedccd38b0` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nhseyc.gdn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://nhseyc.gdn/ Connection keep-alive Cache-Control no-cache Referer http://nhseyc.gdn/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 29 Nov 2018 09:36:39 GMT Content-Encoding gzip Last-Modified Fri, 23 Jun 2017 05:46:36 GMT Server Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 ETag "31078f3-65da-5529a1fd44700" Vary Accept-Encoding Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 26009
GET H/1.1	200 OK	pic_IoyjG.jpg nhseyc.gdn/uploads/	29 KB 29 KB	173ms 173ms	Image image/jpeg	172.252.55.75 EGIHosting
General Check archive.org Show headers Download Go to Show image Full URL http://nhseyc.gdn/uploads/pic_IoyjG.jpg Requested by Host: nhseyc.gdn URL: http://nhseyc.gdn/ Protocol HTTP/1.1 Server 172.252.55.75 Xiamen, China, ASN18779 (EGIHOSTING - EGIHosting, US), Reverse DNS Software Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 / Resource Hash `c04074222214276792b33b2d3987fcb8884f0ef53f7300040058e8f4d6fb5491` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nhseyc.gdn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://nhseyc.gdn/ Connection keep-alive Cache-Control no-cache Referer http://nhseyc.gdn/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 29 Nov 2018 09:36:39 GMT Content-Encoding gzip Last-Modified Mon, 12 Nov 2018 10:42:44 GMT Server Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 ETag "3107905-724d-57a755c6d9100" Vary Accept-Encoding Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 29185
GET H/1.1	200 OK	pic_49C68.jpg nhseyc.gdn/uploads/	26 KB 27 KB	164ms 163ms	Image image/jpeg	172.252.55.75 EGIHosting
General Check archive.org Show headers Download Go to Show image Full URL http://nhseyc.gdn/uploads/pic_49C68.jpg Requested by Host: nhseyc.gdn URL: http://nhseyc.gdn/ Protocol HTTP/1.1 Server 172.252.55.75 Xiamen, China, ASN18779 (EGIHOSTING - EGIHosting, US), Reverse DNS Software Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 / Resource Hash `c3548296b1bb8f9c3fd5a27876d045d11b09fda113145337523a3bd297d89878` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nhseyc.gdn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://nhseyc.gdn/ Connection keep-alive Cache-Control no-cache Referer http://nhseyc.gdn/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 29 Nov 2018 09:36:40 GMT Content-Encoding gzip Last-Modified Fri, 23 Jun 2017 05:46:36 GMT Server Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 ETag "3107864-69fd-5529a1fd44700" Vary Accept-Encoding Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 27054
GET H/1.1	200 OK	tu_88148.jpg nhseyc.gdn/uploads/	31 KB 31 KB	173ms 172ms	Image image/jpeg	172.252.55.75 EGIHosting
General Check archive.org Show headers Download Go to Show image Full URL http://nhseyc.gdn/uploads/tu_88148.jpg Requested by Host: nhseyc.gdn URL: http://nhseyc.gdn/ Protocol HTTP/1.1 Server 172.252.55.75 Xiamen, China, ASN18779 (EGIHOSTING - EGIHosting, US), Reverse DNS Software Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 / Resource Hash `5af5a904069de14d031f57695c49991528a6e0bb5169ca4e476ebd8385a48dff` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nhseyc.gdn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://nhseyc.gdn/ Connection keep-alive Cache-Control no-cache Referer http://nhseyc.gdn/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 29 Nov 2018 09:36:40 GMT Content-Encoding gzip Last-Modified Mon, 12 Nov 2018 10:45:32 GMT Server Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 ETag "3107b36-7b28-57a7566710b00" Vary Accept-Encoding Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 31465
GET H/1.1	200 OK	tu_57988.jpg nhseyc.gdn/uploads/	27 KB 27 KB	170ms 169ms	Image image/jpeg	172.252.55.75 EGIHosting
General Check archive.org Show headers Download Go to Show image Full URL http://nhseyc.gdn/uploads/tu_57988.jpg Requested by Host: nhseyc.gdn URL: http://nhseyc.gdn/ Protocol HTTP/1.1 Server 172.252.55.75 Xiamen, China, ASN18779 (EGIHOSTING - EGIHosting, US), Reverse DNS Software Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 / Resource Hash `87bae2e5593de11d29487afbc731b38a10f9e601371cc252268ab8d260bd3957` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nhseyc.gdn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://nhseyc.gdn/ Connection keep-alive Cache-Control no-cache Referer http://nhseyc.gdn/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 29 Nov 2018 09:36:40 GMT Content-Encoding gzip Last-Modified Mon, 12 Nov 2018 10:39:48 GMT Server Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 ETag "3107ab7-6a10-57a7551f00500" Vary Accept-Encoding Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 27082
GET H/1.1	200 OK	pic_2TCvV.jpg nhseyc.gdn/uploads/	36 KB 36 KB	170ms 169ms	Image image/jpeg	172.252.55.75 EGIHosting
General Check archive.org Show headers Download Go to Show image Full URL http://nhseyc.gdn/uploads/pic_2TCvV.jpg Requested by Host: nhseyc.gdn URL: http://nhseyc.gdn/ Protocol HTTP/1.1 Server 172.252.55.75 Xiamen, China, ASN18779 (EGIHOSTING - EGIHosting, US), Reverse DNS Software Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 / Resource Hash `f0b8b94338c59658eb25ce57fbaae5eff19502419361bf523c718396441bfe6d` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nhseyc.gdn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://nhseyc.gdn/ Connection keep-alive Cache-Control no-cache Referer http://nhseyc.gdn/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 29 Nov 2018 09:36:40 GMT Content-Encoding gzip Last-Modified Mon, 12 Nov 2018 10:48:42 GMT Server Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 ETag "3107855-907e-57a7571c43680" Vary Accept-Encoding Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 36940
GET H/1.1	200 OK	01.png nhseyc.gdn/logo/	2 KB 3 KB	265ms 165ms	Image image/png	172.252.55.75 EGIHosting
General Check archive.org Show headers Download Go to Show image Full URL http://nhseyc.gdn/logo/01.png Requested by Host: nhseyc.gdn URL: http://nhseyc.gdn/ Protocol HTTP/1.1 Server 172.252.55.75 Xiamen, China, ASN18779 (EGIHOSTING - EGIHosting, US), Reverse DNS Software Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 / Resource Hash `916ea871226eb8310b143c8928c7825fb9f0565755f3ce86615658225abc2fb0` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nhseyc.gdn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://nhseyc.gdn/ Connection keep-alive Cache-Control no-cache Referer http://nhseyc.gdn/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 29 Nov 2018 09:36:40 GMT Content-Encoding gzip Last-Modified Sun, 09 Jul 2017 14:34:10 GMT Server Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 ETag "3120050-934-553e35c03fc80" Vary Accept-Encoding Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 2366
GET H/1.1	200 OK	02.png nhseyc.gdn/logo/	2 KB 2 KB	422ms 174ms	Image image/png	172.252.55.75 EGIHosting
General Check archive.org Show headers Download Go to Show image Full URL http://nhseyc.gdn/logo/02.png Requested by Host: nhseyc.gdn URL: http://nhseyc.gdn/ Protocol HTTP/1.1 Server 172.252.55.75 Xiamen, China, ASN18779 (EGIHOSTING - EGIHosting, US), Reverse DNS Software Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 / Resource Hash `eea2b2ef767cd967fb517b54f5b2f92248f4f5060400e7ae15177fff07113daf` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nhseyc.gdn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://nhseyc.gdn/ Connection keep-alive Cache-Control no-cache Referer http://nhseyc.gdn/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 29 Nov 2018 09:36:40 GMT Content-Encoding gzip Last-Modified Sun, 09 Jul 2017 14:32:58 GMT Server Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 ETag "3120051-7f9-553e357b95a80" Vary Accept-Encoding Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 2064
GET H/1.1	200 OK	tj.js Show response nhseyc.gdn/js/	102 B 511 B	174ms 174ms	Script application/javascript	172.252.55.75 EGIHosting
General Check archive.org Show headers Download Go to Full URL http://nhseyc.gdn/js/tj.js Requested by Host: nhseyc.gdn URL: http://nhseyc.gdn/ Protocol HTTP/1.1 Server 172.252.55.75 Xiamen, China, ASN18779 (EGIHOSTING - EGIHosting, US), Reverse DNS Software Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 / Resource Hash `71340b337e6dc1cc9a65823924ff4dd8fb16f7c0177ade731a38df4c12bc15b0` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host nhseyc.gdn User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://nhseyc.gdn/ Connection keep-alive Cache-Control no-cache Referer http://nhseyc.gdn/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 29 Nov 2018 09:36:39 GMT Content-Encoding gzip Last-Modified Tue, 27 Nov 2018 13:16:26 GMT Server Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.1e-fips DAV/2 PHP/5.5.38 ETag "3120028-66-57ba541b8be80" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 110
GET		push.js push.zhanzhang.baidu.com/	0 0

GET H/1.1	200 OK	gdn.js Show response hk.gannimei.club/1dan/	3 KB 2 KB	784ms 232ms	Script application/x-javascript	192.186.23.90 FEDERAL ONLINE GR...
General Check archive.org Show headers Download Go to Full URL http://hk.gannimei.club/1dan/gdn.js Requested by Host: nhseyc.gdn URL: http://nhseyc.gdn/js/tw2.js Protocol HTTP/1.1 Server 192.186.23.90 Thousand Oaks, United States, ASN395776 (FEDERAL-ONLINE-GROUP-LLC - FEDERAL ONLINE GROUP LLC, US), Reverse DNS Software nginx/1.0.15 / Resource Hash `b14d7a9698106e909429d517c2ea27f2ba7641d10b732dcb5687e6cbb43e652e` Request headers Referer http://nhseyc.gdn/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Thu, 29 Nov 2018 09:38:20 GMT Content-Encoding gzip Last-Modified Tue, 27 Nov 2018 11:20:23 GMT Server nginx/1.0.15 Vary Accept-Encoding Content-Type application/x-javascript Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	/ batit.aliyun.com/ Frame 0137	0 0	872ms 229ms	Document text/html	140.205.135.3 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL http://batit.aliyun.com/ Requested by Host: hk.gannimei.club URL: http://hk.gannimei.club/1dan/gdn.js Protocol HTTP/1.1 Server 140.205.135.3 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Tengine / Resource Hash Request headers Host batit.aliyun.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://nhseyc.gdn/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://nhseyc.gdn/ Response headers Server Tengine Date Thu, 29 Nov 2018 09:35:48 GMT Content-Type text/html; charset=gbk Transfer-Encoding chunked Connection keep-alive Last-Modified Tue, 17 Nov 2015 07:24:49 GMT Vary Accept-Encoding Content-Encoding gzip EagleEye-TraceId 0ab2647f15434841481888819e7dbe Timing-Allow-Origin *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: push.zhanzhang.baidu.com
URL: http://push.zhanzhang.baidu.com/push.js

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| pcurl string| anzhuourl string| iosurl string| zgurl function| echo object| browser object| regexp string| where undefined| xywidth undefined| xyheight undefined| adcontent function| xyclose function| xyresize function| xytomax

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

batit.aliyun.com
hk.gannimei.club
nhseyc.gdn
push.zhanzhang.baidu.com
push.zhanzhang.baidu.com
140.205.135.3
172.252.55.75
192.186.23.90
252e377f348b694f6ebd51dcb0c9dd4c2a9bce5d1c12d120188cf9362edaee8b
47dcc9acbb8ed9aa1d52f872166e9c88907d0809ff873f4988c013945222da93
5af5a904069de14d031f57695c49991528a6e0bb5169ca4e476ebd8385a48dff
6620f2b12ec0be6344beea4b2b32b72c2a468ed4f4b086f8f5d2b2c8d4cafdd2
71340b337e6dc1cc9a65823924ff4dd8fb16f7c0177ade731a38df4c12bc15b0
8723020c3afaa0a0e27c1264a283babf2bbdba747fb96ac42c48dd7fc63e39a7
87bae2e5593de11d29487afbc731b38a10f9e601371cc252268ab8d260bd3957
897901b8c1230c110ceb739f46c590593007fa4a92349d765cdc4efedccd38b0
916ea871226eb8310b143c8928c7825fb9f0565755f3ce86615658225abc2fb0
b14d7a9698106e909429d517c2ea27f2ba7641d10b732dcb5687e6cbb43e652e
c04074222214276792b33b2d3987fcb8884f0ef53f7300040058e8f4d6fb5491
c3548296b1bb8f9c3fd5a27876d045d11b09fda113145337523a3bd297d89878
eea2b2ef767cd967fb517b54f5b2f92248f4f5060400e7ae15177fff07113daf
f0b8b94338c59658eb25ce57fbaae5eff19502419361bf523c718396441bfe6d