urlscan.io logo urlscan.io
SecurityTrails logo

www.shulexun.com Open in urlscan Pro
104.253.159.212  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://shulexun.com/
Effective URL: http://www.shulexun.com/
Submission: On September 27 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 10 domains to perform 22 HTTP transactions. The main IP is 104.253.159.212, located in United States and belongs to EGIHOSTING, US. The main domain is www.shulexun.com.
This is the only time www.shulexun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 104.253.159.212 18779 (EGIHOSTING)
4 156.251.142.141 40065 (CNSERVERS)
1 220.185.164.250 136190 (CHINATELE...)
7 23.225.3.254 40065 (CNSERVERS)
2 103.143.19.103 134760 (CHINANET-...)
1 104.16.88.20 13335 (CLOUDFLAR...)
1 47.97.3.34 ()
22 8
4    104.253.159.212 (United States)

ASN18779 (EGIHOSTING, US)
shulexun.com
www.shulexun.com
4    156.251.142.141 (Seychelles)

ASN40065 (CNSERVERS, US)
ahahschzzj1882asggsf3.com
1    220.185.164.250 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)
s4.cnzz.com
7    23.225.3.254 (United States)

ASN40065 (CNSERVERS, US)
fsadcx1.com
2    103.143.19.103 (China)

ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN)
js.users.51.la
ia.51.la
1    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    47.97.3.34 (None, )

ASN- ()
cdn.dcloud.net.cn
Apex Domain
Subdomains		 Transfer
7 fsadcx1.com
fsadcx1.com
443 KB
4 ahahschzzj1882asggsf3.com
ahahschzzj1882asggsf3.com
151 KB
4 shulexun.com
shulexun.com
www.shulexun.com
2 KB
2 51.la
js.users.51.la — Cisco Umbrella Rank: 69326
ia.51.la — Cisco Umbrella Rank: 61002
3 KB
1 dcloud.net.cn
cdn.dcloud.net.cn
579 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392
4 KB
1 cnzz.com
s4.cnzz.com — Cisco Umbrella Rank: 73360
438 B
0 306842.com Failed
306842.com Failed
0 govxinjiang.cn Failed
www.govxinjiang.cn Failed
0 govguiyang.cn Failed
www.govguiyang.cn Failed
22 10
Domain Requested by
7 fsadcx1.com ahahschzzj1882asggsf3.com
4 ahahschzzj1882asggsf3.com www.shulexun.com
ahahschzzj1882asggsf3.com
3 www.shulexun.com www.shulexun.com
1 cdn.dcloud.net.cn ahahschzzj1882asggsf3.com
1 ia.51.la ahahschzzj1882asggsf3.com
1 cdn.jsdelivr.net ahahschzzj1882asggsf3.com
1 js.users.51.la ahahschzzj1882asggsf3.com
1 s4.cnzz.com www.shulexun.com
1 shulexun.com 1 redirects
0 306842.com Failed ahahschzzj1882asggsf3.com
0 www.govxinjiang.cn Failed fsadcx1.com
0 www.govguiyang.cn Failed fsadcx1.com
22 12

This site contains no links.

Subject Issuer Validity Valid
ahahschzzj1882asggsf3.com
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-01-11 -
2023-02-12		 a year crt.sh
fsadcx1.com
R3		 2022-08-06 -
2022-11-04		 3 months crt.sh
*.users.51.la
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-29 -
2023-04-30		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.51.la
GlobalSign GCC R3 DV TLS CA 2020		 2022-04-19 -
2023-05-21		 a year crt.sh
*.dcloud.net.cn
Certum Domain Validation CA SHA2		 2022-07-21 -
2023-08-19		 a year crt.sh

This page contains 2 frames:

Primary Page: http://www.shulexun.com/
Frame ID: 67308B98A560C07813666C7F93AD25E1
Requests: 4 HTTP requests in this frame

Frame: https://ahahschzzj1882asggsf3.com/
Frame ID: AF321686B4D1E09C8528701DEB626CD7
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

包头掳僖装饰工程有限公司亚洲天堂2019无码,波多野结衣一本道在线DVD,日本av人与兽,97av在线观看久久热&包头掳僖装饰工程有限公司

Page URL History Show full URLs

  1. http://shulexun.com/ HTTP 301
    http://www.shulexun.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //[^./]+\.cnzz\.com/(?:z_stat.php|core)\?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

22
Requests

73 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

8
IPs

4
Countries

603 kB
Transfer

863 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shulexun.com/ HTTP 301
    http://www.shulexun.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.shulexun.com/
Redirect Chain
  • http://shulexun.com/
  • http://www.shulexun.com/
2 KB
852 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.shulexun.com/
Protocol
HTTP/1.1
Server
104.253.159.212 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
47f9fae8acc39b2f6f68f2562b12827e6598c144d1bd748647a29c2ca9093adb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 27 Sep 2022 23:03:55 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html
Date
Tue, 27 Sep 2022 23:03:54 GMT
Location
http://www.shulexun.com/
Server
nginx
common.js
www.shulexun.com/ 		1 KB
917 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.shulexun.com/common.js
Requested by
Host: www.shulexun.com
URL: http://www.shulexun.com/
Protocol
HTTP/1.1
Server
104.253.159.212 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
905ffa0f22200141e876ef6dfeab9eeecc2f68999d1edf490b1ed8e57c1cd6f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://www.shulexun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 23:03:55 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
application/x-javascript
tj.js
www.shulexun.com/ 		134 B
290 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.shulexun.com/tj.js
Requested by
Host: www.shulexun.com
URL: http://www.shulexun.com/
Protocol
HTTP/1.1
Server
104.253.159.212 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
e2fd001d377ad6c621995d9131cc97415510746f354902093876639aeb777113

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://www.shulexun.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 23:03:55 GMT
Server
nginx
Connection
keep-alive
Content-Length
134
Content-Type
application/x-javascript
/
ahahschzzj1882asggsf3.com/ Frame AF32 		209 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ahahschzzj1882asggsf3.com/
Requested by
Host: www.shulexun.com
URL: http://www.shulexun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.251.142.141 , Seychelles, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
4f88e25b888e8aa90f272d84e03076378edaa7322a332b59be806d0e162d1a66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.shulexun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 27 Sep 2022 23:03:51 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
z_stat.php
s4.cnzz.com/ 		0
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.cnzz.com/z_stat.php?id=1279791549&web_id=1279791549
Requested by
Host: www.shulexun.com
URL: http://www.shulexun.com/tj.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
220.185.164.250 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.shulexun.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 27 Sep 2022 23:03:51 GMT
content-encoding
gzip
last-modified
Tue, 27 Sep 2022 23:03:51 GMT
server
Tengine
x-swift-cachetime
3600
x-powered-by
PHP/5.5.25
vary
Accept-Encoding
ali-swift-global-savetime
1664319831
content-type
application/javascript
via
cache75.l2cn1836[75,74,200-0,M], cache44.l2cn1836[76,0], cache8.cn4100[96,96,200-0,M], cache17.cn4100[100,0]
cache-control
max-age=1800,s-maxage=3600
x-cache
MISS TCP_REFRESH_MISS dirn:5:86323450
x-swift-savetime
Tue, 27 Sep 2022 23:03:51 GMT
timing-allow-origin
*
eagleid
dcb9a4a516643198315297171e
index.css
ahahschzzj1882asggsf3.com/template/default/css/ Frame AF32 		92 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ahahschzzj1882asggsf3.com/template/default/css/index.css
Requested by
Host: ahahschzzj1882asggsf3.com
URL: https://ahahschzzj1882asggsf3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.251.142.141 , Seychelles, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
4092422fbd44790f2e0889437a157b0156f3801412dbe0758286232f58ae0afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ahahschzzj1882asggsf3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 23:03:51 GMT
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 08:32:44 GMT
server
nginx
etag
W/"62592dac-16ff2"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Wed, 28 Sep 2022 11:03:51 GMT
logo.png
ahahschzzj1882asggsf3.com/template/default/images/ Frame AF32 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ahahschzzj1882asggsf3.com/template/default/images/logo.png
Requested by
Host: ahahschzzj1882asggsf3.com
URL: https://ahahschzzj1882asggsf3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.251.142.141 , Seychelles, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
e35d50ca10ecb546abd3873212a7853efbc21d22991c289501d9f44c727c6662
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ahahschzzj1882asggsf3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 23:03:51 GMT
last-modified
Fri, 15 Apr 2022 08:32:44 GMT
server
nginx
etag
"62592dac-15d83"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
89475
expires
Thu, 27 Oct 2022 23:03:51 GMT
top.js
fsadcx1.com/hhz/ Frame AF32 		1 KB
569 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fsadcx1.com/hhz/top.js
Requested by
Host: ahahschzzj1882asggsf3.com
URL: https://ahahschzzj1882asggsf3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.225.3.254 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
e08ededcd8958d007e28f2a49e069b8e04bc3b4c67d9705cd17c3fe118d1faff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ahahschzzj1882asggsf3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 23:03:52 GMT
content-encoding
gzip
last-modified
Mon, 26 Sep 2022 11:21:57 GMT
server
nginx
etag
W/"63318b55-4f3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Wed, 28 Sep 2022 11:03:52 GMT
xf.js
fsadcx1.com/hhz/xinzd/ Frame AF32 		2 KB
760 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fsadcx1.com/hhz/xinzd/xf.js
Requested by
Host: ahahschzzj1882asggsf3.com
URL: https://ahahschzzj1882asggsf3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.225.3.254 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
1b872d2850fb957ce0ab19530e6005140f9d2e80c7d77fb75a6a8b581e722a59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ahahschzzj1882asggsf3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 23:03:52 GMT
content-encoding
gzip
last-modified
Mon, 11 Apr 2022 15:40:30 GMT
server
nginx
etag
W/"62544bee-60b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Wed, 28 Sep 2022 11:03:52 GMT
qq.js
fsadcx1.com/ahao/ Frame AF32 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fsadcx1.com/ahao/qq.js
Requested by
Host: ahahschzzj1882asggsf3.com
URL: https://ahahschzzj1882asggsf3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.225.3.254 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
cd3881485f1a5aa1cc6168360a775f32ddae22860a247810f3a5c773b53c584a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ahahschzzj1882asggsf3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 23:03:52 GMT
content-encoding
gzip
last-modified
Thu, 05 May 2022 15:57:11 GMT
server
nginx
etag
W/"6273f3d7-15ff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Wed, 28 Sep 2022 11:03:52 GMT
top2.js
fsadcx1.com/hhz/ Frame AF32 		2 KB
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fsadcx1.com/hhz/top2.js
Requested by
Host: ahahschzzj1882asggsf3.com
URL: https://ahahschzzj1882asggsf3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.225.3.254 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
ace173a5a1a6b14c1c7aa4a7c57aa183f39186f81b97db98719958230b6a344b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ahahschzzj1882asggsf3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 23:03:52 GMT
content-encoding
gzip
last-modified
Mon, 26 Sep 2022 11:21:57 GMT
server
nginx
etag
W/"63318b55-81a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Wed, 28 Sep 2022 11:03:52 GMT
loading.gif
ahahschzzj1882asggsf3.com/template/default/images/ Frame AF32 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ahahschzzj1882asggsf3.com/template/default/images/loading.gif
Requested by
Host: ahahschzzj1882asggsf3.com
URL: https://ahahschzzj1882asggsf3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.251.142.141 , Seychelles, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
b838c8ce96424a1ec09ab8f5a683cb86ed3e020e3e101449335e1452e9844835
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ahahschzzj1882asggsf3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 23:03:51 GMT
last-modified
Fri, 15 Apr 2022 08:32:44 GMT
server
nginx
etag
"62592dac-1cb3"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7347
expires
Thu, 27 Oct 2022 23:03:51 GMT
21314747.js
js.users.51.la/ Frame AF32 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.users.51.la/21314747.js
Requested by
Host: ahahschzzj1882asggsf3.com
URL: https://ahahschzzj1882asggsf3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software
CloudWAF /
Resource Hash
8b3a611d998e57644818a609608ecb94a8d674567a967488fbc8836376f11bea

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ahahschzzj1882asggsf3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 23:03:53 GMT
Content-Encoding
gzip
Server
CloudWAF
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=360000
Access-Control-Allow-Credentials
true
Connection
keep-alive
lazyload.min.js
cdn.jsdelivr.net/npm/vanilla-lazyload@17.7.0/dist/ Frame AF32 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vanilla-lazyload@17.7.0/dist/lazyload.min.js
Requested by
Host: ahahschzzj1882asggsf3.com
URL: https://ahahschzzj1882asggsf3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533a48a62a8967e57ce0d7b8df55de47baeac197932999c0a24db7ebd72b10ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ahahschzzj1882asggsf3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 23:03:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-jsd-version
17.7.0
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19122-FRA, cache-itm18834-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"20fe-e3af702sjsbmXoDcv8ws/oZyPI4"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkvbrF%2B3%2F5iBVVJ%2F3Ts8gHeoXGFrZjs%2BITFNDj560m8Fs8OhcFZiayP3n15ccnRLyIpuwYgJbNWb0N1cCUJ8nYlGywLozyKkihaV3CtpMmHn1C7q1dc1imzy6%2FIqT0tidic%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
7517e006ac1aaaf6-SYD
access-control-expose-headers
*
yuepao1.gif
fsadcx1.com/tu/yuepao/ Frame AF32 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fsadcx1.com/tu/yuepao/yuepao1.gif
Requested by
Host: ahahschzzj1882asggsf3.com
URL: https://ahahschzzj1882asggsf3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.225.3.254 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
194de7cd9d613b7f691df0fc1dfa84cde713f996113dc4ee97846659ec590d16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ahahschzzj1882asggsf3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 23:03:52 GMT
last-modified
Fri, 09 Sep 2022 10:53:45 GMT
server
nginx
etag
"631b1b39-1ee1b"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
126491
expires
Thu, 27 Oct 2022 23:03:52 GMT
yy1.gif
fsadcx1.com/tu/ Frame AF32 		200 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fsadcx1.com/tu/yy1.gif
Requested by
Host: ahahschzzj1882asggsf3.com
URL: https://ahahschzzj1882asggsf3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.225.3.254 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
326dfa38159118ab18aa5dce0a9c10f4e19f2050a0bafeda7bfe7a0a4aca0cc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ahahschzzj1882asggsf3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 23:03:52 GMT
last-modified
Fri, 13 May 2022 09:49:47 GMT
server
nginx
etag
"627e29bb-320cd"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
205005
expires
Thu, 27 Oct 2022 23:03:52 GMT
yy2.gif
fsadcx1.com/tu/ Frame AF32 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fsadcx1.com/tu/yy2.gif
Requested by
Host: ahahschzzj1882asggsf3.com
URL: https://ahahschzzj1882asggsf3.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.225.3.254 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
5246b9875a8fa86910cc1ab62ba1592a0495de27f0082ed1c26f1d1f4125d5da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ahahschzzj1882asggsf3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 23:03:52 GMT
last-modified
Fri, 13 May 2022 09:47:38 GMT
server
nginx
etag
"627e293a-1cb16"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
117526
expires
Thu, 27 Oct 2022 23:03:52 GMT
39F5B84A-8F1F-12179-34-088ACD3E560C.alpha
www.govguiyang.cn/ty/ Frame AF32 		0
0
x-5026-33.js
www.govxinjiang.cn/ty/ Frame AF32 		0
0
truncated
/ Frame AF32 		254 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ Frame AF32 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e84ba98688e7d7767e89b644a04db90549b60fc6ee30b6ab9b3b3f6dcf28a45e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
960x60.gif
306842.com/ Frame AF32 		0
0
go1
ia.51.la/ Frame AF32 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ia.51.la/go1?id=21314747&rt=1664319833179&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%2597%25A5%25E6%259C%25AC%25E9%259F%25A9%25E5%259B%25BD%25E6%25AC%25A7%25E7%25BE%258E%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E8%25A7%2586%25E9%25A2%2591%25E6%2597%25A0%25E7%25A0%2581&ing=1&ekc=&sid=1664319833179&tt=%25E5%25B0%2591%25E5%25A6%2587%25E6%2597%25A0%25E7%25A0%2581AV%25E6%2597%25A0%25E7%25A0%2581%25E4%25B8%2593%25E5%258C%25BA%25E7%25BA%25BF%252CA%25E6%25AF%259B%25E7%2589%2587%25E5%2585%258D%25E8%25B4%25B9%25E5%2585%25A8%25E9%2583%25A8%25E6%2592%25AD%25E6%2594%25BE%25E5%25AE%258C%25E6%2595%25B4%252C%25E5%258F%2588%25E8%2589%25B2%25E5%258F%2588%25E7%2588%25BD%25E5%258F%2588%25E9%25BB%2584%25E7%259A%2584%25E8%25A7%2586%25E9%25A2%2591APP%252C%25E6%25BF%2580%25E6%2583%2585%25E7%25BB%25BC%25E5%2590%2588%25E5%259C%25A8%25E7%25BA%25BF%25E4%25BA%259A%25E6%25B4%25B2%25E4%25BA%2594%25E6%259C%2588%25E5%25A4%25A9&kw=%25E6%25AC%25A7%25E7%25BE%258E%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E8%25A7%2586%25E9%25A2%2591%25E6%2597%25A0%25E7%25A0%2581&cu=https%253A%252F%252Fahahschzzj1882asggsf3.com%252F&pu=http%253A%252F%252Fwww.shulexun.com%252F
Requested by
Host: ahahschzzj1882asggsf3.com
URL: https://ahahschzzj1882asggsf3.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software
CloudWAF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ahahschzzj1882asggsf3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 23:03:54 GMT
Server
CloudWAF
Connection
keep-alive
Content-Length
0
shadow-grey.png
cdn.dcloud.net.cn/img/ Frame AF32 		136 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.dcloud.net.cn/img/shadow-grey.png
Requested by
Host: ahahschzzj1882asggsf3.com
URL: https://ahahschzzj1882asggsf3.com/template/default/css/index.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.97.3.34 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ahahschzzj1882asggsf3.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 23:03:56 GMT
Last-Modified
Thu, 06 Jun 2019 06:42:07 GMT
Server
nginx
ETag
"5cf8b5bf-88"
Content-Type
image/png
Cache-Control
max-age=7200
Connection
close
Accept-Ranges
bytes
Content-Length
136
Expires
Wed, 28 Sep 2022 01:03:56 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.govguiyang.cn
URL
https://www.govguiyang.cn:12443/ty/39F5B84A-8F1F-12179-34-088ACD3E560C.alpha
Domain
www.govxinjiang.cn
URL
https://www.govxinjiang.cn:4443/ty/x-5026-33.js
Domain
306842.com
URL
https://306842.com/960x60.gif

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation string| titlestr function| setFrame

0 Cookies

4 Console Messages

Source Level URL
Text
javascript warning URL: http://www.shulexun.com/tj.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://s4.cnzz.com/z_stat.php?id=1279791549&web_id=1279791549, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://www.shulexun.com/tj.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://s4.cnzz.com/z_stat.php?id=1279791549&web_id=1279791549, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.govguiyang.cn:12443/ty/39F5B84A-8F1F-12179-34-088ACD3E560C.alpha
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.govxinjiang.cn:4443/ty/x-5026-33.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

306842.com
ahahschzzj1882asggsf3.com
cdn.dcloud.net.cn
cdn.jsdelivr.net
fsadcx1.com
ia.51.la
js.users.51.la
s4.cnzz.com
shulexun.com
www.govguiyang.cn
www.govxinjiang.cn
www.shulexun.com
306842.com
www.govguiyang.cn
www.govxinjiang.cn
103.143.19.103
104.16.88.20
104.253.159.212
156.251.142.141
220.185.164.250
23.225.3.254
47.97.3.34
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
194de7cd9d613b7f691df0fc1dfa84cde713f996113dc4ee97846659ec590d16
1b872d2850fb957ce0ab19530e6005140f9d2e80c7d77fb75a6a8b581e722a59
326dfa38159118ab18aa5dce0a9c10f4e19f2050a0bafeda7bfe7a0a4aca0cc5
4092422fbd44790f2e0889437a157b0156f3801412dbe0758286232f58ae0afd
47f9fae8acc39b2f6f68f2562b12827e6598c144d1bd748647a29c2ca9093adb
4f88e25b888e8aa90f272d84e03076378edaa7322a332b59be806d0e162d1a66
5246b9875a8fa86910cc1ab62ba1592a0495de27f0082ed1c26f1d1f4125d5da
533a48a62a8967e57ce0d7b8df55de47baeac197932999c0a24db7ebd72b10ea
8b3a611d998e57644818a609608ecb94a8d674567a967488fbc8836376f11bea
905ffa0f22200141e876ef6dfeab9eeecc2f68999d1edf490b1ed8e57c1cd6f7
ace173a5a1a6b14c1c7aa4a7c57aa183f39186f81b97db98719958230b6a344b
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
b838c8ce96424a1ec09ab8f5a683cb86ed3e020e3e101449335e1452e9844835
cd3881485f1a5aa1cc6168360a775f32ddae22860a247810f3a5c773b53c584a
e08ededcd8958d007e28f2a49e069b8e04bc3b4c67d9705cd17c3fe118d1faff
e2fd001d377ad6c621995d9131cc97415510746f354902093876639aeb777113
e35d50ca10ecb546abd3873212a7853efbc21d22991c289501d9f44c727c6662
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e84ba98688e7d7767e89b644a04db90549b60fc6ee30b6ab9b3b3f6dcf28a45e