urlscan.io logo urlscan.io
SecurityTrails logo

ghxdedu.com Open in urlscan Pro
104.216.69.152  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.ghxdedu.com/
Effective URL: https://ghxdedu.com/
Submission: On September 24 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 22 HTTP transactions. The main IP is 104.216.69.152, located in Walnut, United States and belongs to AS40676, US. The main domain is ghxdedu.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 24th 2020. Valid for: 3 months.
This is the only time ghxdedu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 104.216.69.152 40676 (AS40676)
1 2a00:1450:400... 15169 (GOOGLE)
1 119.188.176.48 4837 (CHINA169-...)
4 103.235.46.191 55967 (BAIDU Bei...)
1 45.35.53.18 40676 (AS40676)
1 2a00:1450:400... 15169 (GOOGLE)
1 103.235.46.39 55967 (BAIDU Bei...)
22 7
14    104.216.69.152 (Walnut, United States)

ASN40676 (AS40676, US)
PTR: unassigned.psychz.net
www.ghxdedu.com
ghxdedu.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    119.188.176.48 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
zz.bdstatic.com
4    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    45.35.53.18 (Dallas, United States)

ASN40676 (AS40676, US)
PTR: unassigned.psychz.net
www.azaidan.com
1    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    103.235.46.39 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
sp0.baidu.com
Domain Requested by
13 ghxdedu.com ghxdedu.com
4 hm.baidu.com ghxdedu.com
1 sp0.baidu.com ghxdedu.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.azaidan.com ghxdedu.com
1 zz.bdstatic.com ghxdedu.com
1 fonts.googleapis.com ghxdedu.com
1 www.ghxdedu.com 1 redirects
22 8

This site contains links to these domains. Also see Links.

Domain
cn.wordpress.org
Subject Issuer Validity Valid
ghxdedu.com
Let's Encrypt Authority X3		 2020-09-24 -
2020-12-23		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-04-02 -
2021-07-26		 a year crt.sh
www.azaidan.com
Let's Encrypt Authority X3		 2020-09-18 -
2020-12-17		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://ghxdedu.com/
Frame ID: 759260805E9E0B6DA9506C385D6A33FF
Requests: 21 HTTP requests in this frame

Frame: https://www.azaidan.com/yb.html
Frame ID: 80DA08C1D22E642C9B1B05F176BE516A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.ghxdedu.com/ HTTP 301
    https://ghxdedu.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

22
Requests

100 %
HTTPS

29 %
IPv6

6
Domains

8
Subdomains

7
IPs

4
Countries

225 kB
Transfer

505 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.ghxdedu.com/ HTTP 301
    https://ghxdedu.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ghxdedu.com/
Redirect Chain
  • https://www.ghxdedu.com/
  • https://ghxdedu.com/
48 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ghxdedu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.216.69.152 Walnut, United States, ASN40676 (AS40676, US),
Reverse DNS
unassigned.psychz.net
Software
nginx / PHP/7.3.11
Resource Hash
b6015c219473c03c2f9b413fffe0f341d050f688fbe9f817a3e7d6d0105f69a0

Request headers

:method
GET
:authority
ghxdedu.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx
date
Thu, 24 Sep 2020 16:49:11 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.11
link
<https://ghxdedu.com/wp-json/>; rel="https://api.w.org/"
content-encoding
gzip

Redirect headers

status
301
server
nginx
date
Thu, 24 Sep 2020 16:49:10 GMT
content-type
text/html; charset=UTF-8
location
https://ghxdedu.com/
x-powered-by
PHP/7.3.11
x-redirect-by
WordPress
style.min.css
ghxdedu.com/wp-includes/css/dist/block-library/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ghxdedu.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.4
Requested by
Host: ghxdedu.com
URL: https://ghxdedu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.216.69.152 Walnut, United States, ASN40676 (AS40676, US),
Reverse DNS
unassigned.psychz.net
Software
nginx /
Resource Hash
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049

Request headers

Referer
https://ghxdedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:49:11 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 22:40:16 GMT
server
nginx
etag
W/"5ee16150-a055"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=43200
expires
Fri, 25 Sep 2020 04:49:11 GMT
fontawesome4.css
ghxdedu.com/wp-content/themes/moderne/css/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ghxdedu.com/wp-content/themes/moderne/css/fontawesome4.css?ver=4.7.0
Requested by
Host: ghxdedu.com
URL: https://ghxdedu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.216.69.152 Walnut, United States, ASN40676 (AS40676, US),
Reverse DNS
unassigned.psychz.net
Software
nginx /
Resource Hash
44b8b05060cf003255cad334e4f4881e9482f465efb50d2a4e4df91cc8162cbc

Request headers

Referer
https://ghxdedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:49:11 GMT
content-encoding
gzip
last-modified
Sun, 22 Mar 2020 10:35:43 GMT
server
nginx
etag
W/"5e773f7f-8f31"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=43200
expires
Fri, 25 Sep 2020 04:49:11 GMT
css
fonts.googleapis.com/ 		3 KB
641 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald%3A400%2C500&subset=latin%2Clatin-ext
Requested by
Host: ghxdedu.com
URL: https://ghxdedu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9120dfdf3a757c1912a56221d63b34a78414bbd395bb27eaf495ccb3960b789e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ghxdedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 24 Sep 2020 16:54:07 GMT
server
ESF
date
Thu, 24 Sep 2020 16:54:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 24 Sep 2020 16:54:07 GMT
style.css
ghxdedu.com/wp-content/themes/moderne/ 		82 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ghxdedu.com/wp-content/themes/moderne/style.css?ver=5.3.4
Requested by
Host: ghxdedu.com
URL: https://ghxdedu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.216.69.152 Walnut, United States, ASN40676 (AS40676, US),
Reverse DNS
unassigned.psychz.net
Software
nginx /
Resource Hash
336448e32984827c061fbce5c4eeed38fc0df28126e1509aaab8281ef5cc09e5

Request headers

Referer
https://ghxdedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:49:11 GMT
content-encoding
gzip
last-modified
Sun, 22 Mar 2020 10:35:43 GMT
server
nginx
etag
W/"5e773f7f-146c9"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=43200
expires
Fri, 25 Sep 2020 04:49:11 GMT
jquery.js
ghxdedu.com/wp-includes/js/jquery/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ghxdedu.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: ghxdedu.com
URL: https://ghxdedu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.216.69.152 Walnut, United States, ASN40676 (AS40676, US),
Reverse DNS
unassigned.psychz.net
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://ghxdedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:49:11 GMT
content-encoding
gzip
last-modified
Sun, 22 Mar 2020 05:05:37 GMT
server
nginx
etag
W/"5e76f221-17a69"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=43200
expires
Fri, 25 Sep 2020 04:49:11 GMT
jquery-migrate.min.js
ghxdedu.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ghxdedu.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: ghxdedu.com
URL: https://ghxdedu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.216.69.152 Walnut, United States, ASN40676 (AS40676, US),
Reverse DNS
unassigned.psychz.net
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://ghxdedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:49:11 GMT
content-encoding
gzip
last-modified
Sun, 22 Mar 2020 05:05:37 GMT
server
nginx
etag
W/"5e76f221-2748"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=43200
expires
Fri, 25 Sep 2020 04:49:11 GMT
js.js
ghxdedu.com/ 		3 KB
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ghxdedu.com/js.js
Requested by
Host: ghxdedu.com
URL: https://ghxdedu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.216.69.152 Walnut, United States, ASN40676 (AS40676, US),
Reverse DNS
unassigned.psychz.net
Software
nginx /
Resource Hash
96873072f1b3168777f19f51f1e0c1edc5ccb680dc7eaae61a08c70d56da6f8f

Request headers

Referer
https://ghxdedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:49:11 GMT
content-encoding
gzip
last-modified
Sun, 22 Mar 2020 05:05:37 GMT
server
nginx
etag
W/"5e76f221-a1f"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=43200
expires
Fri, 25 Sep 2020 04:49:11 GMT
skip-link-focus-fix.js
ghxdedu.com/wp-content/themes/moderne/js/ 		685 B
867 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ghxdedu.com/wp-content/themes/moderne/js/skip-link-focus-fix.js?ver=20151215
Requested by
Host: ghxdedu.com
URL: https://ghxdedu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.216.69.152 Walnut, United States, ASN40676 (AS40676, US),
Reverse DNS
unassigned.psychz.net
Software
nginx /
Resource Hash
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Request headers

Referer
https://ghxdedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:49:11 GMT
last-modified
Sun, 22 Mar 2020 10:35:43 GMT
server
nginx
etag
"5e773f7f-2ad"
content-type
application/javascript
status
200
cache-control
max-age=43200
accept-ranges
bytes
content-length
685
expires
Fri, 25 Sep 2020 04:49:11 GMT
theme-scripts.js
ghxdedu.com/wp-content/themes/moderne/js/ 		2 KB
951 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ghxdedu.com/wp-content/themes/moderne/js/theme-scripts.js?ver=20151215
Requested by
Host: ghxdedu.com
URL: https://ghxdedu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.216.69.152 Walnut, United States, ASN40676 (AS40676, US),
Reverse DNS
unassigned.psychz.net
Software
nginx /
Resource Hash
d4195ffeca9bb96565aff9b041b1bc97aff19b57bb54f9692014bb2210ed08cb

Request headers

Referer
https://ghxdedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:49:11 GMT
content-encoding
gzip
last-modified
Sun, 22 Mar 2020 10:35:43 GMT
server
nginx
etag
W/"5e773f7f-77a"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=43200
expires
Fri, 25 Sep 2020 04:49:11 GMT
menu.js
ghxdedu.com/wp-content/themes/moderne/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ghxdedu.com/wp-content/themes/moderne/js/menu.js?ver=20160816
Requested by
Host: ghxdedu.com
URL: https://ghxdedu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.216.69.152 Walnut, United States, ASN40676 (AS40676, US),
Reverse DNS
unassigned.psychz.net
Software
nginx /
Resource Hash
9841d4525a317673746530370f0998c845d9857775a7a3ba458de9ff5d12493a

Request headers

Referer
https://ghxdedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:49:11 GMT
content-encoding
gzip
last-modified
Sun, 22 Mar 2020 10:35:43 GMT
server
nginx
etag
W/"5e773f7f-122b"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=43200
expires
Fri, 25 Sep 2020 04:49:11 GMT
wp-embed.min.js
ghxdedu.com/wp-includes/js/ 		1 KB
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ghxdedu.com/wp-includes/js/wp-embed.min.js?ver=5.3.4
Requested by
Host: ghxdedu.com
URL: https://ghxdedu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.216.69.152 Walnut, United States, ASN40676 (AS40676, US),
Reverse DNS
unassigned.psychz.net
Software
nginx /
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Referer
https://ghxdedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:49:11 GMT
content-encoding
gzip
last-modified
Sun, 22 Mar 2020 05:05:37 GMT
server
nginx
etag
W/"5e76f221-577"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=43200
expires
Fri, 25 Sep 2020 04:49:11 GMT
wp-emoji-release.min.js
ghxdedu.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ghxdedu.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.4
Requested by
Host: ghxdedu.com
URL: https://ghxdedu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.216.69.152 Walnut, United States, ASN40676 (AS40676, US),
Reverse DNS
unassigned.psychz.net
Software
nginx /
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Referer
https://ghxdedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:49:12 GMT
content-encoding
gzip
last-modified
Sun, 22 Mar 2020 05:05:37 GMT
server
nginx
etag
W/"5e76f221-362a"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=43200
expires
Fri, 25 Sep 2020 04:49:12 GMT
push.js
zz.bdstatic.com/linksubmit/ 		308 B
563 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zz.bdstatic.com/linksubmit/push.js
Requested by
Host: ghxdedu.com
URL: https://ghxdedu.com/js.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.188.176.48 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212

Request headers

Referer
https://ghxdedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:54:09 GMT
ohc-cache-hit
jn2un92 [4], xzuncache85 [4]
ohc-response-time
1 0 0 0 0 0
last-modified
Tue, 04 Aug 2020 03:02:11 GMT
server
JSP3/2.0.14
age
26206
etag
W/"5f28cfb3-134"
content-type
application/x-javascript
status
200
cache-control
max-age=86400
tracecode
22432261932484135178080517
accept-ranges
bytes
content-encoding
gzip
expires
Fri, 25 Sep 2020 09:37:23 GMT
hm.js
hm.baidu.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?01c621d620ddae36a69b486eb039ad7c
Requested by
Host: ghxdedu.com
URL: https://ghxdedu.com/js.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
4184a14c999eb72dc6c6e4e8818ceb70eddbca96df7fb818441c64ccdcb887ca
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://ghxdedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 16:54:08 GMT
Content-Encoding
gzip
Server
apache
Etag
147a81f0566c63c201878dcb9f573d73
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14032
hm.js
hm.baidu.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?a4aa3c255c0f5d819375dbf85e6b19c8
Requested by
Host: ghxdedu.com
URL: https://ghxdedu.com/js.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
adae23a6191c7dd5c7c62945e229ae27b6fda92cbc76e05dbf060000aa5077c2
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://ghxdedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 16:54:08 GMT
Content-Encoding
gzip
Server
apache
Etag
c9f0f6fe0409e80d98b2a15db9700198
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14031
yb.html
www.azaidan.com/ Frame 80DA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.azaidan.com/yb.html
Requested by
Host: ghxdedu.com
URL: https://ghxdedu.com/js.js
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
45.35.53.18 Dallas, United States, ASN40676 (AS40676, US),
Reverse DNS
unassigned.psychz.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Host
www.azaidan.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ghxdedu.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ghxdedu.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Sat, 15 Aug 2020 13:36:07 GMT
Accept-Ranges
bytes
ETag
"807d657973d61:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Date
Thu, 24 Sep 2020 16:54:12 GMT
Content-Length
1695
TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v35/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v35/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C500&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ghxdedu.com
Referer
https://fonts.googleapis.com/css?family=Oswald%3A400%2C500&subset=latin%2Clatin-ext
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Sep 2020 09:11:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Jul 2020 19:17:26 GMT
server
sffe
age
286973
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25376
x-xss-protection
0
expires
Tue, 21 Sep 2021 09:11:14 GMT
fontawesome-webfont.woff2
ghxdedu.com/wp-content/themes/moderne/fontawesome/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ghxdedu.com/wp-content/themes/moderne/fontawesome/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: ghxdedu.com
URL: https://ghxdedu.com/wp-content/themes/moderne/css/fontawesome4.css?ver=4.7.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.216.69.152 Walnut, United States, ASN40676 (AS40676, US),
Reverse DNS
unassigned.psychz.net
Software
nginx /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Origin
https://ghxdedu.com
Referer
https://ghxdedu.com/wp-content/themes/moderne/css/fontawesome4.css?ver=4.7.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 16:49:12 GMT
last-modified
Sun, 22 Mar 2020 10:35:43 GMT
server
nginx
etag
"5e773f7f-10440"
content-type
font/woff2
status
200
accept-ranges
bytes
content-length
66624
s.gif
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/ 		0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://ghxdedu.com/
Requested by
Host: ghxdedu.com
URL: https://ghxdedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.39 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ghxdedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 16:54:10 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=609150209&si=01c621d620ddae36a69b486eb039ad7c&v=1.2.76&lv=1&sn=11935&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fghxdedu.com%2F&tt=wanbo%E4%BD%93%E8%82%B2%E5%AE%A2%E6%88%B7%E7%AB%AF-wanbo%E4%BD%93%E8%82%B2%E5%AE%A2%E6%88%B7%E7%AB%AF%E5%AE%98%E7%BD%91-wanbo%E4%BD%93%E8%82%B2%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99
Requested by
Host: ghxdedu.com
URL: https://ghxdedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://ghxdedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Sep 2020 16:54:09 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1396535754&si=a4aa3c255c0f5d819375dbf85e6b19c8&v=1.2.76&lv=1&sn=11935&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fghxdedu.com%2F&tt=wanbo%E4%BD%93%E8%82%B2%E5%AE%A2%E6%88%B7%E7%AB%AF-wanbo%E4%BD%93%E8%82%B2%E5%AE%A2%E6%88%B7%E7%AB%AF%E5%AE%98%E7%BD%91-wanbo%E4%BD%93%E8%82%B2%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99
Requested by
Host: ghxdedu.com
URL: https://ghxdedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://ghxdedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Sep 2020 16:54:10 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| _wpemojiSettings undefined| $ function| jQuery object| _hmt string| title object| modernescreenReaderText object| wp object| jQuery112403978617923841199 object| twemoji boolean| _bdhm_loaded_01c621d620ddae36a69b486eb039ad7c object| mini_tangram_log_4zzpxl boolean| _bdhm_loaded_a4aa3c255c0f5d819375dbf85e6b19c8 object| mini_tangram_log_26l2tp

4 Cookies

Domain/Path Name / Value
.ghxdedu.com/ Name: Hm_lpvt_a4aa3c255c0f5d819375dbf85e6b19c8
Value: 1600966450
.ghxdedu.com/ Name: Hm_lvt_a4aa3c255c0f5d819375dbf85e6b19c8
Value: 1600966450
.ghxdedu.com/ Name: Hm_lpvt_01c621d620ddae36a69b486eb039ad7c
Value: 1600966450
.ghxdedu.com/ Name: Hm_lvt_01c621d620ddae36a69b486eb039ad7c
Value: 1600966450

1 Console Messages

Source Level URL
Text
console-api log URL: https://ghxdedu.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
ghxdedu.com
hm.baidu.com
sp0.baidu.com
www.azaidan.com
www.ghxdedu.com
zz.bdstatic.com
103.235.46.191
103.235.46.39
104.216.69.152
119.188.176.48
2a00:1450:4001:802::200a
2a00:1450:4001:825::2003
45.35.53.18
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
336448e32984827c061fbce5c4eeed38fc0df28126e1509aaab8281ef5cc09e5
4184a14c999eb72dc6c6e4e8818ceb70eddbca96df7fb818441c64ccdcb887ca
44b8b05060cf003255cad334e4f4881e9482f465efb50d2a4e4df91cc8162cbc
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
9120dfdf3a757c1912a56221d63b34a78414bbd395bb27eaf495ccb3960b789e
96873072f1b3168777f19f51f1e0c1edc5ccb680dc7eaae61a08c70d56da6f8f
9841d4525a317673746530370f0998c845d9857775a7a3ba458de9ff5d12493a
adae23a6191c7dd5c7c62945e229ae27b6fda92cbc76e05dbf060000aa5077c2
b6015c219473c03c2f9b413fffe0f341d050f688fbe9f817a3e7d6d0105f69a0
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4195ffeca9bb96565aff9b041b1bc97aff19b57bb54f9692014bb2210ed08cb
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995