Submitted URL: http://dahqkw.com/
Effective URL: https://dahqkw.com/
Submission: On November 16 via api from DE

Summary

This website contacted 8 IPs in 4 countries across 6 domains to perform 20 HTTP transactions. The main IP is 45.197.80.240, located in Johannesburg, South Africa and belongs to DXTL-HK DXTL Tseung Kwan O Service, HK. The main domain is dahqkw.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 15th 2018. Valid for: 3 months.
This is the only time dahqkw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 13 45.197.80.240 134548 (DXTL-HK D...)
1 156.239.112.102 134548 (DXTL-HK D...)
8 47.96.25.222 37963 (CNNIC-ALI...)
1 220.243.212.50 54994 (QUANTILNE...)
1 183.131.207.78 136190 (CHINATELE...)
3 103.235.46.191 55967 (CNNIC-BAI...)
1 27.221.109.31 4837 (CHINA169-...)
1 2 103.235.46.39 55967 (CNNIC-BAI...)
20 8
Apex Domain
Subdomains
Transfer
13 dahqkw.com
dahqkw.com
50 KB
8 ynpxrz.com
www.ynpxrz.com
71 KB
5 baidu.com
hm.baidu.com
sp0.baidu.com
www.baidu.com
14 KB
2 51.la
js.users.51.la
ia.51.la
6 KB
1 bdstatic.com
zz.bdstatic.com
490 B
1 zhgrf.cn
news.zhgrf.cn
516 B
20 6
Domain Requested by
13 dahqkw.com 9 redirects dahqkw.com
8 www.ynpxrz.com dahqkw.com
3 hm.baidu.com dahqkw.com
1 www.baidu.com dahqkw.com
1 sp0.baidu.com 1 redirects
1 zz.bdstatic.com dahqkw.com
1 ia.51.la dahqkw.com
1 js.users.51.la news.zhgrf.cn
1 news.zhgrf.cn dahqkw.com
20 9

This site contains links to these domains. Also see Links.

Domain
www.51.la
Subject Issuer Validity Valid
www.dahqkw.com
Let's Encrypt Authority X3
2018-11-15 -
2019-02-13
3 months crt.sh
news.zhgrf.cn
TrustAsia TLS RSA CA
2018-07-30 -
2019-07-30
a year crt.sh
*.users.51.la
GlobalSign Domain Validation CA - SHA256 - G2
2018-01-15 -
2021-03-19
3 years crt.sh
*.51.la
GlobalSign Domain Validation CA - SHA256 - G2
2018-01-15 -
2021-04-15
3 years crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2
2018-08-28 -
2019-05-26
9 months crt.sh

This page contains 1 frames:

Primary Page: https://dahqkw.com/
Frame ID: C35458B82CD021D3663F0351139A63CC
Requests: 20 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://dahqkw.com/ HTTP 301
    https://dahqkw.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

20
Requests

60 %
HTTPS

0 %
IPv6

6
Domains

9
Subdomains

8
IPs

4
Countries

141 kB
Transfer

491 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dahqkw.com/ HTTP 301
    https://dahqkw.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://dahqkw.com/images/logo.gif HTTP 302
  • http://www.ynpxrz.com/images/logo.gif
Request Chain 5
  • https://dahqkw.com/pic/logo.gif HTTP 302
  • http://www.ynpxrz.com/pic/logo.gif
Request Chain 6
  • https://dahqkw.com/images/adv/sydwjc.jpg HTTP 302
  • http://www.ynpxrz.com/images/adv/sydwjc.jpg
Request Chain 11
  • https://dahqkw.com/images/bullet.gif HTTP 302
  • http://www.ynpxrz.com/images/bullet.gif
Request Chain 12
  • https://dahqkw.com/images/diandian.jpg HTTP 302
  • http://www.ynpxrz.com/images/diandian.jpg
Request Chain 13
  • https://dahqkw.com/images/inputbg.gif HTTP 302
  • http://www.ynpxrz.com/images/inputbg.gif
Request Chain 14
  • https://dahqkw.com/zhengjiling/zj.jpg HTTP 302
  • http://www.ynpxrz.com/zhengjiling/zj.jpg
Request Chain 15
  • https://dahqkw.com/images/top.gif HTTP 302
  • http://www.ynpxrz.com/images/top.gif
Request Chain 17
  • https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://dahqkw.com/ HTTP 302
  • https://www.baidu.com/search/error.html

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
dahqkw.com/
Redirect Chain
  • http://dahqkw.com/
  • https://dahqkw.com/
291 KB
19 KB
Document
General
Full URL
https://dahqkw.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.197.80.240 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Apache / PHP/5.4.45
Resource Hash
68bd91fb3702fca42f337bb3234dc1c4b08a5363bd62dad071b1d039d8edc589

Request headers

:method
GET
:authority
dahqkw.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Fri, 16 Nov 2018 15:25:28 GMT
server
Apache
x-powered-by
PHP/5.4.45
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
set-cookie
PHPSESSID=ci9idmr2rg8veqc347td548221; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
18961
content-type
text/html; charset=gbk

Redirect headers

Date
Fri, 16 Nov 2018 15:25:27 GMT
Server
Apache
Location
https://dahqkw.com/
Content-Length
287
Connection
close
Content-Type
text/html; charset=iso-8859-1
style.css
dahqkw.com/css/
13 KB
3 KB
Stylesheet
General
Full URL
https://dahqkw.com/css/style.css
Requested by
Host: dahqkw.com
URL: https://dahqkw.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.197.80.240 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Apache / PHP/5.4.45
Resource Hash
67ee85246f0baec334e4686d2f9bcba9ae56f029d020fd5c89a6e0fef12ba5d5

Request headers

:path
/css/style.css
pragma
no-cache
cookie
PHPSESSID=ci9idmr2rg8veqc347td548221
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
dahqkw.com
referer
https://dahqkw.com/
:scheme
https
:method
GET
Referer
https://dahqkw.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Nov 2018 15:25:28 GMT
content-encoding
gzip
server
Apache
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie
PHPSESSID=ci9idmr2rg8veqc347td548221; path=/
content-length
3077
expires
Thu, 19 Nov 1981 08:52:00 GMT
jquery.js
dahqkw.com/js/
87 KB
26 KB
Script
General
Full URL
https://dahqkw.com/js/jquery.js
Requested by
Host: dahqkw.com
URL: https://dahqkw.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.197.80.240 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Apache / PHP/5.4.45
Resource Hash
120fd57dff91f12b12554cb217fe8f42472335b098b338d3e61dfbfad969dde8

Request headers

:path
/js/jquery.js
pragma
no-cache
cookie
PHPSESSID=ci9idmr2rg8veqc347td548221
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
dahqkw.com
referer
https://dahqkw.com/
:scheme
https
:method
GET
Referer
https://dahqkw.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Nov 2018 15:25:28 GMT
content-encoding
gzip
server
Apache
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie
PHPSESSID=ci9idmr2rg8veqc347td548221; path=/
content-length
26899
expires
Thu, 19 Nov 1981 08:52:00 GMT
yxw.js
dahqkw.com/js/
1 KB
649 B
Script
General
Full URL
https://dahqkw.com/js/yxw.js
Requested by
Host: dahqkw.com
URL: https://dahqkw.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.197.80.240 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Apache / PHP/5.4.45
Resource Hash
db95607df0c3e92565420a239492b551832be6c63b740b2c6d0fce82a07c4541

Request headers

:path
/js/yxw.js
pragma
no-cache
cookie
PHPSESSID=ci9idmr2rg8veqc347td548221
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
dahqkw.com
referer
https://dahqkw.com/
:scheme
https
:method
GET
Referer
https://dahqkw.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Nov 2018 15:25:28 GMT
content-encoding
gzip
server
Apache
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie
PHPSESSID=ci9idmr2rg8veqc347td548221; path=/
content-length
578
expires
Thu, 19 Nov 1981 08:52:00 GMT
yl.js
news.zhgrf.cn/baidu/
102 B
516 B
Script
General
Full URL
https://news.zhgrf.cn/baidu/yl.js
Requested by
Host: dahqkw.com
URL: https://dahqkw.com/
Protocol
HTTP/1.1
Security
TLS 1.0, ECDHE_RSA, AES_256_CBC
Server
156.239.112.102 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
64f3d8ec09387641c4f344571e9192c427a8abf170c0f14a8c9dc21f805ab40b

Request headers

Referer
https://dahqkw.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 15:22:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Nov 2018 12:45:02 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"848014de6077d41:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
207
logo.gif
www.ynpxrz.com/images/
Redirect Chain
  • https://dahqkw.com/images/logo.gif
  • http://www.ynpxrz.com/images/logo.gif
3 KB
3 KB
Image
General
Full URL
http://www.ynpxrz.com/images/logo.gif
Requested by
Host: dahqkw.com
URL: https://dahqkw.com/
Protocol
HTTP/1.1
Server
47.96.25.222 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
bb4234cf0130ff8303617af173d1040083da86a9bfd1069c262f6749de1f4de7

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
www.ynpxrz.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 15:23:22 GMT
Last-Modified
Mon, 01 Aug 2016 02:14:51 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"6034777c9aebd11:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
2771

Redirect headers

pragma
no-cache
date
Fri, 16 Nov 2018 15:25:28 GMT
content-encoding
gzip
server
Apache
status
302
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
content-type
image/jpeg; charset=UTF-8
location
http://www.ynpxrz.com/images/logo.gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
22
expires
Thu, 19 Nov 1981 08:52:00 GMT
logo.gif
www.ynpxrz.com/pic/
Redirect Chain
  • https://dahqkw.com/pic/logo.gif
  • http://www.ynpxrz.com/pic/logo.gif
3 KB
3 KB
Image
General
Full URL
http://www.ynpxrz.com/pic/logo.gif
Requested by
Host: dahqkw.com
URL: https://dahqkw.com/
Protocol
HTTP/1.1
Server
47.96.25.222 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
bb4234cf0130ff8303617af173d1040083da86a9bfd1069c262f6749de1f4de7

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
www.ynpxrz.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 15:23:21 GMT
Last-Modified
Mon, 01 Aug 2016 02:15:45 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"4f5abf9c9aebd11:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
2771

Redirect headers

pragma
no-cache
date
Fri, 16 Nov 2018 15:25:28 GMT
content-encoding
gzip
server
Apache
status
302
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
content-type
image/jpeg; charset=UTF-8
location
http://www.ynpxrz.com/pic/logo.gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
22
expires
Thu, 19 Nov 1981 08:52:00 GMT
sydwjc.jpg
www.ynpxrz.com/images/adv/
Redirect Chain
  • https://dahqkw.com/images/adv/sydwjc.jpg
  • http://www.ynpxrz.com/images/adv/sydwjc.jpg
6 KB
6 KB
Image
General
Full URL
http://www.ynpxrz.com/images/adv/sydwjc.jpg
Requested by
Host: dahqkw.com
URL: https://dahqkw.com/
Protocol
HTTP/1.1
Server
47.96.25.222 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
0199c93b2e963a7a4a35fa8478d9ff18c3fe87718afc78b1c8033b85a49ec6ea

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
www.ynpxrz.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 15:23:23 GMT
Last-Modified
Mon, 21 Nov 2016 08:51:25 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"a08b2271d443d21:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
5644

Redirect headers

pragma
no-cache
date
Fri, 16 Nov 2018 15:25:30 GMT
content-encoding
gzip
server
Apache
status
302
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
content-type
image/jpeg; charset=UTF-8
location
http://www.ynpxrz.com/images/adv/sydwjc.jpg
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
22
expires
Thu, 19 Nov 1981 08:52:00 GMT
19732945.js
js.users.51.la/
5 KB
6 KB
Script
General
Full URL
https://js.users.51.la/19732945.js
Requested by
Host: news.zhgrf.cn
URL: https://news.zhgrf.cn/baidu/yl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.243.212.50 Beijing, China, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
671120e245d1b972c03ff3f4cd4375e51985e186a494bd1cdb50572ecee5162b

Request headers

Referer
https://dahqkw.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-id
19732945
id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSRX29156UmDyzcqg2X/5mn+MKmj8QCA
Last-Modified
Thu Nov 08 20:43:18 CST 2018
Server
nginx/1.14.0
Age
17325
ETag
"eb52e1f0a0483c10c90e9781dbcc20cb"
Content-Type
application/javascript;charset=UTF-8
version-id
G0011166F35927F5FFFF900700827712
Date
Fri, 16 Nov 2018 15:23:23 GMT
Content-Disposition
inline;filename=f.txt
Connection
keep-alive
request-id
000001671C163B289047330AE0BB857C
x-reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Content-Length
5207
X-Via
1.1 lsh80:7 (Cdn Cache Server V2.0)[201 200 2], 1.1 lsh188:7 (Cdn Cache Server V2.0)[0 200 0]
go1
ia.51.la/
0
262 B
Image
General
Full URL
https://ia.51.la/go1?id=19732945&rt=1542381803173&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%25BE%25B3%25E9%2597%25A8%25E8%25B5%258C%25E5%259C%25BA%25E5%25BC%2580%25E4%25B8%259A%25E4%25BA%2586%252C%25E7%259B%25B8%25E4%25BF%25A1%25E5%25BE%2588%25E5%25A4%259A%25E5%25B0%258F%25E4%25BC%2599%25E4%25BC%25B4%25E9%2583%25BD%25E5%2590%25AC%25E8%25BF%2587%25E8%25BF%2599%25E6%25A0%25B7%25E7%259A%2584%25E5%25B9%25BF%25E5%2591%258A%25E8%25AF%258D%252C%25E4%25BD%2586%25E6%2598%25AF%25E8%25B5%258C%25E5%258D%259A%25E6%25AF%2595&ing=1&ekc=&sid=1542381803173&tt=%25E6%25BE%25B3%25E9%2597%25A8%25E7%259C%259F%25E4%25BA%25BA%25E8%25B5%258C%25E5%259C%25BA%25E7%25BD%2591%25E5%259D%2580-%25E2%2580%25BB%25E5%2594%25AF%25E4%25B8%2580%25E5%25AE%2598%25E7%25BD%2591&kw=%25E6%25BE%25B3%25E9%2597%25A8%25E7%259C%259F%25E4%25BA%25BA%25E8%25B5%258C%25E5%259C%25BA%25E7%25BD%2591%25E5%259D%2580&cu=https%253A%252F%252Fdahqkw.com%252F&pu=
Requested by
Host: dahqkw.com
URL: https://dahqkw.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
183.131.207.78 Jinhua, China, ASN136190 (CHINATELECOM-YUNNAN-DALI-MAN DaLi, CN),
Reverse DNS
Software
HuaweiCloudWAF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dahqkw.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 15:23:25 GMT
Server
HuaweiCloudWAF
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
hm.js
hm.baidu.com/
24 KB
9 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?4f643b1bed1b7877882f11df6638e800
Requested by
Host: dahqkw.com
URL: https://dahqkw.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
7cbfd29c7269c9e66a2bc3e58355ceb6264f9829aa15be77762f0e91b07453ed
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://dahqkw.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 15:23:24 GMT
Content-Encoding
gzip
Server
apache
Etag
3393ec14b3570ab138790f3beef194fb
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
9195
push.js
zz.bdstatic.com/linksubmit/
308 B
490 B
Script
General
Full URL
https://zz.bdstatic.com/linksubmit/push.js
Requested by
Host: dahqkw.com
URL: https://dahqkw.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.221.109.31 Jinan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212

Request headers

Referer
https://dahqkw.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 16 Nov 2018 15:23:24 GMT
content-encoding
gzip
ohc-response-time
1 0 0 0 0 0
last-modified
Thu, 30 Aug 2018 07:24:35 GMT
server
JSP3/2.0.14
age
22
etag
"384b7c1-134-574a1f78812c0"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
254
bullet.gif
www.ynpxrz.com/images/
Redirect Chain
  • https://dahqkw.com/images/bullet.gif
  • http://www.ynpxrz.com/images/bullet.gif
49 B
294 B
Image
General
Full URL
http://www.ynpxrz.com/images/bullet.gif
Requested by
Host: dahqkw.com
URL: https://dahqkw.com/
Protocol
HTTP/1.1
Server
47.96.25.222 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e6d1ef788ed1dca57e4009a5a1a61abec2bbc448b787a5ac765c0168dafb941c

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
www.ynpxrz.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 15:23:23 GMT
Last-Modified
Fri, 21 Jan 2011 19:15:40 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"01654979fb9cb1:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
49

Redirect headers

pragma
no-cache
date
Fri, 16 Nov 2018 15:25:31 GMT
content-encoding
gzip
server
Apache
status
302
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
content-type
image/jpeg; charset=UTF-8
location
http://www.ynpxrz.com/images/bullet.gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
22
expires
Thu, 19 Nov 1981 08:52:00 GMT
diandian.jpg
www.ynpxrz.com/images/
Redirect Chain
  • https://dahqkw.com/images/diandian.jpg
  • http://www.ynpxrz.com/images/diandian.jpg
378 B
626 B
Image
General
Full URL
http://www.ynpxrz.com/images/diandian.jpg
Requested by
Host: dahqkw.com
URL: https://dahqkw.com/
Protocol
HTTP/1.1
Server
47.96.25.222 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ed164fcf349f3cdcce540d03643f207af1c1a9bd9ce15114e0b76b48395f31f1

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
www.ynpxrz.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 15:23:23 GMT
Last-Modified
Tue, 29 Nov 2016 01:56:20 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"432aabc7e349d21:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
378

Redirect headers

pragma
no-cache
date
Fri, 16 Nov 2018 15:25:31 GMT
content-encoding
gzip
server
Apache
status
302
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
content-type
image/jpeg; charset=UTF-8
location
http://www.ynpxrz.com/images/diandian.jpg
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
22
expires
Thu, 19 Nov 1981 08:52:00 GMT
inputbg.gif
www.ynpxrz.com/images/
Redirect Chain
  • https://dahqkw.com/images/inputbg.gif
  • http://www.ynpxrz.com/images/inputbg.gif
222 B
468 B
Image
General
Full URL
http://www.ynpxrz.com/images/inputbg.gif
Requested by
Host: dahqkw.com
URL: https://dahqkw.com/
Protocol
HTTP/1.1
Server
47.96.25.222 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
b220b606ea41a16ddbff61e2d1dca0d9963d6bb778327ad9c4f064c8fd1b1d73

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
www.ynpxrz.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 15:23:23 GMT
Last-Modified
Fri, 21 Jan 2011 19:15:42 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"04385989fb9cb1:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
222

Redirect headers

pragma
no-cache
date
Fri, 16 Nov 2018 15:25:31 GMT
content-encoding
gzip
server
Apache
status
302
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
content-type
image/jpeg; charset=UTF-8
location
http://www.ynpxrz.com/images/inputbg.gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
22
expires
Thu, 19 Nov 1981 08:52:00 GMT
zj.jpg
www.ynpxrz.com/zhengjiling/
Redirect Chain
  • https://dahqkw.com/zhengjiling/zj.jpg
  • http://www.ynpxrz.com/zhengjiling/zj.jpg
57 KB
57 KB
Image
General
Full URL
http://www.ynpxrz.com/zhengjiling/zj.jpg
Requested by
Host: dahqkw.com
URL: https://dahqkw.com/
Protocol
HTTP/1.1
Server
47.96.25.222 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
9f4e34953fed2b3bcdc360dcf4f1df900ae0d44a538d71ad941f2544e50119ff

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
www.ynpxrz.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 15:23:24 GMT
Last-Modified
Mon, 24 Jul 2017 06:37:03 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"3073e43474d31:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
58627

Redirect headers

pragma
no-cache
date
Fri, 16 Nov 2018 15:25:31 GMT
content-encoding
gzip
server
Apache
status
302
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
content-type
image/jpeg; charset=UTF-8
location
http://www.ynpxrz.com/zhengjiling/zj.jpg
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
22
expires
Thu, 19 Nov 1981 08:52:00 GMT
top.gif
www.ynpxrz.com/images/
Redirect Chain
  • https://dahqkw.com/images/top.gif
  • http://www.ynpxrz.com/images/top.gif
561 B
807 B
Image
General
Full URL
http://www.ynpxrz.com/images/top.gif
Requested by
Host: dahqkw.com
URL: https://dahqkw.com/
Protocol
HTTP/1.1
Server
47.96.25.222 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
7a7011a6d1bfb69cd29454bffdcc991f8e350f2ebb3c8bd793709ba1c0d53152

Request headers

Accept
image/webp,image/apng,image/*,*/*;q=0.8
Pragma
no-cache
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
www.ynpxrz.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 16 Nov 2018 15:23:24 GMT
Last-Modified
Fri, 21 Jan 2011 19:15:52 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0247b9e9fb9cb1:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
561

Redirect headers

pragma
no-cache
date
Fri, 16 Nov 2018 15:25:31 GMT
content-encoding
gzip
server
Apache
status
302
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
content-type
image/jpeg; charset=UTF-8
location
http://www.ynpxrz.com/images/top.gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
22
expires
Thu, 19 Nov 1981 08:52:00 GMT
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1807080490&si=4f643b1bed1b7877882f11df6638e800&v=1.2.35&lv=1&ct=!!&tt=%E6%BE%B3%E9%97%A8%E7%9C%9F%E4%BA%BA%E8%B5%8C%E5%9C%BA%E7%BD%91%E5%9D%80-%E2%80%BB%E5%94%AF%E4%B8%80%E5%AE%98%E7%BD%91&sn=15580
Requested by
Host: dahqkw.com
URL: https://dahqkw.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://dahqkw.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Nov 2018 15:23:24 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
error.html
www.baidu.com/search/
Redirect Chain
  • https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://dahqkw.com/
  • https://www.baidu.com/search/error.html
0
4 KB
Image
General
Full URL
https://www.baidu.com/search/error.html
Requested by
Host: dahqkw.com
URL: https://dahqkw.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.39 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dahqkw.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Expires
Sat, 17 Nov 2018 15:23:27 GMT
Cache-Control
max-age=86400
Last-Modified
Wed, 22 Aug 2018 07:54:54 GMT
Content-Type
text/html

Redirect headers

Location
https://www.baidu.com/search/error.html
Date
Fri, 16 Nov 2018 15:23:26 GMT
Server
apache
Content-Length
0
Content-Type
text/plain; charset=utf-8
hm.gif
hm.baidu.com/
43 B
499 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=%7B%22netAll%22%3A1263%2C%22netDns%22%3A213%2C%22netTcp%22%3A523%2C%22srv%22%3A362%2C%22dom%22%3A4307%2C%22loadEvent%22%3A17609%7D&et=87&ja=0&ln=en-us&lo=0&rnd=737014736&si=4f643b1bed1b7877882f11df6638e800&v=1.2.35&lv=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://dahqkw.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Nov 2018 15:23:37 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
private, max-age=0, no-cache
Content-Type
image/gif
Content-Length
43

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| V_PATH function| getCookie function| $ function| jQuery object| _hmt boolean| _bdhm_loaded_4f643b1bed1b7877882f11df6638e800 object| mini_tangram_log_ym96jh object| mini_tangram_log_66n58u

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dahqkw.com
hm.baidu.com
ia.51.la
js.users.51.la
news.zhgrf.cn
sp0.baidu.com
www.baidu.com
www.ynpxrz.com
zz.bdstatic.com
103.235.46.191
103.235.46.39
156.239.112.102
183.131.207.78
220.243.212.50
27.221.109.31
45.197.80.240
47.96.25.222
0199c93b2e963a7a4a35fa8478d9ff18c3fe87718afc78b1c8033b85a49ec6ea
120fd57dff91f12b12554cb217fe8f42472335b098b338d3e61dfbfad969dde8
64f3d8ec09387641c4f344571e9192c427a8abf170c0f14a8c9dc21f805ab40b
671120e245d1b972c03ff3f4cd4375e51985e186a494bd1cdb50572ecee5162b
67ee85246f0baec334e4686d2f9bcba9ae56f029d020fd5c89a6e0fef12ba5d5
68bd91fb3702fca42f337bb3234dc1c4b08a5363bd62dad071b1d039d8edc589
7a7011a6d1bfb69cd29454bffdcc991f8e350f2ebb3c8bd793709ba1c0d53152
7cbfd29c7269c9e66a2bc3e58355ceb6264f9829aa15be77762f0e91b07453ed
9f4e34953fed2b3bcdc360dcf4f1df900ae0d44a538d71ad941f2544e50119ff
b220b606ea41a16ddbff61e2d1dca0d9963d6bb778327ad9c4f064c8fd1b1d73
bb4234cf0130ff8303617af173d1040083da86a9bfd1069c262f6749de1f4de7
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
db95607df0c3e92565420a239492b551832be6c63b740b2c6d0fce82a07c4541
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d1ef788ed1dca57e4009a5a1a61abec2bbc448b787a5ac765c0168dafb941c
ed164fcf349f3cdcce540d03643f207af1c1a9bd9ce15114e0b76b48395f31f1