urlscan.io logo urlscan.io
SecurityTrails logo

026073.1k1t.ac.cn Open in urlscan Pro
164.155.235.239  Public Scan

Go To Rescan Add Verdict Report
URL: http://026073.1k1t.ac.cn/
Submission Tags: cascn
Submission: On February 16 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 31 HTTP transactions. The main IP is 164.155.235.239, located in Chicago, United States and belongs to PEGTECHINC, US. The main domain is 026073.1k1t.ac.cn.
This is the only time 026073.1k1t.ac.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 164.155.235.239 54600 (PEGTECHINC)
4 103.235.46.191 55967 (BAIDU Bei...)
21 155.159.120.41 137951 (CLAYERLIM...)
31 4
Apex Domain
Subdomains		 Transfer
21 h9jh25.com
h9jh25.com
346 KB
4 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 9019
28 KB
2 1k1t.ac.cn
026073.1k1t.ac.cn
1 KB
0 bootstrapcdn.com Failed
netdna.bootstrapcdn.com Failed
31 4
Domain Requested by
21 h9jh25.com 026073.1k1t.ac.cn
h9jh25.com
4 hm.baidu.com 026073.1k1t.ac.cn
h9jh25.com
2 026073.1k1t.ac.cn 026073.1k1t.ac.cn
0 netdna.bootstrapcdn.com Failed h9jh25.com
31 4

This site contains no links.

Subject Issuer Validity Valid
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2021-07-01 -
2022-08-02		 a year crt.sh
h9jh25.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-09 -
2023-01-09		 a year crt.sh

This page contains 2 frames:

Primary Page: http://026073.1k1t.ac.cn/
Frame ID: EC5E39A72B5D0B5EA83F3A3A3BAAAAE1
Requests: 4 HTTP requests in this frame

Frame: https://h9jh25.com/
Frame ID: 28CC60922D3E699E034829178EE7968A
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

81 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

376 kB
Transfer

538 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
026073.1k1t.ac.cn/ 		55 B
313 B 		Document
General
Check archive.org
Download Go to
Full URL
http://026073.1k1t.ac.cn/
Protocol
HTTP/1.1
Server
164.155.235.239 Chicago, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx / PHP/7.2.34
Resource Hash
0ff424d3fd0b1f14973bae2a82f4a3bac6ae7bfaf7f7366a953d2e5cdc2f8fef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Wed, 16 Feb 2022 23:13:50 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.2.34
Content-Encoding
gzip
888.js
026073.1k1t.ac.cn/ 		888 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://026073.1k1t.ac.cn/888.js
Requested by
Host: 026073.1k1t.ac.cn
URL: http://026073.1k1t.ac.cn/
Protocol
HTTP/1.1
Server
164.155.235.239 Chicago, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx /
Resource Hash
5c5a1e15bd34342fff243b6588cd39296dcb17b2abbfa2194779de1e952f02b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://026073.1k1t.ac.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 23:13:50 GMT
Last-Modified
Sun, 09 Jan 2022 12:46:34 GMT
Server
nginx
ETag
"61dad92a-378"
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
888
Expires
Thu, 17 Feb 2022 11:13:50 GMT
hm.js
hm.baidu.com/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?c5bece2105df03b12e4a0b4222c3d90d
Requested by
Host: 026073.1k1t.ac.cn
URL: http://026073.1k1t.ac.cn/888.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
f1d7b402106c789bddca6374227775ea9a6fd28638ed5afad2044341060cf4ca
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://026073.1k1t.ac.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 23:13:51 GMT
Content-Encoding
gzip
Server
apache
Etag
2c1de4027c20ecd022346ff48b9f4792
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
13739
/
h9jh25.com/ Frame 28CC 		41 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h9jh25.com/
Requested by
Host: 026073.1k1t.ac.cn
URL: http://026073.1k1t.ac.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.120.41 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
visit.keznews.com
Software
nginx / PHP/7.3.23
Resource Hash
047bcc091cda8698c53db6c6005edcb60da0d7a951ae1288b6727de99e7aa872

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://026073.1k1t.ac.cn/

Response headers

server
nginx
date
Wed, 16 Feb 2022 23:13:51 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.23
content-encoding
gzip
style.css
h9jh25.com/static/css/ Frame 28CC 		24 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://h9jh25.com/static/css/style.css?v=1.4
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.120.41 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
visit.keznews.com
Software
nginx /
Resource Hash
a5ed2376e74e5a891689c22d2eb835303d135116b7117b7ef8f81908bbe2cbdc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://h9jh25.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 23:13:51 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 05:35:07 GMT
server
nginx
etag
W/"60c1a48b-614b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Thu, 17 Feb 2022 11:13:51 GMT
layer.css
h9jh25.com/static/need/ Frame 28CC 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://h9jh25.com/static/need/layer.css
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.120.41 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
visit.keznews.com
Software
nginx /
Resource Hash
f4a140cd63cb97f6fd465fe4aad0dc701037675e824e461eabbf627f82cb1d03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://h9jh25.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 23:13:51 GMT
content-encoding
gzip
last-modified
Fri, 01 Nov 2019 07:45:06 GMT
server
nginx
etag
W/"5dbbe282-dba"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Thu, 17 Feb 2022 11:13:51 GMT
jquery.min.js
h9jh25.com/static/assert/js/ Frame 28CC 		91 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h9jh25.com/static/assert/js/jquery.min.js
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.120.41 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
visit.keznews.com
Software
nginx /
Resource Hash
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://h9jh25.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 23:13:51 GMT
content-encoding
gzip
last-modified
Fri, 01 Nov 2019 10:08:38 GMT
server
nginx
etag
W/"5dbc0426-16dc5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 17 Feb 2022 11:13:51 GMT
clipboard.min.js
h9jh25.com/static/js/ Frame 28CC 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h9jh25.com/static/js/clipboard.min.js
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.120.41 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
visit.keznews.com
Software
nginx /
Resource Hash
848bc8c5eaa119917e55578ce79934989bd6a50ea04e45a4dc499cf8d9a8c180

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://h9jh25.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 23:13:51 GMT
content-encoding
gzip
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
nginx
etag
W/"1dc09d84-29a6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 17 Feb 2022 11:13:51 GMT
wxjsa.js
h9jh25.com/static/js/ Frame 28CC 		1 KB
878 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h9jh25.com/static/js/wxjsa.js?v=1548396077
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.120.41 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
visit.keznews.com
Software
nginx /
Resource Hash
06b20191fb38886031cec97cdc5ed6031c3f2f62c21dce6d001e586e69f35f33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://h9jh25.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 23:13:51 GMT
content-encoding
gzip
last-modified
Mon, 27 Dec 2021 13:52:31 GMT
server
nginx
etag
W/"61c9c51f-466"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 17 Feb 2022 11:13:51 GMT
banner2.jpg
h9jh25.com/static/picture/ Frame 28CC 		190 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h9jh25.com/static/picture/banner2.jpg?v=1.0
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.120.41 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
visit.keznews.com
Software
nginx /
Resource Hash
09d3f31711bf9868f647e0632a2c0587658cabd814b991f2fbedb77d097c57e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://h9jh25.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 23:13:51 GMT
last-modified
Thu, 25 Feb 2021 12:49:29 GMT
server
nginx
etag
"60379cd9-2f999"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
194969
expires
Fri, 18 Mar 2022 23:13:51 GMT
close.png
h9jh25.com/static/img/ Frame 28CC 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h9jh25.com/static/img/close.png
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.120.41 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
visit.keznews.com
Software
nginx /
Resource Hash
6e2c7f9eab7763112ac9529238799eab8357e5358ba8a1fce59e59e5aa576fb1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://h9jh25.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 23:13:51 GMT
last-modified
Tue, 24 Dec 2019 09:19:26 GMT
server
nginx
etag
"5e01d81e-478"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1144
expires
Fri, 18 Mar 2022 23:13:51 GMT
common.js
h9jh25.com/static/js/ Frame 28CC 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h9jh25.com/static/js/common.js
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.120.41 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
visit.keznews.com
Software
nginx /
Resource Hash
7512787398eb77cdf72103c0ab7e3b3c155f416b900dc02e235bab9221f0f27f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://h9jh25.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 23:13:51 GMT
content-encoding
gzip
last-modified
Tue, 28 Apr 2020 08:50:12 GMT
server
nginx
etag
W/"5ea7ee44-16d7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 17 Feb 2022 11:13:51 GMT
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 28CC 		0
0
hm.js
hm.baidu.com/ Frame 28CC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?d0a29ebe4eb855d889373d1b5bdc9390
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
1f6f39cca0faa998c93c9c94be62a065d3f1df4760f908cb612e1cec7ac79ffd
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://h9jh25.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 23:13:52 GMT
Content-Encoding
gzip
Server
apache
Etag
344c70a0317499c3f72f1e86bba7191f
Strict-Transport-Security
max-age=172800
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
13736
kjls.png
h9jh25.com/static/img/ Frame 28CC 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h9jh25.com/static/img/kjls.png
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/static/css/style.css?v=1.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.120.41 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
visit.keznews.com
Software
nginx /
Resource Hash
1fdb8ae3149fa29aed2431bdda7031423944f1b099d25782be6aba759ce3bc16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://h9jh25.com/static/css/style.css?v=1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 23:13:51 GMT
last-modified
Wed, 06 Nov 2019 02:59:32 GMT
server
nginx
etag
"5dc23714-9af"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2479
expires
Fri, 18 Mar 2022 23:13:51 GMT
zst.png
h9jh25.com/static/img/ Frame 28CC 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h9jh25.com/static/img/zst.png
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/static/css/style.css?v=1.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.120.41 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
visit.keznews.com
Software
nginx /
Resource Hash
77f23458703b89d35e8fa75e2625e43a03f40f26fff42a7950bc9ffdeb143d16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://h9jh25.com/static/css/style.css?v=1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 23:13:51 GMT
last-modified
Wed, 06 Nov 2019 02:59:40 GMT
server
nginx
etag
"5dc2371c-9c7"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2503
expires
Fri, 18 Mar 2022 23:13:51 GMT
cl.png
h9jh25.com/static/img/ Frame 28CC 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h9jh25.com/static/img/cl.png
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/static/css/style.css?v=1.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.120.41 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
visit.keznews.com
Software
nginx /
Resource Hash
b37ea90f4bad71cb753e6dfb4f0c5ab50285e0423df727eab70349f38b9701ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://h9jh25.com/static/css/style.css?v=1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 23:13:51 GMT
last-modified
Fri, 20 Mar 2020 01:16:12 GMT
server
nginx
etag
"5e74195c-1a23"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6691
expires
Fri, 18 Mar 2022 23:13:51 GMT
yhhd.png
h9jh25.com/static/img/ Frame 28CC 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h9jh25.com/static/img/yhhd.png
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/static/css/style.css?v=1.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.120.41 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
visit.keznews.com
Software
nginx /
Resource Hash
c2c5e0b60f4ac0b719501d954078d453ce8f5c29fbe351810e7abf1298434e8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://h9jh25.com/static/css/style.css?v=1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 23:13:51 GMT
last-modified
Fri, 20 Mar 2020 01:59:58 GMT
server
nginx
etag
"5e74239e-18b5"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6325
expires
Fri, 18 Mar 2022 23:13:51 GMT
truncated
/ Frame 28CC 		690 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27c79a4b7160a2308740c533ccfab57441edefae4e74b60137f9cc174613efc1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
bjpknum.png
h9jh25.com/static/img/ Frame 28CC 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h9jh25.com/static/img/bjpknum.png
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/static/css/style.css?v=1.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.120.41 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
visit.keznews.com
Software
nginx /
Resource Hash
7cc22ceb5f84a9dfe32b95adf7ca12e7b38c59a0a8411f781f6b8a99ca0157d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://h9jh25.com/static/css/style.css?v=1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 23:13:51 GMT
last-modified
Sun, 10 Nov 2019 05:58:34 GMT
server
nginx
etag
"5dc7a70a-742c"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
29740
expires
Fri, 18 Mar 2022 23:13:51 GMT
icomoon.ttf
h9jh25.com/static/iconmoon/ Frame 28CC 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://h9jh25.com/static/iconmoon/icomoon.ttf
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/static/css/style.css?v=1.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.120.41 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
visit.keznews.com
Software
nginx /
Resource Hash
03daea2189b7d74349b9b94cea9bcfab06ce8dab9551f8ed35f64fe621f6c171

Request headers

Referer
https://h9jh25.com/static/css/style.css?v=1.4
Origin
https://h9jh25.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 23:13:51 GMT
last-modified
Sat, 09 Nov 2019 16:06:54 GMT
server
nginx
accept-ranges
bytes
etag
"5dc6e41e-ba18"
content-length
47640
content-type
application/octet-stream
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=708540756&si=c5bece2105df03b12e4a0b4222c3d90d&v=1.2.90&lv=1&sn=59197&r=0&ww=1600&ct=!!&u=http%3A%2F%2F026073.1k1t.ac.cn%2F
Requested by
Host: 026073.1k1t.ac.cn
URL: http://026073.1k1t.ac.cn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://026073.1k1t.ac.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 23:13:52 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ Frame 28CC 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=924460869&si=d0a29ebe4eb855d889373d1b5bdc9390&su=http%3A%2F%2F026073.1k1t.ac.cn%2F&v=1.2.90&lv=1&sn=59198&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fh9jh25.com%2F&tt=%E7%BA%A29%E5%9B%A2%E9%98%9F%E8%AE%A1%E5%88%92%E7%BD%91
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://h9jh25.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 23:13:53 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
/
h9jh25.com/getLottery/res_info/ Frame 28CC 		4 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h9jh25.com/getLottery/res_info/?type=138
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/static/assert/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.120.41 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
visit.keznews.com
Software
nginx / PHP/7.3.23
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://h9jh25.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 23:13:54 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.23
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
/
h9jh25.com/getLottery/res_info/ Frame 28CC 		4 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h9jh25.com/getLottery/res_info/?type=139
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/static/assert/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.120.41 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
visit.keznews.com
Software
nginx / PHP/7.3.23
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://h9jh25.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 23:13:54 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.23
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
/
h9jh25.com/getLottery/res_info/ Frame 28CC 		4 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h9jh25.com/getLottery/res_info/?type=140
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/static/assert/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.120.41 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
visit.keznews.com
Software
nginx / PHP/7.3.23
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://h9jh25.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 23:13:54 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.23
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
/
h9jh25.com/getLottery/res_info/ Frame 28CC 		4 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h9jh25.com/getLottery/res_info/?type=138
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/static/assert/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.120.41 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
visit.keznews.com
Software
nginx / PHP/7.3.23
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://h9jh25.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 23:13:59 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.23
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
/
h9jh25.com/getLottery/res_info/ Frame 28CC 		4 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h9jh25.com/getLottery/res_info/?type=139
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/static/assert/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.120.41 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
visit.keznews.com
Software
nginx / PHP/7.3.23
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://h9jh25.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 23:13:59 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.23
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
/
h9jh25.com/getLottery/res_info/ Frame 28CC 		4 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h9jh25.com/getLottery/res_info/?type=140
Requested by
Host: h9jh25.com
URL: https://h9jh25.com/static/assert/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.120.41 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
visit.keznews.com
Software
nginx / PHP/7.3.23
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://h9jh25.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 23:13:59 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.23
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
/
h9jh25.com/getLottery/res_info/ Frame 28CC 		0
0
/
h9jh25.com/getLottery/res_info/ Frame 28CC 		0
0
/
h9jh25.com/getLottery/res_info/ Frame 28CC 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
netdna.bootstrapcdn.com
URL
http://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Domain
h9jh25.com
URL
https://h9jh25.com/getLottery/res_info/?type=138
Domain
h9jh25.com
URL
https://h9jh25.com/getLottery/res_info/?type=139
Domain
h9jh25.com
URL
https://h9jh25.com/getLottery/res_info/?type=140

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| _hmt function| moble boolean| _bdhm_loaded_c5bece2105df03b12e4a0b4222c3d90d object| mini_tangram_log_2op0ks

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 56926CB977F98075
.026073.1k1t.ac.cn/ Name: Hm_lvt_c5bece2105df03b12e4a0b4222c3d90d
Value: 1645053232
.026073.1k1t.ac.cn/ Name: Hm_lpvt_c5bece2105df03b12e4a0b4222c3d90d
Value: 1645053232

2 Console Messages

Source Level URL
Text
security error URL: https://h9jh25.com/(Line 9)
Message:
Mixed Content: The page at 'https://h9jh25.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css'. This request has been blocked; the content must be served over HTTPS.
javascript error URL: https://h9jh25.com/(Line 33)
Message:
Unsafe attempt to initiate navigation for frame with URL 'http://026073.1k1t.ac.cn/' from frame with URL 'https://h9jh25.com/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

026073.1k1t.ac.cn
h9jh25.com
hm.baidu.com
netdna.bootstrapcdn.com
h9jh25.com
netdna.bootstrapcdn.com
103.235.46.191
155.159.120.41
164.155.235.239
03daea2189b7d74349b9b94cea9bcfab06ce8dab9551f8ed35f64fe621f6c171
047bcc091cda8698c53db6c6005edcb60da0d7a951ae1288b6727de99e7aa872
06b20191fb38886031cec97cdc5ed6031c3f2f62c21dce6d001e586e69f35f33
09d3f31711bf9868f647e0632a2c0587658cabd814b991f2fbedb77d097c57e4
0ff424d3fd0b1f14973bae2a82f4a3bac6ae7bfaf7f7366a953d2e5cdc2f8fef
1f6f39cca0faa998c93c9c94be62a065d3f1df4760f908cb612e1cec7ac79ffd
1fdb8ae3149fa29aed2431bdda7031423944f1b099d25782be6aba759ce3bc16
27c79a4b7160a2308740c533ccfab57441edefae4e74b60137f9cc174613efc1
5c5a1e15bd34342fff243b6588cd39296dcb17b2abbfa2194779de1e952f02b3
6e2c7f9eab7763112ac9529238799eab8357e5358ba8a1fce59e59e5aa576fb1
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
7512787398eb77cdf72103c0ab7e3b3c155f416b900dc02e235bab9221f0f27f
77f23458703b89d35e8fa75e2625e43a03f40f26fff42a7950bc9ffdeb143d16
7cc22ceb5f84a9dfe32b95adf7ca12e7b38c59a0a8411f781f6b8a99ca0157d9
848bc8c5eaa119917e55578ce79934989bd6a50ea04e45a4dc499cf8d9a8c180
a5ed2376e74e5a891689c22d2eb835303d135116b7117b7ef8f81908bbe2cbdc
b37ea90f4bad71cb753e6dfb4f0c5ab50285e0423df727eab70349f38b9701ae
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
c2c5e0b60f4ac0b719501d954078d453ce8f5c29fbe351810e7abf1298434e8a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
f1d7b402106c789bddca6374227775ea9a6fd28638ed5afad2044341060cf4ca
f4a140cd63cb97f6fd465fe4aad0dc701037675e824e461eabbf627f82cb1d03