teqmedms.loan Open in urlscan Pro
104.252.79.153 Public Scan

URL:
http://teqmedms.loan/
Submission: On April 28 via manual (April 28th 2018, 8:47:25 pm UTC) from ES

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 104.252.79.153, located in San Jose, United States and belongs to EGIHOSTING - EGIHosting, US. The main domain is teqmedms.loan.

This is the only time teqmedms.loan was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	104.252.79.153 104.252.79.153	18779 (EGIHOSTING) (EGIHOSTING - EGIHosting)
4	42.51.199.6 42.51.199.6	56005 (HTU-NET H...) (HTU-NET Henan Telcom Union Technology Co.)
2	111.206.37.189 111.206.37.189	4808 (CHINA169-...) (CHINA169-BJ China Unicom Beijing Province Network)
2	61.147.125.72 61.147.125.72	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
11	4

3 104.252.79.153 (San Jose, United States)

ASN18779 (EGIHOSTING - EGIHosting, US)

teqmedms.loan	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 42.51.199.6 (Zhengzhou, China)

ASN56005 (HTU-NET Henan Telcom Union Technology Co., LTD, CN)
PTR: htuidc.bgp.ip

www.yuxi.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 111.206.37.189 (Beijing, China)

ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)

push.zhanzhang.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.share.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 61.147.125.72 (Nanjing, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

count1.51yes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	yuxi.cn www.yuxi.cn	85 KB
3	teqmedms.loan teqmedms.loan	14 KB
2	51yes.com count1.51yes.com	3 KB
2	baidu.com push.zhanzhang.baidu.com api.share.baidu.com	950 B
11	4

	Domain	Requested by
4	www.yuxi.cn	teqmedms.loan
3	teqmedms.loan	teqmedms.loan
2	count1.51yes.com	teqmedms.loan
1	api.share.baidu.com	teqmedms.loan
1	push.zhanzhang.baidu.com	teqmedms.loan
11	5

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://teqmedms.loan/
Frame ID: FCF4B0DD407368D57811C0D70DA7A374
Requests: 8 HTTP requests in this frame

Frame: http://teqmedms.loan/js/tj/tj.html
Frame ID: 97438F10118291053B7BAB11A9F4F8CD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Win32|Win64/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

11
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

103 kB
Transfer

100 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response teqmedms.loan/	12 KB 12 KB	703ms 372ms	Document text/html	104.252.79.153 EGIHosting
General Check archive.org Show headers Download Go to Full URL http://teqmedms.loan/ Protocol HTTP/1.1 Server 104.252.79.153 San Jose, United States, ASN18779 (EGIHOSTING - EGIHosting, US), Reverse DNS Software Apache/2.4.18 (Win32) OpenSSL/1.0.2e PHP/5.3.29 / PHP/5.3.29 Resource Hash `d9b96c2e67a817452117816b08b5f2d56d36a3aff4ceaa355b9dea07dbcd9145` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host teqmedms.loan Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Cache-Control no-cache Connection keep-alive Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Sat, 28 Apr 2018 20:47:02 GMT Server Apache/2.4.18 (Win32) OpenSSL/1.0.2e PHP/5.3.29 Connection Keep-Alive X-Powered-By PHP/5.3.29 Transfer-Encoding chunked Keep-Alive timeout=5, max=100 Content-Type text/html
GET H/1.1	200 OK	news_style.css www.yuxi.cn/CSS/	13 KB 13 KB	2619ms 350ms	Stylesheet text/css	42.51.199.6 HTU-NET Henan Tel...
General Check archive.org Show headers Download Go to Full URL http://www.yuxi.cn/CSS/news_style.css Requested by Host: teqmedms.loan URL: http://teqmedms.loan/ Protocol HTTP/1.1 Server 42.51.199.6 Zhengzhou, China, ASN56005 (HTU-NET Henan Telcom Union Technology Co., LTD, CN), Reverse DNS htuidc.bgp.ip Software / Resource Hash `73da3d0464d4d25826ee4a8be9a59a6fdc1a843496465a8429a30fe75b4036c8` Request headers Referer http://teqmedms.loan/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Sat, 28 Apr 2018 20:29:31 GMT Last-Modified Fri, 01 Dec 2017 17:01:04 GMT Accept-Ranges bytes ETag "5a218ad0-3327" Content-Length 13095 Content-Type text/css
GET H/1.1	200 OK	common.js Show response teqmedms.loan/common/	970 B 1 KB	154ms 153ms	Script application/javascript	104.252.79.153 EGIHosting
General Check archive.org Show headers Download Go to Full URL http://teqmedms.loan/common/common.js Requested by Host: teqmedms.loan URL: http://teqmedms.loan/ Protocol HTTP/1.1 Server 104.252.79.153 San Jose, United States, ASN18779 (EGIHOSTING - EGIHosting, US), Reverse DNS Software Apache/2.4.18 (Win32) OpenSSL/1.0.2e PHP/5.3.29 / Resource Hash `c222d1bb9e8c6b01c7d2c75189b0dbfcd1aa3735621d45247cb94ea501cba242` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host teqmedms.loan User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Accept / Referer http://teqmedms.loan/ Connection keep-alive Cache-Control no-cache Referer http://teqmedms.loan/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Sat, 28 Apr 2018 20:47:02 GMT Last-Modified Thu, 26 Apr 2018 10:27:19 GMT Server Apache/2.4.18 (Win32) OpenSSL/1.0.2e PHP/5.3.29 ETag "3ca-56abdd50ba02d" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 970
GET H/1.1	200 OK	news_logo.jpg www.yuxi.cn/images/	35 KB 35 KB	2463ms 348ms	Image image/jpeg	42.51.199.6 HTU-NET Henan Tel...
General Check archive.org Show headers Download Go to Show image Full URL http://www.yuxi.cn/images/news_logo.jpg Requested by Host: teqmedms.loan URL: http://teqmedms.loan/ Protocol HTTP/1.1 Server 42.51.199.6 Zhengzhou, China, ASN56005 (HTU-NET Henan Telcom Union Technology Co., LTD, CN), Reverse DNS htuidc.bgp.ip Software / Resource Hash `469018e297f8587da70a12be55ad6b3efe1d92949f25f295f69497e6eee0662b` Request headers Referer http://teqmedms.loan/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Sat, 28 Apr 2018 20:29:31 GMT Last-Modified Sun, 10 Dec 2017 13:44:48 GMT Accept-Ranges bytes ETag "5a2d3a50-8a40" Content-Length 35392 Content-Type image/jpeg
GET H/1.1	200 OK	ssmenu01.jpg www.yuxi.cn/images/	4 KB 4 KB	298ms 297ms	Image image/jpeg	42.51.199.6 HTU-NET Henan Tel...
General Check archive.org Show headers Download Go to Show image Full URL http://www.yuxi.cn/images/ssmenu01.jpg Requested by Host: teqmedms.loan URL: http://teqmedms.loan/ Protocol HTTP/1.1 Server 42.51.199.6 Zhengzhou, China, ASN56005 (HTU-NET Henan Telcom Union Technology Co., LTD, CN), Reverse DNS htuidc.bgp.ip Software / Resource Hash `72bbac99dd1a442aa7f0b14df3a02dba37e65ad7bdea70fe7f191d8a2777872b` Request headers Referer http://teqmedms.loan/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Sat, 28 Apr 2018 20:29:31 GMT Last-Modified Sun, 10 Dec 2017 13:44:59 GMT Accept-Ranges bytes ETag "5a2d3a5b-f74" Content-Length 3956 Content-Type image/jpeg
GET H/1.1	200 OK	rightgg2.gif www.yuxi.cn/images/	33 KB 33 KB	382ms 382ms	Image image/gif	42.51.199.6 HTU-NET Henan Tel...
General Check archive.org Show headers Download Go to Show image Full URL http://www.yuxi.cn/images/rightgg2.gif Requested by Host: teqmedms.loan URL: http://teqmedms.loan/ Protocol HTTP/1.1 Server 42.51.199.6 Zhengzhou, China, ASN56005 (HTU-NET Henan Telcom Union Technology Co., LTD, CN), Reverse DNS htuidc.bgp.ip Software / Resource Hash `bc717f796a5f30453d04156bcf6e1f4da2913c66430cc7ed96f214ce267a6cfb` Request headers Referer http://teqmedms.loan/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Sat, 28 Apr 2018 20:29:31 GMT Last-Modified Sun, 10 Dec 2017 13:44:44 GMT Accept-Ranges bytes ETag "5a2d3a4c-84d0" Content-Length 34000 Content-Type image/gif
GET H/1.1	200 OK	push.js Show response push.zhanzhang.baidu.com/	281 B 752 B	501ms 253ms	Script text/javascript	111.206.37.189 CHINA169-BJ China...
General Check archive.org Show headers Download Go to Full URL http://push.zhanzhang.baidu.com/push.js Requested by Host: teqmedms.loan URL: http://teqmedms.loan/ Protocol HTTP/1.1 Server 111.206.37.189 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN), Reverse DNS Software apache / Resource Hash `674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2` Request headers Referer http://teqmedms.loan/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Sat, 28 Apr 2018 20:47:12 GMT Content-Encoding gzip Last-Modified Wed, 25 Nov 2015 07:46:04 GMT Server apache Etag "4078520125" Vary Accept-Encoding P3p CP=" OTI DSP COR IVA OUR IND COM " Cache-Control max-age=31536000 Accept-Ranges bytes Content-Type text/javascript Content-Length 227 Expires Sun, 28 Apr 2019 20:47:12 GMT
GET H/1.1	200 OK	tj.html Show response teqmedms.loan/js/tj/ Frame 9743	116 B 424 B	158ms 158ms	Document text/html	104.252.79.153 EGIHosting
General Check archive.org Show headers Download Go to Full URL http://teqmedms.loan/js/tj/tj.html Requested by Host: teqmedms.loan URL: http://teqmedms.loan/common/common.js Protocol HTTP/1.1 Server 104.252.79.153 San Jose, United States, ASN18779 (EGIHOSTING - EGIHosting, US), Reverse DNS Software Apache/2.4.18 (Win32) OpenSSL/1.0.2e PHP/5.3.29 / Resource Hash `46037064e9d84a0b0e612815c240d91dc84d14b58418dda7cdf4d65b820692cc` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host teqmedms.loan Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://teqmedms.loan/ Connection keep-alive Cache-Control no-cache Upgrade-Insecure-Requests 1 Referer http://teqmedms.loan/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Sat, 28 Apr 2018 20:47:05 GMT Last-Modified Sun, 01 Apr 2018 16:15:46 GMT Server Apache/2.4.18 (Win32) OpenSSL/1.0.2e PHP/5.3.29 ETag "74-568cbc92d8ff0" Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 116
GET H/1.1	200 OK	click.aspx Show response count1.51yes.com/ Frame 9743	2 KB 2 KB	621ms 233ms	Script text/html	61.147.125.72 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL http://count1.51yes.com/click.aspx?id=15625931&logo=1 Requested by Host: teqmedms.loan URL: http://teqmedms.loan/js/tj/tj.html Protocol HTTP/1.1 Server 61.147.125.72 Nanjing, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `c2fcb5402f1b37ebd4a562cc81685e0cad5f60ea9867880c27f0de2bc095383a` Request headers Referer http://teqmedms.loan/js/tj/tj.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Sat, 28 Apr 2018 20:44:41 GMT Cache-Control private Server Microsoft-IIS/6.0 X-AspNet-Version 1.1.4322 X-Powered-By ASP.NET Content-Length 1773 Content-Type text/html; charset=gb2312
GET H/1.1	200 OK	s.gif api.share.baidu.com/	0 198 B	525ms 278ms	Image image/gif	111.206.37.189 CHINA169-BJ China...
General Check archive.org Show headers Download Go to Show image Full URL http://api.share.baidu.com/s.gif?l=http://teqmedms.loan/ Requested by Host: teqmedms.loan URL: http://teqmedms.loan/ Protocol HTTP/1.1 Server 111.206.37.189 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN), Reverse DNS Software apache / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://teqmedms.loan/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Pragma no-cache Date Sat, 28 Apr 2018 20:47:13 GMT Cache-Control no-cache, no-store, must-revalidate Server apache Content-Type image/gif Content-Length 0 Expires 0
GET H/1.1	200 OK	count1.gif count1.51yes.com/ Frame 9743	715 B 965 B	233ms 231ms	Image image/gif	61.147.125.72 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL http://count1.51yes.com/count1.gif Requested by Host: teqmedms.loan URL: http://teqmedms.loan/js/tj/tj.html Protocol HTTP/1.1 Server 61.147.125.72 Nanjing, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `73aa4e894e995fafc4b7c8a8ce75811fbf2af7da5a0bbf2e3b2a7b8bb1235966` Request headers Referer http://teqmedms.loan/js/tj/tj.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Sat, 28 Apr 2018 20:44:40 GMT Last-Modified Mon, 27 Oct 2014 06:25:30 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "ec4925ceaef1cf1:2f2d" Content-Type image/gif Accept-Ranges bytes Content-Length 715

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| pc_domain string| wap_domain string| tj function| browserRedirect

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.4444765.com/	1970-01-18 15:37:21	Name: cck_count Value: 0
www.4444765.com/	1970-01-18 15:37:21	Name: cck_lasttime Value: 1524948433914
teqmedms.loan/	1970-01-18 15:37:21	Name: cck_count Value: 0
teqmedms.loan/	1970-01-18 15:37:21	Name: cck_lasttime Value: 1524948433258

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.share.baidu.com
count1.51yes.com
push.zhanzhang.baidu.com
teqmedms.loan
www.yuxi.cn
104.252.79.153
111.206.37.189
42.51.199.6
61.147.125.72
46037064e9d84a0b0e612815c240d91dc84d14b58418dda7cdf4d65b820692cc
469018e297f8587da70a12be55ad6b3efe1d92949f25f295f69497e6eee0662b
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
72bbac99dd1a442aa7f0b14df3a02dba37e65ad7bdea70fe7f191d8a2777872b
73aa4e894e995fafc4b7c8a8ce75811fbf2af7da5a0bbf2e3b2a7b8bb1235966
73da3d0464d4d25826ee4a8be9a59a6fdc1a843496465a8429a30fe75b4036c8
bc717f796a5f30453d04156bcf6e1f4da2913c66430cc7ed96f214ce267a6cfb
c222d1bb9e8c6b01c7d2c75189b0dbfcd1aa3735621d45247cb94ea501cba242
c2fcb5402f1b37ebd4a562cc81685e0cad5f60ea9867880c27f0de2bc095383a
d9b96c2e67a817452117816b08b5f2d56d36a3aff4ceaa355b9dea07dbcd9145
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

teqmedms.loan Open in urlscan Pro 104.252.79.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

11 Requests

0 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

4 IPs

2 Countries

103 kBTransfer

100 kBSize

4 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

4 Cookies

Indicators

teqmedms.loan Open in urlscan Pro
104.252.79.153 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

103 kB
Transfer

100 kB
Size

4
Cookies

11 HTTP transactions
0 data transactions