urlscan.io logo urlscan.io
SecurityTrails logo

hegen.fysjbj.com Open in urlscan Pro
168.76.255.148  Public Scan

Go To Rescan Add Verdict Report
URL: http://hegen.fysjbj.com/
Submission: On April 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 168.76.255.148, located in South Africa and belongs to ASLINE-AS-AP ASLINE LIMITED, HK. The main domain is hegen.fysjbj.com.
This is the only time hegen.fysjbj.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 168.76.255.148 137951 (ASLINE-AS...)
1 125.124.136.143 58461 (CT-HANGZH...)
2 111.45.3.198 56040 (CMNET-GUA...)
7 3
Apex Domain
Subdomains		 Transfer
4 fysjbj.com
hegen.fysjbj.com
66 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 10244
12 KB
1 yimaoip.com
p01.yimaoip.com
13 KB
7 3
Domain Requested by
4 hegen.fysjbj.com hegen.fysjbj.com
2 hm.baidu.com hegen.fysjbj.com
1 p01.yimaoip.com hegen.fysjbj.com
7 3
Subject Issuer Validity Valid
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh

This page contains 1 frames:

Primary Page: http://hegen.fysjbj.com/
Frame ID: 166F11CB61F4C4D7D30A311AA0926CFB
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

和县憨小二餐饮店

Page URL History Show full URLs

  1. http://hegen.fysjbj.com/ HTTP 307
    https://hegen.fysjbj.com/ HTTP 307
    http://hegen.fysjbj.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Page Statistics

7
Requests

29 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

90 kB
Transfer

111 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hegen.fysjbj.com/ HTTP 307
    https://hegen.fysjbj.com/ HTTP 307
    http://hegen.fysjbj.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hegen.fysjbj.com/
Redirect Chain
  • http://hegen.fysjbj.com/
  • https://hegen.fysjbj.com/
  • http://hegen.fysjbj.com/
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://hegen.fysjbj.com/
Protocol
HTTP/1.1
Server
168.76.255.148 , South Africa, ASN137951 (ASLINE-AS-AP ASLINE LIMITED, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / PHP/5.3.28
Resource Hash
178910f0db2bf4ac4122e4e79533d3cd85216d73af13082f369cb3c44f018782

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache
Content-Encoding
gzip
Content-Length
4090
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Apr 2024 23:12:44 GMT
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-Powered-By
PHP/5.3.28

Redirect headers

Location
http://hegen.fysjbj.com/
Non-Authoritative-Reason
HttpsUpgrades
css.css
hegen.fysjbj.com/tp/0/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://hegen.fysjbj.com/tp/0/css/css.css
Requested by
Host: hegen.fysjbj.com
URL: http://hegen.fysjbj.com/
Protocol
HTTP/1.1
Server
168.76.255.148 , South Africa, ASN137951 (ASLINE-AS-AP ASLINE LIMITED, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
093c09f6595dda8254ddee92d38bd7b850f45e8d920eb3a65d86c45e39d51445

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://hegen.fysjbj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Tue, 23 Apr 2024 23:12:44 GMT
Content-Encoding
gzip
Last-Modified
Sat, 13 May 2023 07:15:05 GMT
Server
Microsoft-IIS/8.5
ETag
"4f6c1ba46a85d91:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
884
100548706.jpg
p01.yimaoip.com/100/100548/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p01.yimaoip.com/100/100548/100548706.jpg
Requested by
Host: hegen.fysjbj.com
URL: http://hegen.fysjbj.com/
Protocol
HTTP/1.1
Server
125.124.136.143 Hangzhou, China, ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
b6d0ade61691af06c544155ff7452fa26be88fa4880ef66fe61022edea36091a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://hegen.fysjbj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Tue, 23 Apr 2024 23:03:09 GMT
Last-Modified
Fri, 04 Feb 2022 19:50:10 GMT
Server
Microsoft-IIS/7.5
Accept-Ranges
bytes
ETag
"ee141b6b01ad81:0"
Content-Length
12969
Content-Type
image/jpeg
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?321f91faac892ca02fb684d9722b6c07
Requested by
Host: hegen.fysjbj.com
URL: http://hegen.fysjbj.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
34ee0ffd7c07a4e1b7bafe0cbeb25959319b4b85dd931a494c70de38ef34d3fc
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
http://hegen.fysjbj.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 23 Apr 2024 23:12:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
6cc6db7126e65c97c01037efdca218f6
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11256
index.jpg
hegen.fysjbj.com/tp/0/img/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hegen.fysjbj.com/tp/0/img/index.jpg
Requested by
Host: hegen.fysjbj.com
URL: http://hegen.fysjbj.com/
Protocol
HTTP/1.1
Server
168.76.255.148 , South Africa, ASN137951 (ASLINE-AS-AP ASLINE LIMITED, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
9e00bde603472e2073dc11f6a88b43187a453754de8163ed48f7bda9d3007e44

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://hegen.fysjbj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Tue, 23 Apr 2024 23:12:45 GMT
Last-Modified
Sat, 13 May 2023 07:12:46 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"90a872516a85d91:0"
Content-Length
57014
Content-Type
image/jpeg
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=1187618966&si=321f91faac892ca02fb684d9722b6c07&v=1.3.0&lv=1&sn=42657&r=0&ww=1600&u=http%3A%2F%2Fhegen.fysjbj.com%2F&tt=%E5%92%8C%E5%8E%BF%E6%86%A8%E5%B0%8F%E4%BA%8C%E9%A4%90%E9%A5%AE%E5%BA%97
Requested by
Host: hegen.fysjbj.com
URL: http://hegen.fysjbj.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
http://hegen.fysjbj.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 23 Apr 2024 23:12:57 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
favicon.ico
hegen.fysjbj.com/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://hegen.fysjbj.com/favicon.ico
Protocol
HTTP/1.1
Server
168.76.255.148 , South Africa, ASN137951 (ASLINE-AS-AP ASLINE LIMITED, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
340323ba0cdc7b00f7281a0f8687f49461f2d043546393cb632536ba8d81a2c1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://hegen.fysjbj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Tue, 23 Apr 2024 23:12:46 GMT
Last-Modified
Mon, 29 May 2023 03:58:25 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"aed8ad1e191d91:0"
Content-Length
4286
Content-Type
image/x-icon

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _hmt boolean| _bdhm_loaded_321f91faac892ca02fb684d9722b6c07 object| mini_tangram_log_p51h4j

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: FF0268FC5429418F
.hegen.fysjbj.com/ Name: Hm_lvt_321f91faac892ca02fb684d9722b6c07
Value: 1713913977
.hegen.fysjbj.com/ Name: Hm_lpvt_321f91faac892ca02fb684d9722b6c07
Value: 1713913977

2 Console Messages

Source Level URL
Text
other warning URL: http://hegen.fysjbj.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://hegen.fysjbj.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.