www.guxinlei.com Open in urlscan Pro
2606:4700:30::681b:aec0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://guxinlei.com/
Effective URL:
http://www.guxinlei.com/
Submission: On December 28 via api (December 28th 2018, 9:55:29 am UTC) from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 2606:4700:30::681b:aec0, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.guxinlei.com.

This is the only time www.guxinlei.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:30:... 2606:4700:30::681b:afc0	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2606:4700:30:... 2606:4700:30::681b:aec0	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	220.243.212.50 220.243.212.50	54994 (QUANTILNE...) (QUANTILNETWORKS - QUANTIL NETWORKS INC)
1	103.235.46.191 103.235.46.191	55967 (CNNIC-BAI...) (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co.)
1	2606:4700:30:... 2606:4700:30::681b:a627	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
10	6

2 2606:4700:30::681b:afc0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

guxinlei.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.guxinlei.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::681b:aec0 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.guxinlei.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 220.243.212.50 (Beijing, China)

ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.235.46.191 (Central District, Hong Kong)

ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:a627 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

yabo5552.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	guxinlei.com 1 redirects guxinlei.com www.guxinlei.com	3 KB
3	51.la js.users.51.la ia.51.la Failed	5 KB
1	yabo5552.com yabo5552.com
1	baidu.com hm.baidu.com	9 KB
10	4

	Domain	Requested by
3	js.users.51.la	www.guxinlei.com
3	www.guxinlei.com	www.guxinlei.com
1	yabo5552.com	www.guxinlei.com
1	hm.baidu.com	www.guxinlei.com
1	guxinlei.com	1 redirects
0	ia.51.la Failed	www.guxinlei.com
10	6

This site contains no links.

Subject Issuer	Validity	Valid
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2018-12-03` - `2019-05-26`	6 months	crt.sh

This page contains 2 frames:

Primary Page: http://www.guxinlei.com/
Frame ID: 04FAEF3A64387C2DE5408511BA258FDA
Requests: 9 HTTP requests in this frame

Frame: http://yabo5552.com/
Frame ID: D356558AB6AB20C10D44D8FCB3345A39
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://guxinlei.com/ HTTP 301
http://www.guxinlei.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Page Statistics

10
Requests

10 %
HTTPS

60 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

18 kB
Transfer

31 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://guxinlei.com/ HTTP 301
http://www.guxinlei.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.guxinlei.com/
Redirect Chain

http://guxinlei.com/
http://www.guxinlei.com/

890 B
820 B

1436ms
1103ms

Document
text/html

2606:4700:30::681b:aec0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.guxinlei.com/
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:aec0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bc27dc4a5bc3a928f0a5532e3c56c9633f8c236b5d6a3d9a895424b94ec872b

Request headers

Host: www.guxinlei.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Cookie: __cfduid=dc80a708e76659056c24aad229bab046d1545990893
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 28 Dec 2018 09:54:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: cloudflare
CF-RAY: 490325f2e651c297-FRA
Content-Encoding: gzip

Redirect headers

Date: Fri, 28 Dec 2018 09:54:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dc80a708e76659056c24aad229bab046d1545990893; expires=Sat, 28-Dec-19 09:54:53 GMT; path=/; domain=.guxinlei.com; HttpOnly
Location: http://www.guxinlei.com/
Server: cloudflare
CF-RAY: 490325eec141bead-FRA

GET
H/1.1 200
OK js.js Show response
www.guxinlei.com/ 1 KB
1 KB 318ms
317ms Script
application/x-javascript 2606:4700:30::681b:aec0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.guxinlei.com/js.js
Requested by: Host: www.guxinlei.com
URL: http://www.guxinlei.com/
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:aec0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7057d836abc6905b48961b7b36f45d678420783fc86f5aa14f37baaad5da6c8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.guxinlei.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://www.guxinlei.com/
Cookie: __cfduid=dc80a708e76659056c24aad229bab046d1545990893
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.guxinlei.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 28 Dec 2018 09:54:55 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Mon, 17 Dec 2018 10:39:59 GMT
Server: cloudflare
ETag: W/"fa9de0dbf495d41:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 490325f9d45ac297-FRA
Expires: Fri, 28 Dec 2018 13:54:55 GMT

GET
H/1.1 200
OK tj.js Show response
www.guxinlei.com/ 122 B
553 B 326ms
319ms Script
application/x-javascript 2606:4700:30::681b:afc0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://www.guxinlei.com/tj.js
Requested by: Host: www.guxinlei.com
URL: http://www.guxinlei.com/
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:afc0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ee47fe271982172ab2c24dabf27ab4ddced4c127fcd272141dde6c8e5fd7ee4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.guxinlei.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://www.guxinlei.com/
Cookie: __cfduid=dc80a708e76659056c24aad229bab046d1545990893
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.guxinlei.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 28 Dec 2018 09:54:55 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Mon, 17 Dec 2018 10:38:30 GMT
Server: cloudflare
ETag: W/"4261eca6f495d41:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 490325f9d583bef3-FRA
Expires: Fri, 28 Dec 2018 13:54:55 GMT

GET
H/1.1 404
Not Found 19231143.Js
js.users.51.la/ 0
0 3922ms
158ms Script
text/plain 220.243.212.50
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to

Full URL: http://js.users.51.la/19231143.Js
Requested by: Host: www.guxinlei.com
URL: http://www.guxinlei.com/
Protocol: HTTP/1.1
Server: 220.243.212.50 Beijing, China, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash

Request headers

Referer: http://www.guxinlei.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 28 Dec 2018 09:54:59 GMT
Server: nginx/1.14.0
Connection: keep-alive
Age: 28
Content-Length: 0
X-Via: 1.1 lsh79:7 (Cdn Cache Server V2.0)[174 404 2], 1.1 lsh188:3 (Cdn Cache Server V2.0)[0 404 0]

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 24 KB
9 KB 1342ms
416ms Script
application/javascript 103.235.46.191
CNNIC-BAIDU-AP Be...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?93947e42f6c11f35353b36153c82eece

Requested by

Host: www.guxinlei.com
URL: http://www.guxinlei.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

a1e7e799a8c8ea143b8841f82fab012e1122e3256dbd573e424b935dbe80c583

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: http://www.guxinlei.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 28 Dec 2018 09:54:57 GMT
Content-Encoding: gzip
Server: apache
Etag: 67a8cec607b0d5be91d18b2fde8aa61d
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 9231

GET
H/1.1 200
OK Cookie set /
yabo5552.com/ Frame D356 0
0 479ms
422ms Document
text/html 2606:4700:30::681b:a627
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://yabo5552.com/
Requested by: Host: www.guxinlei.com
URL: http://www.guxinlei.com/
Protocol: HTTP/1.1
Server: 2606:4700:30::681b:a627 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: yabo5552.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://www.guxinlei.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://www.guxinlei.com/

Response headers

Date: Fri, 28 Dec 2018 09:54:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d472d875288244e63bf7f19e7c5583ae21545990896; expires=Sat, 28-Dec-19 09:54:56 GMT; path=/; domain=.yabo5552.com; HttpOnly
Last-Modified: Thu, 27 Dec 2018 05:46:48 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 490325fc300bc2a6-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK 19766319.js Show response
js.users.51.la/ 5 KB
5 KB 3747ms
158ms Script
application/javascript 220.243.212.50
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to

Full URL: http://js.users.51.la/19766319.js
Requested by: Host: www.guxinlei.com
URL: http://www.guxinlei.com/tj.js
Protocol: HTTP/1.1
Server: 220.243.212.50 Beijing, China, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 237b7d7ed73188be256a19f0f3f2dba9fede700d318d5f1a5807d9966d115aa1

Request headers

Referer: http://www.guxinlei.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-id: 19766319
id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSoqO/p2RyXmtL6lJsjw+LtOgf6zuGBR
Last-Modified: Tue Nov 27 15:07:31 CST 2018
Server: nginx/1.14.0
Age: 64012
ETag: "7e468f681400f21a38ac1995c937e745"
Content-Type: application/javascript;charset=UTF-8
version-id: G001116753FE92F9FFFF9047009E52A4
Date: Fri, 28 Dec 2018 09:54:59 GMT
Content-Disposition: inline;filename=f.txt
Connection: keep-alive
request-id: 00000167F06C45FB9007A824BF463AC5
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Content-Length: 4898
X-Via: 1.1 luoshan73:7 (Cdn Cache Server V2.0)[400 200 2], 1.1 lsh188:7 (Cdn Cache Server V2.0)[0 200 0]

GET hm.gif
hm.baidu.com/ 0
0

GET go1
ia.51.la/ 0
0

GET
H/1.1 404
Not Found 19231143.Js
js.users.51.la/ 0
0 158ms
158ms Script
text/plain 220.243.212.50
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to

Full URL: http://js.users.51.la/19231143.Js
Requested by: Host: www.guxinlei.com
URL: http://www.guxinlei.com/
Protocol: HTTP/1.1
Server: 220.243.212.50 Beijing, China, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash

Request headers

Referer: http://www.guxinlei.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 28 Dec 2018 09:54:59 GMT
Server: nginx/1.14.0
Connection: keep-alive
Age: 28
Content-Length: 0
X-Via: 1.1 lsh79:7 (Cdn Cache Server V2.0)[174 404 2], 1.1 lsh188:3 (Cdn Cache Server V2.0)[0 404 0]

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1983342659&si=93947e42f6c11f35353b36153c82eece&v=1.2.36&lv=1&ct=!!&tt=%E9%BE%998%E5%9B%BD%E9%99%85%E6%B3%A8%E5%86%8C_%E4%B8%AD%E5%85%B3%E6%9D%91%E4%B8%8B%E8%BD%BD&sn=20248

Domain: ia.51.la
URL: http://ia.51.la/go1?id=19766319&rt=1545990899730&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E9%25BE%25998%25E5%259B%25BD%25E9%2599%2585%25E6%25B3%25A8%25E5%2586%258C%25E5%2588%259B%25E7%25AB%258B%25E4%25BA%258E2003%25E5%25B9%25B45%25E6%259C%2588%25E8%25B0%2588%25E5%25AE%2598%25EF%25BC%258C%25E7%258E%25B0%25E6%25B3%25A8%25E5%2586%258C%25E8%25B5%2584%25E6%259C%25AC%25E8%25B6%2585%25E8%25BF%258715.6&ing=1&ekc=&sid=1545990899730&tt=%25E9%25BE%25998%25E5%259B%25BD%25E9%2599%2585%25E6%25B3%25A8%25E5%2586%258C_%25E4%25B8%25AD%25E5%2585%25B3%25E6%259D%2591%25E4%25B8%258B%25E8%25BD%25BD&kw=%25E9%25BE%25998%25E5%259B%25BD%25E9%2599%2585%25E6%25B3%25A8%25E5%2586%258C&cu=http%253A%252F%252Fwww.guxinlei.com%252F&pu=

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

guxinlei.com
hm.baidu.com
ia.51.la
js.users.51.la
www.guxinlei.com
yabo5552.com
hm.baidu.com
ia.51.la
103.235.46.191
220.243.212.50
2606:4700:30::681b:a627
2606:4700:30::681b:aec0
2606:4700:30::681b:afc0
237b7d7ed73188be256a19f0f3f2dba9fede700d318d5f1a5807d9966d115aa1
2ee47fe271982172ab2c24dabf27ab4ddced4c127fcd272141dde6c8e5fd7ee4
3bc27dc4a5bc3a928f0a5532e3c56c9633f8c236b5d6a3d9a895424b94ec872b
a1e7e799a8c8ea143b8841f82fab012e1122e3256dbd573e424b935dbe80c583
a7057d836abc6905b48961b7b36f45d678420783fc86f5aa14f37baaad5da6c8

www.guxinlei.com Open in urlscan Pro 2606:4700:30::681b:aec0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

10 %HTTPS

60 %IPv6

4 Domains

6 Subdomains

6 IPs

3 Countries

18 kBTransfer

31 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

Indicators

www.guxinlei.com Open in urlscan Pro
2606:4700:30::681b:aec0 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

10 %
HTTPS

60 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

18 kB
Transfer

31 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions