www.cefubal.com Open in urlscan Pro
23.228.96.73 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cefubal.com/
Effective URL:
http://www.cefubal.com/
Submission: On July 04 via api (July 4th 2019, 12:35:53 am UTC) from DE

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 31 HTTP transactions. The main IP is 23.228.96.73, located in Los Angeles, United States and belongs to GLOBAL-FRAG-NETWORKS - Global Frag Networks, US. The main domain is www.cefubal.com.

This is the only time www.cefubal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	23.228.96.73 23.228.96.73	46573 (GLOBAL-FR...) (GLOBAL-FRAG-NETWORKS - Global Frag Networks)
2	163.171.128.16 163.171.128.16	54994 (QUANTILNE...) (QUANTILNETWORKS - QUANTIL NETWORKS INC)
2	103.235.46.191 103.235.46.191	55967 (CNNIC-BAI...) (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co.)
1	45.33.49.244 45.33.49.244	63949 (LINODE-AP...) (LINODE-AP Linode)
1	154.94.84.170 154.94.84.170	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
31	6

8 23.228.96.73 (Los Angeles, United States) 1 redirects

ASN46573 (GLOBAL-FRAG-NETWORKS - Global Frag Networks, US)

cefubal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.cefubal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 163.171.128.16 (Germany)

ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.33.49.244 (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li999-244.members.linode.com

www.v6kb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.94.84.170 (United States)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

www.loc6629.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	cefubal.com 1 redirects cefubal.com www.cefubal.com	54 KB
2	baidu.com push.zhanzhang.baidu.com Failed hm.baidu.com	24 KB
2	51.la js.users.51.la ia.51.la Failed	6 KB
1	loc6629.com www.loc6629.com
1	v6kb.com www.v6kb.com	1 KB
0	xtssymxx.com Failed tj.xtssymxx.com Failed
0	yxwbyq.com Failed www.yxwbyq.com Failed
31	7

	Domain	Requested by
7	www.cefubal.com	www.cefubal.com
2	hm.baidu.com	www.cefubal.com www.v6kb.com
2	js.users.51.la	www.cefubal.com www.v6kb.com
1	www.loc6629.com	www.cefubal.com
1	www.v6kb.com	www.cefubal.com
1	cefubal.com	1 redirects
0	tj.xtssymxx.com Failed	www.v6kb.com
0	ia.51.la Failed	www.cefubal.com
0	push.zhanzhang.baidu.com Failed	www.cefubal.com
0	www.yxwbyq.com Failed	www.cefubal.com
31	10

This site contains no links.

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
*.users.51.la GlobalSign Domain Validation CA - SHA256 - G2	`2018-01-15` - `2021-03-19`	3 years	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2019-05-09` - `2020-06-25`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://www.cefubal.com/
Frame ID: B4BC8DBF939080D21F1E67E962D00247
Requests: 30 HTTP requests in this frame

Frame: http://www.loc6629.com/index.htm
Frame ID: 91BEC43E53798CC42330A397F1B59D58
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://cefubal.com/ HTTP 301
http://www.cefubal.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

31
Requests

13 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

6
IPs

3
Countries

85 kB
Transfer

216 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cefubal.com/ HTTP 301
http://www.cefubal.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://www.cefubal.com/?Public/adv/5cff07ff72ade.png HTTP 302
http://www.yxwbyq.com/Public/adv/5cff07ff72ade.png

Request Chain 6

http://www.cefubal.com/?Public/images/alpha.png HTTP 302
http://www.yxwbyq.com/Public/images/alpha.png

Request Chain 8

http://www.cefubal.com/?Public/uploads/20190604/5cf643a38aff7.jpg HTTP 302
http://www.yxwbyq.com/Public/uploads/20190604/5cf643a38aff7.jpg

Request Chain 9

http://www.cefubal.com/?Public/uploads/20190604/5cf640309c671.jpg HTTP 302
http://www.yxwbyq.com/Public/uploads/20190604/5cf640309c671.jpg

Request Chain 10

http://www.cefubal.com/?Public/uploads/20190604/5cf62e4bad919.jpg HTTP 302
http://www.yxwbyq.com/Public/uploads/20190604/5cf62e4bad919.jpg

Request Chain 11

http://www.cefubal.com/?Public/uploads/20190604/5cf62bbf53724.jpg HTTP 302
http://www.yxwbyq.com/Public/uploads/20190604/5cf62bbf53724.jpg

Request Chain 12

http://www.cefubal.com/?Public/uploads/20190604/5cf62a29d6199.jpg HTTP 302
http://www.yxwbyq.com/Public/uploads/20190604/5cf62a29d6199.jpg

Request Chain 13

http://www.cefubal.com/?Public/uploads/20190604/5cf625ffbfb04.jpg HTTP 302
http://www.yxwbyq.com/Public/uploads/20190604/5cf625ffbfb04.jpg

Request Chain 14

http://www.cefubal.com/?Public/uploads/20190605/5cf70a1bc939a.jpg HTTP 302
http://www.yxwbyq.com/Public/uploads/20190605/5cf70a1bc939a.jpg

Request Chain 15

http://www.cefubal.com/?Public/uploads/20190604/5cf61b78cb5ef.jpg HTTP 302
http://www.yxwbyq.com/Public/uploads/20190604/5cf61b78cb5ef.jpg

Request Chain 16

http://www.cefubal.com/?Public/uploads/20190604/5cf616239baff.jpg HTTP 302
http://www.yxwbyq.com/Public/uploads/20190604/5cf616239baff.jpg

Request Chain 17

http://www.cefubal.com/?Public/images/jt.png HTTP 302
http://www.yxwbyq.com/Public/images/jt.png

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.cefubal.com/
Redirect Chain

http://cefubal.com/
http://www.cefubal.com/

13 KB
4 KB

435ms
181ms

Document
text/html

23.228.96.73
Global Frag Networks

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cefubal.com/
Protocol: HTTP/1.1
Server: 23.228.96.73 Los Angeles, United States, ASN46573 (GLOBAL-FRAG-NETWORKS - Global Frag Networks, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 01a5eb6edc2f55a39d8757351bd0dad4fa654769e5fede421d1b6591e4206cb0

Request headers

Host: www.cefubal.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Thu, 04 Jul 2019 00:35:16 GMT
Content-Type: text/html; charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.45
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Thu, 04 Jul 2019 00:35:16 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: http://www.cefubal.com/

GET
H/1.1 200
OK d.js Show response
www.cefubal.com/s5js/ 862 B
1 KB 158ms
157ms Script
application/javascript 23.228.96.73
Global Frag Networks

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cefubal.com/s5js/d.js
Requested by: Host: www.cefubal.com
URL: http://www.cefubal.com/
Protocol: HTTP/1.1
Security: , ,
Server: 23.228.96.73 Los Angeles, United States, ASN46573 (GLOBAL-FRAG-NETWORKS - Global Frag Networks, US),
Reverse DNS
Software: nginx /
Resource Hash: c99da2d2c6e422df7cac52e14d676c4e5a25e3844d5aac1fafa717a54a0792f3

Request headers

Referer: http://www.cefubal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 04 Jul 2019 00:35:17 GMT
Last-Modified: Wed, 05 Jun 2019 07:39:55 GMT
Server: nginx
ETag: "5cf771cb-35e"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 862

GET
H/1.1 200
OK /
www.cefubal.com/ 12 KB
4 KB 168ms
167ms Stylesheet
text/css 23.228.96.73
Global Frag Networks

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cefubal.com/?Public/css/style.css
Requested by: Host: www.cefubal.com
URL: http://www.cefubal.com/
Protocol: HTTP/1.1
Security: , ,
Server: 23.228.96.73 Los Angeles, United States, ASN46573 (GLOBAL-FRAG-NETWORKS - Global Frag Networks, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 85c01427973382c5fb00d7d8f24f02f985dc407b684bbfe63d4b133ea63877ce

Request headers

Referer: http://www.cefubal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 04 Jul 2019 00:35:17 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK /
www.cefubal.com/ 8 KB
3 KB 325ms
168ms Stylesheet
text/css 23.228.96.73
Global Frag Networks

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cefubal.com/?Public/css/css.css
Requested by: Host: www.cefubal.com
URL: http://www.cefubal.com/
Protocol: HTTP/1.1
Security: , ,
Server: 23.228.96.73 Los Angeles, United States, ASN46573 (GLOBAL-FRAG-NETWORKS - Global Frag Networks, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: de291ac346eb1e45030a348b8e6d77a2fef6af12ff867825bd495253c43a8160

Request headers

Referer: http://www.cefubal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 04 Jul 2019 00:35:17 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK / Show response
www.cefubal.com/ 92 KB
37 KB 329ms
170ms Script
text/javascript 23.228.96.73
Global Frag Networks

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cefubal.com/?Public/js/jquery-1.10.2.min.js
Requested by: Host: www.cefubal.com
URL: http://www.cefubal.com/
Protocol: HTTP/1.1
Security: , ,
Server: 23.228.96.73 Los Angeles, United States, ASN46573 (GLOBAL-FRAG-NETWORKS - Global Frag Networks, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 75761c30d332417a32d3e94ee22a74ea40cd80900e4e82fbe6fb2b8e19b1c301

Request headers

Referer: http://www.cefubal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 04 Jul 2019 00:35:17 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK / Show response
www.cefubal.com/ 11 KB
4 KB 332ms
173ms Script
text/javascript 23.228.96.73
Global Frag Networks

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cefubal.com/?Public/js/jquery.SuperSlide.2.1.1.js
Requested by: Host: www.cefubal.com
URL: http://www.cefubal.com/
Protocol: HTTP/1.1
Security: , ,
Server: 23.228.96.73 Los Angeles, United States, ASN46573 (GLOBAL-FRAG-NETWORKS - Global Frag Networks, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 6332a2b7681463db11940ca76aa2775266974c0899529bbd7c10ee997cedf7e8

Request headers

Referer: http://www.cefubal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 04 Jul 2019 00:35:17 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET

5cff07ff72ade.png
www.yxwbyq.com/Public/adv/
Redirect Chain

http://www.cefubal.com/?Public/adv/5cff07ff72ade.png
http://www.yxwbyq.com/Public/adv/5cff07ff72ade.png

0
0

GET

alpha.png
www.yxwbyq.com/Public/images/
Redirect Chain

http://www.cefubal.com/?Public/images/alpha.png
http://www.yxwbyq.com/Public/images/alpha.png

0
0

GET
H/1.1 200
OK / Show response
www.cefubal.com/ 4 KB
1 KB 168ms
167ms Script
text/javascript 23.228.96.73
Global Frag Networks

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cefubal.com/?Public/js/slider.js
Requested by: Host: www.cefubal.com
URL: http://www.cefubal.com/
Protocol: HTTP/1.1
Security: , ,
Server: 23.228.96.73 Los Angeles, United States, ASN46573 (GLOBAL-FRAG-NETWORKS - Global Frag Networks, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 164e2c9ecb07830527d0a29b09bbdbdfe86f26e864324f750027eef6027867d3

Request headers

Referer: http://www.cefubal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 04 Jul 2019 00:35:19 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET

5cf643a38aff7.jpg
www.yxwbyq.com/Public/uploads/20190604/
Redirect Chain

http://www.cefubal.com/?Public/uploads/20190604/5cf643a38aff7.jpg
http://www.yxwbyq.com/Public/uploads/20190604/5cf643a38aff7.jpg

0
0

GET

5cf640309c671.jpg
www.yxwbyq.com/Public/uploads/20190604/
Redirect Chain

http://www.cefubal.com/?Public/uploads/20190604/5cf640309c671.jpg
http://www.yxwbyq.com/Public/uploads/20190604/5cf640309c671.jpg

0
0

GET

5cf62e4bad919.jpg
www.yxwbyq.com/Public/uploads/20190604/
Redirect Chain

http://www.cefubal.com/?Public/uploads/20190604/5cf62e4bad919.jpg
http://www.yxwbyq.com/Public/uploads/20190604/5cf62e4bad919.jpg

0
0

GET

5cf62bbf53724.jpg
www.yxwbyq.com/Public/uploads/20190604/
Redirect Chain

http://www.cefubal.com/?Public/uploads/20190604/5cf62bbf53724.jpg
http://www.yxwbyq.com/Public/uploads/20190604/5cf62bbf53724.jpg

0
0

GET

5cf62a29d6199.jpg
www.yxwbyq.com/Public/uploads/20190604/
Redirect Chain

http://www.cefubal.com/?Public/uploads/20190604/5cf62a29d6199.jpg
http://www.yxwbyq.com/Public/uploads/20190604/5cf62a29d6199.jpg

0
0

GET

5cf625ffbfb04.jpg
www.yxwbyq.com/Public/uploads/20190604/
Redirect Chain

http://www.cefubal.com/?Public/uploads/20190604/5cf625ffbfb04.jpg
http://www.yxwbyq.com/Public/uploads/20190604/5cf625ffbfb04.jpg

0
0

GET

5cf70a1bc939a.jpg
www.yxwbyq.com/Public/uploads/20190605/
Redirect Chain

http://www.cefubal.com/?Public/uploads/20190605/5cf70a1bc939a.jpg
http://www.yxwbyq.com/Public/uploads/20190605/5cf70a1bc939a.jpg

0
0

GET

5cf61b78cb5ef.jpg
www.yxwbyq.com/Public/uploads/20190604/
Redirect Chain

http://www.cefubal.com/?Public/uploads/20190604/5cf61b78cb5ef.jpg
http://www.yxwbyq.com/Public/uploads/20190604/5cf61b78cb5ef.jpg

0
0

GET

5cf616239baff.jpg
www.yxwbyq.com/Public/uploads/20190604/
Redirect Chain

http://www.cefubal.com/?Public/uploads/20190604/5cf616239baff.jpg
http://www.yxwbyq.com/Public/uploads/20190604/5cf616239baff.jpg

0
0

GET

jt.png
www.yxwbyq.com/Public/images/
Redirect Chain

http://www.cefubal.com/?Public/images/jt.png
http://www.yxwbyq.com/Public/images/jt.png

0
0

GET
H/1.1 200
OK 20016639.js Show response
js.users.51.la/ 5 KB
3 KB 30ms
29ms Script
application/javascript 163.171.128.16
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/20016639.js
Requested by: Host: www.cefubal.com
URL: http://www.cefubal.com/s5js/d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.171.128.16 , Germany, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 7a1c09c982976e72ccca0f8b66d6de27a9a13a702f9b636aa289ee60d6affbdc

Request headers

Referer: http://www.cefubal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-id: 20016639
Date: Thu, 04 Jul 2019 00:35:17 GMT
Content-Encoding: gzip
Age: 51159
Transfer-Encoding: chunked
X-Via: 1.1 PStwzhdxmm215:8 (Cdn Cache Server V2.0)[246 200 2], 1.1 ld92:0 (Cdn Cache Server V2.0)[530 200 0], 1.1 VMdgflkfFRA1ow64:3 (Cdn Cache Server V2.0)[1 200 0]
Content-Disposition: inline;filename=f.txt
Connection: keep-alive
Request-Id: 0000016B3138C59F9051C694003C82C2
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSgR8besxTosmg3Iqsckzm9PGliXmf8G
Last-Modified: Tue Apr 30 15:00:08 CST 2019
Server: nginx/1.14.0
ETag: "ad76f93ba23564dbd1f756d13b8e617d"
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
version-id: G001116A6D0B26ABFFFF900B01CB1CB6

GET push.js
push.zhanzhang.baidu.com/ 0
0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 32 KB
12 KB 16725ms
698ms Script
application/javascript 103.235.46.191
CNNIC-BAIDU-AP Be...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?ff392a624355264362934464a52b46da

Requested by

Host: www.cefubal.com
URL: http://www.cefubal.com/s5js/d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

f17bcd31d96ef4fdbcf76972f58dd7b101a5d2fb5d8c81ce8933eac896bb5668

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: http://www.cefubal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 04 Jul 2019 00:35:35 GMT
Content-Encoding: gzip
Server: apache
Etag: 8db5b58335788ddad5fccba3814ebd1e
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11874

GET
H/1.1 200
OK lok.js Show response
www.v6kb.com/lok/ 2 KB
1 KB 2066ms
165ms Script
application/javascript 45.33.49.244
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://www.v6kb.com/lok/lok.js
Requested by: Host: www.cefubal.com
URL: http://www.cefubal.com/s5js/d.js
Protocol: HTTP/1.1
Security: , ,
Server: 45.33.49.244 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li999-244.members.linode.com
Software: nginx /
Resource Hash: b0f33085e41e281bccd68555f4b5a0fc68975d32a27f0ab2b3a38ba0bdbe8768

Request headers

Referer: http://www.cefubal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 04 Jul 2019 00:34:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jul 2019 05:34:56 GMT
Server: nginx
ETag: W/"5d199b80-767"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 04 Jul 2019 12:34:59 GMT

GET go1
ia.51.la/ 0
0

GET
H/1.1 200
OK 20016689.js Show response
js.users.51.la/ 5 KB
3 KB 28ms
28ms Script
application/javascript 163.171.128.16
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/20016689.js
Requested by: Host: www.v6kb.com
URL: http://www.v6kb.com/lok/lok.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.171.128.16 , Germany, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: aabb27069bd0e14d985bc2a92c11f1b25a60488773f83a7fa61fb0e8c06987ad

Request headers

Referer: http://www.cefubal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-id: 20016689
Date: Thu, 04 Jul 2019 00:35:19 GMT
Content-Encoding: gzip
Age: 52131
Transfer-Encoding: chunked
X-Via: 1.1 dxin235:7 (Cdn Cache Server V2.0)[0 200 0], 1.1 ld86:1 (Cdn Cache Server V2.0)[37 200 0], 1.1 VMdgflkfFRA1ow64:3 (Cdn Cache Server V2.0)[0 200 0]
Content-Disposition: inline;filename=f.txt
Connection: keep-alive
Request-Id: 0000016B925DF5B99011F5743F59BE1C
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSjvBef157x/+RalQ5K7V8DTaZz51qZy
Last-Modified: Tue Apr 30 15:24:08 CST 2019
Server: nginx/1.14.0
ETag: "56a17962d53e1e7c5477769cd99a2f0a"
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
version-id: G001116A6D211F66FFFF9047022D5C8B

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 32 KB
12 KB 16726ms
700ms Script
application/javascript 103.235.46.191
CNNIC-BAIDU-AP Be...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?5e9f65a13d6366411656ab68fc074647

Requested by

Host: www.v6kb.com
URL: http://www.v6kb.com/lok/lok.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

2af31f55740cbfe6aa7cf4c8efcf31d60f949f6b44e28e3b4955aff66e921f72

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: http://www.cefubal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 04 Jul 2019 00:35:35 GMT
Content-Encoding: gzip
Server: apache
Etag: 61e022e7d38ad1745027e0ed41ddb9d5
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11873

GET jstj.php
tj.xtssymxx.com/ 0
0

GET go1
ia.51.la/ 0
0

GET
H/1.1 200
OK Cookie set index.htm
www.loc6629.com/ Frame 91BE 0
0 4610ms
336ms Document
text/html 154.94.84.170
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.loc6629.com/index.htm
Requested by: Host: www.cefubal.com
URL: http://www.cefubal.com/
Protocol: HTTP/1.1
Server: 154.94.84.170 , United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash

Request headers

Host: www.loc6629.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://www.cefubal.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.cefubal.com/

Response headers

Server: nginx/1.12.0
Date: Thu, 04 Jul 2019 00:35:23 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=gqo3er18jln0vcds9lp4lfkls1; expires=Thu, 04-Jul-2019 01:35:23 GMT; Max-Age=3600; path=/ PHPSESSID=gqo3er18jln0vcds9lp4lfkls1 TINGYUN_DATA=%7B%22id%22%3A%22_eXAwh_3uZE%23svB-GMpYmCk%22%2C%22n%22%3A%22WebAction%2FPHP%2Fweb%252FC%2A%252Fwebphp%252FWebRoot%252Findex.php%22%2C%22tid%22%3A%228936c549ab2dce%22%2C%22q%22%3A0%2C%22a%22%3A63%7D NSC_MC_WT_D02_XFC=ffffffff09a23c3c45525d5f4f58455e445a4a42113f;Version=1;Max-Age=120;path=/;httponly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Content-Encoding: gzip
X-Via: 1.1 localhost.localdomain (random:153683 Fikker/Webcache/3.7.8)

GET hm.gif
hm.baidu.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.yxwbyq.com
URL: http://www.yxwbyq.com/Public/adv/5cff07ff72ade.png

Domain: www.yxwbyq.com
URL: http://www.yxwbyq.com/Public/images/alpha.png

Domain: www.yxwbyq.com
URL: http://www.yxwbyq.com/Public/uploads/20190604/5cf643a38aff7.jpg

Domain: www.yxwbyq.com
URL: http://www.yxwbyq.com/Public/uploads/20190604/5cf640309c671.jpg

Domain: www.yxwbyq.com
URL: http://www.yxwbyq.com/Public/uploads/20190604/5cf62e4bad919.jpg

Domain: www.yxwbyq.com
URL: http://www.yxwbyq.com/Public/uploads/20190604/5cf62bbf53724.jpg

Domain: www.yxwbyq.com
URL: http://www.yxwbyq.com/Public/uploads/20190604/5cf62a29d6199.jpg

Domain: www.yxwbyq.com
URL: http://www.yxwbyq.com/Public/uploads/20190604/5cf625ffbfb04.jpg

Domain: www.yxwbyq.com
URL: http://www.yxwbyq.com/Public/uploads/20190605/5cf70a1bc939a.jpg

Domain: www.yxwbyq.com
URL: http://www.yxwbyq.com/Public/uploads/20190604/5cf61b78cb5ef.jpg

Domain: www.yxwbyq.com
URL: http://www.yxwbyq.com/Public/uploads/20190604/5cf616239baff.jpg

Domain: www.yxwbyq.com
URL: http://www.yxwbyq.com/Public/images/jt.png

Domain: push.zhanzhang.baidu.com
URL: http://push.zhanzhang.baidu.com/push.js

Domain: ia.51.la
URL: http://ia.51.la/go1?id=20016639&rt=1562200517160&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1562200517160&tt=&kw=&cu=http%253A%252F%252Fwww.cefubal.com%252F&pu=

Domain: tj.xtssymxx.com
URL: https://tj.xtssymxx.com:666/jstj.php?domain=loc6629.com&gid=1&rand=0.5903484338316354

Domain: ia.51.la
URL: http://ia.51.la/go1?id=20016689&rt=1562200519222&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1562200519222&tt=&kw=&cu=http%253A%252F%252Fwww.cefubal.com%252F&pu=

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1947194528&si=ff392a624355264362934464a52b46da&v=1.2.51&lv=1&sn=42742&ct=!!

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=606515605&si=5e9f65a13d6366411656ab68fc074647&v=1.2.51&lv=1&sn=42743&ct=!!

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cefubal.com
hm.baidu.com
ia.51.la
js.users.51.la
push.zhanzhang.baidu.com
tj.xtssymxx.com
www.cefubal.com
www.loc6629.com
www.v6kb.com
www.yxwbyq.com
hm.baidu.com
ia.51.la
push.zhanzhang.baidu.com
tj.xtssymxx.com
www.yxwbyq.com
103.235.46.191
154.94.84.170
163.171.128.16
23.228.96.73
45.33.49.244
01a5eb6edc2f55a39d8757351bd0dad4fa654769e5fede421d1b6591e4206cb0
164e2c9ecb07830527d0a29b09bbdbdfe86f26e864324f750027eef6027867d3
2af31f55740cbfe6aa7cf4c8efcf31d60f949f6b44e28e3b4955aff66e921f72
6332a2b7681463db11940ca76aa2775266974c0899529bbd7c10ee997cedf7e8
75761c30d332417a32d3e94ee22a74ea40cd80900e4e82fbe6fb2b8e19b1c301
7a1c09c982976e72ccca0f8b66d6de27a9a13a702f9b636aa289ee60d6affbdc
85c01427973382c5fb00d7d8f24f02f985dc407b684bbfe63d4b133ea63877ce
aabb27069bd0e14d985bc2a92c11f1b25a60488773f83a7fa61fb0e8c06987ad
b0f33085e41e281bccd68555f4b5a0fc68975d32a27f0ab2b3a38ba0bdbe8768
c99da2d2c6e422df7cac52e14d676c4e5a25e3844d5aac1fafa717a54a0792f3
de291ac346eb1e45030a348b8e6d77a2fef6af12ff867825bd495253c43a8160
f17bcd31d96ef4fdbcf76972f58dd7b101a5d2fb5d8c81ce8933eac896bb5668

www.cefubal.com Open in urlscan Pro 23.228.96.73 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

13 %HTTPS

0 %IPv6

7 Domains

10 Subdomains

6 IPs

3 Countries

85 kBTransfer

216 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

0 Cookies

Indicators

www.cefubal.com Open in urlscan Pro
23.228.96.73 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

13 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

6
IPs

3
Countries

85 kB
Transfer

216 kB
Size

0
Cookies

31 HTTP transactions
0 data transactions