qy256.vip Open in urlscan Pro
159.138.138.175  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://www.yongfaedu.com/ Page URL
2. http://qy256.vip/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response www.yongfaedu.com/	1 KB 759 B	718ms 208ms	Document text/html	156.224.87.186 XIAOZHIYUN1-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://www.yongfaedu.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 156.224.87.186 Central, Hong Kong, ASN136800 (XIAOZHIYUN1-AS-AP ICIDC NETWORK, US), Reverse DNS Software openresty / Resource Hash 4445efafe96788b27a84878cc10d830e579fa5da825768f4561636b5d2d4da3c Request headers Host www.yongfaedu.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server openresty Date Thu, 26 Nov 2020 08:49:24 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Content-Encoding gzip
GET H/1.1	200 OK	91168.js Show response www.yongfaedu.com/	7 KB 3 KB	221ms 221ms	Script application/javascript	156.224.87.186 XIAOZHIYUN1-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://www.yongfaedu.com/91168.js Requested by Host: www.yongfaedu.com URL: https://www.yongfaedu.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 156.224.87.186 Central, Hong Kong, ASN136800 (XIAOZHIYUN1-AS-AP ICIDC NETWORK, US), Reverse DNS Software openresty / Resource Hash 3c638518650d0fa5e9699e955c23fd757be884a3ce8dc22505c41659c8eb1211 Request headers Referer https://www.yongfaedu.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 26 Nov 2020 08:49:24 GMT Content-Encoding gzip Last-Modified Tue, 01 Sep 2020 02:34:35 GMT Server openresty ETag W/"5f4db33b-1d4d" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400 Transfer-Encoding chunked Connection keep-alive Expires Fri, 27 Nov 2020 08:49:24 GMT
GET H2	200	push.js Show response zz.bdstatic.com/linksubmit/	308 B 562 B	1087ms 371ms	Script application/x-javascript	119.188.176.48 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://zz.bdstatic.com/linksubmit/push.js Requested by Host: www.yongfaedu.com URL: https://www.yongfaedu.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 119.188.176.48 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software JSP3/2.0.14 / Resource Hash c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212 Request headers Referer https://www.yongfaedu.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 08:49:25 GMT ohc-cache-hit jn2un142 [4], xzuncache85 [2] ohc-response-time 1 0 0 0 0 0 last-modified Thu, 05 Nov 2020 08:30:01 GMT server JSP3/2.0.14 age 28865 etag W/"5fa3b809-134" content-type application/x-javascript cache-control max-age=86400 tracecode 29001742000223943178110608 accept-ranges bytes content-encoding gzip expires Fri, 27 Nov 2020 00:48:20 GMT
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	39 KB 14 KB	1206ms 640ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?7411278426277d3a48f3260042569efe Requested by Host: www.yongfaedu.com URL: https://www.yongfaedu.com/91168.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash 961949522c05312f9e1b4ea984c754b8688d86fd76d908f6d14cd7dbc9edbe97 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers Referer https://www.yongfaedu.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 26 Nov 2020 08:49:25 GMT Content-Encoding gzip Server apache Etag 6011858391762faf5c7b2d0871d66278 Strict-Transport-Security max-age=172800 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Cache-Control max-age=0, must-revalidate Content-Type application/javascript Content-Length 14038
GET H/1.1	200 OK	/ hujibo.applinzi.com/v3/self/	37 B 443 B	2040ms 249ms	XHR text/html	220.181.136.172 CHINANET-IDC-BJ-A...
General Check archive.org Show headers Download Go to Full URL https://hujibo.applinzi.com/v3/self/?title=qy8%E5%8D%83%E8%B5%A2%E5%9B%BD%E9%99%85&panduan=a Requested by Host: www.yongfaedu.com URL: https://www.yongfaedu.com/91168.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 220.181.136.172 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN), Reverse DNS Software nginx / Resource Hash Request headers Referer https://www.yongfaedu.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 26 Nov 2020 08:49:26 GMT Via 3839 Last-Modified Thu, 26 Nov 2020 08:49:26 GMT Server nginx Transfer-Encoding chunked Content-Type text/html;charset=utf-8 Access-Control-Allow-Origin * Expires Mon, 26 Jul 1997 05:00:00 GMT Cache-Control no-cache, must-revalidate Connection keep-alive Content-Encoding gzip Pramga no-cache
GET H/1.1	200 OK	/ hujibo.applinzi.com/v3/self/ Frame E28B	0 0	2036ms 250ms	Document text/html	220.181.136.172 CHINANET-IDC-BJ-A...
General Check archive.org Show headers Download Go to Full URL https://hujibo.applinzi.com/v3/self/?title=qy8%E5%8D%83%E8%B5%A2%E5%9B%BD%E9%99%85 Requested by Host: www.yongfaedu.com URL: https://www.yongfaedu.com/91168.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 220.181.136.172 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN), Reverse DNS Software nginx / Resource Hash Request headers Host hujibo.applinzi.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest frame Referer https://www.yongfaedu.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.yongfaedu.com/ Response headers Server nginx Date Thu, 26 Nov 2020 08:49:26 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Origin * Expires Mon, 26 Jul 1997 05:00:00 GMT Last-Modified Thu, 26 Nov 2020 08:49:26 GMT Cache-Control no-cache, must-revalidate Pramga no-cache Via 3839 Content-Encoding gzip
GET H2	200	wt_bg3.jpg sinacloud.net/tiyubo/images/	153 KB 154 KB	1061ms 301ms	Image image/jpeg	183.60.187.58 CT-GUANGZHOU-IDC ...
General Check archive.org Show headers Download Go to Show image Full URL https://sinacloud.net/tiyubo/images/wt_bg3.jpg Requested by Host: www.yongfaedu.com URL: https://www.yongfaedu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 183.60.187.58 Foshan, China, ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN), Reverse DNS Software nginx / Resource Hash Request headers Referer https://www.yongfaedu.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 08:49:25 GMT x-filesize 156678 last-modified Thu, 15 Nov 2018 08:14:27 GMT server nginx x-requestid 1f3fa0b3-2011-2616-4925-d4ae52a679b2 etag "d0ff3864b59ec3ae11d2abbbfde3c79f" access-control-max-age 31536000 access-control-allow-methods GET, PUT, POST, DELETE, OPTIONS, HEAD content-type image/jpeg access-control-allow-origin * x-requester GRPS000000ANONYMOUSE cache-control max-age=31536000 x-amz-meta-crc32 269CAEFD access-control-allow-headers Origin, Content-Type, Accept, Range, Content-Length content-length 156678
GET H/1.1	200 OK	s.gif sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/	0 116 B	1080ms 520ms	Image text/plain	103.235.46.39 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.yongfaedu.com/ Requested by Host: www.yongfaedu.com URL: https://www.yongfaedu.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.39 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.yongfaedu.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 26 Nov 2020 08:49:26 GMT Content-Length 0 Content-Type text/plain; charset=utf-8
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	352ms 351ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=416857571&si=7411278426277d3a48f3260042569efe&v=1.2.80&lv=1&sn=52182&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww.yongfaedu.com%2F&tt=qy8%E5%8D%83%E8%B5%A2%E5%9B%BD%E9%99%85 Requested by Host: www.yongfaedu.com URL: https://www.yongfaedu.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers Referer https://www.yongfaedu.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 26 Nov 2020 08:49:26 GMT X-Content-Type-Options nosniff Server apache Strict-Transport-Security max-age=172800 Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43
GET H/1.1	403 Forbidden	Primary Request / Show response qy256.vip/	916 B 1 KB	1801ms 399ms	Document text/html	159.138.138.175 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Full URL http://qy256.vip/ Requested by Host: www.yongfaedu.com URL: https://www.yongfaedu.com/ Protocol HTTP/1.1 Server 159.138.138.175 , Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-159-138-138-175.compute.hwclouds-dns.com Software kangle/3.5.21.15 / Resource Hash e31d5a84d8c83fbceb9a50ef073e075b37e511de5951e8126c3db904e427d9e1 Request headers Host qy256.vip Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server kangle/3.5.21.15 Date Thu, 26 Nov 2020 08:49:28 GMT Content-Type text/html; charset=utf-8 X-Cache MISS from HKW-IDC-018 Content-Length 916
GET H/1.1	200 OK	error.php Show response support.safestcdn.com/error/	3 KB 1 KB	846ms 214ms	Script text/html	159.138.54.207 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Full URL https://support.safestcdn.com/error/error.php?code=403&vh=qianying-018.com Requested by Host: qy256.vip URL: http://qy256.vip/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.138.54.207 , Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-159-138-54-207.compute.hwclouds-dns.com Software nginx / PHP/7.1.27 Resource Hash 485e30ce30ecca45f24db978482da8454985f737220371077073ad3ad36b3516 Request headers Referer http://qy256.vip/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Thu, 26 Nov 2020 08:49:29 GMT Content-Encoding gzip Server nginx X-Powered-By PHP/7.1.27 Vary Accept-Encoding X-Cache MISS from Content-Type text/html; charset=utf-8 Cache-Control max-age=60 Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	bootstrap-grid.css error.safestcdn.com/css/	43 KB 6 KB	609ms 202ms	Stylesheet text/css	159.138.54.207 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Full URL https://error.safestcdn.com/css/bootstrap-grid.css Requested by Host: support.safestcdn.com URL: https://support.safestcdn.com/error/error.php?code=403&vh=qianying-018.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.138.54.207 , Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-159-138-54-207.compute.hwclouds-dns.com Software nginx / Resource Hash 0ea65be7017f2b5b26a7f508a539f34bdbd858c8ba92cce339d1a12987b37faa Request headers Referer http://qy256.vip/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 26 Nov 2020 08:49:30 GMT Content-Encoding gzip Last-Modified Fri, 13 Dec 2019 08:25:30 GMT Server nginx ETag W/"5df34afa-abb8" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	custom.css error.safestcdn.com/css/	7 KB 2 KB	611ms 203ms	Stylesheet text/css	159.138.54.207 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Full URL https://error.safestcdn.com/css/custom.css Requested by Host: support.safestcdn.com URL: https://support.safestcdn.com/error/error.php?code=403&vh=qianying-018.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.138.54.207 , Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-159-138-54-207.compute.hwclouds-dns.com Software nginx / Resource Hash 534a9a0c2771fa5a2a90e2bc92b93cc1c340dcf45a4618700aca7195e1cb5233 Request headers Referer http://qy256.vip/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 26 Nov 2020 08:49:30 GMT Content-Encoding gzip Last-Modified Fri, 13 Dec 2019 08:25:30 GMT Server nginx ETag W/"5df34afa-1c16" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	astronaut.png error.safestcdn.com/images/	7 KB 8 KB	612ms 203ms	Image image/png	159.138.54.207 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Show image Full URL https://error.safestcdn.com/images/astronaut.png Requested by Host: support.safestcdn.com URL: https://support.safestcdn.com/error/error.php?code=403&vh=qianying-018.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.138.54.207 , Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-159-138-54-207.compute.hwclouds-dns.com Software nginx / Resource Hash b5a822bc03021f460b4eee06e2290300f6f4aeef37aceff2998a61509f2506aa Request headers Referer http://qy256.vip/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 26 Nov 2020 08:49:30 GMT Last-Modified Fri, 13 Dec 2019 08:25:30 GMT Server nginx ETag "5df34afa-1d6f" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 7535
GET H/1.1	200 OK	planet-001.png error.safestcdn.com/images/	2 KB 2 KB	616ms 204ms	Image image/png	159.138.54.207 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Show image Full URL https://error.safestcdn.com/images/planet-001.png Requested by Host: support.safestcdn.com URL: https://support.safestcdn.com/error/error.php?code=403&vh=qianying-018.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.138.54.207 , Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-159-138-54-207.compute.hwclouds-dns.com Software nginx / Resource Hash d2e1eff9437fd45704e193f6b03da80ae9f5553344ee9f65fa0506dd7dbeb09e Request headers Referer http://qy256.vip/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 26 Nov 2020 08:49:30 GMT Last-Modified Fri, 13 Dec 2019 08:25:31 GMT Server nginx ETag "5df34afb-8d7" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 2263
GET H/1.1	200 OK	planet-002.png error.safestcdn.com/images/	597 B 828 B	618ms 204ms	Image image/png	159.138.54.207 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Show image Full URL https://error.safestcdn.com/images/planet-002.png Requested by Host: support.safestcdn.com URL: https://support.safestcdn.com/error/error.php?code=403&vh=qianying-018.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.138.54.207 , Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-159-138-54-207.compute.hwclouds-dns.com Software nginx / Resource Hash 7c3e9d6732f43e54fe08360cfa7fc7b6109d33876c395ae4b2329b6de1173c46 Request headers Referer http://qy256.vip/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 26 Nov 2020 08:49:30 GMT Last-Modified Fri, 13 Dec 2019 08:25:31 GMT Server nginx ETag "5df34afb-255" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 597
GET H/1.1	200 OK	planet-003.png error.safestcdn.com/images/	2 KB 2 KB	619ms 205ms	Image image/png	159.138.54.207 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Show image Full URL https://error.safestcdn.com/images/planet-003.png Requested by Host: support.safestcdn.com URL: https://support.safestcdn.com/error/error.php?code=403&vh=qianying-018.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.138.54.207 , Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-159-138-54-207.compute.hwclouds-dns.com Software nginx / Resource Hash e7edf0d8a270b61f4f1acb9b014ba6944afe5c726e629b19c11909bac846c357 Request headers Referer http://qy256.vip/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 26 Nov 2020 08:49:30 GMT Last-Modified Fri, 13 Dec 2019 08:25:31 GMT Server nginx ETag "5df34afb-736" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1846
GET H/1.1	200 OK	planet-004.png error.safestcdn.com/images/	1 KB 2 KB	201ms 201ms	Image image/png	159.138.54.207 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Show image Full URL https://error.safestcdn.com/images/planet-004.png Requested by Host: support.safestcdn.com URL: https://support.safestcdn.com/error/error.php?code=403&vh=qianying-018.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.138.54.207 , Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-159-138-54-207.compute.hwclouds-dns.com Software nginx / Resource Hash 51a57e2970d9d6f9e45e4cd3c03dced9ede1e443f1c07fe2f168f6d24e0e9d08 Request headers Referer http://qy256.vip/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 26 Nov 2020 08:49:30 GMT Last-Modified Fri, 13 Dec 2019 08:25:31 GMT Server nginx ETag "5df34afb-5af" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1455
GET H/1.1	200 OK	planet-005.png error.safestcdn.com/images/	1 KB 2 KB	202ms 202ms	Image image/png	159.138.54.207 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Show image Full URL https://error.safestcdn.com/images/planet-005.png Requested by Host: support.safestcdn.com URL: https://support.safestcdn.com/error/error.php?code=403&vh=qianying-018.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.138.54.207 , Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-159-138-54-207.compute.hwclouds-dns.com Software nginx / Resource Hash 9591076cab946ac3c7d914268d147e515c78f210da7e5d146a85a856a51330d1 Request headers Referer http://qy256.vip/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 26 Nov 2020 08:49:30 GMT Last-Modified Fri, 13 Dec 2019 08:25:31 GMT Server nginx ETag "5df34afb-592" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1426
GET H/1.1	200 OK	planet-006.png error.safestcdn.com/images/	2 KB 3 KB	204ms 204ms	Image image/png	159.138.54.207 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Show image Full URL https://error.safestcdn.com/images/planet-006.png Requested by Host: support.safestcdn.com URL: https://support.safestcdn.com/error/error.php?code=403&vh=qianying-018.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.138.54.207 , Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-159-138-54-207.compute.hwclouds-dns.com Software nginx / Resource Hash 2932cc411d1c6e342381e7e0a207184f14d6bec6372400e929084d47aa61c518 Request headers Referer http://qy256.vip/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 26 Nov 2020 08:49:30 GMT Last-Modified Fri, 13 Dec 2019 08:25:31 GMT Server nginx ETag "5df34afb-94c" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 2380
GET H/1.1	200 OK	planet-007.png error.safestcdn.com/images/	578 B 809 B	204ms 204ms	Image image/png	159.138.54.207 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Show image Full URL https://error.safestcdn.com/images/planet-007.png Requested by Host: support.safestcdn.com URL: https://support.safestcdn.com/error/error.php?code=403&vh=qianying-018.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.138.54.207 , Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-159-138-54-207.compute.hwclouds-dns.com Software nginx / Resource Hash 8fee408697d2716c9fab0503d891e5a01bd26eb2bb69515d4d6371a7fba6e946 Request headers Referer http://qy256.vip/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 26 Nov 2020 08:49:30 GMT Last-Modified Fri, 13 Dec 2019 08:25:31 GMT Server nginx ETag "5df34afb-242" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 578
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.3.1/	85 KB 30 KB	26ms 6ms	Script text/javascript	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: support.safestcdn.com URL: https://support.safestcdn.com/error/error.php?code=403&vh=qianying-018.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://qy256.vip/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Thu, 26 Nov 2020 08:13:33 GMT content-encoding gzip x-content-type-options nosniff age 2156 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30399 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 26 Nov 2021 08:13:33 GMT
GET H/1.1	403 Forbidden	script.js qy256.vip/js/	0 0	205ms 205ms	Script text/html	159.138.138.175 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Full URL http://qy256.vip/js/script.js Requested by Host: support.safestcdn.com URL: https://support.safestcdn.com/error/error.php?code=403&vh=qianying-018.com Protocol HTTP/1.1 Server 159.138.138.175 , Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-159-138-138-175.compute.hwclouds-dns.com Software kangle/3.5.21.15 / Resource Hash Request headers Referer http://qy256.vip/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 26 Nov 2020 08:49:29 GMT Server kangle/3.5.21.15 Content-Length 916 X-Cache MISS from HKW-IDC-018 Content-Type text/html; charset=utf-8
GET H/1.1	403 Forbidden	script.js qy256.vip/js/	0 0	205ms 205ms	Script text/html	159.138.138.175 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Full URL http://qy256.vip/js/script.js Requested by Host: qy256.vip URL: http://qy256.vip/ Protocol HTTP/1.1 Server 159.138.138.175 , Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-159-138-138-175.compute.hwclouds-dns.com Software kangle/3.5.21.15 / Resource Hash Request headers Referer http://qy256.vip/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 26 Nov 2020 08:49:30 GMT Server kangle/3.5.21.15 Content-Length 916 X-Cache MISS from HKW-IDC-018 Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	bg-404.jpg error.safestcdn.com/images/	29 KB 30 KB	396ms 396ms	Image image/jpeg	159.138.54.207 HWCLOUDS-AS-AP HU...
General Check archive.org Show headers Download Go to Show image Full URL https://error.safestcdn.com/images/bg-404.jpg Requested by Host: error.safestcdn.com URL: https://error.safestcdn.com/css/custom.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.138.54.207 , Hong Kong, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK), Reverse DNS ecs-159-138-54-207.compute.hwclouds-dns.com Software nginx / Resource Hash 68567f4c62eb062ba95352d6a6db08e671aa67f5c5c98de165b8e33fc89e041e Request headers Referer https://error.safestcdn.com/css/custom.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 26 Nov 2020 08:49:30 GMT Last-Modified Fri, 13 Dec 2019 08:25:31 GMT Server nginx ETag "5df34afb-755e" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 30046
GET H2	200	/ Show response ipapi.co/json/	718 B 991 B	239ms 222ms	XHR application/json	2606:4700:20::ac43:45e2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ipapi.co/json/ Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:20::ac43:45e2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d6e2b50c9a13711adbb47cf6736a16e22c71e8cf45991b3a027373c1a315bd95 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/javascript, */*; q=0.01 Referer http://qy256.vip/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 08:49:30 GMT content-encoding br allow POST, GET, HEAD, OPTIONS, OPTIONS cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Host, Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jXm2%2BwCn3WGDPrFzVdYU8fB7p8wFhlnHZj7qSxvJLnwJ%2FmB8Qvmt6SPaa9ObRCQb3OXH9xLBhSSA0Lo%2Bz9okOu0lh%2BQShVfMLWOtpeigEdNOBNP57w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin http://qy256.vip cf-ray 5f825b45ff0cd6d5-FRA cf-request-id 06a5575fbf0000d6d58fac3000000001

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated string| referer string| url string| msg string| hostname string| event_id function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.yongfaedu.com/91168.js(Line 133) Message: {"isgo":1,"url":"http:\/\/qy256.vip"}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
error.safestcdn.com
hm.baidu.com
hujibo.applinzi.com
ipapi.co
qy256.vip
sinacloud.net
sp0.baidu.com
support.safestcdn.com
www.yongfaedu.com
zz.bdstatic.com
103.235.46.191
103.235.46.39
119.188.176.48
156.224.87.186
159.138.138.175
159.138.54.207
183.60.187.58
220.181.136.172
2606:4700:20::ac43:45e2
2a00:1450:4001:81c::200a
0ea65be7017f2b5b26a7f508a539f34bdbd858c8ba92cce339d1a12987b37faa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2932cc411d1c6e342381e7e0a207184f14d6bec6372400e929084d47aa61c518
3c638518650d0fa5e9699e955c23fd757be884a3ce8dc22505c41659c8eb1211
4445efafe96788b27a84878cc10d830e579fa5da825768f4561636b5d2d4da3c
485e30ce30ecca45f24db978482da8454985f737220371077073ad3ad36b3516
51a57e2970d9d6f9e45e4cd3c03dced9ede1e443f1c07fe2f168f6d24e0e9d08
534a9a0c2771fa5a2a90e2bc92b93cc1c340dcf45a4618700aca7195e1cb5233
68567f4c62eb062ba95352d6a6db08e671aa67f5c5c98de165b8e33fc89e041e
7c3e9d6732f43e54fe08360cfa7fc7b6109d33876c395ae4b2329b6de1173c46
8fee408697d2716c9fab0503d891e5a01bd26eb2bb69515d4d6371a7fba6e946
9591076cab946ac3c7d914268d147e515c78f210da7e5d146a85a856a51330d1
961949522c05312f9e1b4ea984c754b8688d86fd76d908f6d14cd7dbc9edbe97
b5a822bc03021f460b4eee06e2290300f6f4aeef37aceff2998a61509f2506aa
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212
d2e1eff9437fd45704e193f6b03da80ae9f5553344ee9f65fa0506dd7dbeb09e
d6e2b50c9a13711adbb47cf6736a16e22c71e8cf45991b3a027373c1a315bd95
e31d5a84d8c83fbceb9a50ef073e075b37e511de5951e8126c3db904e427d9e1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7edf0d8a270b61f4f1acb9b014ba6944afe5c726e629b19c11909bac846c357