www.defanedu.com Open in urlscan Pro
5.183.32.37 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.defanedu.com/
Submission: On December 05 via automatic, source certstream-suspicious (December 5th 2020, 7:42:24 am UTC)

Summary HTTP 33 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 6 domains to perform 33 HTTP transactions. The main IP is 5.183.32.37, located in Germany and belongs to DEDIPATH-LLC, US. The main domain is www.defanedu.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 4th 2020. Valid for: 3 months.

This is the only time www.defanedu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	5.183.32.37 5.183.32.37	35913 (DEDIPATH-LLC) (DEDIPATH-LLC)
4	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	122.228.91.87 122.228.91.87	134771 (CHINATELE...) (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU)
1	183.131.207.66 183.131.207.66	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
6	163.171.132.119 163.171.132.119	54994 (QUANTILNE...) (QUANTILNETWORKS)
1	61.135.185.248 61.135.185.248	4808 (CHINA169-...) (CHINA169-BJ China Unicom Beijing Province Network)
1	154.208.76.57 154.208.76.57	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
33	8

17 5.183.32.37 (Germany)

ASN35913 (DEDIPATH-LLC, US)
PTR: klantpaneel787.customer-notifications.eu

www.defanedu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 122.228.91.87 (China)

ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.131.207.66 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 163.171.132.119 (Germany)

ASN54994 (QUANTILNETWORKS, US)

cnc.ef-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.135.185.248 (Beijing, China)

ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)

push.zhanzhang.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.208.76.57 (Los Angeles, United States)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

www.gold8899110.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	defanedu.com www.defanedu.com	994 KB
6	ef-cdn.com cnc.ef-cdn.com	187 KB
5	baidu.com hm.baidu.com api.share.baidu.com Failed push.zhanzhang.baidu.com	30 KB
2	51.la js.users.51.la ia.51.la	4 KB
1	gold8899110.com www.gold8899110.com
0	chinavivaki.com Failed t.chinavivaki.com Failed
33	6

	Domain	Requested by
17	www.defanedu.com	www.defanedu.com
6	cnc.ef-cdn.com	www.defanedu.com
4	hm.baidu.com	www.defanedu.com
1	www.gold8899110.com	www.defanedu.com
1	push.zhanzhang.baidu.com	www.defanedu.com
1	ia.51.la	www.defanedu.com
1	js.users.51.la	www.defanedu.com
0	t.chinavivaki.com Failed	www.defanedu.com
0	api.share.baidu.com Failed	www.defanedu.com
33	9

This site contains links to these domains. Also see Links.

Domain
www.51.la
baike.baidu.com
zhidao.baidu.com
www.dedecms.com

Subject Issuer	Validity	Valid
defanedu.com Let's Encrypt Authority X3	`2020-06-04` - `2020-09-02`	3 months	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-10-20` - `2021-07-26`	9 months	crt.sh
*.users.51.la GlobalSign Domain Validation CA - SHA256 - G2	`2018-01-15` - `2021-03-19`	3 years	crt.sh
*.51.la GlobalSign Domain Validation CA - SHA256 - G2	`2018-01-15` - `2021-04-15`	3 years	crt.sh
gold8899110.com Let's Encrypt Authority X3	`2020-11-25` - `2021-02-23`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.defanedu.com/
Frame ID: A5B010E30640F82E49C64875647ABBA6
Requests: 32 HTTP requests in this frame

Frame: https://www.gold8899110.com/yongli/index.html
Frame ID: 2FB0D3A52FB5246FE97B9658EFB9C36D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

33
Requests

27 %
HTTPS

0 %
IPv6

6
Domains

9
Subdomains

8
IPs

4
Countries

1214 kB
Transfer

1560 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.51.la/?comId=20929257
Title: 51La

Search URL Search Domain Scan URL

URL: http://baike.baidu.com/
Title: 百度百科

Search URL Search Domain Scan URL

URL: http://zhidao.baidu.com/
Title: 百度知道

Search URL Search Domain Scan URL

URL: http://www.dedecms.com/
Title: Power by DedeCms

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.defanedu.com/ 53 KB
9 KB 931ms
154ms Document
text/html 5.183.32.37
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.defanedu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.183.32.37 , Germany, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS: klantpaneel787.customer-notifications.eu
Software: nginx /
Resource Hash: acd9155add9707b0640f38693831a119fbafdd4664f248c6669382bbd49422c5

Request headers

Host: www.defanedu.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Sat, 05 Dec 2020 07:41:46 GMT
Content-Type: text/html
Last-Modified: Wed, 04 Mar 2020 06:47:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e5f4f1e-d516"
Content-Encoding: gzip

GET
H/1.1 200
OK style1.css
www.defanedu.com/templets/default/css/ 122 KB
24 KB 194ms
194ms Stylesheet
text/css 5.183.32.37
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.defanedu.com/templets/default/css/style1.css
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.183.32.37 , Germany, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS: klantpaneel787.customer-notifications.eu
Software: nginx /
Resource Hash: 79fe59da3024fa3e2d0603fc621bc773ae6f5a97b4e201c22cb0317c7f3f8694

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:47 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Sep 2016 12:24:46 GMT
Server: nginx
ETag: W/"57de878e-1e751"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK html5.js Show response
www.defanedu.com/ 3 KB
2 KB 467ms
161ms Script
application/javascript 5.183.32.37
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.defanedu.com/html5.js
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.183.32.37 , Germany, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS: klantpaneel787.customer-notifications.eu
Software: nginx /
Resource Hash: 94178ffcd6ccd79b20622ed15359c31694b22ba3cb9a36957e7b9f820f7f361c

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:47 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Sep 2020 08:06:21 GMT
Server: nginx
ETag: W/"5f5346fd-d82"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK logo-icon.gif
www.defanedu.com/templets/default/images/ 155 B
385 B 498ms
187ms Image
image/gif 5.183.32.37
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.defanedu.com/templets/default/images/logo-icon.gif
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.183.32.37 , Germany, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS: klantpaneel787.customer-notifications.eu
Software: nginx /
Resource Hash: 9a51bd59a7c60522a8828e4079d5c67bd09673b4b291fcc266f58cb3dad1fbe1

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:47 GMT
Last-Modified: Sun, 18 Sep 2016 15:24:56 GMT
Server: nginx
ETag: "57deb1c8-9b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155

GET
H/1.1 200
OK 3.jpg
www.defanedu.com/templets/pic/ 51 KB
51 KB 635ms
324ms Image
image/jpeg 5.183.32.37
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.defanedu.com/templets/pic/3.jpg
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.183.32.37 , Germany, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS: klantpaneel787.customer-notifications.eu
Software: nginx /
Resource Hash: 4a22124dcd402669d04376383354885e9bc3b31c0502aac9fbe52392fc9859b8

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:47 GMT
Last-Modified: Tue, 11 Oct 2016 13:48:10 GMT
Server: nginx
ETag: "57fced9a-cd0e"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52494

GET
H/1.1 200
OK 131.jpg
www.defanedu.com/templets/pic/ 26 KB
26 KB 169ms
169ms Image
image/jpeg 5.183.32.37
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.defanedu.com/templets/pic/131.jpg
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.183.32.37 , Germany, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS: klantpaneel787.customer-notifications.eu
Software: nginx /
Resource Hash: 8acdd06570043c8056180f893a297fb93ba04ffe02fcf0c039994d455e1208d8

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:47 GMT
Last-Modified: Tue, 11 Oct 2016 14:28:00 GMT
Server: nginx
ETag: "57fcf6f0-6669"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26217

GET
H/1.1 200
OK 94.jpg
www.defanedu.com/templets/pic/ 36 KB
36 KB 324ms
323ms Image
image/jpeg 5.183.32.37
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.defanedu.com/templets/pic/94.jpg
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.183.32.37 , Germany, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS: klantpaneel787.customer-notifications.eu
Software: nginx /
Resource Hash: 0afa616cca369d1700e187cd37fc9b54a1702952574fad8d2713ac4715b9c3ee

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:47 GMT
Last-Modified: Tue, 11 Oct 2016 14:17:10 GMT
Server: nginx
ETag: "57fcf466-8eba"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36538

GET
H/1.1 200
OK 6.jpg
www.defanedu.com/templets/pic/ 51 KB
51 KB 303ms
303ms Image
image/jpeg 5.183.32.37
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.defanedu.com/templets/pic/6.jpg
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.183.32.37 , Germany, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS: klantpaneel787.customer-notifications.eu
Software: nginx /
Resource Hash: 5bdaaa6e966e1ffe1dc93081de3d981bf58402cec99cad5b19329b9e0b2a0b5e

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:47 GMT
Last-Modified: Tue, 11 Oct 2016 13:48:52 GMT
Server: nginx
ETag: "57fcedc4-caa1"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51873

GET
H/1.1 200
OK 86.jpg
www.defanedu.com/templets/pic/ 297 KB
297 KB 310ms
310ms Image
image/jpeg 5.183.32.37
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.defanedu.com/templets/pic/86.jpg
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.183.32.37 , Germany, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS: klantpaneel787.customer-notifications.eu
Software: nginx /
Resource Hash: 10c3907da0566bda47e6457de4f2a92b1e37a764da533d70fe6702874b6e80f4

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:47 GMT
Last-Modified: Tue, 11 Oct 2016 14:14:34 GMT
Server: nginx
ETag: "57fcf3ca-4a458"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 304216

GET
H/1.1 200
OK 38.jpg
www.defanedu.com/templets/pic/ 303 KB
303 KB 155ms
154ms Image
image/jpeg 5.183.32.37
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.defanedu.com/templets/pic/38.jpg
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.183.32.37 , Germany, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS: klantpaneel787.customer-notifications.eu
Software: nginx /
Resource Hash: f00d886ed62e1b7487626c44025d91aba50c3f300e8861f33f4487950518ea4d

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:47 GMT
Last-Modified: Tue, 11 Oct 2016 13:57:02 GMT
Server: nginx
ETag: "57fcefae-4baed"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 309997

GET
H/1.1 404
Not Found 133.jpg
www.defanedu.com/templets/pic/ 564 B
564 B 155ms
155ms Image
text/html 5.183.32.37
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.defanedu.com/templets/pic/133.jpg
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.183.32.37 , Germany, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS: klantpaneel787.customer-notifications.eu
Software: nginx /
Resource Hash: 0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:47 GMT
Server: nginx
Connection: keep-alive
Content-Length: 564
Content-Type: text/html

GET
H/1.1 200
OK 12.jpg
www.defanedu.com/templets/pic/ 48 KB
48 KB 161ms
160ms Image
image/jpeg 5.183.32.37
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.defanedu.com/templets/pic/12.jpg
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.183.32.37 , Germany, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS: klantpaneel787.customer-notifications.eu
Software: nginx /
Resource Hash: 56672ded31643180d50bfa2efabaf0f9180c1fa478f5da83daa5842f2bf0c42c

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:47 GMT
Last-Modified: Tue, 11 Oct 2016 13:50:04 GMT
Server: nginx
ETag: "57fcee0c-c0f3"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49395

GET
H/1.1 200
OK 20.jpg
www.defanedu.com/templets/pic/ 59 KB
59 KB 176ms
176ms Image
image/jpeg 5.183.32.37
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.defanedu.com/templets/pic/20.jpg
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.183.32.37 , Germany, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS: klantpaneel787.customer-notifications.eu
Software: nginx /
Resource Hash: e9e15e7b5dcd7b54771d0cf5ec0fdc175eb855fd1edc498f66c7a263e4586309

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:47 GMT
Last-Modified: Tue, 11 Oct 2016 13:52:46 GMT
Server: nginx
ETag: "57fceeae-ea7c"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60028

GET
H/1.1 200
OK u27.js Show response
www.defanedu.com/templets/default/js/ 8 KB
2 KB 489ms
183ms Script
application/javascript 5.183.32.37
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.defanedu.com/templets/default/js/u27.js
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.183.32.37 , Germany, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS: klantpaneel787.customer-notifications.eu
Software: nginx /
Resource Hash: e94d2eaf97cd7ae1ed64279ec0936c788da8a2926f69cf41f3869d6d82419ebb

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:47 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Sep 2016 13:57:58 GMT
Server: nginx
ETag: W/"57de9d66-205f"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK master.js Show response
www.defanedu.com/templets/default/js/ 235 KB
84 KB 645ms
339ms Script
application/javascript 5.183.32.37
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.defanedu.com/templets/default/js/master.js
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.183.32.37 , Germany, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS: klantpaneel787.customer-notifications.eu
Software: nginx /
Resource Hash: 862a401ee0564e9f8cadcdb18727fe48140316fc60167fd0fb44e31249a17da5

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:47 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Sep 2016 16:04:08 GMT
Server: nginx
ETag: W/"57debaf8-3acf5"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 39 KB
14 KB 1198ms
435ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?4fd17f6737cf217b073c6aa14ab4d8a7

Requested by

Host: www.defanedu.com
URL: https://www.defanedu.com/html5.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

653c14ea21122bf512015b35582e6d60a5e81ec52cdba81258c321a151526f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 05 Dec 2020 07:41:48 GMT
Content-Encoding: gzip
Server: apache
Etag: 4acbe7b4ec43baeccecd58604b2e7ce6
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 14038

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 39 KB
14 KB 1427ms
549ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?155e7411dbc9db212ea129ab8f7ed609

Requested by

Host: www.defanedu.com
URL: https://www.defanedu.com/html5.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

4083b6ba7ad4eaa1cee09952131014a9747e9e37fb817fdb81fc84011859b692

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 05 Dec 2020 07:41:48 GMT
Content-Encoding: gzip
Server: apache
Etag: 18cdf6d423d2c8603ddcfd336843b640
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 14039

GET
H/1.1 200
OK 20929257.js Show response
js.users.51.la/ 5 KB
3 KB 1046ms
547ms Script
application/javascript 122.228.91.87
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/20929257.js
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/html5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 122.228.91.87 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: f31f95e2dd41d25e027d0c1f821dc364a64a8d90a4ef831f67408b2ccf5162d9

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-id: 20929257
Date: Sat, 05 Dec 2020 07:41:48 GMT
Content-Encoding: gzip
X-Ws-Request-Id: 5fcb39bc_houdianxin117_36357-57694
Age: 35281
Transfer-Encoding: chunked
X-Via: 1.1 PSjsczsxga63:2 (Cdn Cache Server V2.0)[0 200 0], 1.1 wzhdx199:2 (Cdn Cache Server V2.0)[17 200 2], 1.1 ianxin168:10 (Cdn Cache Server V2.0)[0 200 0]
Content-Disposition: inline;filename=f.txt
Connection: keep-alive
Request-Id: 000001760EEFCC6290116320581B6B27
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSs5Zw3z/XwkNEv9AI1Hs2RyNWLc8dDA
Last-Modified: Sat Sep 05 12:58:15 CST 2020
Server: nginx/1.14.0
ETag: "14c057b3caeb138a843b936f71aa3998"
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
version-id: G00111745CA116EAFFFF90566FAAD6EC

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 303ms
303ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1802560866&si=4fd17f6737cf217b073c6aa14ab4d8a7&v=1.2.80&lv=1&sn=39304&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww.defanedu.com%2F&tt=%E6%B0%B8%E5%88%A9%E5%9B%BD%E9%99%85%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E9%A6%96%E9%A1%B5%7C%E6%AC%A2%E8%BF%8E%E6%82%A8

Requested by

Host: www.defanedu.com
URL: https://www.defanedu.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Dec 2020 07:41:49 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 358ms
358ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=743862199&si=155e7411dbc9db212ea129ab8f7ed609&v=1.2.80&lv=1&sn=39304&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww.defanedu.com%2F&tt=%E6%B0%B8%E5%88%A9%E5%9B%BD%E9%99%85%E5%AE%98%E6%96%B9%E7%BD%91%E7%AB%99-%E9%A6%96%E9%A1%B5%7C%E6%AC%A2%E8%BF%8E%E6%82%A8

Requested by

Host: www.defanedu.com
URL: https://www.defanedu.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Dec 2020 07:41:49 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200 go1
ia.51.la/ 0
255 B 2075ms
1489ms Image
application/octet-stream 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ia.51.la/go1?id=20929257&rt=1607154109460&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%25B0%25B8%25E5%2588%25A9%25E5%259B%25BD%25E9%2599%2585%25E5%25AE%2598%25E6%2596%25B9%25E7%25BD%2591%25E7%25AB%2599%25E6%2598%25AF%25E5%25BE%2588%25E4%25B8%2593%25E4%25B8%259A%25E7%259A%2584%25E7%25BA%25BF%25E4%25B8%258A%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%25EF%25BC%258C%25E8%2583%25BD%25E5%25A4%259F%25E5%259C%25A8%25E6%259C%2580%25E5%25A4%25A7%25E7%25A8%258B%25E5%25BA%25A6%25E4%25B8%258A%25E6%25BB%25A1%25E8%25B6%25B3&ing=1&ekc=&sid=1607154109460&tt=%25E6%25B0%25B8%25E5%2588%25A9%25E5%259B%25BD%25E9%2599%2585%25E5%25AE%2598%25E6%2596%25B9%25E7%25BD%2591%25E7%25AB%2599-%25E9%25A6%2596%25E9%25A1%25B5%257C%25E6%25AC%25A2%25E8%25BF%258E%25E6%2582%25A8&kw=%25E6%25B0%25B8%25E5%2588%25A9%25E5%259B%25BD%25E9%2599%2585%25E5%25AE%2598%25E6%2596%25B9%25E7%25BD%2591%25E7%25AB%2599%252C%25E6%25B0%25B8%25E5%2588%25A9%25E5%259B%25BD%25E9%2599%2585%25E6%2589%258B%25E6%259C%25BA%25E7%2599%25BB%25E5%25BD%2595%252C%25E6%25BE%25B3%25E9%2597%25A8%25E6%2596%25B0%25E6%25B0%25B8%25E5%2588%25A9%25E5%259B%25BD%25E9%2599%2585%25E5%25B9%25B3%25E5%258F%25B0&cu=https%253A%252F%252Fwww.defanedu.com%252F&pu=
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:51 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H/1.1 200
OK master-icons.png
cnc.ef-cdn.com/_imgs/portalcn/ 48 KB
49 KB 113ms
73ms Image
image/png 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cnc.ef-cdn.com/_imgs/portalcn/master-icons.png
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/templets/default/css/style1.css
Protocol: HTTP/1.1
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: waf/4.23.1-3.el6 /
Resource Hash: 6343099a840074e272fcb0ef9b95ccb4cd3a2eb82954d74058b4651aba9d697f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:49 GMT
Last-Modified: Mon, 14 Apr 2014 22:24:48 GMT
Server: waf/4.23.1-3.el6
Age: 1
ETag: "0b84a583058cf1:0"
X-Ws-Request-Id: 5fcb39bd_PSdgflkfFRA2gb7_27849-33473
Content-Type: image/png
Cache-Control: max-age=2592000
X-Cache-Spec: Yes
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49516
X-Via: 1.1 PSshyhlBGPcu17:1 (Cdn Cache Server V2.0), 1.1 PS-FOC-01TKc95:12 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:3 (Cdn Cache Server V2.0)

GET
H/1.1 200
OK billboard-3.jpg
cnc.ef-cdn.com/_imgs/portalcn/ 48 KB
48 KB 182ms
142ms Image
image/jpeg 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cnc.ef-cdn.com/_imgs/portalcn/billboard-3.jpg
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/templets/default/css/style1.css
Protocol: HTTP/1.1
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: waf/4.23.2-2.el6 /
Resource Hash: c08ac808b8d8bd1905c00d95da0d7b084b0e87e84ce505b63fccbfe5a9ded59c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:49 GMT
Last-Modified: Mon, 02 Dec 2013 03:23:05 GMT
Server: waf/4.23.2-2.el6
Age: 1
ETag: "42d772d0defce1:0"
X-Ws-Request-Id: 5fcb39bd_PSdgflkfFRA2po7_25973-59188
Content-Type: image/jpeg
Cache-Control: max-age=2592000
X-Cache-Spec: Yes
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48866
X-Via: 1.1 x106:1 (Cdn Cache Server V2.0), 1.1 ianxin96:7 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:7 (Cdn Cache Server V2.0)

GET
H/1.1 200
OK master-icons-0.1.19.png
cnc.ef-cdn.com/_imgs/portalcn/ 25 KB
25 KB 78ms
38ms Image
image/png 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cnc.ef-cdn.com/_imgs/portalcn/master-icons-0.1.19.png
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/templets/default/css/style1.css
Protocol: HTTP/1.1
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: waf/4.23.2-2.el6 /
Resource Hash: a1edc7b826319a4199bde2edadee4dc6c892845cb45c4a7ac627e1dfcc3811f4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:49 GMT
Last-Modified: Thu, 26 Mar 2015 07:10:04 GMT
Server: waf/4.23.2-2.el6
Age: 1
ETag: "4b6eee19367d01:0"
X-Ws-Request-Id: 5fcb39bd_PSdgflkfFRA2po7_25619-27900
Content-Type: image/png
Cache-Control: max-age=2592000
X-Cache-Spec: Yes
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25123
X-Via: 1.1 x106:6 (Cdn Cache Server V2.0), 1.1 PS-FOC-01TKc95:8 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:1 (Cdn Cache Server V2.0)

GET
H/1.1 200
OK articles-1.jpg
cnc.ef-cdn.com/_imgs/portalcn/ 40 KB
40 KB 81ms
43ms Image
image/jpeg 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cnc.ef-cdn.com/_imgs/portalcn/articles-1.jpg
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/templets/default/css/style1.css
Protocol: HTTP/1.1
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: waf/4.23.2-2.el6 /
Resource Hash: f74106ddc1659a206729a38cac3705fd27ce12e1f39670dc1de727c8bba70108

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:49 GMT
Last-Modified: Wed, 09 Oct 2013 21:56:06 GMT
Server: waf/4.23.2-2.el6
Age: 1
ETag: "01fa75a3ac5ce1:0"
X-Ws-Request-Id: 5fcb39bd_PSdgflkfFRA2gb7_28277-38560
Content-Type: image/jpeg
Cache-Control: max-age=2592000
X-Cache-Spec: Yes
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40812
X-Via: 1.1 PS-HIA-01diW252:2 (Cdn Cache Server V2.0), 1.1 ianxin96:2 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2lp71:12 (Cdn Cache Server V2.0)

GET
H/1.1 200
OK articles-2.jpg
cnc.ef-cdn.com/_imgs/portalcn/ 14 KB
14 KB 75ms
37ms Image
image/jpeg 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cnc.ef-cdn.com/_imgs/portalcn/articles-2.jpg
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/templets/default/css/style1.css
Protocol: HTTP/1.1
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: waf/4.23.1-3.el6 /
Resource Hash: 6d5d3bd5df6b9579c31249a28c542935c3a7d4a682f976b774fcd135237b662e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:49 GMT
Last-Modified: Mon, 26 Aug 2013 16:03:44 GMT
Server: waf/4.23.1-3.el6
Age: 1
ETag: "0f0dcd675a2ce1:0"
X-Ws-Request-Id: 5fcb39bd_PSdgflkfFRA2po7_25423-13552
Content-Type: image/jpeg
Cache-Control: max-age=2592000
X-Cache-Spec: Yes
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13965
X-Via: 1.1 PSshyhlBGPcu17:3 (Cdn Cache Server V2.0), 1.1 PS-FOC-01KG494:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2sg74:0 (Cdn Cache Server V2.0)

GET
H/1.1 200
OK articles-3.jpg
cnc.ef-cdn.com/_imgs/portalcn/ 10 KB
10 KB 75ms
38ms Image
image/jpeg 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cnc.ef-cdn.com/_imgs/portalcn/articles-3.jpg
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/templets/default/css/style1.css
Protocol: HTTP/1.1
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: waf/4.23.2-2.el6 /
Resource Hash: f31821e33d35a8ab576ac0267325f79cd7cd3a9c8ec30aa8ed02dee2fffe4b6f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:49 GMT
Last-Modified: Mon, 26 Aug 2013 16:14:32 GMT
Server: waf/4.23.2-2.el6
Age: 1
ETag: "0e4195977a2ce1:0"
X-Ws-Request-Id: 5fcb39bd_PSdgflkfFRA2po7_26271-54316
Content-Type: image/jpeg
Cache-Control: max-age=2592000
X-Cache-Spec: Yes
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9816
X-Via: 1.1 x106:4 (Cdn Cache Server V2.0), 1.1 ianxin96:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:0 (Cdn Cache Server V2.0)

GET s.gif
api.share.baidu.com/ 0
0

GET
H/1.1 200
OK push.js Show response
push.zhanzhang.baidu.com/ 281 B
923 B 920ms
311ms Script
text/javascript 61.135.185.248
CHINA169-BJ China...

General

Check archive.org

Show headers Download Go to

Full URL: https://push.zhanzhang.baidu.com/push.js
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.135.185.248 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software: apache /
Resource Hash: 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
Server: apache
Etag: "4078521116"
Vary: Accept-Encoding
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 227
Expires: Sun, 05 Dec 2021 07:41:50 GMT

GET
H/1.1 200
OK index.html
www.gold8899110.com/yongli/ Frame 2FB0 0
0 1114ms
276ms Document
text/html 154.208.76.57
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gold8899110.com/yongli/index.html
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/html5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.208.76.57 Los Angeles, United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: www.gold8899110.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.defanedu.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.defanedu.com/

Response headers

Server: nginx
Date: Sat, 05 Dec 2020 07:41:50 GMT
Content-Type: text/html
Last-Modified: Sun, 09 Aug 2020 15:32:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f30170a-16ce"
Content-Encoding: gzip

POST
H/1.1 404
Not Found getsearchengineinfo Show response
www.defanedu.com/api/ 564 B
712 B 1773ms
154ms XHR
text/html 5.183.32.37
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.defanedu.com/api/getsearchengineinfo
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/templets/default/js/master.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.183.32.37 , Germany, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS: klantpaneel787.customer-notifications.eu
Software: nginx /
Resource Hash: 0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

Request headers

Accept: */*
Referer: https://www.defanedu.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sat, 05 Dec 2020 07:41:51 GMT
Server: nginx
Connection: keep-alive
Content-Length: 564
Content-Type: text/html

GET dmp-track.js
t.chinavivaki.com/ 0
0

GET
H/1.1 404
Not Found id=GTM-WGPCVD
www.defanedu.com/ 0
0 1776ms
156ms Script
text/html 5.183.32.37
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.defanedu.com/id=GTM-WGPCVD
Requested by: Host: www.defanedu.com
URL: https://www.defanedu.com/templets/default/js/master.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.183.32.37 , Germany, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS: klantpaneel787.customer-notifications.eu
Software: nginx /
Resource Hash

Request headers

Referer: https://www.defanedu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 07:41:51 GMT
Server: nginx
Connection: keep-alive
Content-Length: 564
Content-Type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.share.baidu.com
URL: https://api.share.baidu.com/s.gif?l=https://www.defanedu.com/

Domain: t.chinavivaki.com
URL: http://t.chinavivaki.com/dmp-track.js

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.share.baidu.com
cnc.ef-cdn.com
hm.baidu.com
ia.51.la
js.users.51.la
push.zhanzhang.baidu.com
t.chinavivaki.com
www.defanedu.com
www.gold8899110.com
api.share.baidu.com
t.chinavivaki.com
103.235.46.191
122.228.91.87
154.208.76.57
163.171.132.119
183.131.207.66
5.183.32.37
61.135.185.248
0afa616cca369d1700e187cd37fc9b54a1702952574fad8d2713ac4715b9c3ee
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2
10c3907da0566bda47e6457de4f2a92b1e37a764da533d70fe6702874b6e80f4
4083b6ba7ad4eaa1cee09952131014a9747e9e37fb817fdb81fc84011859b692
4a22124dcd402669d04376383354885e9bc3b31c0502aac9fbe52392fc9859b8
56672ded31643180d50bfa2efabaf0f9180c1fa478f5da83daa5842f2bf0c42c
5bdaaa6e966e1ffe1dc93081de3d981bf58402cec99cad5b19329b9e0b2a0b5e
6343099a840074e272fcb0ef9b95ccb4cd3a2eb82954d74058b4651aba9d697f
653c14ea21122bf512015b35582e6d60a5e81ec52cdba81258c321a151526f7c
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
6d5d3bd5df6b9579c31249a28c542935c3a7d4a682f976b774fcd135237b662e
79fe59da3024fa3e2d0603fc621bc773ae6f5a97b4e201c22cb0317c7f3f8694
862a401ee0564e9f8cadcdb18727fe48140316fc60167fd0fb44e31249a17da5
8acdd06570043c8056180f893a297fb93ba04ffe02fcf0c039994d455e1208d8
94178ffcd6ccd79b20622ed15359c31694b22ba3cb9a36957e7b9f820f7f361c
9a51bd59a7c60522a8828e4079d5c67bd09673b4b291fcc266f58cb3dad1fbe1
a1edc7b826319a4199bde2edadee4dc6c892845cb45c4a7ac627e1dfcc3811f4
acd9155add9707b0640f38693831a119fbafdd4664f248c6669382bbd49422c5
c08ac808b8d8bd1905c00d95da0d7b084b0e87e84ce505b63fccbfe5a9ded59c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94d2eaf97cd7ae1ed64279ec0936c788da8a2926f69cf41f3869d6d82419ebb
e9e15e7b5dcd7b54771d0cf5ec0fdc175eb855fd1edc498f66c7a263e4586309
f00d886ed62e1b7487626c44025d91aba50c3f300e8861f33f4487950518ea4d
f31821e33d35a8ab576ac0267325f79cd7cd3a9c8ec30aa8ed02dee2fffe4b6f
f31f95e2dd41d25e027d0c1f821dc364a64a8d90a4ef831f67408b2ccf5162d9
f74106ddc1659a206729a38cac3705fd27ce12e1f39670dc1de727c8bba70108

www.defanedu.com Open in urlscan Pro 5.183.32.37 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

33 Requests

27 %HTTPS

0 %IPv6

6 Domains

9 Subdomains

8 IPs

4 Countries

1214 kBTransfer

1560 kBSize

0 Cookies

4 Outgoing links

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.defanedu.com Open in urlscan Pro
5.183.32.37 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

27 %
HTTPS

0 %
IPv6

6
Domains

9
Subdomains

8
IPs

4
Countries

1214 kB
Transfer

1560 kB
Size

0
Cookies

33 HTTP transactions
0 data transactions