Submitted URL: http://vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
Effective URL: http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
Submission Tags: threatshare
Submission: On April 27 via api from US

Summary

This website contacted 6 IPs in 4 countries across 3 domains to perform 19 HTTP transactions. The main IP is 107.163.153.45, located in Thousand Oaks, United States and belongs to TAKE2, US. The main domain is www.vaiit.com.
This is the only time www.vaiit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 107.163.153.45 20248 (TAKE2)
1 2 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
10 24 203.205.137.113 132203 (TENCENT-N...)
1 2 203.205.254.103 132203 (TENCENT-N...)
1 203.205.136.105 132203 (TENCENT-N...)
1 203.205.239.168 132203 (TENCENT-N...)
19 6
Apex Domain
Subdomains
Transfer
29 qq.com
www.qq.com
qzone.qq.com
boss.qzone.qq.com
pingfore.qq.com
197 KB
2 vaiit.com
vaiit.com
www.vaiit.com
839 B
1 gtimg.cn
qzonestyle.gtimg.cn
5 KB
19 3
Domain Requested by
24 qzone.qq.com 10 redirects www.vaiit.com
2 boss.qzone.qq.com 1 redirects www.vaiit.com
2 www.qq.com 1 redirects www.vaiit.com
1 pingfore.qq.com
1 qzonestyle.gtimg.cn qzone.qq.com
1 www.vaiit.com
1 vaiit.com 1 redirects
19 7

This site contains links to these domains. Also see Links.

Domain
www.qq.com
bbs.baobeihuijia.com
e.t.qq.com
Subject Issuer Validity Valid
qs.888.qq.com
DigiCert SHA2 Secure Server CA
2020-03-24 -
2021-06-23
a year crt.sh
qzone.qq.com
Secure Site CA G2
2020-03-19 -
2021-05-18
a year crt.sh
*.qzone.qq.com
Secure Site CA G2
2019-08-14 -
2020-08-18
a year crt.sh

This page contains 1 frames:

Primary Page: http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
Frame ID: AB09F0A10BD3883489017529F13BB4D5
Requests: 19 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php HTTP 301
    http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

19
Requests

84 %
HTTPS

17 %
IPv6

3
Domains

7
Subdomains

6
IPs

4
Countries

200 kB
Transfer

228 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php HTTP 301
    http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.qq.com/404/search_children.js HTTP 302
  • https://www.qq.com/404/search_children.js
Request Chain 1
  • http://qzone.qq.com/gy/404/data.js HTTP 301
  • https://qzone.qq.com/gy/404/data.js
Request Chain 2
  • http://qzone.qq.com/gy/404/page.js HTTP 301
  • https://qzone.qq.com/gy/404/page.js
Request Chain 3
  • http://boss.qzone.qq.com/fcg-bin/fcg_zone_info HTTP 302
  • https://boss.qzone.qq.com/fcg-bin/fcg_zone_info
Request Chain 4
  • http://qzone.qq.com/gy/404/style/404style.css HTTP 307
  • https://qzone.qq.com/gy/404/style/404style.css
Request Chain 6
  • http://qzone.qq.com/gy/upload/upfile_6569804_1488448536.jpg HTTP 301
  • https://qzone.qq.com/gy/upload/upfile_6569804_1488448536.jpg
Request Chain 7
  • http://qzone.qq.com/gy/404/style/image/logo_tencentvolunteers.png HTTP 301
  • https://qzone.qq.com/gy/404/style/image/logo_tencentvolunteers.png
Request Chain 8
  • http://qzone.qq.com/gy/404/style/image/logo_baobeihuijia.png HTTP 301
  • https://qzone.qq.com/gy/404/style/image/logo_baobeihuijia.png
Request Chain 9
  • http://qzone.qq.com/gy/upload/upfile_8956934_1485251811.jpg HTTP 301
  • https://qzone.qq.com/gy/upload/upfile_8956934_1485251811.jpg
Request Chain 10
  • http://qzone.qq.com/gy/upload/upfile_9883924_1484250596.jpg HTTP 301
  • https://qzone.qq.com/gy/upload/upfile_9883924_1484250596.jpg
Request Chain 11
  • http://qzone.qq.com/gy/upload/upfile_1125429_1485048575.jpg HTTP 301
  • https://qzone.qq.com/gy/upload/upfile_1125429_1485048575.jpg
Request Chain 12
  • http://qzone.qq.com/gy/upload/upfile_8856562_1486551416.jpg HTTP 301
  • https://qzone.qq.com/gy/upload/upfile_8856562_1486551416.jpg
Request Chain 13
  • http://qzone.qq.com/gy/upload/upfile_3277957_1488449002.jpg HTTP 301
  • https://qzone.qq.com/gy/upload/upfile_3277957_1488449002.jpg

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request PvqDq929BSx_A_D_M1n_a.php
www.vaiit.com/pee2......../
Redirect Chain
  • http://vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
  • http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
466 B
614 B
Document
General
Full URL
http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
Protocol
HTTP/1.1
Server
107.163.153.45 Thousand Oaks, United States, ASN20248 (TAKE2, US),
Reverse DNS
Software
nginx /
Resource Hash
c8fe9b8318d7ea01c9fa8f22b8386a7e28717d8359f2b1c9f7a4794c85b2476a

Request headers

Host
www.vaiit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Mon, 27 Apr 2020 16:21:21 GMT
Content-Type
text/html
Content-Length
466
Connection
keep-alive

Redirect headers

Server
nginx
Date
Mon, 27 Apr 2020 16:21:15 GMT
Content-Type
text/html
Content-Length
0
Connection
keep-alive
Location
http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
search_children.js
www.qq.com/404/
Redirect Chain
  • http://www.qq.com/404/search_children.js
  • https://www.qq.com/404/search_children.js
339 B
375 B
Script
General
Full URL
https://www.qq.com/404/search_children.js
Requested by
Host: www.vaiit.com
URL: http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:288::180c , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
squid/3.5.24 /
Resource Hash
5e985892f223d8e998337b6b15ce02e084e6255ef7fdcaf1d5a05ca5d30a1457

Request headers

Referer
http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 16:21:23 GMT
content-encoding
gzip
server
squid/3.5.24
vary
Accept-Encoding
content-type
application/javascript; charset=GB2312
status
200
cache-control
max-age=629
content-length
216
expires
Mon, 27 Apr 2020 16:31:52 GMT

Redirect headers

Location
https://www.qq.com/404/search_children.js
Date
Mon, 27 Apr 2020 16:21:23 GMT
Server
stgw/1.3.12.4_1.13.5
Connection
keep-alive
Content-Length
169
Content-Type
text/html
data.js
qzone.qq.com/gy/404/
Redirect Chain
  • http://qzone.qq.com/gy/404/data.js
  • https://qzone.qq.com/gy/404/data.js
7 KB
3 KB
Script
General
Full URL
https://qzone.qq.com/gy/404/data.js
Requested by
Host: www.vaiit.com
URL: http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.113 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWSs /
Resource Hash
3e113816ec35c2135dd04cdd4b0f943110baca70fdfed358116fc331ca946979
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Referer
http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 16:21:26 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Wed, 02 Jan 2019 12:37:06 GMT
server
NWSs
strict-transport-security
max-age=3600
content-type
application/x-javascript
status
200
cache-control
max-age=600
server_ip
203.205.137.113
x-nws-log-uuid
718784d1-4f08-42d3-83ca-b32b17ffde4b
content-length
2420
expires
Mon, 27 Apr 2020 16:31:25 GMT

Redirect headers

Location
https://qzone.qq.com/gy/404/data.js
Date
Mon, 27 Apr 2020 16:21:24 GMT
Server
X2S_Platform
Connection
keep-alive
Content-Length
36
page.js
qzone.qq.com/gy/404/
Redirect Chain
  • http://qzone.qq.com/gy/404/page.js
  • https://qzone.qq.com/gy/404/page.js
17 KB
6 KB
Script
General
Full URL
https://qzone.qq.com/gy/404/page.js
Requested by
Host: www.vaiit.com
URL: http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.113 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWSs /
Resource Hash
d478d507bb67eaf166fc657e9af6225abd183d7e4e63c916f24ff0d749c8f33d
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Referer
http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 16:21:26 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Sat, 01 Apr 2017 13:54:36 GMT
server
NWSs
strict-transport-security
max-age=3600
content-type
application/x-javascript
status
200
cache-control
max-age=600
server_ip
203.205.137.113
x-nws-log-uuid
1770bf1a-06ad-49b8-b663-63e2200b01fb
content-length
5370
expires
Mon, 27 Apr 2020 16:31:25 GMT

Redirect headers

Location
https://qzone.qq.com/gy/404/page.js
Date
Mon, 27 Apr 2020 16:21:24 GMT
Server
X2S_Platform
Connection
keep-alive
Content-Length
36
fcg_zone_info
boss.qzone.qq.com/fcg-bin/
Redirect Chain
  • http://boss.qzone.qq.com/fcg-bin/fcg_zone_info
  • https://boss.qzone.qq.com/fcg-bin/fcg_zone_info
0
0
Script
General
Full URL
https://boss.qzone.qq.com/fcg-bin/fcg_zone_info
Requested by
Host: www.vaiit.com
URL: http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.254.103 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Location
https://boss.qzone.qq.com/fcg-bin/fcg_zone_info
Date
Mon, 27 Apr 2020 16:21:26 GMT
Server
stgw/1.3.12.4_1.13.5
Connection
keep-alive
Content-Length
169
Content-Type
text/html
404style.css
qzone.qq.com/gy/404/style/
Redirect Chain
  • http://qzone.qq.com/gy/404/style/404style.css
  • https://qzone.qq.com/gy/404/style/404style.css
11 KB
4 KB
Stylesheet
General
Full URL
https://qzone.qq.com/gy/404/style/404style.css
Requested by
Host: www.vaiit.com
URL: http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.113 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWSs /
Resource Hash
ae69c2003554ee506b6aaf77e4eb3793fa1772e50a937df138eab0ee53761935
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Referer
http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 16:21:26 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Sat, 01 Apr 2017 13:54:44 GMT
server
NWSs
strict-transport-security
max-age=3600
content-type
text/css
status
200
cache-control
max-age=3600
server_ip
203.205.137.113
x-nws-log-uuid
fb41323a-47e0-4570-9700-8fa9b0e07fcc
content-length
3441
expires
Mon, 27 Apr 2020 17:21:25 GMT

Redirect headers

Location
https://qzone.qq.com/gy/404/style/404style.css
Non-Authoritative-Reason
HSTS
stat.js
qzonestyle.gtimg.cn/ac/qzfl/
13 KB
5 KB
Script
General
Full URL
http://qzonestyle.gtimg.cn/ac/qzfl/stat.js
Requested by
Host: qzone.qq.com
URL: https://qzone.qq.com/gy/404/page.js
Protocol
HTTP/1.1
Server
203.205.136.105 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_CDN_P1 /
Resource Hash
29a7113eec2a48cc19aecef9ff3f85cc51410fcd0ea147e36ae94a17f8ea3d1c

Request headers

Referer
http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-DataSrc
2
Date
Mon, 27 Apr 2020 16:21:27 GMT
Content-Encoding
gzip
X-Cache-Lookup
Hit From Disktank3 Gz
Access-Control-Expose-Headers
x-client-proto-ver, X-Server-Ip, X-Upstream-IP
Connection
keep-alive
alt-svc
quic=":443"; ma=86400; v="39,38,37,36,35"
Content-Length
3980
X-Client-Ip
194.99.105.99
X-ReqGue
0
Last-Modified
Wed, 05 Apr 2017 20:06:35 GMT
Server
NWS_CDN_P1
Vary
Origin, Accept
Content-Type
application/x-javascript
X-Server-IP
203.205.136.105
Cache-Control
max-age=31104000
X-NWS-LOG-UUID
7239539503326859404 5b2e8d0495ca8041581f8a84b4879853
Expires
Thu, 22 Apr 2021 16:21:27 GMT
upfile_6569804_1488448536.jpg
qzone.qq.com/gy/upload/
Redirect Chain
  • http://qzone.qq.com/gy/upload/upfile_6569804_1488448536.jpg
  • https://qzone.qq.com/gy/upload/upfile_6569804_1488448536.jpg
14 KB
15 KB
Image
General
Full URL
https://qzone.qq.com/gy/upload/upfile_6569804_1488448536.jpg
Requested by
Host: www.vaiit.com
URL: http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.113 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWSs /
Resource Hash
c6c918417af87325a552b18c5e0e6169a3ebc31a1fcf5c2ac70792aca8812b2c
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Referer
http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 16:21:28 GMT
x-cache-lookup
Hit From Disktank3
last-modified
Tue, 17 Mar 2020 17:30:29 GMT
server
NWSs
strict-transport-security
max-age=3600
content-type
image/jpeg
status
200
cache-control
max-age=259200
server_ip
203.205.137.113
x-nws-log-uuid
240cbfcb-3433-473e-be33-6a75d1c81314
content-length
14782
expires
Thu, 30 Apr 2020 16:21:27 GMT

Redirect headers

Location
https://qzone.qq.com/gy/upload/upfile_6569804_1488448536.jpg
Date
Mon, 27 Apr 2020 16:21:27 GMT
Server
X2S_Platform
Connection
keep-alive
Content-Length
61
logo_tencentvolunteers.png
qzone.qq.com/gy/404/style/image/
Redirect Chain
  • http://qzone.qq.com/gy/404/style/image/logo_tencentvolunteers.png
  • https://qzone.qq.com/gy/404/style/image/logo_tencentvolunteers.png
4 KB
4 KB
Image
General
Full URL
https://qzone.qq.com/gy/404/style/image/logo_tencentvolunteers.png
Requested by
Host: www.vaiit.com
URL: http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.113 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWSs /
Resource Hash
3e09ae67b0bbfe1b6baa0d067d7bc67d8604449bf240818b2bf7ed284e640dd1
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Referer
http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 16:21:28 GMT
x-cache-lookup
Hit From Disktank3
last-modified
Sat, 01 Apr 2017 13:54:45 GMT
server
NWSs
strict-transport-security
max-age=3600
content-type
image/png
status
200
cache-control
max-age=259200
server_ip
203.205.137.113
x-nws-log-uuid
6bba9d99-0455-4480-82f2-77422793b543
content-length
3588
expires
Thu, 30 Apr 2020 16:21:27 GMT

Redirect headers

Location
https://qzone.qq.com/gy/404/style/image/logo_tencentvolunteers.png
Date
Mon, 27 Apr 2020 16:21:27 GMT
Server
X2S_Platform
Connection
keep-alive
Content-Length
67
logo_baobeihuijia.png
qzone.qq.com/gy/404/style/image/
Redirect Chain
  • http://qzone.qq.com/gy/404/style/image/logo_baobeihuijia.png
  • https://qzone.qq.com/gy/404/style/image/logo_baobeihuijia.png
4 KB
4 KB
Image
General
Full URL
https://qzone.qq.com/gy/404/style/image/logo_baobeihuijia.png
Requested by
Host: www.vaiit.com
URL: http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.113 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWSs /
Resource Hash
bcbf5e77a3a5842dfe5d92ff0fea8d265bd9a1ad2a457de3dd9c4470751c4b7f
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Referer
http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 16:21:29 GMT
x-cache-lookup
Hit From Disktank3
last-modified
Sat, 01 Apr 2017 13:54:45 GMT
server
NWSs
strict-transport-security
max-age=3600
content-type
image/png
status
200
cache-control
max-age=259200
server_ip
203.205.137.113
x-nws-log-uuid
8163fe07-b910-4c38-ab89-0333bfb8f7ec
content-length
3725
expires
Thu, 30 Apr 2020 16:21:28 GMT

Redirect headers

Location
https://qzone.qq.com/gy/404/style/image/logo_baobeihuijia.png
Date
Mon, 27 Apr 2020 16:21:27 GMT
Server
X2S_Platform
Connection
keep-alive
Content-Length
62
upfile_8956934_1485251811.jpg
qzone.qq.com/gy/upload/
Redirect Chain
  • http://qzone.qq.com/gy/upload/upfile_8956934_1485251811.jpg
  • https://qzone.qq.com/gy/upload/upfile_8956934_1485251811.jpg
37 KB
37 KB
Image
General
Full URL
https://qzone.qq.com/gy/upload/upfile_8956934_1485251811.jpg
Requested by
Host: www.vaiit.com
URL: http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.113 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWSs /
Resource Hash
ba60da82fea2d895e0a8d16aa63ff79ebf074df3b68eda1c6065ca9d6586931c
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Referer
http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 16:21:29 GMT
x-cache-lookup
Hit From Disktank3
last-modified
Fri, 01 Sep 2017 03:47:46 GMT
server
NWSs
strict-transport-security
max-age=3600
content-type
image/jpeg
status
200
cache-control
max-age=259200
server_ip
203.205.137.113
x-nws-log-uuid
26034f05-9002-42bf-918e-0a76e6ebd42b
content-length
37615
expires
Thu, 30 Apr 2020 16:21:28 GMT

Redirect headers

Location
https://qzone.qq.com/gy/upload/upfile_8956934_1485251811.jpg
Date
Mon, 27 Apr 2020 16:21:27 GMT
Server
X2S_Platform
Connection
keep-alive
Content-Length
61
upfile_9883924_1484250596.jpg
qzone.qq.com/gy/upload/
Redirect Chain
  • http://qzone.qq.com/gy/upload/upfile_9883924_1484250596.jpg
  • https://qzone.qq.com/gy/upload/upfile_9883924_1484250596.jpg
46 KB
46 KB
Image
General
Full URL
https://qzone.qq.com/gy/upload/upfile_9883924_1484250596.jpg
Requested by
Host: www.vaiit.com
URL: http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.113 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWSs /
Resource Hash
5240571c0b528363da432d34fe19f681f097274ae38e6c834cafa6e148d46f81
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Referer
http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 16:21:29 GMT
x-cache-lookup
Hit From Disktank3
last-modified
Tue, 25 Jun 2019 23:22:46 GMT
server
NWSs
strict-transport-security
max-age=3600
content-type
image/jpeg
status
200
cache-control
max-age=259200
server_ip
203.205.137.113
x-nws-log-uuid
fbfaa66d-b275-4ce9-8efa-7316400c3eda
content-length
47173
expires
Thu, 30 Apr 2020 16:21:28 GMT

Redirect headers

Location
https://qzone.qq.com/gy/upload/upfile_9883924_1484250596.jpg
Date
Mon, 27 Apr 2020 16:21:27 GMT
Server
X2S_Platform
Connection
keep-alive
Content-Length
61
upfile_1125429_1485048575.jpg
qzone.qq.com/gy/upload/
Redirect Chain
  • http://qzone.qq.com/gy/upload/upfile_1125429_1485048575.jpg
  • https://qzone.qq.com/gy/upload/upfile_1125429_1485048575.jpg
13 KB
13 KB
Image
General
Full URL
https://qzone.qq.com/gy/upload/upfile_1125429_1485048575.jpg
Requested by
Host: www.vaiit.com
URL: http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.113 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWSs /
Resource Hash
c2f9b261d5fe19b2360b0da49c8cf8241992fc26de1557e21d5f320d3efa8c2d
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Referer
http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 16:21:29 GMT
x-cache-lookup
Hit From Disktank3
last-modified
Thu, 10 Oct 2019 14:24:20 GMT
server
NWSs
strict-transport-security
max-age=3600
content-type
image/jpeg
status
200
cache-control
max-age=259200
server_ip
203.205.137.113
x-nws-log-uuid
cda7f028-81e0-464a-b927-497d434a1a8d
content-length
13020
expires
Thu, 30 Apr 2020 16:21:28 GMT

Redirect headers

Location
https://qzone.qq.com/gy/upload/upfile_1125429_1485048575.jpg
Date
Mon, 27 Apr 2020 16:21:27 GMT
Server
X2S_Platform
Connection
keep-alive
Content-Length
61
upfile_8856562_1486551416.jpg
qzone.qq.com/gy/upload/
Redirect Chain
  • http://qzone.qq.com/gy/upload/upfile_8856562_1486551416.jpg
  • https://qzone.qq.com/gy/upload/upfile_8856562_1486551416.jpg
16 KB
16 KB
Image
General
Full URL
https://qzone.qq.com/gy/upload/upfile_8856562_1486551416.jpg
Requested by
Host: www.vaiit.com
URL: http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.113 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWSs /
Resource Hash
378c42c4e8c35ae83dca32995638e67c396ed555eb1fc9df03b527c96b4064fb
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Referer
http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 16:21:29 GMT
x-cache-lookup
Hit From Disktank3
last-modified
Tue, 25 Jun 2019 23:22:22 GMT
server
NWSs
strict-transport-security
max-age=3600
content-type
image/jpeg
status
200
cache-control
max-age=259200
server_ip
203.205.137.113
x-nws-log-uuid
2e4c62e1-c6db-409d-814c-5e1153731ff9
content-length
15968
expires
Thu, 30 Apr 2020 16:21:28 GMT

Redirect headers

Location
https://qzone.qq.com/gy/upload/upfile_8856562_1486551416.jpg
Date
Mon, 27 Apr 2020 16:21:27 GMT
Server
X2S_Platform
Connection
keep-alive
Content-Length
61
upfile_3277957_1488449002.jpg
qzone.qq.com/gy/upload/
Redirect Chain
  • http://qzone.qq.com/gy/upload/upfile_3277957_1488449002.jpg
  • https://qzone.qq.com/gy/upload/upfile_3277957_1488449002.jpg
20 KB
20 KB
Image
General
Full URL
https://qzone.qq.com/gy/upload/upfile_3277957_1488449002.jpg
Requested by
Host: www.vaiit.com
URL: http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.113 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWSs /
Resource Hash
b8b4e06b2028168dac8681d90ef2d91e278f6161fa09a11974e3ad5a1f7901f6
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Referer
http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 16:21:29 GMT
x-cache-lookup
Hit From Disktank3
last-modified
Tue, 17 Mar 2020 17:22:36 GMT
server
NWSs
strict-transport-security
max-age=3600
content-type
image/jpeg
status
200
cache-control
max-age=259200
server_ip
203.205.137.113
x-nws-log-uuid
72b470be-bf75-4ac0-8440-1d1032303195
content-length
20003
expires
Thu, 30 Apr 2020 16:21:28 GMT

Redirect headers

Location
https://qzone.qq.com/gy/upload/upfile_3277957_1488449002.jpg
Date
Mon, 27 Apr 2020 16:21:27 GMT
Server
X2S_Platform
Connection
keep-alive
Content-Length
61
bg_page.png
qzone.qq.com/gy/404/style/image/
15 KB
15 KB
Image
General
Full URL
https://qzone.qq.com/gy/404/style/image/bg_page.png
Requested by
Host: www.vaiit.com
URL: http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.113 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWSs /
Resource Hash
18e051f1c4adb5496ff57d31ceb70e462aee32f4be77db8259c11640426e78f7
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Referer
https://qzone.qq.com/gy/404/style/404style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 16:21:28 GMT
x-cache-lookup
Hit From Disktank3
last-modified
Sat, 01 Apr 2017 13:54:44 GMT
server
NWSs
strict-transport-security
max-age=3600
content-type
image/png
status
200
cache-control
max-age=259200
server_ip
203.205.137.113
x-nws-log-uuid
7d7efd7b-d157-4567-8792-b6b44907fb95
content-length
14998
expires
Thu, 30 Apr 2020 16:21:27 GMT
txt_title.png
qzone.qq.com/gy/404/style/image/
10 KB
11 KB
Image
General
Full URL
https://qzone.qq.com/gy/404/style/image/txt_title.png
Requested by
Host: www.vaiit.com
URL: http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.113 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWSs /
Resource Hash
e1bc99f4ba824ebcb59edbf3ed4870525b47267a94fcc8e9921d2a68668b2dec
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Referer
https://qzone.qq.com/gy/404/style/404style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 16:21:28 GMT
x-cache-lookup
Hit From Disktank3
last-modified
Sat, 01 Apr 2017 13:54:44 GMT
server
NWSs
strict-transport-security
max-age=3600
content-type
image/png
status
200
cache-control
max-age=259200
server_ip
203.205.137.113
x-nws-log-uuid
1da15a78-490a-469b-95a1-4aaa676e8f59
content-length
10650
expires
Thu, 30 Apr 2020 16:21:27 GMT
bg_corner.png
qzone.qq.com/gy/404/style/image/
2 KB
3 KB
Image
General
Full URL
https://qzone.qq.com/gy/404/style/image/bg_corner.png
Requested by
Host: www.vaiit.com
URL: http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.113 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWSs /
Resource Hash
6698c243f014777a8ac58264a8f2f899dc8d71c0e3aa32103ef5149c40cc86e4
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Referer
https://qzone.qq.com/gy/404/style/404style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 16:21:28 GMT
x-cache-lookup
Hit From Disktank3
last-modified
Sat, 01 Apr 2017 13:54:45 GMT
server
NWSs
strict-transport-security
max-age=3600
content-type
image/png
status
200
cache-control
max-age=259200
server_ip
203.205.137.113
x-nws-log-uuid
939cc738-65e5-409e-9f46-7099936f94b2
content-length
2371
expires
Thu, 30 Apr 2020 16:21:27 GMT
pingd
pingfore.qq.com/
0
113 B
Image
General
Full URL
http://pingfore.qq.com/pingd?cc=-&ct=-&java=1&lang=-&pf=-&scl=-&scr=-&tt=-&tz=-8&vs=3.3&dm=hat.qzone.qq.com&url=/gy/lostchild/www_vaiit.com&rdm=-&rurl=/&arg=&flash=&pgv_pvid=3091897104&sds=0.7624055282703754
Protocol
HTTP/1.1
Server
203.205.239.168 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.vaiit.com/pee2......../PvqDq929BSx_A_D_M1n_a.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 27 Apr 2020 16:21:33 GMT
Transfer-Encoding
chunked

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| _base object| jsondata object| QZONE function| imagezoom function| _Callback function| share function| toThis function| template object| QZFL object| TCISD

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

boss.qzone.qq.com
pingfore.qq.com
qzone.qq.com
qzonestyle.gtimg.cn
vaiit.com
www.qq.com
www.vaiit.com
107.163.153.45
203.205.136.105
203.205.137.113
203.205.239.168
203.205.254.103
2a02:26f0:10c:288::180c
18e051f1c4adb5496ff57d31ceb70e462aee32f4be77db8259c11640426e78f7
29a7113eec2a48cc19aecef9ff3f85cc51410fcd0ea147e36ae94a17f8ea3d1c
378c42c4e8c35ae83dca32995638e67c396ed555eb1fc9df03b527c96b4064fb
3e09ae67b0bbfe1b6baa0d067d7bc67d8604449bf240818b2bf7ed284e640dd1
3e113816ec35c2135dd04cdd4b0f943110baca70fdfed358116fc331ca946979
5240571c0b528363da432d34fe19f681f097274ae38e6c834cafa6e148d46f81
5e985892f223d8e998337b6b15ce02e084e6255ef7fdcaf1d5a05ca5d30a1457
6698c243f014777a8ac58264a8f2f899dc8d71c0e3aa32103ef5149c40cc86e4
ae69c2003554ee506b6aaf77e4eb3793fa1772e50a937df138eab0ee53761935
b8b4e06b2028168dac8681d90ef2d91e278f6161fa09a11974e3ad5a1f7901f6
ba60da82fea2d895e0a8d16aa63ff79ebf074df3b68eda1c6065ca9d6586931c
bcbf5e77a3a5842dfe5d92ff0fea8d265bd9a1ad2a457de3dd9c4470751c4b7f
c2f9b261d5fe19b2360b0da49c8cf8241992fc26de1557e21d5f320d3efa8c2d
c6c918417af87325a552b18c5e0e6169a3ebc31a1fcf5c2ac70792aca8812b2c
c8fe9b8318d7ea01c9fa8f22b8386a7e28717d8359f2b1c9f7a4794c85b2476a
d478d507bb67eaf166fc657e9af6225abd183d7e4e63c916f24ff0d749c8f33d
e1bc99f4ba824ebcb59edbf3ed4870525b47267a94fcc8e9921d2a68668b2dec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855