urlscan.io logo urlscan.io
SecurityTrails logo

www.onoedu.com Open in urlscan Pro
154.80.249.35  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.onoedu.com/
Submission: On September 03 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 43 HTTP transactions. The main IP is 154.80.249.35, located in Johannesburg, South Africa and belongs to DXTL-HK DXTL Tseung Kwan O Service, HK. The main domain is www.onoedu.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 2nd 2020. Valid for: 3 months.
This is the only time www.onoedu.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bet365 (Entertainment)

Domain & IP information

IP Address AS Autonomous System
38 154.80.249.35 134548 (DXTL-HK D...)
4 103.235.46.191 55967 (BAIDU Bei...)
1 170.178.164.94 46844 (ST-BGP)
43 3
Apex Domain
Subdomains		 Transfer
38 onoedu.com
www.onoedu.com
591 KB
4 baidu.com
hm.baidu.com
29 KB
1 bjilife.com
www.bjilife.com
43 3
Domain Requested by
38 www.onoedu.com www.onoedu.com
4 hm.baidu.com www.onoedu.com
1 www.bjilife.com www.onoedu.com
43 3

This site contains links to these domains. Also see Links.

Domain
www.baodu.com
www.so.com
www.sogou.com
m.sm.cn
Subject Issuer Validity Valid
onoedu.com
Let's Encrypt Authority X3		 2020-08-02 -
2020-10-31		 3 months crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-04-02 -
2021-07-26		 a year crt.sh
bjilife.com
TrustAsia TLS RSA CA		 2020-02-04 -
2021-02-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.onoedu.com/
Frame ID: 68AB31BA3D54899AE6AFAA9BAF0A7EFC
Requests: 42 HTTP requests in this frame

Frame: https://www.bjilife.com/as/index.html
Frame ID: 2F503F9570B515D9F78E72D1AB6A61D4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

43
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

620 kB
Transfer

817 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.onoedu.com/ 		29 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d2b5bac1e79dbb7132949086b1725c9c73941c65067ca0187ebe7c093ae9d9a1

Request headers

Host
www.onoedu.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Fri, 06 Dec 2019 06:08:09 GMT
Accept-Ranges
bytes
ETag
"806a5988fbabd51:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Date
Thu, 03 Sep 2020 05:47:46 GMT
Content-Length
7807
load.js
www.onoedu.com/templets/zgjy/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onoedu.com/templets/zgjy/js/load.js
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0028cce19869eb28551be3971e8942fe9984a4b985a16695a3bada2d7016b0d3

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 07:46:15 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"6adb7f873540d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1372
tea.js
www.onoedu.com/templets/zgjy/js/ 		50 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onoedu.com/templets/zgjy/js/tea.js
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
bfc516495768a1b5cfcb15b028b533f412fd609d634587cf16b640a48c5b6b93

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 07:46:24 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"5a81518d3540d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
19853
mt.js
www.onoedu.com/templets/zgjy/js/ 		43 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onoedu.com/templets/zgjy/js/mt.js
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
698c90a455f2f5ef54379f84b0a4d62574f0ec6cae99552446f76e3167d64b9d

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 12:49:58 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"5bd289f55f40d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
25678
15080114L1.css
www.onoedu.com/templets/zgjy/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onoedu.com/templets/zgjy/css/15080114L1.css
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d0daba5baabf1822e880017cd8e9f4434c9df20ed990159b063c7c9b5333b07f

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 08:24:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"ead547d93a40d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1655
15080114L1.js
www.onoedu.com/templets/zgjy/js/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onoedu.com/templets/zgjy/js/15080114L1.js
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ae69d33d315b63e5a65205bfc58721d583c1cdacbd0bec2c7828db8d6f02f894

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 07:44:50 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"b5c3f0543540d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5139
160630138L1.css
www.onoedu.com/templets/zgjy/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onoedu.com/templets/zgjy/css/160630138L1.css
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4ac79817fea8487bfbe66c7838fe19ecddf220e4ca3ea8f96f2a19dbea0751cb

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 08:24:46 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"8fcb39e93a40d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1026
logodiv.css
www.onoedu.com/templets/zgjy/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onoedu.com/templets/zgjy/css/logodiv.css
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1daf9bdbfc1a0d61fa92739c01890a7a667e8e088b365e3cf118e7c53e48955b

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 08:25:44 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"7273cfb3b40d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
889
footer.css
www.onoedu.com/templets/zgjy/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onoedu.com/templets/zgjy/css/footer.css
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f367b853e544d9f6a04ce1d94fbdc31bc2dc59afed9bd7db8b9d68503bd4f8eb

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 11:55:40 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"6238465f5840d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1082
mt.css
www.onoedu.com/templets/zgjy/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onoedu.com/templets/zgjy/css/mt.css
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ca7beb2d6c0a787f74560044cc81e0dec65774e64760503141a486fc2833b150

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 08:26:36 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"a592932a3b40d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1617
160630138L1.js
www.onoedu.com/templets/zgjy/js/ 		413 B
621 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onoedu.com/templets/zgjy/js/160630138L1.js
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8e24c8371492aec50c7e163ebe5305fd854001a9e9329e1c9abda6921560091c

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 13:07:19 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"daffd3616240d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
314
jquery-1.11.1.min.js
www.onoedu.com/templets/zgjy/js/ 		94 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onoedu.com/templets/zgjy/js/jquery-1.11.1.min.js
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 07:46:08 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"beff48833540d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
42752
jquery2019.1.1.js
www.onoedu.com/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onoedu.com/js/jquery2019.1.1.js
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7648bd41bbdca1ee2de48694e73bd2fba80fe1f90e9b9657dc6ca4e82381b7df

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:48 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Mar 2019 10:37:29 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"ff4e86a64e1d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1118
160330152.png
www.onoedu.com/templets/zgjy/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onoedu.com/templets/zgjy/images/160330152.png
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8292e6cdcf764e3bfa96dfed7fe92aa449becf36f43d808d32a4499c6a1a35f2

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:49 GMT
Last-Modified
Thu, 30 Aug 2018 07:42:32 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"3db48323540d41:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
8608
16070042.jpg
www.onoedu.com/templets/zgjy/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onoedu.com/templets/zgjy/images/16070042.jpg
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4c6108f25d0622b9865e2394966f7d29bb137343a7381d86ec3b9c926d14a0cc

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:49 GMT
Last-Modified
Thu, 30 Aug 2018 07:42:44 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"70901aa3540d41:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
2551
jquery.flexslider-min.js
www.onoedu.com/templets/zgjy/js/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onoedu.com/templets/zgjy/js/jquery.flexslider-min.js
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8b2c3d7393c0c588c830ba08b65816fd313fc7e0095948423aaa45205196f6bf

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 07:46:11 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"55ea28853540d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
8314
15100549.jpg
www.onoedu.com/templets/zgjy/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onoedu.com/templets/zgjy/images/15100549.jpg
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
61b6aa274f56e6e39c4d9ee961300fd16b828ba4cc88ea3663f8c6a422185256

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:49 GMT
Last-Modified
Thu, 30 Aug 2018 07:42:05 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"8a79c5f23440d41:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
2057
18044570.jpg
www.onoedu.com/templets/zgjy/images/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onoedu.com/templets/zgjy/images/18044570.jpg
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
49fae3c6e07e2d4a9fb989687335612a022ee9eaa6dad51e884888d46fefe523

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:49 GMT
Last-Modified
Thu, 30 Aug 2018 07:43:40 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0cb882b3540d41:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
47502
16070225.jpg
www.onoedu.com/templets/zgjy/images/ 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onoedu.com/templets/zgjy/images/16070225.jpg
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e6f9a31dd0b2d6608b828dc91103e6317a03b9942e7ccd6f2c2cd543444a743b

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:49 GMT
Last-Modified
Thu, 30 Aug 2018 07:42:49 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"206fc5c3540d41:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
156654
171113797.png
www.onoedu.com/templets/zgjy/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onoedu.com/templets/zgjy/images/171113797.png
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2749444af3bf4c1ec0bea114ede1ca5ee1244fb8c8aa9df983cb741a5841637f

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:49 GMT
Last-Modified
Thu, 30 Aug 2018 07:43:30 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"37116c253540d41:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
15854
160630126.png
www.onoedu.com/templets/zgjy/images/ 		478 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onoedu.com/templets/zgjy/images/160630126.png
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5e9dbf3eb03a98b2d8e7e42a8ce28ccdd4798ada24092a706ab75c4bb837fafe

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:49 GMT
Last-Modified
Thu, 30 Aug 2018 07:42:40 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"aca7bf73540d41:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
478
160130097.png
www.onoedu.com/templets/zgjy/images/ 		673 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onoedu.com/templets/zgjy/images/160130097.png
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
6f52daddcf793195de96332a834bf214ab8d9f2ea2af29fde7beac3bb763a7f7

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:49 GMT
Last-Modified
Thu, 30 Aug 2018 07:42:09 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"6b702cf53440d41:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
673
160130099.png
www.onoedu.com/templets/zgjy/images/ 		944 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onoedu.com/templets/zgjy/images/160130099.png
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5b9accd8703fc23b871d9114c6af491eb3f31bbe86630fc57f326f67d6e330ad

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:49 GMT
Last-Modified
Thu, 30 Aug 2018 07:42:13 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"95c877f73440d41:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
944
160130100.png
www.onoedu.com/templets/zgjy/images/ 		778 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onoedu.com/templets/zgjy/images/160130100.png
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
11bf9cdf2bfa7a02b825254e7911aaa287a4b4a5ea571a89c3175171b14946aa

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:49 GMT
Last-Modified
Thu, 30 Aug 2018 07:42:17 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"e3e4ccf93440d41:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
778
160130101.png
www.onoedu.com/templets/zgjy/images/ 		867 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onoedu.com/templets/zgjy/images/160130101.png
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a2391d6f28c68592487d47a00e9764c547c1ba6febd1c31f26c067b7bcb392fd

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:49 GMT
Last-Modified
Thu, 30 Aug 2018 07:42:21 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"f315afc3440d41:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
867
160130103.png
www.onoedu.com/templets/zgjy/images/ 		584 B
830 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onoedu.com/templets/zgjy/images/160130103.png
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
9dbffe0e235e578de2e055b129afa8becd56120d5db0d3a267de930a787d7713

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:50 GMT
Last-Modified
Thu, 30 Aug 2018 07:42:27 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"72df1503540d41:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
584
data.js
www.onoedu.com/templets/zgjy/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onoedu.com/templets/zgjy/js/data.js
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4166396e53c37c7798740c1492cdb7193befaceab9b4fae3eb08dabfedf5b48f

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 07:45:48 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"5fd3e1773540d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1973
query_sub.js
www.onoedu.com/templets/zgjy/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onoedu.com/templets/zgjy/js/query_sub.js
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
fd1d2605fb216d81b57b4374c39e5698382f21e24acfda5db4e949105b34d519

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 07:46:22 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"d0dac18b3540d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1420
1405324458-0-lp.jpg
www.onoedu.com/uploads/allimg/191206/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onoedu.com/uploads/allimg/191206/1405324458-0-lp.jpg
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d7b38591f0838b40df2e68fb3f1e50a5125bc8fe780d08d745b7b45b5aebcb9f

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:50 GMT
Last-Modified
Fri, 06 Dec 2019 06:05:33 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"8afcc2bfbabd51:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
10286
defaultpic.gif
www.onoedu.com/images/ 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onoedu.com/images/defaultpic.gif
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
214d97ffd9ab7ad9ee102a0ed0bc93f6c234427c52d4457ed08dce7eca305fb8

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:50 GMT
Last-Modified
Sat, 26 May 2018 13:57:50 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"9679889f9f4d31:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
152728
14050C203-0-lp.jpg
www.onoedu.com/uploads/allimg/191206/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onoedu.com/uploads/allimg/191206/14050C203-0-lp.jpg
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8834a30e5a4213980d4c1309503efa618427073b0c7b2976ee6667d165fcade0

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:50 GMT
Last-Modified
Fri, 06 Dec 2019 06:05:12 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"7245fe1efbabd51:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
14590
14044313J-0-lp.jpg
www.onoedu.com/uploads/allimg/191206/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onoedu.com/uploads/allimg/191206/14044313J-0-lp.jpg
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
22ebb046f0538f49748bcdd5f9e8f685a11dbc321bda47d1632b7c8f66e397f4

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:50 GMT
Last-Modified
Fri, 06 Dec 2019 06:04:57 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"e76a2016fbabd51:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
7344
14042964F-0-lp.jpg
www.onoedu.com/uploads/allimg/191206/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onoedu.com/uploads/allimg/191206/14042964F-0-lp.jpg
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afcec1034b67aabb84722e69bebf7d7eea76d6336b7a8e6771fe9b4fe031775a

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:50 GMT
Last-Modified
Fri, 06 Dec 2019 06:04:35 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"2bc7379fbabd51:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
13993
171217035.png
www.onoedu.com/templets/zgjy/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onoedu.com/templets/zgjy/images/171217035.png
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a20583c81805fe64f7fa210851ce29754af9d25fd6aa5a3225a9557529602513

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:50 GMT
Last-Modified
Thu, 30 Aug 2018 07:43:35 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"241592283540d41:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
19256
mt.css
www.onoedu.com/tea/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onoedu.com/tea/mt.css?t=0421
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/templets/zgjy/js/mt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ca7beb2d6c0a787f74560044cc81e0dec65774e64760503141a486fc2833b150

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 08:26:36 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"a592932a3b40d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1617
progress.gif
www.onoedu.com/tea/mt/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onoedu.com/tea/mt/progress.gif
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
011f711aa3b61225f790c74c984c564c309151d714d57f95783af94d7b8b24d2

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:50 GMT
Last-Modified
Thu, 30 Aug 2018 12:53:13 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"d562ff696040d41:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
1807
hm.js
hm.baidu.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?dc1d69ab90346d48ee02f18510292577
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/templets/zgjy/js/15080114L1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
11ed551958a8243a05fd66cecee353108dbcedeb5bc817698d4ae1a8c07850d3
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:56 GMT
Content-Encoding
gzip
Server
apache
Etag
3c94f7aedd312384068633f17e850e91
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14033
hm.js
hm.baidu.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?8ffb39d40b3fce4de172245298466d21
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
eb1da2ffe750f8ee895bdd586843b0a3e9ba0b3753fdeeb2e7016089bb69bcff
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:56 GMT
Content-Encoding
gzip
Server
apache
Etag
48e21eae1ec50b4c19c9e35528626a78
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14056
index.html
www.bjilife.com/as/ Frame 2F50 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bjilife.com/as/index.html
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.178.164.94 Las Vegas, United States, ASN46844 (ST-BGP, US),
Reverse DNS
otisle.5globernatop.net
Software
Apache /
Resource Hash

Request headers

Host
www.bjilife.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.onoedu.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.onoedu.com/

Response headers

Date
Thu, 03 Sep 2020 05:40:22 GMT
Server
Apache
Last-Modified
Sun, 10 May 2020 11:10:31 GMT
ETag
"106d-5a549474eb52e"
Accept-Ranges
bytes
Content-Length
4205
Connection
close
Content-Type
text/html
submit.jpg
www.onoedu.com/templets/zgjy/images/ 		631 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onoedu.com/templets/zgjy/images/submit.jpg
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/templets/zgjy/css/logodiv.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a964a7b5d33f3e9437282926289769236455a02a88d9e2bd5c4ed7d8b172d90f

Request headers

Referer
https://www.onoedu.com/templets/zgjy/css/logodiv.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:49 GMT
Last-Modified
Thu, 30 Aug 2018 07:44:16 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"fd6a8e403540d41:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
_rc2.jpg
www.onoedu.com/templets/zgjy/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onoedu.com/templets/zgjy/images/_rc2.jpg
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
154.80.249.35 Johannesburg, South Africa, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4d6aeed1b77d290bd9f6a1afbb08a3e6c7a4441bb1fd3b98cb6aab34f5a20944

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 05:47:49 GMT
Last-Modified
Thu, 30 Aug 2018 07:41:38 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"581161e23440d41:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
13124
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=226410960&si=dc1d69ab90346d48ee02f18510292577&v=1.2.76&lv=1&sn=58078&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww.onoedu.com%2F&tt=%E6%BE%B3%E9%97%A8%E8%B5%8C%E5%9C%BA%E7%BD%91%E7%AB%99_VIP%E4%B8%93%E7%BA%BF
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Sep 2020 05:47:58 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=851482711&si=8ffb39d40b3fce4de172245298466d21&v=1.2.76&lv=1&sn=58078&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww.onoedu.com%2F&tt=%E6%BE%B3%E9%97%A8%E8%B5%8C%E5%9C%BA%E7%BD%91%E7%AB%99_VIP%E4%B8%93%E7%BA%BF
Requested by
Host: www.onoedu.com
URL: https://www.onoedu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onoedu.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Sep 2020 05:47:58 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bet365 (Entertainment)

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes boolean| http_request object| currentPos function| send_request function| processRequest function| onKeyDown function| f_login function| hs function| reloadVcode function| submitRadio function| getParameter function| isIdentifier function| isMemberid function| isEmail function| trim function| submitEmail function| submitIdentifier function| submitMemberid function| submitEqual function| submitText function| submitDate function| submitCheckbox function| submitSelect function| submitFloat function| submitInteger function| submitQuantity function| submitLength function| f_editor function| setSize function| f_max_img number| nSecsLeft number| nTimerID string| strDays string| strHours string| strMinutes string| strSeconds function| startClock function| showTime undefined| form undefined| strElapsed undefined| nProgress function| startProgress function| showProgress function| findMember function| enterMember function| leaveMember function| analytics function| insertMemberID function| sendx function| showCalendar function| move function| selectAll function| selectValue function| clearFrom function| showImg function| showSnap object| edn number| _page object| d_bg object| d_box function| dl_down function| dl_move function| dl_up function| dl_close function| showDialog function| alphaPNG function| player function| mask function| s_click function| f_init number| pageindex function| page function| override undefined| sys_menu_div object| sys_menu_arr function| sys_menu function| sys_menu_over function| sys_menu_out undefined| lights function| closelights function| openlights function| $ function| $$ function| sAlert function| Alert undefined| ms undefined| msg function| setCookie function| removeCookie function| getCookie function| _write object| popup undefined| SUG_D undefined| SUG_Q undefined| SUG_L object| _hmt undefined| hm undefined| s undefined| _toast function| fstat undefined| sn object| pt object| mt object| ua undefined| CAP function| $name function| $class number| lang object| LANG string| _mask function| f_isurl undefined| FIT function| _weak function| _check function| f_get function| _date function| da_close undefined| _nm undefined| _nmi undefined| UP_INTER function| Upload object| cook object| cookie function| attachEvent function| detachEvent string| t object| p object| SWFUpload string| HTTP_HOST object| last function| ChangeDiv function| RunGLNL function| DaysNumberofDate function| CnDateofDate function| CnYearofDate function| CnMonthofDate function| CnDayofDate function| DaysNumberofMonth function| CnEra function| CnDateofDateStr function| SolarTerm function| SetHome function| shoucang function| killerrors function| updateValidTime boolean| isInner function| jQuery string| uu number| aa string| ss object| jQuery111109589189922495729 number| flag object| dc_results_subject_list object| dc_certi_subject_list object| results_subject_list object| certi_subject_list object| query_util function| get boolean| _bdhm_loaded_dc1d69ab90346d48ee02f18510292577 object| mini_tangram_log_5nr5zm boolean| _bdhm_loaded_8ffb39d40b3fce4de172245298466d21 object| mini_tangram_log_t6u1sv

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hm.baidu.com
www.bjilife.com
www.onoedu.com
103.235.46.191
154.80.249.35
170.178.164.94
0028cce19869eb28551be3971e8942fe9984a4b985a16695a3bada2d7016b0d3
011f711aa3b61225f790c74c984c564c309151d714d57f95783af94d7b8b24d2
11bf9cdf2bfa7a02b825254e7911aaa287a4b4a5ea571a89c3175171b14946aa
11ed551958a8243a05fd66cecee353108dbcedeb5bc817698d4ae1a8c07850d3
1daf9bdbfc1a0d61fa92739c01890a7a667e8e088b365e3cf118e7c53e48955b
214d97ffd9ab7ad9ee102a0ed0bc93f6c234427c52d4457ed08dce7eca305fb8
22ebb046f0538f49748bcdd5f9e8f685a11dbc321bda47d1632b7c8f66e397f4
2749444af3bf4c1ec0bea114ede1ca5ee1244fb8c8aa9df983cb741a5841637f
4166396e53c37c7798740c1492cdb7193befaceab9b4fae3eb08dabfedf5b48f
49fae3c6e07e2d4a9fb989687335612a022ee9eaa6dad51e884888d46fefe523
4ac79817fea8487bfbe66c7838fe19ecddf220e4ca3ea8f96f2a19dbea0751cb
4c6108f25d0622b9865e2394966f7d29bb137343a7381d86ec3b9c926d14a0cc
4d6aeed1b77d290bd9f6a1afbb08a3e6c7a4441bb1fd3b98cb6aab34f5a20944
5b9accd8703fc23b871d9114c6af491eb3f31bbe86630fc57f326f67d6e330ad
5e9dbf3eb03a98b2d8e7e42a8ce28ccdd4798ada24092a706ab75c4bb837fafe
61b6aa274f56e6e39c4d9ee961300fd16b828ba4cc88ea3663f8c6a422185256
698c90a455f2f5ef54379f84b0a4d62574f0ec6cae99552446f76e3167d64b9d
6f52daddcf793195de96332a834bf214ab8d9f2ea2af29fde7beac3bb763a7f7
7648bd41bbdca1ee2de48694e73bd2fba80fe1f90e9b9657dc6ca4e82381b7df
8292e6cdcf764e3bfa96dfed7fe92aa449becf36f43d808d32a4499c6a1a35f2
8834a30e5a4213980d4c1309503efa618427073b0c7b2976ee6667d165fcade0
8b2c3d7393c0c588c830ba08b65816fd313fc7e0095948423aaa45205196f6bf
8e24c8371492aec50c7e163ebe5305fd854001a9e9329e1c9abda6921560091c
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
9dbffe0e235e578de2e055b129afa8becd56120d5db0d3a267de930a787d7713
a20583c81805fe64f7fa210851ce29754af9d25fd6aa5a3225a9557529602513
a2391d6f28c68592487d47a00e9764c547c1ba6febd1c31f26c067b7bcb392fd
a964a7b5d33f3e9437282926289769236455a02a88d9e2bd5c4ed7d8b172d90f
ae69d33d315b63e5a65205bfc58721d583c1cdacbd0bec2c7828db8d6f02f894
afcec1034b67aabb84722e69bebf7d7eea76d6336b7a8e6771fe9b4fe031775a
bfc516495768a1b5cfcb15b028b533f412fd609d634587cf16b640a48c5b6b93
ca7beb2d6c0a787f74560044cc81e0dec65774e64760503141a486fc2833b150
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0daba5baabf1822e880017cd8e9f4434c9df20ed990159b063c7c9b5333b07f
d2b5bac1e79dbb7132949086b1725c9c73941c65067ca0187ebe7c093ae9d9a1
d7b38591f0838b40df2e68fb3f1e50a5125bc8fe780d08d745b7b45b5aebcb9f
e6f9a31dd0b2d6608b828dc91103e6317a03b9942e7ccd6f2c2cd543444a743b
eb1da2ffe750f8ee895bdd586843b0a3e9ba0b3753fdeeb2e7016089bb69bcff
f367b853e544d9f6a04ce1d94fbdc31bc2dc59afed9bd7db8b9d68503bd4f8eb
fd1d2605fb216d81b57b4374c39e5698382f21e24acfda5db4e949105b34d519