urlscan.io logo urlscan.io
SecurityTrails logo

ydschoolsb.qiyukf.net Open in urlscan Pro
2602:ffe4:c45:0:3::7f7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://5222cc.com/
Effective URL: https://ydschoolsb.qiyukf.net/dbd64d13b2ddbaf5114e68022a38114a.html?id=NTQME16li
Submission: On November 17 via api from BE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 5 HTTP transactions. The main IP is 2602:ffe4:c45:0:3::7f7, located in United States and belongs to ZEN-ECN, US. The main domain is ydschoolsb.qiyukf.net.
TLS certificate: Issued by GeoTrust G2 TLS CN RSA4096 SHA256 202... on July 5th 2024. Valid for: a year.
This is the only time ydschoolsb.qiyukf.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 23.132.184.215 138995 (ANTBOX1-A...)
1 1 59.111.160.221 45062 (NETEASE-N...)
2 2602:ffe4:c45... 21859 (ZEN-ECN)
2 27.25.152.164 148981 (CHINANET-...)
5 3
Apex Domain
Subdomains		 Transfer
2 shxnjx.cn
i.shxnjx.cn
z.shxnjx.cn
14 KB
2 qiyukf.net
ydschoolsb.qiyukf.net
2 KB
1 163.com
d.study.163.com
116 B
1 5222cc.com
5222cc.com
207 B
0 sbgxbs.cn Failed
tyjfngfdgsfg.sbgxbs.cn Failed
5 5
Domain Requested by
2 ydschoolsb.qiyukf.net
1 z.shxnjx.cn i.shxnjx.cn
1 i.shxnjx.cn ydschoolsb.qiyukf.net
1 d.study.163.com 1 redirects
1 5222cc.com 1 redirects
0 tyjfngfdgsfg.sbgxbs.cn Failed i.shxnjx.cn
5 6

This site contains no links.

Subject Issuer Validity Valid
*.qiyukf.net
GeoTrust G2 TLS CN RSA4096 SHA256 2022 CA1		 2024-07-05 -
2025-07-29		 a year crt.sh
*.shxnjx.cn
GeoSSL RSA Domain Validation Secure Server CA		 2024-06-05 -
2025-06-05		 a year crt.sh

This page contains 1 frames:

Frame: https://tyjfngfdgsfg.sbgxbs.cn/?token=YWc9N0tqJm9wPTEmY3k9MSZyZHM9ZDFIdnI
Frame ID: EBEE489BE68AE6133102CC39360FDD5E
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://5222cc.com/ HTTP 307
    https://5222cc.com/ HTTP 307
    http://5222cc.com/ HTTP 302
    https://d.study.163.com/cTFPs HTTP 302
    http://ydschoolsb.qiyukf.net/dbd64d13b2ddbaf5114e68022a38114a.html?id=NTQME16li HTTP 307
    https://ydschoolsb.qiyukf.net/dbd64d13b2ddbaf5114e68022a38114a.html?id=NTQME16li Page URL

Page Statistics

5
Requests

80 %
HTTPS

25 %
IPv6

5
Domains

6
Subdomains

3
IPs

2
Countries

16 kB
Transfer

15 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://5222cc.com/ HTTP 307
    https://5222cc.com/ HTTP 307
    http://5222cc.com/ HTTP 302
    https://d.study.163.com/cTFPs HTTP 302
    http://ydschoolsb.qiyukf.net/dbd64d13b2ddbaf5114e68022a38114a.html?id=NTQME16li HTTP 307
    https://ydschoolsb.qiyukf.net/dbd64d13b2ddbaf5114e68022a38114a.html?id=NTQME16li Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://tyjfngfdgsfg.sbgxbs.cn/?token=YWc9N0tqJm9wPTEmY3k9MSZyZHM9ZDFIdnI HTTP 307
  • https://tyjfngfdgsfg.sbgxbs.cn/?token=YWc9N0tqJm9wPTEmY3k9MSZyZHM9ZDFIdnI

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request dbd64d13b2ddbaf5114e68022a38114a.html
ydschoolsb.qiyukf.net/
Redirect Chain
  • http://5222cc.com/
  • https://5222cc.com/
  • http://5222cc.com/
  • https://d.study.163.com/cTFPs
  • http://ydschoolsb.qiyukf.net/dbd64d13b2ddbaf5114e68022a38114a.html?id=NTQME16li
  • https://ydschoolsb.qiyukf.net/dbd64d13b2ddbaf5114e68022a38114a.html?id=NTQME16li
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ydschoolsb.qiyukf.net/dbd64d13b2ddbaf5114e68022a38114a.html?id=NTQME16li
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:ffe4:c45:0:3::7f7 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
Tengine /
Resource Hash
f5e6ae429581b97719c693206ad3d782b74f90ad8c599a505dfab70e852b6194

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
38778
ali-swift-global-savetime
1731837519
cdn-ip
2602:ffe4:c45:0:3::7f7
cdn-source
Ali
cdn-user-ip
2001:550:1d05:1::10
content-disposition
inline; filename="dbd64d13b2ddbaf5114e68022a38114a.html"
content-encoding
gzip
content-length
465
content-type
application/xml;charset=UTF-8
date
Sun, 17 Nov 2024 09:58:39 GMT
eagleid
80019da817318762973064738e
last-modified
Sun, 27 Oct 2024 13:24:13 Asia/Shanghai
server
Tengine
timing-allow-origin
*
vary
Accept-Encoding
via
ens-cache8.l2hk7[1252,1251,200-0,M], ens-cache27.l2hk7[1253,0], ens-cache27.l2hk7[1254,0], cache2.jp6[0,0,200-0,H], cache20.jp6[2,0]
x-cache
HIT TCP_HIT dirn:12:32403610
x-nos-object-name
dbd64d13b2ddbaf5114e68022a38114a.html
x-nos-request-id
a9f9d7ba-456c-4e1a-9b10-a470f7737db5
x-nos-requesttype
GetObject
x-nos-storage-class
STANDARD
x-swift-cachetime
31536000
x-swift-savetime
Sun, 17 Nov 2024 09:58:39 GMT

Redirect headers

Location
https://ydschoolsb.qiyukf.net/dbd64d13b2ddbaf5114e68022a38114a.html?id=NTQME16li
Non-Authoritative-Reason
HttpsUpgrades
tb
i.shxnjx.cn/new/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.shxnjx.cn/new/tb
Requested by
Host: ydschoolsb.qiyukf.net
URL: https://ydschoolsb.qiyukf.net/dbd64d13b2ddbaf5114e68022a38114a.html?id=NTQME16li
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.25.152.164 , China, ASN148981 (CHINANET-HUBEI-SHIYAN-IDC China Telecom, CN),
Reverse DNS
Software
nginx /
Resource Hash
429a96f661ba2be951875373d286334687799637b5ab559916080f86fa99a011
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ydschoolsb.qiyukf.net/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache
etag
"66b1dc82-37a9"
accept-ranges
bytes
content-length
14249
date
Sun, 17 Nov 2024 20:45:01 GMT
content-type
application/octet-stream
last-modified
Tue, 06 Aug 2024 08:19:14 GMT
server
nginx
json.php
z.shxnjx.cn/ 		72 B
269 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://z.shxnjx.cn/json.php?id=NTQME16li
Requested by
Host: i.shxnjx.cn
URL: https://i.shxnjx.cn/new/tb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
27.25.152.164 , China, ASN148981 (CHINANET-HUBEI-SHIYAN-IDC China Telecom, CN),
Reverse DNS
Software
nginx /
Resource Hash
54aa2a7e04acbf534c5121251a2de27da62799649e6aa2d1e5106774952b587d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ydschoolsb.qiyukf.net/

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache
content-encoding
gzip
access-control-allow-origin
*
date
Sun, 17 Nov 2024 20:45:04 GMT
content-type
text/html;charset=utf-8
vary
Accept-Encoding
server
nginx
favicon.ico
ydschoolsb.qiyukf.net/ 		263 B
577 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ydschoolsb.qiyukf.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:ffe4:c45:0:3::7f7 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
Tengine /
Resource Hash
a6eb13c4982bf7bdaf4c5632066111d1ae71e9760764956629898dbd54932f6b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://ydschoolsb.qiyukf.net/dbd64d13b2ddbaf5114e68022a38114a.html?id=NTQME16li

Response headers

content-encoding
gzip
x-swift-error
orig response 4XX error
x-nos-request-id
0cd44a1f-d443-436f-a410-4223b016cf6c
cdn-user-ip
2001:550:1d05:1::10
x-cache
MISS TCP_MISS dirn:13:547043883
date
Sun, 17 Nov 2024 20:45:03 GMT
content-type
application/xml;charset=UTF-8
vary
Accept-Encoding
x-nos-requesttype
GetObject
x-swift-cachetime
1
timing-allow-origin
*
via
ens-cache10.l2hk7[1419,1419,404-1280,M], ens-cache21.l2hk7[1420,0], ens-cache21.l2hk7[1420,0], cache20.jp6[1478,1478,404-1280,M], cache20.jp6[1479,0]
ali-swift-global-savetime
1731876303
x-swift-savetime
Sun, 17 Nov 2024 20:45:03 GMT
access-control-allow-origin
*
eagleid
80019da817318763022878634e
content-length
242
cdn-source
Ali
server
Tengine
cdn-ip
2602:ffe4:c45:0:3::7f7
/
tyjfngfdgsfg.sbgxbs.cn/
Redirect Chain
  • http://tyjfngfdgsfg.sbgxbs.cn/?token=YWc9N0tqJm9wPTEmY3k9MSZyZHM9ZDFIdnI
  • https://tyjfngfdgsfg.sbgxbs.cn/?token=YWc9N0tqJm9wPTEmY3k9MSZyZHM9ZDFIdnI
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tyjfngfdgsfg.sbgxbs.cn
URL
https://tyjfngfdgsfg.sbgxbs.cn/?token=YWc9N0tqJm9wPTEmY3k9MSZyZHM9ZDFIdnI

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _0x5f54 function| _0x51f2 string| dwz string| url function| openLink function| getQueryVariable

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://ydschoolsb.qiyukf.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()