h5.yike178.com - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 4 HTTP transactions. The main IP is 104.250.44.1, located in Hong Kong and belongs to KSYUNGLOBAL-AS-AP Kingsoft cloud corporation limited, HK. The main domain is h5.yike178.com.
TLS certificate: Issued by TrustAsia TLS RSA CA on February 27th 2020. Valid for: a year.

This is the only time h5.yike178.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.113.93.100 103.113.93.100	138538 (NANBIAN-C...) (NANBIAN-CN Ningbo Nanbian Tuoluo Xinxi Jishu Co.)
1	104.250.44.1 104.250.44.1	137280 (KSYUNGLOB...) (KSYUNGLOBAL-AS-AP Kingsoft cloud corporation limited)
4	3

1 103.113.93.100 (China)

ASN138538 (NANBIAN-CN Ningbo Nanbian Tuoluo Xinxi Jishu Co., Ltd, CN)

y8yp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.250.44.1 (Hong Kong)

ASN137280 (KSYUNGLOBAL-AS-AP Kingsoft cloud corporation limited, HK)

h5.yike178.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	yike178.com h5.yike178.com	3 KB
1	y8yp.com y8yp.com	457 B
0	cnzz.com Failed v1.cnzz.com Failed
4	3

	Domain	Requested by
1	h5.yike178.com	h5.yike178.com
1	y8yp.com
0	v1.cnzz.com Failed	y8yp.com
4	3

This site contains no links.

Subject Issuer	Validity	Valid
h5.yike178.com TrustAsia TLS RSA CA	`2020-02-27` - `2021-02-26`	a year	crt.sh

This page contains 1 frames:

Frame: https://h5.yike178.com/map/index.html?t=002ys_3
Frame ID: C34AC4067C25F4BDF867D58E408F3AE8
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://y8yp.com/ Page URL
https://h5.yike178.com/?t=002ys_3 Page URL

Detected technologies

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

4
Requests

25 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

3 kB
Transfer

9 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://y8yp.com/ Page URL
https://h5.yike178.com/?t=002ys_3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response y8yp.com/	267 B 457 B	3663ms 625ms	Document text/html	103.113.93.100 NANBIAN-CN Ningbo...
General Check archive.org Show headers Download Go to Full URL http://y8yp.com/ Protocol HTTP/1.1 Server 103.113.93.100 , China, ASN138538 (NANBIAN-CN Ningbo Nanbian Tuoluo Xinxi Jishu Co., Ltd, CN), Reverse DNS Software Apache/2.4.7 (CentOS) / Resource Hash `24d1f810b6cd8fd4da860e2e0c1d8ba04015b90b25d8e0b502925ff3f38169ca` Request headers Host y8yp.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server Apache/2.4.7 (CentOS) Date Mon, 09 Mar 2020 03:19:36 GMT Content-Encoding gzip Last-Modified Thu, 05 Mar 2020 21:05:37 GMT Content-Type text/html Content-Length 230 Connection keep-alive
GET		z_stat.php v1.cnzz.com/	0 0

GET H2	200	Primary Request / Show response h5.yike178.com/	9 KB 3 KB	12585ms 184ms	Document text/html	104.250.44.1 KSYUNGLOBAL-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://h5.yike178.com/?t=002ys_3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.250.44.1 , Hong Kong, ASN137280 (KSYUNGLOBAL-AS-AP Kingsoft cloud corporation limited, HK), Reverse DNS Software Tengine / Resource Hash `0c609808bade0b9e47f93492cd85354451b84df3028130298ce893e333db1d81` Request headers :method GET :authority h5.yike178.com :scheme https :path /?t=002ys_3 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer http://y8yp.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Referer http://y8yp.com/ Response headers status 200 content-type text/html content-length 2383 server Tengine etag W/"5e621892-238e" date Fri, 06 Mar 2020 09:33:46 GMT last-modified Fri, 06 Mar 2020 09:32:02 GMT expires Sun, 05 Apr 2020 09:33:46 GMT age 236775 accept-ranges bytes content-encoding gzip media-length 2383 x-cache-status HIT from KS-CLOUD-WH-MP-11-17 HIT from KS-CLOUD-LSJ-11-03 x-cdn-request-id 9e5984dd1898c713a16d4218f8ff1e42
GET		index.html h5.yike178.com/map/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: v1.cnzz.com
URL: https://v1.cnzz.com/z_stat.php?id=1278661346&web_id=1278661346

Domain: h5.yike178.com
URL: https://h5.yike178.com/map/index.html?t=002ys_3

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://h5.yike178.com/?t=002ys_3(Line 254) Message: 19-11-16 09:51

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

h5.yike178.com
v1.cnzz.com
y8yp.com
h5.yike178.com
v1.cnzz.com
103.113.93.100
104.250.44.1
0c609808bade0b9e47f93492cd85354451b84df3028130298ce893e333db1d81
24d1f810b6cd8fd4da860e2e0c1d8ba04015b90b25d8e0b502925ff3f38169ca

h5.yike178.com Open in urlscan Pro 104.250.44.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

25 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

3 kBTransfer

9 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

h5.yike178.com Open in urlscan Pro
104.250.44.1 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

25 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

3 kB
Transfer

9 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions