aavfh.qiongrens.com Open in urlscan Pro
154.23.218.181 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://aavfh.qiongrens.com/
Submission: On July 17 via api (July 17th 2024, 7:50:15 am UTC) from US — Scanned from DE

Summary HTTP 21 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 7 domains to perform 21 HTTP transactions. The main IP is 154.23.218.181, located in Hong Kong, Hong Kong and belongs to SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG. The main domain is aavfh.qiongrens.com.
TLS certificate: Issued by R10 on July 17th 2024. Valid for: 3 months.

This is the only time aavfh.qiongrens.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	154.23.218.181 154.23.218.181	140224 (SGPL-AS-A...) (SGPL-AS-AP STARCLOUD GLOBAL PTE.)
2	47.238.34.86 47.238.34.86	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
2	111.45.3.198 111.45.3.198	56040 (CMNET-GUA...) (CMNET-GUANGDONG-AP China Mobile communications corporation)
1 2	52.27.33.250 52.27.33.250	16509 (AMAZON-02) (AMAZON-02)
21	5

12 154.23.218.181 (Hong Kong, Hong Kong)

ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG)

aavfh.qiongrens.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.238.34.86 (Hong Kong, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

tj.comkonyukhiv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 111.45.3.198 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.27.33.250 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-33-250.us-west-2.compute.amazonaws.com

oregonstate.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	qiongrens.com aavfh.qiongrens.com	16 KB
2	oregonstate.edu 1 redirects oregonstate.edu — Cisco Umbrella Rank: 135577	26 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8226	12 KB
2	comkonyukhiv.com tj.comkonyukhiv.com	822 B
0	xxjsql.com Failed www.xxjsql.com Failed
0	google-analytics.com Failed www.google-analytics.com Failed
0	googleapis.com Failed fonts.googleapis.com Failed
21	7

	Domain	Requested by
12	aavfh.qiongrens.com	aavfh.qiongrens.com
2	oregonstate.edu	1 redirects aavfh.qiongrens.com
2	hm.baidu.com	tj.comkonyukhiv.com aavfh.qiongrens.com
2	tj.comkonyukhiv.com	aavfh.qiongrens.com tj.comkonyukhiv.com
0	www.xxjsql.com Failed	tj.comkonyukhiv.com
0	www.google-analytics.com Failed	aavfh.qiongrens.com
0	fonts.googleapis.com Failed	client
21	7

This site contains links to these domains. Also see Links.

Domain
urbit.qiongrens.com
enxwo.qiongrens.com
tvljg.qiongrens.com
rfokl.qiongrens.com
tnaio.qiongrens.com
qnxnc.qiongrens.com
ujhfh.qiongrens.com
cjpff.qiongrens.com

Subject Issuer	Validity	Valid
uoxnv.qiongrens.com R10	`2024-07-17` - `2024-10-15`	3 months	crt.sh
tj.comkonyukhiv.com R3	`2024-05-23` - `2024-08-21`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2024-07-08` - `2025-08-09`	a year	crt.sh

This page contains 2 frames:

Frame: https://www.xxjsql.com/tg.php?t=ddz&id=gjbj
Frame ID: CE4C16557CCDBC7994878C9C92D5CAC9
Requests: 20 HTTP requests in this frame

Frame: https://tj.comkonyukhiv.com/
Frame ID: CF32CF480A7C5A8157E6BEF22423BE01
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

苹果手机登录谷歌

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

21
Requests

76 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

5
IPs

3
Countries

54 kB
Transfer

115 kB
Size

4
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://urbit.qiongrens.com/
Title: 手机连外网搭梯子加速软件

Search URL Search Domain Scan URL

URL: http://enxwo.qiongrens.com/
Title: 免费梯子电脑版

Search URL Search Domain Scan URL

URL: http://tvljg.qiongrens.com/
Title: sub网络加速器官方下载

Search URL Search Domain Scan URL

URL: http://rfokl.qiongrens.com/
Title: 老王vqn加速器官网

Search URL Search Domain Scan URL

URL: http://tnaio.qiongrens.com/
Title: 佛跳墙永久免费官网下载

Search URL Search Domain Scan URL

URL: http://qnxnc.qiongrens.com/
Title: surf VP 下载安卓

Search URL Search Domain Scan URL

URL: http://ujhfh.qiongrens.com/
Title: 奈飞加速器

Search URL Search Domain Scan URL

URL: http://cjpff.qiongrens.com/
Title: ip代理app

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://oregonstate.edu/themes/osu/drupal8-osuhomepage/assets/images/repeatable-treeline.png HTTP 301
https://oregonstate.edu/themes/osu/homepage/assets/images/repeatable-treeline.png

Request Chain 19

https://xxjsq.info/gjbj HTTP 301
https://www.xxjsql.com/tg.php?t=ddz&id=gjbj

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
aavfh.qiongrens.com/ 60 KB
16 KB 1073ms
523ms Document
text/html 154.23.218.181
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL: https://aavfh.qiongrens.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.23.218.181 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: nginx / PHP/7.3.33
Resource Hash: 4c186880a1effed795f52c47de3f815af85ad7bdbecf1f20b65e17fd0a2d0990

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 17 Jul 2024 07:50:09 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.3.33

GET
H2 404 jquery-ui.min.css
aavfh.qiongrens.com/web/jquery/css/ 0
0 254ms
253ms Stylesheet
text/html 154.23.218.181
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL: https://aavfh.qiongrens.com/web/jquery/css/jquery-ui.min.css?2695
Requested by: Host: aavfh.qiongrens.com
URL: https://aavfh.qiongrens.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.23.218.181 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: nginx / PHP/7.3.33
Resource Hash

Request headers

Referer: https://aavfh.qiongrens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 07:50:10 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 404 font-awesome.min.css
aavfh.qiongrens.com/web/font-awesome/4.7.0/css/ 0
0 253ms
252ms Stylesheet
text/html 154.23.218.181
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL: https://aavfh.qiongrens.com/web/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: aavfh.qiongrens.com
URL: https://aavfh.qiongrens.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.23.218.181 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: nginx / PHP/7.3.33
Resource Hash

Request headers

Referer: https://aavfh.qiongrens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 07:50:10 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 404 lg-public.min.css
aavfh.qiongrens.com/web/css2.2.3/ 0
0 263ms
262ms Stylesheet
text/html 154.23.218.181
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL: https://aavfh.qiongrens.com/web/css2.2.3/lg-public.min.css
Requested by: Host: aavfh.qiongrens.com
URL: https://aavfh.qiongrens.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.23.218.181 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: nginx / PHP/7.3.33
Resource Hash

Request headers

Referer: https://aavfh.qiongrens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 07:50:10 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 404 1.12.1_jquery.min.js
aavfh.qiongrens.com/web/jquery/js/ 0
0 264ms
263ms Script
text/html 154.23.218.181
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL: https://aavfh.qiongrens.com/web/jquery/js/1.12.1_jquery.min.js
Requested by: Host: aavfh.qiongrens.com
URL: https://aavfh.qiongrens.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.23.218.181 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: nginx / PHP/7.3.33
Resource Hash

Request headers

Referer: https://aavfh.qiongrens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 07:50:10 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 404 lg-public.min.js
aavfh.qiongrens.com/web/js2.2.3/ 0
0 262ms
262ms Script
text/html 154.23.218.181
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL: https://aavfh.qiongrens.com/web/js2.2.3/lg-public.min.js
Requested by: Host: aavfh.qiongrens.com
URL: https://aavfh.qiongrens.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.23.218.181 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: nginx / PHP/7.3.33
Resource Hash

Request headers

Referer: https://aavfh.qiongrens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 07:50:10 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 404 sa.min.js
aavfh.qiongrens.com/web/js/ 0
0 263ms
263ms Script
text/html 154.23.218.181
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL: https://aavfh.qiongrens.com/web/js/sa.min.js?3116
Requested by: Host: aavfh.qiongrens.com
URL: https://aavfh.qiongrens.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.23.218.181 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: nginx / PHP/7.3.33
Resource Hash

Request headers

Referer: https://aavfh.qiongrens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 07:50:10 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 tongji20.js Show response
tj.comkonyukhiv.com/static/js/ 1 KB
822 B 1000ms
320ms Script
text/plain 47.238.34.86
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://tj.comkonyukhiv.com/static/js/tongji20.js
Requested by: Host: aavfh.qiongrens.com
URL: https://aavfh.qiongrens.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.238.34.86 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx / PHP/7.3.33
Resource Hash: 7a46d7157e4eacb90c20a3817c98a1cd160e6bd2d8ca1dcfde8c1ef2196c48f9

Request headers

Referer: https://aavfh.qiongrens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 07:50:10 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
content-type: text/plain;charset=utf-8

GET
H2 404 tongji.js
aavfh.qiongrens.com/ 0
0 265ms
264ms Script
text/html 154.23.218.181
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL: https://aavfh.qiongrens.com/tongji.js?s=8228
Requested by: Host: aavfh.qiongrens.com
URL: https://aavfh.qiongrens.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.23.218.181 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: nginx / PHP/7.3.33
Resource Hash

Request headers

Referer: https://aavfh.qiongrens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 07:50:10 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 404 logo.svg
aavfh.qiongrens.com/themes/osu/homepage/ 15 B
15 B 265ms
264ms Image
text/html 154.23.218.181
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aavfh.qiongrens.com/themes/osu/homepage/logo.svg
Requested by: Host: aavfh.qiongrens.com
URL: https://aavfh.qiongrens.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.23.218.181 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: nginx / PHP/7.3.33
Resource Hash: dc20cc83aa4a7b4bfa9bae8f4d31f72e3bbafa163d96d9414e0c7daed78dda37

Request headers

Referer: https://aavfh.qiongrens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 07:50:10 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 404 by-nc.png
aavfh.qiongrens.com/sites/default/files/ 15 B
15 B 265ms
265ms Image
text/html 154.23.218.181
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aavfh.qiongrens.com/sites/default/files/by-nc.png
Requested by: Host: aavfh.qiongrens.com
URL: https://aavfh.qiongrens.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.23.218.181 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: nginx / PHP/7.3.33
Resource Hash: dc20cc83aa4a7b4bfa9bae8f4d31f72e3bbafa163d96d9414e0c7daed78dda37

Request headers

Referer: https://aavfh.qiongrens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 07:50:10 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 404 fdlp-emblem-color.png
aavfh.qiongrens.com/sites/default/files/ 15 B
15 B 255ms
255ms Image
text/html 154.23.218.181
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aavfh.qiongrens.com/sites/default/files/fdlp-emblem-color.png
Requested by: Host: aavfh.qiongrens.com
URL: https://aavfh.qiongrens.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.23.218.181 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: nginx / PHP/7.3.33
Resource Hash: dc20cc83aa4a7b4bfa9bae8f4d31f72e3bbafa163d96d9414e0c7daed78dda37

Request headers

Referer: https://aavfh.qiongrens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 07:50:10 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET jquery-ui.min.js
aavfh.qiongrens.com/ui/1.12.1/ 0
0

GET css
fonts.googleapis.com/ 0
0

GET analytics.js
www.google-analytics.com/ 0
0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 759ms
303ms Script
application/javascript 111.45.3.198
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?1316b0e431465639b7a15896d29773db

Requested by

Host: tj.comkonyukhiv.com
URL: https://tj.comkonyukhiv.com/static/js/tongji20.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

e45ce50e40e6d02ce50a55e0cf05466626b0d13a131cab3dc85f2e6e7fb1b8e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: https://aavfh.qiongrens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 17 Jul 2024 07:50:11 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: b138c7662cfea74cf4986d53849acf5c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11292

GET
H2 200 /
tj.comkonyukhiv.com/ Frame CF32 0
0 738ms
246ms Document
text/html 47.238.34.86
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://tj.comkonyukhiv.com/
Requested by: Host: tj.comkonyukhiv.com
URL: https://tj.comkonyukhiv.com/static/js/tongji20.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.238.34.86 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://aavfh.qiongrens.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 609
content-type: text/html
date: Wed, 17 Jul 2024 07:50:11 GMT
etag: "642fc077-261"
last-modified: Fri, 07 Apr 2023 07:04:23 GMT
server: nginx

GET
H2

200

repeatable-treeline.png
oregonstate.edu/themes/osu/homepage/assets/images/
Redirect Chain

https://oregonstate.edu/themes/osu/drupal8-osuhomepage/assets/images/repeatable-treeline.png
https://oregonstate.edu/themes/osu/homepage/assets/images/repeatable-treeline.png

25 KB
25 KB

358ms
358ms

Image
image/png

52.27.33.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oregonstate.edu/themes/osu/homepage/assets/images/repeatable-treeline.png

Requested by

Host: aavfh.qiongrens.com
URL: https://aavfh.qiongrens.com/

Protocol

Server

52.27.33.250 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-33-250.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

02076afba4c49e3fb139704e89624a82e323d1290939ea77a63b80baa7b52ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://aavfh.qiongrens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: Sat, 31 May 2025 06:35:41 GMT
date: Wed, 17 Jul 2024 07:50:11 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Thu, 16 May 2024 17:04:22 GMT
server: nginx
age: 4065270
x-cache: HIT
content-type: image/png
cache-control: max-age=31536000
x-ah-environment: prod
accept-ranges: bytes
content-length: 25398
x-request-id: v-004d01e8-1f18-11ef-8df9-bb9b30ddab0d
x-cache-hits: 44242

Redirect headers

expires: Sat, 31 May 2025 06:35:41 GMT
date: Wed, 17 Jul 2024 07:50:11 GMT
via: varnish
x-content-type-options: nosniff
server: nginx
age: 4065270
x-cache: HIT
content-type: text/html; charset=iso-8859-1
location: http://oregonstate.edu/themes/osu/homepage/assets/images/repeatable-treeline.png
cache-control: max-age=31536000
content-length: 288
x-request-id: v-0043e608-1f18-11ef-b0a6-674f84e69456
x-cache-hits: 46296

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 311ms
311ms Image
image/gif 111.45.3.198
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?hca=FB3C45289330BB68&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=1945379200&si=1316b0e431465639b7a15896d29773db&v=1.3.2&lv=1&sn=56907&r=0&ww=1600&u=https%3A%2F%2Faavfh.qiongrens.com%2F&tt=%E8%8B%B9%E6%9E%9C%E6%89%8B%E6%9C%BA%E7%99%BB%E5%BD%95%E8%B0%B7%E6%AD%8C

Requested by

Host: aavfh.qiongrens.com
URL: https://aavfh.qiongrens.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: https://aavfh.qiongrens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Jul 2024 07:50:12 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 404 favicon.ico
aavfh.qiongrens.com/ 15 B
154 B 253ms
253ms Other
text/html 154.23.218.181
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL: https://aavfh.qiongrens.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.23.218.181 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: nginx / PHP/7.3.33
Resource Hash: dc20cc83aa4a7b4bfa9bae8f4d31f72e3bbafa163d96d9414e0c7daed78dda37

Request headers

Referer: https://aavfh.qiongrens.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 07:50:12 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET

tg.php
www.xxjsql.com/
Redirect Chain

https://xxjsq.info/gjbj
https://www.xxjsql.com/tg.php?t=ddz&id=gjbj

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: aavfh.qiongrens.com
URL: http://aavfh.qiongrens.com/ui/1.12.1/jquery-ui.min.js

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans

Domain: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Domain: www.xxjsql.com
URL: https://www.xxjsql.com/tg.php?t=ddz&id=gjbj

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-21 07:42:42	Name: HMACCOUNT_BFESS Value: FB3C45289330BB68
.aavfh.qiongrens.com/	1970-01-21 06:52:18	Name: Hm_lvt_1316b0e431465639b7a15896d29773db Value: 1721202612
.aavfh.qiongrens.com/	1969-12-31 23:59:59	Name: Hm_lpvt_1316b0e431465639b7a15896d29773db Value: 1721202612
.aavfh.qiongrens.com/	1969-12-31 23:59:59	Name: HMACCOUNT Value: FB3C45289330BB68

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://aavfh.qiongrens.com/ Message: Mixed Content: The page at 'https://aavfh.qiongrens.com/' was loaded over HTTPS, but requested an insecure element 'http://aavfh.qiongrens.com/themes/osu/homepage/logo.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://aavfh.qiongrens.com/ Message: Mixed Content: The page at 'https://aavfh.qiongrens.com/' was loaded over HTTPS, but requested an insecure element 'http://aavfh.qiongrens.com/sites/default/files/by-nc.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://aavfh.qiongrens.com/ Message: Mixed Content: The page at 'https://aavfh.qiongrens.com/' was loaded over HTTPS, but requested an insecure element 'http://aavfh.qiongrens.com/sites/default/files/fdlp-emblem-color.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://aavfh.qiongrens.com/web/font-awesome/4.7.0/css/font-awesome.min.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aavfh.qiongrens.com/web/jquery/css/jquery-ui.min.css?2695 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aavfh.qiongrens.com/web/js2.2.3/lg-public.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aavfh.qiongrens.com/web/css2.2.3/lg-public.min.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aavfh.qiongrens.com/web/jquery/js/1.12.1_jquery.min.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://aavfh.qiongrens.com/ Message: Mixed Content: The page at 'https://aavfh.qiongrens.com/' was loaded over HTTPS, but requested an insecure script 'http://aavfh.qiongrens.com/ui/1.12.1/jquery-ui.min.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://aavfh.qiongrens.com/(Line 725) Message: Mixed Content: The page at 'https://aavfh.qiongrens.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://aavfh.qiongrens.com/(Line 1007) Message: Mixed Content: The page at 'https://aavfh.qiongrens.com/' was loaded over HTTPS, but requested an insecure script 'http://www.google-analytics.com/analytics.js'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://aavfh.qiongrens.com/themes/osu/homepage/logo.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aavfh.qiongrens.com/sites/default/files/by-nc.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aavfh.qiongrens.com/tongji.js?s=8228 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aavfh.qiongrens.com/web/js/sa.min.js?3116 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aavfh.qiongrens.com/sites/default/files/fdlp-emblem-color.png Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://aavfh.qiongrens.com/(Line 1361) Message: Mixed Content: The page at 'https://aavfh.qiongrens.com/' was loaded over HTTPS, but requested an insecure element 'http://aavfh.qiongrens.com/themes/osu/homepage/logo.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://aavfh.qiongrens.com/(Line 1361) Message: Mixed Content: The page at 'https://aavfh.qiongrens.com/' was loaded over HTTPS, but requested an insecure element 'http://aavfh.qiongrens.com/sites/default/files/by-nc.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://aavfh.qiongrens.com/(Line 1361) Message: Mixed Content: The page at 'https://aavfh.qiongrens.com/' was loaded over HTTPS, but requested an insecure element 'http://aavfh.qiongrens.com/sites/default/files/fdlp-emblem-color.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://aavfh.qiongrens.com/ Message: Mixed Content: The page at 'https://aavfh.qiongrens.com/' was loaded over HTTPS, but requested an insecure element 'http://oregonstate.edu/themes/osu/drupal8-osuhomepage/assets/images/repeatable-treeline.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://aavfh.qiongrens.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aavfh.qiongrens.com
fonts.googleapis.com
hm.baidu.com
oregonstate.edu
tj.comkonyukhiv.com
www.google-analytics.com
www.xxjsql.com
aavfh.qiongrens.com
fonts.googleapis.com
www.google-analytics.com
www.xxjsql.com
111.45.3.198
154.23.218.181
47.238.34.86
52.27.33.250
02076afba4c49e3fb139704e89624a82e323d1290939ea77a63b80baa7b52ebc
4c186880a1effed795f52c47de3f815af85ad7bdbecf1f20b65e17fd0a2d0990
7a46d7157e4eacb90c20a3817c98a1cd160e6bd2d8ca1dcfde8c1ef2196c48f9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dc20cc83aa4a7b4bfa9bae8f4d31f72e3bbafa163d96d9414e0c7daed78dda37
e45ce50e40e6d02ce50a55e0cf05466626b0d13a131cab3dc85f2e6e7fb1b8e6

aavfh.qiongrens.com Open in urlscan Pro 154.23.218.181 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

21 Requests

76 %HTTPS

0 %IPv6

7 Domains

7 Subdomains

5 IPs

3 Countries

54 kBTransfer

115 kBSize

4 Cookies

8 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

4 Cookies

21 Console Messages

Indicators

aavfh.qiongrens.com Open in urlscan Pro
154.23.218.181 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

76 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

5
IPs

3
Countries

54 kB
Transfer

115 kB
Size

4
Cookies

21 HTTP transactions
0 data transactions