urlscan.io logo urlscan.io
SecurityTrails logo

www.ks12.vip Open in urlscan Pro
122.248.218.56  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tttiaa.icu/
Effective URL: https://www.ks12.vip/home
Submission: On October 30 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 6 countries across 9 domains to perform 34 HTTP transactions. The main IP is 122.248.218.56, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is www.ks12.vip.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 23rd 2020. Valid for: 3 months.
This is the only time www.ks12.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 156.242.130.12 132839 (POWERLINE...)
3 156.242.140.10 132839 (POWERLINE...)
2 103.235.46.191 55967 (BAIDU Bei...)
8 122.248.218.56 16509 (AMAZON-02)
15 42.49.13.29 4837 (CHINA169-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
34 11
1    156.242.130.12 (Johannesburg, South Africa)

ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK)
tttiaa.icu
3    156.242.140.10 (Johannesburg, South Africa)

ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK)
ks.512883.cc
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
8    122.248.218.56 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-122-248-218-56.ap-southeast-1.compute.amazonaws.com
www.ks12.vip
15    42.49.13.29 (Changsha, China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
a06frontweb.cathayfund.com
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c01::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
15 a06frontweb.cathayfund.com www.ks12.vip
a06frontweb.cathayfund.com
8 www.ks12.vip tttiaa.icu
www.ks12.vip
a06frontweb.cathayfund.com
3 ks.512883.cc tttiaa.icu
2 www.google-analytics.com www.ks12.vip
www.google-analytics.com
2 hm.baidu.com tttiaa.icu
1 www.google.de www.ks12.vip
1 www.google.com www.ks12.vip
1 stats.g.doubleclick.net www.google-analytics.com
1 tttiaa.icu
34 9

This site contains no links.

Subject Issuer Validity Valid
512883.cc
Let's Encrypt Authority X3		 2020-10-23 -
2021-01-21		 3 months crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-10-20 -
2021-07-26		 9 months crt.sh
*.ks12.vip
Let's Encrypt Authority X3		 2020-09-23 -
2020-12-22		 3 months crt.sh
*.cathayfund.com
Sectigo RSA Domain Validation Secure Server CA		 2019-06-18 -
2021-06-17		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.ks12.vip/home
Frame ID: 9B67FEF7D93915D3DDE55D7769A9EFE8
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://tttiaa.icu/ Page URL
  2. https://www.ks12.vip/home Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

34
Requests

97 %
HTTPS

50 %
IPv6

9
Domains

9
Subdomains

11
IPs

6
Countries

1473 kB
Transfer

2744 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tttiaa.icu/ Page URL
  2. https://www.ks12.vip/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
tttiaa.icu/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tttiaa.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.242.130.12 Johannesburg, South Africa, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
8c3d70921c79268f0a07496e331746ae2e23f306cf983100c506ae10d31b5dea

Request headers

:method
GET
:authority
tttiaa.icu
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx
date
Fri, 30 Oct 2020 15:32:15 GMT
content-type
text/html
last-modified
Sat, 24 Oct 2020 19:20:01 GMT
vary
Accept-Encoding
etag
W/"5f947e61-8a7"
content-encoding
gzip
mobile.css
ks.512883.cc/css/ 		1 KB
847 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ks.512883.cc/css/mobile.css
Requested by
Host: tttiaa.icu
URL: https://tttiaa.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.242.140.10 Johannesburg, South Africa, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
6f2fbb38d12a390328306621760bbaf670a2ae8d57db7fa191410436721c3941

Request headers

Referer
https://tttiaa.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 15:32:17 GMT
content-encoding
gzip
last-modified
Thu, 22 Oct 2020 23:20:08 GMT
server
nginx
etag
W/"5f9213a8-558"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=43200
expires
Sat, 31 Oct 2020 03:32:17 GMT
index.css
ks.512883.cc/css/ 		2 KB
904 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ks.512883.cc/css/index.css
Requested by
Host: tttiaa.icu
URL: https://tttiaa.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.242.140.10 Johannesburg, South Africa, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
5f4758bbe9ff44927c72343826c8c223ea463fe298cbee245eb98db180bff07f

Request headers

Referer
https://tttiaa.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 15:32:17 GMT
content-encoding
gzip
last-modified
Thu, 22 Oct 2020 23:20:07 GMT
server
nginx
etag
W/"5f9213a7-991"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=43200
expires
Sat, 31 Oct 2020 03:32:17 GMT
ks.png
ks.512883.cc/css/ 		654 KB
655 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ks.512883.cc/css/ks.png
Requested by
Host: tttiaa.icu
URL: https://tttiaa.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.242.140.10 Johannesburg, South Africa, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
9dc60264101d774a23c2b407f8f595945c69ad4ab1e5ab496255374a32f1dcf7

Request headers

Referer
https://tttiaa.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 15:32:17 GMT
last-modified
Fri, 23 Oct 2020 02:04:46 GMT
server
nginx
etag
"5f923a3e-a392f"
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
669999
expires
Sun, 29 Nov 2020 15:32:17 GMT
hm.js
hm.baidu.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?7496e29b662e44dc7b5b076946913769
Requested by
Host: tttiaa.icu
URL: https://tttiaa.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
acbc11a494c0d5a38e479ba200664d03292d5b66012dfb833b9c1f7df29109c5
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://tttiaa.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 30 Oct 2020 23:36:25 GMT
Content-Encoding
gzip
Server
apache
Etag
c5e66d97ca1aee00885a18de1dff3c03
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14037
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2060429578&si=7496e29b662e44dc7b5b076946913769&v=1.2.77&lv=1&sn=791&r=0&ww=1600&ct=!!&u=https%3A%2F%2Ftttiaa.icu%2F&tt=app%E4%B8%8B%E8%BD%BD
Requested by
Host: tttiaa.icu
URL: https://tttiaa.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://tttiaa.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 30 Oct 2020 23:36:26 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
Primary Request Cookie set home
www.ks12.vip/ 		10 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ks12.vip/home
Requested by
Host: tttiaa.icu
URL: https://tttiaa.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
122.248.218.56 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-122-248-218-56.ap-southeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
c287f2a5d65ccce0d3b0cc313e3f52cacd8fda671474c748408aa8db86858d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
www.ks12.vip
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://tttiaa.icu/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://tttiaa.icu/

Response headers

Server
openresty
Date
Fri, 30 Oct 2020 23:36:27 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 30 Oct 2020 08:52:28 GMT
Vary
Accept-Encoding
ETag
W/"5f9bd44c-28e7"
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
magic_string
178aa526b36126fd25b8d3446d0c1d25
Content-Encoding
gzip
Set-Cookie
NSC_JOsgbuwldpawnwbbws3nehecxc3lkcP=ffffffff09d416a645525d5f4f58455e445a4a423660;Version=1;Max-Age=1200;path=/;httponly
Via
sg-089-023
yunwei.js
www.ks12.vip/saconfig/secure/ 		708 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ks12.vip/saconfig/secure/yunwei.js?1604100987459
Requested by
Host: www.ks12.vip
URL: https://www.ks12.vip/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
122.248.218.56 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-122-248-218-56.ap-southeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
fe6019eeb8a092d4becbb213894d73f99a781710db97e109618c8e3109b7c69d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ks12.vip/home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

magic_string
178aa526b36126fd25b8d3446d0c1d25
Date
Fri, 30 Oct 2020 23:36:27 GMT
Via
sg-089-023
X-Content-Type-Options
nosniff
Last-Modified
Fri, 16 Oct 2020 07:24:54 GMT
Server
openresty
ETag
"5f894ac6-2c4"
Content-Type
application/javascript
CDN-Cache
MISS
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
708
X-XSS-Protection
1; mode=block
behavior.js
www.ks12.vip/cdn/A06FW/assets/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ks12.vip/cdn/A06FW/assets/js/behavior.js
Requested by
Host: www.ks12.vip
URL: https://www.ks12.vip/home
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
122.248.218.56 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-122-248-218-56.ap-southeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
b24bc3de630a7a3121b93afdcc09647a53d386ae6788d4d92f92f916b573789b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ks12.vip/home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

magic_string
178aa526b36126fd25b8d3446d0c1d25
Date
Fri, 30 Oct 2020 23:36:27 GMT
Via
sg-089-023
X-Content-Type-Options
nosniff
Last-Modified
Thu, 08 Oct 2020 10:18:13 GMT
Server
openresty
ETag
W/"5f7ee765-388f"
Vary
Accept-Encoding
Content-Type
application/javascript
CDN-Cache
MISS
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
X-XSS-Protection
1; mode=block
3s_web_detect.js
a06frontweb.cathayfund.com/cdn/A06FW/assets/js/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a06frontweb.cathayfund.com/cdn/A06FW/assets/js/3s_web_detect.js?product=A06&module=frontend_web&time=20201015
Requested by
Host: www.ks12.vip
URL: https://www.ks12.vip/home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.49.13.29 Changsha, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
8ef6618d416c63cd80c6482e218dc6665e37909da9b3836bad4e9ea9bd2b49cf

Request headers

Referer
https://www.ks12.vip/home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 23:36:28 GMT
content-encoding
gzip
last-modified
Sat, 17 Oct 2020 02:24:36 GMT
server
nginx
status
200
etag
W/"5f8a55e4-adbd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-cc-via
8_lt-hunan-shaoyang-2-cache-1[H,2]
timing-allow-origin
*
expires
Sun, 17 Oct 2021 03:47:46 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.ks12.vip
URL: https://www.ks12.vip/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ks12.vip/home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
6422
date
Fri, 30 Oct 2020 21:49:25 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Fri, 30 Oct 2020 23:49:25 GMT
chunk-vendors.130346dc.css
a06frontweb.cathayfund.com/cdn/A06FP/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a06frontweb.cathayfund.com/cdn/A06FP/css/chunk-vendors.130346dc.css
Requested by
Host: www.ks12.vip
URL: https://www.ks12.vip/home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.49.13.29 Changsha, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
352447c04d1e6daeda37f4286fc8f16ca8a8f41cbb5326c9adfe83a8a15f2a9a

Request headers

Referer
https://www.ks12.vip/home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 23:36:28 GMT
content-encoding
gzip
last-modified
Thu, 24 Sep 2020 09:16:24 GMT
server
nginx
status
200
etag
W/"5f6c63e8-4e9e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
x-cc-via
8_lt-hunan-shaoyang-2-cache-1[H,1]
timing-allow-origin
*
expires
Thu, 30 Sep 2021 16:41:44 GMT
app.39a1699b.css
a06frontweb.cathayfund.com/cdn/A06FP/css/ 		327 KB
127 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a06frontweb.cathayfund.com/cdn/A06FP/css/app.39a1699b.css
Requested by
Host: www.ks12.vip
URL: https://www.ks12.vip/home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.49.13.29 Changsha, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
750fdcd44c0114a372154525236b990bfeccb181c638f51e57a889c163f1538f

Request headers

Referer
https://www.ks12.vip/home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 23:36:28 GMT
content-encoding
gzip
last-modified
Fri, 30 Oct 2020 02:42:50 GMT
server
nginx
status
200
etag
W/"5f9b7daa-51b80"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
x-cc-via
6_lt-hunan-shaoyang-2-cache-1[H,1]
timing-allow-origin
*
expires
Sat, 30 Oct 2021 06:00:17 GMT
remove.js
a06frontweb.cathayfund.com/cdn/ 		63 B
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a06frontweb.cathayfund.com/cdn/remove.js
Requested by
Host: www.ks12.vip
URL: https://www.ks12.vip/home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.49.13.29 Changsha, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
65e177cfe778fbea2de176ed47b6d799aa3a699fe3a389d841d628e7d0e9a7c0

Request headers

Referer
https://www.ks12.vip/home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 23:36:28 GMT
last-modified
Wed, 14 Oct 2020 08:25:49 GMT
server
nginx
etag
"5f86b60d-3f"
status
200
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-cc-via
3_lt-hunan-shaoyang-2-cache-1[H,1]
accept-ranges
bytes
timing-allow-origin
*
content-length
63
expires
Thu, 14 Oct 2021 08:41:25 GMT
chunk-vendors.f85486bc.js
a06frontweb.cathayfund.com/cdn/A06FP/js/ 		735 KB
240 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a06frontweb.cathayfund.com/cdn/A06FP/js/chunk-vendors.f85486bc.js
Requested by
Host: www.ks12.vip
URL: https://www.ks12.vip/home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.49.13.29 Changsha, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
9dec2e07ef6004ba57132e774877b1f78cb67ccd6f6260f5260342ea45ff1e9e

Request headers

Referer
https://www.ks12.vip/home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 23:36:28 GMT
content-encoding
gzip
last-modified
Wed, 28 Oct 2020 02:05:24 GMT
server
nginx
status
200
etag
W/"5f98d1e4-b7ca4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-cc-via
7_lt-hunan-shaoyang-2-cache-1[H,1]
timing-allow-origin
*
expires
Fri, 29 Oct 2021 05:50:13 GMT
app.09b70a3f.js
a06frontweb.cathayfund.com/cdn/A06FP/js/ 		350 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a06frontweb.cathayfund.com/cdn/A06FP/js/app.09b70a3f.js
Requested by
Host: www.ks12.vip
URL: https://www.ks12.vip/home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.49.13.29 Changsha, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
7c58b7c403eb1e301a068d16ce9a04a4b482d28772330338b428b8ad5ee38861

Request headers

Referer
https://www.ks12.vip/home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 23:36:28 GMT
content-encoding
gzip
last-modified
Fri, 30 Oct 2020 07:37:02 GMT
server
nginx
status
200
etag
W/"5f9bc29e-57606"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-cc-via
5_lt-hunan-shaoyang-2-cache-1[H,2]
timing-allow-origin
*
expires
Sat, 30 Oct 2021 08:52:31 GMT
collect
www.google-analytics.com/j/ 		4 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=2018024172&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ks12.vip%2Fhome&dr=https%3A%2F%2Ftttiaa.icu%2F&dp=%2Fhome&ul=en-us&de=UTF-8&dt=%E5%87%AF%E6%97%B6%7CK66.COM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=698280657&gjid=1014456539&cid=970343707.1604100988&tid=UA-124272762-5&_gid=924546444.1604100988&_r=1&_slc=1&z=42154524
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ks12.vip/home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Oct 2020 23:36:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://www.ks12.vip
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-124272762-5&cid=970343707.1604100988&jid=698280657&gjid=1014456539&_gid=924546444.1604100988&_u=IEBAAEAAAAAAAC~&z=1595119509
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c01::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ks12.vip/home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 30 Oct 2020 23:36:27 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://www.ks12.vip
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-124272762-5&cid=970343707.1604100988&jid=698280657&_u=IEBAAEAAAAAAAC~&z=1019093439
Requested by
Host: www.ks12.vip
URL: https://www.ks12.vip/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ks12.vip/home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Oct 2020 23:36:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-124272762-5&cid=970343707.1604100988&jid=698280657&_u=IEBAAEAAAAAAAC~&z=1019093439
Requested by
Host: www.ks12.vip
URL: https://www.ks12.vip/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ks12.vip/home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Oct 2020 23:36:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
areaLimitV2
www.ks12.vip/_glaxy_a06_/ 		140 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ks12.vip/_glaxy_a06_/areaLimitV2
Requested by
Host: a06frontweb.cathayfund.com
URL: https://a06frontweb.cathayfund.com/cdn/A06FW/assets/js/3s_web_detect.js?product=A06&module=frontend_web&time=20201015
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
122.248.218.56 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-122-248-218-56.ap-southeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
cc68d7f81b1146c1ddba4cdedbebf4ceaa5fd5d82906d2c1d5d78f36b18dca12

Request headers

qid
e3d4d7834c06aa79471ed5e9cd491e93
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json
v
1.0.0
Accept
application/json, text/plain, */*
Referer
https://www.ks12.vip/home
appId
A06PC01
token
null
sign
3766618dc1d60c45ae8d92cce16410d7

Response headers

Date
Fri, 30 Oct 2020 23:36:30 GMT
Via
sg-089-023
Server
openresty
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
140
Access-Control-Allow-Method
*
webToken
www.ks12.vip/_glaxy_a06_/ 		380 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ks12.vip/_glaxy_a06_/webToken
Requested by
Host: a06frontweb.cathayfund.com
URL: https://a06frontweb.cathayfund.com/cdn/A06FW/assets/js/3s_web_detect.js?product=A06&module=frontend_web&time=20201015
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
122.248.218.56 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-122-248-218-56.ap-southeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
b32b41c80ef5a1c6b21e0b5467c66c18e47c1ba398bbacee218e8eaf20a23543

Request headers

qid
f5f3de4f09297a0f984393d488f2d0d4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json
v
1.0.0
Accept
application/json, text/plain, */*
Referer
https://www.ks12.vip/home
appId
A06PC01
token
null
sign
24035cd44c42f7e4cb06556978118731

Response headers

Date
Fri, 30 Oct 2020 23:36:30 GMT
Via
sg-089-023
Server
openresty
Vary
Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
380
Access-Control-Allow-Method
*
common.713fbf9e.css
a06frontweb.cathayfund.com/cdn/A06FP/css/ 		63 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a06frontweb.cathayfund.com/cdn/A06FP/css/common.713fbf9e.css
Requested by
Host: a06frontweb.cathayfund.com
URL: https://a06frontweb.cathayfund.com/cdn/A06FP/js/app.09b70a3f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.49.13.29 Changsha, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
3d3fa6022765d0e89faa3044ae060a810e008f61b5180cceba58bcafbf1568fa

Request headers

Referer
https://www.ks12.vip/home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 23:36:30 GMT
content-encoding
gzip
last-modified
Wed, 28 Oct 2020 02:05:23 GMT
server
nginx
status
200
etag
W/"5f98d1e3-fa1d"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
x-cc-via
8_lt-hunan-shaoyang-2-cache-1[H,1]
timing-allow-origin
*
expires
Fri, 29 Oct 2021 05:50:16 GMT
common.89ebf1b4.js
a06frontweb.cathayfund.com/cdn/A06FP/js/ 		368 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a06frontweb.cathayfund.com/cdn/A06FP/js/common.89ebf1b4.js
Requested by
Host: a06frontweb.cathayfund.com
URL: https://a06frontweb.cathayfund.com/cdn/A06FP/js/app.09b70a3f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.49.13.29 Changsha, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
a8e5ed385901bc42e9102e6d4ee93c8331e6e98b1aa17da10811148759fc1d20

Request headers

Referer
https://www.ks12.vip/home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 23:36:30 GMT
content-encoding
gzip
last-modified
Wed, 28 Oct 2020 02:05:24 GMT
server
nginx
status
200
etag
W/"5f98d1e4-5bfb3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-cc-via
4_lt-hunan-shaoyang-2-cache-1[H,1]
timing-allow-origin
*
expires
Fri, 29 Oct 2021 05:54:59 GMT
chunk-2725b8c9.71cbfd3b.css
a06frontweb.cathayfund.com/cdn/A06FP/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a06frontweb.cathayfund.com/cdn/A06FP/css/chunk-2725b8c9.71cbfd3b.css
Requested by
Host: a06frontweb.cathayfund.com
URL: https://a06frontweb.cathayfund.com/cdn/A06FP/js/app.09b70a3f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.49.13.29 Changsha, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
3102331bf96a72afb1af516d528b5a02f982448f7755f3be038ae54fd54ffa7c

Request headers

Referer
https://www.ks12.vip/home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 23:36:30 GMT
content-encoding
gzip
last-modified
Wed, 07 Oct 2020 06:24:31 GMT
server
nginx
status
200
etag
W/"5f7d5f1f-d66"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
x-cc-via
4_lt-hunan-shaoyang-2-cache-1[H,1]
timing-allow-origin
*
expires
Thu, 07 Oct 2021 06:56:49 GMT
chunk-2725b8c9.53bc5287.js
a06frontweb.cathayfund.com/cdn/A06FP/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a06frontweb.cathayfund.com/cdn/A06FP/js/chunk-2725b8c9.53bc5287.js
Requested by
Host: a06frontweb.cathayfund.com
URL: https://a06frontweb.cathayfund.com/cdn/A06FP/js/app.09b70a3f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.49.13.29 Changsha, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
2fdfa88a7c99b8b5351370f5a4311a3e55dce580ee17bb06e7f4031a1d9a6cb9

Request headers

Referer
https://www.ks12.vip/home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 23:36:30 GMT
content-encoding
gzip
last-modified
Wed, 28 Oct 2020 02:05:24 GMT
server
nginx
status
200
etag
W/"5f98d1e4-950"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-cc-via
7_lt-hunan-shaoyang-2-cache-1[H,1]
timing-allow-origin
*
expires
Fri, 29 Oct 2021 05:52:15 GMT
queryConstantsList
www.ks12.vip/_glaxy_a06_/_extra_/a06/ 		122 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ks12.vip/_glaxy_a06_/_extra_/a06/queryConstantsList
Requested by
Host: a06frontweb.cathayfund.com
URL: https://a06frontweb.cathayfund.com/cdn/A06FW/assets/js/3s_web_detect.js?product=A06&module=frontend_web&time=20201015
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
122.248.218.56 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-122-248-218-56.ap-southeast-1.compute.amazonaws.com
Software
openresty / PHP/7.2.33
Resource Hash
88ab6ece21c1a2545c6050563696bd9ec523247577582fcc6bda963cd975d5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

qid
5df761045a0dedb399b1ea9a186e9bf0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json
v
1.0.0
Accept
application/json, text/plain, */*
Referer
https://www.ks12.vip/home
appId
A06PC01
token
6sNvgv4wu0IZePE+I8lhxKkHsvLbAHHXD6yhcEYjJzih8qnBRbaYNBfItikUmF1VmkmPAPjJfbXFE0iIA4OuI0wc/1axPham+DA9A7JHmDRraPitF0o11w==
sign
c44b322120012ff5fc2e734f0063899f

Response headers

Date
Fri, 30 Oct 2020 23:36:30 GMT
Via
sg-089-023
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.2.33
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
pragma
no-cache
Server
openresty
X-RateLimit-Remaining
11993
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, PATCH, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Authorization, authenticated
Cache-Control
private, must-revalidate
Access-Control-Allow-Credentials
true
X-RateLimit-Limit
12000
Access-Control-Allow-Headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Authorization , Access-Control-Request-Headers, X-CSRF-TOKEN
magic_string
178aa526b36126fd25b8d3446d0c1d25
expires
-1
appDownloadIntoHead
www.ks12.vip/_glaxy_a06_/_extra_/a06/ 		122 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ks12.vip/_glaxy_a06_/_extra_/a06/appDownloadIntoHead
Requested by
Host: a06frontweb.cathayfund.com
URL: https://a06frontweb.cathayfund.com/cdn/A06FW/assets/js/3s_web_detect.js?product=A06&module=frontend_web&time=20201015
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
122.248.218.56 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-122-248-218-56.ap-southeast-1.compute.amazonaws.com
Software
openresty / PHP/7.2.33
Resource Hash
3301f8851957fe9dd07276c87b0a95b43ba4e35aaa544d1404e318474333a0b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

qid
5fb4fb0664eb69bbdd1276dfcd059ec2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json
v
1.0.0
Accept
application/json, text/plain, */*
Referer
https://www.ks12.vip/home
appId
A06PC01
token
6sNvgv4wu0IZePE+I8lhxKkHsvLbAHHXD6yhcEYjJzih8qnBRbaYNBfItikUmF1VmkmPAPjJfbXFE0iIA4OuI0wc/1axPham+DA9A7JHmDRraPitF0o11w==
sign
5b8924ac2be56a432896831be88cd7f0

Response headers

Date
Fri, 30 Oct 2020 23:36:30 GMT
Via
sg-089-023
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.2.33
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
pragma
no-cache
Server
openresty
X-RateLimit-Remaining
11996
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, PATCH, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Authorization, authenticated
Cache-Control
private, must-revalidate
Access-Control-Allow-Credentials
true
X-RateLimit-Limit
12000
Access-Control-Allow-Headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Authorization , Access-Control-Request-Headers, X-CSRF-TOKEN
magic_string
178aa526b36126fd25b8d3446d0c1d25
expires
-1
queryByKeyList
www.ks12.vip/_glaxy_a06_/_extra_/a06/ 		122 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ks12.vip/_glaxy_a06_/_extra_/a06/queryByKeyList
Requested by
Host: a06frontweb.cathayfund.com
URL: https://a06frontweb.cathayfund.com/cdn/A06FW/assets/js/3s_web_detect.js?product=A06&module=frontend_web&time=20201015
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
122.248.218.56 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-122-248-218-56.ap-southeast-1.compute.amazonaws.com
Software
openresty / PHP/7.2.33
Resource Hash
31cc9d2bf7799922e506a6f4986af3c334999eefa0bfea29dd7c9d40940027da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

qid
21c8ab184d06a69251ee101b2c2eaeae
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json
v
1.0.0
Accept
application/json, text/plain, */*
Referer
https://www.ks12.vip/home
appId
A06PC01
token
6sNvgv4wu0IZePE+I8lhxKkHsvLbAHHXD6yhcEYjJzih8qnBRbaYNBfItikUmF1VmkmPAPjJfbXFE0iIA4OuI0wc/1axPham+DA9A7JHmDRraPitF0o11w==
sign
29348f0fbdd715a337296d9ebccec172

Response headers

Date
Fri, 30 Oct 2020 23:36:31 GMT
Via
sg-089-023
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.2.33
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
pragma
no-cache
Server
openresty
X-RateLimit-Remaining
11994
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, PATCH, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Authorization, authenticated
Cache-Control
private, must-revalidate
Access-Control-Allow-Credentials
true
X-RateLimit-Limit
12000
Access-Control-Allow-Headers
Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Authorization , Access-Control-Request-Headers, X-CSRF-TOKEN
magic_string
178aa526b36126fd25b8d3446d0c1d25
expires
-1
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6f3262d2ad581d2ed2e1cf3361de5a7609b22658cd9b5adfcc179684107fea3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
error_ww.34019c0e.png
a06frontweb.cathayfund.com/cdn/A06FP/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a06frontweb.cathayfund.com/cdn/A06FP/img/error_ww.34019c0e.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.49.13.29 Changsha, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
9ca5fdf3bad2d20ce71256c2b735797e7626a637f3b7d4a375e4f4a95628eacd

Request headers

Referer
https://www.ks12.vip/home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 23:36:30 GMT
content-encoding
gzip
last-modified
Thu, 24 Sep 2020 09:16:25 GMT
server
nginx
status
200
etag
W/"5f6c63e9-10ce"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
x-cc-via
4_lt-hunan-shaoyang-2-cache-1[H,1]
timing-allow-origin
*
expires
Thu, 30 Sep 2021 16:54:38 GMT
error_lwks.af0c2d5d.png
a06frontweb.cathayfund.com/cdn/A06FP/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a06frontweb.cathayfund.com/cdn/A06FP/img/error_lwks.af0c2d5d.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.49.13.29 Changsha, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
d98b84e7dbb6ca6561b8fef2f7b0045a03208792e55476dcc77700f78ac549f2

Request headers

Referer
https://www.ks12.vip/home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 23:36:30 GMT
content-encoding
gzip
last-modified
Thu, 24 Sep 2020 09:16:25 GMT
server
nginx
status
200
etag
W/"5f6c63e9-16d5"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
x-cc-via
9_lt-hunan-shaoyang-2-cache-1[H,1]
timing-allow-origin
*
expires
Thu, 30 Sep 2021 16:54:38 GMT
kslogo.4c438b85.jpg
a06frontweb.cathayfund.com/cdn/A06FP/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a06frontweb.cathayfund.com/cdn/A06FP/img/kslogo.4c438b85.jpg
Requested by
Host: a06frontweb.cathayfund.com
URL: https://a06frontweb.cathayfund.com/cdn/A06FP/css/common.713fbf9e.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.49.13.29 Changsha, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
9c201e89f3dbdd84d2ad6988af11fe8a34ce53a5e9b845e55633f639ce9e597f

Request headers

Referer
https://a06frontweb.cathayfund.com/cdn/A06FP/css/common.713fbf9e.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 23:36:30 GMT
content-encoding
gzip
last-modified
Thu, 24 Sep 2020 09:16:25 GMT
server
nginx
status
200
etag
W/"5f6c63e9-2f78"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-cc-via
6_lt-hunan-shaoyang-2-cache-1[H,1]
timing-allow-origin
*
expires
Thu, 30 Sep 2021 16:54:38 GMT
404bg1.fa122936.jpg
a06frontweb.cathayfund.com/cdn/A06FP/img/ 		33 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a06frontweb.cathayfund.com/cdn/A06FP/img/404bg1.fa122936.jpg
Requested by
Host: a06frontweb.cathayfund.com
URL: https://a06frontweb.cathayfund.com/cdn/A06FP/css/chunk-2725b8c9.71cbfd3b.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.49.13.29 Changsha, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
3634c11e132701d6fb2c8d69c8f36462abb38a6830bfd7300818f60b15b0d2b8

Request headers

Referer
https://a06frontweb.cathayfund.com/cdn/A06FP/css/chunk-2725b8c9.71cbfd3b.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 23:36:30 GMT
content-encoding
gzip
last-modified
Thu, 24 Sep 2020 09:16:24 GMT
server
nginx
status
200
etag
W/"5f6c63e8-8457"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-cc-via
8_lt-hunan-shaoyang-2-cache-1[H,1]
timing-allow-origin
*
expires
Thu, 30 Sep 2021 16:54:38 GMT
slogan_old.bc1018cc.png
a06frontweb.cathayfund.com/cdn/A06FP/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a06frontweb.cathayfund.com/cdn/A06FP/img/slogan_old.bc1018cc.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.49.13.29 Changsha, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
9ed2e180de39087b5e9767c90f117a9a29a5712c09a6ea594f4c886c310a82d3

Request headers

Referer
https://www.ks12.vip/home
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 23:36:30 GMT
content-encoding
gzip
last-modified
Thu, 24 Sep 2020 09:16:26 GMT
server
nginx
status
200
etag
W/"5f6c63ea-13cb"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
x-cc-via
10_lt-hunan-shaoyang-2-cache-1[H,1]
timing-allow-origin
*
expires
Thu, 30 Sep 2021 16:54:38 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| yunweiConfig object| manifest function| ga boolean| isMobile undefined| page undefined| redirect undefined| href undefined| mPath undefined| palIndex undefined| queryString undefined| hashIndex undefined| ori function| create object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Behavior function| infoSkyCallback function| md5 object| THREEDATA boolean| ISACTIVE number| ThreeInitLock object| ThreeSeconds object| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill boolean| isIEBrowser boolean| isNoGoodBrowser function| JSEncrypt object| Base64 function| _

0 Cookies

8 Console Messages

Source Level URL
Text
console-api log URL: https://www.ks12.vip/home(Line 3)
Message:
1604100987458 t0
console-api log URL: https://a06frontweb.cathayfund.com/cdn/A06FW/assets/js/3s_web_detect.js?product=A06&module=frontend_web&time=20201015(Line 1)
Message:
VER_TYPE COMMON
console-api log URL: https://a06frontweb.cathayfund.com/cdn/A06FP/js/app.09b70a3f.js(Line 1)
Message:
1604100986576 nav-start
console-api log URL: https://a06frontweb.cathayfund.com/cdn/A06FP/js/app.09b70a3f.js(Line 1)
Message:
1604100990079 t2
console-api log URL: https://a06frontweb.cathayfund.com/cdn/A06FP/js/app.09b70a3f.js(Line 1)
Message:
App mounted interactive
console-api log URL: https://a06frontweb.cathayfund.com/cdn/A06FP/js/app.09b70a3f.js(Line 1)
Message:
onload start interactive
console-api log URL: https://a06frontweb.cathayfund.com/cdn/A06FW/assets/js/3s_web_detect.js?product=A06&module=frontend_web&time=20201015(Line 1)
Message:
fmp detail: [object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object] [object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object] 21
console-api log URL: https://a06frontweb.cathayfund.com/cdn/A06FW/assets/js/3s_web_detect.js?product=A06&module=frontend_web&time=20201015(Line 1)
Message:
fmpV: 4226

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a06frontweb.cathayfund.com
hm.baidu.com
ks.512883.cc
stats.g.doubleclick.net
tttiaa.icu
www.google-analytics.com
www.google.com
www.google.de
www.ks12.vip
103.235.46.191
122.248.218.56
156.242.130.12
156.242.140.10
2a00:1450:4001:80b::200e
2a00:1450:4001:816::200e
2a00:1450:4001:817::2003
2a00:1450:4001:81a::2004
2a00:1450:400c:c01::9a
42.49.13.29
2fdfa88a7c99b8b5351370f5a4311a3e55dce580ee17bb06e7f4031a1d9a6cb9
3102331bf96a72afb1af516d528b5a02f982448f7755f3be038ae54fd54ffa7c
31cc9d2bf7799922e506a6f4986af3c334999eefa0bfea29dd7c9d40940027da
3301f8851957fe9dd07276c87b0a95b43ba4e35aaa544d1404e318474333a0b9
352447c04d1e6daeda37f4286fc8f16ca8a8f41cbb5326c9adfe83a8a15f2a9a
3634c11e132701d6fb2c8d69c8f36462abb38a6830bfd7300818f60b15b0d2b8
3d3fa6022765d0e89faa3044ae060a810e008f61b5180cceba58bcafbf1568fa
5f4758bbe9ff44927c72343826c8c223ea463fe298cbee245eb98db180bff07f
65e177cfe778fbea2de176ed47b6d799aa3a699fe3a389d841d628e7d0e9a7c0
6f2fbb38d12a390328306621760bbaf670a2ae8d57db7fa191410436721c3941
750fdcd44c0114a372154525236b990bfeccb181c638f51e57a889c163f1538f
7c58b7c403eb1e301a068d16ce9a04a4b482d28772330338b428b8ad5ee38861
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88ab6ece21c1a2545c6050563696bd9ec523247577582fcc6bda963cd975d5fd
8c3d70921c79268f0a07496e331746ae2e23f306cf983100c506ae10d31b5dea
8ef6618d416c63cd80c6482e218dc6665e37909da9b3836bad4e9ea9bd2b49cf
9c201e89f3dbdd84d2ad6988af11fe8a34ce53a5e9b845e55633f639ce9e597f
9ca5fdf3bad2d20ce71256c2b735797e7626a637f3b7d4a375e4f4a95628eacd
9dc60264101d774a23c2b407f8f595945c69ad4ab1e5ab496255374a32f1dcf7
9dec2e07ef6004ba57132e774877b1f78cb67ccd6f6260f5260342ea45ff1e9e
9ed2e180de39087b5e9767c90f117a9a29a5712c09a6ea594f4c886c310a82d3
a6f3262d2ad581d2ed2e1cf3361de5a7609b22658cd9b5adfcc179684107fea3
a8e5ed385901bc42e9102e6d4ee93c8331e6e98b1aa17da10811148759fc1d20
acbc11a494c0d5a38e479ba200664d03292d5b66012dfb833b9c1f7df29109c5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b24bc3de630a7a3121b93afdcc09647a53d386ae6788d4d92f92f916b573789b
b32b41c80ef5a1c6b21e0b5467c66c18e47c1ba398bbacee218e8eaf20a23543
c287f2a5d65ccce0d3b0cc313e3f52cacd8fda671474c748408aa8db86858d64
cc68d7f81b1146c1ddba4cdedbebf4ceaa5fd5d82906d2c1d5d78f36b18dca12
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d98b84e7dbb6ca6561b8fef2f7b0045a03208792e55476dcc77700f78ac549f2
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe6019eeb8a092d4becbb213894d73f99a781710db97e109618c8e3109b7c69d