URL: https://yfsafe.yfstudio.asia/
Submission: On December 18 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 43.154.41.146, located in Central, Hong Kong and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is yfsafe.yfstudio.asia.
TLS certificate: Issued by R3 on December 18th 2022. Valid for: 3 months.
This is the only time yfsafe.yfstudio.asia was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 43.154.41.146 132203 (TENCENT-N...)
2 97.64.23.206 25820 (IT7NET)
1 5 2606:4700::68... 13335 (CLOUDFLAR...)
7 3
Apex Domain
Subdomains
Transfer
5 unpkg.com
unpkg.com — Cisco Umbrella Rank: 793
184 KB
2 ibruce.info
busuanzi.ibruce.info — Cisco Umbrella Rank: 460835
2 KB
1 yfstudio.asia
yfsafe.yfstudio.asia
2 KB
7 3
Domain Requested by
5 unpkg.com 1 redirects yfsafe.yfstudio.asia
unpkg.com
2 busuanzi.ibruce.info yfsafe.yfstudio.asia
busuanzi.ibruce.info
1 yfsafe.yfstudio.asia
7 3

This site contains links to these domains. Also see Links.

Domain
bbs.huorong.cn
Subject Issuer Validity Valid
yfsafe.yfstudio.asia
R3
2022-12-18 -
2023-03-18
3 months crt.sh
busuanzi.ibruce.info
R3
2022-10-20 -
2023-01-18
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-01 -
2023-06-01
a year crt.sh

This page contains 1 frames:

Primary Page: https://yfsafe.yfstudio.asia/
Frame ID: 0EE85340ABA40147ECC437640C84F92F
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

首页 - YFSafe Antivirus

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

7
Requests

86 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

188 kB
Transfer

487 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://unpkg.com/bootstrap-icons@1.10.2/font/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47 HTTP 302
  • https://unpkg.com/bootstrap-icons@1.10.2/font/fonts/bootstrap-icons.woff2

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
yfsafe.yfstudio.asia/
4 KB
2 KB
Document
General
Full URL
https://yfsafe.yfstudio.asia/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.154.41.146 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
a2e244b02d090c54479bad52de9efe59e47b1864b0bfc9c9d23772d3517cec0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 18 Dec 2022 04:29:22 GMT
etag
W/"6386cb9e-1162"
last-modified
Wed, 30 Nov 2022 03:18:54 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
busuanzi.pure.mini.js
busuanzi.ibruce.info/busuanzi/2.3/
2 KB
2 KB
Script
General
Full URL
https://busuanzi.ibruce.info/busuanzi/2.3/busuanzi.pure.mini.js
Requested by
Host: yfsafe.yfstudio.asia
URL: https://yfsafe.yfstudio.asia/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
97.64.23.206 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS
localhost.localdomain
Software
nginx/1.14.1 /
Resource Hash
0471fe90ad450f642e15aa79134b7bb6a2b2fd7e88349948fbe60747062ab25e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yfsafe.yfstudio.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 04:29:23 GMT
last-modified
Mon, 23 Nov 2020 05:39:59 GMT
server
nginx/1.14.1
accept-ranges
bytes
etag
"5fbb4b2f-793"
content-length
1939
content-type
application/javascript
bootstrap.min.css
unpkg.com/bootstrap@5.2.3/dist/css/
190 KB
28 KB
Stylesheet
General
Full URL
https://unpkg.com/bootstrap@5.2.3/dist/css/bootstrap.min.css
Requested by
Host: yfsafe.yfstudio.asia
URL: https://yfsafe.yfstudio.asia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yfsafe.yfstudio.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 04:29:22 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2234009
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GJF5C54E6G32GR3YVXRX18SH-fra
server
cloudflare
etag
W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77b528377de09bdd-FRA
bootstrap.bundle.min.js
unpkg.com/bootstrap@5.2.3/dist/js/
79 KB
24 KB
Script
General
Full URL
https://unpkg.com/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: yfsafe.yfstudio.asia
URL: https://yfsafe.yfstudio.asia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yfsafe.yfstudio.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 04:29:22 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2232660
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GJF6NA6TBDFE3GQF507K14G8-fra
server
cloudflare
etag
W/"13a24-kNFQNu9I/LM2oTW66BK0VmnxkEQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77b528377de49bdd-FRA
bootstrap-icons.css
unpkg.com/bootstrap-icons@1.10.2/font/
93 KB
13 KB
Stylesheet
General
Full URL
https://unpkg.com/bootstrap-icons@1.10.2/font/bootstrap-icons.css
Requested by
Host: yfsafe.yfstudio.asia
URL: https://yfsafe.yfstudio.asia/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yfsafe.yfstudio.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 04:29:22 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
495666
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GM2Z601PACZBSN8ERSPNTCQJ-fra
server
cloudflare
etag
W/"17579-AwBvMnkuAzSX6cpoNztsM4YwWTM"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77b528377de29bdd-FRA
bootstrap-icons.woff2
unpkg.com/bootstrap-icons@1.10.2/font/fonts/
Redirect Chain
  • https://unpkg.com/bootstrap-icons@1.10.2/font/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47
  • https://unpkg.com/bootstrap-icons@1.10.2/font/fonts/bootstrap-icons.woff2
118 KB
119 KB
Font
General
Full URL
https://unpkg.com/bootstrap-icons@1.10.2/font/fonts/bootstrap-icons.woff2
Requested by
Host: unpkg.com
URL: https://unpkg.com/bootstrap-icons@1.10.2/font/bootstrap-icons.css
Protocol
H2
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://unpkg.com/bootstrap-icons@1.10.2/font/bootstrap-icons.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 04:29:23 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
121296
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GMHQWQS8GDRHCZ7K924HFX5Z-fra
server
cloudflare
etag
"1d9d0-F9rQd2iZrRvq2r0GHDTioiss3nQ"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
77b528383916698f-FRA

Redirect headers

date
Sun, 18 Dec 2022 04:29:22 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
MISS
fly-request-id
01GMHQWQRJW863TXANHGJXCV1T-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/bootstrap-icons@1.10.2/font/fonts/bootstrap-icons.woff2
cf-ray
77b5283808c8698f-FRA
busuanzi
busuanzi.ibruce.info/
103 B
275 B
Script
General
Full URL
https://busuanzi.ibruce.info/busuanzi?jsonpCallback=BusuanziCallback_72095554507
Requested by
Host: busuanzi.ibruce.info
URL: https://busuanzi.ibruce.info/busuanzi/2.3/busuanzi.pure.mini.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
97.64.23.206 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS
localhost.localdomain
Software
nginx/1.14.1 /
Resource Hash
4bdbbebe13ab472ca8c792b02756b7f6d08f98c0ec9dd0a478d7cefdc1ad3a48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yfsafe.yfstudio.asia/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 04:29:23 GMT
server
nginx/1.14.1
content-length
103
content-type
application/json

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange number| uidEvent object| bootstrap object| bszCaller object| bszTag function| ready function| BusuanziCallback_72095554507 object| scriptTag

1 Cookies

Domain/Path Name / Value
.busuanzi.ibruce.info/ Name: busuanziId
Value: 4F11ABB402D94F64A86E1E1FF0C53645

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000