sanjuanbosco.edu.ec Open in urlscan Pro
2606:4700:3037::6815:42f0 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c
Submission: On December 01 via automatic, source openphish (December 1st 2022, 1:32:11 pm UTC) — Scanned from DE

Summary HTTP 28 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3037::6815:42f0, located in United States and belongs to CLOUDFLARENET, US. The main domain is sanjuanbosco.edu.ec.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 2nd 2022. Valid for: a year.

This is the only time sanjuanbosco.edu.ec was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: 163.cn (Online) Generic China (Online)

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700:303... 2606:4700:3037::6815:42f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	240e:83:201:d... 240e:83:201:d:0:1:232:65	23724 (CHINANET-...) (CHINANET-IDC-BJ-AP IDC)
9	52.223.58.187 52.223.58.187	16509 (AMAZON-02) (AMAZON-02)
28	3

18 2606:4700:3037::6815:42f0 (United States)

ASN13335 (CLOUDFLARENET, US)

sanjuanbosco.edu.ec	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 240e:83:201:d:0:1:232:65 (China)

ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN)

qiye.163.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.223.58.187 (United States)

ASN16509 (AMAZON-02, US)
PTR: af7a760d1af735066.awsglobalaccelerator.com

mimghz.qiye.163.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mimg.qiye.163.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	sanjuanbosco.edu.ec sanjuanbosco.edu.ec	30 KB
10	163.com qiye.163.com — Cisco Umbrella Rank: 84535 mimghz.qiye.163.com mimg.qiye.163.com	222 KB
28	2

	Domain	Requested by
18	sanjuanbosco.edu.ec	sanjuanbosco.edu.ec
6	mimghz.qiye.163.com	sanjuanbosco.edu.ec
3	mimg.qiye.163.com	sanjuanbosco.edu.ec
1	qiye.163.com	sanjuanbosco.edu.ec
28	4

This site contains links to these domains. Also see Links.

Domain
qiye.163.com
u.163.com
mail.163.com
corp.163.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.qiye.163.com GeoTrust RSA CN CA G2	`2022-01-24` - `2023-02-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c
Frame ID: 5B6CF8F878C3570BFF22C266D270D6F1
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

网易企业邮箱 - 登录入口

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

4
Subdomains

3
IPs

2
Countries

252 kB
Transfer

261 kB
Size

0
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://qiye.163.com/?hl=zh_TW
Title: 繁體版

Search URL Search Domain Scan URL

URL: https://qiye.163.com/?hl=en_US
Title: English

Search URL Search Domain Scan URL

URL: https://qiye.163.com/help/l-1.html
Title: 帮助

Search URL Search Domain Scan URL

URL: http://u.163.com/androidds4
Title: Android版

Search URL Search Domain Scan URL

URL: http://u.163.com/iosds4
Title: iPhone版

Search URL Search Domain Scan URL

URL: https://qiye.163.com/admin.jsp
Title: 管理员登录

Search URL Search Domain Scan URL

URL: http://mail.163.com/dashi/
Title: 下载邮箱大师

Search URL Search Domain Scan URL

URL: http://corp.163.com/gb/home.shtml
Title: 关于网易

Search URL Search Domain Scan URL

URL: http://corp.163.com/gb/legal/legal.html
Title: 相关法律

Search URL Search Domain Scan URL

URL: http://qiye.163.com/
Title: 企业邮箱

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.php Show response sanjuanbosco.edu.ec/intr/qiye2/	9 KB 3 KB	488ms 377ms	Document text/html	2606:4700:3037::6815:42f0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:42f0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d6bc5b53501a0fff83c8fab79ae9f090e5f02792126fed2362d156a7c6a30a1f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 772c2fccae7fbbef-FRA content-encoding br content-type text/html; charset=UTF-8 date Thu, 01 Dec 2022 13:32:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MApTknin8NXbVlB7h7LZ7Hh2462DJnCzSsFiKhmhNuap8c97zVqEISBKonLEdU2snYKOiaquIXQRBDJIy%2FN8t04A4nY5g2mnMQnnMaiPJjH1pO7G8qKS2O74Rn6XXH0LWy0sg9XvDG5dCZ22tJkdv%2FoY"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	global.css sanjuanbosco.edu.ec/intr/qiye2/files/	3 KB 1 KB	357ms 356ms	Stylesheet text/css	2606:4700:3037::6815:42f0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sanjuanbosco.edu.ec/intr/qiye2/files/global.css Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:42f0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e01225c49661fca51a5fd077c4e0332ea6124d2c36049c4e9fc62051d8a1b978` Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:04 GMT content-encoding br cf-cache-status REVALIDATED cf-bgj minify last-modified Thu, 23 May 2019 05:08:26 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=3537 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0d7XQc7lf0J%2FhWKeHNdiZ25Z2exjec1Ai9Zm3lLTHCLbFvsKL7idYwppKLQzQ2L1K9vz6TLhpLLZAecPOeesP5BAqv75ZYrB7kGYgmxnxdTl6pjK5J4KsEsWRpLTdHiSuhEnKbC3z3RzCeHg8X8%2BoELZ"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 772c2fcf0c29bbef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	user.css sanjuanbosco.edu.ec/intr/qiye2/files/	495 B 592 B	356ms 356ms	Stylesheet text/css	2606:4700:3037::6815:42f0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sanjuanbosco.edu.ec/intr/qiye2/files/user.css Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:42f0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d2ebb787f063b285064cf49dc6fb90cc675864c5cc51e8b2b477ebf40e18c13f` Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:04 GMT content-encoding br cf-cache-status REVALIDATED cf-bgj minify last-modified Thu, 23 May 2019 05:08:26 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=501 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNn%2BjLihUCHSsHVVlYSa9UjZHfHyR3MgkiIbWSCCfTgAEeZPMCxL1DB0GwBJ8Xg2hZxcI8G1hl7TxWggq%2FqvUJ9PXKOScAkl863jR2q6g20oz5l93wF24608xIRdislq6X3jIXaE2efCj675ocysHymL"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 772c2fcf0c2ebbef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	custom.css sanjuanbosco.edu.ec/intr/qiye2/files/	5 KB 2 KB	372ms 372ms	Stylesheet text/css	2606:4700:3037::6815:42f0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sanjuanbosco.edu.ec/intr/qiye2/files/custom.css Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:42f0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ba9756169b038363ae15d1706bbce13329e5f685afb02f5bb6775b3c507bbe17` Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:04 GMT content-encoding br cf-cache-status REVALIDATED cf-bgj minify last-modified Thu, 23 May 2019 05:08:26 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=4808 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9rNRyaLJcnSQnq8fyL1qdXvqFG4lZGNF604%2BdF2dzPnNf6mQ2tk306G2K2Nq2ziW%2BOt0VUyQqTV7udZQGQ4PKZZGI579f6OzfJyQ0GrPdjvZQxyGLz8aPQzwfrvS5WCAWG80gRBnbeQSfGq3xZ538bc"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 772c2fcf0c31bbef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	/ qiye.163.com/	0 0	1103ms 352ms	Image text/html	240e:83:201:d:0:1:232:65 CHINANET-IDC-BJ-A...
General Check archive.org Show headers Download Go to Show image Full URL https://qiye.163.com/ Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 240e:83:201:d:0:1:232:65 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers
GET H2	404	getqrcode.do sanjuanbosco.edu.ec/intr/qiye2/index_files/	11 KB 11 KB	364ms 363ms	Image text/html	2606:4700:3037::6815:42f0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sanjuanbosco.edu.ec/intr/qiye2/index_files/getqrcode.do Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:42f0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `279e4ab891ef88fc5efa4728af9ce93f85d1cd72408910e441a283b3d0979b6f` Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:04 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 03 Oct 2022 20:29:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8va1TTcm3%2B3IRnglDvaVm8pmeUBOO93sgaeRAu2l%2FWr0Atnmp%2FoosKIfEH0PCuSHbwSk37TY6h%2FaO1kjqFg420BXXkH%2BjYQ4tTU5GW9zETByQR7ZlCvEEWtRLzEjH%2BEmy%2FWl0NVaDYzK6PyZMzL2OVT"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 772c2fcf2c94bbef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	year.js.download sanjuanbosco.edu.ec/intr/qiye2/files/	0 0	363ms 360ms	Script text/html	2606:4700:3037::6815:42f0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sanjuanbosco.edu.ec/intr/qiye2/files/year.js.download Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:42f0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:04 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 03 Oct 2022 20:29:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTTVTYfebPsjelawAKwW66l6chUiYgTTOZb%2FH%2F%2FUYNTNmy3Iyq0yWKB2rCo%2FTbM124T6IUtyC%2Fabxu1E%2Bi6vRc6ebCChA7%2F%2BNdFgi1dDco6KJynP6KIS%2BdzdyZlRA1dgRNgQmhJRuRRaqoHKNAD6V2RS"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 772c2fcf2c6fbbef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	loginjs.jsp sanjuanbosco.edu.ec/intr/qiye2/files/	0 0	353ms 350ms	Script text/html	2606:4700:3037::6815:42f0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sanjuanbosco.edu.ec/intr/qiye2/files/loginjs.jsp Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:42f0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:04 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 03 Oct 2022 20:29:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Gk1CdxCT5LCAGcV9zWqR8UByGqlwQGRPuOH9xkwpj6DGPdeEjTNuBCJ2ptVTe01T7YVAbiF%2Bn%2B%2F3%2FgKM1RcVGroh%2Bef%2Fys%2FWVprkEA31FQY2YJQAGb%2FuH3e%2BqZKWRRKGlYd5El3PxiIdC2j%2F9ZCtq3B"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 772c2fcf2c79bbef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	jquery.js.download sanjuanbosco.edu.ec/intr/qiye2/files/	0 0	359ms 356ms	Script text/html	2606:4700:3037::6815:42f0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sanjuanbosco.edu.ec/intr/qiye2/files/jquery.js.download Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:42f0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:04 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 03 Oct 2022 20:29:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjNd9789PcYWU51xC8OtIBcOgiEjPQmyE9Y3ikFdHvy5vwjK9%2FV5TENYTaglYPJgBUTlLjDWYGcWx05bzTjpomJsiLJwP%2F56Y6lpLX6zXpBpkllBweYmgubBZwqkkaXdSG00nu%2FftLYWzJRNOwDstFQm"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 772c2fcf2c7bbbef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	jquery-migrate.js.download sanjuanbosco.edu.ec/intr/qiye2/files/	0 0	153ms 150ms	Script text/html	2606:4700:3037::6815:42f0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sanjuanbosco.edu.ec/intr/qiye2/files/jquery-migrate.js.download Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:42f0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:04 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 03 Oct 2022 20:29:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BF0jHMI%2BeARJD%2Bqnj43kV0b%2BVVJap7b7Ez3UKa5eQpAQ1AN%2BsmWTCx9EH1nhGNJyyoUGOWm5iY765UJtQbRe8UBFJ4dQkZYj18qK2kdVIcqp2sSnojkEM51X5rCqZkOGbrg3SXDpPf7tKsK3BraiaLtF"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 772c2fcf2c7ebbef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	lang_zhcn.js.download sanjuanbosco.edu.ec/intr/qiye2/files/	0 0	375ms 372ms	Script text/html	2606:4700:3037::6815:42f0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sanjuanbosco.edu.ec/intr/qiye2/files/lang_zhcn.js.download Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:42f0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:04 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 03 Oct 2022 20:29:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3ffeuf2x15Jy1SmiBJHRucW3ALU0CS3q7GXaSKM52OWGHvAyEa6BWAa2VREiXyzutCkSD%2FdqKegM%2By18tWmyV85Tqmh1jFPafIwp9ZfzizMHNHvEHURB9NESukRXkrtYx7YQ14NpxqOOywyAOiEAB5K"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 772c2fcf2c80bbef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	select_network.js.download sanjuanbosco.edu.ec/intr/qiye2/files/	0 0	364ms 362ms	Script text/html	2606:4700:3037::6815:42f0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sanjuanbosco.edu.ec/intr/qiye2/files/select_network.js.download Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:42f0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:04 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 03 Oct 2022 20:29:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jz60ryyM0lPdNupelYYzLymtzYxDEPqsodUtl%2F1xH5pVW%2FJNZFjl8y071l7r3RTCNsHJBbRpN5zb3RAuJcIDC2GcI2MeZk5GWfaJOH%2FmGdlRhrsPfxnQwEC%2B%2B26viMCBV2k%2BMLOoplWrmtZ%2BtkhCvTT"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 772c2fcf2c83bbef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	login_util.js.download sanjuanbosco.edu.ec/intr/qiye2/files/	0 0	364ms 362ms	Script text/html	2606:4700:3037::6815:42f0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sanjuanbosco.edu.ec/intr/qiye2/files/login_util.js.download Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:42f0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:04 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 03 Oct 2022 20:29:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8iBrkQ1fTnBou91eOl%2BykvmbF7Bkef2ONxOCcaa23PSGsmroKSc2cAvmn0E1Uj4WmBOnlEjNJ5QWAaGTcRWwIl2ugmsNykOd9cGAT00kyW%2Bhesn2R3mznpiRZNrYNQl%2BfK%2BKIflJqfhn%2F1be4MbnMBp"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 772c2fcf2c86bbef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	jquery.jsonp-2.4.0.min.js.download sanjuanbosco.edu.ec/intr/qiye2/index_files/	0 0	376ms 374ms	Script text/html	2606:4700:3037::6815:42f0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sanjuanbosco.edu.ec/intr/qiye2/index_files/jquery.jsonp-2.4.0.min.js.download Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:42f0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:04 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 03 Oct 2022 20:29:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OvBrZsUW2BfdnV05UwYOyO%2FIRrUZpPSKZMkHUonLk1gzm6hy67MkSYbJLo4ppRaYMZOZPWGpXE9bffhAHKq%2F6zGkfyzTxV8JhTAbDqIsRGx%2Bb9TrprSmD%2FLZgnYYIZf%2FpMFoV8%2F0bvIRgFkHAoCL3ax"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 772c2fcf2c8cbbef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	select_banner.js.download sanjuanbosco.edu.ec/intr/qiye2/index_files/	0 0	362ms 360ms	Script text/html	2606:4700:3037::6815:42f0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sanjuanbosco.edu.ec/intr/qiye2/index_files/select_banner.js.download Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:42f0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:04 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 03 Oct 2022 20:29:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njdruLa5uk%2Fx06eDrKgQrj3pkSJXnBYVCp%2F93%2FF5SOn1FksSWJHmRcmvLYH5yrtXX%2BEta%2FaZ704gGYPLE%2Bk5K0KBlSVb%2BDe8zBxwwV6e6N2gNlsZeyQ6lga%2F3WuHhZelsxDo8CuT2l3H25sjRH%2F8gUVs"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 772c2fcf2c90bbef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	reset_pwd.js.download sanjuanbosco.edu.ec/intr/qiye2/index_files/	0 0	379ms 378ms	Script text/html	2606:4700:3037::6815:42f0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sanjuanbosco.edu.ec/intr/qiye2/index_files/reset_pwd.js.download Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:42f0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:04 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 03 Oct 2022 20:29:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUdqGHu4Wrsc3I8I3GubGwPFI0ODos49%2FbH%2FDtjaC82%2Fi6f%2BItAbXB1%2FYhkhzC%2Fu1s8RWW05b7nLkeB7kMqN03mw0b7wKEZRTeFHbIxAZdi4fKyEnwpQu8NvMGUw4XL1k1KfLm979ZFB0UZ1WyCoqjjn"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 772c2fcf2c92bbef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	qiye_algorithm.js.download sanjuanbosco.edu.ec/intr/qiye2/index_files/	0 0	373ms 372ms	Script text/html	2606:4700:3037::6815:42f0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sanjuanbosco.edu.ec/intr/qiye2/index_files/qiye_algorithm.js.download Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:42f0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:04 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 03 Oct 2022 20:29:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2Bh9tPH9Gw1fDXMyGLNQVWX7rtzqTRynQXgyN2UnVTYIfGWEAjqCkZqkbb64FeMtjbPotdbgjeyKatm7F10wr9RMVf0J%2BMpR16r0dkiZl3%2FVeXZH4CKiOhZeq2rA2hQCdynmdoZkvHfXal4FnwyIRFRM"}],"group":"cf-nel","max_age":604800} content-type text/html cf-ray 772c2fcf2c93bbef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	logo.gif mimghz.qiye.163.com/o/public/	3 KB 3 KB	1660ms 331ms	Image image/gif	52.223.58.187 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://mimghz.qiye.163.com/o/public/logo.gif Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 52.223.58.187 , United States, ASN16509 (AMAZON-02, US), Reverse DNS af7a760d1af735066.awsglobalaccelerator.com Software nginx / Resource Hash `ed6dbc8fab5b63d6df0b079b70fc95459214b77dc174a05f0ea97d6a5fdc131c` Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:06 GMT last-modified Thu, 18 Oct 2012 06:21:43 GMT server nginx content-type image/gif cache-control max-age=31536000 accept-ranges bytes content-length 3232 expires Fri, 01 Dec 2023 13:32:06 GMT
GET H2	200	user_yixin_right_20180827.jpg mimg.qiye.163.com/o/mailapp/qiyelogin/style/img/	187 KB 188 KB	1761ms 280ms	Image image/jpeg	52.223.58.187 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://mimg.qiye.163.com/o/mailapp/qiyelogin/style/img/user_yixin_right_20180827.jpg Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 52.223.58.187 , United States, ASN16509 (AMAZON-02, US), Reverse DNS af7a760d1af735066.awsglobalaccelerator.com Software nginx / Resource Hash `664aa37e0a5c4996aee36c91c517ba150c9062830df0a12127509eadea5ca871` Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:06 GMT last-modified Mon, 27 Aug 2018 03:02:35 GMT server nginx content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes content-length 191654 expires Fri, 01 Dec 2023 13:32:06 GMT
GET H2	200	loginFormBg.png mimghz.qiye.163.com/o/domain/201808271800/index/img/	3 KB 3 KB	1566ms 238ms	Image image/png	52.223.58.187 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://mimghz.qiye.163.com/o/domain/201808271800/index/img/loginFormBg.png Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 52.223.58.187 , United States, ASN16509 (AMAZON-02, US), Reverse DNS af7a760d1af735066.awsglobalaccelerator.com Software nginx / Resource Hash `aa41c1850a185eec48e1d91f3e79e897bd07d85b0b15cd50efa9df0b4fa8153d` Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:06 GMT last-modified Mon, 27 Aug 2018 09:25:26 GMT server nginx content-type image/png cache-control max-age=31536000 accept-ranges bytes content-length 3093 expires Fri, 01 Dec 2023 13:32:06 GMT
GET H2	200	bg_cn_noqiye.png mimghz.qiye.163.com/o/domain/201808271800/index/img/	9 KB 9 KB	1571ms 243ms	Image image/png	52.223.58.187 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://mimghz.qiye.163.com/o/domain/201808271800/index/img/bg_cn_noqiye.png Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 52.223.58.187 , United States, ASN16509 (AMAZON-02, US), Reverse DNS af7a760d1af735066.awsglobalaccelerator.com Software nginx / Resource Hash `000114f7ef19aac009b411eff3232439da5e89a7476248a8813b94e9c4cd7bc1` Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:06 GMT last-modified Mon, 27 Aug 2018 09:25:26 GMT server nginx content-type image/png cache-control max-age=31536000 accept-ranges bytes content-length 9147 expires Fri, 01 Dec 2023 13:32:06 GMT
GET H2	200	bgx.gif mimg.qiye.163.com/xm/qiye/login/img/	87 B 257 B	1751ms 271ms	Image image/gif	52.223.58.187 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://mimg.qiye.163.com/xm/qiye/login/img/bgx.gif Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/files/global.css Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 52.223.58.187 , United States, ASN16509 (AMAZON-02, US), Reverse DNS af7a760d1af735066.awsglobalaccelerator.com Software nginx / Resource Hash `57f37271dc71a424614a1b51d7c9c95bc5d81ccc40588afb31f54689b46f8715` Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:06 GMT last-modified Thu, 07 Jan 2010 06:22:50 GMT server nginx content-type image/gif cache-control no-cache accept-ranges bytes content-length 87 expires Thu, 01 Dec 2022 13:32:05 GMT
GET H2	200	bg.gif mimg.qiye.163.com/xm/qiye/login/img/	12 KB 12 KB	1776ms 297ms	Image image/gif	52.223.58.187 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://mimg.qiye.163.com/xm/qiye/login/img/bg.gif Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/files/global.css Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 52.223.58.187 , United States, ASN16509 (AMAZON-02, US), Reverse DNS af7a760d1af735066.awsglobalaccelerator.com Software nginx / Resource Hash `09e7fb9326ea92a21d2e4703ed5274db3e63652e90892761ae12e82ffc33eb66` Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:06 GMT last-modified Thu, 07 Jan 2010 06:22:50 GMT server nginx content-type image/gif cache-control no-cache accept-ranges bytes content-length 12556 expires Thu, 01 Dec 2022 13:32:05 GMT
GET H2	200	ic_android.png mimghz.qiye.163.com/o/domain/201808271800/index/img/	2 KB 2 KB	1571ms 244ms	Image image/png	52.223.58.187 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://mimghz.qiye.163.com/o/domain/201808271800/index/img/ic_android.png Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 52.223.58.187 , United States, ASN16509 (AMAZON-02, US), Reverse DNS af7a760d1af735066.awsglobalaccelerator.com Software nginx / Resource Hash `f62a777eec8cc1e11ec1d0f681b707d43b87129af5a160ecd858f829db5478a4` Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:06 GMT last-modified Mon, 27 Aug 2018 09:25:26 GMT server nginx content-type image/png cache-control max-age=31536000 accept-ranges bytes content-length 1671 expires Fri, 01 Dec 2023 13:32:06 GMT
GET H2	200	ic_apple.png mimghz.qiye.163.com/o/domain/201808271800/index/img/	1 KB 2 KB	1569ms 242ms	Image image/png	52.223.58.187 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://mimghz.qiye.163.com/o/domain/201808271800/index/img/ic_apple.png Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 52.223.58.187 , United States, ASN16509 (AMAZON-02, US), Reverse DNS af7a760d1af735066.awsglobalaccelerator.com Software nginx / Resource Hash `44ed03668b2e7924e52d736b5c3484f2a58a1d9f75497f38a44ce569cc86c402` Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:06 GMT last-modified Mon, 27 Aug 2018 09:25:26 GMT server nginx content-type image/png cache-control max-age=31536000 accept-ranges bytes content-length 1472 expires Fri, 01 Dec 2023 13:32:06 GMT
GET H2	200	ic_qr.png mimghz.qiye.163.com/o/domain/201808271800/index/img/	2 KB 3 KB	1568ms 242ms	Image image/png	52.223.58.187 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://mimghz.qiye.163.com/o/domain/201808271800/index/img/ic_qr.png Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 52.223.58.187 , United States, ASN16509 (AMAZON-02, US), Reverse DNS af7a760d1af735066.awsglobalaccelerator.com Software nginx / Resource Hash `54fdcb30f8d40ec4b1d3cf31eb64f76642655824532e2950b63312b4284bfa2a` Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:06 GMT last-modified Mon, 27 Aug 2018 09:25:26 GMT server nginx content-type image/png cache-control max-age=31536000 accept-ranges bytes content-length 2398 expires Fri, 01 Dec 2023 13:32:06 GMT
GET H3	404	applogin_example.png sanjuanbosco.edu.ec/intr/qiye2/img/	11 KB 11 KB	370ms 370ms	Image text/html	2606:4700:3037::6815:42f0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sanjuanbosco.edu.ec/intr/qiye2/img/applogin_example.png Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/files/custom.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:42f0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `279e4ab891ef88fc5efa4728af9ce93f85d1cd72408910e441a283b3d0979b6f` Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/intr/qiye2/files/custom.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:05 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 03 Oct 2022 20:29:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScrAmfHw52vakxh5DWKBiyhVSklC5EBvd1zIH4l7gNM18HR75s%2FppAB8a45%2FiKw1FH6HFGjkRQc8vSEn3%2FStbTmy%2F%2BaaOLqqAeZ2I3qOL%2BlQMJha11KLGZy15q%2FUeSoWvAiBXS%2BysvBgybxdWxhwKTCb"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 772c2fd16cc29153-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	codebg.png sanjuanbosco.edu.ec/intr/qiye2/img/	2 KB 2 KB	371ms 371ms	Image text/html	2606:4700:3037::6815:42f0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sanjuanbosco.edu.ec/intr/qiye2/img/codebg.png Requested by Host: sanjuanbosco.edu.ec URL: https://sanjuanbosco.edu.ec/intr/qiye2/files/custom.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:42f0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9e1d3b7de9ca14f58a27bb5f7be516d5cf34af531ca93f8c40342d4714b96351` Request headers accept-language de-DE,de;q=0.9 Referer https://sanjuanbosco.edu.ec/intr/qiye2/files/custom.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers date Thu, 01 Dec 2022 13:32:05 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 03 Oct 2022 20:29:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hEiZmxn5nZJ09e477xLqLPMcJhboxhHwN9ibgYD8vuyreFh78uyez1XkoXlE5FxpA%2BOovVD5%2FMWcq5C9wYypisbwwOylhHk8IkxkGz%2FGv1%2BFD7iOhvDoGG5%2Bu89p0hdH%2BVprsmWvdPDqNuUcWobbtIv1"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 772c2fd16cc69153-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: 163.cn (Online) Generic China (Online)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sanjuanbosco.edu.ec/intr/qiye2/files/jquery-migrate.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sanjuanbosco.edu.ec/intr/qiye2/files/loginjs.jsp Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c(Line 221) Message: Mixed Content: The page at 'https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c' was loaded over HTTPS, but requested an insecure element 'http://mimghz.qiye.163.com/o/public/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c(Line 221) Message: Mixed Content: The page at 'https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c' was loaded over HTTPS, but requested an insecure element 'http://mimg.qiye.163.com/o/mailapp/qiyelogin/style/img/user_yixin_right_20180827.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c(Line 221) Message: Mixed Content: The page at 'https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c' was loaded over HTTPS, but requested an insecure element 'http://mimghz.qiye.163.com/o/domain/201808271800/index/img/loginFormBg.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c(Line 221) Message: Mixed Content: The page at 'https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c' was loaded over HTTPS, but requested an insecure element 'http://mimghz.qiye.163.com/o/domain/201808271800/index/img/bg_cn_noqiye.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c(Line 221) Message: Mixed Content: The page at 'https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c' was loaded over HTTPS, but requested an insecure element 'http://mimg.qiye.163.com/xm/qiye/login/img/bgx.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c(Line 221) Message: Mixed Content: The page at 'https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c' was loaded over HTTPS, but requested an insecure element 'http://mimg.qiye.163.com/xm/qiye/login/img/bg.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c(Line 221) Message: Mixed Content: The page at 'https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c' was loaded over HTTPS, but requested an insecure element 'http://mimghz.qiye.163.com/o/domain/201808271800/index/img/ic_android.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c(Line 221) Message: Mixed Content: The page at 'https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c' was loaded over HTTPS, but requested an insecure element 'http://mimghz.qiye.163.com/o/domain/201808271800/index/img/ic_apple.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c(Line 221) Message: Mixed Content: The page at 'https://sanjuanbosco.edu.ec/intr/qiye2/index.php?email=3mail@b.c' was loaded over HTTPS, but requested an insecure element 'http://mimghz.qiye.163.com/o/domain/201808271800/index/img/ic_qr.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://sanjuanbosco.edu.ec/intr/qiye2/files/jquery.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sanjuanbosco.edu.ec/intr/qiye2/files/year.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sanjuanbosco.edu.ec/intr/qiye2/index_files/select_banner.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sanjuanbosco.edu.ec/intr/qiye2/files/select_network.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sanjuanbosco.edu.ec/intr/qiye2/files/login_util.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sanjuanbosco.edu.ec/intr/qiye2/index_files/getqrcode.do Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sanjuanbosco.edu.ec/intr/qiye2/index_files/qiye_algorithm.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sanjuanbosco.edu.ec/intr/qiye2/files/lang_zhcn.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sanjuanbosco.edu.ec/intr/qiye2/index_files/jquery.jsonp-2.4.0.min.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sanjuanbosco.edu.ec/intr/qiye2/index_files/reset_pwd.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sanjuanbosco.edu.ec/intr/qiye2/img/applogin_example.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sanjuanbosco.edu.ec/intr/qiye2/img/codebg.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mimg.qiye.163.com
mimghz.qiye.163.com
qiye.163.com
sanjuanbosco.edu.ec
240e:83:201:d:0:1:232:65
2606:4700:3037::6815:42f0
52.223.58.187
000114f7ef19aac009b411eff3232439da5e89a7476248a8813b94e9c4cd7bc1
09e7fb9326ea92a21d2e4703ed5274db3e63652e90892761ae12e82ffc33eb66
279e4ab891ef88fc5efa4728af9ce93f85d1cd72408910e441a283b3d0979b6f
44ed03668b2e7924e52d736b5c3484f2a58a1d9f75497f38a44ce569cc86c402
54fdcb30f8d40ec4b1d3cf31eb64f76642655824532e2950b63312b4284bfa2a
57f37271dc71a424614a1b51d7c9c95bc5d81ccc40588afb31f54689b46f8715
664aa37e0a5c4996aee36c91c517ba150c9062830df0a12127509eadea5ca871
9e1d3b7de9ca14f58a27bb5f7be516d5cf34af531ca93f8c40342d4714b96351
aa41c1850a185eec48e1d91f3e79e897bd07d85b0b15cd50efa9df0b4fa8153d
ba9756169b038363ae15d1706bbce13329e5f685afb02f5bb6775b3c507bbe17
d2ebb787f063b285064cf49dc6fb90cc675864c5cc51e8b2b477ebf40e18c13f
d6bc5b53501a0fff83c8fab79ae9f090e5f02792126fed2362d156a7c6a30a1f
e01225c49661fca51a5fd077c4e0332ea6124d2c36049c4e9fc62051d8a1b978
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed6dbc8fab5b63d6df0b079b70fc95459214b77dc174a05f0ea97d6a5fdc131c
f62a777eec8cc1e11ec1d0f681b707d43b87129af5a160ecd858f829db5478a4

sanjuanbosco.edu.ec Open in urlscan Pro 2606:4700:3037::6815:42f0 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

67 %IPv6

2 Domains

4 Subdomains

3 IPs

2 Countries

252 kBTransfer

261 kBSize

0 Cookies

10 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

sanjuanbosco.edu.ec Open in urlscan Pro
2606:4700:3037::6815:42f0 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

4
Subdomains

3
IPs

2
Countries

252 kB
Transfer

261 kB
Size

0
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!