urlscan.io logo urlscan.io
SecurityTrails logo

u-academ.ru Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Submission Tags: falconsandbox
Submission: On July 29 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 25 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is u-academ.ru.
TLS certificate: Issued by E1 on July 7th 2022. Valid for: 3 months.
This is the only time u-academ.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 16 103.126.92.132 137263 (NETEASE-A...)
1 223.252.215.2 45062 (NETEASE-N...)
2 103.129.252.34 137263 (NETEASE-A...)
1 183.61.185.93 4134 (CHINANET-...)
1 36.110.185.60 23724 (CHINANET-...)
1 240e:604:100:... 4134 (CHINANET-...)
1 59.111.239.33 45062 (NETEASE-N...)
25 9
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
u-academ.ru
16    103.126.92.132 (Hong Kong)

ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK)
reg.163.com
1    223.252.215.2 (China)

ASN45062 (NETEASE-NETWORK NetEase Building No.16 Ke Yun Road, CN)
id.163.com
2    103.129.252.34 (Hong Kong)

ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK)
mimg.127.net
1    183.61.185.93 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
PTR: ptr-189.21cn.com
mail.21cn.com
1    36.110.185.60 (China)

ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN)
vip.sohu.com
1    240e:604:100:d:ffff:ffff:ffff:fe83 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
rzrq.263.net
1    59.111.239.33 (China)

ASN45062 (NETEASE-NETWORK NetEase Building No.16 Ke Yun Road, CN)
analytics.163.com
Apex Domain
Subdomains		 Transfer
18 163.com
reg.163.com — Cisco Umbrella Rank: 84649
id.163.com
analytics.163.com — Cisco Umbrella Rank: 517937
109 KB
2 127.net
mimg.127.net — Cisco Umbrella Rank: 128002
3 KB
2 u-academ.ru
u-academ.ru
4 KB
1 263.net
rzrq.263.net
8 KB
1 sohu.com
vip.sohu.com
1 21cn.com
mail.21cn.com
4 KB
0 sina.com.hk Failed
login.sina.com.hk Failed
25 7
Domain Requested by
16 reg.163.com 1 redirects u-academ.ru
reg.163.com
2 mimg.127.net u-academ.ru
2 u-academ.ru reg.163.com
1 analytics.163.com u-academ.ru
1 rzrq.263.net u-academ.ru
1 vip.sohu.com u-academ.ru
1 mail.21cn.com u-academ.ru
1 id.163.com u-academ.ru
0 login.sina.com.hk Failed u-academ.ru
25 9
Subject Issuer Validity Valid
*.u-academ.ru
E1		 2022-07-07 -
2022-10-05		 3 months crt.sh
*.163.com
GeoTrust RSA CN CA G2		 2022-03-25 -
2023-04-11		 a year crt.sh
mimg.127.net
GeoTrust RSA CN CA G2		 2021-08-17 -
2022-09-09		 a year crt.sh
*.21cn.com
GeoTrust RSA CA 2018		 2021-12-28 -
2023-01-03		 a year crt.sh
www.sohu.com
Secure Site CA G2		 2021-08-09 -
2022-09-03		 a year crt.sh
*.263.net
Secure Site CA G2		 2021-12-17 -
2023-01-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Frame ID: BA022DE3E5EC9E93CA1CFAB704AA0F24
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

邮箱登录

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

92 %
HTTPS

25 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

127 kB
Transfer

244 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://reg.163.com/ HTTP 302
  • https://id.163.com/mail/index.html

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request qy-mail.php
u-academ.ru/qy2/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfb7507b7c967abf2ef2a2cabc42c559b77e9e0f03f53b42afc574173b0c80d1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
732341f5889891d8-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 29 Jul 2022 04:54:37 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJM2rKUYNTZzaQIlHWsAF2VDZSdNXZklLhoH%2FYz%2Fme1gk%2Fd5v0i1F3QSHIGPMSYI2sd5TlbNu13PY9IYWi6L%2FN6%2Bz7qDJsXfBp5FhbADggE%2B9egc9%2F%2FTD6ua%2Bz9dAcXbrCHXYF3AUdBQVw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
global.css
reg.163.com/css2/ 		21 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://reg.163.com/css2/global.css?201405071000
Requested by
Host: u-academ.ru
URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.126.92.132 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
ed05ce55258620513b06c196336da1e0f312a08b9d8e21f00a97499c6a9e2d24

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://u-academ.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 04:54:40 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 09:27:03 GMT
server
nginx
x-from-src
5.79.98.48
vary
Accept-Encoding, User-Agent, Accept
content-type
text/css
cache-control
max-age=1728000
expires
Thu, 18 Aug 2022 04:54:40 GMT
skin.css
reg.163.com/css2/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://reg.163.com/css2/skin.css?201405071000
Requested by
Host: u-academ.ru
URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.126.92.132 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
4cbbad30bff2e0b7273ca2cc78daea6b39019c5815d6079c7db077d8c9b6dcd2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://u-academ.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 04:54:40 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 09:27:03 GMT
server
nginx
x-from-src
5.79.98.48
vary
Accept-Encoding, User-Agent, Accept
content-type
text/css
cache-control
max-age=1728000
expires
Thu, 18 Aug 2022 04:54:40 GMT
autoComplete.css
reg.163.com/css2/ 		1 KB
929 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://reg.163.com/css2/autoComplete.css?201405071000
Requested by
Host: u-academ.ru
URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.126.92.132 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
fa08ab01dba310efad3a17fcea2e3425914a6a4ba242ece505418ca1f6785b08

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://u-academ.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 04:54:40 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 09:27:03 GMT
server
nginx
x-from-src
5.79.98.48
vary
Accept-Encoding, User-Agent, Accept
content-type
text/css
cache-control
max-age=1728000
expires
Thu, 18 Aug 2022 04:54:40 GMT
login.css
reg.163.com/css2/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://reg.163.com/css2/login.css?201405071000
Requested by
Host: u-academ.ru
URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.126.92.132 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
0c619b51e99a54b3b02b768f173a2b08eeef70f1c1561f06f62684a9cf6cd1d0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://u-academ.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 04:54:40 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 09:27:03 GMT
server
nginx
x-from-src
5.79.98.48
vary
Accept-Encoding, User-Agent, Accept
content-type
text/css
cache-control
max-age=1728000
expires
Thu, 18 Aug 2022 04:54:40 GMT
jquery-1.4.2-min.js
reg.163.com/js2/ 		71 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reg.163.com/js2/jquery-1.4.2-min.js?201207241140
Requested by
Host: u-academ.ru
URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.126.92.132 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
f9e47f95fbad9ab9a85330c91d4d2465a1d473fc9ec1773ce0dc68afbd3dc98c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://u-academ.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 04:54:40 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 09:27:04 GMT
server
nginx
x-from-src
5.79.98.48
vary
Accept-Encoding, User-Agent, Accept
content-type
application/x-javascript
cache-control
max-age=1728000
expires
Thu, 18 Aug 2022 04:54:40 GMT
easyCore.js
reg.163.com/js2/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reg.163.com/js2/easyCore.js?201405071000
Requested by
Host: u-academ.ru
URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.126.92.132 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
29968f5528d99110019b93f3687e74fc0f21dc05a86868567437bee39d9d3814

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://u-academ.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 04:54:40 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 09:27:04 GMT
server
nginx
x-from-src
5.79.98.48
vary
Accept-Encoding, User-Agent, Accept
content-type
application/x-javascript
cache-control
max-age=1728000
expires
Thu, 18 Aug 2022 04:54:40 GMT
placeholder.js
reg.163.com/js2/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reg.163.com/js2/placeholder.js?201405071000
Requested by
Host: u-academ.ru
URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.126.92.132 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
5b5b5384cc9e768b822cfea34c4060d7e0aa77ba20d4c980b2d7b6db62810a55

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://u-academ.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 04:54:40 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 09:27:04 GMT
server
nginx
x-from-src
5.79.98.48
vary
Accept-Encoding, User-Agent, Accept
content-type
application/x-javascript
cache-control
max-age=1728000
expires
Thu, 18 Aug 2022 04:54:40 GMT
autoComplete.js
reg.163.com/js2/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reg.163.com/js2/autoComplete.js?201405071000
Requested by
Host: u-academ.ru
URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.126.92.132 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
299d5a5c3b7a266d7628fcea4f5764196836bb6cfa5cb5cbcac8f3fb0135c66d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://u-academ.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 04:54:40 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 09:27:04 GMT
server
nginx
x-from-src
5.79.98.48
vary
Accept-Encoding, User-Agent, Accept
content-type
application/x-javascript
cache-control
max-age=1728000
expires
Thu, 18 Aug 2022 04:54:40 GMT
qrLogin.js
reg.163.com/js2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reg.163.com/js2/qrLogin.js?201405071000
Requested by
Host: u-academ.ru
URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.126.92.132 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
4710345c63c346d3a001949d76e799de093b3a2b9f86a271f22b78bae61797f1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://u-academ.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 04:54:40 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 09:27:04 GMT
server
nginx
x-from-src
5.79.98.48
vary
Accept-Encoding, User-Agent, Accept
content-type
application/x-javascript
cache-control
max-age=1728000
expires
Thu, 18 Aug 2022 04:54:40 GMT
index.html
id.163.com/mail/
Redirect Chain
  • https://reg.163.com/
  • https://id.163.com/mail/index.html
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.163.com/mail/index.html
Requested by
Host: u-academ.ru
URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Protocol
HTTP/1.1
Server
223.252.215.2 , China, ASN45062 (NETEASE-NETWORK NetEase Building No.16 Ke Yun Road, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://u-academ.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Redirect headers

date
Fri, 29 Jul 2022 04:54:41 GMT
server
nginx
x-from-src
5.79.98.48
vary
User-Agent, Accept
content-type
application/octet-stream
location
https://id.163.com/mail/index.html
cache-control
no-cache
content-length
73
expires
Fri, 29 Jul 2022 04:54:40 GMT
netease_logo.gif
mimg.127.net/logo/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mimg.127.net/logo/netease_logo.gif
Requested by
Host: u-academ.ru
URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.34 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
b13de2eb10e93a66f6332b6ccb258bcf1502362a89b91c16f78ea425562e40a0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://u-academ.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 04:54:42 GMT
last-modified
Wed, 01 Dec 2010 02:06:41 GMT
server
nginx
etag
"4cf5adb1-4ec"
x-cache
HIT from HKGM
content-type
image/gif
cache-control
max-age=3600
accept-ranges
bytes
content-length
1260
expires
Fri, 29 Jul 2022 05:38:33 GMT
163logo-s.gif
mimg.127.net/logo/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mimg.127.net/logo/163logo-s.gif
Requested by
Host: u-academ.ru
URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.34 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
8eee971d2f2220deddba8e241bf0c94f4674902c7ff4d5a5e2771547c9adef56

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://u-academ.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 04:54:42 GMT
last-modified
Tue, 13 Apr 2010 08:54:18 GMT
server
nginx
etag
"4bc4313a-438"
x-cache
HIT from HKGM
content-type
image/gif
cache-control
max-age=3600
accept-ranges
bytes
content-length
1080
expires
Fri, 29 Jul 2022 05:48:38 GMT
logo_2014.gif
mail.21cn.com/w2/source/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mail.21cn.com/w2/source/images/logo_2014.gif
Requested by
Host: u-academ.ru
URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.61.185.93 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
ptr-189.21cn.com
Software
nginx /
Resource Hash
e5d54d0b864b7b1a42349d29258bb5de7591689c6c7a06b1c8bc983f5559a7ad

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://u-academ.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 04:54:42 GMT
last-modified
Wed, 30 Mar 2022 15:55:50 GMT
server
nginx
etag
"5W0+DKRr+DU"
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
cache-control
private
content-length
4277
vip_logo.jpg
vip.sohu.com/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vip.sohu.com/images/vip_logo.jpg
Requested by
Host: u-academ.ru
URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
36.110.185.60 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://u-academ.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
img1.gif
login.sina.com.hk/images/ 		0
0
logo.jpg
rzrq.263.net/263_business_mailbox_images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rzrq.263.net/263_business_mailbox_images/logo.jpg
Requested by
Host: u-academ.ru
URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:604:100:d:ffff:ffff:ffff:fe83 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
web /
Resource Hash
6b9e406d437e211af302b94feb11c5b0600c7d3535786641002c948fb0faf1ff
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://u-academ.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Fri, 29 Jul 2022 04:54:43 GMT
Last-Modified
Tue, 22 Mar 2016 14:53:48 GMT
Server
web
ETag
"56f15c7c-1e59"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=200
Content-Length
7769
jtip.js
reg.163.com/js2/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reg.163.com/js2/jtip.js?201405071000
Requested by
Host: u-academ.ru
URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.126.92.132 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
26e8366809e73ee0fae8676b7ba404da641d3a61537413bb1cbb46b178150642

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://u-academ.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 04:54:41 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 09:27:04 GMT
server
nginx
x-from-src
5.79.98.48
vary
Accept-Encoding, User-Agent, Accept
content-type
application/x-javascript
cache-control
max-age=1728000
expires
Thu, 18 Aug 2022 04:54:41 GMT
common.js
reg.163.com/js2/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reg.163.com/js2/common.js?201405071000
Requested by
Host: u-academ.ru
URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.126.92.132 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
1db40af385930d21758c86b0e309362f1ecc234b37d6bf2d40079fbd8bbcfcf1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://u-academ.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 04:54:41 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 09:27:04 GMT
server
nginx
x-from-src
5.79.98.48
vary
Accept-Encoding, User-Agent, Accept
content-type
application/x-javascript
cache-control
max-age=1728000
expires
Thu, 18 Aug 2022 04:54:41 GMT
login.js
reg.163.com/js2/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reg.163.com/js2/login.js?201405071000
Requested by
Host: u-academ.ru
URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.126.92.132 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
1d4706d389817cb5f5b29e8e2696659b4028586c493930190fd33f0c3ad6eff1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://u-academ.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 04:54:41 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 09:27:04 GMT
server
nginx
x-from-src
5.79.98.48
vary
Accept-Encoding, User-Agent, Accept
content-type
application/x-javascript
cache-control
max-age=1728000
expires
Thu, 18 Aug 2022 04:54:41 GMT
ntes.js
analytics.163.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.163.com/ntes.js
Requested by
Host: u-academ.ru
URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
59.111.239.33 , China, ASN45062 (NETEASE-NETWORK NetEase Building No.16 Ke Yun Road, CN),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://u-academ.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
icon2.png
reg.163.com/images2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://reg.163.com/images2/icon2.png
Requested by
Host: reg.163.com
URL: https://reg.163.com/css2/login.css?201405071000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.126.92.132 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
ac7e98f3dd6d8c7bf58fa96604aed13614a5e5cc5e0ded2c51cce5e1b02abaa2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://reg.163.com/css2/login.css?201405071000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 04:54:41 GMT
last-modified
Fri, 11 Mar 2022 09:27:04 GMT
server
nginx
x-from-src
5.79.98.48
vary
User-Agent, Accept
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1782
expires
Sat, 29 Jul 2023 04:54:41 GMT
icon.png
reg.163.com/images2/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://reg.163.com/images2/icon.png?201308051112
Requested by
Host: reg.163.com
URL: https://reg.163.com/css2/global.css?201405071000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.126.92.132 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
a9e1883a242f0ced551db7afab1ec66e0e78aeb9974a682d6eb3351c8b9dfa80

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://reg.163.com/css2/global.css?201405071000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 04:54:41 GMT
last-modified
Fri, 11 Mar 2022 09:27:04 GMT
server
nginx
x-from-src
5.79.98.48
vary
User-Agent, Accept
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
30636
expires
Sat, 29 Jul 2023 04:54:41 GMT
slide-door.png
reg.163.com/images2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://reg.163.com/images2/slide-door.png?201307221344
Requested by
Host: reg.163.com
URL: https://reg.163.com/css2/global.css?201405071000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.126.92.132 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
17334cb4285e97bafe142522ee57a85ce71310463051b45389cf1ab76128652d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://reg.163.com/css2/global.css?201405071000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 04:54:41 GMT
last-modified
Fri, 11 Mar 2022 09:27:04 GMT
server
nginx
x-from-src
5.79.98.48
vary
User-Agent, Accept
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3769
expires
Sat, 29 Jul 2023 04:54:41 GMT
tools.js
u-academ.ru/js2/easyTools/ 		2 B
353 B 		Script
General
Check archive.org
Download Go to
Full URL
https://u-academ.ru/js2/easyTools/tools.js?1659070481232
Requested by
Host: reg.163.com
URL: https://reg.163.com/js2/easyCore.js?201405071000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34a6225b83a638ed08f01ecdbf30cf0be3478ffdd36be92295fee92c5585d57c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://u-academ.ru/qy2/qy-mail.php?example%40example.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 29 Jul 2022 04:54:42 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 29 Jul 2022 04:54:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BhDo8b0VGpjWNtL%2FJ9VVWC88CNJBLmUmNYbZrqzGraVUVlIgUAordI1xA2rENS7ChxutBi%2FQHU1z%2F1ln2Q%2F5TGZz11bH9KIyvvAkcCLgHLvohIERvfUk8YOBpFwwGCfwuk92pSDsQUBXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
73234210abf191d8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.sina.com.hk
URL
https://login.sina.com.hk/images/img1.gif

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| Core object| LS string| _ntes_nacc

1 Cookies

Domain/Path Name / Value
u-academ.ru/qy2 Name: URS_Analyze
Value: 1

6 Console Messages

Source Level URL
Text
security warning URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Message:
Mixed Content: The page at 'https://u-academ.ru/qy2/qy-mail.php?example%40example.com' was loaded over HTTPS, but requested an insecure element 'http://mail.21cn.com/w2/source/images/logo_2014.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com
Message:
Mixed Content: The page at 'https://u-academ.ru/qy2/qy-mail.php?example%40example.com' was loaded over HTTPS, but requested an insecure element 'http://rzrq.263.net/263_business_mailbox_images/logo.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com(Line 109)
Message:
Mixed Content: The page at 'https://u-academ.ru/qy2/qy-mail.php?example%40example.com' was loaded over HTTPS, but requested an insecure element 'http://mail.21cn.com/w2/source/images/logo_2014.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://u-academ.ru/qy2/qy-mail.php?example%40example.com(Line 109)
Message:
Mixed Content: The page at 'https://u-academ.ru/qy2/qy-mail.php?example%40example.com' was loaded over HTTPS, but requested an insecure element 'http://rzrq.263.net/263_business_mailbox_images/logo.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://login.sina.com.hk/images/img1.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://analytics.163.com/ntes.js
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.163.com
id.163.com
login.sina.com.hk
mail.21cn.com
mimg.127.net
reg.163.com
rzrq.263.net
u-academ.ru
vip.sohu.com
login.sina.com.hk
103.126.92.132
103.129.252.34
183.61.185.93
223.252.215.2
240e:604:100:d:ffff:ffff:ffff:fe83
2a06:98c1:3121::3
36.110.185.60
59.111.239.33
0c619b51e99a54b3b02b768f173a2b08eeef70f1c1561f06f62684a9cf6cd1d0
17334cb4285e97bafe142522ee57a85ce71310463051b45389cf1ab76128652d
1d4706d389817cb5f5b29e8e2696659b4028586c493930190fd33f0c3ad6eff1
1db40af385930d21758c86b0e309362f1ecc234b37d6bf2d40079fbd8bbcfcf1
26e8366809e73ee0fae8676b7ba404da641d3a61537413bb1cbb46b178150642
29968f5528d99110019b93f3687e74fc0f21dc05a86868567437bee39d9d3814
299d5a5c3b7a266d7628fcea4f5764196836bb6cfa5cb5cbcac8f3fb0135c66d
34a6225b83a638ed08f01ecdbf30cf0be3478ffdd36be92295fee92c5585d57c
4710345c63c346d3a001949d76e799de093b3a2b9f86a271f22b78bae61797f1
4cbbad30bff2e0b7273ca2cc78daea6b39019c5815d6079c7db077d8c9b6dcd2
5b5b5384cc9e768b822cfea34c4060d7e0aa77ba20d4c980b2d7b6db62810a55
6b9e406d437e211af302b94feb11c5b0600c7d3535786641002c948fb0faf1ff
8eee971d2f2220deddba8e241bf0c94f4674902c7ff4d5a5e2771547c9adef56
a9e1883a242f0ced551db7afab1ec66e0e78aeb9974a682d6eb3351c8b9dfa80
ac7e98f3dd6d8c7bf58fa96604aed13614a5e5cc5e0ded2c51cce5e1b02abaa2
b13de2eb10e93a66f6332b6ccb258bcf1502362a89b91c16f78ea425562e40a0
bfb7507b7c967abf2ef2a2cabc42c559b77e9e0f03f53b42afc574173b0c80d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d54d0b864b7b1a42349d29258bb5de7591689c6c7a06b1c8bc983f5559a7ad
ed05ce55258620513b06c196336da1e0f312a08b9d8e21f00a97499c6a9e2d24
f9e47f95fbad9ab9a85330c91d4d2465a1d473fc9ec1773ce0dc68afbd3dc98c
fa08ab01dba310efad3a17fcea2e3425914a6a4ba242ece505418ca1f6785b08