urlscan.io logo urlscan.io
SecurityTrails logo

w1.ysyyds49.cn Open in urlscan Pro
23.224.210.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mongolia-tours.com/js/ajax/face.php
Effective URL: http://w1.ysyyds49.cn/h8/
Submission: On June 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 14 HTTP transactions. The main IP is 23.224.210.20, located in United States and belongs to CNSERVERS, US. The main domain is w1.ysyyds49.cn.
This is the only time w1.ysyyds49.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 156.234.6.150 136800 (SUNHK-DAT...)
2 103.235.46.191 55967 (BAIDU Bei...)
1 1 27.102.127.158 45996 (DAOU-AS-K...)
2 3 23.224.210.20 40065 (CNSERVERS)
6 180.97.64.41 140292 (CHINATELE...)
1 240e:e1:a802:... 4811 (CHINANET-...)
14 6
4    156.234.6.150 (Central, Hong Kong)

ASN136800 (SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone, HK)
mongolia-tours.com
www.mongolia-tours.com
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    27.102.127.158 (Korea, Republic Of)

ASN45996 (DAOU-AS-KR DAOU TECHNOLOGY, KR)
27.102.127.158
3    23.224.210.20 (United States)

ASN40065 (CNSERVERS, US)
w1.ysyyds49.cn
6    180.97.64.41 (China)

ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN)
f.fhjxzz.com
1    240e:e1:a802:2::39 (China)

ASN4811 (CHINANET-SHANGHAI-MAN China Telecom Group, CN)
weixin110.qq.com
Apex Domain
Subdomains		 Transfer
6 fhjxzz.com
f.fhjxzz.com
201 KB
4 mongolia-tours.com
mongolia-tours.com
www.mongolia-tours.com
1 KB
3 ysyyds49.cn
w1.ysyyds49.cn
3 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 7790
12 KB
1 qq.com
weixin110.qq.com — Cisco Umbrella Rank: 258008
142 B
14 5
Domain Requested by
6 f.fhjxzz.com w1.ysyyds49.cn
3 w1.ysyyds49.cn 2 redirects www.mongolia-tours.com
3 www.mongolia-tours.com www.mongolia-tours.com
2 hm.baidu.com www.mongolia-tours.com
1 weixin110.qq.com w1.ysyyds49.cn
1 mongolia-tours.com 1 redirects
14 6

This site contains no links.

Subject Issuer Validity Valid
baidu.com
GlobalSign RSA OV SSL CA 2018		 2021-11-15 -
2022-08-02		 9 months crt.sh
weixin.qq.com
DigiCert Secure Site CN CA G3		 2022-06-15 -
2023-06-15		 a year crt.sh

This page contains 1 frames:

Frame: https://weixin110.qq.com/cgi-bin/mmspamsupport-bin/newredirectconfirmcgi?main_type=2&evil_type=0&source=2
Frame ID: F48528B21F0BC1F7948F7485F469D79B
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://mongolia-tours.com/js/ajax/face.php HTTP 301
    http://www.mongolia-tours.com/js/ajax/face.php Page URL
  2. http://27.102.127.158/url.php?url=http://w1.ysyyds49.cn/d/uvkr70b HTTP 302
    http://w1.ysyyds49.cn/d/uvkr70b HTTP 302
    http://w1.ysyyds49.cn/api/ds/ff/1088/b2e1611919125c2e HTTP 302
    http://w1.ysyyds49.cn/h8/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Page Statistics

14
Requests

21 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

6
IPs

4
Countries

217 kB
Transfer

882 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mongolia-tours.com/js/ajax/face.php HTTP 301
    http://www.mongolia-tours.com/js/ajax/face.php Page URL
  2. http://27.102.127.158/url.php?url=http://w1.ysyyds49.cn/d/uvkr70b HTTP 302
    http://w1.ysyyds49.cn/d/uvkr70b HTTP 302
    http://w1.ysyyds49.cn/api/ds/ff/1088/b2e1611919125c2e HTTP 302
    http://w1.ysyyds49.cn/h8/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://mongolia-tours.com/js/ajax/face.php HTTP 301
  • http://www.mongolia-tours.com/js/ajax/face.php

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
face.php
www.mongolia-tours.com/js/ajax/
Redirect Chain
  • http://mongolia-tours.com/js/ajax/face.php
  • http://www.mongolia-tours.com/js/ajax/face.php
636 B
777 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.mongolia-tours.com/js/ajax/face.php
Protocol
HTTP/1.1
Server
156.234.6.150 Central, Hong Kong, ASN136800 (SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone, HK),
Reverse DNS
Software
nginx /
Resource Hash
fe50715bfb9f9e8460246ee053069180db9ec5bd9686fcfde87f68d74f6b7044

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
636
Content-Type
text/html
Date
Thu, 30 Jun 2022 22:56:55 GMT
Server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html
Date
Thu, 30 Jun 2022 22:56:54 GMT
Location
http://www.mongolia-tours.com/js/ajax/face.php
Server
nginx
common.js
www.mongolia-tours.com/ 		94 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.mongolia-tours.com/common.js
Requested by
Host: www.mongolia-tours.com
URL: http://www.mongolia-tours.com/js/ajax/face.php
Protocol
HTTP/1.1
Server
156.234.6.150 Central, Hong Kong, ASN136800 (SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mongolia-tours.com/js/ajax/face.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 30 Jun 2022 22:56:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
94
Content-Type
application/x-javascript
tj.js
www.mongolia-tours.com/ 		0
154 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.mongolia-tours.com/tj.js
Requested by
Host: www.mongolia-tours.com
URL: http://www.mongolia-tours.com/js/ajax/face.php
Protocol
HTTP/1.1
Server
156.234.6.150 Central, Hong Kong, ASN136800 (SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone, HK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mongolia-tours.com/js/ajax/face.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 30 Jun 2022 22:56:55 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
Content-Type
application/x-javascript
hm.js
hm.baidu.com/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?691f6750c34420497f549bfe5a7835a9
Requested by
Host: www.mongolia-tours.com
URL: http://www.mongolia-tours.com/js/ajax/face.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mongolia-tours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 30 Jun 2022 22:56:55 GMT
Content-Encoding
gzip
Server
apache
Etag
abe0c685f827dd2174066cf4c35a1424
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11292
Primary Request /
w1.ysyyds49.cn/h8/
Redirect Chain
  • http://27.102.127.158/url.php?url=http://w1.ysyyds49.cn/d/uvkr70b
  • http://w1.ysyyds49.cn/d/uvkr70b
  • http://w1.ysyyds49.cn/api/ds/ff/1088/b2e1611919125c2e
  • http://w1.ysyyds49.cn/h8/
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://w1.ysyyds49.cn/h8/
Requested by
Host: www.mongolia-tours.com
URL: http://www.mongolia-tours.com/common.js
Protocol
HTTP/1.1
Server
23.224.210.20 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
/
Resource Hash
761e4aedb1ac661a0d56bd65c1cbda26435156269afdad648022db98df7e8c34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.mongolia-tours.com/js/ajax/face.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Content-Language
de-DE
Content-Type
text/html;charset=utf-8
Date
Thu, 30 Jun 2022 22:56:58 GMT
Expires
0
Pragma
no-cache
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block

Redirect headers

Access-Control-Expose-Headers
uxx
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Content-Language
de-DE
Content-Length
0
Date
Thu, 30 Jun 2022 22:56:57 GMT
Expires
0
Location
http://w1.ysyyds49.cn/h8/#/?daili=1088&tk=b2e1611919125c2e
Pragma
no-cache
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
uxx
d4807f5401a447515ba50a85c1727cd7
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=622157541&si=691f6750c34420497f549bfe5a7835a9&v=1.2.94&lv=1&sn=36086&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.mongolia-tours.com%2Fjs%2Fajax%2Fface.php&tt=51%E6%8E%92%E8%A1%8C%E7%B6%B2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mongolia-tours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Jun 2022 22:56:56 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		0
0
index.css
f.fhjxzz.com/h8/static/ 		92 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://f.fhjxzz.com/h8/static/index.css
Requested by
Host: w1.ysyyds49.cn
URL: http://w1.ysyyds49.cn/h8/
Protocol
HTTP/1.1
Server
180.97.64.41 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
4092422fbd44790f2e0889437a157b0156f3801412dbe0758286232f58ae0afd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://w1.ysyyds49.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Ohc-File-Size
25741
X-Log
X-Log
Date
Thu, 30 Jun 2022 22:57:00 GMT
Content-Encoding
gzip
X-Svr
IO
Content-Md5
ZEkvi/AnWX5xE5a/PB0YvA==
Age
306017
X-Cache-Status
HIT
Transfer-Encoding
chunked
Access-Control-Max-Age
2592000
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="index.css"; filename*=utf-8''index.css
Connection
keep-alive
X-M-Reqid
U2oAACUnLoH8cPwW
X-M-Log
QNM:xs475;SRCPROXY:xs481;SRC:64;SRCPROXY:65;QNM3:77
Ohc-Cache-HIT
suzct63 [2], fzctcache63 [2], bdix195 [1]
Last-Modified
Mon, 27 Jun 2022 09:40:15 GMT
Server
JSP3/2.0.14
X-Qiniu-Zone
0
ETag
"Foa6nYRKxzhMJeU8e0_WVvJJH7i_.gz"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Qnm-Cache
Miss
X-Reqid
RC8AAAARbVCrcfwW
video-js.min.css
f.fhjxzz.com/ 		38 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://f.fhjxzz.com/video-js.min.css
Requested by
Host: w1.ysyyds49.cn
URL: http://w1.ysyyds49.cn/h8/
Protocol
HTTP/1.1
Server
180.97.64.41 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://w1.ysyyds49.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Ohc-File-Size
10048
X-Log
X-Log
Date
Thu, 30 Jun 2022 22:57:00 GMT
Content-Encoding
gzip
X-Svr
IO
Content-Md5
cWKCqlVJel69bFkOg8RjiA==
Age
306017
X-Cache-Status
HIT
Transfer-Encoding
chunked
Access-Control-Max-Age
2592000
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="video-js.min.css"; filename*=utf-8''video-js.min.css
Connection
keep-alive
X-M-Reqid
w_AAANog9XmFcfwW
X-M-Log
QNM:xs1170;SRCPROXY:xs489;SRC:29;SRCPROXY:29;QNM3:31
Ohc-Cache-HIT
suzct107 [2], fzctcache80 [2], qdix129 [1]
Last-Modified
Sat, 30 Apr 2022 06:58:08 GMT
Server
JSP3/2.0.14
X-Qiniu-Zone
0
ETag
"FuW__GXkRHT24h0DDWNsP09mVyFk.gz"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Qnm-Cache
Miss
X-Reqid
THwAAADV3kircfwW
043854759.png
f.fhjxzz.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://f.fhjxzz.com/043854759.png
Requested by
Host: w1.ysyyds49.cn
URL: http://w1.ysyyds49.cn/h8/
Protocol
HTTP/1.1
Server
180.97.64.41 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://w1.ysyyds49.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Ohc-File-Size
10757
X-Log
X-Log
Date
Thu, 30 Jun 2022 22:57:00 GMT
X-Svr
IO
Content-Md5
MB/9isdYzC8JS+NC3yG+EA==
Age
306016
X-Cache-Status
HIT
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="043854759.png"; filename*=utf-8''043854759.png
Connection
keep-alive
Content-Length
10757
X-M-Reqid
6GIAADVtU0ercfwW
X-M-Log
QNM:jjh1504;SRCPROXY:jjh1498;SRC:5;SRCPROXY:6;QNM3:15
Ohc-Cache-HIT
suzct102 [2], hsctcache102 [2], bdix230 [1]
Last-Modified
Sat, 30 Apr 2022 06:58:08 GMT
Server
JSP3/2.0.14
X-Qiniu-Zone
0
ETag
"Fsskfa4y3pcfJoZB5_l56Kkn7cgY"
Access-Control-Max-Age
2592000
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Qnm-Cache
Miss
X-Reqid
3SoAAACgZEercfwW
video.min.js
f.fhjxzz.com/js/ 		223 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://f.fhjxzz.com/js/video.min.js
Requested by
Host: w1.ysyyds49.cn
URL: http://w1.ysyyds49.cn/h8/
Protocol
HTTP/1.1
Server
180.97.64.41 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://w1.ysyyds49.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Ohc-File-Size
140012
X-Log
X-Log
Date
Thu, 30 Jun 2022 22:57:00 GMT
Content-Encoding
gzip
X-Svr
IO
Content-Md5
FLN3T60H5/npvDJ+7zdHjw==
Age
306016
X-Cache-Status
HIT
Transfer-Encoding
chunked
Access-Control-Max-Age
2592000
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="video.min.js"; filename*=utf-8''video.min.js
Connection
keep-alive
X-M-Reqid
4gkAABsyVUircfwW
X-M-Log
QNM:jjh1901;SRCPROXY:jjh1535;SRC:38;SRCPROXY:38;QNM3:40
Ohc-Cache-HIT
suzct73 [2], jnctcache73 [2], bdix150 [1]
Last-Modified
Sat, 30 Apr 2022 06:58:08 GMT
Server
JSP3/2.0.14
X-Qiniu-Zone
0
ETag
"FoH9T22Mgd_EBJmGGnmomt-EGodM.gz"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Qnm-Cache
Miss
X-Reqid
rCEAAABNqEircfwW
chunk-vendors.00f45bd7.js
f.fhjxzz.com/h8/static/js/ 		455 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://f.fhjxzz.com/h8/static/js/chunk-vendors.00f45bd7.js
Requested by
Host: w1.ysyyds49.cn
URL: http://w1.ysyyds49.cn/h8/
Protocol
HTTP/1.1
Server
180.97.64.41 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://w1.ysyyds49.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Ohc-File-Size
147016
X-Log
X-Log
Date
Thu, 30 Jun 2022 22:57:00 GMT
Content-Encoding
gzip
X-Svr
IO
Content-Md5
DMacDiwIthCigCJ2aFVOfQ==
Age
306016
X-Cache-Status
HIT
Transfer-Encoding
chunked
Access-Control-Max-Age
2592000
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="chunk-vendors.00f45bd7.js"; filename*=utf-8''chunk-vendors.00f45bd7.js
Connection
keep-alive
X-M-Reqid
lYIAAAMZfFCrcfwW
X-M-Log
QNM:jjh2396;SRCPROXY:jjh1499;SRC:28;SRCPROXY:29;QNM3:34
Ohc-Cache-HIT
suzct60 [2], jnctcache60 [2], bdix207 [1]
Last-Modified
Mon, 27 Jun 2022 09:40:17 GMT
Server
JSP3/2.0.14
X-Qiniu-Zone
0
ETag
"Fi5SdM86SJMkNxNCGxcX9pQTtill.gz"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Qnm-Cache
Miss
X-Reqid
1OIAAAARo1CrcfwW
index.27651465.js
f.fhjxzz.com/h8/static/js/ 		31 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://f.fhjxzz.com/h8/static/js/index.27651465.js
Requested by
Host: w1.ysyyds49.cn
URL: http://w1.ysyyds49.cn/h8/
Protocol
HTTP/1.1
Server
180.97.64.41 , China, ASN140292 (CHINATELECOM-JIANGSU-SUZHOU-5G-NETWORK CHINATELECOM Jiangsu province Suzhou 5G network, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://w1.ysyyds49.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Ohc-File-Size
7657
X-Log
X-Log
Date
Thu, 30 Jun 2022 22:57:00 GMT
Content-Encoding
gzip
X-Svr
IO
Content-Md5
B/k+uV965sMXrPDlzCAtsA==
Age
306016
X-Cache-Status
HIT
Transfer-Encoding
chunked
Access-Control-Max-Age
2592000
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="index.27651465.js"; filename*=utf-8''index.27651465.js
Connection
keep-alive
X-M-Reqid
TC8AAIuMZVSrcfwW
X-M-Log
QNM:jjh1903;SRCPROXY:jjh1497;SRC:22;SRCPROXY:23;QNM3:24
Ohc-Cache-HIT
suzct77 [2], jnctcache72 [2], bdix148 [1]
Last-Modified
Mon, 27 Jun 2022 09:40:18 GMT
Server
JSP3/2.0.14
X-Qiniu-Zone
0
ETag
"FoKmsPKdHFVPqyewGgt9eSNDMhUP.gz"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Qnm-Cache
Miss
X-Reqid
O3wAAAA1JVWrcfwW
newredirectconfirmcgi
weixin110.qq.com/cgi-bin/mmspamsupport-bin/ 		0
142 B 		Document
General
Check archive.org
Download Go to
Full URL
https://weixin110.qq.com/cgi-bin/mmspamsupport-bin/newredirectconfirmcgi?main_type=2&evil_type=0&source=2
Requested by
Host: w1.ysyyds49.cn
URL: http://w1.ysyyds49.cn/h8/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
240e:e1:a802:2::39 , China, ASN4811 (CHINANET-SHANGHAI-MAN China Telecom Group, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://w1.ysyyds49.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=gbk

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.gif?hca=ACBAAE530FCACAF7&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=2146%2C2146&et=3&ja=0&ln=en-us&lo=0&rnd=1561975863&si=691f6750c34420497f549bfe5a7835a9&v=1.2.94&lv=1&sn=36086&r=0&ww=1600&u=http%3A%2F%2Fwww.mongolia-tours.com%2Fjs%2Fajax%2Fface.php

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: ACBAAE530FCACAF7
.www.mongolia-tours.com/ Name: Hm_lvt_691f6750c34420497f549bfe5a7835a9
Value: 1656629816
.www.mongolia-tours.com/ Name: Hm_lpvt_691f6750c34420497f549bfe5a7835a9
Value: 1656629816