urlscan.io logo urlscan.io
SecurityTrails logo

qymszj.com Open in urlscan Pro
154.219.142.51  Public Scan

Go To Rescan Add Verdict Report
URL: http://qymszj.com/
Submission: On December 03 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 154.219.142.51, located in Los Angeles, United States and belongs to DXTL-HK DXTL Tseung Kwan O Service, HK. The main domain is qymszj.com.
This is the only time qymszj.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 154.219.142.51 134548 (DXTL-HK D...)
1 154.219.142.2 134548 (DXTL-HK D...)
3 222.191.251.131 4134 (CHINANET-...)
3 103.235.46.191 55967 (CNNIC-BAI...)
2 2 115.159.90.194 45090 (CNNIC-TEN...)
1 122.72.89.206 9394 (CTTNET Ch...)
4 113.113.73.48 58543 (CHINATELE...)
1 180.149.132.115 23724 (CHINANET-...)
20 7
7    154.219.142.51 (Los Angeles, United States)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)
qymszj.com
1    154.219.142.2 (Los Angeles, United States)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)
www.kpmfxt.com
3    222.191.251.131 (Nanjing, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
count18.51yes.com
3    103.235.46.191 (Central District, Hong Kong)

ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
2    115.159.90.194 (Beijing, China)

ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
www.itbyc.com
itbyc.com
1    122.72.89.206 (Beijing, China)

ASN9394 (CTTNET China TieTong Telecommunications Corporation, CN)
cs.itbyc.com
4    113.113.73.48 (China)

ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN)
bdimg.share.baidu.com
1    180.149.132.115 (Beijing, China)

ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN)
nsclick.baidu.com
Domain Requested by
7 qymszj.com qymszj.com
4 bdimg.share.baidu.com qymszj.com
bdimg.share.baidu.com
3 hm.baidu.com www.kpmfxt.com
qymszj.com
3 count18.51yes.com qymszj.com
count18.51yes.com
1 nsclick.baidu.com
1 cs.itbyc.com qymszj.com
1 itbyc.com 1 redirects
1 www.itbyc.com 1 redirects
1 www.kpmfxt.com qymszj.com
20 9
Subject Issuer Validity Valid
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-08-28 -
2019-05-26		 9 months crt.sh

This page contains 2 frames:

Primary Page: http://qymszj.com/
Frame ID: E7F8DF2E2BAAF74204BFBD78DF752A9C
Requests: 19 HTTP requests in this frame

Frame: http://count18.51yes.com/sa.htm?id=182658343&refe=&location=http%3A//qymszj.com/&color=24x&resolution=1600x1200&returning=0&language=undefined&ua=Mozilla/5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/67.0.3396.87%20Safari/537.36
Frame ID: F5942C18F1D36857329609DCC1BC66C6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /modernizr(?:-([\d.]*[\d]))?.*\.js/i

Page Statistics

20
Requests

15 %
HTTPS

0 %
IPv6

5
Domains

9
Subdomains

7
IPs

3
Countries

98 kB
Transfer

146 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://www.itbyc.com/images/bgimg_top.jpg HTTP 301
  • http://itbyc.com/images/bgimg_top.jpg HTTP 302
  • http://cs.itbyc.com/bgimg_topB1D.jpg

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
qymszj.com/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://qymszj.com/
Protocol
HTTP/1.1
Server
154.219.142.51 Los Angeles, United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / PHP/5.2.17 ASP.NET
Resource Hash
8ef9b6b29d866fc49d52bf6ead60cd7f7d08e668683f815ba93be20d6e25fcd0

Request headers

Host
qymszj.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
text/html; charset=gb2312
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
X-Powered-By
PHP/5.2.17 ASP.NET
Date
Mon, 03 Dec 2018 22:08:37 GMT
Content-Length
2588
base.css
qymszj.com/templets/lindu/style/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://qymszj.com/templets/lindu/style/base.css
Requested by
Host: qymszj.com
URL: http://qymszj.com/
Protocol
HTTP/1.1
Server
154.219.142.51 Los Angeles, United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
f482472cce9fcbc9251e4ee9377563231f8072f7e27b425a76a45a9c7f661624

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
qymszj.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://qymszj.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://qymszj.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 03 Dec 2018 22:08:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 02:42:18 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"3338f5ceb18ad41:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1428
index.css
qymszj.com/templets/lindu/style/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://qymszj.com/templets/lindu/style/index.css
Requested by
Host: qymszj.com
URL: http://qymszj.com/
Protocol
HTTP/1.1
Server
154.219.142.51 Los Angeles, United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
8aa1f91d1152237147746df053aca7553e054742adfcb707427ad77afa1aaf94

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
qymszj.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://qymszj.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://qymszj.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 03 Dec 2018 22:08:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 May 2014 05:49:44 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"16c89b7a4a6bcf1:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
2484
web17.js
www.kpmfxt.com/ 		499 B
763 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.kpmfxt.com/web17.js
Requested by
Host: qymszj.com
URL: http://qymszj.com/
Protocol
HTTP/1.1
Server
154.219.142.2 Los Angeles, United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
8fe0b77c36edb21b5a65dfef87ec4ec51213d840218b56d55c3ff0a4030bee73

Request headers

Referer
http://qymszj.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 03 Dec 2018 22:08:37 GMT
Content-Encoding
gzip
Last-Modified
Sun, 02 Dec 2018 23:32:00 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"8d9f2f39978ad41:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
454
logo.jpg
qymszj.com/templets/lindu/images/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qymszj.com/templets/lindu/images/logo.jpg
Requested by
Host: qymszj.com
URL: http://qymszj.com/
Protocol
HTTP/1.1
Server
154.219.142.51 Los Angeles, United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
cc5f39ee27621c3f2691627fd648b7944bf2c60e5c0f76c2b73d3f3f4f574b98

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
qymszj.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://qymszj.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://qymszj.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 03 Dec 2018 22:08:37 GMT
Last-Modified
Sun, 02 Dec 2018 23:45:31 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"1ba1d21c998ad41:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
51885
click.aspx
count18.51yes.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://count18.51yes.com/click.aspx?id=182658343&logo=11
Requested by
Host: qymszj.com
URL: http://qymszj.com/
Protocol
HTTP/1.1
Server
222.191.251.131 Nanjing, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
1708027d9716ec9f12d45bf2c8ec8214cab5582d9e5dc64c9c2b856145ead0ff

Request headers

Referer
http://qymszj.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 03 Dec 2018 22:10:22 GMT
Cache-Control
private
Server
Microsoft-IIS/6.0
X-AspNet-Version
1.1.4322
X-Powered-By
ASP.NET
Content-Length
1778
Content-Type
text/html; charset=gb2312
hm.js
hm.baidu.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?1e7c6abc98f44df87bdd36542d14814d
Requested by
Host: www.kpmfxt.com
URL: http://www.kpmfxt.com/web17.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
df670d5877dd8e5df1e5286cdd901e2b39896d26989b48cb4a28b9c5bbf02d77
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
http://qymszj.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 03 Dec 2018 22:11:41 GMT
Content-Encoding
gzip
Server
apache
Etag
34d680f955ed4df9e8445e349880c149
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
9143
bgimg_topB1D.jpg
cs.itbyc.com/
Redirect Chain
  • http://www.itbyc.com/images/bgimg_top.jpg
  • http://itbyc.com/images/bgimg_top.jpg
  • http://cs.itbyc.com/bgimg_topB1D.jpg
30 B
30 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cs.itbyc.com/bgimg_topB1D.jpg
Requested by
Host: qymszj.com
URL: http://qymszj.com/
Protocol
HTTP/1.1
Server
122.72.89.206 Beijing, China, ASN9394 (CTTNET China TieTong Telecommunications Corporation, CN),
Reverse DNS
Software
Tengine /
Resource Hash
63f167d2adce5d2b33fc90c8a437615e605ac1ab3dd8b6e028dbc502da3b663e

Request headers

Referer
http://qymszj.com/templets/lindu/style/base.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Log
mc.g/404;rs40_shard.sel:7/not found;rs39_22.sel/not found;rdb.g/no such key;DBD/404;v4.get/Document not found;rwro.get:8/Document not found;RS.dbs:8/Document not found;RS:9/404;mc.g/404;rs40_shard.sel:6/not found;rs39_3.sel:4/not found;rdb.g/no such key;DBD/404;v4.get/Document not found;rwro.get:11/Document not found;RS.dbs:11/Document not found;RS:11/404;IO:23/404
Date
Mon, 03 Dec 2018 22:11:45 GMT
Via
cache20.l2eu95-1[53,404-1280,M], cache13.l2eu95-1[192,0], cache170.cn142[335,404-1280,M], cache166.cn142[377,0]
X-Svr
IO
X-Swift-Error
orig response 4XX error, orig response 4XX error
X-Reqid
34IAAMw8-oI68mwV
X-Cache
MISS TCP_MISS dirn:-2:-2
X-Swift-CacheTime
1
Connection
keep-alive
Content-Length
30
Server
Tengine
Access-Control-Max-Age
2592000
Ali-Swift-Global-Savetime
1543875105
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Timing-Allow-Origin
*
EagleId
7a4859a615438751050586777e
X-Swift-SaveTime
Mon, 03 Dec 2018 22:11:45 GMT

Redirect headers

Location
http://cs.itbyc.com/bgimg_topB1D.jpg
Date
Mon, 03 Dec 2018 22:11:42 GMT
Server
Apache
Connection
close
Content-Length
279
Content-Type
text/html; charset=iso-8859-1
hot_title_bg.gif
qymszj.com/templets/lindu/images/ 		870 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qymszj.com/templets/lindu/images/hot_title_bg.gif
Requested by
Host: qymszj.com
URL: http://qymszj.com/
Protocol
HTTP/1.1
Server
154.219.142.51 Los Angeles, United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
90e329490828bac04bbc963c38b2eb1739b6d3017fc8e4d29080de33d311c68a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
qymszj.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://qymszj.com/templets/lindu/style/index.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://qymszj.com/templets/lindu/style/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 03 Dec 2018 22:08:38 GMT
Last-Modified
Fri, 09 May 2014 05:49:45 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"578b217b4a6bcf1:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
870
libg.png
qymszj.com/templets/lindu/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qymszj.com/templets/lindu/images/libg.png
Requested by
Host: qymszj.com
URL: http://qymszj.com/
Protocol
HTTP/1.1
Server
154.219.142.51 Los Angeles, United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
74b18d8ee272e4558538894cf8c9dceb0e6e446dd75365082c3679ee2514435c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
qymszj.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://qymszj.com/templets/lindu/style/index.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://qymszj.com/templets/lindu/style/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 03 Dec 2018 22:08:38 GMT
Last-Modified
Fri, 09 May 2014 05:49:46 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"85e5fc7b4a6bcf1:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5307
nav_sprite.png
qymszj.com/templets/lindu/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qymszj.com/templets/lindu/images/nav_sprite.png
Requested by
Host: qymszj.com
URL: http://qymszj.com/
Protocol
HTTP/1.1
Server
154.219.142.51 Los Angeles, United States, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
9545e7a2151091f344a30d5837842134b0ed29ea23d719757b5f3174eea3353f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
qymszj.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://qymszj.com/templets/lindu/style/base.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://qymszj.com/templets/lindu/style/base.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 03 Dec 2018 22:08:38 GMT
Last-Modified
Fri, 09 May 2014 05:49:46 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"4dc5d37b4a6bcf1:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2338
sa.htm
count18.51yes.com/ Frame F594 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://count18.51yes.com/sa.htm?id=182658343&refe=&location=http%3A//qymszj.com/&color=24x&resolution=1600x1200&returning=0&language=undefined&ua=Mozilla/5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/67.0.3396.87%20Safari/537.36
Requested by
Host: count18.51yes.com
URL: http://count18.51yes.com/click.aspx?id=182658343&logo=11
Protocol
HTTP/1.1
Server
222.191.251.131 Nanjing, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash

Request headers

Host
count18.51yes.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://qymszj.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://qymszj.com/

Response headers

Date
Mon, 03 Dec 2018 22:10:23 GMT
Server
Microsoft-IIS/6.0
X-Powered-By
ASP.NET
X-AspNet-Version
1.1.4322
Cache-Control
private
Content-Length
0
count11.gif
count18.51yes.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://count18.51yes.com/count11.gif
Requested by
Host: qymszj.com
URL: http://qymszj.com/
Protocol
HTTP/1.1
Server
222.191.251.131 Nanjing, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
2ed87e4c2a9e0a42475b946905009a07c2bd08be958ba751a984b73bbf5a6459

Request headers

Referer
http://qymszj.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 03 Dec 2018 22:10:22 GMT
Last-Modified
Thu, 07 Apr 2005 17:25:22 GMT
Server
Microsoft-IIS/6.0
X-Powered-By
ASP.NET
ETag
"02d4c7963bc51:e498"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
1097
shell_v2.js
bdimg.share.baidu.com/static/js/ 		1 KB
970 B 		Script
General
Check archive.org
Download Go to
Full URL
http://bdimg.share.baidu.com/static/js/shell_v2.js?cdnversion=428855
Requested by
Host: qymszj.com
URL: http://qymszj.com/
Protocol
HTTP/1.1
Server
113.113.73.48 , China, ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
96e94fab37c4307d249cf2582540f86e433162b2e537cd54c7e888ca8d93c214

Request headers

Referer
http://qymszj.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 03 Dec 2018 22:11:41 GMT
Content-Encoding
gzip
Ohc-Response-Time
1 0 0 0 0 0
Last-Modified
Fri, 05 Jun 2015 08:50:12 GMT
Server
JSP3/2.0.14
Age
368
ETag
"2176374695"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
571
Expires
Mon, 03 Dec 2018 22:34:54 GMT
logger.js
bdimg.share.baidu.com/static/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bdimg.share.baidu.com/static/js/logger.js?cdnversion=428855
Requested by
Host: bdimg.share.baidu.com
URL: http://bdimg.share.baidu.com/static/js/shell_v2.js?cdnversion=428855
Protocol
HTTP/1.1
Server
113.113.73.48 , China, ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
6f1c9b5885df8bec5df7e730b10304c252e18804462c14fd0724e865ef25c654

Request headers

Referer
http://qymszj.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 03 Dec 2018 22:11:41 GMT
Content-Encoding
gzip
Ohc-Response-Time
1 0 0 0 0 0
Last-Modified
Fri, 05 Jun 2015 08:50:12 GMT
Server
JSP3/2.0.14
Age
418
ETag
"867751605"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2404
Expires
Mon, 03 Dec 2018 22:34:01 GMT
bds_s_v2.js
bdimg.share.baidu.com/static/js/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://bdimg.share.baidu.com/static/js/bds_s_v2.js?cdnversion=428855
Requested by
Host: bdimg.share.baidu.com
URL: http://bdimg.share.baidu.com/static/js/shell_v2.js?cdnversion=428855
Protocol
HTTP/1.1
Server
113.113.73.48 , China, ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
999e8c2f43f2fcc423464f65018fb6745f2c0ddf35259a5144232317f388b7f4

Request headers

Referer
http://qymszj.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 03 Dec 2018 22:11:41 GMT
Content-Encoding
gzip
Ohc-Response-Time
1 0 0 0 0 0
Last-Modified
Fri, 05 Jun 2015 08:50:12 GMT
Server
JSP3/2.0.14
Age
594
ETag
"859391591"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=1800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9992
Expires
Mon, 03 Dec 2018 22:31:01 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1998109265&si=1e7c6abc98f44df87bdd36542d14814d&v=1.2.34&lv=1&ct=!!&tt=%E4%B9%90%E7%82%B9%E5%BD%A9%E7%A5%A8%E5%A4%A7%E5%8F%91%E5%BF%AB3%7C%E5%88%86%E5%88%86%E5%BF%AB%E4%B8%89%E5%BC%80%E5%A5%96%7C%E6%B1%9F%E8%8B%8F%E5%BF%AB3%E8%B5%B0%E5%8A%BF%E5%9B%BE&sn=1572
Requested by
Host: qymszj.com
URL: http://qymszj.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
http://qymszj.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Dec 2018 22:11:41 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
bdsstyle.css
bdimg.share.baidu.com/static/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://bdimg.share.baidu.com/static/css/bdsstyle.css?cdnversion=20131219
Requested by
Host: bdimg.share.baidu.com
URL: http://bdimg.share.baidu.com/static/js/bds_s_v2.js?cdnversion=428855
Protocol
HTTP/1.1
Server
113.113.73.48 , China, ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
7fd041c8afab81c40829e4693e337718cd3c0ce90eda87fca80d706ce106e2a2

Request headers

Referer
http://qymszj.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 03 Dec 2018 22:11:42 GMT
Content-Encoding
gzip
Ohc-Response-Time
1 0 0 0 0 0
Last-Modified
Mon, 28 Sep 2015 08:06:43 GMT
Server
JSP3/2.0.14
Age
56752
ETag
"3339273650"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2007
Expires
Fri, 21 Dec 2018 10:20:19 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=%7B%22netAll%22%3A581%2C%22netDns%22%3A321%2C%22netTcp%22%3A259%2C%22srv%22%3A1296%2C%22dom%22%3A2743%2C%22loadEvent%22%3A7752%7D&et=87&ja=0&ln=en-us&lo=0&rnd=644771419&si=1e7c6abc98f44df87bdd36542d14814d&v=1.2.34&lv=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 Central District, Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
http://qymszj.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Dec 2018 22:11:46 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
v.gif
nsclick.baidu.com/ 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nsclick.baidu.com/v.gif?pid=307&type=3071&sc=1600,839,1600,1200&desturl=&apitype=1&linkid=jp8vdgtc3uj&velo_load=659&velo_cssload=220&velo_jsLoad=443&cite_uid=6499638&cite_type=1&cite_mini=0
Protocol
HTTP/1.1
Server
180.149.132.115 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software
BWS/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://qymszj.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Dec 2018 22:11:47 GMT
Last-Modified
Fri, 23 Oct 2009 08:06:04 GMT
Server
BWS/1.0
Etag
"4280832337"
Content-Type
image/gif
Cache-Control
max-age=0
Accept-Ranges
bytes
Content-Length
0
Expires
Mon, 03 Dec 2018 22:11:47 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _hmt string| refurl function| y_gVal function| y_g function| cc_k string| yesdata object| obj object| As object| bdShare object| shell boolean| _bdhm_loaded_1e7c6abc98f44df87bdd36542d14814d object| mini_tangram_log_mzgrt0 object| $BAIDU$ object| mini_tangram_log_pizbqi

5 Cookies

Domain/Path Name / Value
qymszj.com/ Name: bdshare_firstime
Value: 1543875102052
.qymszj.com/ Name: Hm_lvt_1e7c6abc98f44df87bdd36542d14814d
Value: 1543875102
.qymszj.com/ Name: Hm_lpvt_1e7c6abc98f44df87bdd36542d14814d
Value: 1543875102
qymszj.com/ Name: cck_count
Value: 0
qymszj.com/ Name: cck_lasttime
Value: 1543875100581

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bdimg.share.baidu.com
count18.51yes.com
cs.itbyc.com
hm.baidu.com
itbyc.com
nsclick.baidu.com
qymszj.com
www.itbyc.com
www.kpmfxt.com
103.235.46.191
113.113.73.48
115.159.90.194
122.72.89.206
154.219.142.2
154.219.142.51
180.149.132.115
222.191.251.131
1708027d9716ec9f12d45bf2c8ec8214cab5582d9e5dc64c9c2b856145ead0ff
2ed87e4c2a9e0a42475b946905009a07c2bd08be958ba751a984b73bbf5a6459
63f167d2adce5d2b33fc90c8a437615e605ac1ab3dd8b6e028dbc502da3b663e
6f1c9b5885df8bec5df7e730b10304c252e18804462c14fd0724e865ef25c654
74b18d8ee272e4558538894cf8c9dceb0e6e446dd75365082c3679ee2514435c
7fd041c8afab81c40829e4693e337718cd3c0ce90eda87fca80d706ce106e2a2
8aa1f91d1152237147746df053aca7553e054742adfcb707427ad77afa1aaf94
8ef9b6b29d866fc49d52bf6ead60cd7f7d08e668683f815ba93be20d6e25fcd0
8fe0b77c36edb21b5a65dfef87ec4ec51213d840218b56d55c3ff0a4030bee73
90e329490828bac04bbc963c38b2eb1739b6d3017fc8e4d29080de33d311c68a
9545e7a2151091f344a30d5837842134b0ed29ea23d719757b5f3174eea3353f
96e94fab37c4307d249cf2582540f86e433162b2e537cd54c7e888ca8d93c214
999e8c2f43f2fcc423464f65018fb6745f2c0ddf35259a5144232317f388b7f4
cc5f39ee27621c3f2691627fd648b7944bf2c60e5c0f76c2b73d3f3f4f574b98
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
df670d5877dd8e5df1e5286cdd901e2b39896d26989b48cb4a28b9c5bbf02d77
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f482472cce9fcbc9251e4ee9377563231f8072f7e27b425a76a45a9c7f661624