urlscan.io logo urlscan.io
SecurityTrails logo

4mt.8cifco.cn Open in urlscan Pro
8.210.18.233  Public Scan

Go To Rescan Add Verdict Report
URL: https://4mt.8cifco.cn/
Submission: On December 04 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 16 domains to perform 34 HTTP transactions. The main IP is 8.210.18.233, located in Hong Kong, Hong Kong and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is 4mt.8cifco.cn.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on February 27th 2023. Valid for: a year.
This is the only time 4mt.8cifco.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8.210.18.233 45102 (ALIBABA-C...)
11 60.188.66.41 136190 (CHINATELE...)
3 54.172.142.205 14618 (AMAZON-AES)
2 2600:141b:1c0... 20940 (AKAMAI-ASN1)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 52.202.69.76 14618 (AMAZON-AES)
8 8 151.101.130.49 54113 (FASTLY)
1 2 172.253.113.154 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
2 103.235.46.191 55967 (BAIDU Bei...)
1 69.173.151.100 26667 (RUBICONPR...)
1 2 104.18.36.155 13335 (CLOUDFLAR...)
1 2 68.67.160.184 29990 (ASN-APPNEX)
1 2 35.244.159.8 396982 (GOOGLE-CL...)
1 162.248.18.37 62713 (AS-PUBMATIC)
1 2a03:2880:f11... 32934 (FACEBOOK)
34 15
1    8.210.18.233 (Hong Kong, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
4mt.8cifco.cn
11    60.188.66.41 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)
www.cifco8.cn
3    54.172.142.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-142-205.compute-1.amazonaws.com
dpm.demdex.net
atsolution.demdex.net
2    2600:141b:1c00:209f::1e80 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
6    2606:4700::6812:542 (United States)

ASN13335 (CLOUDFLARENET, US)
www.atfx-china.com
1    52.202.69.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-69-76.compute-1.amazonaws.com
cm.everesttech.net
8    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    172.253.113.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ma-in-f154.1e100.net
cm.g.doubleclick.net
1    2607:f8b0:4024:c02::5e (Clarksville, United States)

ASN15169 (GOOGLE, US)
www.gstatic.cn
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    68.67.160.184 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
11 cifco8.cn
www.cifco8.cn
1 MB
9 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1110
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
2 KB
6 atfx-china.com
www.atfx-china.com
488 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
atsolution.demdex.net
5 KB
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 491
490 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
2 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
1 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 10115
12 KB
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
831 B
2 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 431
14 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
1 KB
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 859
451 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
905 B
1 gstatic.cn
www.gstatic.cn
1 8cifco.cn
4mt.8cifco.cn
8 KB
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
34 16
Domain Requested by
11 www.cifco8.cn 4mt.8cifco.cn
8 sync-tm.everesttech.net 8 redirects
6 www.atfx-china.com 4mt.8cifco.cn
2 us-u.openx.net 1 redirects 4mt.8cifco.cn
2 ib.adnxs.com 1 redirects 4mt.8cifco.cn
2 dsum-sec.casalemedia.com 1 redirects 4mt.8cifco.cn
2 hm.baidu.com 4mt.8cifco.cn
2 cm.g.doubleclick.net 1 redirects 4mt.8cifco.cn
2 assets.adobedtm.com www.cifco8.cn
2 dpm.demdex.net www.cifco8.cn
4mt.8cifco.cn
1 www.facebook.com 4mt.8cifco.cn
1 image2.pubmatic.com 4mt.8cifco.cn
1 pixel.rubiconproject.com 4mt.8cifco.cn
1 www.gstatic.cn www.cifco8.cn
1 cm.everesttech.net 1 redirects
1 atsolution.demdex.net www.cifco8.cn
1 4mt.8cifco.cn
0 sync.search.spotxchange.com Failed 4mt.8cifco.cn
34 18

This site contains links to these domains. Also see Links.

Domain
mt4.cifco8.cn
Subject Issuer Validity Valid
mt4.cifco8.cn
Encryption Everywhere DV TLS CA - G1		 2023-02-27 -
2024-02-27		 a year crt.sh
www.cifco8.cn
Encryption Everywhere DV TLS CA - G1		 2023-02-15 -
2024-02-15		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
www.atfx-china.com
Cloudflare Inc ECC CA-3		 2023-08-05 -
2024-08-03		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh

This page contains 2 frames:

Primary Page: https://4mt.8cifco.cn/
Frame ID: 48C73D5B5FA2C3235C221825214DDEF0
Requests: 25 HTTP requests in this frame

Frame: https://atsolution.demdex.net/dest5.html?d_nsid=0
Frame ID: 8E059AAC98DE2179523B801D2E6D1990
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MT4下载_免费下载最新MT4安卓/苹果/电脑版

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

71 %
HTTPS

25 %
IPv6

16
Domains

18
Subdomains

15
IPs

4
Countries

1820 kB
Transfer

1882 kB
Size

24
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://cm.everesttech.net/cm/dd?d_uuid=02521762419229495022323247309009826530 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZW2-BgAAAGJGgQN2
Request Chain 17
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=ZW2-BQAEbmE5qgBU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlcyLUJRQUVibUU1cWdCVQ==&_test=ZW2-BQAEbmE5qgBU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WlcyLUJRQUVibUU1cWdCVQ==&_test=ZW2-BQAEbmE5qgBU&google_tc=
Request Chain 25
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZW2-BQAEbmE5qgBU&expires=90
Request Chain 26
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZW2-BQAEbmE5qgBU HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZW2-BQAEbmE5qgBU&C=1
Request Chain 27
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=ZW2-BgAAAGJGgQN2 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZW2-BgAAAGJGgQN2
Request Chain 28
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZW2-BgAAAGJGgQN2 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZW2-BgAAAGJGgQN2
Request Chain 29
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZW2-BgAAAGJGgQN2
Request Chain 30
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZW2-BgAAAGJGgQN2&img=1
Request Chain 31
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZW2-BgAAAGJGgQN2&t=2592000&o=0

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
4mt.8cifco.cn/ 		37 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4mt.8cifco.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.210.18.233 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
f00d1d244d34812653cbf75d5b41feef3c19a56d8595ed46843be80ead86ed13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 04 Dec 2023 11:58:52 GMT
etag
W/"64c8c333-9203"
last-modified
Tue, 01 Aug 2023 08:32:51 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
autoptimize_1bd764adeed8dd3dcd6f4c3c36dde0ca.css
www.cifco8.cn/xzmt4/css/ 		169 KB
169 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cifco8.cn/xzmt4/css/autoptimize_1bd764adeed8dd3dcd6f4c3c36dde0ca.css
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
60.188.66.41 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
71565a39aef1d5d84761c56e930638426d672cebd45d4036c80a0c7b76d32208
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

ohc-file-size
172912
date
Mon, 04 Dec 2023 11:59:00 GMT
strict-transport-security
max-age=31536000
ohc-cache-hit
jh2ct50 [2], wzix110 [2]
last-modified
Wed, 15 Feb 2023 01:58:49 GMT
server
JSP3/2.0.14
etag
"63ec3c59-2a370"
x-cache-status
MISS
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
accept-ranges
bytes
ohc-global-saved-time
Mon, 04 Dec 2023 11:59:00 GMT
content-length
172912
expires
Mon, 04 Dec 2023 23:59:00 GMT
jquery.min.js
www.cifco8.cn/xzmt4/js/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cifco8.cn/xzmt4/js/jquery.min.js
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
60.188.66.41 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

ohc-file-size
89521
date
Mon, 04 Dec 2023 11:59:00 GMT
strict-transport-security
max-age=31536000
ohc-cache-hit
jh2ct78 [1], csix96 [2]
last-modified
Wed, 15 Feb 2023 02:00:07 GMT
server
JSP3/2.0.14
etag
"63ec3ca7-15db1"
x-cache-status
MISS
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
ohc-global-saved-time
Mon, 04 Dec 2023 11:59:00 GMT
content-length
89521
expires
Mon, 04 Dec 2023 23:59:00 GMT
launch-9724699d2dd6.min.js
www.cifco8.cn/xzmt4/js/ 		150 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cifco8.cn/xzmt4/js/launch-9724699d2dd6.min.js
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
60.188.66.41 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
7d7643dd6043bcdde15382b1e39d8720150395f412e8b2e7b5e44e204ffa3cec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

ohc-file-size
153141
date
Mon, 04 Dec 2023 11:59:00 GMT
strict-transport-security
max-age=31536000
ohc-cache-hit
jh2ct74 [2], cdix165 [2]
last-modified
Wed, 15 Feb 2023 01:59:02 GMT
server
JSP3/2.0.14
etag
"63ec3c66-25635"
x-cache-status
MISS
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
ohc-global-saved-time
Mon, 04 Dec 2023 11:59:00 GMT
content-length
153141
expires
Mon, 04 Dec 2023 23:59:00 GMT
recur-livechat.js
www.cifco8.cn/xzmt4/js/ 		745 KB
746 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cifco8.cn/xzmt4/js/recur-livechat.js
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
60.188.66.41 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
4bf185d2b8a00d67d9d199c7e089d13bddea38e14030a68cca4e3699039a78d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

ohc-file-size
762641
date
Mon, 04 Dec 2023 11:59:01 GMT
strict-transport-security
max-age=31536000
ohc-cache-hit
jh2ct63 [2], xiangyix63 [2]
last-modified
Wed, 15 Feb 2023 02:00:06 GMT
server
JSP3/2.0.14
etag
"63ec3ca6-ba311"
x-cache-status
MISS
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
ohc-global-saved-time
Mon, 04 Dec 2023 11:59:01 GMT
content-length
762641
expires
Mon, 04 Dec 2023 23:59:01 GMT
ac9ddd2254394f309bc97ff79651b93d.gif
www.cifco8.cn/xzmt4/picture/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cifco8.cn/xzmt4/picture/ac9ddd2254394f309bc97ff79651b93d.gif
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
60.188.66.41 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
lazysizes.min.js
www.cifco8.cn/xzmt4/js/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cifco8.cn/xzmt4/js/lazysizes.min.js
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
60.188.66.41 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

ohc-file-size
9813
date
Mon, 04 Dec 2023 11:59:01 GMT
strict-transport-security
max-age=31536000
ohc-cache-hit
jh2ct71 [1], czix107 [4]
last-modified
Wed, 15 Feb 2023 01:59:01 GMT
server
JSP3/2.0.14
etag
"63ec3c65-2655"
x-cache-status
MISS
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
ohc-global-saved-time
Mon, 04 Dec 2023 11:59:01 GMT
content-length
9813
expires
Mon, 04 Dec 2023 23:59:01 GMT
autoptimize_single_40ee8ccf9b91868fe2b42d15bf3408db.js
www.cifco8.cn/xzmt4/js/ 		31 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cifco8.cn/xzmt4/js/autoptimize_single_40ee8ccf9b91868fe2b42d15bf3408db.js
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
60.188.66.41 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
340d568a139d898d83054731c01abbe154b8e28aa6abbbe5a3e48e645f368735
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

ohc-file-size
31882
date
Mon, 04 Dec 2023 11:59:00 GMT
strict-transport-security
max-age=31536000
ohc-cache-hit
jh2ct84 [1], cdix84 [2]
last-modified
Wed, 15 Feb 2023 02:00:21 GMT
server
JSP3/2.0.14
etag
"63ec3cb5-7c8a"
x-cache-status
MISS
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
ohc-global-saved-time
Mon, 04 Dec 2023 11:59:00 GMT
content-length
31882
expires
Mon, 04 Dec 2023 23:59:00 GMT
api.js
www.cifco8.cn/xzmt4/js/ 		855 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cifco8.cn/xzmt4/js/api.js
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
60.188.66.41 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
690bc9cbb68ba4000bd77c57deb07df555b3c0175e59150a684237b25f38f574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

ohc-file-size
855
date
Mon, 04 Dec 2023 11:59:01 GMT
strict-transport-security
max-age=31536000
ohc-cache-hit
jh2ct81 [1], xaix118 [4]
last-modified
Wed, 15 Feb 2023 02:02:12 GMT
server
JSP3/2.0.14
etag
"63ec3d24-357"
x-cache-status
MISS
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
ohc-global-saved-time
Mon, 04 Dec 2023 11:59:01 GMT
content-length
855
expires
Mon, 04 Dec 2023 23:59:01 GMT
autoptimize_a369dcc45fc0e56efcb9c6b05e0b7928.js
www.cifco8.cn/xzmt4/js/ 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cifco8.cn/xzmt4/js/autoptimize_a369dcc45fc0e56efcb9c6b05e0b7928.js
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
60.188.66.41 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
93fac6698baff2904844b8347a00bd46fe1645937d96419555626583a0c8a371
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

ohc-file-size
89625
date
Mon, 04 Dec 2023 11:59:01 GMT
strict-transport-security
max-age=31536000
ohc-cache-hit
jh2ct81 [2], xaix81 [2]
last-modified
Wed, 15 Feb 2023 02:00:06 GMT
server
JSP3/2.0.14
etag
"63ec3ca6-15e19"
x-cache-status
MISS
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
ohc-global-saved-time
Mon, 04 Dec 2023 11:59:01 GMT
content-length
89625
expires
Mon, 04 Dec 2023 23:59:01 GMT
id
dpm.demdex.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F64735DD5CF122370A495FCD%40AdobeOrg&d_nsid=0&ts=1701691141509
Requested by
Host: www.cifco8.cn
URL: https://www.cifco8.cn/xzmt4/js/launch-9724699d2dd6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.172.142.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-142-205.compute-1.amazonaws.com
Software
/
Resource Hash
aa241b35d0d2bedffa5b6a9d4c094f617496858c89301436fd897b540738db4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://4mt.8cifco.cn/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-va6-1-v053-02f526196.edge-va6.demdex.com 3 ms
pragma
no-cache
date
Mon, 04 Dec 2023 11:59:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
93VVP2gyTKU=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://4mt.8cifco.cn
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
902
expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by
Host: www.cifco8.cn
URL: https://www.cifco8.cn/xzmt4/js/launch-9724699d2dd6.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:209f::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 11:59:01 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://4mt.8cifco.cn
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12384
expires
Mon, 04 Dec 2023 12:59:01 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: www.cifco8.cn
URL: https://www.cifco8.cn/xzmt4/js/launch-9724699d2dd6.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:209f::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 11:59:01 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://4mt.8cifco.cn
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1598
expires
Mon, 04 Dec 2023 12:59:01 GMT
ac9ddd2254394f309bc97ff79651b93d.gif
www.cifco8.cn/xzmt4/picture/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cifco8.cn/xzmt4/picture/ac9ddd2254394f309bc97ff79651b93d.gif
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
60.188.66.41 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
MT4_form_bg-1-1.webp
www.atfx-china.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/sites/4/2020/01/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.atfx-china.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/sites/4/2020/01/MT4_form_bg-1-1.webp
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e14b0f7b409df5528dd6dc8c1b5f2056e9d69db4f4ad15f251f6b4da5cfb9ee4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 11:59:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
last-modified
Mon, 23 Aug 2021 10:31:49 GMT
server
cloudflare
etag
"61237915-12aba"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8303e1833ac96aee-BUF
content-length
76474
expires
Tue, 03 Dec 2024 11:59:01 GMT
mt4-desktp-bg-1.webp
www.atfx-china.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/sites/4/2020/01/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.atfx-china.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/sites/4/2020/01/mt4-desktp-bg-1.webp
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12a760fa5b05b40c136fdd2735c9cb842782debee31cc779841bafac72a6d85a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 11:59:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
last-modified
Mon, 23 Aug 2021 10:31:49 GMT
server
cloudflare
etag
"61237915-1ded4"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8303e1833ac86aee-BUF
content-length
122580
expires
Tue, 03 Dec 2024 11:59:01 GMT
dest5.html
atsolution.demdex.net/ Frame 8E05 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://atsolution.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.cifco8.cn
URL: https://www.cifco8.cn/xzmt4/js/launch-9724699d2dd6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.172.142.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-142-205.compute-1.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://4mt.8cifco.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 04 Dec 2023 11:59:01 GMT
dcs
dcs-prod-va6-2-v053-08b552fb2.edge-va6.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Sun, 12 Nov 2023 20:33:49 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
0hMtvSl8Tcw=
ibs:dpid=411&dpuuid=ZW2-BgAAAGJGgQN2
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=02521762419229495022323247309009826530
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZW2-BgAAAGJGgQN2
42 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZW2-BgAAAGJGgQN2
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Server
54.172.142.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-142-205.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-0e24680df.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Mon, 04 Dec 2023 11:59:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
2G/dFghtQNI=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZW2-BgAAAGJGgQN2
Date
Mon, 04 Dec 2023 11:59:02 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
pixel
cm.g.doubleclick.net/ Frame 8E05
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64E...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlcyLUJRQUVibUU1cWdCVQ==&_test=ZW2-BQAEbmE5qgBU
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WlcyLUJRQUVibUU1cWdCVQ==&_test=ZW2-BQAEbmE5qgBU&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WlcyLUJRQUVibUU1cWdCVQ==&_test=ZW2-BQAEbmE5qgBU&google_tc=
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Server
172.253.113.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ma-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://atsolution.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 11:59:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 11:59:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WlcyLUJRQUVibUU1cWdCVQ==&_test=ZW2-BQAEbmE5qgBU&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
372
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__zh_cn.js
www.gstatic.cn/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.cn/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__zh_cn.js
Requested by
Host: www.cifco8.cn
URL: https://www.cifco8.cn/xzmt4/js/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4024:c02::5e Clarksville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4mt.8cifco.cn/
Origin
https://4mt.8cifco.cn
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 11:59:02 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1624
x-xss-protection
0
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?e6ca54b9a4a7a41a021b214bc1a1da95
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
13545a1d8202bdfa5b06a55e87b363c178bbc84c4915dea0acce0d56e566cec8
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Mon, 04 Dec 2023 11:59:02 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
50679050d857a0b8dc53b98a2378a067
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11257
mt4-toplogo.png
www.cifco8.cn/xzmt4/picture/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cifco8.cn/xzmt4/picture/mt4-toplogo.png
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
60.188.66.41 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
01b381f926f6b8c05a20c317a260143f86b07cbeb93c4453796010aed3de9e53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

ohc-file-size
3924
date
Mon, 04 Dec 2023 11:59:02 GMT
strict-transport-security
max-age=31536000
ohc-cache-hit
jh2ct60 [1], xiangyix60 [1]
last-modified
Thu, 16 Feb 2023 02:58:02 GMT
server
JSP3/2.0.14
etag
"63ed9bba-f54"
x-cache-status
MISS
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
ohc-global-saved-time
Mon, 04 Dec 2023 11:59:02 GMT
content-length
3924
expires
Wed, 03 Jan 2024 11:59:02 GMT
mt4-logo-1.png
www.atfx-china.com/wp-content/uploads/sites/9/2020/04/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.atfx-china.com/wp-content/uploads/sites/9/2020/04/mt4-logo-1.png
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34e8fa54f9168483305276bb5c51154bc729a678cb6a3fda8a334ed960cb80a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 11:59:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
cf-polished
origFmt=png, origSize=9796
content-disposition
inline; filename="mt4-logo-1.webp"
content-length
7950
cf-bgj
imgq:100,h2pri
last-modified
Mon, 23 Aug 2021 10:32:23 GMT
server
cloudflare
etag
"61237937-2644"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8303e184aad46aee-BUF
expires
Tue, 03 Dec 2024 11:59:01 GMT
MT4_for_windows_mockup@2x.png.webp
www.atfx-china.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/sites/4/2020/01/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.atfx-china.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/sites/4/2020/01/MT4_for_windows_mockup@2x.png.webp
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c9b8809815fc6e10dda5caa532b87f53cf9270b618c8c3b73c8b6a590f93f15
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 11:59:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
last-modified
Mon, 23 Aug 2021 10:31:49 GMT
server
cloudflare
etag
"61237915-16190"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8303e184aad56aee-BUF
content-length
90512
expires
Tue, 03 Dec 2024 11:59:02 GMT
iOs_mockup-1-561x423-1.png
www.atfx-china.com/wp-content/uploads/sites/9/2020/04/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.atfx-china.com/wp-content/uploads/sites/9/2020/04/iOs_mockup-1-561x423-1.png
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc75254dc8a4938c5ab00036c154809698107946573cb4ab8d5e121b1e93039
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 11:59:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
last-modified
Mon, 23 Aug 2021 10:32:23 GMT
server
cloudflare
etag
"61237937-191ad"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8303e184aad66aee-BUF
content-length
102829
expires
Tue, 03 Dec 2024 11:59:03 GMT
MT4_for_andriod_mockup@2x.png.webp
www.atfx-china.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/sites/4/2019/11/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.atfx-china.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/sites/4/2019/11/MT4_for_andriod_mockup@2x.png.webp
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef96871b3573ac0220395550f4ee715c26388891090503a7701e0cf2690f6348
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 11:59:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
last-modified
Mon, 23 Aug 2021 10:31:50 GMT
server
cloudflare
etag
"61237916-17e8e"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8303e184aad76aee-BUF
content-length
97934
expires
Tue, 03 Dec 2024 11:59:03 GMT
tap.php
pixel.rubiconproject.com/ Frame 8E05
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZW2-BQAEbmE5qgBU&expires=90
42 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZW2-BQAEbmE5qgBU&expires=90
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://atsolution.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
29af2665c43893332e84c235bac366c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-yyz4537-YYZ
pragma
no-cache
date
Mon, 04 Dec 2023 11:59:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1701691142.915514,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZW2-BQAEbmE5qgBU&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 8E05
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZW2-BQAEbmE5qgBU
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZW2-BQAEbmE5qgBU&C=1
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZW2-BQAEbmE5qgBU&C=1
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://atsolution.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 11:59:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Q4bVbtQ1tAahKBEFW0r2cGnSddJbJbGCMyvzP8bnVoXTXMGXtFBt2mSGVl1ULbhuVAmrFB8qu7QtDJmmKJJaEsZHt9YSuw1VQaLZJGe3NshBl0SMnRD0b70GTIg2xtNO4Fnz%2F19dOqAFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8303e1864b30a223-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 11:59:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjPmULwrhyE5jVELdC6v4XOQRZW45RG9JbGYDRxJDERDuuUTkWKSGyGvR5qunNW3ARJkbY8XFqQJZ0E35ZjlPCd4xoB6zfDnCZQfYwbTf9AOlFNFyFlMN9KRqDaU6Sqn%2FGSTvmcO8a%2BxsA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=88&external_user_id=ZW2-BQAEbmE5qgBU&C=1
cache-control
no-cache
cf-ray
8303e1860aeba223-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
bounce
ib.adnxs.com/ Frame 8E05
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=ZW2-BgAAAGJGgQN2
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZW2-BgAAAGJGgQN2
43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZW2-BgAAAGJGgQN2
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Server
68.67.160.184 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://atsolution.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 11:59:02 GMT
an-x-request-uuid
494d1fed-4fb9-44ca-98a8-7b43dc51b526
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Dec 2023 11:59:02 GMT
an-x-request-uuid
69019e97-8b79-46f4-ab38-70b67a33a726
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZW2-BgAAAGJGgQN2
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.40; 96.9.249.40; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8E05
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZW2-BgAAAGJGgQN2
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZW2-BgAAAGJGgQN2
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZW2-BgAAAGJGgQN2
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://atsolution.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Dec 2023 11:59:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZW2-BgAAAGJGgQN2
date
Mon, 04 Dec 2023 11:59:02 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Pug
image2.pubmatic.com/AdServer/ Frame 8E05
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZW2-BgAAAGJGgQN2
1 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZW2-BgAAAGJGgQN2
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://atsolution.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 04 Dec 2023 11:59:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-yyz4537-YYZ
pragma
no-cache
date
Mon, 04 Dec 2023 11:59:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1701691142.320454,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZW2-BgAAAGJGgQN2
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame 8E05
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZW2-BgAAAGJGgQN2&img=1
0
0
b.php
www.facebook.com/fr/ Frame 8E05
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZW2-BgAAAGJGgQN2&t=2592000&o=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZW2-BgAAAGJGgQN2&t=2592000&o=0
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
H2
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://atsolution.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Mon, 04 Dec 2023 03:59:03 PST
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
public
x-fb-debug
6h86HRJYUGf/rG1pNIdTSV8jkxqHlssldRMV7qUTumW2fkq3tWY956prj2CQthcn9OgFdM4WW45Zk8EhzO+CEA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
origin-agent-cluster
?0
cache-control
public, max-age=0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gamepad=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires
Mon, 04 Dec 2023 03:59:03 PST

Redirect headers

x-served-by
cache-yyz4537-YYZ
pragma
no-cache
date
Mon, 04 Dec 2023 11:59:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1701691143.521561,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZW2-BgAAAGJGgQN2&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1440924510&si=e6ca54b9a4a7a41a021b214bc1a1da95&v=1.3.0&lv=1&sn=9334&r=0&ww=1600&u=https%3A%2F%2F4mt.8cifco.cn%2F&tt=MT4%E4%B8%8B%E8%BD%BD_%E5%85%8D%E8%B4%B9%E4%B8%8B%E8%BD%BD%E6%9C%80%E6%96%B0MT4%E5%AE%89%E5%8D%93%2F%E8%8B%B9%E6%9E%9C%2F%E7%94%B5%E8%84%91%E7%89%88
Requested by
Host: 4mt.8cifco.cn
URL: https://4mt.8cifco.cn/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://4mt.8cifco.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Dec 2023 11:59:03 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZW2-BgAAAGJGgQN2&img=1

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture undefined| $ function| jQuery object| _satellite boolean| __satelliteLoaded object| adobeDataLayer object| adobe function| Visitor object| s_c_il number| s_c_in object| aanumber_data object| lazySizesConfig function| removeLoading function| get_different_language function| judge function| popup_reload function| throttle function| parseURL object| keys function| preventDefault function| keydown function| wheel function| disable_scroll function| enable_scroll function| iframe_timeZone_change function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap object| s object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _hmt object| lazySizes function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ function| saveAs object| RecurLivechat string| threeCode function| form_geo_init function| getCookie function| select_p_self function| call_post function| search_market_pdf function| replace_mobile_image object| area_phone function| submit_scroll_to_form string| url undefined| content_cookie undefined| base_value_a object| base_value_a_arr undefined| cookie_arr object| cookie_keys_arr object| cookie_vs_arr undefined| code_key undefined| code_value undefined| Referrer_Code_i undefined| Referrer_Type_i undefined| Referrer_Group_i function| setCookie_new function| set_add_cookie function| hideErr undefined| Cookies boolean| _bdhm_loaded_e6ca54b9a4a7a41a021b214bc1a1da95 object| mini_tangram_log_g3qgxb

24 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 02521762419229495022323247309009826530
.8cifco.cn/ Name: AMCVS_F64735DD5CF122370A495FCD%40AdobeOrg
Value: 1
.atfx-china.com/ Name: __cf_bm
Value: ywtQv7GYelDh6XhlQhYa6LQ65GydEdYuCbp8S2fbTNo-1701691141-0-AexlknbUp912RNnLCVa6qX8Uz7TiubC/AwJatn0NcSq0KS03BUde5/cyK7ymU5f1Yvnn/yoHNnIoHnaUpWXvaDk=
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZW2-BgAAAGJGgQN2
.dpm.demdex.net/ Name: dpm
Value: 02521762419229495022323247309009826530
.8cifco.cn/ Name: AMCV_F64735DD5CF122370A495FCD%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19696%7CMCMID%7C08584567293972658712930686886751073875%7CMCAAMLH-1702295941%7C7%7CMCAAMB-1702295941%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1701698341s%7CNONE%7CMCSYNCSOP%7C411-19703%7CvVersion%7C5.5.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.rubiconproject.com/ Name: khaos
Value: LPQUYWMR-1V-2SAE
.rubiconproject.com/ Name: audit
Value: 1|wBLD7X07DJp50uzaefbl9r2Q94Ekp1t5qdDmZJtliBjhj9K5Ghav9QfoBWE+NMpt44+dZT06/iUwHTRO1/p4iM1d+xr7gW6vRTjahTvbHTF9KgKBgdCPRO1bsY4uorlDIUPgYs+BzPatAOTmjEas6/WQzJBJR0DUpRuCy0WrP/0=
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: CMID
Value: ZW2-Bp3U1L-ntNk-JjslzQAA
.casalemedia.com/ Name: CMPS
Value: 1459
.casalemedia.com/ Name: CMPRO
Value: 1459
.adnxs.com/ Name: uuid2
Value: 5156877190535085521
.8cifco.cn/ Name: ref_landing
Value: https://4mt.8cifco.cn/
.8cifco.cn/ Name: ref_referer
Value:
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2Hc!pRy/N!@wnfH)iR8PMp-v=0BdB<Gt@LiJ%Dyg@<$<hYfdwmrZ)S(j#iP(Md+uBZ.Nkx3I%>m!<`@UAAF%DYzIJ!!+T[*SzNh
.openx.net/ Name: i
Value: b49261db-0314-48f5-88c6-0455c6ba16ec|1701691142
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-ZW2-BgAAAGJGgQN2&KRTB&22978-ZW2-BgAAAGJGgQN2&KRTB&23194-ZW2-BgAAAGJGgQN2&KRTB&23209-ZW2-BgAAAGJGgQN2
.pubmatic.com/ Name: PugT
Value: 1701691142
.demdex.net/ Name: dextp
Value: 144230-1-1701691141804|144231-1-1701691141905|144232-1-1701691142006|144233-1-1701691142108|144234-1-1701691142209|144235-1-1701691142309|144236-1-1701691142410|144237-1-1701691142511
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 7EEFF0C02ED67346
.4mt.8cifco.cn/ Name: Hm_lvt_e6ca54b9a4a7a41a021b214bc1a1da95
Value: 1701691144
.4mt.8cifco.cn/ Name: Hm_lpvt_e6ca54b9a4a7a41a021b214bc1a1da95
Value: 1701691144

5 Console Messages

Source Level URL
Text
network error URL: https://www.cifco8.cn/xzmt4/picture/ac9ddd2254394f309bc97ff79651b93d.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.cifco8.cn/xzmt4/picture/ac9ddd2254394f309bc97ff79651b93d.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZW2-BgAAAGJGgQN2&img=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.gstatic.cn/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__zh_cn.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://4mt.8cifco.cn/
Message:
Refused to execute script from 'https://www.gstatic.cn/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__zh_cn.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4mt.8cifco.cn
assets.adobedtm.com
atsolution.demdex.net
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
dsum-sec.casalemedia.com
hm.baidu.com
ib.adnxs.com
image2.pubmatic.com
pixel.rubiconproject.com
sync-tm.everesttech.net
sync.search.spotxchange.com
us-u.openx.net
www.atfx-china.com
www.cifco8.cn
www.facebook.com
www.gstatic.cn
sync.search.spotxchange.com
103.235.46.191
104.18.36.155
151.101.130.49
162.248.18.37
172.253.113.154
2600:141b:1c00:209f::1e80
2606:4700::6812:542
2607:f8b0:4024:c02::5e
2a03:2880:f112:83:face:b00c:0:25de
35.244.159.8
52.202.69.76
54.172.142.205
60.188.66.41
68.67.160.184
69.173.151.100
8.210.18.233
01b381f926f6b8c05a20c317a260143f86b07cbeb93c4453796010aed3de9e53
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
12a760fa5b05b40c136fdd2735c9cb842782debee31cc779841bafac72a6d85a
13545a1d8202bdfa5b06a55e87b363c178bbc84c4915dea0acce0d56e566cec8
340d568a139d898d83054731c01abbe154b8e28aa6abbbe5a3e48e645f368735
34e8fa54f9168483305276bb5c51154bc729a678cb6a3fda8a334ed960cb80a7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf185d2b8a00d67d9d199c7e089d13bddea38e14030a68cca4e3699039a78d9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c9b8809815fc6e10dda5caa532b87f53cf9270b618c8c3b73c8b6a590f93f15
690bc9cbb68ba4000bd77c57deb07df555b3c0175e59150a684237b25f38f574
71565a39aef1d5d84761c56e930638426d672cebd45d4036c80a0c7b76d32208
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d7643dd6043bcdde15382b1e39d8720150395f412e8b2e7b5e44e204ffa3cec
93fac6698baff2904844b8347a00bd46fe1645937d96419555626583a0c8a371
aa241b35d0d2bedffa5b6a9d4c094f617496858c89301436fd897b540738db4c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bfc75254dc8a4938c5ab00036c154809698107946573cb4ab8d5e121b1e93039
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
e14b0f7b409df5528dd6dc8c1b5f2056e9d69db4f4ad15f251f6b4da5cfb9ee4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef96871b3573ac0220395550f4ee715c26388891090503a7701e0cf2690f6348
f00d1d244d34812653cbf75d5b41feef3c19a56d8595ed46843be80ead86ed13