urlscan.io logo urlscan.io
SecurityTrails logo

ci4.cn Open in urlscan Pro
129.226.12.154  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t5-nehz-cn.pages.dev/
Effective URL: http://ci4.cn/wb/login.php
Submission: On January 03 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 16 HTTP transactions. The main IP is 129.226.12.154, located in Hong Kong, Hong Kong and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is ci4.cn.
This is the only time ci4.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:310... 13335 (CLOUDFLAR...)
1 1 106.52.50.96 45090 (TENCENT-N...)
1 4 129.226.12.154 132203 (TENCENT-N...)
5 2600:9000:208... 16509 (AMAZON-02)
1 2409:8c54:104... 56040 (CMNET-GUA...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 43.152.183.30 139341 (ACE-AS-AP...)
16 8
1    2606:4700:310c::ac42:2f07 (United States)

ASN13335 (CLOUDFLARENET, US)
t5-nehz-cn.pages.dev
1    106.52.50.96 (Guangzhou, China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
go.uiurl.cn
4    129.226.12.154 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
ci4.cn
5    2600:9000:208f:c200:1d:80d9:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)
lib.baomitu.com
1    2409:8c54:1040:9::120 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)
ssl.captcha.qq.com
1    2607:f8b0:4004:c0b::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    43.152.183.30 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)
captcha.gtimg.com
Apex Domain
Subdomains		 Transfer
5 baomitu.com
lib.baomitu.com — Cisco Umbrella Rank: 130500
252 KB
4 gtimg.com
captcha.gtimg.com — Cisco Umbrella Rank: 37742
162 KB
4 ci4.cn
ci4.cn
19 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
3 KB
1 qq.com
ssl.captcha.qq.com — Cisco Umbrella Rank: 84774
80 KB
1 uiurl.cn
go.uiurl.cn
407 B
1 pages.dev
t5-nehz-cn.pages.dev
20 KB
16 8
Domain Requested by
5 lib.baomitu.com ci4.cn
lib.baomitu.com
4 captcha.gtimg.com ssl.captcha.qq.com
captcha.gtimg.com
4 ci4.cn 1 redirects t5-nehz-cn.pages.dev
ci4.cn
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com ci4.cn
1 ssl.captcha.qq.com ci4.cn
1 go.uiurl.cn 1 redirects
1 t5-nehz-cn.pages.dev
16 8

This site contains no links.

Subject Issuer Validity Valid
t5-nehz-cn.pages.dev
GTS CA 1P5		 2024-01-03 -
2024-04-02		 3 months crt.sh
*.baomitu.com
WoTrus DV Server CA [Run by the Issuer]		 2023-04-20 -
2024-04-19		 a year crt.sh
*.captcha.qq.com
DigiCert Secure Site CN CA G3		 2023-09-04 -
2024-10-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.captcha.gtimg.com
DigiCert Secure Site CN CA G3		 2023-11-08 -
2024-12-05		 a year crt.sh

This page contains 2 frames:

Primary Page: http://ci4.cn/wb/login.php
Frame ID: 860873224C63EBB8EE318730C08B074D
Requests: 13 HTTP requests in this frame

Frame: https://captcha.gtimg.com/1/template/drag_ele.html
Frame ID: 92F0F38D19C7A39DD9C57CEF2B5AD1C1
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

登录 | 微链接小工具

Page URL History Show full URLs

  1. https://t5-nehz-cn.pages.dev/ Page URL
  2. http://go.uiurl.cn/null HTTP 302
    http://ci4.cn/wb HTTP 301
    http://ci4.cn/wb/ Page URL
  3. http://ci4.cn/wb/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /TCaptcha\.js
  • captcha\.qq\.com/.*
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

81 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

8
IPs

4
Countries

583 kB
Transfer

1065 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t5-nehz-cn.pages.dev/ Page URL
  2. http://go.uiurl.cn/null HTTP 302
    http://ci4.cn/wb HTTP 301
    http://ci4.cn/wb/ Page URL
  3. http://ci4.cn/wb/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://go.uiurl.cn/null HTTP 302
  • http://ci4.cn/wb HTTP 301
  • http://ci4.cn/wb/

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
t5-nehz-cn.pages.dev/ 		58 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t5-nehz-cn.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2f07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
83fd849a2cca288c-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 03 Jan 2024 19:06:16 GMT
etag
W/"4f02bfa22ef1c2c7504b4da4c3cd08cb"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZqBQRuCAjH%2F%2F07ACG0ErUqYZh0TOXXiXGJjlaQy%2FIHcyB6xYVkKrtALrbOKbLNekk6xk6SWAA7HlE3ZRgJC8RhflaghB%2FNWVdHqZzp5Mbnvth6xz%2Bk7N9PiQIf%2FXBysmLFx7kLT2sxbF8NJFkWbINDXsw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
/
ci4.cn/wb/
Redirect Chain
  • http://go.uiurl.cn/null
  • http://ci4.cn/wb
  • http://ci4.cn/wb/
74 B
520 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ci4.cn/wb/
Requested by
Host: t5-nehz-cn.pages.dev
URL: https://t5-nehz-cn.pages.dev/
Protocol
HTTP/1.1
Server
129.226.12.154 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://t5-nehz-cn.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 03 Jan 2024 19:06:20 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Wed, 03 Jan 2024 19:06:19 GMT
Location
http://ci4.cn/wb/
Server
nginx
Strict-Transport-Security
max-age=31536000
Primary Request login.php
ci4.cn/wb/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ci4.cn/wb/login.php
Requested by
Host: ci4.cn
URL: http://ci4.cn/wb/
Protocol
HTTP/1.1
Server
129.226.12.154 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
ad0ecb06cba973c559a2a4aafc199693e244ead23c9cd1ca0d9cb3308da05c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ci4.cn/wb/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 03 Jan 2024 19:06:20 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
bootstrap.min.css
lib.baomitu.com/twitter-bootstrap/3.0.0/css/ 		95 KB
96 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lib.baomitu.com/twitter-bootstrap/3.0.0/css/bootstrap.min.css
Requested by
Host: ci4.cn
URL: http://ci4.cn/wb/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:c200:1d:80d9:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1cbda21998b65e08a7e936114cabd7f7783d0f590dd6efdd58c7faa8b6e7b9aa

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ci4.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 02:36:01 GMT
via
1.1 64287378cade03feddd2042bfe0ee6a4.cloudfront.net (CloudFront)
kcs-via
HIT from w-fc03.lato;MISS from w-sc01.lyct
x-qstatic-hit
1
x-amz-cf-pop
IAD79-C3
age
3601821
x-cache
Hit from cloudfront
content-length
97339
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
etag
W/"2cc37aeb3f12fe90"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
7wDrD9RO3znH-ATcFoXFdtGt9BSd8N5POGFIpUZefPjpcy8Y_G2eeg==
expires
Sun, 20 Nov 2033 02:36:01 GMT
style.css
ci4.cn/static/user/css/ 		74 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ci4.cn/static/user/css/style.css
Requested by
Host: ci4.cn
URL: http://ci4.cn/wb/login.php
Protocol
HTTP/1.1
Server
129.226.12.154 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
93e0685afc0f73fd3baee0c6199bde83c52dc017aa95e872fab657b08c24ef0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ci4.cn/wb/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Wed, 03 Jan 2024 19:06:20 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Sun, 10 Jan 2021 07:59:23 GMT
Server
nginx
ETag
W/"5ffab3db-12757"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Thu, 04 Jan 2024 07:06:20 GMT
jquery.min.js
lib.baomitu.com/jquery/2.1.1/ 		82 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.baomitu.com/jquery/2.1.1/jquery.min.js
Requested by
Host: ci4.cn
URL: http://ci4.cn/wb/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:c200:1d:80d9:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ci4.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 19:27:41 GMT
via
1.1 64287378cade03feddd2042bfe0ee6a4.cloudfront.net (CloudFront)
kcs-via
HIT from w-fc03.lato;MISS from w-sc09.zzzc
x-qstatic-hit
1
x-amz-cf-pop
IAD79-C3
age
8033921
x-cache
Hit from cloudfront
content-length
84280
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
etag
W/"f93b31915e4c7590"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
def9cw0EBlyvdx0BOLsgyx88RH66znrsiSMWc2b5x8W9F5SjSfrpOw==
expires
Thu, 29 Sep 2033 19:27:41 GMT
bootstrap.min.js
lib.baomitu.com/twitter-bootstrap/3.3.7/js/ 		36 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.baomitu.com/twitter-bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: ci4.cn
URL: http://ci4.cn/wb/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:c200:1d:80d9:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ci4.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 11:28:52 GMT
via
1.1 64287378cade03feddd2042bfe0ee6a4.cloudfront.net (CloudFront)
kcs-via
HIT from w-fc01.lato;MISS from w-sc09.zzzc
x-qstatic-hit
1
x-amz-cf-pop
IAD79-C3
age
6507450
x-cache
Hit from cloudfront
content-length
37045
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
etag
W/"5943be6f01e50b21"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
f8WJ6CCEV8D0fuN2xL1Qe22aIImF5hdScrrjH2bc4cg7tg19QnUkwA==
expires
Mon, 17 Oct 2033 11:28:52 GMT
layer.js
lib.baomitu.com/layer/3.1.1/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.baomitu.com/layer/3.1.1/layer.js
Requested by
Host: ci4.cn
URL: http://ci4.cn/wb/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:c200:1d:80d9:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1ce6649d82d2db0f8e4823f701ddfcfd9c7f107cb446c907e46ec7e57171a2a3

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ci4.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 03:50:00 GMT
via
1.1 64287378cade03feddd2042bfe0ee6a4.cloudfront.net (CloudFront)
kcs-via
HIT from w-fc01.lato;MISS from w-sc02.bjyt
x-qstatic-hit
1
x-amz-cf-pop
IAD79-C3
age
9558982
x-cache
Hit from cloudfront
content-length
22116
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
etag
W/"23e0be8538cb8cef"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
o0BtpQU8vZ_WPKHp0FWzNtA3535PGU7ggAISULA_r85hwwo9SWRF7g==
expires
Mon, 12 Sep 2033 03:50:00 GMT
TCaptcha.js
ssl.captcha.qq.com/ 		80 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.captcha.qq.com/TCaptcha.js
Requested by
Host: ci4.cn
URL: http://ci4.cn/wb/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2409:8c54:1040:9::120 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
Trpc httpd, tencent http server /
Resource Hash
b76928efeba08bbe2d7ccf6da63b9de77c633719756f2aa57b7030cf62eedfc8

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ci4.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Wed, 03 Jan 2024 19:06:21 GMT
Server
Trpc httpd, tencent http server
P3P
CP=CAO PSA OUR
Content-Type
text/javascript
Cache-Control
max-age=600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
81536
css
fonts.googleapis.com/ 		55 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
Requested by
Host: ci4.cn
URL: http://ci4.cn/static/user/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a4692a7234b95c9908d1a9068f1bc9191815a6b1d9e3b3b84ad12ee10caaaaee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ci4.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 Jan 2024 19:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 18:06:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Jan 2024 19:06:23 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://ci4.cn
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 09:17:23 GMT
x-content-type-options
nosniff
age
35340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jan 2025 09:17:23 GMT
layer.css
lib.baomitu.com/layer/3.1.1/theme/default/ 		14 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lib.baomitu.com/layer/3.1.1/theme/default/layer.css?v=3.1.1
Requested by
Host: lib.baomitu.com
URL: https://lib.baomitu.com/layer/3.1.1/layer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:208f:c200:1d:80d9:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ci4.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 10:30:01 GMT
via
1.1 64287378cade03feddd2042bfe0ee6a4.cloudfront.net (CloudFront)
kcs-via
HIT from w-fc03.lato;MISS from w-sc01.lyct
x-qstatic-hit
1
x-amz-cf-pop
IAD79-C3
age
6510982
x-cache
Hit from cloudfront
content-length
14367
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
etag
W/"ab6b9d5c5b5a0ac3"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
o2Inipwh2W2SMnt9goR6Zdj_2tj3-GZUWjrfTwMCLe2rFWswWVCnwA==
expires
Mon, 17 Oct 2033 10:30:01 GMT
tcaptcha-frame.28d99140.js
captcha.gtimg.com/1/ 		165 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.gtimg.com/1/tcaptcha-frame.28d99140.js
Requested by
Host: ssl.captcha.qq.com
URL: https://ssl.captcha.qq.com/TCaptcha.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.183.30 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
tencent-cos /
Resource Hash
a631e9946bd2da7e9c3654fce5c40ca8a2a5dffbb58b1ce5b783610298e14f70

Request headers

accept-language
en-US,en;q=0.9
Referer
http://ci4.cn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 03:14:15 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-cosindex-replication-status
Complete
x-cos-storage-class
MAZ_STANDARD
x-cos-request-id
NjU3YTczMDdfMjlmNzRjMGJfMjg1MjRfMTFmNjIyMmU=
x-cos-version-id
MTg0NDUwNDE1NTE0ODEwOTI3Mjg
content-length
53720
x-cos-hash-crc64ecma
15199421889656475905
last-modified
Thu, 14 Dec 2023 02:50:28 GMT
server
tencent-cos
etag
"706b3daf5cb9e7f198fd91c8ce9d727a"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
3960777498317205359
accept-ranges
bytes
drag_ele.html
captcha.gtimg.com/1/template/ Frame 92F0 		62 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://captcha.gtimg.com/1/template/drag_ele.html
Requested by
Host: captcha.gtimg.com
URL: https://captcha.gtimg.com/1/tcaptcha-frame.28d99140.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.183.30 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Trpc httpd tencent http server /
Resource Hash
b2891da06390147ce9f4e381d473feddb9bdc5d2d7845971a0fcd0bc2132e57f

Request headers

Referer
http://ci4.cn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=0
content-encoding
gzip
content-length
23308
content-type
text/html
date
Thu, 14 Dec 2023 07:37:14 GMT
p3p
CP=CAO PSA OUR
pragma
No-cache
server
Trpc httpd tencent http server
x-cache-lookup
Cache Hit
x-nws-log-uuid
14276722010645414473
dy-jy.js
captcha.gtimg.com/1/ Frame 92F0 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.gtimg.com/1/dy-jy.js
Requested by
Host: captcha.gtimg.com
URL: https://captcha.gtimg.com/1/template/drag_ele.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.183.30 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
tencent-cos /
Resource Hash
91068663fee39b77cfb4474d80593b810fd77151f9b74758a77b5e1fcbbfa33a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://captcha.gtimg.com/1/template/drag_ele.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 06:43:01 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-cosindex-replication-status
Complete
x-cos-storage-class
MAZ_STANDARD
x-cos-request-id
NjU2NmRkNzVfOWZjYzNiMGJfMjMwNmNfZmUyMTk0Nw==
x-cos-version-id
MTg0NDUwNzA3MzQ0OTUxODA5Mjk
content-length
33841
x-cos-hash-crc64ecma
17706959839496341509
last-modified
Tue, 10 Jan 2023 08:26:54 GMT
server
tencent-cos
etag
"303dbb4b8a1e11044ed428151f047b12"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
1079798433748543990
accept-ranges
bytes
dy-ele.b2eedcdd.js
captcha.gtimg.com/1/ Frame 92F0 		163 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.gtimg.com/1/dy-ele.b2eedcdd.js
Requested by
Host: captcha.gtimg.com
URL: https://captcha.gtimg.com/1/template/drag_ele.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.183.30 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
tencent-cos /
Resource Hash
40fee6fd9e020fb88b09f7f95524f0803c05a7e7a528ff6fa6718819d1d542e8

Request headers

Referer
https://captcha.gtimg.com/1/template/drag_ele.html
Origin
https://captcha.gtimg.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 03:08:54 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
x-cosindex-replication-status
Complete
x-cos-trace-id
OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OWE4OGMxZjNjY2JiNTBmMTVmMWY1MzAzYzkyZGQ2ZWM4Mzg4NGU3YTZkZjZlMDQzZTZmMWE5NjBlMmRiZDc4OTE=
x-cos-storage-class
MAZ_STANDARD
x-cos-request-id
NjU3YTcxYzZfMTYzNjQwMGJfMTIyNV8xMjhkMjFkOQ==
x-cos-version-id
MTg0NDUwNDE1NTE0ODExNTYxMDg
content-length
53452
x-cos-hash-crc64ecma
2367685738240469391
last-modified
Thu, 14 Dec 2023 02:50:28 GMT
server
tencent-cos
etag
"6971992c672b34568dca8f57414037f3"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
10931446665988683488
accept-ranges
bytes
truncated
/ Frame 92F0 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5364fa6823567959a41816ee2c4d6574173a5c7f959dee316c3986377f5f034d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 92F0 		894 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ba8a44c192bf4c1574f1cb702b9284c538930087c723f48da1a070c3e311060

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 92F0 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df8beb4ef505f691e502f07b2c2912e13f8c4e1d31c3a34bdbe2b1bd4ecec9e0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 92F0 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f31e465fb35136b2c3f7b0536a0a9e53de6ba909cba8ec3a71e96b3ac2efa160

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 92F0 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42d681b5f02d2dabf923cbae61fc345c20de79978e81facb76bff8ce48be9b0f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 92F0 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef73275cc4315120438d0603c951e7e95b073be2826522230b5c7f081718e8b9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 92F0 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a27081a215b719163e28a0a91f27baa4f92b00db98a61759be6d96fe34467fbe

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 92F0 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c85785b7d535905a50d441e982daa1333674e62924772b4ae5bc502ef47e98b4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 92F0 		96 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88bbd2b60ebb24de3f714477e760110ab86842f88f4db455627982356d0edf17

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 92F0 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02a58e6412f474b7393c5bfbad51a827a857cb5a51c9e281132a258755eb3db7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 92F0 		396 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
559420983d3f31a375b730af639621b5cc42ce839627f5eda62bc4981ed0d7c5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 92F0 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aee3757d527819580fb523a50c93fa9bda00f8238844a4d79c1c5c37ce2a4104

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| layer boolean| __TencentCaptchaExists__ boolean| TCaptchaGlobal string| AqSCodeCapDomain string| AqSCodeCdnDomain function| TencentCaptcha function| login function| keyListener function| TCapMsg function| AqSCode

3 Cookies

Domain/Path Name / Value
go.uiurl.cn/ Name: PHPSESSID
Value: hj4oqtb51e6tvi1n8c9jf8k1fg
ci4.cn/ Name: X_CACHE_KEY
Value: 963ebf1517e40c4ae9f53fe321579c3a
ci4.cn/ Name: PHPSESSID
Value: 8lc62qoc410jnd49b6ao7n3u35

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

captcha.gtimg.com
ci4.cn
fonts.googleapis.com
fonts.gstatic.com
go.uiurl.cn
lib.baomitu.com
ssl.captcha.qq.com
t5-nehz-cn.pages.dev
106.52.50.96
129.226.12.154
2409:8c54:1040:9::120
2600:9000:208f:c200:1d:80d9:9400:93a1
2606:4700:310c::ac42:2f07
2607:f8b0:4004:c0b::5f
2607:f8b0:4004:c1b::5e
43.152.183.30
02a58e6412f474b7393c5bfbad51a827a857cb5a51c9e281132a258755eb3db7
1cbda21998b65e08a7e936114cabd7f7783d0f590dd6efdd58c7faa8b6e7b9aa
1ce6649d82d2db0f8e4823f701ddfcfd9c7f107cb446c907e46ec7e57171a2a3
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
40fee6fd9e020fb88b09f7f95524f0803c05a7e7a528ff6fa6718819d1d542e8
42d681b5f02d2dabf923cbae61fc345c20de79978e81facb76bff8ce48be9b0f
5364fa6823567959a41816ee2c4d6574173a5c7f959dee316c3986377f5f034d
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
559420983d3f31a375b730af639621b5cc42ce839627f5eda62bc4981ed0d7c5
5ba8a44c192bf4c1574f1cb702b9284c538930087c723f48da1a070c3e311060
88bbd2b60ebb24de3f714477e760110ab86842f88f4db455627982356d0edf17
91068663fee39b77cfb4474d80593b810fd77151f9b74758a77b5e1fcbbfa33a
93e0685afc0f73fd3baee0c6199bde83c52dc017aa95e872fab657b08c24ef0c
a27081a215b719163e28a0a91f27baa4f92b00db98a61759be6d96fe34467fbe
a4692a7234b95c9908d1a9068f1bc9191815a6b1d9e3b3b84ad12ee10caaaaee
a631e9946bd2da7e9c3654fce5c40ca8a2a5dffbb58b1ce5b783610298e14f70
ad0ecb06cba973c559a2a4aafc199693e244ead23c9cd1ca0d9cb3308da05c52
aee3757d527819580fb523a50c93fa9bda00f8238844a4d79c1c5c37ce2a4104
b2891da06390147ce9f4e381d473feddb9bdc5d2d7845971a0fcd0bc2132e57f
b76928efeba08bbe2d7ccf6da63b9de77c633719756f2aa57b7030cf62eedfc8
c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079
c85785b7d535905a50d441e982daa1333674e62924772b4ae5bc502ef47e98b4
df8beb4ef505f691e502f07b2c2912e13f8c4e1d31c3a34bdbe2b1bd4ecec9e0
e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc
ef73275cc4315120438d0603c951e7e95b073be2826522230b5c7f081718e8b9
f31e465fb35136b2c3f7b0536a0a9e53de6ba909cba8ec3a71e96b3ac2efa160