urlscan.io logo urlscan.io
SecurityTrails logo

user.ipip.net Open in urlscan Pro
172.67.70.90  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://user.ipip.net/
Effective URL: http://user.ipip.net/login.php?r=http%3A%2F%2Fuser.ipip.net%2F
Submission: On September 05 via manual from HK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 5 domains to perform 18 HTTP transactions. The main IP is 172.67.70.90, located in United States and belongs to CLOUDFLARENET, US. The main domain is user.ipip.net.
This is the only time user.ipip.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 172.67.70.90 13335 (CLOUDFLAR...)
4 104.26.11.70 13335 (CLOUDFLAR...)
1 2402:4e00:803... 45090 (CNNIC-TEN...)
1 2402:e7c0:0:2... 59078 (YUNIFY-NE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 240e:ab:b220:... 4134 (CHINANET-...)
2 103.235.46.191 55967 (BAIDU Bei...)
1 104.26.10.70 13335 (CLOUDFLAR...)
1 2402:4e00:143... 45090 (CNNIC-TEN...)
18 11
3    172.67.70.90 (United States)

ASN13335 (CLOUDFLARENET, US)
user.ipip.net
4    104.26.11.70 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.ipip.net
1    2402:4e00:8030:1::71 (China)

ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
ssl.captcha.qq.com
1    2402:e7c0:0:200::4 (China)

ASN59078 (YUNIFY-NET Yunify Technologies Inc., CN)
ajs.ipip.net
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    240e:ab:b220:400:30:: (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
captcha.gtimg.com
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    104.26.10.70 (United States)

ASN13335 (CLOUDFLARENET, US)
www.ipip.net
1    2402:4e00:1430:1301:0:93e4:1d02:5ec8 (China)

ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
t.captcha.qq.com
Domain Requested by
4 cdn.ipip.net user.ipip.net
3 captcha.gtimg.com ssl.captcha.qq.com
t.captcha.qq.com
3 user.ipip.net 1 redirects user.ipip.net
2 hm.baidu.com user.ipip.net
2 www.google-analytics.com user.ipip.net
www.google-analytics.com
1 t.captcha.qq.com captcha.gtimg.com
1 www.ipip.net ajs.ipip.net
1 ajs.ipip.net user.ipip.net
1 ssl.captcha.qq.com user.ipip.net
0 9f3035b4-689317.skt.ipip.net Failed user.ipip.net
18 10
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-18 -
2022-06-17		 a year crt.sh
*.captcha.qq.com
DigiCert Secure Site CN CA G3		 2020-11-12 -
2021-12-10		 a year crt.sh
*.ipip.net
TrustAsia TLS ECC CA		 2021-01-21 -
2022-01-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
d3g.qq.com
DigiCert Secure Site CN CA G3		 2021-07-05 -
2022-08-05		 a year crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2021-07-01 -
2022-08-02		 a year crt.sh

This page contains 2 frames:

Primary Page: http://user.ipip.net/login.php?r=http%3A%2F%2Fuser.ipip.net%2F
Frame ID: 0BA846E11670ED3784F04ED777F7CA0D
Requests: 15 HTTP requests in this frame

Frame: https://t.captcha.qq.com/template/drag_ele.html?t=1630826406600
Frame ID: 0C2AEEFFC3360CA19C6E4E5BAC0FA103
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

专业的 IP 地址库_IPIP.NET

Page URL History Show full URLs

  1. http://user.ipip.net/ HTTP 302
    http://user.ipip.net/login.php?r=http%3A%2F%2Fuser.ipip.net%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/TCaptcha\.js/i

Page Statistics

18
Requests

78 %
HTTPS

60 %
IPv6

5
Domains

10
Subdomains

11
IPs

4
Countries

246 kB
Transfer

727 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://user.ipip.net/ HTTP 302
    http://user.ipip.net/login.php?r=http%3A%2F%2Fuser.ipip.net%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set login.php
user.ipip.net/
Redirect Chain
  • http://user.ipip.net/
  • http://user.ipip.net/login.php?r=http%3A%2F%2Fuser.ipip.net%2F
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://user.ipip.net/login.php?r=http%3A%2F%2Fuser.ipip.net%2F
Protocol
HTTP/1.1
Server
172.67.70.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55265cb97921bb8464a4f28392c51ded04ee0418f577f1b35e00f52eb45a79de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
user.ipip.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
LOVEAPP_SESSID=f4d5fe89213b0e613656b1b8bf574b9c705f77ab
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 07:20:02 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-cache
Set-Cookie
login_r=http%253A%252F%252Fuser.ipip.net%252F; expires=Tue, 05-Oct-2021 07:20:02 GMT; Max-Age=2592000; path=/; domain=.ipip.net
Strict-Transport-Security
max-age=31536000; includeSubDomains
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xiaimTC9maecnOmVZmmOKD8SwazNvQi7BsqSyf5KcipGOknX52RoQNjhbfPfEuL%2BF5%2F0Rkr%2F7Tfn1Vq%2B9c7POKZIuORPhQlUI%2FJKWJW9PioEy1zrc0K%2FprjEBUkQl6s%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
689db157fd82dfbf-FRA
Content-Encoding
gzip

Redirect headers

Date
Sun, 05 Sep 2021 07:20:02 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache
Set-Cookie
LOVEAPP_SESSID=f4d5fe89213b0e613656b1b8bf574b9c705f77ab; path=/; domain=.ipip.net
Location
/login.php?r=http%3A%2F%2Fuser.ipip.net%2F
Strict-Transport-Security
max-age=31536000; includeSubDomains
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bK5PCGcC4fPsKqnoUey4r5lnVwNjFcbLpqEG37aeuoDzw7Q3ZwT6c%2BEBhWaPZVqlMy86f2qelp7JsQHaWjlrXDqgyXceyeyDqnohwkenaz9qofJwUcoLgHrpUHCYYYA%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
689db1522d94dfbf-FRA
style.css
cdn.ipip.net/frontend/bootstrap/3.2.0/css/bootstrap.min.css,/loveapp/ipip/www_v2/theme/css/ 		122 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ipip.net/frontend/bootstrap/3.2.0/css/bootstrap.min.css,/loveapp/ipip/www_v2/theme/css/style.css?858297.css
Requested by
Host: user.ipip.net
URL: http://user.ipip.net/login.php?r=http%3A%2F%2Fuser.ipip.net%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bf457cf070c749583da49d7fa14ef9aca040eb0dd7c86537586c4fb24130036

Request headers

Referer
http://user.ipip.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 07:20:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 25 Jun 2020 03:15:28 GMT
server
cloudflare
age
334674
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BePqKlue5Osaqwl0v89RRX%2FyZql7s6z1ph5ZL9MS1vrNuRgkGQ0NRVVLpJrUikcVODidCmHp2nN5t1K1SdwGabdpBd%2BkAlMpCDn8mlGRYrQwFLbvIJYxiWaE64%2Bng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
689db15acf2c05d0-FRA
expires
Thu, 01 Sep 2022 10:22:09 GMT
jquery.min.js
cdn.ipip.net/loveapp/theme/jslib/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ipip.net/loveapp/theme/jslib/jquery.min.js
Requested by
Host: user.ipip.net
URL: http://user.ipip.net/login.php?r=http%3A%2F%2Fuser.ipip.net%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a7eaa431b896fa0f0bcf076c3aabe150c27eeff9c21ef3deda9d802403dbe58

Request headers

Referer
http://user.ipip.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 07:20:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 29 Nov 2015 05:40:33 GMT
server
cloudflare
age
264249
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypBeNBUvQYwrI99FCyfoo4C1f74VkoCQ%2BBb%2Blb9nwdbR0UpMo4oOF48oVSw9yE0PgB7QptDO6JrTAWE3fTQiI8l6JlfNJwVLu0ACr2b8dDF5rPQ2N6%2FHwo022%2BDrtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
689db15acf3005d0-FRA
expires
Fri, 02 Sep 2022 05:55:54 GMT
bootstrap.min.js
cdn.ipip.net/frontend/bootstrap/3.2.0/js/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ipip.net/frontend/bootstrap/3.2.0/js/bootstrap.min.js
Requested by
Host: user.ipip.net
URL: http://user.ipip.net/login.php?r=http%3A%2F%2Fuser.ipip.net%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80dd0bf2cc74bba3401f0088bb3b049b92250532355b61cdd03bc2059bb66b60

Request headers

Referer
http://user.ipip.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 07:20:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 29 Nov 2015 05:39:45 GMT
server
cloudflare
age
958442
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaUFFrP7HthRn%2FQNCJG3Ii626fmzQkiyQjt4t8Uus633xxLk5qjmav6I4E572nDQPX5%2BWnsS05zb0i2rARb9GDht04tI0E7A0b0xYWVkuFxXq7gX5dA8vlrijM3j8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
689db15acf3205d0-FRA
expires
Thu, 25 Aug 2022 05:06:01 GMT
Logo_IPIP.png
cdn.ipip.net/loveapp/ipip/www_v2/theme/css/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ipip.net/loveapp/ipip/www_v2/theme/css/img/Logo_IPIP.png
Requested by
Host: user.ipip.net
URL: http://user.ipip.net/login.php?r=http%3A%2F%2Fuser.ipip.net%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fa7ca8081f65979e23ea8ff11b177838b85b2079158b8e10332b1cb3196230

Request headers

Referer
http://user.ipip.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 07:20:03 GMT
cf-cache-status
HIT
last-modified
Thu, 03 May 2018 06:52:54 GMT
server
cloudflare
age
4574387
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSxWaUF8wn5nlUdiA3u6dnY%2FosJARNk4B%2FRJssFYSfyWkGBP8iORgT%2BxiA2qON1kSSgCu0Ps8DURvvxqQ6xFTFjoGpTiDRKkLBCyZZrl4HtWSwoR4VjPbgP9TallpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
689db15b3ff905d0-FRA
content-length
1873
expires
Thu, 14 Jul 2022 08:40:16 GMT
TCaptcha.js
ssl.captcha.qq.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.captcha.qq.com/TCaptcha.js
Requested by
Host: user.ipip.net
URL: http://user.ipip.net/login.php?r=http%3A%2F%2Fuser.ipip.net%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2402:4e00:8030:1::71 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
tencent http server /
Resource Hash
7c13f4f7816836d372fd07eee00695a091418497440a1b2e29f53a4ddd7863d0

Request headers

Referer
http://user.ipip.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 07:20:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Jul 2021 14:12:00 GMT
Server
tencent http server
Vary
Accept-Encoding
P3P
CP=CAO PSA OUR
Cache-Control
max-age=600
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript
email-decode.min.js
user.ipip.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://user.ipip.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: user.ipip.net
URL: http://user.ipip.net/login.php?r=http%3A%2F%2Fuser.ipip.net%2F
Protocol
HTTP/1.1
Server
172.67.70.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
user.ipip.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Referer
http://user.ipip.net/login.php?r=http%3A%2F%2Fuser.ipip.net%2F
Cookie
LOVEAPP_SESSID=f4d5fe89213b0e613656b1b8bf574b9c705f77ab; login_r=http%253A%252F%252Fuser.ipip.net%252F
Connection
keep-alive
Cache-Control
no-cache
Referer
http://user.ipip.net/login.php?r=http%3A%2F%2Fuser.ipip.net%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 07:20:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Last-Modified
Wed, 01 Sep 2021 15:49:24 GMT
Server
cloudflare
ETag
W/"612fa104-4d7"
X-Frame-Options
DENY
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPHGg%2FbHw5PWA6Sw5QsRx6%2BmInMECtHC5Mxk4hw8G6c5szHKnh2WdtxAWXO%2FLTSunq6ef3NT0tR2MTzZA0iStCHjGwKv5LcPaJJb7GrV2VBs%2FByx0NlAiakk24dy7UI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=172800 public
CF-RAY
689db15b296fdfbf-FRA
Expires
Tue, 07 Sep 2021 07:20:03 GMT
ipip.js
ajs.ipip.net/ 		131 B
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ajs.ipip.net/ipip.js
Requested by
Host: user.ipip.net
URL: http://user.ipip.net/login.php?r=http%3A%2F%2Fuser.ipip.net%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2402:e7c0:0:200::4 , China, ASN59078 (YUNIFY-NET Yunify Technologies Inc., CN),
Reverse DNS
Software
/
Resource Hash
b1dce12e58f8960f4dca18007ed9bb2e2d209e1181b267ae2bd5ae92668aae41

Request headers

Referer
http://user.ipip.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 07:20:04 GMT
Connection
close
Content-Length
131
Content-Type
text/plain; charset=utf-8
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.google-analytics.com/analytics.js
Requested by
Host: user.ipip.net
URL: http://user.ipip.net/login.php?r=http%3A%2F%2Fuser.ipip.net%2F
Protocol
HTTP/1.1
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://user.ipip.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11 Aug 2021 00:32:57 GMT
Server
Golfe2
Age
6395
Date
Sun, 05 Sep 2021 05:33:28 GMT
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=7200
Cross-Origin-Resource-Policy
cross-origin
Content-Length
19747
Expires
Sun, 05 Sep 2021 07:33:28 GMT
collect
www.google-analytics.com/j/ 		2 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=787713125&t=pageview&_s=1&dl=http%3A%2F%2Fuser.ipip.net%2Flogin.php%3Fr%3Dhttp%253A%252F%252Fuser.ipip.net%252F&ul=en-us&de=UTF-8&dt=%E4%B8%93%E4%B8%9A%E7%9A%84%20IP%20%E5%9C%B0%E5%9D%80%E5%BA%93_IPIP.NET&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=928507342&gjid=465840901&cid=1854574741.1630826403&tid=UA-28114143-1&_gid=1922767768.1630826403&_r=1&_slc=1&z=1671630053
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://user.ipip.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Sep 2021 07:20:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://user.ipip.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
tcaptcha-frame.a75be429.js
captcha.gtimg.com/1/ 		93 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.gtimg.com/1/tcaptcha-frame.a75be429.js
Requested by
Host: ssl.captcha.qq.com
URL: https://ssl.captcha.qq.com/TCaptcha.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:ab:b220:400:30:: , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
NWS_CDN_V6 /
Resource Hash
1d12d1245930bc2a33eae0ccc7d23df1da400c1fbb84b2687d13db5802c79833

Request headers

Referer
http://user.ipip.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 07:20:06 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Fri, 13 Aug 2021 07:39:18 GMT
server
NWS_CDN_V6
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
max-age=1800
x-nws-log-uuid
1f467512-55e1-4a88-8047-0928542d4d59
content-type
application/javascript
content-length
29837
expires
Sun, 05 Sep 2021 07:50:06 GMT
/
9f3035b4-689317.skt.ipip.net/ 		0
0
hm.js
hm.baidu.com/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?6b4a9140aed51e46402f36e099e37baf
Requested by
Host: user.ipip.net
URL: http://user.ipip.net/login.php?r=http%3A%2F%2Fuser.ipip.net%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
ae983c66b7d98195a6dc2b1902a5f7f6ef6c6b1208198bedfff5f013a7b1ccaf
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
http://user.ipip.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 05 Sep 2021 07:20:05 GMT
Content-Encoding
gzip
Server
apache
Etag
001db73de6c4683979f42fb2ce042b41
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
15287
f470a5012a0104f80121131a07826f7f.js
www.ipip.net/ajs/ipip/ 		0
527 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ipip.net/ajs/ipip/f470a5012a0104f80121131a07826f7f.js
Requested by
Host: ajs.ipip.net
URL: https://ajs.ipip.net/ipip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://user.ipip.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 05 Sep 2021 07:20:05 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 05 Sep 2021 07:20:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pipp8Nax3nC%2FG4H1hCJVquXl8SMAL4ZeD8KZQy%2B%2BrNP7RAIKPHPfZmmrkl%2BLlEoKlZ4MSGKp5rWTFkdMcL9GtDnzUsXEXcGz5Cgtft%2Bk78AiLpZlbUXN1m4vdjqwbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
689db1645a61061c-FRA
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1388412621&si=6b4a9140aed51e46402f36e099e37baf&v=1.2.84&lv=1&sn=53466&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fuser.ipip.net%2Flogin.php%3Fr%3Dhttp%253A%252F%252Fuser.ipip.net%252F&tt=%E4%B8%93%E4%B8%9A%E7%9A%84%20IP%20%E5%9C%B0%E5%9D%80%E5%BA%93_IPIP.NET
Requested by
Host: user.ipip.net
URL: http://user.ipip.net/login.php?r=http%3A%2F%2Fuser.ipip.net%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
http://user.ipip.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 05 Sep 2021 07:20:06 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
drag_ele.html
t.captcha.qq.com/template/ Frame 0C2A 		31 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.captcha.qq.com/template/drag_ele.html?t=1630826406600
Requested by
Host: captcha.gtimg.com
URL: https://captcha.gtimg.com/1/tcaptcha-frame.a75be429.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2402:4e00:1430:1301:0:93e4:1d02:5ec8 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
tencent http server /
Resource Hash
050bca16d7da5d5b45377d514d2b051c5a2ecd231eff21488fc09240cfb3c053

Request headers

Host
t.captcha.qq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://user.ipip.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
http://user.ipip.net/

Response headers

Date
Sun, 05 Sep 2021 07:20:08 GMT
Content-Type
text/html
Content-Length
31408
Connection
keep-alive
Server
tencent http server
Accept-Ranges
bytes
Pragma
No-cache
P3P
CP=CAO PSA OUR
drag-jy.js
captcha.gtimg.com/1/ Frame 0C2A 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.gtimg.com/1/drag-jy.js
Requested by
Host: t.captcha.qq.com
URL: https://t.captcha.qq.com/template/drag_ele.html?t=1630826406600
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:ab:b220:400:30:: , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
NWS_CDN_V6 /
Resource Hash
91068663fee39b77cfb4474d80593b810fd77151f9b74758a77b5e1fcbbfa33a

Request headers

Origin
https://t.captcha.qq.com
Referer
https://t.captcha.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 07:20:09 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Wed, 30 Jun 2021 03:39:07 GMT
server
NWS_CDN_V6
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
max-age=1800
x-nws-log-uuid
7b810fcc-dac1-40e4-ba23-8bcf6a637f20
content-type
application/javascript
content-length
33841
expires
Sun, 05 Sep 2021 07:50:09 GMT
drag-ele.e1c4a60c.js
captcha.gtimg.com/1/ Frame 0C2A 		132 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.gtimg.com/1/drag-ele.e1c4a60c.js
Requested by
Host: t.captcha.qq.com
URL: https://t.captcha.qq.com/template/drag_ele.html?t=1630826406600
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:ab:b220:400:30:: , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
NWS_CDN_V6 /
Resource Hash
6ab17f7ffd263d88b906f11a8648486c80caedb115059b1adba327a0ad1b668b

Request headers

Origin
https://t.captcha.qq.com
Referer
https://t.captcha.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 05 Sep 2021 07:20:09 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Fri, 13 Aug 2021 07:39:18 GMT
server
NWS_CDN_V6
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
must-revalidate, max-age=1800
x-nws-log-uuid
e6660517-c41d-4c86-87e4-ec793692704c
content-type
application/javascript
content-length
34246
expires
Sun, 05 Sep 2021 07:50:09 GMT
truncated
/ Frame 0C2A 		96 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88bbd2b60ebb24de3f714477e760110ab86842f88f4db455627982356d0edf17

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0C2A 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02a58e6412f474b7393c5bfbad51a827a857cb5a51c9e281132a258755eb3db7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0C2A 		651 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd9c225bfcf8e04e80dd839fa0660e92ae533167e1d707fe4d8a5b57d1718c45

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0C2A 		612 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac7b1f0233ef528a1e630b5680f497c48dad0164da718961aa76e2bacf5de6c5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0C2A 		597 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16a4969a8bef7595706c99368148d4e8fed12f550fadf5c96ffcf57ba3f738ed

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0C2A 		396 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
559420983d3f31a375b730af639621b5cc42ce839627f5eda62bc4981ed0d7c5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
9f3035b4-689317.skt.ipip.net
URL
https://9f3035b4-689317.skt.ipip.net/

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| jQuery17209527074567893865 string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| __TencentCaptchaExists__ string| AqSCodeCapDomain function| TencentCaptcha object| captcha1 string| k string| d object| _hmt boolean| _bdhm_loaded_6b4a9140aed51e46402f36e099e37baf object| mini_tangram_log_tygqvw function| TCapMsg function| AqSCode

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9f3035b4-689317.skt.ipip.net
ajs.ipip.net
captcha.gtimg.com
cdn.ipip.net
hm.baidu.com
ssl.captcha.qq.com
t.captcha.qq.com
user.ipip.net
www.google-analytics.com
www.ipip.net
9f3035b4-689317.skt.ipip.net
103.235.46.191
104.26.10.70
104.26.11.70
172.67.70.90
2402:4e00:1430:1301:0:93e4:1d02:5ec8
2402:4e00:8030:1::71
2402:e7c0:0:200::4
240e:ab:b220:400:30::
2a00:1450:4001:80f::200e
2a00:1450:4001:82a::200e
02a58e6412f474b7393c5bfbad51a827a857cb5a51c9e281132a258755eb3db7
050bca16d7da5d5b45377d514d2b051c5a2ecd231eff21488fc09240cfb3c053
0a7eaa431b896fa0f0bcf076c3aabe150c27eeff9c21ef3deda9d802403dbe58
16a4969a8bef7595706c99368148d4e8fed12f550fadf5c96ffcf57ba3f738ed
1d12d1245930bc2a33eae0ccc7d23df1da400c1fbb84b2687d13db5802c79833
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
55265cb97921bb8464a4f28392c51ded04ee0418f577f1b35e00f52eb45a79de
559420983d3f31a375b730af639621b5cc42ce839627f5eda62bc4981ed0d7c5
6ab17f7ffd263d88b906f11a8648486c80caedb115059b1adba327a0ad1b668b
7c13f4f7816836d372fd07eee00695a091418497440a1b2e29f53a4ddd7863d0
80dd0bf2cc74bba3401f0088bb3b049b92250532355b61cdd03bc2059bb66b60
88bbd2b60ebb24de3f714477e760110ab86842f88f4db455627982356d0edf17
8bf457cf070c749583da49d7fa14ef9aca040eb0dd7c86537586c4fb24130036
91068663fee39b77cfb4474d80593b810fd77151f9b74758a77b5e1fcbbfa33a
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
ac7b1f0233ef528a1e630b5680f497c48dad0164da718961aa76e2bacf5de6c5
ae983c66b7d98195a6dc2b1902a5f7f6ef6c6b1208198bedfff5f013a7b1ccaf
b1dce12e58f8960f4dca18007ed9bb2e2d209e1181b267ae2bd5ae92668aae41
cd9c225bfcf8e04e80dd839fa0660e92ae533167e1d707fe4d8a5b57d1718c45
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fa7ca8081f65979e23ea8ff11b177838b85b2079158b8e10332b1cb3196230
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62