urlscan.io logo urlscan.io
SecurityTrails logo

gf889.com Open in urlscan Pro
103.214.167.182  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gf889.com/
Effective URL: https://gf889.com/index/sign/sign.html
Submission: On April 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 103.214.167.182, located in Hong Kong and belongs to POWERLINE-AS-AP POWER LINE DATACENTER, HK. The main domain is gf889.com.
TLS certificate: Issued by R3 on April 10th 2024. Valid for: 3 months.
This is the only time gf889.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 103.214.167.182 132839 (POWERLINE...)
1 150.138.188.49 58541 (CHINATELE...)
1 2404:2280:1cc... 24429 (TAOBAO Zh...)
1 124.220.203.60 45090 (TENCENT-N...)
10 5
Apex Domain
Subdomains		 Transfer
8 gf889.com
gf889.com
65 KB
1 dcloud.net.cn
cdn.dcloud.net.cn — Cisco Umbrella Rank: 77865
579 B
1 alicdn.com
at.alicdn.com — Cisco Umbrella Rank: 16596
55 KB
1 bdimg.com
apps.bdimg.com — Cisco Umbrella Rank: 134617
30 KB
10 4
Domain Requested by
8 gf889.com 1 redirects gf889.com
1 cdn.dcloud.net.cn gf889.com
1 at.alicdn.com gf889.com
1 apps.bdimg.com gf889.com
10 4

This site contains no links.

Subject Issuer Validity Valid
fe088.com
R3		 2024-04-10 -
2024-07-09		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
*.tbcdn.cn
GlobalSign Organization Validation CA - SHA256 - G3		 2023-12-26 -
2024-07-30		 7 months crt.sh
*.dcloud.net.cn
Certum Domain Validation CA SHA2		 2023-08-05 -
2024-09-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://gf889.com/index/sign/sign.html
Frame ID: 29610CEC36F9496E1A520B77A0DFE3DD
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://gf889.com/ HTTP 302
    https://gf889.com/index/sign/sign.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

154 kB
Transfer

378 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gf889.com/ HTTP 302
    https://gf889.com/index/sign/sign.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sign.html
gf889.com/index/sign/
Redirect Chain
  • https://gf889.com/
  • https://gf889.com/index/sign/sign.html
15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gf889.com/index/sign/sign.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.167.182 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
13c7905e135fdd1a9589cdd0d47235a27190f69fae69b9f89f76f78e1cbab92f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 13 Apr 2024 21:52:44 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

access-control-allow-headers
x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE
access-control-allow-origin
*
content-type
text/html; charset=utf-8
date
Sat, 13 Apr 2024 21:52:44 GMT
location
/index/sign/sign.html
server
nginx
strict-transport-security
max-age=31536000
index.63b34199.css
gf889.com/static/ 		117 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gf889.com/static/index.63b34199.css
Requested by
Host: gf889.com
URL: https://gf889.com/index/sign/sign.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.167.182 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
cb6baf10b13119ab83a77c081e1b8f1b9f665c8d2593fa21caf23c6f15014b11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gf889.com/index/sign/sign.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 21:52:45 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 06 Sep 2023 03:19:52 GMT
server
nginx
etag
W/"64f7efd8-1d34f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sun, 14 Apr 2024 09:52:45 GMT
sign1.css
gf889.com/static/css/ 		45 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gf889.com/static/css/sign1.css
Requested by
Host: gf889.com
URL: https://gf889.com/index/sign/sign.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.167.182 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
0bb24fe14acf780648dd00dc283328a738c4d2b772c4f06341bb9025b7d7e6b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gf889.com/index/sign/sign.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 21:52:45 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 14 Aug 2023 09:11:20 GMT
server
nginx
etag
W/"64d9efb8-b309"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sun, 14 Apr 2024 09:52:45 GMT
app2.png
gf889.com/static/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gf889.com/static/app2.png
Requested by
Host: gf889.com
URL: https://gf889.com/index/sign/sign.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.167.182 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
e33ed601040fc41ce22f9ac759b03e5d2a2ba9f97981ff3dfc0a957218621753
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gf889.com/index/sign/sign.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 21:52:45 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 06 Sep 2023 08:51:28 GMT
server
nginx
etag
"64f83d90-70f"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1807
expires
Mon, 13 May 2024 21:52:45 GMT
jquery.min.js
apps.bdimg.com/libs/jquery/2.1.4/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.bdimg.com/libs/jquery/2.1.4/jquery.min.js
Requested by
Host: gf889.com
URL: https://gf889.com/index/sign/sign.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
150.138.188.49 , China, ASN58541 (CHINATELECOM-SHANDONG-QINGDAO-IDC Qingdao,266000, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gf889.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 21:52:46 GMT
content-encoding
br
ohc-cache-hit
qd5ct82 [2], nb2ctcache82 [2]
ohc-response-time
1 0 0 0 0 0
last-modified
Wed, 03 Jun 2015 05:58:22 GMT
server
JSP3/2.0.14
age
1240329
etag
"556e977e-1497d"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
accept-ranges
bytes
ohc-global-saved-time
Fri, 22 Mar 2024 02:19:44 GMT
expires
Sun, 21 Apr 2024 02:19:44 GMT
layer.js
gf889.com/static/js/layer/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gf889.com/static/js/layer/layer.js
Requested by
Host: gf889.com
URL: https://gf889.com/index/sign/sign.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.167.182 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
734ecf618ba915989bffbea219e006869bd609d2f96592a6dff6d6618b79120d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gf889.com/index/sign/sign.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 21:52:45 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 28 Mar 2024 14:40:15 GMT
server
nginx
etag
W/"6605814f-9693"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sun, 14 Apr 2024 09:52:45 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9f8017908917bea9904ea74be576033059808207dd4b059c31a7cf7157ac69e

Request headers

Referer
Origin
https://gf889.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2
font_2225171_8kdcwk4po24.ttf
at.alicdn.com/t/ 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://at.alicdn.com/t/font_2225171_8kdcwk4po24.ttf
Requested by
Host: gf889.com
URL: https://gf889.com/static/css/sign1.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:715::3fb , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
4bc8cc97559c0a52ea4f5ce0563e1bf3a7f89d660f74792e662e76d49eae4707

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gf889.com/
Origin
https://gf889.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 21:52:46 GMT
via
cache14.l2de2[415,414,200-0,M], cache8.l2de2[417,0], ens-cache15.de5[419,418,200-0,M], ens-cache9.de5[420,0]
x-oss-request-id
661AFEAE6AD0C43735E4940A
content-md5
txYAK/YB9ycXaueQG99OTw==
x-swift-cachetime
31104000
x-cache
MISS TCP_MISS dirn:-2:-2
x-swift-savetime
Sat, 13 Apr 2024 21:52:46 GMT
content-length
55940
x-oss-object-type
Normal
last-modified
Fri, 24 Dec 2021 20:51:06 GMT
server
Tengine
etag
"B716002BF601F727176AE7901BDF4E4F"
vary
Origin
ali-swift-global-savetime
1713045166
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=63072000
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
10201830100077572647
eagleid
a3b55c9d17130451660563170e
x-oss-server-time
1
layer.css
gf889.com/static/js/layer/theme/default/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gf889.com/static/js/layer/theme/default/layer.css?v=3.5.1
Requested by
Host: gf889.com
URL: https://gf889.com/static/js/layer/layer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.167.182 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gf889.com/index/sign/sign.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 21:52:47 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 15 Aug 2023 08:13:04 GMT
server
nginx
etag
W/"64db3390-37bf"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sun, 14 Apr 2024 09:52:47 GMT
favicon.ico
gf889.com/ 		7 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gf889.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.214.167.182 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
e2649d878b333e71f89a3a2ac48f2909b1ffda1e13b6413a2e2360a980b0f6dd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gf889.com/index/sign/sign.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 21:52:47 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
shadow-grey.png
cdn.dcloud.net.cn/img/ 		136 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.dcloud.net.cn/img/shadow-grey.png
Requested by
Host: gf889.com
URL: https://gf889.com/static/index.63b34199.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
124.220.203.60 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gf889.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 13 Apr 2024 21:52:49 GMT
Last-Modified
Thu, 06 Jun 2019 06:42:07 GMT
Server
nginx
ETag
"5cf8b5bf-88"
Content-Type
image/png
Cache-Control
max-age=7200
Connection
close
Accept-Ranges
bytes
Content-Length
136
Expires
Sat, 13 Apr 2024 23:52:49 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| layer

1 Cookies

Domain/Path Name / Value
.dcloud.net.cn/ Name: __uni__uid
Value: rBEQiWYa/rFjvgyJb/TGAg==

2 Console Messages

Source Level URL
Text
network error URL: https://gf889.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://gf889.com/index/sign/sign.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000