urlscan.io logo urlscan.io
SecurityTrails logo

gov.aigo154.bar Open in urlscan Pro
104.16.103.195  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kingsman.buzz/
Effective URL: https://gov.aigo154.bar/
Submission: On May 13 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 10 domains to perform 18 HTTP transactions. The main IP is 104.16.103.195, located in and belongs to CLOUDFLARENET, US. The main domain is gov.aigo154.bar.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 9th 2022. Valid for: a year.
This is the only time gov.aigo154.bar was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 162.159.36.217 13335 (CLOUDFLAR...)
1 104.19.29.200 13335 (CLOUDFLAR...)
1 173.231.12.186 18450 (WEBNX)
9 104.16.103.195 13335 (CLOUDFLAR...)
1 59.111.181.52 45062 (NETEASE-N...)
1 20.187.105.105 8075 (MICROSOFT...)
1 47.75.19.43 45102 (ALIBABA-C...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 103.235.46.191 55967 (BAIDU Bei...)
1 192.99.13.63 16276 (OVH)
18 10
2    162.159.36.217 (None, )

ASN13335 (CLOUDFLARENET, US)
kingsman.buzz
1    104.19.29.200 (None, )

ASN13335 (CLOUDFLARENET, US)
gov.povertyisstrangertoindustry.buzz
1    173.231.12.186 (United States)

ASN18450 (WEBNX, US)
PTR: 173-231-12-186.hosted.static.webnx.com
gov.althoughthesunshineleavenotyourcloakathome.buzz
9    104.16.103.195 (None, )

ASN13335 (CLOUDFLARENET, US)
gov.aigo154.bar
1    59.111.181.52 (China)

ASN45062 (NETEASE-NETWORK NetEase Building No.16 Ke Yun Road, CN)
ip.ws.126.net
1    20.187.105.105 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
27392159.com
1    47.75.19.43 (Central, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
u0053.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    192.99.13.63 (Canada)

ASN16276 (OVH, FR)
PTR: ns504751.ip-192-99-13.net
sstatic1.histats.com
Apex Domain
Subdomains		 Transfer
9 aigo154.bar
gov.aigo154.bar
381 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 7974
12 KB
2 kingsman.buzz
kingsman.buzz
1 KB
1 histats.com
sstatic1.histats.com — Cisco Umbrella Rank: 59345
163 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 432
981 B
1 u0053.com
u0053.com
135 KB
1 27392159.com
27392159.com
75 KB
1 126.net
ip.ws.126.net — Cisco Umbrella Rank: 154811
318 B
1 althoughthesunshineleavenotyourcloakathome.buzz
gov.althoughthesunshineleavenotyourcloakathome.buzz
626 B
1 povertyisstrangertoindustry.buzz
gov.povertyisstrangertoindustry.buzz
784 B
18 10
Domain Requested by
9 gov.aigo154.bar gov.althoughthesunshineleavenotyourcloakathome.buzz
gov.aigo154.bar
2 hm.baidu.com gov.aigo154.bar
2 kingsman.buzz 2 redirects
1 sstatic1.histats.com gov.aigo154.bar
1 cdn.jsdelivr.net gov.aigo154.bar
1 u0053.com gov.aigo154.bar
1 27392159.com gov.aigo154.bar
1 ip.ws.126.net gov.aigo154.bar
1 gov.althoughthesunshineleavenotyourcloakathome.buzz gov.povertyisstrangertoindustry.buzz
1 gov.povertyisstrangertoindustry.buzz
18 10

This site contains links to these domains. Also see Links.

Domain
bibo480.com
m3324.com
www.douban.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-02-22 -
2023-02-22		 a year crt.sh
gov.althoughthesunshineleavenotyourcloakathome.buzz
R3		 2022-02-22 -
2022-05-23		 3 months crt.sh
*.ws.126.net
GeoTrust RSA CN CA G2		 2021-11-30 -
2022-12-05		 a year crt.sh
27392159.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-18 -
2023-03-18		 a year crt.sh
u0053.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-03 -
2023-01-03		 a year crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-02-21 -
2022-08-02		 5 months crt.sh
histats.com
R3		 2022-04-19 -
2022-07-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://gov.aigo154.bar/
Frame ID: BC81C07AD8005FCF54A476647F5DB438
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

爱国者爱国者

Page URL History Show full URLs

  1. http://kingsman.buzz/ HTTP 301
    https://kingsman.buzz/ HTTP 301
    https://gov.povertyisstrangertoindustry.buzz:2096/edu/baidu.html Page URL
  2. https://gov.aigo154.bar/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

18
Requests

100 %
HTTPS

10 %
IPv6

10
Domains

10
Subdomains

10
IPs

5
Countries

629 kB
Transfer

927 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kingsman.buzz/ HTTP 301
    https://kingsman.buzz/ HTTP 301
    https://gov.povertyisstrangertoindustry.buzz:2096/edu/baidu.html Page URL
  2. https://gov.aigo154.bar/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://kingsman.buzz/ HTTP 301
  • https://kingsman.buzz/ HTTP 301
  • https://gov.povertyisstrangertoindustry.buzz:2096/edu/baidu.html

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
baidu.html
gov.povertyisstrangertoindustry.buzz/edu/
Redirect Chain
  • http://kingsman.buzz/
  • https://kingsman.buzz/
  • https://gov.povertyisstrangertoindustry.buzz:2096/edu/baidu.html
363 B
784 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gov.povertyisstrangertoindustry.buzz:2096/edu/baidu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.29.200 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9d6992adfd95a518e173219751c040cfb0e8e2de4809ac5f4494b9e72e723b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":2096"; ma=86400, h3-29=":2096"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
70aa04dbfce567ba-MIA
content-encoding
br
content-type
text/html
date
Fri, 13 May 2022 08:28:09 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Tue, 22 Feb 2022 07:27:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7r1cuX5SlKBzd%2B4dvedkaEATq4zmvKqSnOBf7dpWDManIsh52cVCdrAlF88ku5durakM8sNEj9EAfdHFBKmSSiTt6kN%2BvSD6fAqHwugwxsK3I1Se%2B1FhuvzoQsZJMHumhGimKXw3n2zAmuFVDRp7ttbL9RCeqMjb9xpIA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
70aa04d20e06d4f5-MIA
content-type
text/html
date
Fri, 13 May 2022 08:28:07 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://gov.povertyisstrangertoindustry.buzz:2096/edu/baidu.html
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGvzZKOJjifFsAxZj1n1yHjsC2rCMXG8v3Kj0pwG6kXh5i7OHIiwR1hOQ6oDbHJjWRMdEwPiRIivYhVKG1L9f8smAtpQw28PAqIvbonpH3TvnlhGMgGs1E7dP3CGvbvC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
baidu.js
gov.althoughthesunshineleavenotyourcloakathome.buzz/edu/ 		412 B
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gov.althoughthesunshineleavenotyourcloakathome.buzz:4433/edu/baidu.js
Requested by
Host: gov.povertyisstrangertoindustry.buzz
URL: https://gov.povertyisstrangertoindustry.buzz:2096/edu/baidu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.231.12.186 , United States, ASN18450 (WEBNX, US),
Reverse DNS
173-231-12-186.hosted.static.webnx.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gov.povertyisstrangertoindustry.buzz:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 08:28:09 GMT
last-modified
Fri, 13 May 2022 04:03:29 GMT
server
nginx
etag
"627dd891-19c"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
412
expires
Fri, 13 May 2022 20:28:09 GMT
Primary Request /
gov.aigo154.bar/ 		81 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gov.aigo154.bar/
Requested by
Host: gov.althoughthesunshineleavenotyourcloakathome.buzz
URL: https://gov.althoughthesunshineleavenotyourcloakathome.buzz:4433/edu/baidu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.103.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7076f6fd4e3a482cffd313bf3bed1ccd036bf93cdb5b7bb300f60d3a498c9e2c

Request headers

Referer
https://gov.povertyisstrangertoindustry.buzz:2096/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
70aa04e4af0d9acc-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 13 May 2022 08:28:10 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4SDtxdMBSM5yZbA4CD9QUMxnOeBW6OEKDL4i3AVn0UaGcqUvOBfPzBoSp4pY4UJjLCm%2FFnvmX3V3Mf7WgK2c10N3iBscYgYItPo6xxPXKr1gpvKTteJi%2FfYsAfOPfmOvyk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ipquery
ip.ws.126.net/ 		84 B
318 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ip.ws.126.net/ipquery
Requested by
Host: gov.aigo154.bar
URL: https://gov.aigo154.bar/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
59.111.181.52 , China, ASN45062 (NETEASE-NETWORK NetEase Building No.16 Ke Yun Road, CN),
Reverse DNS
Software
nginx /
Resource Hash
d9db0d91eaad86d6c7cec9326d43e9c6ab460885a6fa73d77c35bcfba7dfd295

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gov.aigo154.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 08:28:11 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html;charset=GBK
style.css
gov.aigo154.bar/template/mojiabai/asset/css/ 		75 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gov.aigo154.bar/template/mojiabai/asset/css/style.css?v=1.1.6
Requested by
Host: gov.aigo154.bar
URL: https://gov.aigo154.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.103.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
618028a92ede20d91d3f97ef2151fd9e8e3d46a155c0c7aaf63071e0f448542c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gov.aigo154.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 08:28:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11784
cf-polished
origSize=84135
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 20 Apr 2022 05:16:09 GMT
server
cloudflare
etag
W/"625f9719-148a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXRKUEeL59VSKVqh67ltUHmTdPfLsucsKpG4DUuCbhxWO35TCVOhpTMeD6xx35ch5hlL0d68bccld%2BWUd65Jf7%2FNu7GPyQDd7SAoClFkpELXY68l5cfqh%2Fwvd5nSDDrvEAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
70aa04e6783d9acc-MIA
expires
Fri, 13 May 2022 17:11:46 GMT
style2.css
gov.aigo154.bar/template/mojiabai/asset/css/ 		48 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gov.aigo154.bar/template/mojiabai/asset/css/style2.css
Requested by
Host: gov.aigo154.bar
URL: https://gov.aigo154.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.103.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46efc0ec9c990a200ab27714c48c84f3e0e1f6a36988f77a14bd1d6bd69dbdb8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gov.aigo154.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 08:28:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11784
cf-polished
origSize=54171
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 15 Apr 2022 19:07:51 GMT
server
cloudflare
etag
W/"6259c287-d39b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBcKf65sDTnzjDwezoBmmQsSCAUEJS%2FvA%2FZLAsKkcke%2FjzznASxbBpS%2B5p6Mt80gXIyX9ln43K0tNQ21a8BLvne%2BjYqsx8gTKugbrv%2BA90YkPvnN%2B6raNYj9win%2BEqdgIZo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
70aa04e6783f9acc-MIA
expires
Fri, 13 May 2022 17:11:46 GMT
c13cd1501d654e3ba26dc9bc58cc1ae2.gif
27392159.com/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://27392159.com/c13cd1501d654e3ba26dc9bc58cc1ae2.gif
Requested by
Host: gov.aigo154.bar
URL: https://gov.aigo154.bar/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.187.105.105 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
WAF/2.4-12.1 /
Resource Hash
ba7c1c361b0fde0b89fbd53ea7ec06e7021f3f1ca2d6ae65c3748cfa694ab714

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gov.aigo154.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 08:28:11 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Apr 2022 12:39:27 GMT
Server
WAF/2.4-12.1
ETag
W/"6263f37f-12dbd"
X-Cache-Status
HIT
Vary
Accept-Encoding
Content-Type
image/gif
Transfer-Encoding
chunked
Connection
keep-alive
0f85e2e9ebf24b31b392b7f81622f7a2.gif
u0053.com/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u0053.com/0f85e2e9ebf24b31b392b7f81622f7a2.gif
Requested by
Host: gov.aigo154.bar
URL: https://gov.aigo154.bar/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.75.19.43 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
da88bad0a293045c83cfb00578c4015142aded03ffb8d9d33b0ee85c3e20deed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gov.aigo154.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Fri, 13 May 2022 08:28:13 GMT
x-oss-request-id
627E169DE46B1632382EA8E3
Last-Modified
Sat, 23 Apr 2022 12:18:55 GMT
Server
AliyunOSS
Content-MD5
acjg5qGsZdegdCKa4VlJ+w==
ETag
"69C8E0E6A1AC65D7A074229AE15949FB"
Content-Type
image/gif
x-oss-storage-class
Standard
Connection
keep-alive
Accept-Ranges
bytes
x-oss-hash-crc64ecma
10468538668126822284
Content-Length
138050
x-oss-server-time
1
bfq001.gif
gov.aigo154.bar/gov/360edu/imgdh/ 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gov.aigo154.bar/gov/360edu/imgdh/bfq001.gif
Requested by
Host: gov.aigo154.bar
URL: https://gov.aigo154.bar/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.103.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71d1da21904874e7dc63300efbcd0fce30b029ce9e142a681b903aef9414c5dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gov.aigo154.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 08:28:12 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
120337
last-modified
Thu, 10 Feb 2022 15:46:56 GMT
server
cloudflare
etag
"62053370-1d611"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kSGRlBB3rYLxQRabNU3%2FHcb9wtJ9Mqt8QCtseI3%2BelF0fj8ZTQ470JfW1g2vS3ILCbM7rhRMpjywW9i9azXeZBmvzX1NBAFnRsprhNNuwEMg0V3CZm6yymN%2BVXfRcQy1Ls%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
70aa04eea9b78db4-MIA
expires
Sun, 12 Jun 2022 08:28:12 GMT
manhua03.gif
gov.aigo154.bar/gov/360edu/img/ 		126 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gov.aigo154.bar/gov/360edu/img/manhua03.gif
Requested by
Host: gov.aigo154.bar
URL: https://gov.aigo154.bar/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.103.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e1b55b62fd423b0fa9827fe74ad271f63082b44608a0dbfce140bc6bc9f70e9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gov.aigo154.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 08:28:12 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
129152
last-modified
Tue, 29 Mar 2022 10:31:39 GMT
server
cloudflare
etag
"6242e00b-1f880"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBm6yI2z9FW0PAtILyH9caoPkNik3JGle2D80sZE6gSW%2F3eyoc20kGehEBskuLSlFECoHGLIPMLSjlHYDF8e9WDDgeQsHQEunx0xiAGbE53hzfs6s1DnEWVuTc%2BFV8qFF8U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
70aa04eea9b98db4-MIA
expires
Sun, 12 Jun 2022 08:28:12 GMT
histatstj.js
cdn.jsdelivr.net/gh/x8x8vip/edu@main/ 		167 B
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/x8x8vip/edu@main/histatstj.js
Requested by
Host: gov.aigo154.bar
URL: https://gov.aigo154.bar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74bfc80ca4cfca80a2faac9c7b094bc0b0d8518539e17230a6012e947609d04c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gov.aigo154.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 08:28:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
32349
x-jsd-version
main
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19147-FRA, cache-iad-kiad7000126-IAD
timing-allow-origin
*
x-jsd-version-type
branch
server
cloudflare
etag
W/"a7-XsSUvPiSYXm7kMwOuZWalxqt5vI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obdkJ0NpWD9ywlyZkhSXfMha0wZqvLqF0islsxIXjVI30Sf1d6U41wj8aYxnTj%2FAHO03iB%2BTabCbWT25HnjLJHCn%2B1Ehpo27ChRX6fzKKfwnDqswql7ZEnfn8FRy1w%2FqkHLqyYEbJ6EgxmEUumo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
70aa04e74a136dc2-MIA
layui.js
gov.aigo154.bar/template/mojiabai/asset/inc/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gov.aigo154.bar/template/mojiabai/asset/inc/layui.js?v=1.1.6
Requested by
Host: gov.aigo154.bar
URL: https://gov.aigo154.bar/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.103.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59dc52e300914efc2042d8a5b4325916e5c293036254334c1662ab832830203a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gov.aigo154.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 08:28:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 12 Jul 2021 10:32:44 GMT
server
cloudflare
etag
W/"60ec1a4c-1cb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZ52bZp85PY%2FPhHT4kn9BgsK%2F8I3xH02Guoq4BAeITyLgPoDYLESfH0ORqz1zcoTETZVOuzpOUrgynxiNDVOCYMOWRoDKSH%2BBE%2BI3dT4q50htF7hIFPoU68ate2BXbTBzY4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70aa04e7ac198db4-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 13 May 2022 20:28:10 GMT
hm.js
hm.baidu.com/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?38cffc8371535b675417040e955427de
Requested by
Host: gov.aigo154.bar
URL: https://gov.aigo154.bar/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
53f5408266829e03897120e84a0ca9ca1a284bb0858f5517d37dfa46c3f23b5e
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gov.aigo154.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 08:28:13 GMT
Content-Encoding
gzip
Server
apache
Etag
34464c770d31fa6365c7d866e24e2c5d
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11139
0.gif
sstatic1.histats.com/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sstatic1.histats.com/0.gif?4560904&101
Requested by
Host: gov.aigo154.bar
URL: https://gov.aigo154.bar/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.13.63 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns504751.ip-192-99-13.net
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gov.aigo154.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Fri, 13 May 2022 08:28:12 GMT
Connection
close
Content-Length
43
Content-Type
image/gif
jquery.js
gov.aigo154.bar/template/mojiabai/asset/inc/lay/modules/ 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gov.aigo154.bar/template/mojiabai/asset/inc/lay/modules/jquery.js?v=1.1.6
Requested by
Host: gov.aigo154.bar
URL: https://gov.aigo154.bar/template/mojiabai/asset/inc/layui.js?v=1.1.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.103.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cc3851012d4fb3e8db75185cdf238249b55010bb650d982575a20e949a7c6f5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gov.aigo154.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 08:28:12 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 07 Aug 2020 14:28:04 GMT
server
cloudflare
etag
W/"5f2d64f4-17d70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVO2gOBbzWGMyt4ZzYTbwOIg8Rxi3dEo08nx%2F55IMgu5KqnKIgilkNHqQtitS7ZW3bWqgYtysghl3jZTIDJXFeGimuHPJSdb9Vo8R82iBhtV5Yhr7%2BIgrjnnt9V10PooiJ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70aa04eeb9bd8db4-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 13 May 2022 20:28:12 GMT
truncated
/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cdfe0a844b4cf339a01522db98b2a248e4dc1d1c7b3b1180baaaa70b7e810c3

Request headers

Referer
Origin
https://gov.aigo154.bar
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
application/x-font-woff2;charset=utf-8
common.js
gov.aigo154.bar/template/mojiabai//asset/js/ 		54 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gov.aigo154.bar/template/mojiabai//asset/js/common.js?v=1.1.6
Requested by
Host: gov.aigo154.bar
URL: https://gov.aigo154.bar/template/mojiabai/asset/inc/layui.js?v=1.1.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.103.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8919503a2925a2acb22037993664df8ad980e824ac913bcd45a5df84267dd72a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gov.aigo154.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 08:28:12 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 07 Aug 2020 14:28:04 GMT
server
cloudflare
etag
W/"5f2d64f4-d6f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mr3etAh7JLfu7yP5N4os5%2BZEMbLyeuqvopvn8IQmN9cg0A%2FuKLQCxMEyGs4VKuqTUiL3BPUIiVP2GZOPmvteW%2BPI3F7B1xXrYLc64%2FnEXDHZSGzWYlxfbuXGJV03E5MRVpI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70aa04f1bbae8db4-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 13 May 2022 20:28:12 GMT
nicescroll.js
gov.aigo154.bar/template/mojiabai/asset/js/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gov.aigo154.bar/template/mojiabai/asset/js/nicescroll.js?v=1.1.6
Requested by
Host: gov.aigo154.bar
URL: https://gov.aigo154.bar/template/mojiabai/asset/inc/layui.js?v=1.1.6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.103.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f48cb5b9c55a4e36508a12d27e39f6d801c4b3863fdb76a4d3b431f678c4c08d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gov.aigo154.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Fri, 13 May 2022 08:28:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 07 Aug 2020 14:28:04 GMT
server
cloudflare
etag
W/"5f2d64f4-eae6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoTSmRls0JYLIzaAJR4NX97UP0YrPUZZH7vAuMPaWwPsgyy5pEj0P%2FrF5uXxeAGBGmxfXjCVo6h74DWjXLb8Aj8K55Lwq40AwyapnBxBQmUMgDiDC5YgDpw4s06auzQpjuA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70aa04f898668db4-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 13 May 2022 20:28:13 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=706099675&si=38cffc8371535b675417040e955427de&su=https%3A%2F%2Fgov.povertyisstrangertoindustry.buzz%3A2096%2F&v=1.2.93&lv=1&sn=31004&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fgov.aigo154.bar%2F&tt=%E7%88%B1%E5%9B%BD%E8%80%85
Requested by
Host: gov.aigo154.bar
URL: https://gov.aigo154.bar/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gov.aigo154.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 May 2022 08:28:14 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails string| lo string| lc object| localAddress object| prov_arr function| contains object| _hmt object| layui object| magic object| _layui function| _typeof function| _defineProperty function| changeColor function| jQuery function| $ object| jQuery11230037240707665385564 object| NiceScroll boolean| _bdhm_loaded_38cffc8371535b675417040e955427de object| mini_tangram_log_y69ssj

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: F4429D62893B848C
.gov.aigo154.bar/ Name: Hm_lvt_38cffc8371535b675417040e955427de
Value: 1652430494
.gov.aigo154.bar/ Name: Hm_lpvt_38cffc8371535b675417040e955427de
Value: 1652430494

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

27392159.com
cdn.jsdelivr.net
gov.aigo154.bar
gov.althoughthesunshineleavenotyourcloakathome.buzz
gov.povertyisstrangertoindustry.buzz
hm.baidu.com
ip.ws.126.net
kingsman.buzz
sstatic1.histats.com
u0053.com
103.235.46.191
104.16.103.195
104.19.29.200
162.159.36.217
173.231.12.186
192.99.13.63
20.187.105.105
2606:4700::6810:5614
47.75.19.43
59.111.181.52
46efc0ec9c990a200ab27714c48c84f3e0e1f6a36988f77a14bd1d6bd69dbdb8
4cc3851012d4fb3e8db75185cdf238249b55010bb650d982575a20e949a7c6f5
53f5408266829e03897120e84a0ca9ca1a284bb0858f5517d37dfa46c3f23b5e
59dc52e300914efc2042d8a5b4325916e5c293036254334c1662ab832830203a
5e1b55b62fd423b0fa9827fe74ad271f63082b44608a0dbfce140bc6bc9f70e9
618028a92ede20d91d3f97ef2151fd9e8e3d46a155c0c7aaf63071e0f448542c
6cdfe0a844b4cf339a01522db98b2a248e4dc1d1c7b3b1180baaaa70b7e810c3
7076f6fd4e3a482cffd313bf3bed1ccd036bf93cdb5b7bb300f60d3a498c9e2c
71d1da21904874e7dc63300efbcd0fce30b029ce9e142a681b903aef9414c5dd
74bfc80ca4cfca80a2faac9c7b094bc0b0d8518539e17230a6012e947609d04c
8919503a2925a2acb22037993664df8ad980e824ac913bcd45a5df84267dd72a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
ba7c1c361b0fde0b89fbd53ea7ec06e7021f3f1ca2d6ae65c3748cfa694ab714
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d9db0d91eaad86d6c7cec9326d43e9c6ab460885a6fa73d77c35bcfba7dfd295
da88bad0a293045c83cfb00578c4015142aded03ffb8d9d33b0ee85c3e20deed
f48cb5b9c55a4e36508a12d27e39f6d801c4b3863fdb76a4d3b431f678c4c08d
f9d6992adfd95a518e173219751c040cfb0e8e2de4809ac5f4494b9e72e723b5