gd-bfa1jnzt.gaapqcloud.com.cn Open in urlscan Pro
240e:dd:d800:380::a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gd-bfa1jnzt.gaapqcloud.com.cn/
Effective URL:
http://gd-bfa1jnzt.gaapqcloud.com.cn/user/login.php
Submission: On October 15 via manual (October 15th 2022, 8:44:24 am UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 12 HTTP transactions. The main IP is 240e:dd:d800:380::a1, located in China and belongs to CHINANET-SICHUAN-CHUANXI-IDC Sichuan Chuanxn IDC, CN. The main domain is gd-bfa1jnzt.gaapqcloud.com.cn.

This is the only time gd-bfa1jnzt.gaapqcloud.com.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	240e:dd:d800:... 240e:dd:d800:380::a1	139220 (CHINANET-...) (CHINANET-SICHUAN-CHUANXI-IDC Sichuan Chuanxn IDC)
5	2600:9000:249... 2600:9000:2491:da00:1d:80d9:9400:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2402:4e00:803... 2402:4e00:8030:1::71	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	203.205.136.82 203.205.136.82	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
12	7

3 240e:dd:d800:380::a1 (China) 1 redirects

ASN139220 (CHINANET-SICHUAN-CHUANXI-IDC Sichuan Chuanxn IDC, CN)

gd-bfa1jnzt.gaapqcloud.com.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2491:da00:1d:80d9:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)

lib.baomitu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2402:4e00:8030:1::71 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

ssl.captcha.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.205.136.82 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

captcha.gtimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	baomitu.com lib.baomitu.com — Cisco Umbrella Rank: 158980	252 KB
3	gaapqcloud.com.cn 1 redirects gd-bfa1jnzt.gaapqcloud.com.cn	20 KB
1	gtimg.com captcha.gtimg.com — Cisco Umbrella Rank: 57569	42 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	2 KB
1	qq.com ssl.captcha.qq.com — Cisco Umbrella Rank: 57270 t.captcha.qq.com Failed	21 KB
12	6

	Domain	Requested by
5	lib.baomitu.com	gd-bfa1jnzt.gaapqcloud.com.cn lib.baomitu.com
3	gd-bfa1jnzt.gaapqcloud.com.cn	1 redirects gd-bfa1jnzt.gaapqcloud.com.cn
1	captcha.gtimg.com	ssl.captcha.qq.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	gd-bfa1jnzt.gaapqcloud.com.cn
1	ssl.captcha.qq.com	gd-bfa1jnzt.gaapqcloud.com.cn
0	t.captcha.qq.com Failed	captcha.gtimg.com
12	7

This site contains no links.

Subject Issuer	Validity	Valid
*.baomitu.com WoTrus DV Server CA [Run by the Issuer]	`2022-04-26` - `2023-04-26`	a year	crt.sh
*.captcha.qq.com DigiCert Secure Site CN CA G3	`2022-09-19` - `2023-10-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gtimg.com DigiCert Secure Site CN CA G3	`2022-05-16` - `2023-06-16`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://gd-bfa1jnzt.gaapqcloud.com.cn/user/login.php
Frame ID: 5DBFD2331E3DD95DA31CB352F4FA4B80
Requests: 11 HTTP requests in this frame

Frame: https://t.captcha.qq.com/template/drag_ele.html
Frame ID: 945AC2F1501312427BB243FC1FC38677
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

登录 | AE短网址

Page URL History Show full URLs

http://gd-bfa1jnzt.gaapqcloud.com.cn/ HTTP 301
http://gd-bfa1jnzt.gaapqcloud.com.cn/user/login.php Page URL

Detected technologies

Tencent Waterproof Wall (Hosting panels) Expand

Overall confidence: 100%
Detected patterns

/TCaptcha\.js
captcha\.qq\.com/.*

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

75 %
HTTPS

83 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

380 kB
Transfer

591 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gd-bfa1jnzt.gaapqcloud.com.cn/ HTTP 301
http://gd-bfa1jnzt.gaapqcloud.com.cn/user/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login.php Show response
gd-bfa1jnzt.gaapqcloud.com.cn/user/
Redirect Chain

http://gd-bfa1jnzt.gaapqcloud.com.cn/
http://gd-bfa1jnzt.gaapqcloud.com.cn/user/login.php

2 KB
2 KB

383ms
382ms

Document
text/html

240e:dd:d800:380::a1
CHINANET-SICHUAN-...

General

Check archive.org

Show headers Download Go to

Full URL: http://gd-bfa1jnzt.gaapqcloud.com.cn/user/login.php
Protocol: HTTP/1.1
Server: 240e:dd:d800:380::a1 , China, ASN139220 (CHINANET-SICHUAN-CHUANXI-IDC Sichuan Chuanxn IDC, CN),
Reverse DNS
Software: marco/2.17 /
Resource Hash: 6a97b12a089bc82c9f8d534e11d8dfca63f3a26f50f3fdb3b693a36ea4e15875

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 329746
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 15 Oct 2022 08:44:18 GMT
Expires: Fri, 21 Oct 2022 13:08:32 GMT
Server: marco/2.17
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: S.mix-js-czx2-049, T.49.H, V.mix-js-czx2-047, T.3.H, M.ctn-sc-yan-001
X-Request-Id: 7269922f37ffa061f6d3f0f42f4f28b6; e618cd92ac2e9ef2da2a40e380323063
X-Source: C/200

Redirect headers

Accept-Ranges: bytes
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 15 Oct 2022 08:44:18 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: /user/login.php
Pragma: no-cache
Server: marco/2.17
Transfer-Encoding: chunked
Via: S.mix-js-czx2-045, T.45.D, V.mix-js-czx2-046, T.1.D, M.ctn-sc-yan-001
X-Request-Id: d6fe0a784b2bbab097e0995b80ac099a
X-Source: C/301

GET
H2 200 bootstrap.min.css
lib.baomitu.com/twitter-bootstrap/3.0.0/css/ 95 KB
96 KB 1119ms
17ms Stylesheet
text/css 2600:9000:2491:da00:1d:80d9:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.baomitu.com/twitter-bootstrap/3.0.0/css/bootstrap.min.css
Requested by: Host: gd-bfa1jnzt.gaapqcloud.com.cn
URL: http://gd-bfa1jnzt.gaapqcloud.com.cn/user/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:da00:1d:80d9:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1cbda21998b65e08a7e936114cabd7f7783d0f590dd6efdd58c7faa8b6e7b9aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gd-bfa1jnzt.gaapqcloud.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 30 May 2022 09:54:41 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
kcs-via: HIT from w-fc03.lato;MISS from w-sc02.lato
x-qstatic-hit: 1
x-amz-cf-pop: FRA56-P7
age: 11918978
x-cache: Hit from cloudfront
content-length: 97339
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"2cc37aeb3f12fe90"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
accept-ranges: bytes
x-amz-cf-id: dL1N4gIOfIGVg3yA7lphJySa-5r61iyMBLLcPejLaSlhpedz4Uq1kw==
expires: Thu, 27 May 2032 09:54:41 GMT

GET
H/1.1 200
OK style.css
gd-bfa1jnzt.gaapqcloud.com.cn/static/user/css/ 74 KB
18 KB 357ms
356ms Stylesheet
text/css 240e:dd:d800:380::a1
CHINANET-SICHUAN-...

General

Check archive.org

Show headers Download Go to

Full URL: http://gd-bfa1jnzt.gaapqcloud.com.cn/static/user/css/style.css
Requested by: Host: gd-bfa1jnzt.gaapqcloud.com.cn
URL: http://gd-bfa1jnzt.gaapqcloud.com.cn/user/login.php
Protocol: HTTP/1.1
Server: 240e:dd:d800:380::a1 , China, ASN139220 (CHINANET-SICHUAN-CHUANXI-IDC Sichuan Chuanxn IDC, CN),
Reverse DNS
Software: marco/2.17 /
Resource Hash: c8e6b52a673e0f6570b81d9ab08884a0c2a926d82c282cb804460220c84cb68c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gd-bfa1jnzt.gaapqcloud.com.cn/user/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 15 Oct 2022 08:44:19 GMT
Via: S.mix-js-czx2-045, T.45.H, V.mix-js-czx2-048, T.4.H, M.ctn-sc-yan-001
Content-Encoding: gzip
Last-Modified: Tue, 06 Oct 2020 12:18:58 GMT
Server: marco/2.17
Age: 324985
ETag: W/"5f7c60b2-126f2"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=864000
Connection: keep-alive
X-Source: C/200
X-Request-Id: 827ec94e1b92c13ddc1719c4427bdb5e; 555d717037d489d5c84b9459213193cd
Expires: Fri, 21 Oct 2022 14:27:54 GMT

GET
H2 200 jquery.min.js Show response
lib.baomitu.com/jquery/2.1.1/ 82 KB
83 KB 1127ms
26ms Script
application/javascript 2600:9000:2491:da00:1d:80d9:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.baomitu.com/jquery/2.1.1/jquery.min.js
Requested by: Host: gd-bfa1jnzt.gaapqcloud.com.cn
URL: http://gd-bfa1jnzt.gaapqcloud.com.cn/user/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:da00:1d:80d9:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gd-bfa1jnzt.gaapqcloud.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 15:54:07 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
kcs-via: HIT from w-fc01.lato;MISS from w-sc01.lato
x-qstatic-hit: 1
x-amz-cf-pop: FRA56-P7
age: 11465412
x-cache: Hit from cloudfront
content-length: 84280
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"f93b31915e4c7590"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
accept-ranges: bytes
x-amz-cf-id: tx5Rf4yJMvyFCLSAQKAk381ecg0WGB8xKBjNEbPDE07z0Y0vFUhSSg==
expires: Tue, 01 Jun 2032 15:54:07 GMT

GET
H2 200 bootstrap.min.js Show response
lib.baomitu.com/twitter-bootstrap/3.3.7/js/ 36 KB
37 KB 1109ms
9ms Script
application/javascript 2600:9000:2491:da00:1d:80d9:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.baomitu.com/twitter-bootstrap/3.3.7/js/bootstrap.min.js
Requested by: Host: gd-bfa1jnzt.gaapqcloud.com.cn
URL: http://gd-bfa1jnzt.gaapqcloud.com.cn/user/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:da00:1d:80d9:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gd-bfa1jnzt.gaapqcloud.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 05:49:34 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
kcs-via: HIT from w-fc01.lato;HIT from w-sc01.lato
x-qstatic-hit: 1
x-amz-cf-pop: FRA56-P7
age: 8650486
x-cache: Hit from cloudfront
content-length: 37045
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"5943be6f01e50b21"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
accept-ranges: bytes
x-amz-cf-id: NEr93RorXzhJZgOR4gcQmEyUCS10N96vbldy21lo2Urq7rgQgvUrGA==
expires: Sun, 04 Jul 2032 05:49:34 GMT

GET
H2 200 layer.js Show response
lib.baomitu.com/layer/3.1.1/ 22 KB
22 KB 1110ms
10ms Script
application/javascript 2600:9000:2491:da00:1d:80d9:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.baomitu.com/layer/3.1.1/layer.js
Requested by: Host: gd-bfa1jnzt.gaapqcloud.com.cn
URL: http://gd-bfa1jnzt.gaapqcloud.com.cn/user/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:da00:1d:80d9:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1ce6649d82d2db0f8e4823f701ddfcfd9c7f107cb446c907e46ec7e57171a2a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gd-bfa1jnzt.gaapqcloud.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 00:52:33 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
kcs-via: MISS from w-fc03.lato;MISS from w-sc02.lato
x-qstatic-hit: 1
x-amz-cf-pop: FRA56-P7
age: 11605907
x-cache: Hit from cloudfront
content-length: 22116
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"23e0be8538cb8cef"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
accept-ranges: bytes
x-amz-cf-id: kg5aEgj5lSYTqGVXIu0j2p8rRYFmPCjIQ7Ip20RAqK40WFOer0JZgQ==
expires: Mon, 31 May 2032 00:52:33 GMT

GET
H/1.1 200
OK TCaptcha.js Show response
ssl.captcha.qq.com/ 60 KB
21 KB 1042ms
388ms Script
application/x-javascript 2402:4e00:8030:1::71
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.captcha.qq.com/TCaptcha.js
Requested by: Host: gd-bfa1jnzt.gaapqcloud.com.cn
URL: http://gd-bfa1jnzt.gaapqcloud.com.cn/user/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2402:4e00:8030:1::71 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: tencent http server /
Resource Hash: bea19901dd5305a219dc45603f2eada29d4ceeb84a231bf5c5373da1b0f7c5ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gd-bfa1jnzt.gaapqcloud.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 15 Oct 2022 08:44:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2022 17:19:24 GMT
Server: tencent http server
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP=CAO PSA OUR
Content-Type: application/x-javascript
Cache-Control: max-age=600
Connection: keep-alive

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 59ms
23ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic

Requested by

Host: gd-bfa1jnzt.gaapqcloud.com.cn
URL: http://gd-bfa1jnzt.gaapqcloud.com.cn/static/user/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gd-bfa1jnzt.gaapqcloud.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Oct 2022 08:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 15 Oct 2022 07:44:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Oct 2022 08:44:20 GMT

GET
H2 200 layer.css
lib.baomitu.com/layer/3.1.1/theme/default/ 14 KB
14 KB 8ms
8ms Stylesheet
text/css 2600:9000:2491:da00:1d:80d9:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.baomitu.com/layer/3.1.1/theme/default/layer.css?v=3.1.1
Requested by: Host: lib.baomitu.com
URL: https://lib.baomitu.com/layer/3.1.1/layer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:da00:1d:80d9:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gd-bfa1jnzt.gaapqcloud.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 23 May 2022 01:09:11 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
kcs-via: HIT from w-fc03.lato;HIT from w-sc02.lato
x-qstatic-hit: 1
x-amz-cf-pop: FRA56-P7
age: 12555309
x-cache: Hit from cloudfront
content-length: 14367
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
etag: W/"ab6b9d5c5b5a0ac3"
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
accept-ranges: bytes
x-amz-cf-id: mFfGOeU2Y-63I3nee31vEMQ4tMbccDP4_hXU6-ae3mhqZQEYnbwY0w==
expires: Thu, 20 May 2032 01:09:11 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 48ms
14ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://gd-bfa1jnzt.gaapqcloud.com.cn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 395626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 18:50:34 GMT

GET
H2 200 tcaptcha-frame.b264b18a.js Show response
captcha.gtimg.com/1/ 136 KB
42 KB 2606ms
202ms Script
application/javascript 203.205.136.82
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.gtimg.com/1/tcaptcha-frame.b264b18a.js
Requested by: Host: ssl.captcha.qq.com
URL: https://ssl.captcha.qq.com/TCaptcha.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 203.205.136.82 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: NWS_X2_MID /
Resource Hash: f3c3a75c8760e42f3f033bb94bddd60aa9b8010d99fe0ebbaa38f2cd056682cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gd-bfa1jnzt.gaapqcloud.com.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 03:50:48 GMT
content-encoding: gzip
x-cache-lookup: Cache Hit, Hit From Inner Cluster
age: 114
p3p: CP="CAO PSA OUR"
x-verify-code: e03f37dc094961f8ef651f8a821023d0
content-length: 42613
last-modified: Fri, 14 Oct 2022 03:46:15 GMT
server: NWS_X2_MID
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 10735085726776859298
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Oct 2022 04:00:48 GMT

GET drag_ele.html
t.captcha.qq.com/template/ Frame 945A 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.captcha.qq.com
URL: https://t.captcha.qq.com/template/drag_ele.html

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gd-bfa1jnzt.gaapqcloud.com.cn/	1969-12-31 23:59:59	Name: PHPSESSID Value: lchdc1aim34i4f2b41udrr4jco

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

captcha.gtimg.com
fonts.googleapis.com
fonts.gstatic.com
gd-bfa1jnzt.gaapqcloud.com.cn
lib.baomitu.com
ssl.captcha.qq.com
t.captcha.qq.com
t.captcha.qq.com
203.205.136.82
2402:4e00:8030:1::71
240e:dd:d800:380::a1
2600:9000:2491:da00:1d:80d9:9400:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:830::200a
1cbda21998b65e08a7e936114cabd7f7783d0f590dd6efdd58c7faa8b6e7b9aa
1ce6649d82d2db0f8e4823f701ddfcfd9c7f107cb446c907e46ec7e57171a2a3
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
6a97b12a089bc82c9f8d534e11d8dfca63f3a26f50f3fdb3b693a36ea4e15875
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
bea19901dd5305a219dc45603f2eada29d4ceeb84a231bf5c5373da1b0f7c5ef
c0d4098bc8b34c6f87a3d7723988ae81214a53a0bb4a1d4d36a67640f98ed079
c8e6b52a673e0f6570b81d9ab08884a0c2a926d82c282cb804460220c84cb68c
e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc
f3c3a75c8760e42f3f033bb94bddd60aa9b8010d99fe0ebbaa38f2cd056682cf

gd-bfa1jnzt.gaapqcloud.com.cn Open in urlscan Pro 240e:dd:d800:380::a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

75 %HTTPS

83 %IPv6

6 Domains

7 Subdomains

7 IPs

4 Countries

380 kBTransfer

591 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

1 Cookies

Indicators

gd-bfa1jnzt.gaapqcloud.com.cn Open in urlscan Pro
240e:dd:d800:380::a1 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

75 %
HTTPS

83 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

380 kB
Transfer

591 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions