Submitted URL: http://bi.lill.gq/
Effective URL: https://bi.lill.gq/
Submission: On February 24 via manual from GB

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 10 HTTP transactions. The main IP is 173.82.104.143, located in Los Angeles, United States and belongs to MULTA-ASN1, US. The main domain is bi.lill.gq.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 23rd 2020. Valid for: 3 months.
This is the only time bi.lill.gq was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 173.82.104.143 35916 (MULTA-ASN1)
1 119.167.216.44 4837 (CHINA169-...)
1 1 47.98.189.125 37963 (CNNIC-ALI...)
1 47.246.43.230 24429 (TAOBAO Zh...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
10 4
Apex Domain
Subdomains
Transfer
8 lill.gq
bi.lill.gq
137 KB
1 weserv.nl
images.weserv.nl
23 KB
1 sinaimg.cn
tva2.sinaimg.cn
974 KB
1 9yo.cc
9yo.cc
134 B
1 bootcss.com
cdn.bootcss.com
31 KB
10 5
Domain Requested by
8 bi.lill.gq 1 redirects bi.lill.gq
cdn.bootcss.com
1 images.weserv.nl bi.lill.gq
1 tva2.sinaimg.cn bi.lill.gq
1 9yo.cc 1 redirects
1 cdn.bootcss.com bi.lill.gq
10 5

This site contains links to these domains. Also see Links.

Domain
live.bilibili.com
sc.ftqq.com
Subject Issuer Validity Valid
bi.lill.gq
Let's Encrypt Authority X3
2020-02-23 -
2020-05-23
3 months crt.sh
*.bootcss.com
Let's Encrypt Authority X3
2020-01-17 -
2020-04-16
3 months crt.sh
sina.cn
GeoTrust RSA CA 2018
2018-03-09 -
2020-03-08
2 years crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-12-09 -
2020-10-09
10 months crt.sh

This page contains 1 frames:

Primary Page: https://bi.lill.gq/
Frame ID: 9A404C23A2E12AE3776A6D0CE83F7D2F
Requests: 10 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://bi.lill.gq/ HTTP 301
    https://bi.lill.gq/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

10
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

1164 kB
Transfer

1504 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bi.lill.gq/ HTTP 301
    https://bi.lill.gq/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://9yo.cc/bg.php HTTP 302
  • https://tva2.sinaimg.cn/large/0072Vf1pgy1foxkfi9tt0j31hc0u07m8.jpg

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bi.lill.gq/
Redirect Chain
  • http://bi.lill.gq/
  • https://bi.lill.gq/
9 KB
4 KB
Document
General
Full URL
https://bi.lill.gq/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.82.104.143 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
1be5b852895d32730621020ef4c059d39434d4fc1b664c13c3ed1fd5315f6a63

Request headers

:method
GET
:authority
bi.lill.gq
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
nginx
date
Mon, 24 Feb 2020 10:55:04 GMT
content-type
text/html; charset=UTF-8
content-length
3535
pramga
no-cache
cache-control
max-age=43200 no-cache
content-encoding
gzip
expires
Mon, 24 Feb 2020 22:55:04 GMT
x-cache
MISS

Redirect headers

Server
nginx
Date
Mon, 24 Feb 2020 10:55:03 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://bi.lill.gq/
planeui.min.css
bi.lill.gq/assets/css/
282 KB
54 KB
Stylesheet
General
Full URL
https://bi.lill.gq/assets/css/planeui.min.css
Requested by
Host: bi.lill.gq
URL: https://bi.lill.gq/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.82.104.143 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
91c362dacb0f0e3f5cae704461783ecc260350944f795d63575bda03d6867736

Request headers

Referer
https://bi.lill.gq/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 24 Feb 2020 10:55:05 GMT
content-encoding
gzip
last-modified
Sun, 28 Jun 2015 07:05:25 GMT
server
nginx
vary
Accept-Encoding
x-cache
EXPIRED
content-type
text/css
status
200
cache-control
max-age=43200, no-cache
expires
Mon, 24 Feb 2020 22:55:05 GMT
jquery.min.js
cdn.bootcss.com/jquery/3.4.1/
86 KB
31 KB
Script
General
Full URL
https://cdn.bootcss.com/jquery/3.4.1/jquery.min.js
Requested by
Host: bi.lill.gq
URL: https://bi.lill.gq/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.167.216.44 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWS_TCloud_S1 /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://bi.lill.gq/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 10:55:09 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz, Hit From Inner Cluster
x-nws-uuid-verify
29d263c173076e7618d0e85fe435a233
age
13672772
cf-ray
569e33522e80999b-LAX
status
200
strict-transport-security
max-age=15780000; includeSubDomains
cf-cache-status
HIT
content-length
30708
served-in-seconds
0.004
last-modified
Wed, 01 May 2019 21:45:59 GMT
server
NWS_TCloud_S1
etag
W/"5cca1397-15851"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
alt-svc
h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control
public, max-age=2592000
x-daa-tunnel
hop_count=1
x-nws-log-uuid
1b1985de-309f-44c3-8bb3-62c76dfa36f7
timing-allow-origin
*
expires
Wed, 25 Mar 2020 10:55:09 GMT
app.js
bi.lill.gq/assets/js/
4 KB
2 KB
Script
General
Full URL
https://bi.lill.gq/assets/js/app.js
Requested by
Host: bi.lill.gq
URL: https://bi.lill.gq/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.82.104.143 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
c6d05165793d0ffeeff5aeab944524c8e4e7d405e66d34aeb7d9418db05cdad6

Request headers

Referer
https://bi.lill.gq/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 10:55:05 GMT
content-encoding
gzip
last-modified
Thu, 13 Feb 2020 07:48:17 GMT
server
nginx
x-cache
EXPIRED
content-type
application/javascript
status
200
cache-control
max-age=43200, no-cache
content-length
1332
expires
Mon, 24 Feb 2020 22:55:05 GMT
planeui.min.js
bi.lill.gq/assets/js/
64 KB
19 KB
Script
General
Full URL
https://bi.lill.gq/assets/js/planeui.min.js
Requested by
Host: bi.lill.gq
URL: https://bi.lill.gq/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.82.104.143 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
668d698b001340adc3c0c25199874b802697a50483f1cc81a4673b43647ac53f

Request headers

Referer
https://bi.lill.gq/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 24 Feb 2020 10:55:05 GMT
content-encoding
gzip
last-modified
Sun, 28 Jun 2015 07:05:25 GMT
server
nginx
x-cache
EXPIRED
content-type
application/javascript
status
200
cache-control
max-age=43200, no-cache
content-length
19479
expires
Mon, 24 Feb 2020 22:55:05 GMT
0072Vf1pgy1foxkfi9tt0j31hc0u07m8.jpg
tva2.sinaimg.cn/large/
Redirect Chain
  • https://9yo.cc/bg.php
  • https://tva2.sinaimg.cn/large/0072Vf1pgy1foxkfi9tt0j31hc0u07m8.jpg
972 KB
974 KB
Image
General
Full URL
https://tva2.sinaimg.cn/large/0072Vf1pgy1foxkfi9tt0j31hc0u07m8.jpg
Requested by
Host: bi.lill.gq
URL: https://bi.lill.gq/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.246.43.230 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
ef3fab0d2ba86660103c08b6dad1d175345d3d094c426c589cb3e5ec8436378b

Request headers

Referer
https://bi.lill.gq/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 23 Feb 2020 06:46:53 GMT
via
http/1.1 ctc.ningbo.union.70 (ApacheTrafficServer/6.2.1 [cHs f ]), cache38.l2ot7-1[0,304-0,H], cache25.l2ot7-1[90,0], cache1.de2[242,200-0,H], cache10.de2[256,0]
age
101300
x-via-edge
15824404137763a71fe2ff0beee733541c3d2
x-cache
HIT TCP_REFRESH_HIT dirn:4:451060214
status
200
ali-swift-global-savetime
1577892549
x-swift-cachetime
863999, 762700
lb_header
ssl.34.wbg2.shx.lb.sinanode.com
content-length
995194
x-via-cdn
f=alicdn,s=cache10.de2,c=193.9.113.121;f=alicdn,s=cache25.l2ot7-1,c=47.246.43.149;f=edge,s=ctc.ningbo.union.109.nb.sinaedge.com,c=47.254.113.58;f=Edge,s=ctc.ningbo.union.70,c=115.238.190.109
x-request-id
g3.208-1577885311.457000-2900751009
pragma
public
last-modified
Mon, 08 Jul 2013 18:06:40 GMT
server
Tengine
x-debug-hit
sto(995194,0.074)
content-type
image/jpeg
access-control-allow-origin
expires
Mon, 02 Mar 2020 21:52:58 GMT
cache-control
max-age=864000
access-control-allow-credentials
true
x-ban
MISS,775
timing-allow-origin
*
eagleid
2ff62b9e15825417128335537e
x-swift-savetime
Sat, 01 Feb 2020 04:24:05 GMT, Mon, 24 Feb 2020 10:55:13 GMT

Redirect headers

status
302
date
Mon, 24 Feb 2020 10:55:12 GMT
server
nginx
x-powered-by
PHP/7.0.31
location
https://tva2.sinaimg.cn/large/0072Vf1pgy1foxkfi9tt0j31hc0u07m8.jpg
content-type
text/html; charset=UTF-8
/
images.weserv.nl/
22 KB
23 KB
Image
General
Full URL
https://images.weserv.nl/?url=https://i0.hdslb.com/bfs/face/c461bbdd22e1a5cbae72a3e3a68bb7b9716848e7.jpg
Requested by
Host: bi.lill.gq
URL: https://bi.lill.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:9f52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
117ef01d2476ef4f8dc7983eb25f2d5f2d9a0938609d7f64d7224a98a0e8792f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://bi.lill.gq/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-images-api
5
date
Mon, 24 Feb 2020 10:55:11 GMT
cf-cache-status
MISS
status
200
content-disposition
inline; filename=image.jpg
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
22539
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
56a0e7e0bdf7c281-FRA
expires
Tue, 23 Feb 2021 10:55:10 GMT
select.png
bi.lill.gq/assets/images/
192 B
383 B
Image
General
Full URL
https://bi.lill.gq/assets/images/select.png
Requested by
Host: bi.lill.gq
URL: https://bi.lill.gq/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.82.104.143 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
77d401f92229534319c175c690b82c006781f2dc1142662b7e72b87e14f71e51

Request headers

Referer
https://bi.lill.gq/assets/css/planeui.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 24 Feb 2020 10:55:08 GMT
last-modified
Wed, 12 Feb 2020 17:19:13 GMT
server
nginx
x-cache
EXPIRED
content-type
image/png
status
200
cache-control
max-age=43200, no-cache
content-length
192
expires
Mon, 24 Feb 2020 22:55:08 GMT
fontawesome-webfont.woff2
bi.lill.gq/assets/fonts/
55 KB
56 KB
Font
General
Full URL
https://bi.lill.gq/assets/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: bi.lill.gq
URL: https://bi.lill.gq/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.82.104.143 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer
https://bi.lill.gq/assets/css/planeui.min.css
Origin
https://bi.lill.gq
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Feb 2020 10:55:08 GMT
content-encoding
gzip
last-modified
Sun, 28 Jun 2015 07:05:25 GMT
server
nginx
x-cache
EXPIRED
status
200
cache-control
max-age=43200, no-cache
content-length
56792
expires
Mon, 24 Feb 2020 22:55:08 GMT
anchor
bi.lill.gq/
10 KB
2 KB
XHR
General
Full URL
https://bi.lill.gq/anchor
Requested by
Host: cdn.bootcss.com
URL: https://cdn.bootcss.com/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.82.104.143 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
1435dc792b63214abc6920caa9bb86add4cfdeabe368d819b668e089c5a6ad42

Request headers

Accept
*/*
Referer
https://bi.lill.gq/
Origin
https://bi.lill.gq
X-Requested-With
XMLHttpRequest
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 24 Feb 2020 10:55:09 GMT
content-encoding
gzip
server
nginx
pramga
no-cache
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=43200, no-cache
content-length
1985
expires
Mon, 24 Feb 2020 22:55:09 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| start function| get_anchor function| get_obj function| medal_option function| medal_get function| send_max function| vcode function| login function| PUI function| PlaneUI object| html5 object| Modernizr

0 Cookies