Submitted URL: https://njcarmoney.com/
Effective URL: https://www.208599.com/
Submission: On September 06 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 13 IPs in 6 countries across 11 domains to perform 22 HTTP transactions. The main IP is 23.225.203.66, located in United States and belongs to CNSERVERS, US. The main domain is www.208599.com.
TLS certificate: Issued by R3 on September 5th 2022. Valid for: 3 months.
This is the only time www.208599.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 23.225.208.101 40065 (CNSERVERS)
4 23.225.203.66 40065 (CNSERVERS)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.101.64.238 54113 (FASTLY)
1 151.101.192.238 54113 (FASTLY)
1 182.61.200.83 38365 (BAIDU Bei...)
1 2600:9000:225... 16509 (AMAZON-02)
1 119.28.109.132 132203 (TENCENT-N...)
2 103.235.46.191 55967 (BAIDU Bei...)
1 58.254.150.48 136958 (UNICOM-GU...)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.64.237 54113 (FASTLY)
4 27.255.64.19 4766 (KIXS-AS-K...)
1 103.235.46.40 55967 (BAIDU Bei...)
22 13
Apex Domain
Subdomains
Transfer
4 wlovebaidu.com
www.wlovebaidu.com — Cisco Umbrella Rank: 733876
522 KB
4 baidu.com
img.baidu.com — Cisco Umbrella Rank: 513094
hm.baidu.com — Cisco Umbrella Rank: 7010
sp0.baidu.com — Cisco Umbrella Rank: 17122
13 KB
4 208599.com
www.208599.com
40 KB
3 squarespace.com
static1.squarespace.com — Cisco Umbrella Rank: 8293
assets.squarespace.com — Cisco Umbrella Rank: 9063
1 MB
2 gstatic.com
fonts.gstatic.com
67 KB
1 bdstatic.com
zz.bdstatic.com — Cisco Umbrella Rank: 25759
521 B
1 sogou.com
www.sogou.com — Cisco Umbrella Rank: 35050
4 KB
1 qhimg.com
p1.qhimg.com — Cisco Umbrella Rank: 156342
3 KB
1 squarespace-cdn.com
images.squarespace-cdn.com — Cisco Umbrella Rank: 7278
15 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
1 KB
1 njcarmoney.com
njcarmoney.com
191 B
22 11
Domain Requested by
4 www.wlovebaidu.com www.208599.com
4 www.208599.com www.208599.com
2 fonts.gstatic.com fonts.googleapis.com
2 hm.baidu.com www.208599.com
2 static1.squarespace.com www.208599.com
static1.squarespace.com
1 sp0.baidu.com www.208599.com
1 assets.squarespace.com static1.squarespace.com
1 zz.bdstatic.com www.208599.com
1 www.sogou.com www.208599.com
1 p1.qhimg.com www.208599.com
1 img.baidu.com www.208599.com
1 images.squarespace-cdn.com www.208599.com
1 fonts.googleapis.com www.208599.com
1 njcarmoney.com 1 redirects
22 14
Subject Issuer Validity Valid
208599.com
R3
2022-09-05 -
2022-12-04
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
*.squarespace.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-12 -
2023-03-25
a year crt.sh
*.squarespace-cdn.com
R3
2022-08-09 -
2022-11-07
3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018
2022-07-05 -
2023-08-06
a year crt.sh
*.qhimg.com
WoTrus DV Server CA [Run by the Issuer]
2021-11-10 -
2022-11-10
a year crt.sh
*.sogou.com
GlobalSign RSA OV SSL CA 2018
2022-06-24 -
2023-07-26
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
wlovebaidu.com
R3
2022-08-26 -
2022-11-24
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.208599.com/
Frame ID: 296B74B20C009940814C86DF073EF043
Requests: 17 HTTP requests in this frame

Frame: https://www.208599.com/gg/raybet/index.html
Frame ID: DAAA24CD7C206959D1FE89049D8B28B8
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

raybet网站_雷竞技官网DOTA2,LOL,CSGO电竞赛事竞猜

Page URL History Show full URLs

  1. https://njcarmoney.com/ HTTP 301
    https://www.208599.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-controller

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

21 %
IPv6

11
Domains

14
Subdomains

13
IPs

6
Countries

1692 kB
Transfer

2657 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://njcarmoney.com/ HTTP 301
    https://www.208599.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.208599.com/
Redirect Chain
  • https://njcarmoney.com/
  • https://www.208599.com/
148 KB
28 KB
Document
General
Full URL
https://www.208599.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.225.203.66 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
3ba304b2e0e4b5b5c3b4f0eaa2ba4a6d7be0b75bab87574808697c7775348746

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Tue, 06 Sep 2022 01:17:07 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Tue, 06 Sep 2022 01:17:06 GMT
Location
https://www.208599.com/
Server
nginx
jquery.3.5.2.min.m.js
www.208599.com/js/
8 KB
8 KB
Script
General
Full URL
https://www.208599.com/js/jquery.3.5.2.min.m.js
Requested by
Host: www.208599.com
URL: https://www.208599.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.225.203.66 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
574e8e12f13bec60b652506fd61857303c5f9896adb37d59779a435e2496b748

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.208599.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 01:17:07 GMT
Last-Modified
Sun, 04 Sep 2022 11:23:07 GMT
Server
nginx
ETag
"63148a9b-1ecf"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7887
css2
fonts.googleapis.com/
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Rubik:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700
Requested by
Host: www.208599.com
URL: https://www.208599.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d580c7d37a31c7673c74626a6160fc02181d8477efe91f8333321e75e17e7be7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.208599.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 00:43:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 06 Sep 2022 01:17:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Sep 2022 01:17:07 GMT
site.css
static1.squarespace.com/static/sitecss/59765fd317bffcafaf5ff75c/716/55f0aac0e4b0f0a5b7e0b22e/5b6388eeaa4a99dc7609f1a6/349/
897 KB
82 KB
Stylesheet
General
Full URL
https://static1.squarespace.com/static/sitecss/59765fd317bffcafaf5ff75c/716/55f0aac0e4b0f0a5b7e0b22e/5b6388eeaa4a99dc7609f1a6/349/site.css
Requested by
Host: www.208599.com
URL: https://www.208599.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
a69828d8cfcdbc992b32e60ab379dc5cd562cc73753bb4cd960adf1df62fa995
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.208599.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:17:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247281
x-cache
HIT, HIT
x-contextid
RkO6jGDU/8XK62ngG
x-cache-hits
1, 1
content-length
83103
x-served-by
cache-dfw-kdfw8210081-DFW, cache-hhn4047-HHN
pragma
cache
server
Squarespace
x-timer
S1662427028.757282,VS0,VE1
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
max-age=172800, s-maxage=172800, public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
Newagritectureiconwebsite.png
images.squarespace-cdn.com/content/v1/59765fd317bffcafaf5ff75c/1533855271035-F1BJ7L1NV9YCTSRQ1FX7/
14 KB
15 KB
Image
General
Full URL
https://images.squarespace-cdn.com/content/v1/59765fd317bffcafaf5ff75c/1533855271035-F1BJ7L1NV9YCTSRQ1FX7/Newagritectureiconwebsite.png?format=1500w
Requested by
Host: www.208599.com
URL: https://www.208599.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
91b767c8637acff08474505569a4d6e001a4a320419a6421356f9d93c18933a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.208599.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:17:07 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
547687
x-cache
HIT, HIT
content-length
14841
x-served-by
cache-iad-kcgs7200032-IAD, cache-hhn4025-HHN
x-timer
S1662427028.936348,VS0,VE1
tracepoint
Fastly
etag
COPbt/Wnu+sCEAE=
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 1
logo-80px.gif
img.baidu.com/img/
866 B
1 KB
Image
General
Full URL
https://img.baidu.com/img/logo-80px.gif
Requested by
Host: www.208599.com
URL: https://www.208599.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
182.61.200.83 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
BWS/1.0 /
Resource Hash
c3523c84b03a264ff85e541415f945c4c44705c454234274c78d63afd1c278b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.208599.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 01:17:09 GMT
Last-Modified
Sun, 15 Aug 2010 16:00:00 GMT
Server
BWS/1.0
Etag
"1211028879"
Content-Type
image/gif
Cache-Control
max-age=311040000
Accept-Ranges
bytes
Content-Length
866
Expires
Thu, 15 Jul 2032 01:17:09 GMT
search.png
p1.qhimg.com/d/_onebox/
3 KB
3 KB
Image
General
Full URL
https://p1.qhimg.com/d/_onebox/search.png
Requested by
Host: www.208599.com
URL: https://www.208599.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:c600:1:b394:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f7b46e16e323b71d7e8308e8aa62ab36453dd3b57935424f4b4166947f0e5863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.208599.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 21:07:46 GMT
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
kcs-via
MISS from w-fc01.lato;MISS from w-sc02.lato
age
4594162
x-cache
Hit from cloudfront
content-length
2941
xcs
HIT
xzp
zhkbrquvsxaf
last-modified
Tue, 05 Jan 2021 11:28:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=7776000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
x-amz-cf-id
vK8gV340hIakJJhBxJbfRGVZj7cY0GCMy6HDCCqvDw900iUF-s5JXA==
expires
Wed, 12 Oct 2022 21:07:46 GMT
logo_440x140.v.4.png
www.sogou.com/web/index/images/
3 KB
4 KB
Image
General
Full URL
https://www.sogou.com/web/index/images/logo_440x140.v.4.png
Requested by
Host: www.208599.com
URL: https://www.208599.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.28.109.132 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
29f87d6615f36a54e3edc8c7f05eb9b480d1f2989dec8da68e82747d060aea85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.208599.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 01:17:08 GMT
Last-Modified
Mon, 10 Feb 2020 03:11:55 GMT
Server
nginx
ETag
"5e40c9fb-b86"
Connection
keep-alive
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=15552000
UUID
13a6e972-9a5b-459a-8fdc-fe8d31e2841d
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
2950
Expires
Sun, 05 Mar 2023 01:17:08 GMT
index.html
www.208599.com/gg/raybet/ Frame DAAA
962 B
1 KB
Document
General
Full URL
https://www.208599.com/gg/raybet/index.html
Requested by
Host: www.208599.com
URL: https://www.208599.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.225.203.66 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
93fabefaf4aab24295db5d39e6afa6f55192cfa16d7661859e3436836133e4e4

Request headers

Referer
https://www.208599.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
962
Content-Type
text/html
Date
Tue, 06 Sep 2022 01:17:07 GMT
ETag
"63148a9e-3c2"
Last-Modified
Sun, 04 Sep 2022 11:23:10 GMT
Server
nginx
hm.js
hm.baidu.com/
30 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?06ea3de3c34c59c8eb5943ee69359663
Requested by
Host: www.208599.com
URL: https://www.208599.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
1ccef133615485656dada0ecace38170d7d27ac372d36742e8f1b9dc6a8e2c64
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.208599.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 01:17:09 GMT
Content-Encoding
gzip
Server
apache
Etag
779519ff3ab54cfd14d4953e87f3fbb5
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11338
push.js
zz.bdstatic.com/linksubmit/
308 B
521 B
Script
General
Full URL
https://zz.bdstatic.com/linksubmit/push.js
Requested by
Host: www.208599.com
URL: https://www.208599.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
58.254.150.48 , China, ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.208599.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:17:09 GMT
ohc-cache-hit
gz3un61 [2], zhuzuncache64 [2]
ohc-response-time
1 0 0 0 0 0
last-modified
Sun, 31 Jul 2022 09:23:08 GMT
server
JSP3/2.0.14
age
75246
etag
"62e649fc-134"
content-type
application/x-javascript
cache-control
max-age=86400
tracecode
01571009080310087434090512
accept-ranges
bytes
content-encoding
br
ui-icons.svg
www.208599.com/assets/
11 KB
3 KB
Other
General
Full URL
https://www.208599.com/assets/ui-icons.svg
Requested by
Host: www.208599.com
URL: https://www.208599.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.225.203.66 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
2a24455a144f52eaaac96c95007e4d29629827bb0518aecee6cb38f29e087b85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.208599.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 01:17:08 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html;charset=utf-8
Untitled+design+%281%29.png
static1.squarespace.com/static/59765fd317bffcafaf5ff75c/t/62b319cc1021cf0641f6dd6c/1655904719754/
935 KB
936 KB
Image
General
Full URL
https://static1.squarespace.com/static/59765fd317bffcafaf5ff75c/t/62b319cc1021cf0641f6dd6c/1655904719754/Untitled+design+%281%29.png
Requested by
Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/sitecss/59765fd317bffcafaf5ff75c/716/55f0aac0e4b0f0a5b7e0b22e/5b6388eeaa4a99dc7609f1a6/349/site.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
882b1b6d90eadf25b6a73608ca3014f89083cac7baad26b6143fb6ae5d605772
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static1.squarespace.com/static/sitecss/59765fd317bffcafaf5ff75c/716/55f0aac0e4b0f0a5b7e0b22e/5b6388eeaa4a99dc7609f1a6/349/site.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:17:07 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
474694
x-cache
HIT, HIT
x-contextid
lD2lmPjt/3BmHwQbz
x-cache-hits
1, 1
content-length
957256
x-served-by
cache-dfw-kdfw8210040-DFW, cache-hhn4047-HHN
pragma
cache
server
Squarespace
x-timer
S1662427028.904705,VS0,VE4
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*,*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=172800, s-maxage=172800, public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*, *
tracepoint
Fastly
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v21/
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.208599.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 21:08:48 GMT
x-content-type-options
nosniff
age
14899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33580
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Sep 2023 21:08:48 GMT
squarespace-ui-font.woff
assets.squarespace.com/universal/fonts/
9 KB
9 KB
Font
General
Full URL
https://assets.squarespace.com/universal/fonts/squarespace-ui-font.woff
Requested by
Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/sitecss/59765fd317bffcafaf5ff75c/716/55f0aac0e4b0f0a5b7e0b22e/5b6388eeaa4a99dc7609f1a6/349/site.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b980267ac2254ef534bfe32055489ed677d461077b37f2ee62bf7b5fc4f7362f

Request headers

Referer
https://static1.squarespace.com/
Origin
https://www.208599.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:17:07 GMT
via
1.1 varnish, 1.1 varnish
age
7242707
x-cache
HIT, HIT
x-cache-hits
1, 31724
content-encoding
gzip
content-length
9023
x-served-by
cache-iad-kiad7000159-IAD, cache-hhn4037-HHN
last-modified
Thu, 09 May 2019 21:33:27 GMT
server
UploadServer
x-timer
S1662427028.938085,VS0,VE0
etag
"e99a175a26d1be1ff88c5c1aafc58e1e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Jun 2023 05:25:20 GMT
iJWEBXyIfDnIV7nEnX661A.woff2
fonts.gstatic.com/s/rubik/v21/
34 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v21/iJWEBXyIfDnIV7nEnX661A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7537368c23adecd664ec589e81d5279bbc5ff02c09d52247daf460e2046c4cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.208599.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 22:17:00 GMT
x-content-type-options
nosniff
age
10807
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34500
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:24:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Sep 2023 22:17:00 GMT
1.jpg
www.wlovebaidu.com/raybet/images/ Frame DAAA
162 KB
162 KB
Image
General
Full URL
https://www.wlovebaidu.com/raybet/images/1.jpg
Requested by
Host: www.208599.com
URL: https://www.208599.com/gg/raybet/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.255.64.19 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
bab490b0ea94aa26346a21075b26c4f92b28bffa70be3a3e81da39d510836f26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.208599.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 01:17:09 GMT
Last-Modified
Wed, 04 Dec 2019 02:05:57 GMT
Server
nginx
ETag
"5de71485-287e8"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
165864
2.jpg
www.wlovebaidu.com/raybet/images/ Frame DAAA
197 KB
197 KB
Image
General
Full URL
https://www.wlovebaidu.com/raybet/images/2.jpg
Requested by
Host: www.208599.com
URL: https://www.208599.com/gg/raybet/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.255.64.19 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
49d93b0be2ca2d2be9186e32ff24a152d6901dd4ffa8224b14bd3bf3015ce30f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.208599.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 01:17:09 GMT
Last-Modified
Wed, 04 Dec 2019 02:05:57 GMT
Server
nginx
ETag
"5de71485-31385"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
201605
3.jpg
www.wlovebaidu.com/raybet/images/ Frame DAAA
92 KB
92 KB
Image
General
Full URL
https://www.wlovebaidu.com/raybet/images/3.jpg
Requested by
Host: www.208599.com
URL: https://www.208599.com/gg/raybet/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.255.64.19 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
b6f63848f863811b602bfcd88bd37eb04193d967dfbdf7bde3f184cd6ff76892

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.208599.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 01:17:09 GMT
Last-Modified
Wed, 04 Dec 2019 02:05:57 GMT
Server
nginx
ETag
"5de71485-16e40"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
93760
4.jpg
www.wlovebaidu.com/raybet/images/ Frame DAAA
71 KB
71 KB
Image
General
Full URL
https://www.wlovebaidu.com/raybet/images/4.jpg
Requested by
Host: www.208599.com
URL: https://www.208599.com/gg/raybet/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.255.64.19 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
nginx /
Resource Hash
e6ef4bbffc7fd3c8808f34b282d8c564b04ecba73f9fd0ecbb76e0eb39897482

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.208599.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 01:17:09 GMT
Last-Modified
Wed, 04 Dec 2019 02:05:57 GMT
Server
nginx
ETag
"5de71485-11a3d"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
72253
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1473590370&si=06ea3de3c34c59c8eb5943ee69359663&v=1.2.97&lv=1&sn=685&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww.208599.com%2F&tt=raybet%E7%BD%91%E7%AB%99_%E9%9B%B7%E7%AB%9E%E6%8A%80%E5%AE%98%E7%BD%91DOTA2%2CLOL%2CCSGO%E7%94%B5%E7%AB%9E%E8%B5%9B%E4%BA%8B%E7%AB%9E%E7%8C%9C
Requested by
Host: www.208599.com
URL: https://www.208599.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.208599.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Sep 2022 01:17:10 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
s.gif
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/
0
116 B
Image
General
Full URL
https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.208599.com/
Requested by
Host: www.208599.com
URL: https://www.208599.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.40 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.208599.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 01:17:12 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| a object| b string| c string| useragent object| _hmt boolean| _bdhm_loaded_06ea3de3c34c59c8eb5943ee69359663 object| mini_tangram_log_3e4x5s

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 9C9BADA6379EF79A
.www.208599.com/ Name: Hm_lvt_06ea3de3c34c59c8eb5943ee69359663
Value: 1662427030
.www.208599.com/ Name: Hm_lpvt_06ea3de3c34c59c8eb5943ee69359663
Value: 1662427030

5 Console Messages

Source Level URL
Text
security warning URL: https://www.208599.com/
Message:
Mixed Content: The page at 'https://www.208599.com/' was loaded over HTTPS, but requested an insecure element 'http://img.baidu.com/img/logo-80px.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.208599.com/
Message:
Mixed Content: The page at 'https://www.208599.com/' was loaded over HTTPS, but requested an insecure element 'http://p1.qhimg.com/d/_onebox/search.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.208599.com/(Line 2155)
Message:
Mixed Content: The page at 'https://www.208599.com/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.baidu.com/baidu'. This endpoint should be made available over a secure connection.
security warning URL: https://www.208599.com/(Line 2156)
Message:
Mixed Content: The page at 'https://www.208599.com/' was loaded over HTTPS, but requested an insecure element 'http://img.baidu.com/img/logo-80px.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://www.208599.com/(Line 2156)
Message:
Mixed Content: The page at 'https://www.208599.com/' was loaded over HTTPS, but requested an insecure element 'http://p1.qhimg.com/d/_onebox/search.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.squarespace.com
fonts.googleapis.com
fonts.gstatic.com
hm.baidu.com
images.squarespace-cdn.com
img.baidu.com
njcarmoney.com
p1.qhimg.com
sp0.baidu.com
static1.squarespace.com
www.208599.com
www.sogou.com
www.wlovebaidu.com
zz.bdstatic.com
103.235.46.191
103.235.46.40
119.28.109.132
151.101.192.238
151.101.64.237
151.101.64.238
182.61.200.83
23.225.203.66
23.225.208.101
2600:9000:2251:c600:1:b394:6780:93a1
27.255.64.19
2a00:1450:4001:80e::200a
2a00:1450:4001:82f::2003
58.254.150.48
1ccef133615485656dada0ecace38170d7d27ac372d36742e8f1b9dc6a8e2c64
29f87d6615f36a54e3edc8c7f05eb9b480d1f2989dec8da68e82747d060aea85
2a24455a144f52eaaac96c95007e4d29629827bb0518aecee6cb38f29e087b85
3ba304b2e0e4b5b5c3b4f0eaa2ba4a6d7be0b75bab87574808697c7775348746
49d93b0be2ca2d2be9186e32ff24a152d6901dd4ffa8224b14bd3bf3015ce30f
574e8e12f13bec60b652506fd61857303c5f9896adb37d59779a435e2496b748
7537368c23adecd664ec589e81d5279bbc5ff02c09d52247daf460e2046c4cdc
882b1b6d90eadf25b6a73608ca3014f89083cac7baad26b6143fb6ae5d605772
91b767c8637acff08474505569a4d6e001a4a320419a6421356f9d93c18933a5
93fabefaf4aab24295db5d39e6afa6f55192cfa16d7661859e3436836133e4e4
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
a69828d8cfcdbc992b32e60ab379dc5cd562cc73753bb4cd960adf1df62fa995
b6f63848f863811b602bfcd88bd37eb04193d967dfbdf7bde3f184cd6ff76892
b980267ac2254ef534bfe32055489ed677d461077b37f2ee62bf7b5fc4f7362f
bab490b0ea94aa26346a21075b26c4f92b28bffa70be3a3e81da39d510836f26
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212
c3523c84b03a264ff85e541415f945c4c44705c454234274c78d63afd1c278b9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d580c7d37a31c7673c74626a6160fc02181d8477efe91f8333321e75e17e7be7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ef4bbffc7fd3c8808f34b282d8c564b04ecba73f9fd0ecbb76e0eb39897482
f7b46e16e323b71d7e8308e8aa62ab36453dd3b57935424f4b4166947f0e5863