urlscan.io logo urlscan.io
SecurityTrails logo

citichuating.com Open in urlscan Pro
2606:4700:3035::6815:3aad  Public Scan

Go To Rescan Add Verdict Report
URL: https://citichuating.com/
Submission: On May 05 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3035::6815:3aad, located in United States and belongs to CLOUDFLARENET, US. The main domain is citichuating.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 11th 2022. Valid for: a year.
This is the only time citichuating.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 103.240.142.163 53587 (AZT)
1 2 45.61.241.226 53587 (AZT)
1 2 103.240.142.166 53587 (AZT)
2 4 43.248.171.140 53587 (AZT)
1 2 43.248.171.158 53587 (AZT)
1 2 45.61.241.229 53587 (AZT)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
2 103.235.46.191 55967 (BAIDU Bei...)
22 12
8    2606:4700:3035::6815:3aad (United States)

ASN13335 (CLOUDFLARENET, US)
citichuating.com
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
libs.cdnjs.net
www.2467277.com
1    2606:4700:10::6816:1198 (United States)

ASN13335 (CLOUDFLARENET, US)
js.99988.finance
2    103.240.142.163 (Hong Kong)

ASN53587 (AZT, US)
kk.13222hk.com
2    45.61.241.226 (United States)

ASN53587 (AZT, US)
aa.13222hk.com
2    103.240.142.166 (Hong Kong)

ASN53587 (AZT, US)
mm.13222hk.com
4    43.248.171.140 (Hong Kong)

ASN53587 (AZT, US)
77.13222hk.com
88.13222hk.com
2    43.248.171.158 (Hong Kong)

ASN53587 (AZT, US)
cc.13444hk.com
2    45.61.241.229 (United States)

ASN53587 (AZT, US)
dd.13222hk.com
2    2606:4700:3030::6815:278a (United States)

ASN13335 (CLOUDFLARENET, US)
www.58888hz.com
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
Domain Requested by
8 citichuating.com citichuating.com
2 hm.baidu.com citichuating.com
2 www.58888hz.com 1 redirects citichuating.com
2 dd.13222hk.com 1 redirects citichuating.com
2 cc.13444hk.com 1 redirects citichuating.com
2 88.13222hk.com 1 redirects citichuating.com
2 77.13222hk.com 1 redirects citichuating.com
2 mm.13222hk.com 1 redirects citichuating.com
2 aa.13222hk.com 1 redirects citichuating.com
2 kk.13222hk.com 1 redirects citichuating.com
1 www.2467277.com citichuating.com
1 js.99988.finance citichuating.com
1 libs.cdnjs.net citichuating.com
0 app.app99.us Failed citichuating.com
22 14
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-11-11 -
2023-11-11		 a year crt.sh
*.cdnjs.net
GTS CA 1P5		 2023-04-03 -
2023-07-02		 3 months crt.sh
*.2467277.com
GTS CA 1P5		 2023-03-27 -
2023-06-25		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2022-07-05 -
2023-08-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://citichuating.com/
Frame ID: BECC0638A008DD7C369CDD86D6A83D5C
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

安全检测

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

59 %
HTTPS

36 %
IPv6

9
Domains

14
Subdomains

12
IPs

2
Countries

245 kB
Transfer

332 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://kk.13222hk.com:1888/0.42665787350304774 HTTP 302
  • https://kk.13222hk.com:1888/Index/index.html
Request Chain 11
  • https://aa.13222hk.com:1888/0.1782170879959606 HTTP 302
  • https://aa.13222hk.com:1888/Index/index.html
Request Chain 12
  • https://mm.13222hk.com:1888/0.4579957973215294 HTTP 302
  • https://mm.13222hk.com:1888/Index/index.html
Request Chain 13
  • https://77.13222hk.com:1888/0.23284547181443171 HTTP 302
  • https://77.13222hk.com:1888/Index/index.html
Request Chain 14
  • https://88.13222hk.com:1888/0.423685686114323 HTTP 302
  • https://88.13222hk.com:1888/Index/index.html
Request Chain 15
  • https://cc.13444hk.com:1888/0.4105919892641414 HTTP 302
  • https://cc.13444hk.com:1888/Index/index.html
Request Chain 16
  • https://dd.13222hk.com:1888/0.09637679055959336 HTTP 302
  • https://dd.13222hk.com:1888/Index/index.html
Request Chain 19
  • https://www.58888hz.com/0.3629149901451032 HTTP 302
  • https://www.58888hz.com/Index/index.html

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
citichuating.com/ 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citichuating.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d53c855e4f0177a98e45fee84ce018eb17324042a0d339bcbe2eb743a893ddea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7c28ba2b2a439201-FRA
content-encoding
br
content-type
text/html
date
Fri, 05 May 2023 11:43:41 GMT
last-modified
Thu, 20 Apr 2023 14:12:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12387KC78ZV2wii5lJGAlvzCJMZXWTQsUS%2FB8B1Qr2pQkE5FjwSmC1w%2Bm%2BpYBIK4rfC9fsJcybCWIoF08CzXGBi72hxiLz9EJ6J5UTDQDywGEQnJIz%2F4KB2NYt%2B0TtBpa4CpeRSC9956f%2B5KDoEZ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jquery.min.js
libs.cdnjs.net/jquery/3.3.1/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.cdnjs.net/jquery/3.3.1/jquery.min.js
Requested by
Host: citichuating.com
URL: https://citichuating.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citichuating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:43:41 GMT
cf-request-id
09be396d43000042d72e069000000001
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2538274
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
W/"5eb03ec4-1538f"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dEP3CU5%2BA6qUfrn3BrALgQBJup39JZ4piesfih5%2BR2Hn8gn9zwX%2FhzwxDYR3dBT5ZVp5T5UZZHlDcouZ5%2BUj5uDSbV83yHPly%2BTTUFHjouuZX3tfVg%3D%3D"}],"max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
7c28ba2d7d32907c-FRA
expires
Wed, 20 Mar 2024 23:49:32 GMT
050hk.gif
citichuating.com/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citichuating.com/img/050hk.gif
Requested by
Host: citichuating.com
URL: https://citichuating.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a30bc7d6e361dc0ebaacb9d1408eb08e8556c0c096af532c35743334fb5a0a1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citichuating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:43:42 GMT
cf-cache-status
MISS
last-modified
Sat, 10 Dec 2022 12:15:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63947873-3a90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbj7i57H81%2BN3A2seDdncweviEpT1jH594zWcaekyfVTCXVGcUvkyUhFjB390xGmHGZWajA%2BgnHWJhYI9UupRqmSwqnbS5wfYtXV7%2BZrLteTT%2B1Z8OGJDfMLXrC3Myr2Y0VGequb7rzRGA32ZcQI"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c28ba2d1c3f9201-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14992
expires
Sun, 04 Jun 2023 11:43:41 GMT
HY.png
citichuating.com/img/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citichuating.com/img/HY.png
Requested by
Host: citichuating.com
URL: https://citichuating.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44965816231979f47b102cf5abdb4ba874d0739781409ea6d415423714b7808b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citichuating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:43:42 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Nov 2022 13:30:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63611f78-152b9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZ3l8Sn8IPWMmYa0KwmR4Z1CIqRAy68NQ%2FH2%2BXJrAuY%2BHYD94wd9B1iS5E0izfypS8o5gAGM9OCZ0vVpmqa64wRf5npF8CzNHSla4KC1FwvZha2xMR5%2B08hvc6%2FpESagaYWyKw6Vvg4LsCNlAj3u"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c28ba2dfc0ebbc2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
86713
expires
Sun, 04 Jun 2023 11:43:41 GMT
gg.webp
citichuating.com/img/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citichuating.com/img/gg.webp
Requested by
Host: citichuating.com
URL: https://citichuating.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6a9aea02e10e4cff91d8f4058228a84463642a70104a373a2cfff51cf4ba7fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citichuating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:43:42 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Nov 2022 13:30:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63611f72-10d80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yb7LWy6DNBA4WGGuqUqcn3DUANCpybtzHRtmxsBIcjSjZF35f39%2BnRXu5iokfsNc1B9T0JYVJ4EVXQFNi8CYj9Jf%2BFtho10DRqPPoQCQgYQTpjT5arJPQ2c34kzGVQG5Vn%2BaM5W1nkUVSu8phUiV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c28ba2dfc10bbc2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68992
op.webp
citichuating.com/img/ 		778 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citichuating.com/img/op.webp
Requested by
Host: citichuating.com
URL: https://citichuating.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99ce293bd0829970b6d31b5d47fab5e230c35157b4553efd6e266e960d56fb92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citichuating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:43:42 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Nov 2022 13:30:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63611f7c-30a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNkxAaAW7mzs20ySsgyUR1yrhU6a0eLmL7VM2Yn0v0TLRpykUow2EyS1bh0AU61dX4GbF5gvdgNYcSNSz7LyfdzwuWJfccvBZ%2F8i1KFWRyXStXEFTmO3RXfc%2BQzwvJjs4iBq%2BCAkKoPtLdxYlWEs"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c28ba2dfc12bbc2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
778
lb.webp
citichuating.com/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citichuating.com/img/lb.webp
Requested by
Host: citichuating.com
URL: https://citichuating.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b4c3080c5ef87ea450e1b32a97e82f05d30da5337cb42869e254d16d561ea3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citichuating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:43:42 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Nov 2022 13:30:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63611f7b-2796"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5sp0F9uy1yz443dNlCOIhTreQC0PUUO4YZTFawXghP7NPUwjupiZbXpsgXqTFHgIClrcDAo4Ut%2FAsuSI0dfR8PGBeBzES3xbQUWVbDEy193hMAHG5zuUo6Qwxq62njH6oe2vbeSwYX2GpHnNBSd"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c28ba2dfc13bbc2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10134
hh.webp
citichuating.com/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citichuating.com/img/hh.webp
Requested by
Host: citichuating.com
URL: https://citichuating.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a22083ebacfd51a8108de438600c94f39ab035d8a50485aef93d7735ea52ee25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citichuating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:43:42 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Nov 2022 13:30:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63611f73-15b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mtzK4mmwloXlWnYc2pbXoOzcv2vVbU68ZZHvx4e3kwqZfQUzqusqCL76UbQOexHlYH4bldUlUTf26hTlQ3EgOdOn70VGolKuYAn2tYOioFzu1DYGVGps6Q7b%2BvuL69gZC6E6Fmm8FhH5VS2TXnA"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c28ba2dfc14bbc2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5556
kk.webp
citichuating.com/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citichuating.com/img/kk.webp
Requested by
Host: citichuating.com
URL: https://citichuating.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7ee0c623d8deb83425b06eb84c6981b2fd5ccb93d2d6f3ce8e91165b1a02137

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citichuating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:43:42 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Nov 2022 13:30:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63611f79-6dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t86HgvjrBxRB6kxyENn5igi7FHiQf%2Fc9r9CWoNwugBSg0mzPMjJQzKDwm4vYuY0umgt50LH%2BnDml1CE%2FQ1Vdd9m8foSPYeYUCiqNnD99CN7%2Fx9z7Sc3fG4YMMvdNtc3DFf1J1F%2FY5a9j1GYDVXV6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c28ba2dfc15bbc2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1756
yq.js
js.99988.finance/Public/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.99988.finance/Public/yq.js?v=1
Requested by
Host: citichuating.com
URL: https://citichuating.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
725f2fa070c8fa220c0ea3de394b2a0fc28b985276f3f510b7bf9623b33c48f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citichuating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:43:42 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Tue, 02 May 2023 02:49:13 GMT
server
cloudflare
cf-polished
origSize=5272
etag
W/"64507a29-1498"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7c28ba2e288fbbf5-FRA
expires
Fri, 05 May 2023 23:43:42 GMT
truncated
/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3b812720c532be020fff8ed451ce81c5bdcad52993cf88b0e0385fbdae1b2bd

Request headers

Referer
Origin
https://citichuating.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
application/octet-stream
index.html
kk.13222hk.com/Index/
Redirect Chain
  • https://kk.13222hk.com:1888/0.42665787350304774
  • https://kk.13222hk.com:1888/Index/index.html
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kk.13222hk.com:1888/Index/index.html
Requested by
Host: citichuating.com
URL: https://citichuating.com/
Protocol
HTTP/1.1
Server
103.240.142.163 , Hong Kong, ASN53587 (AZT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citichuating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 05 May 2023 11:43:46 GMT
Server
cdn
X-Cache-Status
MISS
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
/Index/index.html
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
index.html
aa.13222hk.com/Index/
Redirect Chain
  • https://aa.13222hk.com:1888/0.1782170879959606
  • https://aa.13222hk.com:1888/Index/index.html
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.13222hk.com:1888/Index/index.html
Requested by
Host: citichuating.com
URL: https://citichuating.com/
Protocol
HTTP/1.1
Server
45.61.241.226 , United States, ASN53587 (AZT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citichuating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 05 May 2023 11:43:43 GMT
Server
cdn
X-Cache-Status
MISS
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
/Index/index.html
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
index.html
mm.13222hk.com/Index/
Redirect Chain
  • https://mm.13222hk.com:1888/0.4579957973215294
  • https://mm.13222hk.com:1888/Index/index.html
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mm.13222hk.com:1888/Index/index.html
Requested by
Host: citichuating.com
URL: https://citichuating.com/
Protocol
HTTP/1.1
Server
103.240.142.166 , Hong Kong, ASN53587 (AZT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citichuating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 05 May 2023 11:43:43 GMT
Server
cdn
X-Cache-Status
MISS
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
/Index/index.html
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
index.html
77.13222hk.com/Index/
Redirect Chain
  • https://77.13222hk.com:1888/0.23284547181443171
  • https://77.13222hk.com:1888/Index/index.html
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://77.13222hk.com:1888/Index/index.html
Requested by
Host: citichuating.com
URL: https://citichuating.com/
Protocol
HTTP/1.1
Server
43.248.171.140 , Hong Kong, ASN53587 (AZT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citichuating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 05 May 2023 11:43:43 GMT
Server
cdn
X-Cache-Status
MISS
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
/Index/index.html
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
index.html
88.13222hk.com/Index/
Redirect Chain
  • https://88.13222hk.com:1888/0.423685686114323
  • https://88.13222hk.com:1888/Index/index.html
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://88.13222hk.com:1888/Index/index.html
Requested by
Host: citichuating.com
URL: https://citichuating.com/
Protocol
HTTP/1.1
Server
43.248.171.140 , Hong Kong, ASN53587 (AZT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citichuating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 05 May 2023 11:43:44 GMT
Server
cdn
X-Cache-Status
MISS
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
/Index/index.html
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
index.html
cc.13444hk.com/Index/
Redirect Chain
  • https://cc.13444hk.com:1888/0.4105919892641414
  • https://cc.13444hk.com:1888/Index/index.html
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.13444hk.com:1888/Index/index.html
Requested by
Host: citichuating.com
URL: https://citichuating.com/
Protocol
HTTP/1.1
Server
43.248.171.158 , Hong Kong, ASN53587 (AZT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citichuating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 05 May 2023 11:43:43 GMT
Server
cdn
X-Cache-Status
MISS
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
/Index/index.html
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
index.html
dd.13222hk.com/Index/
Redirect Chain
  • https://dd.13222hk.com:1888/0.09637679055959336
  • https://dd.13222hk.com:1888/Index/index.html
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dd.13222hk.com:1888/Index/index.html
Requested by
Host: citichuating.com
URL: https://citichuating.com/
Protocol
HTTP/1.1
Server
45.61.241.229 , United States, ASN53587 (AZT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citichuating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 05 May 2023 11:43:43 GMT
Server
cdn
X-Cache-Status
MISS
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
/Index/index.html
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
0.500438683513831
www.2467277.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2467277.com/0.500438683513831
Requested by
Host: citichuating.com
URL: https://citichuating.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citichuating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers
0.2891887215529323
app.app99.us/s/r41haaea/ 		0
0
index.html
www.58888hz.com/Index/
Redirect Chain
  • https://www.58888hz.com/0.3629149901451032
  • https://www.58888hz.com/Index/index.html
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.58888hz.com/Index/index.html
Requested by
Host: citichuating.com
URL: https://citichuating.com/
Protocol
H2
Server
2606:4700:3030::6815:278a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citichuating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Fri, 05 May 2023 11:43:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdwWdOzCTZf0zjdWUWmYb%2FX%2FS%2BV%2BZgUfs3oQ9YNJwAOHG%2BLZEWELcGzNWrvG9vvcB0l0eMj421wpxyKVIBj8s7mUF5ndhCxsVWEwbVEnY%2Btaual2JhW8sgA1%2F6v6O1C0vgQp%2Fx3z0bQwByRCnX4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
/Index/index.html
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7c28ba309e741941-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?1da5129007066f390a4cbf7e791c53b8
Requested by
Host: citichuating.com
URL: https://citichuating.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
46683efc49bf3b1dc2496f6a2c13f05b6f7343bc3dc4660614a3c8df6abb9ffb
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citichuating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 11:43:43 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
5cfe0cecc7250c903155e0fdb71da2c2
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11257
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=316228147&si=1da5129007066f390a4cbf7e791c53b8&v=1.3.0&lv=1&sn=20549&r=0&ww=1600&u=https%3A%2F%2Fcitichuating.com%2F&tt=%E5%AE%89%E5%85%A8%E6%A3%80%E6%B5%8B
Requested by
Host: citichuating.com
URL: https://citichuating.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citichuating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 May 2023 11:43:43 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
app.app99.us
URL
https://app.app99.us/s/r41haaea/0.2891887215529323

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery number| tim function| auto function| run string| _ object| u number| j object| a object| it object| jcdiv number| _i number| si string| uu string| _2 object| u2 object| a2 object| it2 object| jcdiv2 string| uu2 string| _3 object| u3 object| a3 object| it3 object| jcdiv3 string| uu3 string| _4 object| u4 object| a4 object| it4 object| jcdiv4 string| uu4 string| _5 object| u5 object| a5 object| it5 object| jcdiv5 string| uu5 string| _6 object| u6 object| a6 object| it6 object| jcdiv6 string| uu6 string| _7 object| u7 object| a7 object| it7 object| jcdiv7 string| uu7 string| _8 object| u8 object| a8 object| it8 object| jcdiv8 string| uu8 string| _9 object| u9 object| a9 object| it9 object| jcdiv9 string| uu9 string| _10 object| u10 object| a10 object| it10 object| jcdiv10 string| uu10 string| _11 object| u11 object| a11 object| it11 object| jcdiv11 string| uu11 string| _12 object| u12 object| a12 object| it12 object| jcdiv12 string| uu12 object| _hmt boolean| _bdhm_loaded_1da5129007066f390a4cbf7e791c53b8 object| mini_tangram_log_5jgg2m

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: E2E72424371770C8
.citichuating.com/ Name: Hm_lvt_1da5129007066f390a4cbf7e791c53b8
Value: 1683287024
.citichuating.com/ Name: Hm_lpvt_1da5129007066f390a4cbf7e791c53b8
Value: 1683287024

2 Console Messages

Source Level URL
Text
network error URL: https://app.app99.us/s/r41haaea/0.2891887215529323
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.2467277.com/0.500438683513831
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

77.13222hk.com
88.13222hk.com
aa.13222hk.com
app.app99.us
cc.13444hk.com
citichuating.com
dd.13222hk.com
hm.baidu.com
js.99988.finance
kk.13222hk.com
libs.cdnjs.net
mm.13222hk.com
www.2467277.com
www.58888hz.com
app.app99.us
103.235.46.191
103.240.142.163
103.240.142.166
2606:4700:10::6816:1198
2606:4700:3030::6815:278a
2606:4700:3035::6815:3aad
2a06:98c1:3121::3
43.248.171.140
43.248.171.158
45.61.241.226
45.61.241.229
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
44965816231979f47b102cf5abdb4ba874d0739781409ea6d415423714b7808b
46683efc49bf3b1dc2496f6a2c13f05b6f7343bc3dc4660614a3c8df6abb9ffb
725f2fa070c8fa220c0ea3de394b2a0fc28b985276f3f510b7bf9623b33c48f1
99ce293bd0829970b6d31b5d47fab5e230c35157b4553efd6e266e960d56fb92
9b4c3080c5ef87ea450e1b32a97e82f05d30da5337cb42869e254d16d561ea3e
a22083ebacfd51a8108de438600c94f39ab035d8a50485aef93d7735ea52ee25
a30bc7d6e361dc0ebaacb9d1408eb08e8556c0c096af532c35743334fb5a0a1c
b3b812720c532be020fff8ed451ce81c5bdcad52993cf88b0e0385fbdae1b2bd
c6a9aea02e10e4cff91d8f4058228a84463642a70104a373a2cfff51cf4ba7fa
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d53c855e4f0177a98e45fee84ce018eb17324042a0d339bcbe2eb743a893ddea
d7ee0c623d8deb83425b06eb84c6981b2fd5ccb93d2d6f3ce8e91165b1a02137
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855