urlscan.io logo urlscan.io
SecurityTrails logo

geetest-gnl4pvhi-zolay-poi.4everland.app Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://geetest-gnl4pvhi-zolay-poi.4everland.app/
Effective URL: https://geetest-gnl4pvhi-zolay-poi.4everland.app/
Submission: On October 30 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is geetest-gnl4pvhi-zolay-poi.4everland.app.
TLS certificate: Issued by GTS CA 1P5 on October 1st 2023. Valid for: 3 months.
This is the only time geetest-gnl4pvhi-zolay-poi.4everland.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 119.96.52.49 58563 (CHINATELE...)
1 2600:9000:225... 16509 (AMAZON-02)
5 3
Apex Domain
Subdomains		 Transfer
3 4everland.app
geetest-gnl4pvhi-zolay-poi.4everland.app
339 KB
1 geetest.com
static.geetest.com — Cisco Umbrella Rank: 40966
3 KB
1 bdimg.com
apps.bdimg.com — Cisco Umbrella Rank: 139529
81 KB
5 3
Domain Requested by
3 geetest-gnl4pvhi-zolay-poi.4everland.app geetest-gnl4pvhi-zolay-poi.4everland.app
1 static.geetest.com geetest-gnl4pvhi-zolay-poi.4everland.app
1 apps.bdimg.com geetest-gnl4pvhi-zolay-poi.4everland.app
5 3

This site contains no links.

Subject Issuer Validity Valid
4everland.app
GTS CA 1P5		 2023-10-01 -
2023-12-30		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
*.geetest.com
GeoTrust TLS RSA CA G1		 2023-03-28 -
2024-04-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://geetest-gnl4pvhi-zolay-poi.4everland.app/
Frame ID: B455F5930A3D39A70F1A4D49E7731F9C
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

帮派蒙打怪兽

Page URL History Show full URLs

  1. http://geetest-gnl4pvhi-zolay-poi.4everland.app/ HTTP 307
    https://geetest-gnl4pvhi-zolay-poi.4everland.app/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

5
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

423 kB
Transfer

621 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://geetest-gnl4pvhi-zolay-poi.4everland.app/ HTTP 307
    https://geetest-gnl4pvhi-zolay-poi.4everland.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
geetest-gnl4pvhi-zolay-poi.4everland.app/
Redirect Chain
  • http://geetest-gnl4pvhi-zolay-poi.4everland.app/
  • https://geetest-gnl4pvhi-zolay-poi.4everland.app/
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://geetest-gnl4pvhi-zolay-poi.4everland.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
989b84ddfe87377f32fa6bb9b44bb5339e681f1cde67ae95579708ab0252d6b1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-headers
Content-Type Range User-Agent X-Requested-With
access-control-allow-methods
GET HEAD OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=300
cf-cache-status
DYNAMIC
cf-ray
81e34265aff65d87-FRA
content-encoding
br
content-type
text/html
date
Mon, 30 Oct 2023 11:18:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3lu79mnnUAW1nqqGj2xVdal2FeIHW9PA%2FZlCccWEFIiaNpKbvlWOm2rV5rrtrdO0FTez3R6YquQZsrNGdbZIS55Qfpb2Q4YVpkAAbYrJMDY%2BLcRddVxjKXsYWrLf7uUKL%2Fo3ACeA3zNZjnCuxIkRSJnL2VvQvlIghbQOluaA3fJuXWtWryB"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-ipfs-path
/ipfs/bafybeie52qr4iyekohyk2thbf4bnveaszyih227keahl4y2he3pyoqjkna/
x-ipfs-roots
bafybeie52qr4iyekohyk2thbf4bnveaszyih227keahl4y2he3pyoqjkna

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://geetest-gnl4pvhi-zolay-poi.4everland.app/
Non-Authoritative-Reason
HSTS
style.css
geetest-gnl4pvhi-zolay-poi.4everland.app/style/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geetest-gnl4pvhi-zolay-poi.4everland.app/style/style.css
Requested by
Host: geetest-gnl4pvhi-zolay-poi.4everland.app
URL: https://geetest-gnl4pvhi-zolay-poi.4everland.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
350e42c46cdac73c1929408de2446cf73651db636126712d4625402036b57c99

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 11:18:45 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-ipfs-roots
bafybeie52qr4iyekohyk2thbf4bnveaszyih227keahl4y2he3pyoqjkna,bafybeid72xpbfp3rp2shxu4tglq7nayosmrssdpeuyvi3tqe3fibopdzwq,bafkreibvbzbmi3g2y46bskkarxrei3hxgzi5wy3bezys2rrfiaqdnnl4te
etag
W/"bafkreibvbzbmi3g2y46bskkarxrei3hxgzi5wy3bezys2rrfiaqdnnl4te"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prFwTllMCDjKNow45oNFDeKgT22mLYzsM0fk2bKVSdYWpotGF4KIowSebAoX4qNEfn0cUGXCuLniMcMvmSXMPLUJ9khhv%2FJzt3uvQywlfc4k%2FQUrVThw%2FvAxILXupH2rzmNWxIXPxu6bxl8x%2BtP1wYlsrIp7hWIS8HSPuljgHr5%2BY2zjVq5D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control
public, max-age=14400
x-ipfs-path
/ipfs/bafybeie52qr4iyekohyk2thbf4bnveaszyih227keahl4y2he3pyoqjkna/style/style.css
cf-ray
81e34266ea3f5d87-FRA
access-control-allow-headers
Content-Type, Range, User-Agent, X-Requested-With
jquery.js
apps.bdimg.com/libs/jquery/1.9.1/ 		271 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.bdimg.com/libs/jquery/1.9.1/jquery.js
Requested by
Host: geetest-gnl4pvhi-zolay-poi.4everland.app
URL: https://geetest-gnl4pvhi-zolay-poi.4everland.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
119.96.52.49 Wuhan, China, ASN58563 (CHINATELECOM-HUBEI-IDC CHINANET Hubei province network, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
eb6c63da87c0cbe25a1ee49f9d501aa0b362d4aa5a73416925393e5a50c27b05

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 11:18:50 GMT
content-encoding
br
ohc-cache-hit
wh4ct55 [2], xiangyctcache55 [2]
ohc-response-time
1 0 0 0 0 0
last-modified
Wed, 07 Jan 2015 09:16:30 GMT
server
JSP3/2.0.14
age
24478
etag
"54acf96e-43dda"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
accept-ranges
bytes
ohc-global-saved-time
Fri, 27 Oct 2023 00:44:42 GMT
expires
Sun, 26 Nov 2023 00:44:42 GMT
gt.0.4.9.js
static.geetest.com/static/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.geetest.com/static/js/gt.0.4.9.js
Requested by
Host: geetest-gnl4pvhi-zolay-poi.4everland.app
URL: https://geetest-gnl4pvhi-zolay-poi.4everland.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:b200:1:fa24:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
69295620348ceb9e52d96e23bf22e5daef1cc81c109b3e049465c9343528df17

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 13:06:28 GMT
content-encoding
gzip
via
1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
last-modified
Wed, 23 Nov 2022 08:00:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
511938
etag
W/"9d86e3528629b44a4fc77bea2e07b857"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Xrur5aDsaGmcmKp4YxpAoA7wYYttpTjek23sdHbvYuHLxwkUYTqDow==
x-amz-meta-mtime
1669187319
Paimon.png
geetest-gnl4pvhi-zolay-poi.4everland.app/img/ 		334 KB
335 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geetest-gnl4pvhi-zolay-poi.4everland.app/img/Paimon.png
Requested by
Host: geetest-gnl4pvhi-zolay-poi.4everland.app
URL: https://geetest-gnl4pvhi-zolay-poi.4everland.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3936a8a93a98fb83e857475da57295a204b3cc9c30468c3da77b297daa2a11e5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 11:18:46 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-ipfs-roots
bafybeie52qr4iyekohyk2thbf4bnveaszyih227keahl4y2he3pyoqjkna,bafybeidkr4fvmyacssngpye26okdn6tu7dxcluwg4fc7nkt7pcbmefunoi,bafybeig6nbm2jv5qndatqhg3ui7alqccbj2tzx4cmk7ifnwsukgd4ab2xu
etag
"bafybeig6nbm2jv5qndatqhg3ui7alqccbj2tzx4cmk7ifnwsukgd4ab2xu"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXFr%2BYLfRLAwyMkxDEMI34AhwOHLXC1VvEucBWXneVF1HVJWu%2B%2FnVwumxmL3TqK4I%2FcZ9%2FfkATBdry8Pp5lETrW%2BQRKLZ9DaFHphHJNDZGNFE9kf2aY%2FH95domGotXj1DfNF2cMc4fdCHY67xDbKDWQT%2BuTNYvQliItRWsytaKmTy5PTdJdC"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control
public, max-age=14400
x-ipfs-path
/ipfs/bafybeie52qr4iyekohyk2thbf4bnveaszyih227keahl4y2he3pyoqjkna/img/Paimon.png
cf-ray
81e34266ea405d87-FRA
access-control-allow-headers
Content-Type, Range, User-Agent, X-Requested-With

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| initGeetest

0 Cookies