urlscan.io logo urlscan.io
SecurityTrails logo

cd.2024.gq Open in urlscan Pro
2606:4700:3032::6815:325e  Public Scan

Go To Rescan Add Verdict Report
URL: https://cd.2024.gq/
Submission: On June 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3032::6815:325e, located in United States and belongs to CLOUDFLARENET, US. The main domain is cd.2024.gq.
TLS certificate: Issued by GTS CA 1P5 on April 26th 2024. Valid for: 3 months.
This is the only time cd.2024.gq was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2404:2280:1cc... 24429 (TAOBAO Zh...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 188.114.97.3 13335 (CLOUDFLAR...)
6 104.18.28.104 13335 (CLOUDFLAR...)
4 172.67.159.236 13335 (CLOUDFLAR...)
19 7
3    2606:4700:3032::6815:325e (United States)

ASN13335 (CLOUDFLARENET, US)
cd.2024.gq
1    2404:2280:1cc:0:715::3fb (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
at.alicdn.com
1    2606:4700:20::681a:1be (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.loli.net
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
ta.21t.co
6    104.18.28.104 (None, )

ASN13335 (CLOUDFLARENET, US)
client.crisp.chat
4    172.67.159.236 (United States)

ASN13335 (CLOUDFLARENET, US)
cd.2024.gq
Apex Domain
Subdomains		 Transfer
7 2024.gq
cd.2024.gq
14 KB
6 crisp.chat
client.crisp.chat — Cisco Umbrella Rank: 22346
215 KB
1 21t.co
ta.21t.co
2 KB
1 loli.net
cdnjs.loli.net
31 KB
1 alicdn.com
at.alicdn.com — Cisco Umbrella Rank: 15264
65 KB
0 qweather.net Failed
widget.qweather.net Failed
19 6
Domain Requested by
7 cd.2024.gq cd.2024.gq
6 client.crisp.chat cd.2024.gq
client.crisp.chat
1 ta.21t.co cd.2024.gq
ta.21t.co
1 cdnjs.loli.net cd.2024.gq
1 at.alicdn.com cd.2024.gq
0 widget.qweather.net Failed cd.2024.gq
19 6
Subject Issuer Validity Valid
2024.gq
GTS CA 1P5		 2024-04-26 -
2024-07-25		 3 months crt.sh
*.tbcdn.cn
GlobalSign Organization Validation CA - SHA256 - G3		 2023-12-26 -
2024-07-30		 7 months crt.sh
cdnjs.loli.net
GTS CA 1P5		 2024-06-03 -
2024-09-01		 3 months crt.sh
21t.co
GTS CA 1P5		 2024-05-28 -
2024-08-26		 3 months crt.sh
crisp.chat
E1		 2024-06-03 -
2024-09-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://cd.2024.gq/
Frame ID: 0C3077373760EBB900AD6BEBA888C6E7
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

简单搜索

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

84 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

7
IPs

4
Countries

328 kB
Transfer

1205 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cd.2024.gq/ 		18 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cd.2024.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:325e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed9dcd053cb6c2c08ada8b4f99c530cb3293e5966d23345e5bc263bf77ef94fe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
age
18231
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
890225d28e7118da-FRA
content-disposition
inline
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 07 Jun 2024 16:51:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lokpYr84CnyRmykUOffA6JJYMMQwd%2FE8Gti%2F%2FrMrZsqJNmbWoQycYMqrp%2Feiik5taUIjitDDtTYhB%2BTAgGeQIU8dSaMMN9tXJiv1kUcjyrSnjS0YDyzNxKu5Oco6SAiSNRi0WavgDJma"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
x-vercel-id
fra1::st4g4-1717779095476-5256379cb44f
style.css
cd.2024.gq/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cd.2024.gq/style.css
Requested by
Host: cd.2024.gq
URL: https://cd.2024.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:325e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71cabe721d60d1ddb9ffeff626623d14400dd29bd423a62e8e6a6f72ec87b56a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cd.2024.gq/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:51:35 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename="style.css"
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::f2425-1717779095718-5fee741e70ee
server
cloudflare
etag
W/"fbfd1bbedc50c8e851a8e40ba5084b6c"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O9rCaE8ZO%2FhS4oGyUpmfBhMJLZq5BspJq4y8jrwyEsLszp4VhjSDq7MVFpbvvjoh5Rw8q4i%2Br4NdI93gVoRjD7JZwTcGf1Rw2ybTxm8L1PC1nmIs7MN9M53Sfo%2Fxo%2FTQoXbflQWeVyy%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
890225d4090118da-FRA
font_1230786_59ub5vczww4.js
at.alicdn.com/t/ 		186 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://at.alicdn.com/t/font_1230786_59ub5vczww4.js
Requested by
Host: cd.2024.gq
URL: https://cd.2024.gq/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:715::3fb , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
fa4372ee7406182ef95fc15e2b1a2fe6362bdf0598bbc1ab42ee0486c94d8cfe

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cd.2024.gq/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 01:37:09 GMT
via
cache2.l2de2[0,11,200-0,H], cache8.l2de2[13,0], ens-cache7.de5[0,0,200-0,H], ens-cache9.de5[3,0]
content-encoding
gzip
x-oss-request-id
66626445B096773938BCB483
content-md5
NzOGsnpCTl48KS9VUx4ERQ==
age
54866
x-swift-cachetime
63033061
x-cache
HIT TCP_HIT dirn:12:853674042
x-swift-savetime
Fri, 07 Jun 2024 12:26:08 GMT
x-oss-object-type
Normal
last-modified
Sat, 25 Dec 2021 13:04:32 GMT
server
Tengine
etag
W/"373386B27A424E5E3C292F55531E0445"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Origin
ali-swift-global-savetime
1717724229
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=63072000
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
1734823811357021296
eagleid
a3b55c9d17177790958504350e
x-oss-server-time
41
jquery.min.js
cdnjs.loli.net/ajax/libs/jquery/3.3.1/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.loli.net/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: cd.2024.gq
URL: https://cd.2024.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cd.2024.gq/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:51:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6350035
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 29 Sep 2021 08:05:29 GMT
server
cloudflare
etag
W/"61541e49-1538f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xaLq5rPKIFtElvjifiy%2FCCZSIXkDDtHszWJTUuub4eacR0DCDMsmC5LpmDfi5fFUt%2BwAwk3lok7H2aWhDsBMBuCdtMi0U8qWtH3g0A4fiZ15ZiOOQkkj%2F%2BGmWn%2B17uOEjVrMkAWsKYeaCsRf"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
timing-allow-origin
*
cf-ray
890225d4afbf3aa2-FRA
sou.js
cd.2024.gq/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cd.2024.gq/sou.js
Requested by
Host: cd.2024.gq
URL: https://cd.2024.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:325e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53651a5359e4be55ba30150d8b7498f5a4cf9519c9b67cb9ac21523b41014e5f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cd.2024.gq/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:51:35 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename="sou.js"
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::rpvhv-1717779095720-ed4415a63a39
server
cloudflare
etag
W/"cb5354487beadb011420b105b898fbdc"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6NJPb4gZ%2FGsfONCKV99a32aQRTfqJIycAtdgH3x3atS0qpsJ3wtC5QzGEWmJxPRHUujkAJd%2BN%2FE4ChwSYQocsJcbkHIDMbdeilrElgMOkqQOAcJK1wTilQSrRE2XiSyL0xZyHUhj0Xsz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
890225d4090418da-FRA
he-standard-common.js
widget.qweather.net/standard/static/js/ 		0
0
script.js
ta.21t.co/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ta.21t.co/script.js
Requested by
Host: cd.2024.gq
URL: https://cd.2024.gq/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30701a9d46b033e3256a99113f5380e9b6194045683d32ddf28fdb13ad92311
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self' undefined;
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cd.2024.gq/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:51:36 GMT
content-security-policy
default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self' undefined;
content-encoding
br
strict-transport-security
max-age=63072000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
on
content-disposition
inline; filename="script.js"
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::24vkn-1717779096004-a18b9261b851
server
cloudflare
x-matched-path
/script.js
etag
W/"5767597175778f06af72146fd56cd747"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ZiHDQ17F%2B7DULnklYg8rTBp%2FntWOum18%2FkpEdv8%2B2iY50h2aYKNEwkbDlowenR4ISGW2efTQG5D2ylS9EeAJk3CBvPKMi0cgDxjkQr8OEJWzxmIQdawzsCb1ys%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
vary
Accept-Encoding
cf-ray
890225d5d8f8381f-FRA
priority
u=3,i=?0
l.js
client.crisp.chat/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/l.js
Requested by
Host: cd.2024.gq
URL: https://cd.2024.gq/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
899431bee73ece6cab001f39b42a1832f857be67ebbcf0520e79037a0abff942
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cd.2024.gq/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:51:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
16072
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3424
last-modified
Thu, 24 Aug 2023 11:12:52 GMT
server
cloudflare
etag
W/"64e73b34-2173"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
890225d5cae3362c-FRA
access-control-allow-headers
Content-Type, Origin
expires
Sat, 08 Jun 2024 16:51:35 GMT
logo.svg
cd.2024.gq/icon/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cd.2024.gq/icon/logo.svg
Requested by
Host: cd.2024.gq
URL: https://cd.2024.gq/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46d551de8ca02263c9c708cf6bb6cd40208519c912e7b209d5907a3772a35c7d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cd.2024.gq/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:51:36 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename="logo.svg"
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::wxkf6-1717779095977-09bffa2cccb8
server
cloudflare
etag
W/"33b61b12eca07cf4edda1eee670e21a0"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mg3wpYRPCRyy8enkdNaEMyjS%2FOD8YOqKy2JpzckkVuo9aw5oLkkRu4eJV0A2TvjeMIYKP07YPI%2B2BnC4jcMVbw2%2FoiYAAW1MX9sOhJBpR9tmFUAjKxnyeKuOnZdI"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
890225d5ae6abbb6-FRA
baidu.svg
cd.2024.gq/icon/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cd.2024.gq/icon/baidu.svg
Requested by
Host: cd.2024.gq
URL: https://cd.2024.gq/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4debb03e9866f5f9abdab5068781c7dc608d8e53d662a356a5992b88537a8f3e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cd.2024.gq/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:51:36 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename="baidu.svg"
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::9b5qh-1717779095978-f814bfdace7d
server
cloudflare
etag
W/"a3f7fb78cd70a334b9821090489efaca"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YBTlGKqonom2a%2BqBqEjifI9YIK1kQ0sOrqDr6w6AqzGD7dZ%2FX5MBMsw7%2FuEGg8DhyoO%2BYRNbjdnY4%2BvpwdBLVyO33O%2FGlO8%2F3S%2BcQkdyzsgX67ZAXcolLVe67yrC"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
890225d5ae70bbb6-FRA
g.svg
cd.2024.gq/icon/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cd.2024.gq/icon/g.svg
Requested by
Host: cd.2024.gq
URL: https://cd.2024.gq/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadbe9a346b963a82b79ae72e8aa409369c3703d22b84548825fcdc8869b6921
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cd.2024.gq/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:51:36 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename="g.svg"
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::crrqf-1717779095978-159b4590d5d9
server
cloudflare
etag
W/"85630baa4caa229f0f1e6015aedf8f7f"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HdG%2FBn0fYCmo7r4byg%2Bb4q30h6uZ0vwQZupt7ubo15XZu30Enx15hfOxds6kMFBUWps5gokEkP88LvZRsRzfbzeL8cq1TEJn05%2FAedN0pOJURz3nuk97uyubD%2Fqo"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
890225d5ae77bbb6-FRA
client.js
client.crisp.chat/static/javascripts/ 		445 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/client.js?4f65820
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b4d81a88972c2102ce45a07297f1578c4197f01d18681ee269d4f5be1d4a769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cd.2024.gq/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
16074
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 24 Aug 2023 11:12:52 GMT
server
cloudflare
etag
W/"64e73b34-6f432"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
890225d62bd7362c-FRA
access-control-allow-headers
Content-Type, Origin
expires
Mon, 05 Jun 2034 16:51:36 GMT
client_default.css
client.crisp.chat/static/stylesheets/ 		432 KB
74 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/stylesheets/client_default.css?4f65820
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b690aadc4bf2f66285fe5657da39f6ea4b162648031365597ef3bcd45586277e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cd.2024.gq/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
16074
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 05 Jun 2024 12:22:42 GMT
server
cloudflare
etag
W/"66605892-6bf59"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
890225d62bd9362c-FRA
access-control-allow-headers
Content-Type, Origin
expires
Mon, 05 Jun 2034 16:51:36 GMT
send
ta.21t.co/api/ 		0
0
/
client.crisp.chat/settings/website/d2cf3e15-1f89-45a3-8540-3f01cfd1e2e0/prelude/ 		214 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/d2cf3e15-1f89-45a3-8540-3f01cfd1e2e0/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2024-5-7-18-51
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?4f65820
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645b84983a80a68f9441fbd79254a63f32388b6371eb5dae5dcf0ff4a47e3351
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cd.2024.gq/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
173
last-modified
Fri, 07 Jun 2024 16:51:36 GMT
server
cloudflare
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
890225d6ed2e362c-FRA
access-control-allow-headers
Content-Type, Origin
expires
Fri, 07 Jun 2024 20:51:36 GMT
send
ta.21t.co/api/ 		0
0
32.png
cd.2024.gq/icon/ 		987 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cd.2024.gq/icon/32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c5965298e6e8f5eef9516e81629e93731bab1eea65ee0b8968e701dde7869ed
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cd.2024.gq/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:51:36 GMT
strict-transport-security
max-age=63072000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename="32.png"
alt-svc
h3=":443"; ma=86400
content-length
987
x-vercel-id
fra1::96dnv-1717779096183-a6f20b3b222b
server
cloudflare
etag
"4d75dd30a0a796991dbdbea16c491d8c"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UaHTpIo6hgItR2M2wTc1O%2Bbz%2FKomA9hJrE7B9SIJVRh9U5U34WX1ay6W8A1iYOSmEI6v6v5qJ33CnHryaXDtmlG%2FWNitYSgmGVX%2FWQEodwG410K0FwM%2FbsHAb9Kz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
890225d6f869bbb6-FRA
/
client.crisp.chat/settings/website/d2cf3e15-1f89-45a3-8540-3f01cfd1e2e0/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/d2cf3e15-1f89-45a3-8540-3f01cfd1e2e0/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1700121332453
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?4f65820
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3168f876d51b189349dd7fcb2c3df6e7a4d97d67c5f392019b3bc4e55ed97eb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cd.2024.gq/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
704
last-modified
Fri, 07 Jun 2024 16:51:36 GMT
server
cloudflare
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
890225d92895362c-FRA
access-control-allow-headers
Content-Type, Origin
expires
Fri, 07 Jun 2024 20:51:36 GMT
en.js
client.crisp.chat/static/javascripts/locales/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/locales/en.js?4f65820
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?4f65820
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a41a8113c605bd804bcc6d03af11d8b32382cf7ab467b8040bb600714c75816e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cd.2024.gq/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
16072
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3610
last-modified
Tue, 08 Aug 2023 12:01:16 GMT
server
cloudflare
etag
W/"64d22e8c-250a"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
890225d9c9ac362c-FRA
access-control-allow-headers
Content-Type, Origin
expires
Mon, 05 Jun 2034 16:51:36 GMT
truncated
/ 		881 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
widget.qweather.net
URL
https://widget.qweather.net/standard/static/js/he-standard-common.js?v=2.0
Domain
ta.21t.co
URL
https://ta.21t.co/api/send
Domain
ta.21t.co
URL
https://ta.21t.co/api/send

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| WIDGET object| $crisp string| CRISP_WEBSITE_ID object| d object| s boolean| $__CRISP_INCLUDED object| umami object| $__CRISP_INSTANCE

1 Cookies

Domain/Path Name / Value
.2024.gq/ Name: crisp-client%2Fsession%2Fd2cf3e15-1f89-45a3-8540-3f01cfd1e2e0
Value: session_84cfca7f-2347-4eda-b6b8-9860b2e24ccd

1 Console Messages

Source Level URL
Text
network error URL: https://widget.qweather.net/standard/static/js/he-standard-common.js?v=2.0
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at.alicdn.com
cd.2024.gq
cdnjs.loli.net
client.crisp.chat
ta.21t.co
widget.qweather.net
ta.21t.co
widget.qweather.net
104.18.28.104
172.67.159.236
188.114.97.3
2404:2280:1cc:0:715::3fb
2606:4700:20::681a:1be
2606:4700:3032::6815:325e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
3168f876d51b189349dd7fcb2c3df6e7a4d97d67c5f392019b3bc4e55ed97eb3
46d551de8ca02263c9c708cf6bb6cd40208519c912e7b209d5907a3772a35c7d
4debb03e9866f5f9abdab5068781c7dc608d8e53d662a356a5992b88537a8f3e
53651a5359e4be55ba30150d8b7498f5a4cf9519c9b67cb9ac21523b41014e5f
645b84983a80a68f9441fbd79254a63f32388b6371eb5dae5dcf0ff4a47e3351
6b4d81a88972c2102ce45a07297f1578c4197f01d18681ee269d4f5be1d4a769
71cabe721d60d1ddb9ffeff626623d14400dd29bd423a62e8e6a6f72ec87b56a
7c5965298e6e8f5eef9516e81629e93731bab1eea65ee0b8968e701dde7869ed
899431bee73ece6cab001f39b42a1832f857be67ebbcf0520e79037a0abff942
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
a41a8113c605bd804bcc6d03af11d8b32382cf7ab467b8040bb600714c75816e
aadbe9a346b963a82b79ae72e8aa409369c3703d22b84548825fcdc8869b6921
b690aadc4bf2f66285fe5657da39f6ea4b162648031365597ef3bcd45586277e
ed9dcd053cb6c2c08ada8b4f99c530cb3293e5966d23345e5bc263bf77ef94fe
f30701a9d46b033e3256a99113f5380e9b6194045683d32ddf28fdb13ad92311
fa4372ee7406182ef95fc15e2b1a2fe6362bdf0598bbc1ab42ee0486c94d8cfe