bldh2.cyou
Open in
urlscan Pro
66.42.65.7
Public Scan
Submitted URL: https://balidh.xyz/
Effective URL: https://bldh2.cyou/
Submission: On August 23 via manual from NL — Scanned from NL
Effective URL: https://bldh2.cyou/
Submission: On August 23 via manual from NL — Scanned from NL
Summary
This website contacted 4 IPs
in 2 countries
across 4 domains to perform 15 HTTP transactions.
The main IP is 66.42.65.7, located in
Seattle, United States and
belongs to AS-CHOOPA, US.
The main domain is bldh2.cyou.
TLS certificate: Issued by R3 on August 1st 2023. Valid for: 3 months.
This is the only time bldh2.cyou was scanned on urlscan.io!
TLS certificate: Issued by R3 on August 1st 2023. Valid for: 3 months.
This is the only time bldh2.cyou was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 7 | 66.42.65.7 66.42.65.7 | 20473 (AS-CHOOPA) (AS-CHOOPA) | |
| 2 | 103.235.46.191 103.235.46.191 | 55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.) | |
| 1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3b | () () | |
| 15 | 4 |
7
66.42.65.7
(Seattle, United States)
ASN20473 (AS-CHOOPA, US)
PTR: 66.42.65.7.vultrusercontent.com
ASN20473 (AS-CHOOPA, US)
PTR: 66.42.65.7.vultrusercontent.com
| balidh.xyz | |
| bldh2.cyou |
2
103.235.46.191
(Hong Kong)
ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
| hm.baidu.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 6 |
bldh2.cyou
bldh2.cyou |
43 KB |
| 2 |
baidu.com
hm.baidu.com — Cisco Umbrella Rank: 10083 |
12 KB |
| 1 |
jquery.com
code.jquery.com |
30 KB |
| 1 |
balidh.xyz
balidh.xyz |
793 B |
| 15 | 4 |
| Domain | Requested by | |
|---|---|---|
| 6 | bldh2.cyou |
balidh.xyz
bldh2.cyou |
| 2 | hm.baidu.com |
balidh.xyz
bldh2.cyou |
| 1 | code.jquery.com |
bldh2.cyou
|
| 1 | balidh.xyz | |
| 15 | 4 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| balidh.xyz R3 |
2023-08-20 - 2023-11-18 |
3 months | crt.sh |
| baidu.com GlobalSign RSA OV SSL CA 2018 |
2023-07-06 - 2024-08-06 |
a year | crt.sh |
| bali1.xyz R3 |
2023-08-01 - 2023-10-30 |
3 months | crt.sh |
| *.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://bldh2.cyou/
Frame ID: 38D035BCC375F8F665138A966F61FAC6
Requests: 15 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://balidh.xyz/ Page URL
- https://bldh2.cyou/ Page URL
Detected technologies
Baidu Analytics (百度统计)
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- hm\.baidu\.com/hm\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://balidh.xyz/ Page URL
- https://bldh2.cyou/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
balidh.xyz/ |
1 KB 793 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hm.js
hm.baidu.com/ |
29 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hm.gif
hm.baidu.com/ |
43 B 299 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
bldh2.cyou/ |
369 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
hm.gif
hm.baidu.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.min.css
bldh2.cyou/template/buliang(pc)/css/ |
40 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fontello.css
bldh2.cyou/template/buliang(pc)/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
styles.css
bldh2.cyou/template/buliang(pc)/css/ |
38 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
bldh2.cyou/template/buliang(pc)/css/ |
30 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
logo.png
bldh2.cyou/template/buliang(pc)/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.1.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tj.js
bldh2.cyou/js/ |
272 B 485 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
hao.js
bldh2.cyou/template/buliang(pc)/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
hm.js
hm.baidu.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
fontello.woff2
bldh2.cyou/template/buliang(pc)/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- hm.baidu.com
- URL
- https://hm.baidu.com/hm.gif?hca=5175C5AD1095C709&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=2626%2C2626&et=3&ja=0&ln=en-us&lo=0&rnd=640726312&si=bec10ad5a64709571407a68f2a4a5f02&v=1.3.0&lv=1&sn=55447&r=0&ww=1600&u=https%3A%2F%2Fbalidh.xyz%2F
- Domain
- bldh2.cyou
- URL
- https://bldh2.cyou/template/buliang(pc)/images/logo.png
- Domain
- bldh2.cyou
- URL
- https://bldh2.cyou/template/buliang(pc)/js/hao.js
- Domain
- hm.baidu.com
- URL
- https://hm.baidu.com/hm.js?bec10ad5a64709571407a68f2a4a5f02
- Domain
- bldh2.cyou
- URL
- https://bldh2.cyou/template/buliang(pc)/fonts/fontello.woff2
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .hm.baidu.com/ | Name: HMACCOUNT_BFESS Value: 5175C5AD1095C709 |
|
| .balidh.xyz/ | Name: Hm_lvt_bec10ad5a64709571407a68f2a4a5f02 Value: 1692824497 |
|
| .balidh.xyz/ | Name: Hm_lpvt_bec10ad5a64709571407a68f2a4a5f02 Value: 1692824497 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
balidh.xyz
bldh2.cyou
code.jquery.com
hm.baidu.com
bldh2.cyou
hm.baidu.com
103.235.46.191
2001:4de0:ac18::1:a:3b
66.42.65.7
29e57daf5fca82cfc65dcf2575672a8dbfd22a854c198555f30824e34f2fb7cf
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8d4a4872dc0faa2ff83bb6664338e63c6f9b52a603e29b1aa764f2866763b7fc
b1558c282104c879021c7f302a4b200a66c0d50cc67e3ade58e5f75f6bebcd20
b9588fb6de2ec824fc9cd8c61f102040e0c232c7d2e2d4716e20913dc2394937
c0b13466694738025bc1405381567b8d0136ca3ed096ec187c37cd9537df20ed
c29dcaed9a4ee794acc4fce1f16cd43f3295ed8ff76434405cd12489c31315e6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f