Submitted URL: https://www.baidu.com/baidu.php?url=af0000KpxzUee8WytAJjkDEehnaETgYtNG4mWl9sVytdRRz781j_njhsQxHDYxQx7jykO_2ZmJ8S-VW8lh...
Effective URL: https://www.i9m1cpqu.icu/
Submission: On November 25 via manual from JP — Scanned from JP

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3034::6815:4d3f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.i9m1cpqu.icu.
TLS certificate: Issued by WE1 on October 17th 2024. Valid for: 3 months.
This is the only time www.i9m1cpqu.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 103.235.46.96 55967 (BAIDU Bei...)
1 1 103.99.61.211 136950 (HIITL-AS-...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
3 172.217.26.227 15169 (GOOGLE)
4 172.217.161.195 15169 (GOOGLE)
28 6
Apex Domain
Subdomains
Transfer
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
290 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
838 B
1 google.com
apis.google.com — Cisco Umbrella Rank: 121
play.google.com Failed
42 KB
1 i9m1cpqu.icu
www.i9m1cpqu.icu
118 KB
1 jinfengst.top
zxfy.jinfengst.top
283 B
1 baidu.com
www.baidu.com — Cisco Umbrella Rank: 4571
227 B
0 fanyi4.com Failed
fanyi4.com Failed
28 7
Domain Requested by
4 fonts.gstatic.com www.i9m1cpqu.icu
3 www.gstatic.com www.i9m1cpqu.icu
1 fonts.googleapis.com www.i9m1cpqu.icu
1 apis.google.com www.i9m1cpqu.icu
1 www.i9m1cpqu.icu
1 zxfy.jinfengst.top 1 redirects
1 www.baidu.com 1 redirects
0 play.google.com Failed www.gstatic.com
0 fanyi4.com Failed www.i9m1cpqu.icu
28 9

This site contains links to these domains. Also see Links.

Domain
support.google.com
cloud.google.com
translate.google.com
Subject Issuer Validity Valid
i9m1cpqu.icu
WE1
2024-10-17 -
2025-01-15
3 months crt.sh
*.apis.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.i9m1cpqu.icu/
Frame ID: 39E8B7F19D89C9FE2A6CB55AD10A60ED
Requests: 28 HTTP requests in this frame

Screenshot

Page Title

Google 翻译

Page URL History Show full URLs

  1. https://www.baidu.com/baidu.php?url=af0000KpxzUee8WytAJjkDEehnaETgYtNG4mWl9sVytdRRz781j_njhsQxHDYx... HTTP 302
    http://zxfy.jinfengst.top/?sdclkid=bLfpALjR152_brD6Ag HTTP 307
    https://zxfy.jinfengst.top/?sdclkid=bLfpALjR152_brD6Ag HTTP 301
    https://www.i9m1cpqu.icu/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

28
Requests

36 %
HTTPS

43 %
IPv6

7
Domains

9
Subdomains

6
IPs

4
Countries

451 kB
Transfer

1296 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.baidu.com/baidu.php?url=af0000KpxzUee8WytAJjkDEehnaETgYtNG4mWl9sVytdRRz781j_njhsQxHDYxQx7jykO_2ZmJ8S-VW8lhA41OqWGz3LRq9amk3yF9_d2gptvWWPxl3JtT0T32aDW_Dl3Y0CUWTU1PNwrHIPtb4lH_tJvQIcYC_2fw9d8eiMMTTcKUHb06SYKe51bQQe-YA4-dJoP4vINGPaFDGu7SBe1nxZqI5o.DD_iT5woYXyNtyVrpr94RZm3rtIYPZVkngOod3OUSEQOooLurySU4I5Vd2N9h9mzyTpSkf.U1Yk0ZDqVlLRNfKspynqn0KY5UXVY8_0pyYqnWcd0ATqUvNsT1D0Iybqmh7GuZR0TA-b5HT0mv-b5H00UgfqnH0krNtknjDLg1csPH7xn1msnfKopHYs0ZFY5HfvnfKBpHYkPH9xnW0Yg1RsnsKVm1YknjD4g1DsnHIxnW0dnNts0Z7spyfqn0Kk HTTP 302
    http://zxfy.jinfengst.top/?sdclkid=bLfpALjR152_brD6Ag HTTP 307
    https://zxfy.jinfengst.top/?sdclkid=bLfpALjR152_brD6Ag HTTP 301
    https://www.i9m1cpqu.icu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.i9m1cpqu.icu/
Redirect Chain
  • https://www.baidu.com/baidu.php?url=af0000KpxzUee8WytAJjkDEehnaETgYtNG4mWl9sVytdRRz781j_njhsQxHDYxQx7jykO_2ZmJ8S-VW8lhA41OqWGz3LRq9amk3yF9_d2gptvWWPxl3JtT0T32aDW_Dl3Y0CUWTU1PNwrHIPtb4lH_tJvQIcYC_2f...
  • http://zxfy.jinfengst.top/?sdclkid=bLfpALjR152_brD6Ag
  • https://zxfy.jinfengst.top/?sdclkid=bLfpALjR152_brD6Ag
  • https://www.i9m1cpqu.icu/
747 KB
118 KB
Document
General
Full URL
https://www.i9m1cpqu.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4d3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19aaa71fb3af4a67b9cfb158116ffbfdea8aa72e49f33af1ff145140af087915

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e7e8d5f886fd774-NRT
content-encoding
zstd
content-type
text/html
date
Mon, 25 Nov 2024 03:29:04 GMT
last-modified
Mon, 25 Nov 2024 03:09:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H7nIRPorhvcpv8i8LpF7EFdaMzK%2F%2BHp3DEeQfDcNk0bZYvsURwAuPC276sn8uDDxfOpvv4emjHySMDmVqCfFWownuxSCL6WYvZ8xtu3IUoJwcKvpxYL7rATbEliFE%2BWZKpVMn8XxtCsyGs1Y1IYT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=2011&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3920&recv_bytes=2290&delivery_rate=1788143&cwnd=254&unsent_bytes=0&cid=9a4da9c142780a24&ts=135&x=0"
vary
Accept-Encoding

Redirect headers

content-length
162
content-type
text/html
date
Mon, 25 Nov 2024 03:23:49 GMT
location
https://www.i9m1cpqu.icu/
server
nginx
strict-transport-security
max-age=31536000
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.MGCxJbnW_Xw.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9xa4htLEVH9xe6c4ToUehtTaLWvA/
122 KB
42 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.MGCxJbnW_Xw.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9xa4htLEVH9xe6c4ToUehtTaLWvA/cb=gapi.loaded_0
Requested by
Host: www.i9m1cpqu.icu
URL: https://www.i9m1cpqu.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81d::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4ae5731b6361fef2a0b2ea0d005ca674d5cfa837628dc8acf4140b2c8b3843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.i9m1cpqu.icu/

Response headers

content-encoding
gzip
age
185447
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 23:58:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 23:58:17 GMT
last-modified
Thu, 11 Jul 2024 18:45:34 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
accept-ranges
bytes
access-control-allow-origin
*
content-length
42226
x-xss-protection
0
server
sffe
css
fonts.googleapis.com/
774 B
838 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: www.i9m1cpqu.icu
URL: https://www.i9m1cpqu.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
52d62465d244bef9c22960bed269d931eb2b705dff7f09a0bcf5ddba62554f45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.i9m1cpqu.icu/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 25 Nov 2024 03:29:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 25 Nov 2024 03:29:04 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 25 Nov 2024 01:55:33 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
70d6051e4958aeab28256b579d86ee92.js.js.%E4%B8%8B%E8%BD%BD
fanyi4.com/index_files/
0
0

exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba3abe8273a519f1e39630dffbdbff8e09.js.js.%E4%B8%8B%E8%BD%BD
fanyi4.com/index_files/
0
0

excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,ba07b584900884206c270edee87c6701.css.css
fanyi4.com/index_files/
0
0

lazy.min.js.%E4%B8%8B%E8%BD%BD
fanyi4.com/index_files/
0
0

inputtools_3.js.%E4%B8%8B%E8%BD%BD
fanyi4.com/index_files/
0
0

zh-Hans.js.%E4%B8%8B%E8%BD%BD
fanyi4.com/index_files/
0
0

zh-Hans.js(1).%E4%B8%8B%E8%BD%BD
fanyi4.com/index_files/
0
0

rs=AA2YrTu-AIDpJnMn8htQ-0aB0kDLbVpl1A
www.gstatic.com/og/_/js/k=og.qtm.en_US.WIp7bmmdiMk.2019.O/rt=j/m=q_dnp,q_pc,qmd,qcwid,qapid,qads,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qh...
166 KB
61 KB
Script
General
Full URL
https://www.gstatic.com/og/_/js/k=og.qtm.en_US.WIp7bmmdiMk.2019.O/rt=j/m=q_dnp,q_pc,qmd,qcwid,qapid,qads,q_dg/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/rs=AA2YrTu-AIDpJnMn8htQ-0aB0kDLbVpl1A
Requested by
Host: www.i9m1cpqu.icu
URL: https://www.i9m1cpqu.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f3.1e100.net
Software
sffe /
Resource Hash
bbfe18d5e32223ad8823f1a6745b1b5b77f88d8fc1c323fa3eb0ec9b8206f39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.i9m1cpqu.icu/

Response headers

content-encoding
gzip
age
229722
report-to
{"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 11:40:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 11:40:23 GMT
last-modified
Mon, 05 Aug 2024 01:30:33 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="one-google-eng"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
accept-ranges
bytes
content-length
62646
x-xss-protection
0
server
sffe
rs=AA2YrTuZHf1FxnWSuni4yfYFm7DJbfG-0A
www.gstatic.com/og/_/ss/k=og.qtm.ygvnjEuASRQ.L.W.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf...
5 KB
1 KB
Stylesheet
General
Full URL
https://www.gstatic.com/og/_/ss/k=og.qtm.ygvnjEuASRQ.L.W.O/m=qmd,qcwid/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,qhidgm3,qhin,qhlo,qhlogm3,qhmn,qhpc,qhsf,qhsfgm3,qhtt/d=1/ed=1/ct=zgms/rs=AA2YrTuZHf1FxnWSuni4yfYFm7DJbfG-0A
Requested by
Host: www.i9m1cpqu.icu
URL: https://www.i9m1cpqu.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f3.1e100.net
Software
sffe /
Resource Hash
df81a77c9505a147f713c03c3e1d1114c57668d7587768231ae41c60ec947922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.i9m1cpqu.icu/

Response headers

content-encoding
gzip
age
261067
report-to
{"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 02:57:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 02:57:57 GMT
last-modified
Thu, 01 Aug 2024 01:32:30 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="one-google-eng"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
accept-ranges
bytes
content-length
1369
x-xss-protection
0
server
sffe
drag_and_drop.png
fanyi4.com/index_files/
0
0

192px.svg
fanyi4.com/index_files/
0
0

excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,ba07b584900884206c270edee87c6701.css.css
fanyi4.com/index_files/
0
0

inputtools_3.js.%E4%B8%8B%E8%BD%BD
fanyi4.com/index_files/
0
0

drag_and_drop.png
fanyi4.com/index_files/
0
0

kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
fonts.gstatic.com/s/materialiconsextended/v151/
159 KB
159 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialiconsextended/v151/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
Requested by
Host: www.i9m1cpqu.icu
URL: https://www.i9m1cpqu.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s03-in-f3.1e100.net
Software
sffe /
Resource Hash
7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.i9m1cpqu.icu
Referer
https://www.i9m1cpqu.icu/

Response headers

age
263044
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 02:25:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 02:25:01 GMT
last-modified
Mon, 08 Apr 2024 19:05:11 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
162924
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.i9m1cpqu.icu
URL: https://www.i9m1cpqu.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s03-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.i9m1cpqu.icu
Referer
https://www.i9m1cpqu.icu/

Response headers

age
354935
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 00:53:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 00:53:30 GMT
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15344
x-xss-protection
0
server
sffe
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: www.i9m1cpqu.icu
URL: https://www.i9m1cpqu.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s03-in-f3.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.i9m1cpqu.icu
Referer
https://www.i9m1cpqu.icu/

Response headers

age
351660
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 01:48:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 01:48:05 GMT
last-modified
Tue, 23 May 2023 16:35:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
34108
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.i9m1cpqu.icu
URL: https://www.i9m1cpqu.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s03-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.i9m1cpqu.icu
Referer
https://www.i9m1cpqu.icu/

Response headers

age
299811
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 16:12:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 16:12:14 GMT
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15552
x-xss-protection
0
server
sffe
favicon.ico
www.gstatic.com/translate/
32 KB
5 KB
Other
General
Full URL
https://www.gstatic.com/translate/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f3.1e100.net
Software
sffe /
Resource Hash
06fd4ba3b981a0765dc1e8fcd5aa2faf802323d5367d7ca0b8afb7f896f2e81f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.i9m1cpqu.icu/

Response headers

content-encoding
gzip
age
23907
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Mon, 24 Nov 2025 20:50:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 24 Nov 2024 20:50:38 GMT
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
5032
x-xss-protection
0
server
sffe
log
play.google.com/
0
0

log
play.google.com/
0
0

log
play.google.com/
0
0

log
play.google.com/
0
0

log
play.google.com/
0
0

log
play.google.com/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fanyi4.com
URL
https://fanyi4.com/index_files/70d6051e4958aeab28256b579d86ee92.js.js.%E4%B8%8B%E8%BD%BD
Domain
fanyi4.com
URL
https://fanyi4.com/index_files/exm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba3abe8273a519f1e39630dffbdbff8e09.js.js.%E4%B8%8B%E8%BD%BD
Domain
fanyi4.com
URL
https://fanyi4.com/index_files/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,ba07b584900884206c270edee87c6701.css.css
Domain
fanyi4.com
URL
https://fanyi4.com/index_files/lazy.min.js.%E4%B8%8B%E8%BD%BD
Domain
fanyi4.com
URL
https://fanyi4.com/index_files/inputtools_3.js.%E4%B8%8B%E8%BD%BD
Domain
fanyi4.com
URL
https://fanyi4.com/index_files/zh-Hans.js.%E4%B8%8B%E8%BD%BD
Domain
fanyi4.com
URL
https://fanyi4.com/index_files/zh-Hans.js(1).%E4%B8%8B%E8%BD%BD
Domain
fanyi4.com
URL
https://fanyi4.com/index_files/drag_and_drop.png
Domain
fanyi4.com
URL
https://fanyi4.com/index_files/192px.svg
Domain
fanyi4.com
URL
https://fanyi4.com/index_files/excm=qaaw,qabr,qadd,qaid,qalo,qebr,qein,qhaw,qhawgm3,qhba,qhbr,qhbrgm3,qhch,qhchgm3,qhga,qhid,ba07b584900884206c270edee87c6701.css.css
Domain
fanyi4.com
URL
https://fanyi4.com/index_files/inputtools_3.js.%E4%B8%8B%E8%BD%BD
Domain
fanyi4.com
URL
https://fanyi4.com/index_files/drag_and_drop.png
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| _F_cssRowKey string| _F_combinedSignature function| _DumpException object| BOQ_wizbind function| _wjdc object| gbar_ object| _F_toggles object| gbar object| gapi object| ___jsl object| AF_initDataKeys object| AF_dataServiceRequests object| AF_initDataChunkQueue function| AF_initDataCallback object| osapi object| gadgets object| shindig object| googleapis

1 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 519=GF3V_OEQKhDJjfxb2C_HVqQONMcjy43QnHetLbF64CMWMTakGRT3vm5kX9j-jxkBemcoMcbgJFU8dBkcCcp00l5Xt1LrHN95Swd0z6GaVQKsx4nNI_tGPOLI6g-JfAf7vSdQoeMQ3wFlZBskXV-rxLzuAZ7GAMaakaDaOU1TYZp-s13X6SRqZgbqva4

12 Console Messages

Source Level URL
Text
javascript error URL: https://www.i9m1cpqu.icu/
Message:
Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true' from origin 'https://www.i9m1cpqu.icu' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network error URL: https://play.google.com/log?format=json&hasfast=true
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.i9m1cpqu.icu/
Message:
Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true' from origin 'https://www.i9m1cpqu.icu' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network error URL: https://play.google.com/log?format=json&hasfast=true
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.i9m1cpqu.icu/
Message:
Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true' from origin 'https://www.i9m1cpqu.icu' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network error URL: https://play.google.com/log?format=json&hasfast=true
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.i9m1cpqu.icu/
Message:
Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true' from origin 'https://www.i9m1cpqu.icu' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network error URL: https://play.google.com/log?format=json&hasfast=true
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.i9m1cpqu.icu/
Message:
Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true' from origin 'https://www.i9m1cpqu.icu' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network error URL: https://play.google.com/log?format=json&hasfast=true
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.i9m1cpqu.icu/
Message:
Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true' from origin 'https://www.i9m1cpqu.icu' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network error URL: https://play.google.com/log?format=json&hasfast=true
Message:
Failed to load resource: net::ERR_FAILED