URL: https://remove.run/
Submission: On May 09 via manual from CN — Scanned from DE

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 5 HTTP transactions. The main IP is 8.218.90.106, located in Central, Hong Kong and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is remove.run.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on November 25th 2021. Valid for: a year.
This is the only time remove.run was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 8.218.90.106 45102 (ALIBABA-C...)
1 1 139.198.191.162 59078 (YUNIFY-NE...)
1 240d:c040:0:4... 132203 (TENCENT-N...)
5 2
Apex Domain
Subdomains
Transfer
4 remove.run
remove.run
30 KB
1 qq.com
mp.weixin.qq.com — Cisco Umbrella Rank: 8790
38 KB
1 zjiecode.com
wxpusher.zjiecode.com
257 B
5 3
Domain Requested by
4 remove.run remove.run
1 mp.weixin.qq.com remove.run
1 wxpusher.zjiecode.com 1 redirects
5 3

This site contains no links.

Subject Issuer Validity Valid
remove.run
Encryption Everywhere DV TLS CA - G1
2021-11-25 -
2022-11-25
a year crt.sh

This page contains 1 frames:

Primary Page: https://remove.run/
Frame ID: 1EF41EBB3C44D67913D2717E4F9F4FA8
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

小北学生: 自动上报体温

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

5
Requests

80 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

68 kB
Transfer

200 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://wxpusher.zjiecode.com/api/qrcode/WmOQNCtZr2cTF4rHbDnRi9PwghhjObSkp2J3jc755JRr5cw8ToJCTPnQzMCRYy4L.jpg HTTP 302
  • https://mp.weixin.qq.com/cgi-bin/showqrcode?ticket=gQHL7zwAAAAAAAAAAS5odHRwOi8vd2VpeGluLnFxLmNvbS9xLzAydEt5NVVQSVFjWWoxR0dEc3h5Y3MAAgSqGnViAwQAjScA

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
remove.run/
3 KB
3 KB
Document
General
Full URL
https://remove.run/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.218.90.106 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
0fc2f58a640cb872d9b12e0d85125e68723d1ba2865a18516c95bfd17da9352e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
3204
content-type
text/html; charset=UTF-8
date
Mon, 09 May 2022 01:19:54 GMT
etag
"62417cfe-c84"
last-modified
Mon, 28 Mar 2022 09:16:46 GMT
permissions-policy
geolocation=(self "https://remove.run"), microphone=()
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
style.css
remove.run/css/
201 B
524 B
Stylesheet
General
Full URL
https://remove.run/css/style.css
Requested by
Host: remove.run
URL: https://remove.run/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.218.90.106 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
4afe83b0a4d6aa91d65ed20c8bab66668cfe3245489cb5b22d9ed8df24019eca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 01:19:54 GMT
referrer-policy
no-referrer
last-modified
Thu, 08 Jul 2021 14:38:52 GMT
server
nginx
etag
"60e70dfc-c9"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
permissions-policy
geolocation=(self "https://remove.run"), microphone=()
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ranges
bytes
content-length
201
x-content-type-options
nosniff
bootstrap.min.css
remove.run/css/
158 KB
24 KB
Stylesheet
General
Full URL
https://remove.run/css/bootstrap.min.css
Requested by
Host: remove.run
URL: https://remove.run/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.218.90.106 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 01:19:54 GMT
content-encoding
gzip
referrer-policy
no-referrer
last-modified
Sat, 29 May 2021 14:51:28 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"60b254f0-27681"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
permissions-policy
geolocation=(self "https://remove.run"), microphone=()
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
index.js
remove.run/js/
2 KB
2 KB
Script
General
Full URL
https://remove.run/js/index.js
Requested by
Host: remove.run
URL: https://remove.run/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.218.90.106 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
4d170ffd736ff0b3be4562ca152b48e7ea2f5863f123d49b2900fefcb9541076
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 01:19:54 GMT
referrer-policy
no-referrer
last-modified
Mon, 03 Jan 2022 14:40:24 GMT
server
nginx
etag
"61d30ad8-686"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
x-xss-protection
1; mode=block
permissions-policy
geolocation=(self "https://remove.run"), microphone=()
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ranges
bytes
content-length
1670
x-content-type-options
nosniff
showqrcode
mp.weixin.qq.com/cgi-bin/
Redirect Chain
  • https://wxpusher.zjiecode.com/api/qrcode/WmOQNCtZr2cTF4rHbDnRi9PwghhjObSkp2J3jc755JRr5cw8ToJCTPnQzMCRYy4L.jpg
  • https://mp.weixin.qq.com/cgi-bin/showqrcode?ticket=gQHL7zwAAAAAAAAAAS5odHRwOi8vd2VpeGluLnFxLmNvbS9xLzAydEt5NVVQSVFjWWoxR0dEc3h5Y3MAAgSqGnViAwQAjScA
38 KB
38 KB
Image
General
Full URL
https://mp.weixin.qq.com/cgi-bin/showqrcode?ticket=gQHL7zwAAAAAAAAAAS5odHRwOi8vd2VpeGluLnFxLmNvbS9xLzAydEt5NVVQSVFjWWoxR0dEc3h5Y3MAAgSqGnViAwQAjScA
Requested by
Host: remove.run
URL: https://remove.run/
Protocol
H2
Server
240d:c040:0:40::116 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
37864a0390ba26793ebb0c446af3b21e3019e1f81ff031d7596aa7ea375387f1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
max-age=604800
expires
Mon, 16 May 2022 09:21:17 +0800
accept-ranges
bytes
content-type
image/jpg

Redirect headers

Location
https://mp.weixin.qq.com/cgi-bin/showqrcode?ticket=gQHL7zwAAAAAAAAAAS5odHRwOi8vd2VpeGluLnFxLmNvbS9xLzAydEt5NVVQSVFjWWoxR0dEc3h5Y3MAAgSqGnViAwQAjScA
Date
Mon, 09 May 2022 01:21:16 GMT
Content-Length
0
Content-Language
de-DE

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block