urlscan.io logo urlscan.io
SecurityTrails logo

lws.cn-witmed-106a.cyou Open in urlscan Pro
23.224.212.132  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://lws.cn-witmed-106a.cyou/
Effective URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Submission: On June 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 19 HTTP transactions. The main IP is 23.224.212.132, located in United States and belongs to CNSERVERS, US. The main domain is lws.cn-witmed-106a.cyou.
TLS certificate: Issued by R3 on May 26th 2024. Valid for: 3 months.
This is the only time lws.cn-witmed-106a.cyou was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 23.224.212.132 40065 (CNSERVERS)
1 172.67.189.65 13335 (CLOUDFLAR...)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 20.119.174.243 8075 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
19 6
10    23.224.212.132 (United States)

ASN40065 (CNSERVERS, US)
lws.cn-witmed-106a.cyou
1    172.67.189.65 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.mh616.org
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
r.clarity.ms
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
10 cn-witmed-106a.cyou
lws.cn-witmed-106a.cyou
520 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 783
r.clarity.ms — Cisco Umbrella Rank: 7103
c.clarity.ms — Cisco Umbrella Rank: 1541
28 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 231
765 B
1 mh616.org
cloudflare.mh616.org
1 KB
0 baidu.com Failed
libs.baidu.com Failed
0 6969mv.cc Failed
cdn.6969mv.cc Failed
6969mv.cc Failed
19 6
Domain Requested by
10 lws.cn-witmed-106a.cyou 1 redirects lws.cn-witmed-106a.cyou
2 c.clarity.ms 1 redirects
2 r.clarity.ms www.clarity.ms
2 www.clarity.ms lws.cn-witmed-106a.cyou
www.clarity.ms
1 c.bing.com 1 redirects
1 cloudflare.mh616.org lws.cn-witmed-106a.cyou
0 libs.baidu.com Failed lws.cn-witmed-106a.cyou
0 6969mv.cc Failed lws.cn-witmed-106a.cyou
0 cdn.6969mv.cc Failed lws.cn-witmed-106a.cyou
19 9

This site contains no links.

Subject Issuer Validity Valid
lws.cn-witmed-106a.cyou
R3		 2024-05-26 -
2024-08-24		 3 months crt.sh
mh616.org
GTS CA 1P5		 2024-05-04 -
2024-08-02		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh

This page contains 1 frames:

Primary Page: https://lws.cn-witmed-106a.cyou/index.php/user/login
Frame ID: B6D80F826ADD6897B7B0EA9B4F33D5F0
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

登录

Page URL History Show full URLs

  1. https://lws.cn-witmed-106a.cyou/ HTTP 302
    https://lws.cn-witmed-106a.cyou/index.php/user/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

74 %
HTTPS

33 %
IPv6

6
Domains

9
Subdomains

6
IPs

2
Countries

549 kB
Transfer

760 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lws.cn-witmed-106a.cyou/ HTTP 302
    https://lws.cn-witmed-106a.cyou/index.php/user/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6C0495D524AD47A690207CD2DFBD66DC&RedC=c.clarity.ms&MXFR=0D06ACEFDE7E61072404B875DA7E6F5A HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6C0495D524AD47A690207CD2DFBD66DC&MUID=22E57DA54EF06DD72E74693F4F7B6C54

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
lws.cn-witmed-106a.cyou/index.php/user/
Redirect Chain
  • https://lws.cn-witmed-106a.cyou/
  • https://lws.cn-witmed-106a.cyou/index.php/user/login
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lws.cn-witmed-106a.cyou/index.php/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.212.132 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
76a3569a8a2b08031cf627f4009a759f931d22ee945304d228f018a84fc8baf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Mon, 10 Jun 2024 14:11:59 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/html
date
Mon, 10 Jun 2024 14:11:59 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/index.php/user/login
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
pintuer.css
lws.cn-witmed-106a.cyou/skin/css/ 		111 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lws.cn-witmed-106a.cyou/skin/css/pintuer.css
Requested by
Host: lws.cn-witmed-106a.cyou
URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.212.132 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
8c5ff7890346f6b409a58de15dee411e41b96ee8747bd35817d9d82493ecdc28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lws.cn-witmed-106a.cyou/index.php/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:11:59 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 30 Jun 2018 05:12:02 GMT
server
nginx
etag
W/"5b371122-1ba50"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Tue, 11 Jun 2024 02:11:59 GMT
admin.css
lws.cn-witmed-106a.cyou/skin/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lws.cn-witmed-106a.cyou/skin/css/admin.css
Requested by
Host: lws.cn-witmed-106a.cyou
URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.212.132 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
484d3ffec0e15776139e8f7753f6e662c427c1d56aa6a9472a9a83fdf16b2446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lws.cn-witmed-106a.cyou/index.php/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:11:59 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 30 Jun 2018 05:26:14 GMT
server
nginx
etag
W/"5b371476-105f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Tue, 11 Jun 2024 02:11:59 GMT
jquery-1.8.0.min.js
lws.cn-witmed-106a.cyou/skin/js/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lws.cn-witmed-106a.cyou/skin/js/jquery-1.8.0.min.js
Requested by
Host: lws.cn-witmed-106a.cyou
URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.212.132 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
f4b53b4822e850c51f542674fdc3498e1976035029acd9e689cde242207b1a0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lws.cn-witmed-106a.cyou/index.php/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:11:59 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 10 Aug 2023 05:28:54 GMT
server
nginx
etag
W/"64d47596-1698c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Tue, 11 Jun 2024 02:11:59 GMT
onload.js
lws.cn-witmed-106a.cyou/skin/admin/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lws.cn-witmed-106a.cyou/skin/admin/onload.js
Requested by
Host: lws.cn-witmed-106a.cyou
URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.212.132 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
d66efccaada4af8cac9ee076298bebacd3f39b58a3a326edd353e32566bb5c95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lws.cn-witmed-106a.cyou/index.php/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:11:59 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 10 Aug 2023 05:28:58 GMT
server
nginx
etag
W/"64d4759a-1cc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Tue, 11 Jun 2024 02:11:59 GMT
function.js
lws.cn-witmed-106a.cyou/skin/admin/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lws.cn-witmed-106a.cyou/skin/admin/function.js
Requested by
Host: lws.cn-witmed-106a.cyou
URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.212.132 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
a850ead959b97d4d58b325b58a2db753543b3475728c384c2db49afccee9eeee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lws.cn-witmed-106a.cyou/index.php/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:11:59 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 06:04:01 GMT
server
nginx
etag
W/"65ee9ed1-95f7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Tue, 11 Jun 2024 02:11:59 GMT
jquery-1.10.2.min_656a2.js
cloudflare.mh616.org/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloudflare.mh616.org/jquery-1.10.2.min_656a2.js
Requested by
Host: lws.cn-witmed-106a.cyou
URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9566f4af4fbaafef471fffeabc383c514f3541226632ede136985b42eb711c5f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lws.cn-witmed-106a.cyou/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:12:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 02 Jun 2024 13:21:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"665c71c5-49f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eEMrUc5QsqZf2J2%2BJrJpiF9EHWBCQV98g8tDkBkJmLnpQPV%2B0aTTyuutvpdM8AV%2BFUej8s1YqUrzqADb2MOhTpGE6ZFkmzlUt%2BMHPltOrNSAYcbYN153VEQYcKEPfXLncdzHBZws9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
8919f4288dfc5d3a-FRA
alt-svc
h3=":443"; ma=86400
layuimini.js
cdn.6969mv.cc/ 		0
0
jquery-1.10.2.min_656a2.js
6969mv.cc/ 		0
0
mm2vcvpavf
www.clarity.ms/tag/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/mm2vcvpavf
Requested by
Host: lws.cn-witmed-106a.cyou
URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
43bfced727c2c7e6760658154e6468e46e791ad0cd95eef77f511fd435a45d1f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lws.cn-witmed-106a.cyou/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Mon, 10 Jun 2024 14:12:00 GMT
x-azure-ref
20240610T141200Z-r1695cb7469fnd7s0snd2b6amn0000000bu000000000x7sx
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
1025
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
fontawesome-webfont.woff
libs.baidu.com/fontawesome/4.1.0/fonts/ 		0
0
fontawesome-webfont.ttf
libs.baidu.com/fontawesome/4.1.0/fonts/ 		0
0
bg.jpg
lws.cn-witmed-106a.cyou/skin/ 		441 KB
442 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lws.cn-witmed-106a.cyou/skin/bg.jpg
Requested by
Host: lws.cn-witmed-106a.cyou
URL: https://lws.cn-witmed-106a.cyou/skin/css/admin.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.212.132 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
cfc978bdc87050a3a4359024ab4806550cdfa2450d853016c91738346896262d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lws.cn-witmed-106a.cyou/skin/css/admin.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:12:00 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 30 Jun 2018 05:07:02 GMT
server
nginx
etag
"5b370ff6-6e461"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
451681
expires
Wed, 10 Jul 2024 14:12:00 GMT
tmbg-white.png
lws.cn-witmed-106a.cyou/skin/ 		1012 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lws.cn-witmed-106a.cyou/skin/tmbg-white.png
Requested by
Host: lws.cn-witmed-106a.cyou
URL: https://lws.cn-witmed-106a.cyou/skin/css/admin.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.212.132 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
cb8ba429a18502856a062c7a62e10c7bef7cf1b36cfa83c3ccbdcc30344b100f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lws.cn-witmed-106a.cyou/skin/css/admin.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:12:00 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 14 Apr 2016 17:27:04 GMT
server
nginx
etag
"570fd2e8-3f4"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1012
expires
Wed, 10 Jul 2024 14:12:00 GMT
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/mm2vcvpavf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lws.cn-witmed-106a.cyou/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:12:00 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240610T141200Z-r1695cb7469fnd7s0snd2b6amn0000000bu000000000x7ty
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
6c728f9f-801e-0015-2192-b53968000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
r.clarity.ms/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/x-clarity-gzip
Referer
https://lws.cn-witmed-106a.cyou/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://lws.cn-witmed-106a.cyou
Date
Mon, 10 Jun 2024 14:12:00 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6C0495D524AD47A690207CD2DFBD66DC&RedC=c.clarity.ms&MXFR=0D06ACEFDE7E61072404B875DA7E6F5A
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6C0495D524AD47A690207CD2DFBD66DC&MUID=22E57DA54EF06DD72E74693F4F7B6C54
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6C0495D524AD47A690207CD2DFBD66DC&MUID=22E57DA54EF06DD72E74693F4F7B6C54
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://lws.cn-witmed-106a.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 14:12:00 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 10 Jun 2024 14:12:01 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C1D4A8EE550945D789807E3E876DA5F1 Ref B: FRA31EDGE0513 Ref C: 2024-06-10T14:12:01Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6C0495D524AD47A690207CD2DFBD66DC&MUID=22E57DA54EF06DD72E74693F4F7B6C54
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
favicon.ico
lws.cn-witmed-106a.cyou/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lws.cn-witmed-106a.cyou/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.212.132 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
2cceb539467f587f59dabf4e8035b832e99cc8c11f6bd63c5dc38342eb0abe6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://lws.cn-witmed-106a.cyou/index.php/user/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 14:12:01 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 10 Apr 2019 13:55:56 GMT
server
nginx
etag
"5cadf5ec-47e"
content-type
image/x-icon
accept-ranges
bytes
content-length
1150
collect
r.clarity.ms/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/x-clarity-gzip
Referer
https://lws.cn-witmed-106a.cyou/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://lws.cn-witmed-106a.cyou
Date
Mon, 10 Jun 2024 14:12:02 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.6969mv.cc
URL
https://cdn.6969mv.cc/layuimini.js
Domain
6969mv.cc
URL
https://6969mv.cc/jquery-1.10.2.min_656a2.js
Domain
libs.baidu.com
URL
http://libs.baidu.com/fontawesome/4.1.0/fonts/fontawesome-webfont.woff?v=4.1.0
Domain
libs.baidu.com
URL
http://libs.baidu.com/fontawesome/4.1.0/fonts/fontawesome-webfont.ttf?v=4.1.0

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| playVoice function| defaultCloseModal function| goToDealWithCash function| goToDealWithRecharge function| CopyToClipboard function| debug function| success function| error function| warning function| info number| _TIP_ID function| _info function| load function| setPosition function| defaultPageAction function| defaultReplacePageAction function| checkStatus function| beforeAddMember function| addMember function| userDataBeforeSubmitCode function| userDataSubmitCode function| betinfoDataBeforeSubmitCode function| betinfoDataSubmitCode function| nothin function| dataPageAction function| dataAddCode function| dataBeforeSubmitCode function| addTime function| beforeAddTime function| dataSubmitCode function| setKj function| reload function| defaultError function| defaultSuccess function| defaultAjaxLink function| deleKaijiang function| cashLogDelete function| rechargModal function| rechargeSubmitCode function| GetUserCoin function| rechargUserModal function| rechargeUserSubmitCode function| GetUserCoin2 function| GetUserCoin3 function| rechargUserModal2 function| viewBetList function| rechargeBeforeSubmit function| defaultSearch function| defaultList function| betLogSearchPageAction function| addUserCountModal function| memberAddUserCount function| manageAddManagerModal function| payAddModal function| BeforeAddpay function| Addpay function| payDelete function| manageBeforeAddManager function| manageAddManager function| manageDeleteManager function| manageBackNormalManager function| beforeClearManager function| manageClearManager function| manageChangePwdModal function| shareBonusModal function| bonusLogModal function| manageBeforeChangePwd function| bonusBeforeShare function| manageChangePwd function| shareBonusHandle function| bonusLogDealWith function| bonusLogDelete function| sysAddBox function| sysReloadBox function| sysSettingsBefor function| sysSettings function| conCommHandle function| lossCommHandle function| sysAddNotice function| sysReloadNotice function| sysBeforeUpdateNotice function| beforeUpdateNotice function| doUpdateNotice function| sysEditBank function| sysEditBanklist function| sysAddBank function| onUpdateCompile function| onUpdateCompile2 function| winjinAlert function| sysReloadBank function| ReloadBanklist function| memberEditBank function| memberReloadBank function| sysBeforeUpdateType function| sysUpdateType function| sysBeforeUpdateTime function| sysUpdateTime function| reloadPlayed function| sysBeforeUpdatePlayed function| playedInfoDataBeforeSubmitCode function| playedInfoDataSubmitCode function| playedAddInfoDataBeforeSubmitCode function| playedAddInfoDataSubmitCode function| playedAddGroupDataBeforeSubmitCode function| playedAddGroupDataSubmitCode function| playedAddTypeDataBeforeSubmitCode function| playedAddTypeDataSubmitCode function| serviceOpen function| serviceAddNew function| serviceDel function| serviceSave function| scoreEditGoods function| addCards function| cardsUpdateCompile function| goodsUpdateCompile function| scoreReloadGoods function| pointHandle function| goodsHandle function| clearDataBefor function| clearDataSuccess function| TSuccess function| clearDataBefor2 function| clearDataSuccess2 function| setMemberLevel function| reloadUserCount function| sysBeforeUpdateUserCount function| sysReloadUserCount function| clearUsersBefor function| dataBackup function| sysReloadBackup function| sysBeforeActionBackup function| Pid function| ghhs function| ignoreSpaces function| fabuxiaoxi function| eventsHandle function| eventEditEvents function| eventUpdateCompile function| eventReload function| addLeavl function| memberReloadLeavl function| onUpdateCompile3 function| beforeAddLeavl function| afterLeavl function| leavlDataBeforeSubmitCode function| memberEditLeavl function| userRepathSubmitCode function| userRepathBeforeSubmitCode function| playedAddTipDataBeforeSubmitCode function| playedAddTipDataSubmitCode function| goto function| checkLogin function| doLogin string| u undefined| myTime undefined| _hmt undefined| setCookie undefined| getCookie function| clarity

11 Cookies

Domain/Path Name / Value
lws.cn-witmed-106a.cyou/ Name: PHPSESSID
Value: 3f2a6800b522b05a8826c71bb3bd902d
www.clarity.ms/ Name: CLID
Value: 3187f3b68c64478da056956b618f319d.20240610.20250610
.cn-witmed-106a.cyou/ Name: _clck
Value: 1915eo5%7C2%7Cfmi%7C0%7C1622
.cn-witmed-106a.cyou/ Name: _clsk
Value: d5v5lg%7C1718028720959%7C1%7C0%7Cr.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 22E57DA54EF06DD72E74693F4F7B6C54
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 22E57DA54EF06DD72E74693F4F7B6C54
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 22E57DA54EF06DD72E74693F4F7B6C54
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

19 Console Messages

Source Level URL
Text
network error URL: https://cdn.6969mv.cc/layuimini.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://lws.cn-witmed-106a.cyou/index.php/user/login(Line 83)
Message:
Mixed Content: The page at 'https://lws.cn-witmed-106a.cyou/index.php/user/login' was loaded over HTTPS, but requested an insecure font 'http://libs.baidu.com/fontawesome/4.1.0/fonts/fontawesome-webfont.woff?v=4.1.0'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://lws.cn-witmed-106a.cyou/index.php/user/login(Line 83)
Message:
Mixed Content: The page at 'https://lws.cn-witmed-106a.cyou/index.php/user/login' was loaded over HTTPS, but requested an insecure font 'http://libs.baidu.com/fontawesome/4.1.0/fonts/fontawesome-webfont.ttf?v=4.1.0'. This request has been blocked; the content must be served over HTTPS.
recommendation verbose URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
other warning URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lws.cn-witmed-106a.cyou/index.php/user/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000