Submitted URL: http://imgzip.landaiqing.space/
Effective URL: https://imgzip.landaiqing.space/
Submission Tags: @phish_report
Submission: On July 31 via api from FI — Scanned from AU

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 19 HTTP transactions. The main IP is 47.109.101.237, located in Chengdu, China and belongs to ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN. The main domain is imgzip.landaiqing.space.
TLS certificate: Issued by R10 on July 30th 2024. Valid for: 3 months.
This is the only time imgzip.landaiqing.space was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 47.109.101.237 37963 (ALIBABA-C...)
3 172.217.167.98 15169 (GOOGLE)
2 142.250.66.226 15169 (GOOGLE)
2 172.217.167.97 15169 (GOOGLE)
1 142.250.204.4 15169 (GOOGLE)
19 6
Apex Domain
Subdomains
Transfer
10 landaiqing.space
imgzip.landaiqing.space
451 KB
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
215 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
1 google.com
www.google.com — Cisco Umbrella Rank: 10
19 4
Domain Requested by
10 imgzip.landaiqing.space imgzip.landaiqing.space
3 pagead2.googlesyndication.com imgzip.landaiqing.space
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
19 5

This site contains links to these domains. Also see Links.

Domain
www.beian.miit.gov.cn
landaiqing.space
Subject Issuer Validity Valid
imgzip.landaiqing.space
R10
2024-07-30 -
2024-10-28
3 months crt.sh
*.g.doubleclick.net
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
tpc.googlesyndication.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh

This page contains 5 frames:

Primary Page: https://imgzip.landaiqing.space/
Frame ID: ECF7F817A194D8994F79652A94D2CAA1
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240729/r20110914/zrt_lookup_fy2021.html
Frame ID: 38BDC405C758FAC6CECAB5914EBE286B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7019141266194371&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1699791556&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fimgzip.landaiqing.space%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~34~32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=29~34~32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_7~30_19&aiixl=29_5~32_9~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1722406124381&bpp=3&bdt=310&idt=729&shv=r20240729&mjsv=m202407250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6960050547707&frm=20&pv=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532524%2C44795922%2C95334524%2C95334830%2C95337027%2C95337870%2C95338242%2C95336521%2C95339220%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3366288322721617&tmod=503665967&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1290%2C1170%2C1290%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=751
Frame ID: 67433F12206653BB9EFCBAE6F8B6CCB0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E4E163BAB18311842CA510DC655490E1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 93D5C52216750F1D474C49F387415C75
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

在线批量压缩图片 - 纯浏览器端解决方案 - image compress by browser

Page URL History Show full URLs

  1. http://imgzip.landaiqing.space/ HTTP 307
    https://imgzip.landaiqing.space/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

19
Requests

95 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

6
IPs

3
Countries

666 kB
Transfer

1377 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://imgzip.landaiqing.space/ HTTP 307
    https://imgzip.landaiqing.space/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
imgzip.landaiqing.space/
Redirect Chain
  • http://imgzip.landaiqing.space/
  • https://imgzip.landaiqing.space/
9 KB
4 KB
Document
General
Full URL
https://imgzip.landaiqing.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
47.109.101.237 Chengdu, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
c76856a5f6fdba5994d006c8c28932cbdf35980b528eff1ed5b40db8b045eb17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 31 Jul 2024 06:08:43 GMT
etag
W/"6550c2c4-223d"
last-modified
Sun, 12 Nov 2023 12:19:16 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

Location
https://imgzip.landaiqing.space/
Non-Authoritative-Reason
HttpsUpgrades
index.b5983cde.js
imgzip.landaiqing.space/assets/
12 KB
5 KB
Script
General
Full URL
https://imgzip.landaiqing.space/assets/index.b5983cde.js
Requested by
Host: imgzip.landaiqing.space
URL: https://imgzip.landaiqing.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
47.109.101.237 Chengdu, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
5c2a96309a8aa170163c76b772d8f47fab8280fd72eade29d7ff784102b73a8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
Origin
https://imgzip.landaiqing.space
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Jul 2024 06:08:44 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 06 Nov 2023 15:04:56 GMT
server
nginx
etag
W/"65490098-30dd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Wed, 31 Jul 2024 18:08:44 GMT
vendor.4b88e2d9.js
imgzip.landaiqing.space/assets/
460 KB
161 KB
Script
General
Full URL
https://imgzip.landaiqing.space/assets/vendor.4b88e2d9.js
Requested by
Host: imgzip.landaiqing.space
URL: https://imgzip.landaiqing.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
47.109.101.237 Chengdu, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
fc1a9f525a14ebda4d5dbe825393c08ae1923b764ee555766fe2a058cf6f116c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
Origin
https://imgzip.landaiqing.space
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Jul 2024 06:08:44 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 06 Nov 2023 15:04:56 GMT
server
nginx
etag
W/"65490098-72ff9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Wed, 31 Jul 2024 18:08:44 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
159 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019141266194371
Requested by
Host: imgzip.landaiqing.space
URL: https://imgzip.landaiqing.space/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
d29a7669257c55217f08cfa0de68cb20e7e2ea3c570a9a167db0e044c002019e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://imgzip.landaiqing.space
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Jul 2024 06:08:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53464
x-xss-protection
0
server
cafe
etag
126060381962702258
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 31 Jul 2024 06:08:44 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407250101/
424 KB
143 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407250101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019141266194371
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
96300a28d9ebb78d3c8c08c43993e6ee0699dcbde1089d074276a40715dd7cff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Jul 2024 06:08:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146612
x-xss-protection
0
server
cafe
etag
7663847145197505933
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jul 2024 06:08:44 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240729/r20110914/ Frame 38BD
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240729/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

age
51160
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jul 2024 15:56:05 GMT
etag
2738592464165616
expires
Tue, 13 Aug 2024 15:56:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6743
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7019141266194371&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1699791556&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fimgzip.landaiqing.space%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~34~32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=29~34~32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_7~30_19&aiixl=29_5~32_9~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1722406124381&bpp=3&bdt=310&idt=729&shv=r20240729&mjsv=m202407250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6960050547707&frm=20&pv=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532524%2C44795922%2C95334524%2C95334830%2C95337027%2C95337870%2C95338242%2C95336521%2C95339220%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3366288322721617&tmod=503665967&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1290%2C1170%2C1290%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=751
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
4519
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jul 2024 06:08:45 GMT
expires
Wed, 31 Jul 2024 06:08:45 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
image-upload.e26f5b1e.svg
imgzip.landaiqing.space/assets/
2 KB
2 KB
Image
General
Full URL
https://imgzip.landaiqing.space/assets/image-upload.e26f5b1e.svg
Requested by
Host: imgzip.landaiqing.space
URL: https://imgzip.landaiqing.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
47.109.101.237 Chengdu, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e26f5b1e4bea0664fbb62ebe4395ce98329930307bb7e19ceb123e3b4ecc23cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Jul 2024 06:08:45 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 06 Nov 2023 15:04:56 GMT
server
nginx
etag
"65490098-620"
content-type
image/svg+xml
accept-ranges
bytes
content-length
1568
reward.41e73d18.jpg
imgzip.landaiqing.space/assets/
45 KB
45 KB
Image
General
Full URL
https://imgzip.landaiqing.space/assets/reward.41e73d18.jpg
Requested by
Host: imgzip.landaiqing.space
URL: https://imgzip.landaiqing.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
47.109.101.237 Chengdu, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
41e73d18b7f56fbf28a477310be0954b7aaa4a12fcf5d61b18a0aa8710fd6d67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Jul 2024 06:08:45 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 06 Nov 2023 15:04:56 GMT
server
nginx
etag
"65490098-b49e"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
46238
expires
Fri, 30 Aug 2024 06:08:45 GMT
bg.38f077d1.jpg
imgzip.landaiqing.space/assets/
214 KB
215 KB
Image
General
Full URL
https://imgzip.landaiqing.space/assets/bg.38f077d1.jpg
Requested by
Host: imgzip.landaiqing.space
URL: https://imgzip.landaiqing.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
47.109.101.237 Chengdu, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
38f077d168cd29bc70ff0fa4e8ad1cb18cdf7976a85a4ecf815fd29270c98207
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://imgzip.landaiqing.space/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Jul 2024 06:08:45 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 06 Nov 2023 15:04:56 GMT
server
nginx
etag
"65490098-359a4"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
219556
expires
Fri, 30 Aug 2024 06:08:45 GMT
clear.7401b5a6.svg
imgzip.landaiqing.space/assets/
2 KB
2 KB
Image
General
Full URL
https://imgzip.landaiqing.space/assets/clear.7401b5a6.svg
Requested by
Host: imgzip.landaiqing.space
URL: https://imgzip.landaiqing.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
47.109.101.237 Chengdu, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
7401b5a69ccb300495411625d30cdf6bffb71d2f1e4c2e84b7c9ef08d8ec3c29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://imgzip.landaiqing.space/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Jul 2024 06:08:45 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 06 Nov 2023 15:04:56 GMT
server
nginx
etag
"65490098-6a7"
content-type
image/svg+xml
accept-ranges
bytes
content-length
1703
zip.98344319.svg
imgzip.landaiqing.space/assets/
736 B
892 B
Image
General
Full URL
https://imgzip.landaiqing.space/assets/zip.98344319.svg
Requested by
Host: imgzip.landaiqing.space
URL: https://imgzip.landaiqing.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
47.109.101.237 Chengdu, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
983443193be5a33f154a036e65561b03b96c56d476446b9a021f4f2b49d070a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://imgzip.landaiqing.space/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Jul 2024 06:08:45 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 06 Nov 2023 15:04:56 GMT
server
nginx
etag
"65490098-2e0"
content-type
image/svg+xml
accept-ranges
bytes
content-length
736
info.738449d4.svg
imgzip.landaiqing.space/assets/
777 B
934 B
Image
General
Full URL
https://imgzip.landaiqing.space/assets/info.738449d4.svg
Requested by
Host: imgzip.landaiqing.space
URL: https://imgzip.landaiqing.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
47.109.101.237 Chengdu, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
738449d49b5704e0e55b98652c91fbf5176afb549bc20dd8d53420d0167129d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://imgzip.landaiqing.space/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Jul 2024 06:08:45 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 06 Nov 2023 15:04:56 GMT
server
nginx
etag
"65490098-309"
content-type
image/svg+xml
accept-ranges
bytes
content-length
777
sodar
pagead2.googlesyndication.com/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240729&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
3148e767c82315aafd96e1a4ef7119b74087ee66304544bdd6f168a42cb23ba6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Jul 2024 06:08:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12919
x-xss-protection
0
favicon.1285345e.ico
imgzip.landaiqing.space/assets/
15 KB
15 KB
Other
General
Full URL
https://imgzip.landaiqing.space/assets/favicon.1285345e.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
47.109.101.237 Chengdu, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
1285345e6fd32ab5a65ff2e776bfc4c6a84987bc66500d4870cdb4c131f93901
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Jul 2024 06:08:46 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 06 Nov 2023 15:04:56 GMT
server
nginx
etag
"65490098-3aee"
content-type
image/x-icon
accept-ranges
bytes
content-length
15086
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407250101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Jul 2024 06:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 31 Jul 2024 06:08:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E4E1
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ranges
bytes
age
41240
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jul 2024 18:41:26 GMT
expires
Wed, 30 Jul 2025 18:41:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 93D5
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.4 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-flzw18nJXRgporYasQRJtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'nonce-flzw18nJXRgporYasQRJtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jul 2024 06:08:46 GMT
expires
Wed, 31 Jul 2024 06:08:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240729&jk=3366288322721617&bg=!qqmlqebNAAZTFZZkcxU7ADQBe5WfOJgHG9DEgWwj4s04PzXFN6N8lSVI-YFfEsPGT-tOn39Hn0U6OTMPFJwknskrP2huAgAAADlSAAAAA2gBB34ANau_BH577HIjIjCoYLapN2EXzvYXW9O0q2zEka5g_sPFeGo7vRrMfP2TVaIkLfMqfLnyG4D8CgApKKl2FR27rIGWJbaREGKishNpPtt2mIddGVwCsmu9u9h2vQ6xkQiHEqWZAsHB6E1vhDIFObw5vdy4I08n8zVI8WTjypu7wjdA0ztcyogLAmw2tyj6uxiATu5q94Oy20mRyfMJHcmECHSMs-CWRkvg5cX6HqZhSoVGr8_RqCmmrE_uAlPEqOpw3dBfWz8RZW2_q4LPuxWyfWOQ_EW4pxdvfAtsXuy4oK5bfiL-FNG0v-U6eS7L27x9SF7XsXmVFLAqPjiVVbbDyiPgV0i73-NQpJVSd-JBE3sztXKv3T7-BOdo-_4k1E3v_kPSAz2jZJAcUNidm4irDgwdV2SiSZn0ZvHGb749xVG1POJUQYRl8mk8j6P2zEMldxyQUa2Ipk5yz_2b65_KnDXCXQnlW41ZpHMRNA5zLumvx-7vnWLQoZ-cdWEZ16xYR0ZJRT59q6kDPniVGESm5AZl_b0sYQNbwqxNccLNEc-QXy2XWYZmNsxpFTx1s7pLyGcAfqAVEYQV8XpJIuobeMFGFAdDMTtukhHnR4FdMHfR_eamjndfl0rnQJOnK-iVh2eHeBTws6voqe7h-gfic-WGurOWwkmwRqdyrYkuYU98SyfLbogvyJwzIJXPCoCoyksFQ6PQ5uCvpnhKEakfM5rwOvsEPIkZhu4Rtuq_Kbuj0CJV0a5L7zhcy4xmsVd3L4TtAoYzHMg7F4rkJnAxVucLw9wbJRBXtAwJOwubL4VSkrkPYy7Kam3Nl28QRFD43Rkbg1yILFlRg_VtVIKbM4hukPwsaJfScE_RboYeCkQjoNkBnTYptwYJxlmXawn7IHCijpeNzxo4ax4MjGGS280b1r2rOanYeNtdjH26oxYgCJqGTguQbtBLQaGuioI26RD0oPM4GVdnjEavsKQ-_XrNfjwpmr64jmCRUzKOmp1ojugmAx-qmVPFEOPr4QYKFQ-H_steqbfIlvimHzy_IZt_9IBX2chHR6aqsLFF_zA1ipcnAsU

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| saveAs object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000