bnd.ehsanshiresavom.workers.dev Open in urlscan Pro
2606:4700:3030::6815:4629  Public Scan

URL: https://bnd.ehsanshiresavom.workers.dev/
Submission: On April 23 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 50 HTTP transactions. The main IP is 2606:4700:3030::6815:4629, located in United States and belongs to CLOUDFLARENET, US. The main domain is bnd.ehsanshiresavom.workers.dev.
TLS certificate: Issued by GTS CA 1P5 on March 5th 2024. Valid for: 3 months.
This is the only time bnd.ehsanshiresavom.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 19 172.67.219.114 13335 (CLOUDFLAR...)
1 2408:8720:806... 4837 (CHINA169-...)
2 14.215.182.140 4134 (CHINANET-...)
1 240e:f7:7c00:... 136190 (CHINATELE...)
1 240d:c000:201... 132203 (TENCENT-N...)
50 7
Apex Domain
Subdomains
Transfer
20 workers.dev
bnd.ehsanshiresavom.workers.dev
user.workers.dev Failed
87 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 10244
12 KB
1 qcloud.com
turing.captcha.qcloud.com — Cisco Umbrella Rank: 112396
27 KB
1 cnzz.com
s95.cnzz.com — Cisco Umbrella Rank: 195079
369 B
1 guancha.cn
i.guancha.cn Failed
user.guancha.cn — Cisco Umbrella Rank: 518612
2 KB
0 gtimg.com Failed
turing.captcha.gtimg.com Failed
0 admaster.com.cn Failed
v.admaster.com.cn Failed
50 7
Domain Requested by
20 bnd.ehsanshiresavom.workers.dev 1 redirects bnd.ehsanshiresavom.workers.dev
2 hm.baidu.com bnd.ehsanshiresavom.workers.dev
1 turing.captcha.qcloud.com user.guancha.cn
1 s95.cnzz.com bnd.ehsanshiresavom.workers.dev
1 user.guancha.cn bnd.ehsanshiresavom.workers.dev
0 turing.captcha.gtimg.com Failed turing.captcha.qcloud.com
0 user.workers.dev Failed user.guancha.cn
0 v.admaster.com.cn Failed bnd.ehsanshiresavom.workers.dev
0 i.guancha.cn Failed bnd.ehsanshiresavom.workers.dev
50 9

This site contains links to these domains. Also see Links.

Domain
user.guancha.cn
m.guancha.cn
weibo.com
member.guancha.cn
Subject Issuer Validity Valid
ehsanshiresavom.workers.dev
GTS CA 1P5
2024-03-05 -
2024-06-03
3 months crt.sh
*.guancha.cn
TrustAsia RSA DV TLS CA G2
2024-04-10 -
2025-05-10
a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018
2023-07-06 -
2024-08-06
a year crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G3
2024-02-17 -
2025-03-20
a year crt.sh
*.turing.captcha.qcloud.com
DigiCert Secure Site CN CA G3
2024-03-27 -
2025-04-27
a year crt.sh

This page contains 2 frames:

Primary Page: https://bnd.ehsanshiresavom.workers.dev/
Frame ID: C16E22BBEAC29F20FF61BBB4C7D45CCC
Requests: 49 HTTP requests in this frame

Frame: https://v.admaster.com.cn/i/a120083,b3097467,c4721,i0,m202,8a1,8b3,h
Frame ID: B839E6FA031DC5BE113CF427CB829B83
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

观察者网

Detected technologies

Overall confidence: 100%
Detected patterns
  • /TCaptcha\.js

Overall confidence: 100%
Detected patterns
  • //[^./]+\.cnzz\.com/(?:z_stat.php|core)\?

Overall confidence: 100%
Detected patterns
  • sensorsdata

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

46 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

128 kB
Transfer

550 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://bnd.ehsanshiresavom.workers.dev/js/jquery-3.6.0.min.js HTTP 307
  • https://bnd.ehsanshiresavom.workers.dev/js/jquery-3.6.0.min.js

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bnd.ehsanshiresavom.workers.dev/
341 KB
58 KB
Document
General
Full URL
https://bnd.ehsanshiresavom.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4629 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af02ad7089b6af45750b1131525460b5229a3b341cd0f718708fc9c918a4d7eb

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
57
alt-svc
h3=":443"; ma=86400
cache-control
max-age=60
cf-cache-status
DYNAMIC
cf-ray
878adbcf1daa9162-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Apr 2024 03:45:04 GMT
last-modified
Tue, 23 Apr 2024 03:30:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1NfAbGs6LOJ3FgwnQjeSHvXLM57x75khwpDRpM5qd1VMk3F5bw4PYMbusRfxSWSC%2BRkixkYUR2i%2BToj5eM7hoxECxALG9uAMfu%2FODsKb7zJKF3Zweqm3ugv9ifE8NqD454fyyko%2FafPneBdDEvDyUbocA%2Fh0xcjmkXLqoZAd"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache-lookup
Cache Hit
x-nws-log-uuid
8475509140106186023
public.css
bnd.ehsanshiresavom.workers.dev/css/
65 KB
15 KB
Stylesheet
General
Full URL
https://bnd.ehsanshiresavom.workers.dev/css/public.css?20240302
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
222875f01df6d182f133ed022ba9a00505e1e0c5d07a6a11ee49890e0fc73d98

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 03:45:05 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 02 Mar 2024 15:51:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-lookup
Cache Hit
server
cloudflare
etag
W/"65e34b06-102e7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ElsMTWCBlDFBN2qIJQXsYThK4qQTzjTs%2FcIJZbf1yIfyw3WZjIevBz1R%2Bg%2BuLJJzcJy%2BQfUFv8imX2Y8rWfZcCS7E7w%2BMukXAGsTkDmZclsB6%2FmguvjpacOOZOPUB1z8OxE5eqHPYHchQj%2BbkkqI4fj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=864000
x-nws-log-uuid
14707080226731367208
cf-ray
878adbd43bc965b5-FRA
alt-svc
h3=":443"; ma=86400
main.css
bnd.ehsanshiresavom.workers.dev/css/
0
0
Stylesheet
General
Full URL
https://bnd.ehsanshiresavom.workers.dev/css/main.css?20221212
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 03:45:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AMjpYn3mO8g0IJEBqinuxZzg0YlIcIUD65K6vg75twbKk17iAdQxxhXpHKo%2FK%2BiUpJC0OQUsEka8FzRV%2BesH1Zafembr32cigq0ZxE12q%2BEKgSVrjo3tTjvnKCu5UjpU7pdKPXCQiOrj6926LbK7y2Gq"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
878adbd43bcc65b5-FRA
alt-svc
h3=":443"; ma=86400
content-length
40
olympics.css
bnd.ehsanshiresavom.workers.dev/css/
0
0
Stylesheet
General
Full URL
https://bnd.ehsanshiresavom.workers.dev/css/olympics.css?20230930
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 03:45:04 GMT
via
cache14.l2nu20-1[46,0], ens-cache8.de5[221,0]
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qCvF4gsfqRM90X83tfD116GFUms5HQmXf05oVu7kVwMRvC98ytZwcCk%2Flibl8puw9TYSbea21xyk6KzE1g9nOUiYTVT3lRtP0yIBn81DvAhJQqC10dTU8eFWVqs4RbaN1uacnEyD7jW0GqWMjkjx7%2FbX"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
878adbd43bcd65b5-FRA
timing-allow-origin
*
x-alicdn-da-ups-status
endOs,0,404
eagleid
a3b55c9c17138439047115130e
alt-svc
h3=":443"; ma=86400
jquery-3.6.0.min.js
bnd.ehsanshiresavom.workers.dev/js/
Redirect Chain
  • https://bnd.ehsanshiresavom.workers.dev/js/jquery-3.6.0.min.js
  • https://bnd.ehsanshiresavom.workers.dev/js/jquery-3.6.0.min.js
0
0
Script
General
Full URL
https://bnd.ehsanshiresavom.workers.dev/js/jquery-3.6.0.min.js
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/
Protocol
H3
Server
172.67.219.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536001

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bnd.ehsanshiresavom.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Tue, 23 Apr 2024 03:45:05 GMT
strict-transport-security
max-age=31536001
via
1.1 varnish
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/html; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yXXy%2FMjzgG1oanLlYre44XPBmQwbRWsNsE8PcdaBCfi9K1k1d3ShqLFNwixdlxvYc4I%2FaDxCaZwF%2FSr1Ml00s2%2BtfzYr%2Bd0w7zi4L8W4INpFJIQlfohdcvD%2F1TErVncmvrvhc0jx2%2FF4RQNX6n04fQk4"}],"group":"cf-nel","max_age":604800}
cf-ray
878adbd7ee1865b5-FRA
alt-svc
h3=":443"; ma=86400
x-served-by
e11, cache-iad-kcgs7200124-IAD, cache-fra-eddf8230020-FRA

Redirect headers

pragma
no-cache
date
Tue, 23 Apr 2024 03:45:05 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Zbtq6MLaiAsGcSZRYd8MOQyfUsadH4hRMLtNdbaBMzQEcVA5dg3lxhrGeMrGGn3edWmG3ogwJ5sj2Qmtg98Qv4d40qjFCje5OtptoeJ2tT4CJRJ8He9KqKVNA%2Fpy9PyV%2BMsy%2B%2Bwb3Ha%2BE7l6qa4x%2BFn"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
/js/jquery-3.6.0.min.js
cache-control
no-cache, no-store
cf-ray
878adbd43bcf65b5-FRA
alt-svc
h3=":443"; ma=86400
mian-logo.png
bnd.ehsanshiresavom.workers.dev/images/
40 B
40 B
Image
General
Full URL
https://bnd.ehsanshiresavom.workers.dev/images/mian-logo.png
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c037511f57888d5db5414d29521d419aa31f055e3fc9bf24b13905816e7316d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 03:45:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gdu8umRB8xy2GEc%2Fu3JjDJKbKa%2BysQoo4TKPJi%2BJeHhAa8oReMj7gW0IJMifFayQXnZspeXtJrHm%2BfIQ2FuyhWyosN9Axnr1JpB7%2ByyM0%2FXldWaK9T%2FthEQro00Ho2PFqPDHnmn50FGnhVrJ%2FygHBoaG"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
878adbd43bd065b5-FRA
alt-svc
h3=":443"; ma=86400
content-length
40
vip-diamond.gif
i.guancha.cn/
0
0

app-erweima.png
i.guancha.cn/
0
0

xinhomepage.png
i.guancha.cn/
0
0

20240423101015925.jpg
i.guancha.cn/news/2024/04/23/
0
0

left-gcy.jpg
i.guancha.cn/
0
0

middle-top-frame.jpg
i.guancha.cn/
0
0

blueV.png
i.guancha.cn/
0
0

yellowV.png
i.guancha.cn/
0
0

redV.png
i.guancha.cn/
0
0

noV.png
i.guancha.cn/
0
0

beian-icon.png
bnd.ehsanshiresavom.workers.dev/images/
2 KB
2 KB
Image
General
Full URL
https://bnd.ehsanshiresavom.workers.dev/images/beian-icon.png
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94349c60becc8d700d2e08fc11b89f03adc11d3081d4bfd9fecfa1cea8ed9d49
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 03:45:07 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RDfB%2Ftdb9yZhiHl7V3NtHq4QhjsK2n5awgm6tgF6ir8YBRT7LHvZobGgpZUn9TtufAIf53CJfQ555YnjhfHnArVSxNpWvWM5%2BXKkFcPPuqhttNn1Prr%2FmcGA0t23Ig2pwp1f%2Bmm8Qi3jOrolnZhcXKvK"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-ray
878adbd9cf7365b5-FRA
alt-svc
h3=":443"; ma=86400
jubao-icon.png
bnd.ehsanshiresavom.workers.dev/images/
918 B
918 B
Image
General
Full URL
https://bnd.ehsanshiresavom.workers.dev/images/jubao-icon.png
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a1c1fb221816cea456cf003e8fd4e2c5f083895941cc6ebcf7cb478b207c20d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 03:45:06 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-douban-newbid
unS5guK0Km0
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bllxjes4KSHYXnjlEuoVYO1ZW9LL9PRpCGza1uLW0O5xdbM%2FSL1uYYnTtA6K1pBEuU9f7PDe56lRDx8mqFJlxecjoqp7sxzUs%2Bq%2Bq%2Bzvr1m2pAJ69QmqQXS0ssHuUCa%2B47RthIniopVuIhQw6l2lOKf6"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
878adbd9cf7465b5-FRA
alt-svc
h3=":443"; ma=86400
wangxinban_jubao.png
bnd.ehsanshiresavom.workers.dev/images/
43 B
43 B
Image
General
Full URL
https://bnd.ehsanshiresavom.workers.dev/images/wangxinban_jubao.png
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d55b37c646e6bb26e27154aeb5fd15edc1601465a033973b9d1ca107a49e120

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 03:45:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7F0uADOXo9Nf53yexRkNj3fIpYjIMveMaRkGeENw3ZCX8FuAjlpkWQ11e%2FJ0kpH%2F3X%2BB8zO0yGhUhkWgutQyOdWYz7GYTiKhFGmW1jRqy%2Bxrn1f%2BX4LZmXIEmYrZ%2BJiLioPJO16jG9LZWxNgtOqAk8aj"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
878adbd9cf7665b5-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
gotop.png
bnd.ehsanshiresavom.workers.dev/images/
40 B
40 B
Image
General
Full URL
https://bnd.ehsanshiresavom.workers.dev/images/gotop.png
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c037511f57888d5db5414d29521d419aa31f055e3fc9bf24b13905816e7316d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 03:45:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xQI5yZyBvjAP%2FK%2FBuKhpzWybdSHSCCmxLI6Wqab%2FRP9jidFO6JkSkTKjuLyUOcnhzn80xeTU0RDYKyq5laK8%2BrLVwnuMHWUo6mRRgxDtPi1xBdYExh9oNqfAhFFVeiMtm6DlQ%2BqLZ%2BeyJALwdot8cBWf"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
878adbd9cf7765b5-FRA
alt-svc
h3=":443"; ma=86400
content-length
40
sensorsdata.min.js
bnd.ehsanshiresavom.workers.dev/js/
0
0
Script
General
Full URL
https://bnd.ehsanshiresavom.workers.dev/js/sensorsdata.min.js
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 23 Apr 2024 03:45:06 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MBlaRw%2Bh8ALSXoo57URmeMiIAkdl3Y2XQv%2FmfVr1hpwvyi1BHuYDVxwmcC76l9MQQ1lycbSGX0NVBoH1rp2Pmxw1%2BB75rTYWykCFj3IVfLPbJzMp1YQxBGamK1oWqRV9nYDS%2F%2Fj6Yyrjci9XKnGvDGzA"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
cache-control
no-cache
cf-ray
878adbd9cf6b65b5-FRA
alt-svc
h3=":443"; ma=86400
sensor.js
bnd.ehsanshiresavom.workers.dev/js/
0
0
Script
General
Full URL
https://bnd.ehsanshiresavom.workers.dev/js/sensor.js?20211230
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 03:45:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vFpwcplCOpc4WqkADf3yHDPsqHrlL%2FmHJ8hjaWKYD0vcWtTb9iFQKNSIyl2bEHLe%2Bi4T8G8O7yweoy%2BlU0HrZRpE%2BOSQoRTP3UxsTeHHBvp%2BK1XAPBpymkIQ%2Bf0wtgTy%2BG16nXv1ZII4TeUGxi%2BSaulk"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
878adbd9cf6c65b5-FRA
alt-svc
h3=":443"; ma=86400
content-length
40
comments-plugin-cms.js
user.guancha.cn/static/js/
3 KB
2 KB
Script
General
Full URL
https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2408:8720:806:300:70::88 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx /
Resource Hash
7babbc9915bcce727bce6e60885d50429e3ab9a09523431da38741bf51e36d8a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Jan 2024 08:38:55 GMT
Content-Encoding
gzip
X-Cache-Lookup
Cache Hit
Last-Modified
Mon, 22 Jan 2024 07:29:25 GMT
Server
nginx
Etag
"65ae1955-d0e"
Content-Type
application/javascript; charset=utf-8
Access-control-allow-credentials
true
X-NWS-LOG-UUID
7704784906629520464
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1196
jquery.lazyload.js
bnd.ehsanshiresavom.workers.dev/js/
0
0
Script
General
Full URL
https://bnd.ehsanshiresavom.workers.dev/js/jquery.lazyload.js
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 03:45:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4bU6fRnjSbP0wF6WofmhLNPSucHC09Nbn7rZB4odNYyQsysucCuJPUl2Yv93Z6G1pvDrCs3uoQk%2FZqG62Vgae3atHxpPUI6N9wHrMK57tuJ6nMqO5ipb3mNY43dx05QvB6YLQTuDkIhrp%2Bvd7gn0vDqQ"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
878adbd9cf6d65b5-FRA
alt-svc
h3=":443"; ma=86400
content-length
44
base.js
bnd.ehsanshiresavom.workers.dev/js/
5 KB
2 KB
Script
General
Full URL
https://bnd.ehsanshiresavom.workers.dev/js/base.js
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7415b09d460cc6d66a25c2bdebd4abeafc96bd4c9e3db12fe11472b1b21f52e3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 03:45:05 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdnsip
173.222.108.56
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713843905581_2917035060_555150871_52_487_6_7_15";dur=1
alt-svc
h3=":443"; ma=86400
cdncip
1.2.3.4
x-ua-compatible
IE=EmulateIE7
x-ak-request-id
0.346cdead.1713843905.2116ee17
last-modified
Sat, 29 Dec 2018 12:44:47 GMT
server
cloudflare
etag
W/"0x8D66D8B6AB582DD"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HKMPAGeqiwf4DZikbHuUXQDtMNUECrZBPqyvMUSenEKCZZbtOMgK%2BJ0KX5W18ZOl01VYLUMeHMSKb01oyeSfPaQ2Ci3wW4gNj1FGmrSLoSvY8aJTDp97P9ktjvEcjihyEeMr5GgYYmWN%2BHUS7T8D5tFH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=600
cf-ray
878adbd9cf6e65b5-FRA
expires
Tue, 23 Apr 2024 03:55:05 GMT
jquery.SuperSlide.js
bnd.ehsanshiresavom.workers.dev/js/
24 KB
9 KB
Script
General
Full URL
https://bnd.ehsanshiresavom.workers.dev/js/jquery.SuperSlide.js
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
78d77300924bf0221ac603d9de2cb8f0de860bc122f31d1a43f3d41ee38e4c57

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 03:45:06 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qd7QJoPtC448EsTVqn32l2ByNmggpe4bSG9SB9SAcLQ3%2F%2Fk6OHfTzNXJmQJ2xV1aWpSsk3qeqfc5hM7Nq9%2FWR0lBYJT4u8qJKauX8GfU%2BqppD2jXqmfJpWsjgEYwOkHR%2BH2SDX1v3bmEJwZ3fPigAqsb"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-ray
878adbd9cf6f65b5-FRA
alt-svc
h3=":443"; ma=86400
x-ssr-info
node/v11.9.0 express/4.16.4 vue-server-renderer/2.5.22 project/0.9.0
olympics.js
bnd.ehsanshiresavom.workers.dev/js/
0
0
Script
General
Full URL
https://bnd.ehsanshiresavom.workers.dev/js/olympics.js?20230924
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 03:45:06 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-ws-request-id
66272ec1_PS-FRA-01flU98_34362-55722
vary
Accept-Encoding
x-via
1.1 PS-FRA-01IuY95:15 (Cdn Cache Server V2.0)
x-via-s
FR-h222
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xOnBKdJbqgQpU%2BFDj5gvME7ihAq1dh9a%2BNYkxhLdN5OrGtmelvuX9s%2F%2FXJ0pIBm5MM2f7KYD7%2BQ7S2cvJ%2F3Vo30tcqxBzTwzJoK%2BpkPRpgAqZLAgPw92AGiuxnav6x2oLQfmbAepg%2FNxzGo4qGS%2BP22W"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
878adbd9cf7065b5-FRA
alt-svc
h3=":443"; ma=86400
main.js
bnd.ehsanshiresavom.workers.dev/js/
0
0
Script
General
Full URL
https://bnd.ehsanshiresavom.workers.dev/js/main.js?20240322
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 03:45:05 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-ws-request-id
66272ec1_PSygldLON2qk24_8227-27936
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d0H%2BQ3tHUdJ%2F7wQ2NgdMeXSbbpMyflTeIjiqPBqlg2g5IOfAYFAXLkx3TSnx%2FoUQDJMRT2uRFrDMslbJBOLDT%2BK4Uz4mSZcod7QshEouYp1qvIO5InRQCX3PsfYOGt19y4Z8pDSGJtxM2WzTlurSR8EB"}],"group":"cf-nel","max_age":604800}
content-type
text/html
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-ray
878adbd9cf7165b5-FRA
alt-svc
h3=":443"; ma=86400
yellowV.png
i.guancha.cn/
0
0

blueV.png
i.guancha.cn/
0
0

noV.png
i.guancha.cn/
0
0

h.js
hm.baidu.com/
29 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/h.js?8ab18ec6e3ee89210917ef2c8572b30e
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
5aae129467dd3bbc1bfc162975a9ba5abdb343861c1c39c281091ae2f785135f
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 23 Apr 2024 03:45:06 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
b908354d47e6e34fdae53597f65b1ed2
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11616
header-nav.png
bnd.ehsanshiresavom.workers.dev/images/
0
0

feature_icon.png
bnd.ehsanshiresavom.workers.dev/images/
43 B
43 B
Image
General
Full URL
https://bnd.ehsanshiresavom.workers.dev/images/feature_icon.png
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/css/public.css?20240302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d55b37c646e6bb26e27154aeb5fd15edc1601465a033973b9d1ca107a49e120

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/css/public.css?20240302
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 03:45:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YCRr0GA6eZFK0N%2F99%2Ft%2F%2BCmYtzhYvSlA7PHGio9JkX2DYkBLTmTssClksDuhEVGfSHxKuy8CqFPtru2UALZmSOZ8kivzCnPWMYvJvTd7kKXcZDi3zzoa41yv7flu9nY38V0HVnE7KSlrfHLEXmjlaILN"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
878adbd9df7d65b5-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
comment-fire.png
i.guancha.cn/
0
0

icon_bar.png
bnd.ehsanshiresavom.workers.dev/images/
217 B
217 B
Image
General
Full URL
https://bnd.ehsanshiresavom.workers.dev/images/icon_bar.png
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/css/public.css?20240302
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e967e618a94def6ad031b9ab1557ecd91d1535d7d4927ae85702fff5390967ed

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/css/public.css?20240302
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 03:45:06 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VMmZZOIdFUbPKFCGgwYoVD2UTuqr7KeJ2SV62mPmM0iIpgMSBMpArhFrgtcC6o1pbihiqkN7LwAIFv8wzSGDi1rL1n4ipA3uea3f3N4eXmE7IJCNhiGy850pUN9OO2gE%2FhoAhM0bGEn7iOLilAFO2yvF"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
878adbd9df8a65b5-FRA
alt-svc
h3=":443"; ma=86400
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=201498799&si=8ab18ec6e3ee89210917ef2c8572b30e&v=1.3.0&lv=1&sn=38122&r=0&ww=1600&u=https%3A%2F%2Fbnd.ehsanshiresavom.workers.dev%2F&tt=%E8%A7%82%E5%AF%9F%E8%80%85%E7%BD%91
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 23 Apr 2024 03:45:06 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
z_stat.php
s95.cnzz.com/
0
369 B
Script
General
Full URL
https://s95.cnzz.com/z_stat.php?id=1254137364
Requested by
Host: bnd.ehsanshiresavom.workers.dev
URL: https://bnd.ehsanshiresavom.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:f7:7c00:10a:3::3f2 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 03:44:36 GMT
content-encoding
gzip
via
cache56.l2cn3130[0,0,200-0,H], cache53.l2cn3130[1,0], cache22.cn4101[0,0,200-0,H], cache22.cn4101[0,0]
server
Tengine
age
31
x-swift-cachetime
89
vary
accept-encoding
ali-swift-global-savetime
1713843877
x-cache
HIT TCP_MEM_HIT dirn:12:669510042
cache-control
public, max-age=90
x-swift-savetime
Tue, 23 Apr 2024 03:44:38 GMT
timing-allow-origin
*
content-length
20
eagleid
dcb9a8aa17138439081038401e
a120083,b3097467,c4721,i0,m202,8a1,8b3,h
v.admaster.com.cn/i/ Frame B839
0
0

iconfont.css
user.workers.dev/static/font/
0
0

usernav.css
user.workers.dev/static/css/
0
0

new-comments.css
user.workers.dev/static/css/
0
0

login.css
user.workers.dev/static/css/
0
0

jquery.sinaEmotion.css
user.workers.dev/static/plugins/sinaEmotion/
0
0

umeditor.css
user.workers.dev/static/um/themes/comment/css/
0
0

umeditor.css
user.workers.dev/static/um/themes/default/css/
0
0

fatie.css
user.workers.dev/static/css/
0
0

common.js
user.workers.dev/dist/js/
0
0

TCaptcha.js
turing.captcha.qcloud.com/
81 KB
27 KB
Script
General
Full URL
https://turing.captcha.qcloud.com/TCaptcha.js?20191213
Requested by
Host: user.guancha.cn
URL: https://user.guancha.cn/static/js/comments-plugin-cms.js?20221207
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240d:c000:2010:1807:0:9aca:1ac0:d45a , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Trpc httpd, tencent http server /
Resource Hash
7536a46c741cdbc4b830c24fe6c3658d7cf2e4d0f993bf8ce5c90557dd7518bc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://bnd.ehsanshiresavom.workers.dev/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 23 Apr 2024 03:45:09 GMT
Content-Encoding
gzip
Server
Trpc httpd, tencent http server
Transfer-Encoding
chunked
P3P
CP=CAO PSA OUR
Content-Type
text/javascript
Cache-Control
max-age=600
Connection
keep-alive
tcaptcha-frame.cc3d815a.js
turing.captcha.gtimg.com/1/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i.guancha.cn
URL
https://i.guancha.cn/vip-diamond.gif
Domain
i.guancha.cn
URL
https://i.guancha.cn/app-erweima.png?20190610
Domain
i.guancha.cn
URL
https://i.guancha.cn/xinhomepage.png?20181101
Domain
i.guancha.cn
URL
https://i.guancha.cn/news/2024/04/23/20240423101015925.jpg
Domain
i.guancha.cn
URL
https://i.guancha.cn/left-gcy.jpg?20211103
Domain
i.guancha.cn
URL
https://i.guancha.cn/middle-top-frame.jpg?20211103
Domain
i.guancha.cn
URL
https://i.guancha.cn/blueV.png?20200320
Domain
i.guancha.cn
URL
https://i.guancha.cn/yellowV.png?20200320
Domain
i.guancha.cn
URL
https://i.guancha.cn/redV.png?20200320
Domain
i.guancha.cn
URL
https://i.guancha.cn/noV.png
Domain
i.guancha.cn
URL
https://i.guancha.cn/yellowV.png?20200320
Domain
i.guancha.cn
URL
https://i.guancha.cn/blueV.png?20200320
Domain
i.guancha.cn
URL
https://i.guancha.cn/noV.png
Domain
bnd.ehsanshiresavom.workers.dev
URL
https://bnd.ehsanshiresavom.workers.dev/images/header-nav.png
Domain
i.guancha.cn
URL
https://i.guancha.cn/comment-fire.png
Domain
v.admaster.com.cn
URL
https://v.admaster.com.cn/i/a120083,b3097467,c4721,i0,m202,8a1,8b3,h
Domain
user.workers.dev
URL
https://user.workers.dev/static/font/iconfont.css?20171216
Domain
user.workers.dev
URL
https://user.workers.dev/static/css/usernav.css?20171216
Domain
user.workers.dev
URL
https://user.workers.dev/static/css/new-comments.css?20230122
Domain
user.workers.dev
URL
https://user.workers.dev/static/css/login.css?202220922
Domain
user.workers.dev
URL
https://user.workers.dev/static/plugins/sinaEmotion/jquery.sinaEmotion.css?20221031
Domain
user.workers.dev
URL
https://user.workers.dev/static/um/themes/comment/css/umeditor.css?20221202
Domain
user.workers.dev
URL
https://user.workers.dev/static/um/themes/default/css/umeditor.css?20221202
Domain
user.workers.dev
URL
https://user.workers.dev/static/css/fatie.css?20221206
Domain
user.workers.dev
URL
https://user.workers.dev/dist/js/common.js?202310135
Domain
turing.captcha.gtimg.com
URL
https://turing.captcha.gtimg.com/1/tcaptcha-frame.cc3d815a.js

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gotoUrl string| _bdhmProtocol boolean| _bdhm_loaded_8ab18ec6e3ee89210917ef2c8572b30e object| _hmt object| mini_tangram_log_47et5r string| cnzz_protocol object| Base object| Dom boolean| __TencentCaptchaExists__ boolean| TCaptchaGlobal string| AqSCodeCapDomain string| AqSCodeCdnDomain boolean| TCaptchaPreload function| TencentCaptcha

10 Cookies

Domain/Path Name / Value
bnd.ehsanshiresavom.workers.dev/js Name:
Value: HttpOnly
bnd.ehsanshiresavom.workers.dev/ Name: acw_sc__v2
Value: 66272ec1a9538a0312583b56679ce1e5af2ea64d
bnd.ehsanshiresavom.workers.dev/ Name: acw_tc
Value: 276077d017138439051685441eacc63f78c0a437e5d1e1a71049fa0475da6a
bnd.ehsanshiresavom.workers.dev/ Name: _nu
Value: 1713843905
bnd.ehsanshiresavom.workers.dev/ Name: _abby_aa_forever
Value: b
bnd.ehsanshiresavom.workers.dev/ Name: _abby_post15s
Value: b
bnd.ehsanshiresavom.workers.dev/ Name: _abby_hero_form
Value: a
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 389B74D01CBC0E43
.bnd.ehsanshiresavom.workers.dev/ Name: Hm_lvt_8ab18ec6e3ee89210917ef2c8572b30e
Value: 1713843907
.bnd.ehsanshiresavom.workers.dev/ Name: Hm_lpvt_8ab18ec6e3ee89210917ef2c8572b30e
Value: 1713843907

32 Console Messages

Source Level URL
Text
security warning URL: https://bnd.ehsanshiresavom.workers.dev/
Message:
Mixed Content: The page at 'https://bnd.ehsanshiresavom.workers.dev/' was loaded over HTTPS, but requested an insecure element 'http://i.guancha.cn/xinhomepage.png?20181101'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://bnd.ehsanshiresavom.workers.dev/css/olympics.css?20230930
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://bnd.ehsanshiresavom.workers.dev/images/mian-logo.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bnd.ehsanshiresavom.workers.dev/js/jquery-3.6.0.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://bnd.ehsanshiresavom.workers.dev/css/main.css?20221212
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning URL: https://bnd.ehsanshiresavom.workers.dev/(Line 2345)
Message:
Mixed Content: The page at 'https://bnd.ehsanshiresavom.workers.dev/' was loaded over HTTPS, but requested an insecure element 'http://i.guancha.cn/xinhomepage.png?20181101'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript warning URL: https://bnd.ehsanshiresavom.workers.dev/(Line 3410)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://hm.baidu.com/h.js?8ab18ec6e3ee89210917ef2c8572b30e, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bnd.ehsanshiresavom.workers.dev/(Line 3410)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://hm.baidu.com/h.js?8ab18ec6e3ee89210917ef2c8572b30e, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://bnd.ehsanshiresavom.workers.dev/js/main.js?20240322
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bnd.ehsanshiresavom.workers.dev/js/sensor.js?20211230
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bnd.ehsanshiresavom.workers.dev/images/jubao-icon.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://bnd.ehsanshiresavom.workers.dev/images/gotop.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bnd.ehsanshiresavom.workers.dev/js/sensorsdata.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://bnd.ehsanshiresavom.workers.dev/images/icon_bar.png
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://bnd.ehsanshiresavom.workers.dev/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript warning URL: https://bnd.ehsanshiresavom.workers.dev/(Line 3412)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://s95.cnzz.com/z_stat.php?id=1254137364, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bnd.ehsanshiresavom.workers.dev/(Line 3412)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://s95.cnzz.com/z_stat.php?id=1254137364, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://bnd.ehsanshiresavom.workers.dev/images/wangxinban_jubao.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bnd.ehsanshiresavom.workers.dev/images/feature_icon.png
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://bnd.ehsanshiresavom.workers.dev/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://bnd.ehsanshiresavom.workers.dev/js/jquery.lazyload.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bnd.ehsanshiresavom.workers.dev/js/olympics.js?20230924
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://bnd.ehsanshiresavom.workers.dev/images/beian-icon.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://user.workers.dev/static/css/usernav.css?20171216
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://user.workers.dev/static/um/themes/comment/css/umeditor.css?20221202
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://user.workers.dev/static/um/themes/default/css/umeditor.css?20221202
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://user.workers.dev/static/css/fatie.css?20221206
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://user.workers.dev/static/css/new-comments.css?20230122
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://user.workers.dev/static/font/iconfont.css?20171216
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://user.workers.dev/static/css/login.css?202220922
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://user.workers.dev/static/plugins/sinaEmotion/jquery.sinaEmotion.css?20221031
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://user.workers.dev/dist/js/common.js?202310135
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bnd.ehsanshiresavom.workers.dev
hm.baidu.com
i.guancha.cn
s95.cnzz.com
turing.captcha.gtimg.com
turing.captcha.qcloud.com
user.guancha.cn
user.workers.dev
v.admaster.com.cn
bnd.ehsanshiresavom.workers.dev
i.guancha.cn
turing.captcha.gtimg.com
user.workers.dev
v.admaster.com.cn
14.215.182.140
172.67.219.114
2408:8720:806:300:70::88
240d:c000:2010:1807:0:9aca:1ac0:d45a
240e:f7:7c00:10a:3::3f2
2606:4700:3030::6815:4629
222875f01df6d182f133ed022ba9a00505e1e0c5d07a6a11ee49890e0fc73d98
2a1c1fb221816cea456cf003e8fd4e2c5f083895941cc6ebcf7cb478b207c20d
5aae129467dd3bbc1bfc162975a9ba5abdb343861c1c39c281091ae2f785135f
7415b09d460cc6d66a25c2bdebd4abeafc96bd4c9e3db12fe11472b1b21f52e3
7536a46c741cdbc4b830c24fe6c3658d7cf2e4d0f993bf8ce5c90557dd7518bc
78d77300924bf0221ac603d9de2cb8f0de860bc122f31d1a43f3d41ee38e4c57
7babbc9915bcce727bce6e60885d50429e3ab9a09523431da38741bf51e36d8a
94349c60becc8d700d2e08fc11b89f03adc11d3081d4bfd9fecfa1cea8ed9d49
9c037511f57888d5db5414d29521d419aa31f055e3fc9bf24b13905816e7316d
9d55b37c646e6bb26e27154aeb5fd15edc1601465a033973b9d1ca107a49e120
af02ad7089b6af45750b1131525460b5229a3b341cd0f718708fc9c918a4d7eb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e967e618a94def6ad031b9ab1557ecd91d1535d7d4927ae85702fff5390967ed