urlscan.io logo urlscan.io
SecurityTrails logo

image.wedo.cloudns.be Open in urlscan Pro
2606:4700:310c::ac42:2cc2  Public Scan

Go To Rescan Add Verdict Report
URL: https://image.wedo.cloudns.be/
Submission: On December 05 via api from US — Scanned from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 2606:4700:310c::ac42:2cc2, located in United States and belongs to CLOUDFLARENET, US. The main domain is image.wedo.cloudns.be.
TLS certificate: Issued by WE1 on December 5th 2024. Valid for: 3 months.
This is the only time image.wedo.cloudns.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:310... 13335 (CLOUDFLAR...)
2 111.45.3.198 9808 (CHINAMOBI...)
4 2
Apex Domain
Subdomains		 Transfer
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 12020
12 KB
2 cloudns.be
image.wedo.cloudns.be
6 KB
4 2
Domain Requested by
2 hm.baidu.com image.wedo.cloudns.be
2 image.wedo.cloudns.be
4 2

This site contains no links.

Subject Issuer Validity Valid
image.wedo.cloudns.be
WE1		 2024-12-05 -
2025-03-05		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2024-07-08 -
2025-08-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://image.wedo.cloudns.be/
Frame ID: F99D833249E0705C0FC113DFC16FFCEA
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

2025,新年快乐!

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Page Statistics

4
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

18 kB
Transfer

43 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
image.wedo.cloudns.be/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://image.wedo.cloudns.be/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20b6a354f07939a648281bb1444ca631ebc1b783af35bcda07d4ce5d9d3d859
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8ed3fbd25cf3990c-ARN
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 05 Dec 2024 12:19:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KbkzNi0vrrRoNaT7XKaeXLuku3S0wJ9s6%2BzNTn75f12nTTrHXy32%2Fba3an6hrfAL4oBjspt2ScXcdiHzxJIqJ4zfpCKMN3s9wrVF2Gh%2FXMxscS6Uui%2FAxZ5RLgObLXJ2dNGAkzA6zwijk0iEPJaBjBRvMpE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=39209&min_rtt=36729&rtt_var=10175&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4168&recv_bytes=4424&delivery_rate=362&cwnd=12000&unsent_bytes=0&cid=6650ce39fff7e0ba&ts=352&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-type-options
nosniff
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?c923daf3182a4b0ce01878475080aadc
Requested by
Host: image.wedo.cloudns.be
URL: https://image.wedo.cloudns.be/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
2e88be3358fe06fb464e5a3618dd4b49bba2a1329e27449810b5fb69be8b7354
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://image.wedo.cloudns.be/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
max-age=0, must-revalidate
Content-Encoding
gzip
Etag
441c2deadc6869f13e1d1d9695a7ed2a
Content-Length
11291
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date
Thu, 05 Dec 2024 12:19:20 GMT
Content-Type
application/javascript
Server
apache
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=247881E33AEE927D&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=da-dk&lo=0&rnd=2061900837&si=c923daf3182a4b0ce01878475080aadc&v=1.3.2&lv=1&sn=410&r=0&ww=1600&u=https%3A%2F%2Fimage.wedo.cloudns.be%2F&tt=2025%EF%BC%8C%E6%96%B0%E5%B9%B4%E5%BF%AB%E4%B9%90%EF%BC%81
Requested by
Host: image.wedo.cloudns.be
URL: https://image.wedo.cloudns.be/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://image.wedo.cloudns.be/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
private, max-age=0, no-cache
Pragma
no-cache
X-Content-Type-Options
nosniff
Content-Length
43
Date
Thu, 05 Dec 2024 12:19:20 GMT
Content-Type
image/gif
Server
apache
favicon.ico
image.wedo.cloudns.be/ 		7 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://image.wedo.cloudns.be/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20b6a354f07939a648281bb1444ca631ebc1b783af35bcda07d4ce5d9d3d859
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://image.wedo.cloudns.be/

Response headers

content-encoding
br
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q4ytnu9SzZMiNRxvdA4S%2FidHrx1FkNeX3rm%2BFEryGWhNaCW3np8TaXnVU5BoXl%2B1f9tqzg2vVc1vpOemBScUSknhxA0fd0bkxmhnu7PD7eXYy2Sxqy6yl2VONLHm0GDGZLBPky%2FnL0Bb%2FV1fwhENcyVS3xQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42592&min_rtt=36729&rtt_var=12993&sent=16&recv=13&lost=0&retrans=0&sent_bytes=7274&recv_bytes=4961&delivery_rate=80966&cwnd=12000&unsent_bytes=0&cid=6650ce39fff7e0ba&ts=4292&x=1", cfHdrFlush;dur=0
date
Thu, 05 Dec 2024 12:19:21 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 05 Dec 2024 12:19:21 GMT
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ed3fbec0ca5990c-ARN
access-control-allow-origin
*
server
cloudflare

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _hmt function| GetRequest function| getTarget boolean| _bdhm_loaded_c923daf3182a4b0ce01878475080aadc

4 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 247881E33AEE927D
.image.wedo.cloudns.be/ Name: Hm_lvt_c923daf3182a4b0ce01878475080aadc
Value: 1733401160
.image.wedo.cloudns.be/ Name: Hm_lpvt_c923daf3182a4b0ce01878475080aadc
Value: 1733401160
.image.wedo.cloudns.be/ Name: HMACCOUNT
Value: 247881E33AEE927D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hm.baidu.com
image.wedo.cloudns.be
111.45.3.198
2606:4700:310c::ac42:2cc2
2e88be3358fe06fb464e5a3618dd4b49bba2a1329e27449810b5fb69be8b7354
a20b6a354f07939a648281bb1444ca631ebc1b783af35bcda07d4ce5d9d3d859
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda