icarfly.cn Open in urlscan Pro
154.31.197.59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://icarfly.cn/
Effective URL:
https://icarfly.cn/
Submission: On November 04 via api (November 4th 2022, 6:58:57 pm UTC) from US — Scanned from DE

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 20 HTTP transactions. The main IP is 154.31.197.59, located in Germany and belongs to FD-298-8796, US. The main domain is icarfly.cn.
TLS certificate: Issued by R3 on September 8th 2022. Valid for: 3 months.

This is the only time icarfly.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	154.31.197.59 154.31.197.59	8796 (FD-298-8796) (FD-298-8796)
1	154.31.199.46 154.31.199.46	8796 (FD-298-8796) (FD-298-8796)
16	154.31.192.55 154.31.192.55	8796 (FD-298-8796) (FD-298-8796)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
20	4

2 154.31.197.59 (Germany) 1 redirects

ASN8796 (FD-298-8796, US)

icarfly.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.31.199.46 (Germany)

ASN8796 (FD-298-8796, US)

jfevcar.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 154.31.192.55 (Germany)

ASN8796 (FD-298-8796, US)

salgang.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	salgang.com salgang.com	4 MB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 7141	12 KB
2	icarfly.cn 1 redirects icarfly.cn	696 B
1	jfevcar.cn jfevcar.cn	1 KB
20	4

	Domain	Requested by
16	salgang.com	jfevcar.cn salgang.com
2	hm.baidu.com	jfevcar.cn icarfly.cn
2	icarfly.cn	1 redirects
1	jfevcar.cn	icarfly.cn
20	4

This site contains no links.

Subject Issuer	Validity	Valid
www.icarfly.cn R3	`2022-09-08` - `2022-12-07`	3 months	crt.sh
www.jfevcar.cn R3	`2022-09-25` - `2022-12-24`	3 months	crt.sh
www.salgang.com R3	`2022-09-07` - `2022-12-06`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://icarfly.cn/
Frame ID: 0E19395D1B9E6B11F7A8750BBC044ED1
Requests: 4 HTTP requests in this frame

Frame: https://salgang.com/
Frame ID: 4D5863FAEA22C6BF46872A97E63FFD68
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

公平公正-大额无忧-世界杯官方认证

Page URL History Show full URLs

http://icarfly.cn/ HTTP 301
https://icarfly.cn/ Page URL

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

4530 kB
Transfer

4932 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://icarfly.cn/ HTTP 301
https://icarfly.cn/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

403

Primary Request / Show response
icarfly.cn/
Redirect Chain

http://icarfly.cn/
https://icarfly.cn/

379 B
464 B

475ms
156ms

Document
text/html

154.31.197.59
FD-298-8796

General

Check archive.org

Show headers Download Go to

Full URL: https://icarfly.cn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.31.197.59 , Germany, ASN8796 (FD-298-8796, US),
Reverse DNS
Software: nginx /
Resource Hash: 40d33defc6041cf5177dc0b4c43d72fe428e2fe58e039c7d7d431f7a985e60d0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 379
content-type: text/html
date: Fri, 04 Nov 2022 18:58:52 GMT
etag: "62a1e1b4-17b"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 04 Nov 2022 18:58:51 GMT
Location: https://icarfly.cn/
Server: nginx
Strict-Transport-Security: max-age=31536000

GET
H2 200 danzhan1.js Show response
jfevcar.cn/ 1 KB
1 KB 660ms
156ms Script
application/javascript 154.31.199.46
FD-298-8796

General

Check archive.org

Show headers Download Go to

Full URL

https://jfevcar.cn/danzhan1.js

Requested by

Host: icarfly.cn
URL: https://icarfly.cn/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.31.199.46 , Germany, ASN8796 (FD-298-8796, US),

Reverse DNS

Software

nginx /

Resource Hash

0b3b5387c3e5a74627f685d0f4d58c9b84199dcd4d39430a0fefa6b4eade01fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icarfly.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:58:52 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 07 Sep 2022 15:22:36 GMT
server: nginx
etag: W/"6318b73c-5c4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 05 Nov 2022 06:58:52 GMT

GET
H2 200 / Show response
salgang.com/ Frame 4D58 4 KB
1 KB 659ms
160ms Document
text/html 154.31.192.55
FD-298-8796

General

Check archive.org

Show headers Download Go to

Full URL

https://salgang.com/

Requested by

Host: jfevcar.cn
URL: https://jfevcar.cn/danzhan1.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.31.192.55 , Germany, ASN8796 (FD-298-8796, US),

Reverse DNS

Software

nginx /

Resource Hash

8f5035ee33e41128056363bb8bf2a3bfa133b33f3602f8070101c8e1ab3efb1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://icarfly.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 04 Nov 2022 18:58:53 GMT
etag: W/"63653b47-ec4"
last-modified: Fri, 04 Nov 2022 16:18:15 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 1321ms
371ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?cd5fcd71ae25471f8f066b6885327e2b

Requested by

Host: jfevcar.cn
URL: https://jfevcar.cn/danzhan1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

11b938344e5361bb35220b85094b904c6f97829bd0a768e2bad1f15716b44fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icarfly.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 18:58:53 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 0a4d9d07da1945044b033b0ecc3b868a
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11334

GET
H2 200 swiper-bundle.css
salgang.com/static/css/ Frame 4D58 14 KB
3 KB 161ms
160ms Stylesheet
text/css 154.31.192.55
FD-298-8796

General

Check archive.org

Show headers Download Go to

Full URL

https://salgang.com/static/css/swiper-bundle.css

Requested by

Host: salgang.com
URL: https://salgang.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.31.192.55 , Germany, ASN8796 (FD-298-8796, US),

Reverse DNS

Software

nginx /

Resource Hash

97736043b2261590031b148ca47941c98ef7e4aacaed31f3cc2a2278969eb66d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:58:53 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 09:03:12 GMT
server: nginx
etag: W/"6267b550-372b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 05 Nov 2022 06:58:53 GMT

GET
H2 200 swiper-bundle.min.css
salgang.com/static/css/ Frame 4D58 11 KB
3 KB 162ms
160ms Stylesheet
text/css 154.31.192.55
FD-298-8796

General

Check archive.org

Show headers Download Go to

Full URL

https://salgang.com/static/css/swiper-bundle.min.css

Requested by

Host: salgang.com
URL: https://salgang.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.31.192.55 , Germany, ASN8796 (FD-298-8796, US),

Reverse DNS

Software

nginx /

Resource Hash

7a1e53d7bb4ec847b3e363e15bce47da57d3304ab703032e37086917d57bfcbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:58:53 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 09:03:12 GMT
server: nginx
etag: W/"6267b550-2cb2"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 05 Nov 2022 06:58:53 GMT

GET
H2 200 swiper-bundle.js Show response
salgang.com/static/js/ Frame 4D58 333 KB
75 KB 321ms
319ms Script
application/javascript 154.31.192.55
FD-298-8796

General

Check archive.org

Show headers Download Go to

Full URL

https://salgang.com/static/js/swiper-bundle.js

Requested by

Host: salgang.com
URL: https://salgang.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.31.192.55 , Germany, ASN8796 (FD-298-8796, US),

Reverse DNS

Software

nginx /

Resource Hash

05c836f6a8f9244a416acf48f6eb6daebf72554a4c2baa0d7fe82708a538c8d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:58:53 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 14:24:23 GMT
server: nginx
etag: W/"62e93397-533b6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 05 Nov 2022 06:58:53 GMT

GET
H2 200 swiper-bundle.min.js Show response
salgang.com/static/js/ Frame 4D58 142 KB
44 KB 481ms
479ms Script
application/javascript 154.31.192.55
FD-298-8796

General

Check archive.org

Show headers Download Go to

Full URL

https://salgang.com/static/js/swiper-bundle.min.js

Requested by

Host: salgang.com
URL: https://salgang.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.31.192.55 , Germany, ASN8796 (FD-298-8796, US),

Reverse DNS

Software

nginx /

Resource Hash

9727a4a676bdb0c0373dfa9278062fafb6958b54826309ac2373c49e02ead8f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:58:53 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 09:03:18 GMT
server: nginx
etag: W/"6267b556-23835"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 05 Nov 2022 06:58:53 GMT

GET
H2 200 js.js Show response
salgang.com/static/js/ Frame 4D58 7 KB
1 KB 481ms
479ms Script
application/javascript 154.31.192.55
FD-298-8796

General

Check archive.org

Show headers Download Go to

Full URL

https://salgang.com/static/js/js.js

Requested by

Host: salgang.com
URL: https://salgang.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.31.192.55 , Germany, ASN8796 (FD-298-8796, US),

Reverse DNS

Software

nginx /

Resource Hash

af44a33b4af6a49fc2a7126fad30cd339fcb4670f7da96fc1abf5b29c6045e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:58:53 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 09:03:16 GMT
server: nginx
etag: W/"6267b554-1af6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 05 Nov 2022 06:58:53 GMT

GET
H2 200 style.css
salgang.com/static/css/ Frame 4D58 11 KB
2 KB 162ms
160ms Stylesheet
text/css 154.31.192.55
FD-298-8796

General

Check archive.org

Show headers Download Go to

Full URL

https://salgang.com/static/css/style.css

Requested by

Host: salgang.com
URL: https://salgang.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.31.192.55 , Germany, ASN8796 (FD-298-8796, US),

Reverse DNS

Software

nginx /

Resource Hash

0198fe891aa392bcd544aa393750a38dcd32d841191763655dd389418a88b5f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:58:53 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 09:03:13 GMT
server: nginx
etag: W/"6267b551-2a19"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 05 Nov 2022 06:58:53 GMT

GET
H2 200 toubu.png
salgang.com/static/picture/ Frame 4D58 13 KB
13 KB 160ms
160ms Image
image/png 154.31.192.55
FD-298-8796

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salgang.com/static/picture/toubu.png

Requested by

Host: salgang.com
URL: https://salgang.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.31.192.55 , Germany, ASN8796 (FD-298-8796, US),

Reverse DNS

Software

nginx /

Resource Hash

a59d34f5449d83627b05624278b62530fc6286b8e10e40dac69448643b1322a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:58:54 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 09 Jun 2022 11:02:38 GMT
server: nginx
etag: "62a1d34e-3411"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13329
expires: Sun, 04 Dec 2022 18:58:54 GMT

GET
H2 200 22.png
salgang.com/static/picture/ Frame 4D58 604 KB
605 KB 160ms
160ms Image
image/png 154.31.192.55
FD-298-8796

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salgang.com/static/picture/22.png

Requested by

Host: salgang.com
URL: https://salgang.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.31.192.55 , Germany, ASN8796 (FD-298-8796, US),

Reverse DNS

Software

nginx /

Resource Hash

3fd04586004f77b67885cf145d0d28c2f551793b84ccdd5b20d80a9bdf475bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:58:54 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 10 Sep 2022 15:50:09 GMT
server: nginx
etag: "631cb231-97114"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 618772
expires: Sun, 04 Dec 2022 18:58:54 GMT

GET
H2 200 bobty.png
salgang.com/static/picture/ Frame 4D58 22 KB
22 KB 316ms
315ms Image
image/png 154.31.192.55
FD-298-8796

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salgang.com/static/picture/bobty.png

Requested by

Host: salgang.com
URL: https://salgang.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.31.192.55 , Germany, ASN8796 (FD-298-8796, US),

Reverse DNS

Software

nginx /

Resource Hash

6e71bcd1cfd2014ba5d05d40500860f63b0f3999e47a05c14f42ed191fc6b552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:58:54 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 25 Jun 2022 07:30:16 GMT
server: nginx
etag: "62b6b988-5692"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 22162
expires: Sun, 04 Dec 2022 18:58:54 GMT

GET
H2 200 bobapp.png
salgang.com/static/picture/ Frame 4D58 18 KB
18 KB 316ms
315ms Image
image/png 154.31.192.55
FD-298-8796

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salgang.com/static/picture/bobapp.png

Requested by

Host: salgang.com
URL: https://salgang.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.31.192.55 , Germany, ASN8796 (FD-298-8796, US),

Reverse DNS

Software

nginx /

Resource Hash

f44e1b7f6602dabfdb5eae58e80627bc0e3eb0d524d86c6e5d2cc0f7056a3ca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:58:54 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 25 Jun 2022 07:30:16 GMT
server: nginx
etag: "62b6b988-4859"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18521
expires: Sun, 04 Dec 2022 18:58:54 GMT

GET
H2 200 song28.png
salgang.com/static/picture/ Frame 4D58 30 KB
30 KB 316ms
315ms Image
image/png 154.31.192.55
FD-298-8796

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salgang.com/static/picture/song28.png

Requested by

Host: salgang.com
URL: https://salgang.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.31.192.55 , Germany, ASN8796 (FD-298-8796, US),

Reverse DNS

Software

nginx /

Resource Hash

039ba53b70a9683537481a532698548d135c32f33a14e233352b45fcb8946220

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:58:54 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 25 Jun 2022 10:34:50 GMT
server: nginx
etag: "62b6e4ca-76b7"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 30391
expires: Sun, 04 Dec 2022 18:58:54 GMT

GET
H2 200 byty.png
salgang.com/static/picture/ Frame 4D58 20 KB
21 KB 317ms
316ms Image
image/png 154.31.192.55
FD-298-8796

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salgang.com/static/picture/byty.png

Requested by

Host: salgang.com
URL: https://salgang.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.31.192.55 , Germany, ASN8796 (FD-298-8796, US),

Reverse DNS

Software

nginx /

Resource Hash

796a06424f37d7b7232d081b58dea129c233d19b5a19bfbca14937d3e3e3d345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:58:54 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 25 Jun 2022 07:28:21 GMT
server: nginx
etag: "62b6b915-51c5"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 20933
expires: Sun, 04 Dec 2022 18:58:54 GMT

GET
H2 200 byapp.png
salgang.com/static/picture/ Frame 4D58 22 KB
22 KB 317ms
316ms Image
image/png 154.31.192.55
FD-298-8796

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salgang.com/static/picture/byapp.png

Requested by

Host: salgang.com
URL: https://salgang.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.31.192.55 , Germany, ASN8796 (FD-298-8796, US),

Reverse DNS

Software

nginx /

Resource Hash

d167cc2afbfe7543bb7445ab427b4c920d595d982d974cbd15a30ccaab55b425

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:58:54 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 25 Jun 2022 07:28:21 GMT
server: nginx
etag: "62b6b915-5685"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 22149
expires: Sun, 04 Dec 2022 18:58:54 GMT

GET
H2 200 26.jpg
salgang.com/static/picture/ Frame 4D58 243 KB
243 KB 317ms
316ms Image
image/jpeg 154.31.192.55
FD-298-8796

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salgang.com/static/picture/26.jpg

Requested by

Host: salgang.com
URL: https://salgang.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.31.192.55 , Germany, ASN8796 (FD-298-8796, US),

Reverse DNS

Software

nginx /

Resource Hash

fdbb4916c318f553857e7e53f8b72cd9a4965a857162e03affaa0dd25de8141f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:58:54 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 09 Jun 2022 11:08:11 GMT
server: nginx
etag: "62a1d49b-3cc1d"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 248861
expires: Sun, 04 Dec 2022 18:58:54 GMT

GET
H2 200 tj.gif
salgang.com/static/images/ Frame 4D58 3 MB
3 MB 317ms
317ms Image
image/gif 154.31.192.55
FD-298-8796

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salgang.com/static/images/tj.gif

Requested by

Host: salgang.com
URL: https://salgang.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.31.192.55 , Germany, ASN8796 (FD-298-8796, US),

Reverse DNS

Software

nginx /

Resource Hash

c4b6917daf2664e915b6c433172b389135c51ee25a218ed52eb332cc2d2e87ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salgang.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:58:54 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 05 Jul 2022 08:39:51 GMT
server: nginx
etag: "62c3f8d7-3540b5"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3489973
expires: Sun, 04 Dec 2022 18:58:54 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 328ms
328ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1728013227&si=cd5fcd71ae25471f8f066b6885327e2b&v=1.2.97&lv=1&sn=50260&r=0&ww=1600&ct=!!&u=https%3A%2F%2Ficarfly.cn%2F&tt=%E5%85%AC%E5%B9%B3%E5%85%AC%E6%AD%A3-%E5%A4%A7%E9%A2%9D%E6%97%A0%E5%BF%A7-%E4%B8%96%E7%95%8C%E6%9D%AF%E5%AE%98%E6%96%B9%E8%AE%A4%E8%AF%81

Requested by

Host: icarfly.cn
URL: https://icarfly.cn/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icarfly.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Nov 2022 18:58:54 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-20 16:49:08	Name: HMACCOUNT_BFESS Value: 357533FE31AE6668
.icarfly.cn/	1970-01-20 15:58:44	Name: Hm_lvt_cd5fcd71ae25471f8f066b6885327e2b Value: 1667588335
.icarfly.cn/	1969-12-31 23:59:59	Name: Hm_lpvt_cd5fcd71ae25471f8f066b6885327e2b Value: 1667588335

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://icarfly.cn/ Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hm.baidu.com
icarfly.cn
jfevcar.cn
salgang.com
103.235.46.191
154.31.192.55
154.31.197.59
154.31.199.46
0198fe891aa392bcd544aa393750a38dcd32d841191763655dd389418a88b5f9
039ba53b70a9683537481a532698548d135c32f33a14e233352b45fcb8946220
05c836f6a8f9244a416acf48f6eb6daebf72554a4c2baa0d7fe82708a538c8d5
0b3b5387c3e5a74627f685d0f4d58c9b84199dcd4d39430a0fefa6b4eade01fa
11b938344e5361bb35220b85094b904c6f97829bd0a768e2bad1f15716b44fe0
3fd04586004f77b67885cf145d0d28c2f551793b84ccdd5b20d80a9bdf475bd6
40d33defc6041cf5177dc0b4c43d72fe428e2fe58e039c7d7d431f7a985e60d0
6e71bcd1cfd2014ba5d05d40500860f63b0f3999e47a05c14f42ed191fc6b552
796a06424f37d7b7232d081b58dea129c233d19b5a19bfbca14937d3e3e3d345
7a1e53d7bb4ec847b3e363e15bce47da57d3304ab703032e37086917d57bfcbb
8f5035ee33e41128056363bb8bf2a3bfa133b33f3602f8070101c8e1ab3efb1d
9727a4a676bdb0c0373dfa9278062fafb6958b54826309ac2373c49e02ead8f8
97736043b2261590031b148ca47941c98ef7e4aacaed31f3cc2a2278969eb66d
a59d34f5449d83627b05624278b62530fc6286b8e10e40dac69448643b1322a4
af44a33b4af6a49fc2a7126fad30cd339fcb4670f7da96fc1abf5b29c6045e22
c4b6917daf2664e915b6c433172b389135c51ee25a218ed52eb332cc2d2e87ba
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d167cc2afbfe7543bb7445ab427b4c920d595d982d974cbd15a30ccaab55b425
f44e1b7f6602dabfdb5eae58e80627bc0e3eb0d524d86c6e5d2cc0f7056a3ca9
fdbb4916c318f553857e7e53f8b72cd9a4965a857162e03affaa0dd25de8141f

icarfly.cn Open in urlscan Pro 154.31.197.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

4530 kBTransfer

4932 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

icarfly.cn Open in urlscan Pro
154.31.197.59 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

4530 kB
Transfer

4932 kB
Size

3
Cookies

20 HTTP transactions
0 data transactions