URL: https://applets.idailian.cn/
Submission: On November 09 via automatic, source certstream-suspicious

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 223.144.130.223, located in China and belongs to CHINANET-BACKBONE No.31,Jin-rong Street, CN. The main domain is applets.idailian.cn.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on November 9th 2020. Valid for: a year.
This is the only time applets.idailian.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 223.144.130.223 4134 (CHINANET-...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 3
Apex Domain
Subdomains
Transfer
1 gtimg.com
inews.gtimg.com
4 KB
1 idailian.cn
applets.idailian.cn
2 KB
0 layuicdn.com Failed
www.layuicdn.com Failed
3 3
Domain Requested by
1 inews.gtimg.com applets.idailian.cn
1 applets.idailian.cn
0 www.layuicdn.com Failed applets.idailian.cn
3 3

This site contains links to these domains. Also see Links.

Domain
beian.miit.gov.cn
Subject Issuer Validity Valid
applets.idailian.cn
Encryption Everywhere DV TLS CA - G1
2020-11-09 -
2021-11-09
a year crt.sh
qs.888.qq.com
DigiCert SHA2 Secure Server CA
2020-03-24 -
2021-06-23
a year crt.sh

This page contains 1 frames:

Primary Page: https://applets.idailian.cn/
Frame ID: 4CCBD0C964B13A34483379ABA32A283D
Requests: 3 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Tengine/i

Page Statistics

3
Requests

67 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

6 kB
Transfer

8 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
applets.idailian.cn/
5 KB
2 KB
Document
General
Full URL
https://applets.idailian.cn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
223.144.130.223 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
f9c48710c5b41b5b52ac85b7a2ada5654d514ccd44916d976f4d1620d2ac027e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
applets.idailian.cn
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
Tengine
content-type
text/html; charset=utf-8
content-length
1818
date
Mon, 09 Nov 2020 02:41:02 GMT
vary
Accept-Encoding
set-cookie
PHPSESSID=113a0a49bc2d789eddf908634bac5ddc; path=/
strict-transport-security
max-age=31536000
content-encoding
gzip
ali-swift-global-savetime
1604889662
via
cache4.l2cn1837[272,200-0,M], cache43.l2cn1837[273,0], vcache16.cn2631[291,200-0,M], vcache1.cn2631[291,0]
x-cache
MISS TCP_MISS dirn:-2:-2
x-swift-savetime
Mon, 09 Nov 2020 02:41:02 GMT
x-swift-cachetime
0
timing-allow-origin
*
eagleid
df90821516048896624498602e
layui.css
www.layuicdn.com/layui-v2.5.6/css/
0
0

0
inews.gtimg.com/newsapp_ls/0/12482210874/
3 KB
4 KB
Image
General
Full URL
https://inews.gtimg.com/newsapp_ls/0/12482210874/0
Requested by
Host: applets.idailian.cn
URL: https://applets.idailian.cn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28b::180c , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
NWSs /
Resource Hash
30fe42c7d54be79048c295b3dc2e6e1f541bad76ed10d72932c54691b812018e

Request headers

Referer
https://applets.idailian.cn/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Nov 2020 02:41:03 GMT
server
NWSs
content-type
image/jpeg
status
200
cache-control
max-age=0, no-cache, no-store
x-rtflag
1
x-nws-log-uuid
e8986f00-b2b2-4bd9-8325-e8900802c1b6
x-errno
-108
content-length
3485
x-info
illref
expires
Mon, 09 Nov 2020 02:41:03 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.layuicdn.com
URL
https://www.layuicdn.com/layui-v2.5.6/css/layui.css

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

applets.idailian.cn
inews.gtimg.com
www.layuicdn.com
www.layuicdn.com
223.144.130.223
2a02:26f0:6c00:28b::180c
30fe42c7d54be79048c295b3dc2e6e1f541bad76ed10d72932c54691b812018e
f9c48710c5b41b5b52ac85b7a2ada5654d514ccd44916d976f4d1620d2ac027e