urlscan.io logo urlscan.io
SecurityTrails logo

gy13.niceblu.com Open in urlscan Pro
106.15.205.87  Public Scan

Go To Rescan Add Verdict Report
URL: https://gy13.niceblu.com/
Submission: On September 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 21 HTTP transactions. The main IP is 106.15.205.87, located in Shanghai, China and belongs to ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN. The main domain is gy13.niceblu.com.
TLS certificate: Issued by R11 on September 5th 2024. Valid for: 3 months.
This is the only time gy13.niceblu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 106.15.205.87 37963 (ALIBABA-C...)
9 139.196.119.72 37963 (ALIBABA-C...)
1 118.212.138.171 4837 (CHINA169-...)
1 2409:804c:800... 9808 (CHINAMOBI...)
1 43.152.15.37 139341 (ACE-AS-AP...)
1 2404:2280:1ba... 24429 (TAOBAO Zh...)
1 2408:873c:801... 4837 (CHINA169-...)
3 47.96.83.41 37963 (ALIBABA-C...)
2 121.40.207.133 37963 (ALIBABA-C...)
21 10
1    106.15.205.87 (Shanghai, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
gy13.niceblu.com
9    139.196.119.72 (Shanghai, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
assetcdn.oss-cn-shanghai.aliyuncs.com
1    118.212.138.171 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
PTR: 171.138.212.118.adsl-pool.jx.chinaunicom.com
staticcdntx.xwtec.cn
1    2409:804c:800:101::29 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)
hb.ac.10086.cn
1    43.152.15.37 (Hong Kong, Hong Kong)

ASN139341 (ACE-AS-AP ACE, SG)
res2.wx.qq.com
1    2404:2280:1ba:0:3::7fc (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
retcode.alicdn.com
1    2408:873c:8010:2::ff65 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
assets.wi-fi.cn
3    47.96.83.41 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
arms-retcode.aliyuncs.com
2    121.40.207.133 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
api.liuliangguo.com
Apex Domain
Subdomains		 Transfer
12 aliyuncs.com
assetcdn.oss-cn-shanghai.aliyuncs.com
arms-retcode.aliyuncs.com — Cisco Umbrella Rank: 28543
203 KB
2 liuliangguo.com
api.liuliangguo.com — Cisco Umbrella Rank: 417493
794 B
1 wi-fi.cn
assets.wi-fi.cn — Cisco Umbrella Rank: 863517
36 KB
1 alicdn.com
retcode.alicdn.com — Cisco Umbrella Rank: 65946
15 KB
1 qq.com
res2.wx.qq.com — Cisco Umbrella Rank: 118572
4 KB
1 10086.cn
hb.ac.10086.cn
6 KB
1 xwtec.cn
staticcdntx.xwtec.cn
18 KB
1 niceblu.com
gy13.niceblu.com
1 KB
21 8
Domain Requested by
9 assetcdn.oss-cn-shanghai.aliyuncs.com gy13.niceblu.com
3 arms-retcode.aliyuncs.com retcode.alicdn.com
2 api.liuliangguo.com assets.wi-fi.cn
1 assets.wi-fi.cn gy13.niceblu.com
1 retcode.alicdn.com gy13.niceblu.com
1 res2.wx.qq.com gy13.niceblu.com
1 hb.ac.10086.cn gy13.niceblu.com
1 staticcdntx.xwtec.cn gy13.niceblu.com
1 gy13.niceblu.com
21 9

This site contains no links.

Subject Issuer Validity Valid
gy13.niceblu.com
R11		 2024-09-05 -
2024-12-04		 3 months crt.sh
cn-shanghai.oss.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-02-19 -
2025-03-22		 a year crt.sh
staticcdntx.xwtec.cn
Encryption Everywhere DV TLS CA - G2		 2023-10-23 -
2024-10-23		 a year crt.sh
*.ac.10086.cn
SHECA OV Server CA G5		 2024-03-11 -
2025-04-11		 a year crt.sh
weixin.qq.com
DigiCert Secure Site CN CA G3		 2024-07-30 -
2024-12-18		 5 months crt.sh
*.tbcdn.cn
GlobalSign Organization Validation CA - SHA256 - G3		 2024-06-19 -
2025-07-21		 a year crt.sh
*.wi-fi.cn
RapidSSL TLS RSA CA G1		 2023-10-25 -
2024-11-24		 a year crt.sh
*.arms.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-01-11 -
2025-02-11		 a year crt.sh
*.liuliangguo.com
RapidSSL TLS RSA CA G1		 2024-02-01 -
2025-02-01		 a year crt.sh

This page contains 2 frames:

Primary Page: https://gy13.niceblu.com/
Frame ID: FC437F7253562DC0292E91CB58F9E7EF
Requests: 20 HTTP requests in this frame

Frame: https://api.liuliangguo.com/package
Frame ID: 70FD53F92EA01F8822C719776BA2F971
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

加载中...

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

95 %
HTTPS

33 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

284 kB
Transfer

1313 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gy13.niceblu.com/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gy13.niceblu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
106.15.205.87 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
8da69855a8fa0e5607a33e723eb75a393c52146c6cc30d9544d9228706600abf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 05 Sep 2024 14:02:23 GMT
etag
W/"66d9820c-b41"
last-modified
Thu, 05 Sep 2024 10:03:56 GMT
server
nginx
vary
Accept-Encoding
animate.min.css
assetcdn.oss-cn-shanghai.aliyuncs.com/commonJs/ 		70 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assetcdn.oss-cn-shanghai.aliyuncs.com/commonJs/animate.min.css
Requested by
Host: gy13.niceblu.com
URL: https://gy13.niceblu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.196.119.72 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
a61e123314188bd0453320008e01b4bbb665bee09039f4cbd9bef44de410ce67

Request headers

Referer
https://gy13.niceblu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Thu, 05 Sep 2024 14:02:24 GMT
Content-Encoding
gzip
x-oss-request-id
66D9B9F00D39F73733FEEFF9
Last-Modified
Mon, 04 Dec 2023 07:40:07 GMT
Server
AliyunOSS
Content-MD5
s9W3WJjx7YhcfStTj6qLgQ==
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/css
x-oss-storage-class
Standard
Connection
keep-alive
x-oss-hash-crc64ecma
3982539030166321380
x-oss-server-time
3
swiper-bundle.min.css
assetcdn.oss-cn-shanghai.aliyuncs.com/commonJs/ 		16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assetcdn.oss-cn-shanghai.aliyuncs.com/commonJs/swiper-bundle.min.css
Requested by
Host: gy13.niceblu.com
URL: https://gy13.niceblu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.196.119.72 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac

Request headers

Referer
https://gy13.niceblu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Thu, 05 Sep 2024 14:02:24 GMT
Content-Encoding
gzip
x-oss-request-id
66D9B9F00D39F7363808F0F9
Last-Modified
Mon, 04 Dec 2023 07:23:01 GMT
Server
AliyunOSS
Content-MD5
BHIMYLwCDLupJ4XdQCn30g==
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/css
x-oss-storage-class
Standard
Connection
keep-alive
x-oss-hash-crc64ecma
5904526979652251329
x-oss-server-time
2
jquery-3.5.1.min.js
assetcdn.oss-cn-shanghai.aliyuncs.com/commonJs/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetcdn.oss-cn-shanghai.aliyuncs.com/commonJs/jquery-3.5.1.min.js
Requested by
Host: gy13.niceblu.com
URL: https://gy13.niceblu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.196.119.72 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://gy13.niceblu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Thu, 05 Sep 2024 14:02:24 GMT
Content-Encoding
gzip
x-oss-request-id
66D9B9F00D39F737331AF1F9
Last-Modified
Tue, 14 Nov 2023 02:43:51 GMT
Server
AliyunOSS
Content-MD5
3F5/GMjTasHT1HU6h8mNCg==
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/javascript
x-oss-storage-class
Standard
Connection
keep-alive
x-oss-hash-crc64ecma
4110229572790551004
x-oss-server-time
2
app.83f0bb681725530622497.js
assetcdn.oss-cn-shanghai.aliyuncs.com/assets/ 		632 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetcdn.oss-cn-shanghai.aliyuncs.com/assets/app.83f0bb681725530622497.js
Requested by
Host: gy13.niceblu.com
URL: https://gy13.niceblu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.196.119.72 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
1d9c480596958f0b291147888e4f5172fb6bae842f2d746ec6b345b8b7b353a7

Request headers

Referer
https://gy13.niceblu.com/
Origin
https://gy13.niceblu.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 05 Sep 2024 14:02:24 GMT
Content-Encoding
gzip
x-oss-request-id
66D9B9F0E5C23A3735892B57
Content-MD5
1Qq6KUek/sfDlCo7uPU7DA==
Transfer-Encoding
chunked
Connection
keep-alive
x-oss-object-type
Normal
Last-Modified
Thu, 05 Sep 2024 10:03:58 GMT
Server
AliyunOSS
Vary
Accept-Encoding, Origin
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
https://gy13.niceblu.com
Access-Control-Max-Age
5
Access-Control-Allow-Credentials
true
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
8517110015699455767
x-oss-server-time
3
index.649552761725530622497.css
assetcdn.oss-cn-shanghai.aliyuncs.com/assets/ 		200 B
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assetcdn.oss-cn-shanghai.aliyuncs.com/assets/index.649552761725530622497.css
Requested by
Host: gy13.niceblu.com
URL: https://gy13.niceblu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.196.119.72 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
649552768ea9bf4ef365d7629491f55cb83633307c094d36bf924209aa583980

Request headers

Referer
https://gy13.niceblu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Thu, 05 Sep 2024 14:02:24 GMT
x-oss-request-id
66D9B9F04EA6A230349CB975
Last-Modified
Thu, 05 Sep 2024 10:04:39 GMT
Server
AliyunOSS
Content-MD5
quQlwyq9lsZ4DcUSTOwCwA==
ETag
"AAE425C32ABD96C6780DC5124CEC02C0"
Vary
Origin
Content-Type
text/css
x-oss-storage-class
Standard
Connection
keep-alive
Accept-Ranges
bytes
x-oss-hash-crc64ecma
56967875080007246
Content-Length
200
x-oss-server-time
3
rec_00ad8c2295.min.js
staticcdntx.xwtec.cn/static/taobaoH5/busi/fs/js/sdk/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staticcdntx.xwtec.cn/static/taobaoH5/busi/fs/js/sdk/rec_00ad8c2295.min.js
Requested by
Host: gy13.niceblu.com
URL: https://gy13.niceblu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.212.138.171 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
171.138.212.118.adsl-pool.jx.chinaunicom.com
Software
openresty /
Resource Hash
082f67e07bdabfa6afd76473c8eb7e851768c6d68b77f345f0e03b5d9da8f368

Request headers

Referer
https://gy13.niceblu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:26:57 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Wed, 28 Aug 2024 07:16:08 GMT
server
openresty
etag
"66ceceb8-ec3b"
content-type
application/javascript
access-control-allow-origin
*
x-nws-log-uuid
14899125043527871751
accept-ranges
bytes
content-length
17949
jsencrypt.min.js
assetcdn.oss-cn-shanghai.aliyuncs.com/commonJs/ 		67 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetcdn.oss-cn-shanghai.aliyuncs.com/commonJs/jsencrypt.min.js
Requested by
Host: gy13.niceblu.com
URL: https://gy13.niceblu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.196.119.72 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
ddb3ee3c5311c5de2d5960c4b61a43db33c3b8b96753e422511647e9e46ac16b

Request headers

Referer
https://gy13.niceblu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Thu, 05 Sep 2024 14:02:24 GMT
Content-Encoding
gzip
x-oss-request-id
66D9B9F0A9FF3B3834EE8AE2
Last-Modified
Fri, 16 Jun 2023 08:29:30 GMT
Server
AliyunOSS
Content-MD5
VdX7kWuTgcxFYIpgx7R8Bg==
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/javascript
x-oss-storage-class
Standard
Connection
keep-alive
x-oss-hash-crc64ecma
3837472224613552461
x-oss-server-time
3
appSourceCollect.js
assetcdn.oss-cn-shanghai.aliyuncs.com/commonJs/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetcdn.oss-cn-shanghai.aliyuncs.com/commonJs/appSourceCollect.js
Requested by
Host: gy13.niceblu.com
URL: https://gy13.niceblu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.196.119.72 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
c7adddb9974a42d7efef0739cf14771174201a9876085fcde36c7e0a2db2cf8f

Request headers

Referer
https://gy13.niceblu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Thu, 05 Sep 2024 14:02:24 GMT
Content-Encoding
gzip
x-oss-request-id
66D9B9F05C5A72323014BFCD
Last-Modified
Mon, 29 Apr 2024 07:33:56 GMT
Server
AliyunOSS
Content-MD5
UWpVZI7ODXSUG8Yl5zCouQ==
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/javascript
x-oss-storage-class
Standard
Connection
keep-alive
x-oss-hash-crc64ecma
12697116730697433597
x-oss-server-time
2
swiper-bundle.min.js
assetcdn.oss-cn-shanghai.aliyuncs.com/commonJs/ 		140 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetcdn.oss-cn-shanghai.aliyuncs.com/commonJs/swiper-bundle.min.js
Requested by
Host: gy13.niceblu.com
URL: https://gy13.niceblu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.196.119.72 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade

Request headers

Referer
https://gy13.niceblu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Thu, 05 Sep 2024 14:02:24 GMT
Content-Encoding
gzip
x-oss-request-id
66D9B9F0B3A78A35398BA709
Last-Modified
Mon, 04 Dec 2023 07:21:01 GMT
Server
AliyunOSS
Content-MD5
JP2PeWYJ15/Le25a51RDOw==
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/javascript
x-oss-storage-class
Standard
Connection
keep-alive
x-oss-hash-crc64ecma
6345871509132549509
x-oss-server-time
3
sendcode.js
hb.ac.10086.cn/ngca/app/page/tpchannel/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.ac.10086.cn/ngca/app/page/tpchannel/sendcode.js
Requested by
Host: gy13.niceblu.com
URL: https://gy13.niceblu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2409:804c:800:101::29 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
f162a37b394d5dcecebfef21c731508dc64269fdd57c3c9a3b4fa254e15eab93

Request headers

Referer
https://gy13.niceblu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 05 Sep 2024 14:02:27 GMT
Via
1.1 ID-0314217224705270 uproxy-5
last-modified
Thu, 18 Apr 2024 08:43:40 GMT
Server
nginx
etag
W/"5867-1713429820000"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/html;charset=UTF-8
x-envoy-upstream-service-time
1
Connection
Keep-alive
accept-ranges
bytes
moment.js
assetcdn.oss-cn-shanghai.aliyuncs.com/commonJs/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetcdn.oss-cn-shanghai.aliyuncs.com/commonJs/moment.js
Requested by
Host: gy13.niceblu.com
URL: https://gy13.niceblu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.196.119.72 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
db2fc5291f5ecbe9255ea7ea4cc7e4434c0d52b5255454d3621b22f7089645ac

Request headers

Referer
https://gy13.niceblu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Thu, 05 Sep 2024 14:02:24 GMT
Content-Encoding
gzip
x-oss-request-id
66D9B9F04EA6A230349CBA75
Last-Modified
Thu, 11 Jan 2024 08:43:20 GMT
Server
AliyunOSS
Content-MD5
2p1ZexYJLJtUoMmaFY6YzQ==
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/javascript
x-oss-storage-class
Standard
Connection
keep-alive
x-oss-hash-crc64ecma
11344695283560224592
x-oss-server-time
3
jweixin-1.6.0.js
res2.wx.qq.com/open/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res2.wx.qq.com/open/js/jweixin-1.6.0.js
Requested by
Host: gy13.niceblu.com
URL: https://gy13.niceblu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.152.15.37 Hong Kong, Hong Kong, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
0f17c4f7daf51a49a9627714ad2da6c037352442699ba8ceca68b7c6dc0b1dba

Request headers

Referer
https://gy13.niceblu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 14:02:26 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
last-modified
Fri, 16 Aug 2024 09:50:00 GMT
server
Lego Server
content-type
application/x-javascript
access-control-allow-origin
https://open.weixin.qq.com
cache-control
must-revalidate, max-age=31536000
x-nws-log-uuid
5206958535314961389
accept-ranges
bytes
content-length
4304
bl.js
retcode.alicdn.com/retcode/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retcode.alicdn.com/retcode/bl.js
Requested by
Host: gy13.niceblu.com
URL: https://gy13.niceblu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1ba:0:3::7fc , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
1887df99fdf341ac77c13d72958ee925ae13bdae1bfc8f2e760a74eb909f0b7c

Request headers

Referer
https://gy13.niceblu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 14:02:06 GMT
via
cache3.l2us1[685,685,304-0,H], cache26.l2us1[686,0], ens-cache14.us26[0,0,200-0,H], ens-cache13.us26[1,0]
content-encoding
gzip
x-oss-request-id
66D9B9DE8563743336B900ED
content-md5
27nDQQ0OptR4zNz26eUW2Q==
age
20
x-swift-cachetime
60
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime
Thu, 05 Sep 2024 14:02:06 GMT
content-length
14391
x-oss-object-type
Normal
last-modified
Mon, 20 Jun 2022 15:32:40 GMT
server
Tengine
x-oss-server-side-encryption
AES256
etag
"DBB9C3410D0EA6D478CCDCF6E9E516D9"
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
ali-swift-global-savetime
1725544926
cache-control
max-age=86400,s-maxage=60
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
16272824908249113646
eagleid
081952a117255449460756753e
x-oss-server-time
2
liuliangguoSDK_min.js
assets.wi-fi.cn/assets/js/ 		115 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.wi-fi.cn/assets/js/liuliangguoSDK_min.js?v=1.1.5
Requested by
Host: gy13.niceblu.com
URL: https://gy13.niceblu.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2408:873c:8010:2::ff65 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
31e0c63c3a044a6f4f0c63c1e35cf15a90ebfa5de0dd8e017a2e79e0bd621162

Request headers

Referer
https://gy13.niceblu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

nginx-hit
1
Date
Thu, 05 Sep 2024 14:02:29 GMT
via
CHN-JSyancheng-CUCC1-CACHE27[5],CHN-JSyancheng-CUCC1-CACHE21[0,TCP_HIT,1],CHN-SH-GLOBAL4-CACHE95[11],CHN-SH-GLOBAL4-CACHE120[0,TCP_HIT,10]
Content-Encoding
gzip
X-CCDN-CacheTTL
1296000
Last-Modified
Mon, 19 Aug 2024 07:55:56 GMT
Server
openresty
Age
296060
ETag
W/"66c2fa8c-1ca70"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35839
x-hcs-proxy-type
1
r.png
arms-retcode.aliyuncs.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://arms-retcode.aliyuncs.com/r.png?t=perf&times=1&page=gy13.niceblu.com&tag=&release=&environment=prod&begin=1725544940663&dns=969&tcp=1754&ssl=258&ttfb=237&trans=2&dom=3638&res=2815&firstbyte=2959&fpt=2963&tti=6600&ready=6637&load=9452&ct=4g&bandwidth=10&navtype=Other&fmp=6637&autoSend=true&sr=1600x1200&vp=1600x1200&uid=7amvt01ypakcIqw5ksXsp12w4Cj4&sid=zFmm30I1pvmcCzw3FsCepa0yXn96&pid=i67g56913k%402633843158c9b6a&_v=1.8.31&pv_id=nOm4606tp83c71w2ep9hqqX7s3wI&sampling=1&z=m0pcwpq6
Requested by
Host: retcode.alicdn.com
URL: https://retcode.alicdn.com/retcode/bl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.96.83.41 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://gy13.niceblu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 05 Sep 2024 14:02:31 GMT
server
nginx
timing-allow-origin
*
content-type
image/png
r.png
arms-retcode.aliyuncs.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://arms-retcode.aliyuncs.com/r.png?t=pv&times=1&page=%5Bindex%5D&tag=&release=&environment=prod&begin=1725544950120&uid=7amvt01ypakcIqw5ksXsp12w4Cj4&dt=%E5%8A%A0%E8%BD%BD%E4%B8%AD...&dr=&dpr=1.00&de=utf-8&ul=en&sr=1600x1200&vp=1600x1200&ct=4g&sid=zFmm30I1pvmcCzw3FsCepa0yXn96&pid=i67g56913k%402633843158c9b6a&_v=1.8.31&pv_id=nOm4606tp83c71w2ep9hqqX7s3wI&sampling=1&dl=https%3A%2F%2Fgy13.niceblu.com%2F&z=m0pcwpq7
Requested by
Host: retcode.alicdn.com
URL: https://retcode.alicdn.com/retcode/bl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.96.83.41 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://gy13.niceblu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 05 Sep 2024 14:02:31 GMT
server
nginx
timing-allow-origin
*
content-type
image/png
r.png
arms-retcode.aliyuncs.com/ 		1 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://arms-retcode.aliyuncs.com/r.png?t=res&times=1&page=gy13.niceblu.com&tag=&release=&environment=prod&begin=1725544940662&dom=3638&load=9452&sr=1600x1200&vp=1600x1200&ct=4g&uid=7amvt01ypakcIqw5ksXsp12w4Cj4&sid=zFmm30I1pvmcCzw3FsCepa0yXn96&pid=i67g56913k%402633843158c9b6a&_v=1.8.31&pv_id=nOm4606tp83c71w2ep9hqqX7s3wI&sampling=1&dl=https%3A%2F%2Fgy13.niceblu.com%2F&z=m0pcwpq8&post_res=
Requested by
Host: retcode.alicdn.com
URL: https://retcode.alicdn.com/retcode/bl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.96.83.41 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://gy13.niceblu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 05 Sep 2024 14:02:31 GMT
server
nginx
timing-allow-origin
*
content-type
image/png
uuid
api.liuliangguo.com/ 		89 B
794 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.liuliangguo.com/uuid?data=%22S+8x50AfL1+diFwbFvbGiw==%22&callback=jsonp_1725544950125
Requested by
Host: assets.wi-fi.cn
URL: https://assets.wi-fi.cn/assets/js/liuliangguoSDK_min.js?v=1.1.5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
121.40.207.133 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash
9e799f3c17306304c4c20eb3243aa558a426fcf03d0880d22699f9aa29a45ac2

Request headers

Referer
https://gy13.niceblu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 14:02:32 GMT
cache-control
no-cache, private
content-encoding
br
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
package
api.liuliangguo.com/ Frame 70FD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.liuliangguo.com/package
Requested by
Host: assets.wi-fi.cn
URL: https://assets.wi-fi.cn/assets/js/liuliangguoSDK_min.js?v=1.1.5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
121.40.207.133 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gy13.niceblu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 05 Sep 2024 14:02:32 GMT
vary
Accept-Encoding Origin
favicon.ico
gy13.niceblu.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gy13.niceblu.com
URL
https://gy13.niceblu.com/favicon.ico

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| __bl function| _0x39f7 function| _0x35b5 object| recsdk function| JSEncrypt function| JudgmentEnvironment function| Swiper function| BrowserLogger function| __oFetch_ function| __oXMLHttpRequest_ boolean| __hasInitBlSdk object| tpChannelAuth function| moment object| jWeixin object| wx object| __VUE_HMR_RUNTIME__ object| devtoolsFormatters boolean| __VUE__ object| __VUE_DEVTOOLS_PLUGINS__ function| a0_0x5784 object| llgsdk function| llgInit function| a0_0x1377

3 Cookies

Domain/Path Name / Value
gy13.niceblu.com/ Name: _bl_uid
Value: 7amvt01ypakcIqw5ksXsp12w4Cj4
api.liuliangguo.com/ Name: uuid
Value: eyJpdiI6IlRtWUdhQ2ZBOFZTZ2hDNlZOVGtZRFE9PSIsInZhbHVlIjoiNUZjTWNSekhmYUxjdTdJNmx5UkJTOU9tellRNmdpcmo1RXNGMG14YXluNHl4THpZSFM1OHRpWitDSEFneVhuRE4rM1FIQk52QW5jd0hPY3o4RUluV283SnIyNG5TR1IvQUxxMnF6Q3RVMlk9IiwibWFjIjoiZDI4ZWQyNTQxNTdiNDA2NTc4NzVjZjRlYTU4MDQ5OWVmMmY1MGExMzczMTJhMGQ2YjIxMzYxYzc2ODU3MDFkZCIsInRhZyI6IiJ9
api.liuliangguo.com/ Name: SERVERCORSID
Value: 228c6e975d1fa93d0e08eb3ca9ef434d|1725544952|1725544952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.liuliangguo.com
arms-retcode.aliyuncs.com
assetcdn.oss-cn-shanghai.aliyuncs.com
assets.wi-fi.cn
gy13.niceblu.com
hb.ac.10086.cn
res2.wx.qq.com
retcode.alicdn.com
staticcdntx.xwtec.cn
gy13.niceblu.com
106.15.205.87
118.212.138.171
121.40.207.133
139.196.119.72
2404:2280:1ba:0:3::7fc
2408:873c:8010:2::ff65
2409:804c:800:101::29
43.152.15.37
47.96.83.41
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
082f67e07bdabfa6afd76473c8eb7e851768c6d68b77f345f0e03b5d9da8f368
0f17c4f7daf51a49a9627714ad2da6c037352442699ba8ceca68b7c6dc0b1dba
1887df99fdf341ac77c13d72958ee925ae13bdae1bfc8f2e760a74eb909f0b7c
1d9c480596958f0b291147888e4f5172fb6bae842f2d746ec6b345b8b7b353a7
31e0c63c3a044a6f4f0c63c1e35cf15a90ebfa5de0dd8e017a2e79e0bd621162
322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac
649552768ea9bf4ef365d7629491f55cb83633307c094d36bf924209aa583980
8da69855a8fa0e5607a33e723eb75a393c52146c6cc30d9544d9228706600abf
9e799f3c17306304c4c20eb3243aa558a426fcf03d0880d22699f9aa29a45ac2
a61e123314188bd0453320008e01b4bbb665bee09039f4cbd9bef44de410ce67
c7adddb9974a42d7efef0739cf14771174201a9876085fcde36c7e0a2db2cf8f
db2fc5291f5ecbe9255ea7ea4cc7e4434c0d52b5255454d3621b22f7089645ac
ddb3ee3c5311c5de2d5960c4b61a43db33c3b8b96753e422511647e9e46ac16b
f162a37b394d5dcecebfef21c731508dc64269fdd57c3c9a3b4fa254e15eab93
f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d