documentation technical

government public service

Chinese

Within the developer-focused generic top-level domain (.dev), 'katelya-tgbed-bet.pages.dev' is registered, featuring subdomain 'katelya-tgbed-bet'. Count 5 characters in 'pages' holding 2 vowels versus 3 consonants. Segmentation suggests 1 word: pages. Expect 5 characters per word on average. No strong language cues emerged from the frequency lists.

html/d8/1a/d81a022f-030f-43e9-928a-d8d37109511f.html.gz

script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; font-src * data:; default-src 'none'; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io 'self'; frame-ancestors 'self' *.sentry.io; worker-src blob:; base-uri 'none'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; object-src 'none'; style-src * 'unsafe-inline'; media-src *; img-src * blob: data:; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=a5f02e28190a9e024b81b95e49e308cdb8b484c6

d64f5e4bc28a953d5f96759216a75d46834524d676d4805836c02b82f8c95723

9aa859fe75fc4371937d137cb3b815f32e2e3ad465c142a91a40be452e53e5ad

9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17

38554561faa143d9c39ca87e35f22c79fa72fdf9e34f090af74f59620a38e67c

ReDoS vulnerability in vue package that is exploitable through inefficient regex evaluation in the parseHTML function

8a85fbb75cf712b30434d24902746f8eb5dc9f067b3af04d388667a0ad2d065a

viewport

HSTS header missing - vulnerable to protocol downgrade attacks

CSP header missing - vulnerable to XSS attacks

Abuse Team

CloudFlare, Inc.

pages.dev

Abuse Account

Fastly RIR Administrator

Fastly Network Operations

Fastly, Inc.

SKYCA-3


    // 加载自定义背景
    (function() {
      const bgMode = localStorage.getItem('loginBackgroundMode') || 'gradient';
      const bgUrl = localStorage.getItem('loginBackgroundUrl') || '';
      const bgLayer = document.getElementById('bgImageLayer');
      const overlay = document.getElementById('bgOverlay');

      if (bgMode === 'image' && bgUrl) {
        bgLayer.style.backgroundImage = `url(${bgUrl})`;
        bgLayer.style.display = 'block';
        overlay.style.display = 'block';
        document.body.classList.add('has-bg-image');
      } else if (bgMode === 'bing') {
        // 使用 Bing 每日壁纸 API
        fetch('/api/bing/wallpaper/')
          .then(res => res.json())
          .then(data => {
            if (data.status && data.data && data.data.length > 0) {
              const bingUrl = 'https://cn.bing.com' + data.data[0].url;
              bgLayer.style.backgroundImage = `url(${bingUrl})`;
              bgLayer.style.display = 'block';
              overlay.style.display = 'block';
              document.body.classList.add('has-bg-image');
            }
          })
          .catch(err => console.log('Bing wallpaper fetch failed:', err));
      }
    })();

    // 页面加载时检查认证状态
    (async function() {
      try {
        const response = await fetch('/api/auth/check');
        const data = await response.json();
        
        if (!data.authRequired) {
          // 不需要认证，直接跳转
          redirectToTarget();
          return;
        }
        
        if (data.authenticated) {
          // 已认证，跳转到目标页面
          redirectToTarget();
        }
      } catch (e) {
        console.error('Auth check failed:', e);
      }
    })();

    function redirectToTarget() {
      const params = new URLSearchParams(window.location.search);
      let redirect = params.get('redirect') || '/';
      
      // 防止重定向到登录页本身，避免无限循环
      if (redirect.includes('login.html') || redirect === '/login') {
        redirect = '/';
      }
      
      // 使用 replace 防止用户回退到登录页
      window.location.replace(redirect);
    }

    function togglePassword() {
      const passwordInput = document.getElementById('password');
      const icon = document.getElementById('passwordToggleIcon');
      
      if (passwordInput.type === 'password') {
        passwordInput.type = 'text';
        icon.classList.remove('fa-eye');
        icon.classList.add('fa-eye-slash');
      } else {
        passwordInput.type = 'password';
        icon.classList.remove('fa-eye-slash');
        icon.classList.add('fa-eye');
      }
    }

    function showError(message) {
      const errorDiv = document.getElementById('errorMessage');
      const errorText = document.getElementById('errorText');
      errorText.textContent = message;
      errorDiv.classList.add('show');
    }

    function hideError() {
      document.getElementById('errorMessage').classList.remove('show');
    }

    function setLoading(loading) {
      const btn = document.getElementById('loginBtn');
      if (loading) {
        btn.disabled = true;
        btn.innerHTML = '<div class="spinner"></div><span>登录中...</span>';
      } else {
        btn.disabled = false;
        btn.innerHTML = '<i class="fas fa-sign-in-alt"></i><span>登 录</span>';
      }
    }

    async function handleLogin(event) {
      event.preventDefault();
      hideError();
      
      const username = document.getElementById('username').value.trim();
      const password = document.getElementById('password').value;
      
      if (!username || !password) {
        showError('请输入用户名和密码');
        return;
      }
      
      setLoading(true);
      
      try {
        const response = await fetch('/api/auth/login', {
          method: 'POST',
          headers: {
            'Content-Type': 'application/json'
          },
          body: JSON.stringify({ username, password })
        });
        
        const data = await response.json();
        
        if (data.success) {
          // 登录成功，跳转
          redirectToTarget();
        } else {
          showError(data.message || '登录失败');
          setLoading(false);
        }
      } catch (error) {
        console.error('Login error:', error);
        showError('网络错误，请稍后重试');
        setLoading(false);
      }
    }

    // 回车键提交
    document.getElementById('password').addEventListener('keypress', function(e) {
      if (e.key === 'Enter') {
        document.getElementById('loginForm').dispatchEvent(new Event('submit'));
      }
    });
  

Requests	IP Address	Location	AS Autonomous System
8	151.101.66.217	United States	AS54113
7	172.66.46.223	United States	AS13335Cloudflare, Inc.
7	151.101.129.229	United States	AS54113Fastly, Inc.
22	3	-	-

Security Scan Report: katelya-tgbed-bet.pages.dev

Summary

AI Security Verdict

Moderate Risk

Risk Factors

Details

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Detected Technologies3

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History