cm-trojan.hengda.filegear-sg.me Open in urlscan Pro
172.67.220.54  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response cm-trojan.hengda.filegear-sg.me/	38 KB 10 KB	2405ms 919ms	Document text/html	172.67.220.54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm-trojan.hengda.filegear-sg.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.220.54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 071f26bfcd811f7feb4014ca9cf5bcbc785021fb06ae73f5be9d0695b0e64662 Request headers Accept-Language zh-SG,zh;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * age 0 alt-svc h3=":443"; ma=86400 cache-control max-age=600 cf-cache-status DYNAMIC cf-ray 8863e640daac9c4b-SIN content-encoding br content-type text/html; charset=utf-8 date Sun, 19 May 2024 11:55:41 GMT expires Sun, 19 May 2024 12:05:41 GMT last-modified Mon, 15 Apr 2024 02:52:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sal0U3dVQZXukrxatxqbQpQmRgCiyyrHNw5mKDrUPwcVC1knMMFjtRPL7Y2BKO5rNDbgFvgFe4rJPh35osi6QsBBkVTsUE9dXcK%2BzwCE26FgrxdnPqlLHCveyrONHtL5UtptyMJpiNZEXPX8lRERlANZ"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding via 1.1 varnish x-cache MISS x-cache-hits 0 x-fastly-request-id 96c7c017b419eb475075fe63c10ba61f8d15a4f6 x-github-request-id F3EA:08F5:854E06:8BFACB:6649E8BD x-proxy-cache MISS x-served-by cache-qpg1259-QPG x-timer S1716119742.691701,VS0,VE281
GET H2	404	main.css cm-trojan.hengda.filegear-sg.me/css/	0 0	777ms 773ms	Stylesheet text/plain	172.67.220.54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm-trojan.hengda.filegear-sg.me/css/main.css Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.220.54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 11:55:42 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gNHAr05s9hIxelkTLFifJCij0PzRm49Z13DsBq8lBH9lWuLSno8DeTUlUWyrafggY%2F4rXiTVKG1NzfA%2FTJ%2BZNdPTHibA3esvUfW6b7dNON9pPYL83A5wCNaWab7SxX2IB0yAxG2PCguJ%2FyWaagyrZBgI"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 cache-control max-age=14400 cf-ray 8863e646ca6a9c4b-SIN alt-svc h3=":443"; ma=86400 content-length 21
GET H2	200	font-awesome.min.css netdna.bootstrapcdn.com/font-awesome/4.1.0/css/	20 KB 5 KB	2409ms 766ms	Stylesheet text/css	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netdna.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 11:55:44 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 718 strict-transport-security max-age=31536000; includeSubDomains; preload age 754002 cdn-cachedat 03/18/2024 13:06:50 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:53 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"bbfef9385083d307ad2692c0cf99f611" vary Accept-Encoding, Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid b4171904bae816d6c01d8bc6b2a3d8d3 timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 8863e6510dab833c-SIN cdn-requestpullsuccess True
GET H2	200	busuanzi.pure.mini.js Show response busuanzi.ibruce.info/busuanzi/2.3/	2 KB 2 KB	3920ms 1075ms	Script application/javascript	97.64.23.206 IT7NET
General Check archive.org Show headers Download Go to Full URL https://busuanzi.ibruce.info/busuanzi/2.3/busuanzi.pure.mini.js Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 97.64.23.206 Los Angeles, United States, ASN25820 (IT7NET, CA), Reverse DNS localhost.localdomain Software nginx/1.14.1 / Resource Hash 0471fe90ad450f642e15aa79134b7bb6a2b2fd7e88349948fbe60747062ab25e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 11:55:48 GMT last-modified Mon, 23 Nov 2020 05:39:59 GMT server nginx/1.14.1 accept-ranges bytes etag "5fbb4b2f-793" content-length 1939 content-type application/javascript
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	150 KB 51 KB	2809ms 1496ms	Script text/javascript	64.233.170.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.233.170.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sg-in-f155.1e100.net Software cafe / Resource Hash 4a46b445c0606d0e11fa111b0bd5c76af158932d61070206ea85907897f7fc60 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 11:55:46 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51841 x-xss-protection 0 server cafe etag 1697029200235098826 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Sun, 19 May 2024 11:55:46 GMT
GET H2	404	avatar.jpg cm-trojan.hengda.filegear-sg.me/images/	21 B 21 B	1375ms 1373ms	Image text/plain	172.67.220.54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm-trojan.hengda.filegear-sg.me/images/avatar.jpg Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.220.54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b6825c0699b382a7a2a21b76b5fb925c91c50d02ad6163ab617915ab022db08 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 11:55:42 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GadgdB3vinT6N3qqD442Bgw30xCKc19kKm1rHIc6Kwp6LGZpzB%2Bc4aCma1BBN3VbTxPbLYe%2F7%2FUAE0O5aARsQ3mLXpAWS2GaVP5%2BRs9ETKcEbghWtDE3kc%2FDca5H4znnpnME47zpssOuT%2BuqQ0xR9%2BNb"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 cache-control max-age=14400 cf-ray 8863e646ca6b9c4b-SIN alt-svc h3=":443"; ma=86400 content-length 21
GET H2	404	calendar.png cm-trojan.hengda.filegear-sg.me/images/	21 B 21 B	2086ms 2084ms	Image text/plain	172.67.220.54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm-trojan.hengda.filegear-sg.me/images/calendar.png Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.220.54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b6825c0699b382a7a2a21b76b5fb925c91c50d02ad6163ab617915ab022db08 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 11:55:42 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7QGCnhSVn24yN5BEM%2Bh49aYOzrnoAE%2BdYEGWOjH9IoIqA%2FNVxDjfUjgfQw5JCoJTQVGEISHniC2pg5m8LUpdTX%2B3i4QEKkom4OJcvfgyZZJ3mdEjuF1JL74jl0YQdm2PDxBE61pjsPsBUnToTWEpk%2FqR"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 cache-control max-age=14400 cf-ray 8863e646ca6c9c4b-SIN alt-svc h3=":443"; ma=86400 content-length 21
GET H2	404	tag-icon.svg cm-trojan.hengda.filegear-sg.me/images/	21 B 21 B	1080ms 1079ms	Image text/plain	172.67.220.54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm-trojan.hengda.filegear-sg.me/images/tag-icon.svg Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.220.54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b6825c0699b382a7a2a21b76b5fb925c91c50d02ad6163ab617915ab022db08 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 11:55:44 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F75F0aD4P2ynJwU5Mmd8XhH1gW%2FgMbpS0HIPrcL9xwZ9Uy4yo5UyA5aTwtStPX5h6z3nFMtjWwNxtrSgjNPn4F8UOOK%2BxT8M%2FWzc5gcifUxnA0Uk%2BrxrvwCILxlEm2%2FBaN1Yr4O9H8zU5s3OrcNyI%2Bvs"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 cache-control max-age=14400 cf-ray 8863e65169299c4b-SIN alt-svc h3=":443"; ma=86400 content-length 21
GET H2	200	font-awesome.min.css cdn.bootcss.com/font-awesome/4.3.0/css/	23 KB 6 KB	3347ms 1511ms	Stylesheet text/css	104.18.50.162 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bootcss.com/font-awesome/4.3.0/css/font-awesome.min.css Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.50.162 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 11:55:46 GMT content-encoding gzip cf-cache-status HIT age 47362 last-modified Fri, 17 May 2024 13:09:17 GMT server cloudflare etag W/"664756fd-5cbb" vary Accept-Encoding access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true access-control-max-age 1800 cf-ray 8863e661196c40e3-SIN access-control-allow-headers Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Token expires Mon, 19 May 2025 11:55:46 GMT
GET H2	200	email-decode.min.js Show response cm-trojan.hengda.filegear-sg.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	539ms 538ms	Script application/javascript	172.67.220.54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm-trojan.hengda.filegear-sg.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.220.54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 11:55:45 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 14 May 2024 13:45:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66436af9-4d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fbxPQ8Ev%2FHzktXeoasdjM%2BQcgpNB07zxnua%2Fytz7Z6CHca8Di2%2BxEpRTMI219coKcaCJAtmbhCoUZ9kCMxCziAdT5Jq%2F1mwwlYEKCeuT1eu3vg%2FMQnLlr5HBPwRSWzQbAx7PwlMHRAXnalKYyujxavFc"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 8863e6592c029c4b-SIN expires Tue, 21 May 2024 11:55:45 GMT
GET H2	200	jquery-1.11.3.min.js Show response code.jquery.com/	94 KB 94 KB	2329ms 1009ms	Script application/javascript	151.101.66.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-1.11.3.min.js Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 11:55:46 GMT via 1.1 varnish, 1.1 varnish age 21317546 x-cache HIT, HIT content-length 95957 x-served-by cache-lga21975-LGA, cache-qpg120092-QPG last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1716119747.761668,VS0,VE0 etag "28feccc0-176d5" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 27, 52016
GET H2	404	main.js cm-trojan.hengda.filegear-sg.me/js/	0 0	1611ms 1606ms	Script text/plain	172.67.220.54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm-trojan.hengda.filegear-sg.me/js/main.js Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.220.54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 11:55:45 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AU34MeJ43QaEthIApVxzM%2F1cEVkM8jb3m113HA5D7u3oeziTCON%2FsZW5ybierxJWv7PMlSG%2Bd0FjHSroyHZGa%2Bbrk0Piaur%2BGoGHvFBRA3InspRXS20LZjcM0a%2F8%2BhtjHJaWrt2pPZTZTYyQuyORpNOH"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 cache-control max-age=14400 cf-ray 8863e6593c0f9c4b-SIN alt-svc h3=":443"; ma=86400 content-length 21
GET H2	404	highlight.pack.js cm-trojan.hengda.filegear-sg.me/js/	0 0	2569ms 2565ms	Script text/plain	172.67.220.54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm-trojan.hengda.filegear-sg.me/js/highlight.pack.js Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.220.54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 11:55:45 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=80psYavHkg26FxgEyJpBO2xs0FUNU1cOkzxrRKyO9573%2BS3%2BmNNOP4wSIgR9k0bwAkFSG%2FdC%2F137JOsX7JUJ8RCRH4pfWcR6vlS%2FkGdhY4DWT%2BUqZO9VNWKJAUYJ6FKPb05puLi4UPGMKbP5P35SdXP1"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 cache-control max-age=14400 cf-ray 8863e6593c149c4b-SIN alt-svc h3=":443"; ma=86400 content-length 21
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	29 KB 12 KB	2822ms 974ms	Script application/javascript	111.45.3.198 CMNET-GUANGDONG-A...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?8ba1c6be0953b6f9c2ba38e57f615421 Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN), Reverse DNS Software apache / Resource Hash ea8a063b8602f719c5e6adfb1d5a53884ccf74e27071be1fb702029852aedf32 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 19 May 2024 11:55:47 GMT Content-Encoding gzip Strict-Transport-Security max-age=172800 Server apache Etag 97c77b1291db8bc3b887d38c18bbc11c P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Content-Type application/javascript Cache-Control max-age=0, must-revalidate Content-Length 11257
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	2828ms 1321ms	Script text/javascript	142.251.175.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.175.138 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS sh-in-f138.1e100.net Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 19 May 2024 11:01:45 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 3244 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sun, 19 May 2024 13:01:45 GMT
GET H2	404	calendar.png cm-trojan.hengda.filegear-sg.me/images/	21 B 21 B	1ms 0ms	Image text/plain	172.67.220.54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm-trojan.hengda.filegear-sg.me/images/calendar.png Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.220.54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b6825c0699b382a7a2a21b76b5fb925c91c50d02ad6163ab617915ab022db08 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 11:55:42 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7QGCnhSVn24yN5BEM%2Bh49aYOzrnoAE%2BdYEGWOjH9IoIqA%2FNVxDjfUjgfQw5JCoJTQVGEISHniC2pg5m8LUpdTX%2B3i4QEKkom4OJcvfgyZZJ3mdEjuF1JL74jl0YQdm2PDxBE61pjsPsBUnToTWEpk%2FqR"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 cache-control max-age=14400 cf-ray 8863e646ca6c9c4b-SIN alt-svc h3=":443"; ma=86400 content-length 21
GET H2	404	tag-icon.svg cm-trojan.hengda.filegear-sg.me/images/	21 B 21 B	0ms 0ms	Image text/plain	172.67.220.54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm-trojan.hengda.filegear-sg.me/images/tag-icon.svg Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.220.54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b6825c0699b382a7a2a21b76b5fb925c91c50d02ad6163ab617915ab022db08 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 11:55:44 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F75F0aD4P2ynJwU5Mmd8XhH1gW%2FgMbpS0HIPrcL9xwZ9Uy4yo5UyA5aTwtStPX5h6z3nFMtjWwNxtrSgjNPn4F8UOOK%2BxT8M%2FWzc5gcifUxnA0Uk%2BrxrvwCILxlEm2%2FBaN1Yr4O9H8zU5s3OrcNyI%2Bvs"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 cache-control max-age=14400 cf-ray 8863e65169299c4b-SIN alt-svc h3=":443"; ma=86400 content-length 21
GET		js znsv.baidu.com/customer_search/api/	0 0
GET H2	200	github-btn.html ghbtns.com/ Frame 9940	0 0	2803ms 979ms	Document text/html	172.67.166.11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ghbtns.com/github-btn.html?user=hengdactn&repo=ctnhb.github.io&type=star&count=true Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.166.11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language zh-SG,zh;q=0.9;q=0.9 Referer https://cm-trojan.hengda.filegear-sg.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control max-age=1800 cf-cache-status HIT cf-ray 8863e6647e034637-SIN content-encoding br content-type text/html; charset=utf-8 date Sun, 19 May 2024 11:55:47 GMT expires Thu, 09 May 2024 12:26:43 GMT last-modified Mon, 12 Dec 2022 06:48:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WYbGNnwlqmBtzeky6b7sMXbN5xMpO%2FSrJFNibhSlUf8ml0BW2xNpVHMGfIPvqWRBQ0PFWpDOiexZS7pCyQbpw17xXntN8zz0YfISP%2B%2F4%2FK1KjhkNWRb3p0ynMXBW"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 1 x-content-type-options nosniff x-fastly-request-id 00a3852d2bac55916b22104c853e3133a89b2574 x-github-request-id F48C:39CC58:11C441:159ADB:663CBEAB x-proxy-cache MISS x-served-by cache-iad-kiad7000037-IAD x-timer S1716105259.419550,VS0,VE1
GET H2	404	background-cover.jpg cm-trojan.hengda.filegear-sg.me/images/	21 B 21 B	2970ms 2968ms	Image text/plain	172.67.220.54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm-trojan.hengda.filegear-sg.me/images/background-cover.jpg Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.220.54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b6825c0699b382a7a2a21b76b5fb925c91c50d02ad6163ab617915ab022db08 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 11:55:45 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7UEM21y1uUFrk3lYQzPreiwEHmynHjySjMvv2MmWsbWgXVyUq4V9tgKjbUVlXwTrczxmKBJhLUQzX72Yyaeo4wc84IfqBcuT4wzYziIQfRCbRgAz8DBeMBFneoSuBDHDHB3IbXTK2Ezu%2FXztVxkRucUw"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 cache-control max-age=14400 cf-ray 8863e6598c819c4b-SIN alt-svc h3=":443"; ma=86400 content-length 21
GET H2	404	github.png cm-trojan.hengda.filegear-sg.me/images/	21 B 21 B	262ms 260ms	Image text/plain	172.67.220.54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm-trojan.hengda.filegear-sg.me/images/github.png Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.220.54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b6825c0699b382a7a2a21b76b5fb925c91c50d02ad6163ab617915ab022db08 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 11:55:48 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B9vI%2F4COz7ZoqtAGsrvJz6nRI7co4BlbW30ualflisFM2bnh7E2HQnenwRnnwP1kvf%2FF12GMMjyzs%2BMLK%2BdWWOFYsiKZeR2XfupFX0U74JWEmNSPUaC9LHAvVgMPKxRD7S263qlmbwRDVTtIXLEXe%2FJ8"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 cache-control max-age=14400 cf-ray 8863e66dfb369c4b-SIN alt-svc h3=":443"; ma=86400 content-length 21
GET H2	404	email.png cm-trojan.hengda.filegear-sg.me/images/	21 B 21 B	803ms 802ms	Image text/plain	172.67.220.54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm-trojan.hengda.filegear-sg.me/images/email.png Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.220.54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b6825c0699b382a7a2a21b76b5fb925c91c50d02ad6163ab617915ab022db08 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 11:55:48 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I7SSZI3V%2FTvg2mA5q589okcfpV%2FP0PH9ml9PpKHVJbhnII%2FjxzdTHi%2BVBT6e0tiqIMIqcyMd%2BHHEr5dUUFtC84tMLPBgS73YFq1x1wH5PHuaONziqYDeQkepafvM13j3%2FjYStSLMgx6qoOwIKuPtR8Yn"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 cache-control max-age=14400 cf-ray 8863e66dfb379c4b-SIN alt-svc h3=":443"; ma=86400 content-length 21
GET H2	404	rss.png cm-trojan.hengda.filegear-sg.me/images/	21 B 21 B	802ms 801ms	Image text/plain	172.67.220.54 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm-trojan.hengda.filegear-sg.me/images/rss.png Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.220.54 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b6825c0699b382a7a2a21b76b5fb925c91c50d02ad6163ab617915ab022db08 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 11:55:48 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G1sZ1xN9xbcTrl%2Bl%2BrgcRIc6RYYb72pPk1%2F%2FzEZ735Im2sH0EMvN4I2OasUpYh%2B2EWy9EWwnUjNiQujScw4Ld3NHueB2PhuXiWSg8oyRRX9dk4hgX1EDw5%2Bkvw16sU%2By%2BJiT%2FmACgLFBPVg4f%2B2Va0Tc"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 cache-control max-age=14400 cf-ray 8863e66dfb399c4b-SIN alt-svc h3=":443"; ma=86400 content-length 21
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	964ms 964ms	Image image/gif	111.45.3.198 CMNET-GUANGDONG-A...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=zh-sg&lo=0&rnd=1169147546&si=8ba1c6be0953b6f9c2ba38e57f615421&v=1.3.0&lv=1&sn=20239&r=0&ww=1600&u=https%3A%2F%2Fcm-trojan.hengda.filegear-sg.me%2F&tt=%E9%A3%9E%20%E7%BF%94 Requested by Host: cm-trojan.hengda.filegear-sg.me URL: https://cm-trojan.hengda.filegear-sg.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Sun, 19 May 2024 11:55:49 GMT Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Server apache Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43
GET H2	200	busuanzi Show response busuanzi.ibruce.info/	100 B 272 B	1298ms 1297ms	Script application/json	97.64.23.206 IT7NET
General Check archive.org Show headers Download Go to Full URL https://busuanzi.ibruce.info/busuanzi?jsonpCallback=BusuanziCallback_475703072800 Requested by Host: busuanzi.ibruce.info URL: https://busuanzi.ibruce.info/busuanzi/2.3/busuanzi.pure.mini.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 97.64.23.206 Los Angeles, United States, ASN25820 (IT7NET, CA), Reverse DNS localhost.localdomain Software nginx/1.14.1 / Resource Hash da389a7c2e69be2af0052c4843160df9075db0ad2461a1d5cbe8e803a073dca7 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 11:55:51 GMT server nginx/1.14.1 content-length 100 content-type application/json
GET H2	200	show_ads_impl_fy2021.js pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/	110 KB 0	490ms 489ms	Script text/javascript	64.233.170.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_fy2021.js?bust=31083764 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.233.170.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sg-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 19 May 2024 11:55:53 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 143541 x-xss-protection 0 server cafe etag 7122070104007414920 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sun, 19 May 2024 11:55:53 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 233 B	478ms 477ms	XHR text/plain	142.251.175.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1805693108&t=pageview&_s=1&dl=https%3A%2F%2Fcm-trojan.hengda.filegear-sg.me%2F&ul=zh-sg&de=UTF-8&dt=%E9%A3%9E%20%E7%BF%94&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1918473332&gjid=1976614871&cid=307769574.1716119754&tid=UA-84134159-3&_gid=593200275.1716119754&_r=1&_slc=1&z=511787864 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.175.138 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS sh-in-f138.1e100.net Software Golfe2 / Resource Hash d9a21c50698d9cf59f8fe3fba5739395909e062c5133618d6f3e7c4c685e04cc Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://cm-trojan.hengda.filegear-sg.me/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 19 May 2024 11:55:54 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://cm-trojan.hengda.filegear-sg.me cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		js www.googletagmanager.com/gtag/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

znsv.baidu.com

URL

http://znsv.baidu.com/customer_search/api/js?sid=12441349038163667913&plate_url=https%3A%2F%2Fcm-trojan.hengda.filegear-sg.me%2F&t=476700

Domain

www.googletagmanager.com

URL

https://www.googletagmanager.com/gtag/js?id=G-F0Y35ESGZK&cx=c&_slc=1

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _hmt string| GoogleAnalyticsObject function| ga object| adsbygoogle boolean| _bdhm_loaded_8ba1c6be0953b6f9c2ba38e57f615421 object| mini_tangram_log_ouvn16 function| $ function| jQuery object| bszCaller object| bszTag function| ready function| BusuanziCallback_475703072800 object| scriptTag object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData object| dataLayer

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hm.baidu.com/	1970-01-21 06:17:59	Name: HMACCOUNT_BFESS Value: BB333BB6578B725F
			.cm-trojan.hengda.filegear-sg.me/	1970-01-21 05:27:35	Name: Hm_lvt_8ba1c6be0953b6f9c2ba38e57f615421 Value: 1716119749
			.cm-trojan.hengda.filegear-sg.me/	1969-12-31 23:59:59	Name: Hm_lpvt_8ba1c6be0953b6f9c2ba38e57f615421 Value: 1716119749
			.busuanzi.ibruce.info/	1969-12-31 23:59:59	Name: busuanziId Value: 6773B742737348C281FF9C0ECA5BA171
			.hengda.filegear-sg.me/	1970-01-21 06:17:59	Name: _ga Value: GA1.3.307769574.1716119754
			.hengda.filegear-sg.me/	1970-01-20 20:43:26	Name: _gid Value: GA1.3.593200275.1716119754
			.hengda.filegear-sg.me/	1970-01-20 20:41:59	Name: _gat Value: 1

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cm-trojan.hengda.filegear-sg.me/css/main.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cm-trojan.hengda.filegear-sg.me/images/avatar.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cm-trojan.hengda.filegear-sg.me/images/calendar.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cm-trojan.hengda.filegear-sg.me/images/tag-icon.svg Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://cm-trojan.hengda.filegear-sg.me/(Line 615) Message: Mixed Content: The page at 'https://cm-trojan.hengda.filegear-sg.me/' was loaded over HTTPS, but requested an insecure script 'http://znsv.baidu.com/customer_search/api/js?sid=12441349038163667913&plate_url=https%3A%2F%2Fcm-trojan.hengda.filegear-sg.me%2F&t=476700'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://cm-trojan.hengda.filegear-sg.me/images/tag-icon.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cm-trojan.hengda.filegear-sg.me/images/calendar.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cm-trojan.hengda.filegear-sg.me/js/main.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cm-trojan.hengda.filegear-sg.me/js/highlight.pack.js Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cm-trojan.hengda.filegear-sg.me/(Line 687) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://cm-trojan.hengda.filegear-sg.me/images/background-cover.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cm-trojan.hengda.filegear-sg.me/images/github.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cm-trojan.hengda.filegear-sg.me/images/rss.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cm-trojan.hengda.filegear-sg.me/images/email.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cm-trojan.hengda.filegear-sg.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cm-trojan.hengda.filegear-sg.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

busuanzi.ibruce.info
cdn.bootcss.com
cm-trojan.hengda.filegear-sg.me
code.jquery.com
ghbtns.com
hm.baidu.com
netdna.bootstrapcdn.com
pagead2.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
znsv.baidu.com
www.googletagmanager.com
znsv.baidu.com
104.18.10.207
104.18.50.162
111.45.3.198
142.251.175.138
151.101.66.137
172.67.166.11
172.67.220.54
64.233.170.155
97.64.23.206
0471fe90ad450f642e15aa79134b7bb6a2b2fd7e88349948fbe60747062ab25e
071f26bfcd811f7feb4014ca9cf5bcbc785021fb06ae73f5be9d0695b0e64662
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
4a46b445c0606d0e11fa111b0bd5c76af158932d61070206ea85907897f7fc60
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
8b6825c0699b382a7a2a21b76b5fb925c91c50d02ad6163ab617915ab022db08
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d9a21c50698d9cf59f8fe3fba5739395909e062c5133618d6f3e7c4c685e04cc
da389a7c2e69be2af0052c4843160df9075db0ad2461a1d5cbe8e803a073dca7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
ea8a063b8602f719c5e6adfb1d5a53884ccf74e27071be1fb702029852aedf32
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8