baleyu.com Open in urlscan Pro
206.119.93.78 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://baleyu.com/
Submission: On December 12 via api (December 12th 2022, 2:02:52 am UTC) from US — Scanned from DE

Summary HTTP 56 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 36 domains to perform 56 HTTP transactions. The main IP is 206.119.93.78, located in United States and belongs to SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG. The main domain is baleyu.com.

This is the only time baleyu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	206.119.93.78 206.119.93.78	140224 (SGPL-AS-A...) (SGPL-AS-AP STARCLOUD GLOBAL PTE.)
8	198.16.37.83 198.16.37.83	40065 (CNSERVERS) (CNSERVERS)
8	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	45.61.212.216 45.61.212.216	53587 (AZT) (AZT)
2	45.61.212.120 45.61.212.120	53587 (AZT) (AZT)
1	103.170.15.96 103.170.15.96	7483 (SKYCLOUD-...) (SKYCLOUD-NET Skycloud Computing co.)
1	103.170.15.76 103.170.15.76	7483 (SKYCLOUD-...) (SKYCLOUD-NET Skycloud Computing co.)
1	45.61.212.55 45.61.212.55	53587 (AZT) (AZT)
1	45.61.212.49 45.61.212.49	53587 (AZT) (AZT)
1	240e:97c:2f:1... 240e:97c:2f:1::32	58466 (CT-GUANGZ...) (CT-GUANGZHOU-IDC CHINANET Guangdong province network)
2	23.224.158.153 23.224.158.153	40065 (CNSERVERS) (CNSERVERS)
3 3	185.239.226.87 185.239.226.87	134835 (SNL-HK St...) (SNL-HK Starry Network Limited)
3	79.133.177.227 79.133.177.227	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
3	112.13.110.3 112.13.110.3	56041 (CMNET-ZHE...) (CMNET-ZHEJIANG-AP China Mobile communications corporation)
1 1	45.154.215.92 45.154.215.92	201106 (SPARTANHOST) (SPARTANHOST)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	66.232.4.87 66.232.4.87	59371 (DNC-AS Di...) (DNC-AS Dimension Network & Communication Limited)
2	47.75.19.145 47.75.19.145	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	103.189.109.73 103.189.109.73	() ()
4	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.224.0.11 23.224.0.11	40065 (CNSERVERS) (CNSERVERS)
1	104.109.86.168 104.109.86.168	16625 (AKAMAI-AS) (AKAMAI-AS)
2	103.170.15.101 103.170.15.101	() ()
1	45.61.212.121 45.61.212.121	() ()
1	20.222.166.98 20.222.166.98	() ()
1 1	64.32.13.142 64.32.13.142	() ()
2	103.170.15.88 103.170.15.88	() ()
1	13.215.72.128 13.215.72.128	() ()
1	103.170.15.111 103.170.15.111	7483 (SKYCLOUD-...) (SKYCLOUD-NET Skycloud Computing co.)
1	13.215.249.53 13.215.249.53	16509 (AMAZON-02) (AMAZON-02)
56	28

3 206.119.93.78 (United States)

ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG)

baleyu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 198.16.37.83 (United States)

ASN40065 (CNSERVERS, US)

hjha2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.61.212.216 (United States)

ASN53587 (AZT, US)

287335kmu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.61.212.120 (United States)

ASN53587 (AZT, US)

828239sam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
66668aaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.170.15.96 (Taiwan)

ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)

935676yfc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.170.15.76 (Taiwan)

ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)

832793jse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.61.212.55 (United States)

ASN53587 (AZT, US)

223969ufy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.61.212.49 (United States)

ASN53587 (AZT, US)

88668aaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 240e:97c:2f:1::32 (China)

ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN)

p.qlogo.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.224.158.153 (United States)

ASN40065 (CNSERVERS, US)

8499165.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.239.226.87 (Hong Kong) 3 redirects

ASN134835 (SNL-HK Starry Network Limited, HK)

img.9399x.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.1141555.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.1153555.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 79.133.177.227 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

p3.douyinpic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 112.13.110.3 (China)

ASN56041 (CMNET-ZHEJIANG-AP China Mobile communications corporation, CN)

kjimg10.360buyimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.154.215.92 (Seattle, United States) 1 redirects

ASN201106 (SPARTANHOST, GB)

kzeii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

kvkppp.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kvhfff.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.232.4.87 (Central, Hong Kong)

ASN59371 (DNC-AS Dimension Network & Communication Limited, HK)

tpkj2222.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.75.19.145 (Central, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

529723929.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
297892531.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.189.109.73 (None, )

ASN- ()

u1022.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.224.0.11 (United States)

ASN40065 (CNSERVERS, US)

107.jisehe1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.86.168 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-86-168.deploy.static.akamaitechnologies.com

ak-d.tripcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.170.15.101 (None, )

ASN- ()

66663aaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
n5267.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.61.212.121 (None, )

ASN- ()

66886aaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.222.166.98 (None, )

ASN- ()

u0075.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.32.13.142 (None, ) 1 redirects

ASN- ()

kveii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.170.15.88 (None, )

ASN- ()

253669vqx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.215.72.128 (None, )

ASN- ()

h5.ashmgm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.170.15.111 (Taiwan)

ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)

267827wnc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.215.249.53 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-215-249-53.ap-southeast-1.compute.amazonaws.com

api.073tugh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8637	47 KB
8	hjha2.com hjha2.com	147 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 396	852 KB
3	360buyimg.com kjimg10.360buyimg.com — Cisco Umbrella Rank: 235391	2 MB
3	douyinpic.com p3.douyinpic.com — Cisco Umbrella Rank: 26936	1 MB
3	baleyu.com baleyu.com	2 KB
2	253669vqx.com 253669vqx.com	90 KB
2	8499165.com 8499165.com	544 KB
1	073tugh.com api.073tugh.com — Cisco Umbrella Rank: 887604	366 B
1	267827wnc.com 267827wnc.com	19 KB
1	297892531.com 297892531.com	147 KB
1	ashmgm.com h5.ashmgm.com	61 KB
1	n5267.com n5267.com	29 KB
1	kvhfff.top kvhfff.top	29 KB
1	kveii.com 1 redirects kveii.com	133 B
1	u0075.com u0075.com	7 KB
1	66886aaa.com 66886aaa.com	27 KB
1	1153555.com 1 redirects img.1153555.com	120 B
1	66663aaa.com 66663aaa.com	151 KB
1	tripcdn.com ak-d.tripcdn.com — Cisco Umbrella Rank: 78092	129 KB
1	66668aaa.com 66668aaa.com	13 KB
1	jisehe1.com 107.jisehe1.com	783 KB
1	u1022.com u1022.com	374 KB
1	529723929.com 529723929.com — Cisco Umbrella Rank: 465993	708 KB
1	tpkj2222.com tpkj2222.com — Cisco Umbrella Rank: 634131	60 KB
1	kvkppp.top kvkppp.top	554 KB
1	kzeii.com 1 redirects kzeii.com — Cisco Umbrella Rank: 487498	133 B
1	1141555.com 1 redirects img.1141555.com	119 B
1	9399x.com 1 redirects img.9399x.com	120 B
1	qlogo.cn p.qlogo.cn — Cisco Umbrella Rank: 56661	412 KB
1	88668aaa.com 88668aaa.com	1 MB
1	223969ufy.com 223969ufy.com — Cisco Umbrella Rank: 577442	567 KB
1	832793jse.com 832793jse.com	703 KB
1	935676yfc.com 935676yfc.com	567 KB
1	828239sam.com 828239sam.com	639 KB
1	287335kmu.com 287335kmu.com — Cisco Umbrella Rank: 946120	398 KB
56	36

	Domain	Requested by
8	hm.baidu.com	baleyu.com hjha2.com
8	hjha2.com	baleyu.com hjha2.com
4	cdn.jsdelivr.net	hjha2.com
3	kjimg10.360buyimg.com	hjha2.com
3	p3.douyinpic.com	hjha2.com
3	baleyu.com	baleyu.com
2	253669vqx.com	hjha2.com
2	8499165.com	hjha2.com
1	api.073tugh.com	hjha2.com
1	267827wnc.com	hjha2.com
1	297892531.com	hjha2.com
1	h5.ashmgm.com	hjha2.com
1	n5267.com	hjha2.com
1	kvhfff.top	hjha2.com
1	kveii.com	1 redirects
1	u0075.com	hjha2.com
1	66886aaa.com	hjha2.com
1	img.1153555.com	1 redirects
1	66663aaa.com	hjha2.com
1	ak-d.tripcdn.com	hjha2.com
1	66668aaa.com	hjha2.com
1	107.jisehe1.com	hjha2.com
1	u1022.com	hjha2.com
1	529723929.com	hjha2.com
1	tpkj2222.com	hjha2.com
1	kvkppp.top	hjha2.com
1	kzeii.com	1 redirects
1	img.1141555.com	1 redirects
1	img.9399x.com	1 redirects
1	p.qlogo.cn	hjha2.com
1	88668aaa.com	hjha2.com
1	223969ufy.com	hjha2.com
1	832793jse.com	hjha2.com
1	935676yfc.com	hjha2.com
1	828239sam.com	hjha2.com
1	287335kmu.com	hjha2.com
56	36

This site contains no links.

Subject Issuer	Validity	Valid
hjha2.com R3	`2022-11-06` - `2023-02-04`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
287335kmu.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-26` - `2023-10-26`	a year	crt.sh
828239sam.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-26` - `2023-10-26`	a year	crt.sh
935676yfc.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-26` - `2023-10-26`	a year	crt.sh
832793jse.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-26` - `2023-10-26`	a year	crt.sh
223969ufy.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-26` - `2023-10-26`	a year	crt.sh
88668aaa.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-20` - `2023-11-20`	a year	crt.sh
*.qpic.cn GlobalSign Organization Validation CA - SHA256 - G2	`2022-04-06` - `2023-05-08`	a year	crt.sh
8499165.com ZeroSSL RSA Domain Secure Site CA	`2022-10-27` - `2023-01-25`	3 months	crt.sh
*.jd.com GlobalSign RSA OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
app2weimanode6.yb876.com Go Daddy Secure Certificate Authority - G2	`2022-12-10` - `2023-11-02`	a year	crt.sh
529723929.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-15` - `2023-09-15`	a year	crt.sh
u1022.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-29` - `2023-10-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.jisehe1.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-19` - `2023-03-19`	a year	crt.sh
66668aaa.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-20` - `2023-11-20`	a year	crt.sh
Trip.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-07` - `2023-06-09`	a year	crt.sh
66663aaa.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-20` - `2023-11-20`	a year	crt.sh
66886aaa.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-20` - `2023-11-20`	a year	crt.sh
u0075.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-03` - `2023-07-03`	a year	crt.sh
n5267.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-06` - `2023-07-06`	a year	crt.sh
253669vqx.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-26` - `2023-10-26`	a year	crt.sh
h5.ashmgm.com R3	`2022-11-13` - `2023-02-11`	3 months	crt.sh
297892531.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-15` - `2023-09-15`	a year	crt.sh
267827wnc.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-26` - `2023-10-26`	a year	crt.sh
api.073tugh.com Buypass Class 2 CA 5	`2022-11-29` - `2023-05-27`	6 months	crt.sh

This page contains 2 frames:

Primary Page: http://baleyu.com/
Frame ID: 9AF8A3646C9DE3C6B3E6E0049B8F0A32
Requests: 9 HTTP requests in this frame

Frame: https://hjha2.com:8443/
Frame ID: 128E06E741D79F27C1778F31BC9581D6
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

浙江城建联合装饰工程有限公司_杭州装修公司_专注杭州环保装修家装好品牌_城建装饰

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

56
Requests

86 %
HTTPS

10 %
IPv6

36
Domains

36
Subdomains

28
IPs

7
Countries

13066 kB
Transfer

13370 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://img.9399x.com/images/638db1f346274514aa107d48.gif HTTP 302
https://p3.douyinpic.com/obj/tos-cn-i-dy/50f3553d20aa4f2abdb628d81ff67607

Request Chain 21

https://img.1141555.com/images/638dedc509ca91e0020145c3.gif HTTP 302
https://p3.douyinpic.com/obj/tos-cn-i-dy/7d079412e07f4ea6b6f84c97374501c8

Request Chain 25

https://kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP 301
https://kvkppp.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif

Request Chain 37

https://img.1153555.com/images/638dee7409ca91e0020145cf.giff HTTP 302
https://p3.douyinpic.com/obj/tos-cn-i-dy/c768343f40ef43138274f4d00dce8367

Request Chain 40

https://kveii.com/f67b410855efed07dc1783436baaa5f7.gif HTTP 301
https://kvhfff.top/f67b410855efed07dc1783436baaa5f7.gif

56 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
baleyu.com/ 629 B
572 B 950ms
314ms Document
text/html 206.119.93.78
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL: http://baleyu.com/
Protocol: HTTP/1.1
Server: 206.119.93.78 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: openresty /
Resource Hash: 11b507546df8a41877897e0b2995c07b55c047ad56d50f154665d01242973871

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 12 Dec 2022 02:02:35 GMT
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK tiaozhuan.js Show response
baleyu.com/ 1 KB
996 B 317ms
316ms Script
application/javascript 206.119.93.78
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL: http://baleyu.com/tiaozhuan.js
Requested by: Host: baleyu.com
URL: http://baleyu.com/
Protocol: HTTP/1.1
Server: 206.119.93.78 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: openresty /
Resource Hash: 1e3737ed1f849f7ff53fbfcf55521b77d8316652cd9591e72f3d22d26296a202

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 02:02:35 GMT
Content-Encoding: gzip
Last-Modified: Sun, 06 Nov 2022 07:30:00 GMT
Server: openresty
ETag: W/"63676278-578"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=180
Connection: close
Expires: Mon, 12 Dec 2022 02:05:35 GMT

GET
H/1.1 200
OK tongji.js Show response
baleyu.com/ 759 B
628 B 590ms
295ms Script
application/javascript 206.119.93.78
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL: http://baleyu.com/tongji.js
Requested by: Host: baleyu.com
URL: http://baleyu.com/
Protocol: HTTP/1.1
Server: 206.119.93.78 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: openresty /
Resource Hash: 388939644e37c8b5ec54fa6cb31cbdd3a02b1430a69c972e7b298c86a1b2dec0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 02:02:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2022 16:35:10 GMT
Server: openresty
ETag: W/"62e2babe-2f7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=180
Connection: close
Expires: Mon, 12 Dec 2022 02:05:36 GMT

GET
H2 200 / Show response
hjha2.com/ Frame 128E 103 KB
22 KB 1186ms
479ms Document
text/html 198.16.37.83
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjha2.com:8443/

Requested by

Host: baleyu.com
URL: http://baleyu.com/tiaozhuan.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.83 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

1feadcd341bcb164534068e6433e017a919426dc522b4c77567657411b1911af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://baleyu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 12 Dec 2022 02:02:36 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1600ms
357ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?f1d4fa7fc77845e82d7014194503e307

Requested by

Host: baleyu.com
URL: http://baleyu.com/tongji.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

140cb7833344889af4ad91da1b639c596c54e6e95c61fc0485e768a3969d40df

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 02:02:37 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: f32de1736d5998ca84e703f99760f1ca
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11254

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1586ms
344ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?2c826b7af1bbdd4b55533c61259bdc81

Requested by

Host: baleyu.com
URL: http://baleyu.com/tongji.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

18211771ebc7ca8d9ced1be1a5f8a67c737dfc48a57e2624e92d083f5953e018

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 02:02:37 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 81b0b807e478f6b68f0f482c1eecb814
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11254

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1612ms
371ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?0479a3a671cc30fd27d45970393ba3c8

Requested by

Host: baleyu.com
URL: http://baleyu.com/tongji.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

275ec1737d51d1d53d126a775455a285a8e68e1917c31102aa5726cf777518d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 02:02:37 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 2c8e9bcdb178fc7d7b0fd95e9de90ebf
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11255

GET
H2 200 jquery.min.js Show response
hjha2.com/template/kuli04/js/ Frame 128E 95 KB
37 KB 202ms
201ms Script
application/javascript 198.16.37.83
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjha2.com:8443/template/kuli04/js/jquery.min.js

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.83 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:02:37 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 14 May 2022 13:14:00 GMT
server: nginx
etag: W/"627fab18-17b8b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 12 Dec 2022 14:02:37 GMT

GET
H2 200 swiper.min.js Show response
hjha2.com/template/kuli04/js/ Frame 128E 94 KB
27 KB 403ms
402ms Script
application/javascript 198.16.37.83
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjha2.com:8443/template/kuli04/js/swiper.min.js

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.83 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:02:37 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 14 May 2022 13:14:02 GMT
server: nginx
etag: W/"627fab1a-178a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 12 Dec 2022 14:02:37 GMT

GET
H2 200 bootstrap.min.js Show response
hjha2.com/template/kuli04/js/ Frame 128E 39 KB
13 KB 404ms
403ms Script
application/javascript 198.16.37.83
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjha2.com:8443/template/kuli04/js/bootstrap.min.js

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.83 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:02:37 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 14 May 2022 13:13:58 GMT
server: nginx
etag: W/"627fab16-9b00"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 12 Dec 2022 14:02:37 GMT

GET
H2 200 jquery.lazyload.min.js Show response
hjha2.com/template/kuli04/js/ Frame 128E 3 KB
2 KB 405ms
404ms Script
application/javascript 198.16.37.83
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjha2.com:8443/template/kuli04/js/jquery.lazyload.min.js

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.83 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:02:37 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 14 May 2022 13:14:00 GMT
server: nginx
etag: W/"627fab18-d35"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 12 Dec 2022 14:02:37 GMT

GET
H2 200 style.css
hjha2.com/template/kuli04/css/ Frame 128E 32 KB
11 KB 401ms
401ms Stylesheet
text/css 198.16.37.83
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjha2.com:8443/template/kuli04/css/style.css?v=5

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.83 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

22a525fd9b99500b6824d69a8dbb6e44684f0846fe85291b3d99c08e7c1ea71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:02:37 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 31 Jul 2022 11:38:05 GMT
server: nginx
etag: W/"62e6699d-7ef3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 12 Dec 2022 14:02:37 GMT

GET
H2 200 logo.jpg
hjha2.com/template/kuli04/images/ Frame 128E 34 KB
35 KB 201ms
199ms Image
image/jpeg 198.16.37.83
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjha2.com:8443/template/kuli04/images/logo.jpg

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.83 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

fa529241dddbd17e0dd7b8ee301efa587826b81ed5b4b6223f1ee6e236e44442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:02:37 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 15 May 2022 05:53:44 GMT
server: nginx
etag: "62809568-89f0"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 35312
expires: Wed, 11 Jan 2023 02:02:37 GMT

GET
H/1.1 200
OK 927a8cb57e9a42f7827845a288dfcf77.gif
287335kmu.com/ Frame 128E 398 KB
398 KB 2348ms
148ms Image
image/gif 45.61.212.216
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://287335kmu.com/927a8cb57e9a42f7827845a288dfcf77.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.216 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 0b600e3355c823c5669f8338ff521c9b3790de0c3bb051bf24b19fc644821c6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 02:50:05 GMT
Last-Modified: Mon, 07 Nov 2022 09:11:04 GMT
Server: nginx
ETag: "6368cba8-636a0"
X-Cache: HIT from cloud-us3-cdnb-16
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 407200

GET
H/1.1 200
OK 3d7b3d94affe4df5aa498bcd41721d1b.gif
828239sam.com/ Frame 128E 638 KB
639 KB 2346ms
148ms Image
image/gif 45.61.212.120
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://828239sam.com/3d7b3d94affe4df5aa498bcd41721d1b.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.120 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 4dc0708abb2de56eaee1961f8143ec911357863a2b259c4154701ddd128d3a37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 12:57:45 GMT
Last-Modified: Sun, 11 Dec 2022 09:59:18 GMT
Server: nginx
ETag: "6395a9f6-9f991"
X-Cache: HIT from cloud-us2-cdnb-20
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 653713

GET
H/1.1 200
OK 025c8925d5584388890951d0bf426b79.gif
935676yfc.com/ Frame 128E 567 KB
567 KB 3091ms
155ms Image
image/gif 103.170.15.96
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://935676yfc.com/025c8925d5584388890951d0bf426b79.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.96 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 819a4224605c47089d7456012a957beef9f0a59191a8a63e4c0aefa6c3ece6b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 10:00:57 GMT
Last-Modified: Sun, 11 Dec 2022 10:00:52 GMT
Server: nginx
ETag: "6395aa54-8dadb"
X-Cache: HIT from yd11_13-cdn-g01-la2-26
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 580315

GET
H/1.1 200
OK 623201c2748b46fcbfa7f024cb3e1338.gif
832793jse.com/ Frame 128E 703 KB
703 KB 2904ms
453ms Image
image/gif 103.170.15.76
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://832793jse.com/623201c2748b46fcbfa7f024cb3e1338.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.76 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Sat, 29 Oct 2022 06:07:21 GMT
Last-Modified: Fri, 28 Oct 2022 11:57:57 GMT
Server: nginx
ETag: "635bc3c5-afb81"
X-Cache: HIT from yd11_13-cdn-g01-la2-06
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 719745

GET
H/1.1 200
OK d8b3075b7c4f4280a5a682a16cdae177..gif
223969ufy.com/ Frame 128E 567 KB
567 KB 2884ms
444ms Image
image/gif 45.61.212.55
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://223969ufy.com/d8b3075b7c4f4280a5a682a16cdae177..gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.55 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 5083c6eec3b0beac9b5b0f287a69e8169efbb469c19b9083c12b2ed239936e6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Thu, 10 Nov 2022 03:14:52 GMT
Last-Modified: Mon, 07 Nov 2022 09:08:29 GMT
Server: nginx
ETag: "6368cb0d-8db38"
X-Cache: HIT from cloud-us1-cdnb-25
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 580408

GET
H/1.1 200
OK 041cbfb6973f4daaa4d3335116899cde.gif
88668aaa.com/ Frame 128E 1 MB
1 MB 2507ms
153ms Image
image/gif 45.61.212.49
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://88668aaa.com/041cbfb6973f4daaa4d3335116899cde.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.49 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b39dca97f810d0e15de04210c6b7526befaa3dde3bb2e55177ca44006b28a04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 10:46:13 GMT
Last-Modified: Fri, 09 Dec 2022 06:51:07 GMT
Server: nginx
ETag: "6392dadb-17021c"
X-Cache: HIT from cloud-us1-cdnb-19
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1507868

GET
H/1.1 200
OK 0
p.qlogo.cn/qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5HVVVjOHqQRvr5DvibVN5yNMCzY0kHY7fU/ Frame 128E 411 KB
412 KB 3166ms
655ms Image
image/gif 240e:97c:2f:1::32
CT-GUANGZHOU-IDC ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.qlogo.cn/qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGGsQaQocCSj5HVVVjOHqQRvr5DvibVN5yNMCzY0kHY7fU/0
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:97c:2f:1::32 , China, ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN),
Reverse DNS
Software: NWSs /
Resource Hash: c49449d823452f844a67cda8057f6d3896f977a92a4d8de62707a9f218291ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

X-DataSrc: 2
Date: Mon, 12 Dec 2022 02:02:40 GMT
Size: 421071
Connection: keep-alive
Content-Length: 421071
X-Info: real data
X-ReqGue: 0
User-ReturnCode: 0
fid: 0
Last-Modified: Tue, 08 Nov 2022 23:57:12 GMT
Server: NWSs
X-Cpt: filename=0
Vary: Accept,Origin
Content-Type: image/gif
X-Delay: 40352 us
chid: 0
Cache-Control: max-age=2592000
X-BCheck: 0_1
X-NWS-LOG-UUID: 3fe1db84-8045-4903-b8e9-7882c4bd192f

GET
H2 200 960x80.gif
8499165.com/8499/s/ Frame 128E 411 KB
412 KB 3005ms
145ms Image
image/gif 23.224.158.153
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8499165.com/8499/s/960x80.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.224.158.153 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: qq.com /
Resource Hash: c49449d823452f844a67cda8057f6d3896f977a92a4d8de62707a9f218291ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:02:40 GMT
last-modified: Wed, 09 Nov 2022 06:23:10 GMT
server: qq.com
etag: "66ccf-5ed03b0c9cba8"
x-cache-status: HIT
content-type: image/gif
accept-ranges: bytes
content-length: 421071

GET
H2

200

50f3553d20aa4f2abdb628d81ff67607
p3.douyinpic.com/obj/tos-cn-i-dy/ Frame 128E
Redirect Chain

https://img.9399x.com/images/638db1f346274514aa107d48.gif
https://p3.douyinpic.com/obj/tos-cn-i-dy/50f3553d20aa4f2abdb628d81ff67607

714 KB
715 KB

257ms
12ms

Image
image/gif

79.133.177.227
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.douyinpic.com/obj/tos-cn-i-dy/50f3553d20aa4f2abdb628d81ff67607
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Server: 79.133.177.227 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: c03ac2886c5fa5d60f74170b42385356759a00dbd98a94b0a8e4125bf13f80bf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 10:11:28 GMT
via: n204-100-053, cache17.l2de2[0,0,206-0,H], cache26.l2de2[0,0], cache26.l2de2[2,0], cache9.de3[0,0,200-0,H], cache8.de3[2,0]
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 143471
nw-session-id: 2022121018065901017509107003D57C9Fkhdws01dy
x-powered-by: ImageX
x-swift-cachetime: 31408112
x-cache: HIT TCP_MEM_HIT dirn:13:313833495 mlen:0
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-swift-savetime: Sun, 11 Dec 2022 21:42:56 GMT
x-length: 730671
content-length: 730671
last-modified: Sat, 10 Dec 2022 10:06:59 GMT
server: Tengine
x-tt-logid: 2022121018065901017509107003D57C9F
x-response-date: Sat, 10 Dec 2022 18:06:59 GMT
ali-swift-global-savetime: 1670667088
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2022-12-10T18:06:59.593001697+08:00 247
cache-control: max-age=31536000
x-request-ip: fdbd:dc01:25:80::214
x-response-cinfo: 81.95.5.40
imagex-fmt: gif2gif
x-response-cache: edge_hit
timing-allow-origin: *, *
x-tt-trace-host: 01cfc2129e0ea8303a91ef8a1db7f578b6ffb99e367ea72dff498700a60d34731b293a8a398d93d9fa90161436732bf42acd0810a8a345a61644ad38105afed9140f8055618d811458b46b268d08f9eab1505d4e813830acf1cc258b78d9f4c236
eagleid: 4f85b19c16708105598862327e

Redirect headers

location: https://p3.douyinpic.com/obj/tos-cn-i-dy/50f3553d20aa4f2abdb628d81ff67607
cache-control: max-age=3600
referrer-policy: no-referrer

GET
H2

200

7d079412e07f4ea6b6f84c97374501c8
p3.douyinpic.com/obj/tos-cn-i-dy/ Frame 128E
Redirect Chain

https://img.1141555.com/images/638dedc509ca91e0020145c3.gif
https://p3.douyinpic.com/obj/tos-cn-i-dy/7d079412e07f4ea6b6f84c97374501c8

593 KB
595 KB

52ms
52ms

Image
image/gif

79.133.177.227
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.douyinpic.com/obj/tos-cn-i-dy/7d079412e07f4ea6b6f84c97374501c8
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Server: 79.133.177.227 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: 80a4f6fd21d8f7684a0168de5fc9496189b1b439b3e1ce3d28f4fee90615db1e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 12:15:11 GMT
via: n204-100-041, cache23.l2de2[0,0,206-0,H], cache21.l2de2[1,0], cache21.l2de2[1,0], cache9.de3[0,0,200-0,H], cache8.de3[3,0]
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 568048
nw-session-id: 202212051942430102080352140BCB1339rtncj01dy
x-powered-by: ImageX
x-swift-cachetime: 31535689
x-cache: HIT TCP_MEM_HIT dirn:12:569044193 mlen:0
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT,edge;dur=3
x-swift-savetime: Mon, 05 Dec 2022 12:20:22 GMT
x-length: 607655
content-length: 607655
last-modified: Mon, 05 Dec 2022 11:42:43 GMT
server: Tengine
x-tt-logid: 202212051942430102080352140BCB1339
x-response-date: Mon, 05 Dec 2022 19:42:43 GMT
ali-swift-global-savetime: 1670242511
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2022-12-05T19:42:43.410668831+08:00 51
cache-control: max-age=31536000
x-request-ip: fdbd:dc01:29:554::77
x-response-cinfo: 81.95.5.40
imagex-fmt: gif2gif
x-response-cache: edge_hit
timing-allow-origin: *, *
x-tt-trace-host: 017ea36a7617763d13a011b903f150dd6bf4d941d46ee008be99a69ad6a14cfec3e8fa540a773e4689c5fa1238e8f563e5f86c91b4922c93924ab290b9f750cde76085665b8398da86e3f3b8121bbcac6bcad4456958952ac9d700a084e228a9ae
eagleid: 4f85b19c16708105598872328e

Redirect headers

location: https://p3.douyinpic.com/obj/tos-cn-i-dy/7d079412e07f4ea6b6f84c97374501c8
cache-control: max-age=3600
referrer-policy: no-referrer

GET
H2 200 d814360fbc3be0d8.gif
kjimg10.360buyimg.com/ott/jfs/t1/186869/1/30207/414559/6380d0eeEe5d321f3/ Frame 128E 405 KB
406 KB 2710ms
245ms Image
image/gif 112.13.110.3
CMNET-ZHEJIANG-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kjimg10.360buyimg.com/ott/jfs/t1/186869/1/30207/414559/6380d0eeEe5d321f3/d814360fbc3be0d8.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 112.13.110.3 , China, ASN56041 (CMNET-ZHEJIANG-AP China Mobile communications corporation, CN),
Reverse DNS
Software: nginx /
Resource Hash: 17e78ffe065be76212de6b960082ea287cc0e712b6f170f44c63e2144ec14c84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:02:40 GMT
via: http/1.1 ORI-CLOUD-HUZ-MIX-29 (jcs [cRs f ]), http/1.1 HAZ-CM-2-MIX-16 (jcs [cRs f ])
last-modified: Fri, 25 Nov 2022 14:27:58 GMT
server: nginx
age: 1424005
x-trace: 200-1669386555858-0-0-0-29-29;200;200-1669391097719-0-0-0-1-1;200-1670810560506-0-0-0-2-2
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *
content-length: 414559
expires: Mon, 22 Nov 2032 14:29:15 GMT

GET
H2 200 810ef977e1cd11c0.gif
kjimg10.360buyimg.com/ott/jfs/t1/222610/4/20743/688878/6380d41fEdd27fc60/ Frame 128E 673 KB
674 KB 3398ms
933ms Image
image/gif 112.13.110.3
CMNET-ZHEJIANG-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kjimg10.360buyimg.com/ott/jfs/t1/222610/4/20743/688878/6380d41fEdd27fc60/810ef977e1cd11c0.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 112.13.110.3 , China, ASN56041 (CMNET-ZHEJIANG-AP China Mobile communications corporation, CN),
Reverse DNS
Software: nginx /
Resource Hash: 89521c87c1fe061e63fb523bb11f2a328e9202574d73aa4c4e17de8a8f301c58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:02:40 GMT
via: http/1.1 ORI-CLOUD-HUZ-MIX-27 (jcs [cRs f ]), http/1.1 HAZ-CM-2-MIX-16 (jcs [cRs f ])
last-modified: Fri, 25 Nov 2022 14:41:35 GMT
server: nginx
age: 395787
x-trace: 200-1670414773660-0-0-0-75-75;200;200-1670477509898-0-0-0-1-1;200-1670810560506-0-0-0-2-2
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 688878
expires: Mon, 05 Jun 2023 12:06:13 GMT

GET
H2 200 c45dd20fdac2727b.gif
kjimg10.360buyimg.com/ott/jfs/t1/120993/16/33030/1021535/6380d2dbE2ee6e05e/ Frame 128E 998 KB
999 KB 3398ms
933ms Image
image/gif 112.13.110.3
CMNET-ZHEJIANG-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kjimg10.360buyimg.com/ott/jfs/t1/120993/16/33030/1021535/6380d2dbE2ee6e05e/c45dd20fdac2727b.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 112.13.110.3 , China, ASN56041 (CMNET-ZHEJIANG-AP China Mobile communications corporation, CN),
Reverse DNS
Software: nginx /
Resource Hash: 9d019eccd2bc0f713cab4e42e37f9f3d8fbb022526850ea87248a09bd1c215a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:02:40 GMT
via: http/1.1 ORI-CLOUD-HUZ-MIX-11 (jcs [cHs f ]), http/1.1 HAZ-CM-2-MIX-16 (jcs [cRs f ])
last-modified: Fri, 25 Nov 2022 14:36:11 GMT
server: nginx
age: 1423465
x-trace: 200-1669387095531-0-0-2-15-15;200;200-1669986141871-0-0-0-17-17;200-1670810560506-0-0-0-3-3
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000
timing-allow-origin: *
content-length: 1021535
expires: Mon, 22 Nov 2032 14:38:15 GMT

GET
H2

200

8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
kvkppp.top/ Frame 128E
Redirect Chain

https://kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
https://kvkppp.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif

552 KB
554 KB

422ms
53ms

Image
image/gif

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvkppp.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:02:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 138354
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 565615
last-modified: Mon, 10 Oct 2022 13:11:33 GMT
server: cloudflare
etag: "63441a05-8a16f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FquuKzTF6PGyh3cs1XlfLkClXKQi%2BrjUPBIosDJjOeZ965odEHj72C5DP0Mt9SBexwoqt7LOfCpTkAvoJXyJV8bHIAVQLXQzDJ1UMWeSq%2F4LIYEkHwpFBKGRrey%2Bnd9%2FE%2BGAovNxdaS"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7782e10a9cb79c12-FRA
expires: Mon, 09 Jan 2023 11:36:45 GMT

Redirect headers

location: https://kvkppp.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
date: Mon, 12 Dec 2022 02:02:38 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 162
content-type: text/html

GET
H/1.1 200
OK oCItEEUid.gif
tpkj2222.com/img/k80m/ Frame 128E 59 KB
60 KB 1151ms
387ms Image
image/gif 66.232.4.87
DNC-AS Dimension ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpkj2222.com/img/k80m/oCItEEUid.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.232.4.87 Central, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 5a9ab0fba861f1918824dc6bc37a104ce8eb35ebcf7291f91c9093e4c12cc98b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 02:02:39 GMT
Content-Encoding: gzip
Last-Modified: Sun, 04 Dec 2022 09:10:03 GMT
Server: nginx
ETag: W/"60911-1670145003000"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/gif
Nginx-Cache: HIT, HIT
Cache-Control: max-age=1296000
Connection: keep-alive
Expires: Tue, 27 Dec 2022 02:02:39 GMT

GET
H/1.1 200
OK 761b92b8d7ce4182ab054a1f89b6063f.gif
529723929.com/ Frame 128E 708 KB
708 KB 1303ms
267ms Image
image/gif 47.75.19.145
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://529723929.com/761b92b8d7ce4182ab054a1f89b6063f.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.145 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: c677f7601d68004a5c0af802407899ba001333fd3c69e8993a8a757a8521b20d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Mon, 12 Dec 2022 02:02:40 GMT
x-oss-request-id: 63968BC0D0409B323761A8DA
Last-Modified: Tue, 15 Nov 2022 04:33:46 GMT
Server: AliyunOSS
Content-MD5: F9cna+xR3mEjhUiS9dHU7A==
ETag: "17D7276BEC51DE6123854892F5D1D4EC"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 808789839217959962
Content-Length: 724869
x-oss-server-time: 2

GET
H2 200 e00be41460a64e3cbba80c164ab328ce.gif
u1022.com/ Frame 128E 374 KB
374 KB 2341ms
374ms Image
image/gif 103.189.109.73

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u1022.com/e00be41460a64e3cbba80c164ab328ce.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.189.109.73 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 150795ba625225a034b7d362f7f69c1523bbbafb9820610a47b9abad1c030af9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 01:26:47 GMT
last-modified: Thu, 03 Nov 2022 10:23:46 GMT
server: nginx
etag: "636396b2-5d77a"
x-cache: HIT from ty8-cdn109-063
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 382842

GET
H2 200 10151.gif
cdn.jsdelivr.net/gh/kkkll22/img@main/head/ Frame 128E 607 KB
608 KB 60ms
20ms Image
image/gif 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/kkkll22/img@main/head/10151.gif

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75ba290f4a2dc25f7cad04db45ec4633f8cdbf33c36f1b0e49ccfae0ebe4547f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:02:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22143
x-jsd-version: main
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 621536
x-served-by: cache-fra19127-FRA, cache-yyz4565-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"97be0-yyA4T82wjwMBSXVhjlvX3mBDGe8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YucNuG2EFVcvuY6s4tvNWCb0d3REyhz07v%2BB5LJ4AC2lBlAhxXdK%2FOZcWJ7yK6lnmKnYirIr6F1vhnbCBTXA%2Bv5Vfk8DATjjDP8zJy0kEjdfrT%2FhR6FnNd9VsH5LbcGoLaQlfgCDu4KUMzG5N9g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7782e1101f5991db-FRA

GET
H2 200 960x80-1.gif
cdn.jsdelivr.net/gh/kkkll22/img@main/head/ Frame 128E 44 KB
44 KB 20ms
19ms Image
image/gif 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/kkkll22/img@main/head/960x80-1.gif

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b15f6b63346bdc77fe89b9d5192428516d42f3c22b80ba44c12d509b971976ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:02:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 33798
x-jsd-version: main
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44758
x-served-by: cache-fra19147-FRA, cache-iad-kiad7000022-IAD
x-jsd-version-type: branch
server: cloudflare
etag: W/"aed6-hF5K1ES+D5PhI177qGfqnIaQYP0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfM%2BRtonVHrnFSGnbHJvsEQGygu5n63seADQeBbKj3e7UMCtgo9Lf6O7A59EA%2B9yMMxMqkIm9pzEr%2BRyLzXCL0KbJRlr%2BxM4TAwKU0q%2BSVU0mavfn7o%2BeZg1SCm%2FtvcLIRPKS%2FtMC3YH77OvlV4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7782e1107feb91db-FRA

GET
H2 200 960x80.gif
cdn.jsdelivr.net/gh/kkkll22/img@main/head/ Frame 128E 178 KB
179 KB 21ms
20ms Image
image/gif 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/kkkll22/img@main/head/960x80.gif

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b373dcb0598f1ed8d191cc80eddadc6740f7acfdc9d6904df7eb3151920017c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:02:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22143
x-jsd-version: main
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 182413
x-served-by: cache-fra19140-FRA, cache-cdg20746-CDG
x-jsd-version-type: branch
server: cloudflare
etag: W/"2c88d-iHJwx6wJOEqfCDMhqtFnWhvAPto"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2By%2B2dwaWDxO7BNzj%2B%2Bz84bB8tCe3nxG8D2q%2BGN4ymQxYmRG1yNl%2FQ%2F1qJfIUou46aV2OsxEh49%2BB4gNeupK5aKaLBfx6DJvZSB5jOSI5C0k%2FOWNBNcRsz%2FcCD32pst8wEeQyyXZEmCUQGCwfpE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7782e1107ff091db-FRA

GET
H2 200 loading.svg
hjha2.com/template/kuli04/images/ Frame 128E 506 B
662 B 201ms
198ms Image
image/svg+xml 198.16.37.83
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjha2.com:8443/template/kuli04/images/loading.svg

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.83 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:02:37 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 08 Nov 2021 09:18:25 GMT
server: nginx
etag: "6188eb61-1fa"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 506

GET
H2 200 hy.gif
107.jisehe1.com/images/ Frame 128E 782 KB
783 KB 1415ms
293ms Image
image/gif 23.224.0.11
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://107.jisehe1.com/images/hy.gif

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.0.11 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

2b6a9b53114e36c800d36b460001279b5b27d86ad0b0f79d71bd5157d7d2ba8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:02:41 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 09 May 2022 14:54:52 GMT
server: nginx
etag: "62792b3c-c388a"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 800906
expires: Wed, 11 Jan 2023 02:02:41 GMT

GET
H/1.1 200
OK 5d1111472ef9424fb56af183816c3f67.gif
66668aaa.com/ Frame 128E 13 KB
13 KB 1863ms
442ms Image
image/gif 45.61.212.120
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://66668aaa.com/5d1111472ef9424fb56af183816c3f67.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.120 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: dc5162092ed9c58899e9c79a86cc1b64a2f3714252a3d6bed0fb4562a234451f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 08:21:20 GMT
Last-Modified: Mon, 28 Nov 2022 07:45:20 GMT
Server: nginx
ETag: "63846710-33ac"
X-Cache: HIT from cloud-us2-cdnb-20
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 13228

GET
H2 200 0Z0052215cyp9xbog245B.gif
ak-d.tripcdn.com/images/ Frame 128E 129 KB
129 KB 73ms
14ms Image
image/gif 104.109.86.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ak-d.tripcdn.com/images/0Z0052215cyp9xbog245B.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.86.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-86-168.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: adb4cbf2975bcd9372d011c822355117522c2f824e48b331d5fc0d93e29a60bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 17
date: Mon, 12 Dec 2022 02:02:41 GMT
last-modified: Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt: 0
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=5114965
timing-allow-origin: *
content-length: 131822
expires: Thu, 09 Feb 2023 06:52:06 GMT

GET
H/1.1 200
OK 777d2af1e8a74ca3aa77500ba390d2b8.gif
66663aaa.com/ Frame 128E 151 KB
151 KB 1299ms
151ms Image
image/gif 103.170.15.101

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://66663aaa.com/777d2af1e8a74ca3aa77500ba390d2b8.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.101 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 84524d095bafb3df71033f60605f1ab6f673ed0ff4b61dcc440239390f2a178b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Sat, 10 Dec 2022 06:33:19 GMT
Last-Modified: Fri, 09 Dec 2022 06:52:37 GMT
Server: nginx
ETag: "6392db35-25b8e"
X-Cache: HIT from yd11_13-cdn-g01-la2-31
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 154510

GET
H2

200

c768343f40ef43138274f4d00dce8367
p3.douyinpic.com/obj/tos-cn-i-dy/ Frame 128E
Redirect Chain

https://img.1153555.com/images/638dee7409ca91e0020145cf.giff
https://p3.douyinpic.com/obj/tos-cn-i-dy/c768343f40ef43138274f4d00dce8367

142 KB
143 KB

9ms
9ms

Image
image/gif

79.133.177.227
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.douyinpic.com/obj/tos-cn-i-dy/c768343f40ef43138274f4d00dce8367
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Server: 79.133.177.227 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: 4d9cdc5aabed45dcf2f79a2419794013cc0cb5af8a58e63731c5d311be796432

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 13:56:45 GMT
via: n204-100-082, cache16.l2de2[0,0,206-0,H], cache4.l2de2[1,0], cache4.l2de2[1,0], cache7.de3[0,0,200-0,H], cache8.de3[1,0]
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 561957
nw-session-id: 2022120520592301020209215633D07BDCgtd9201dy
x-powered-by: ImageX
x-swift-cachetime: 31529509
x-cache: HIT TCP_MEM_HIT dirn:12:454951162
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-swift-savetime: Mon, 05 Dec 2022 15:44:56 GMT
x-length: 145431
content-length: 145431
last-modified: Mon, 05 Dec 2022 12:59:23 GMT
server: Tengine
x-tt-logid: 2022120520592301020209215633D07BDC
x-response-date: Mon, 05 Dec 2022 20:59:23 GMT
ali-swift-global-savetime: 1670248605
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2022-12-05T20:59:23.223743581+08:00 44
cache-control: max-age=31536000
x-request-ip: fdbd:dc01:25:346::75
x-response-cinfo: 81.95.5.40
imagex-fmt: gif2gif
x-response-cache: edge_hit
timing-allow-origin: *, *
x-tt-trace-host: 01c70dd2b30bede540a99194c063ce108159c44006b08f21a38fa9080f95248a12541d65c08e8426b4002e6d9e681b457dc2570678624b71fd0fb9d3885e93d3ad2c93e90d33728c4c10b49a71849980734459e698a83a65e0545dee7ecb1c9153
eagleid: 4f85b19c16708105629663883e

Redirect headers

location: https://p3.douyinpic.com/obj/tos-cn-i-dy/c768343f40ef43138274f4d00dce8367
cache-control: max-age=3600
referrer-policy: no-referrer

GET
H/1.1 200
OK 08121c9b41ff4c1996d100ffb4181ef8.gif
66886aaa.com/ Frame 128E 27 KB
27 KB 1685ms
442ms Image
image/gif 45.61.212.121

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://66886aaa.com/08121c9b41ff4c1996d100ffb4181ef8.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.121 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 95c7c1bcbb515e5c4bf5cc79807d1b9d09f42efc1fb1cfe76024bd64a05a0850

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 02:02:42 GMT
Last-Modified: Sun, 11 Dec 2022 10:01:21 GMT
Server: nginx
ETag: "6395aa71-6b4d"
X-Cache: MISS from cloud-us2-cdnb-21
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 27469

GET
H2 200 4ddb08e9b0514b5c883aa90aac186986.gif
u0075.com/ Frame 128E 7 KB
7 KB 814ms
224ms Image
image/gif 20.222.166.98

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u0075.com/4ddb08e9b0514b5c883aa90aac186986.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.222.166.98 -, , ASN (),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 6c48ac46d72a4390f2da433c8032b5a29153855dcdb3201231793ca72f1a26ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:02:42 GMT
content-encoding: gzip
last-modified: Fri, 14 Oct 2022 12:50:06 GMT
server: WAF/2.4-12.1
etag: W/"63495afe-1b54"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/gif

GET
H2

200

f67b410855efed07dc1783436baaa5f7.gif
kvhfff.top/ Frame 128E
Redirect Chain

https://kveii.com/f67b410855efed07dc1783436baaa5f7.gif
https://kvhfff.top/f67b410855efed07dc1783436baaa5f7.gif

28 KB
29 KB

403ms
27ms

Image
image/gif

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvhfff.top/f67b410855efed07dc1783436baaa5f7.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e3924fe2017f9c46663dba4707736be8be378ed41e761587eb7513ae69ab1dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1381174
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29082
last-modified: Mon, 11 Apr 2022 15:08:57 GMT
server: cloudflare
etag: "62544489-719a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qg0kvRlSzlgvl%2FHsej5ix4naQipklozjh2BwIaw3DPAx7%2F0V5J3giPYX1GenjtRYz8IUxiDHccMmKdIyXeGklHy2K4NM2KJe9nWsL8rPdTPBMsdvb0h3ZwGDtLpi6caeUyTvxCHUnc%2B4"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7782e122dd7b9296-FRA
expires: Mon, 26 Dec 2022 02:23:09 GMT

Redirect headers

location: https://kvhfff.top/f67b410855efed07dc1783436baaa5f7.gif
date: Mon, 12 Dec 2022 02:02:42 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 162
content-type: text/html

GET
H3 200 app0921.jpg
cdn.jsdelivr.net/gh/kkkll22/img@main/index/ Frame 128E 20 KB
21 KB 14ms
14ms Image
image/jpeg 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/kkkll22/img@main/index/app0921.jpg

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caee5c83fc039dd72f1a1e00e295d143b73a79553b66a2ea62de7bc1201aa898

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:02:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 27053
x-jsd-version: main
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20633
x-served-by: cache-fra19146-FRA, cache-yyz4522-YYZ
x-jsd-version-type: branch
cf-bgj: h2pri
server: cloudflare
etag: W/"5099-VMb/3iQ6e9t0sk8fxRulpFMqano"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xTrh8JWauZGzJ1Uo1upg8UU2o6ky%2B6sSHv5VHm%2FhMhRaYWT8UNta%2BQMvt7Fm%2Ba1YkvJVsMfQHH%2FsZNLoW5pBD%2B2kudvLj6DAx5NwU%2FqIjmZB46cToZeBwjVSNO930o%2FpAl7UULxe4DoT7IGHiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7782e11ba8269bbc-FRA

GET
H2 200 150x150.gif
8499165.com/8499/ Frame 128E 132 KB
132 KB 148ms
147ms Image
image/gif 23.224.158.153
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8499165.com/8499/150x150.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.224.158.153 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: qq.com /
Resource Hash: 011e88ae2efb7e2c7a98115adcc443c2b965206d34a45c98f7012d476de9aeb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:02:41 GMT
last-modified: Sun, 13 Nov 2022 10:03:32 GMT
server: qq.com
etag: "20e5b-5ed573c48c405"
x-cache-status: HIT
content-type: image/gif
accept-ranges: bytes
content-length: 134747

GET
H/1.1 200
OK bf42ce11ec6d463089ce9700d48fda78.gif
n5267.com/ Frame 128E 29 KB
29 KB 1913ms
622ms Image
image/gif 103.170.15.101

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n5267.com/bf42ce11ec6d463089ce9700d48fda78.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.101 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 2ca8007b97da4aa8dfe8e89950cd97d6c804f17d4d9cb51e0f7492335412724c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 00:23:17 GMT
Last-Modified: Thu, 29 Sep 2022 05:07:21 GMT
Server: nginx
ETag: "63352809-748c"
X-Cache: HIT from yd11_13-cdn-g01-la2-31
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 29836

GET
H/1.1 200
OK aab3399958e94de783e501d0a88d0e64.png
253669vqx.com/ Frame 128E 66 KB
67 KB 1450ms
148ms Image
image/png 103.170.15.88

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://253669vqx.com/aab3399958e94de783e501d0a88d0e64.png
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.88 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 49109cfb0546db37526221f6c9fe967f26d6914e2e05024de8797d253a2f263c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 14:38:42 GMT
Last-Modified: Mon, 07 Nov 2022 09:08:48 GMT
Server: nginx
ETag: "6368cb20-108f8"
X-Cache: HIT from yd11_13-cdn-g01-la2-18
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 67832

GET
H/1.1 200
OK ea0205dd2b044b828f59e1e34d305c5e.gif
253669vqx.com/ Frame 128E 23 KB
23 KB 1800ms
574ms Image
image/gif 103.170.15.88

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://253669vqx.com/ea0205dd2b044b828f59e1e34d305c5e.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.88 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: c5a05f0cae9d9e66f1a95b121fc706d7cbc09e031c18a31541f4bfd466ed7291

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 22 Nov 2022 23:37:34 GMT
Last-Modified: Mon, 07 Nov 2022 09:11:19 GMT
Server: nginx
ETag: "6368cbb7-5b66"
X-Cache: HIT from yd11_13-cdn-g01-la2-18
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 23398

GET
H2 200 200x200.gif
h5.ashmgm.com/1112/ Frame 128E 61 KB
61 KB 1252ms
484ms Image
image/gif 13.215.72.128

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h5.ashmgm.com/1112/200x200.gif

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.215.72.128 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

7d72100ec86eebc785afeaa00623f2f57fe87fd8136581d36b00b1fe3b5a3bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:02:43 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 12 Nov 2022 13:43:06 GMT
server: nginx
etag: "636fa2ea-f469"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 62569
expires: Wed, 11 Jan 2023 02:02:43 GMT

GET
H/1.1 200
OK ccc593dbd14e435090d641cfcfd54d7c.gif
297892531.com/ Frame 128E 146 KB
147 KB 1286ms
341ms Image
image/gif 47.75.19.145
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://297892531.com/ccc593dbd14e435090d641cfcfd54d7c.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.145 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 871c4f67357d0f68b8bbcbb50e15be64f3378be9ab0c9aa60775906c22ff8053

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Mon, 12 Dec 2022 02:02:43 GMT
x-oss-request-id: 63968BC34C8B37333513E636
Last-Modified: Tue, 15 Nov 2022 07:26:40 GMT
Server: AliyunOSS
Content-MD5: Dpv6oh7iWBtTLN1IDK6NIQ==
ETag: "0E9BFAA21EE2581B532CDD480CAE8D21"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 11677113693403366593
Content-Length: 149727
x-oss-server-time: 1

GET
DATA 200
OK truncated
/ Frame 128E 254 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK ad39f363ab3d4feeaff2f0d9f35b7ab0.gif
267827wnc.com/ Frame 128E 19 KB
19 KB 2826ms
151ms Image
image/gif 103.170.15.111
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://267827wnc.com/ad39f363ab3d4feeaff2f0d9f35b7ab0.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.111 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 56dfaabecf830964bc2225b38737611d7841b962d29728817a256a93d667a9a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Sun, 11 Dec 2022 13:26:27 GMT
Last-Modified: Thu, 24 Nov 2022 07:36:47 GMT
Server: nginx
ETag: "637f1f0f-4c60"
X-Cache: HIT from yd11_13-cdn-g01-la2-41
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 19552

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame 128E 29 KB
11 KB 353ms
353ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?41537b718b08fa02fbaf62417f6eff43

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

18dbc8f226ac23b8c895c7e0c3c7fe8235b41b3354f6850cafb080e99fac5205

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 02:02:38 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: f0ed16ccdb57ac449a957237bc53ef61
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11254

GET
H2 200 666 Show response
api.073tugh.com/sh/to/ Frame 128E 251 B
366 B 2562ms
315ms XHR
application/json 13.215.249.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.073tugh.com/sh/to/666
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.215.249.53 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-215-249-53.ap-southeast-1.compute.amazonaws.com
Software: Tengine /
Resource Hash: 5534516a5efff5230832d294df322980e67fd4dfc5e75a1dce0aa403faaa60d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 12 Dec 2022 02:02:40 GMT
server: Tengine
content-length: 251
x-cache-status: MISS
content-type: application/json

GET
DATA 200
OK truncated
/ Frame 128E 2 KB
2 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f42a279f4552574aba15f36748a6bc636bc50e34db969a9b361f9f1ed455615e

Request headers

Referer
Origin: https://hjha2.com:8443
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 342ms
342ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1612473342&si=2c826b7af1bbdd4b55533c61259bdc81&v=1.3.0&lv=1&sn=61268&r=0&ww=1600&u=http%3A%2F%2Fbaleyu.com%2F&tt=%E6%B5%99%E6%B1%9F%E5%9F%8E%E5%BB%BA%E8%81%94%E5%90%88%E8%A3%85%E9%A5%B0%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8_%E6%9D%AD%E5%B7%9E%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8_%E4%B8%93%E6%B3%A8%E6%9D%AD%E5%B7%9E%E7%8E%AF%E4%BF%9D%E8%A3%85%E4%BF%AE%E5%AE%B6%E8%A3%85%E5%A5%BD%E5%93%81%E7%89%8C_%E5%9F%8E%E5%BB%BA%E8%A3%85%E9%A5%B0

Requested by

Host: baleyu.com
URL: http://baleyu.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Dec 2022 02:02:38 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 357ms
357ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1456003640&si=f1d4fa7fc77845e82d7014194503e307&v=1.3.0&lv=1&sn=61268&r=0&ww=1600&u=http%3A%2F%2Fbaleyu.com%2F&tt=%E6%B5%99%E6%B1%9F%E5%9F%8E%E5%BB%BA%E8%81%94%E5%90%88%E8%A3%85%E9%A5%B0%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8_%E6%9D%AD%E5%B7%9E%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8_%E4%B8%93%E6%B3%A8%E6%9D%AD%E5%B7%9E%E7%8E%AF%E4%BF%9D%E8%A3%85%E4%BF%AE%E5%AE%B6%E8%A3%85%E5%A5%BD%E5%93%81%E7%89%8C_%E5%9F%8E%E5%BB%BA%E8%A3%85%E9%A5%B0

Requested by

Host: baleyu.com
URL: http://baleyu.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Dec 2022 02:02:38 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 370ms
370ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1278714326&si=0479a3a671cc30fd27d45970393ba3c8&v=1.3.0&lv=1&sn=61268&r=0&ww=1600&u=http%3A%2F%2Fbaleyu.com%2F&tt=%E6%B5%99%E6%B1%9F%E5%9F%8E%E5%BB%BA%E8%81%94%E5%90%88%E8%A3%85%E9%A5%B0%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8_%E6%9D%AD%E5%B7%9E%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8_%E4%B8%93%E6%B3%A8%E6%9D%AD%E5%B7%9E%E7%8E%AF%E4%BF%9D%E8%A3%85%E4%BF%AE%E5%AE%B6%E8%A3%85%E5%A5%BD%E5%93%81%E7%89%8C_%E5%9F%8E%E5%BB%BA%E8%A3%85%E9%A5%B0

Requested by

Host: baleyu.com
URL: http://baleyu.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Dec 2022 02:02:38 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame 128E 43 B
299 B 336ms
336ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2001763852&si=41537b718b08fa02fbaf62417f6eff43&su=http%3A%2F%2Fbaleyu.com%2F&v=1.3.0&lv=1&sn=61269&r=0&ww=1600&u=https%3A%2F%2Fhjha2.com%3A8443%2F&tt=%E9%BB%84%E9%87%91%E6%B5%B7%E5%B2%B8

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Dec 2022 02:02:43 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-20 17:42:50	Name: HMACCOUNT_BFESS Value: 664D983EAB35328A
.baleyu.com/	1970-01-20 16:52:26	Name: Hm_lvt_2c826b7af1bbdd4b55533c61259bdc81 Value: 1670810558
.baleyu.com/	1969-12-31 23:59:59	Name: Hm_lpvt_2c826b7af1bbdd4b55533c61259bdc81 Value: 1670810558
.baleyu.com/	1970-01-20 16:52:26	Name: Hm_lvt_f1d4fa7fc77845e82d7014194503e307 Value: 1670810558
.baleyu.com/	1969-12-31 23:59:59	Name: Hm_lpvt_f1d4fa7fc77845e82d7014194503e307 Value: 1670810558
.baleyu.com/	1970-01-20 16:52:26	Name: Hm_lvt_0479a3a671cc30fd27d45970393ba3c8 Value: 1670810558
.baleyu.com/	1969-12-31 23:59:59	Name: Hm_lpvt_0479a3a671cc30fd27d45970393ba3c8 Value: 1670810558

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

107.jisehe1.com
223969ufy.com
253669vqx.com
267827wnc.com
287335kmu.com
297892531.com
529723929.com
66663aaa.com
66668aaa.com
66886aaa.com
828239sam.com
832793jse.com
8499165.com
88668aaa.com
935676yfc.com
ak-d.tripcdn.com
api.073tugh.com
baleyu.com
cdn.jsdelivr.net
h5.ashmgm.com
hjha2.com
hm.baidu.com
img.1141555.com
img.1153555.com
img.9399x.com
kjimg10.360buyimg.com
kveii.com
kvhfff.top
kvkppp.top
kzeii.com
n5267.com
p.qlogo.cn
p3.douyinpic.com
tpkj2222.com
u0075.com
u1022.com
103.170.15.101
103.170.15.111
103.170.15.76
103.170.15.88
103.170.15.96
103.189.109.73
103.235.46.191
104.109.86.168
112.13.110.3
13.215.249.53
13.215.72.128
185.239.226.87
198.16.37.83
20.222.166.98
206.119.93.78
23.224.0.11
23.224.158.153
240e:97c:2f:1::32
2606:4700::6810:5914
2a06:98c1:3120::3
45.154.215.92
45.61.212.120
45.61.212.121
45.61.212.216
45.61.212.49
45.61.212.55
47.75.19.145
64.32.13.142
66.232.4.87
79.133.177.227
011e88ae2efb7e2c7a98115adcc443c2b965206d34a45c98f7012d476de9aeb8
0b600e3355c823c5669f8338ff521c9b3790de0c3bb051bf24b19fc644821c6d
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
11b507546df8a41877897e0b2995c07b55c047ad56d50f154665d01242973871
140cb7833344889af4ad91da1b639c596c54e6e95c61fc0485e768a3969d40df
150795ba625225a034b7d362f7f69c1523bbbafb9820610a47b9abad1c030af9
17e78ffe065be76212de6b960082ea287cc0e712b6f170f44c63e2144ec14c84
18211771ebc7ca8d9ced1be1a5f8a67c737dfc48a57e2624e92d083f5953e018
18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc
18dbc8f226ac23b8c895c7e0c3c7fe8235b41b3354f6850cafb080e99fac5205
1e3737ed1f849f7ff53fbfcf55521b77d8316652cd9591e72f3d22d26296a202
1feadcd341bcb164534068e6433e017a919426dc522b4c77567657411b1911af
22a525fd9b99500b6824d69a8dbb6e44684f0846fe85291b3d99c08e7c1ea71f
275ec1737d51d1d53d126a775455a285a8e68e1917c31102aa5726cf777518d7
2b6a9b53114e36c800d36b460001279b5b27d86ad0b0f79d71bd5157d7d2ba8c
2ca8007b97da4aa8dfe8e89950cd97d6c804f17d4d9cb51e0f7492335412724c
388939644e37c8b5ec54fa6cb31cbdd3a02b1430a69c972e7b298c86a1b2dec0
49109cfb0546db37526221f6c9fe967f26d6914e2e05024de8797d253a2f263c
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
4d9cdc5aabed45dcf2f79a2419794013cc0cb5af8a58e63731c5d311be796432
4dc0708abb2de56eaee1961f8143ec911357863a2b259c4154701ddd128d3a37
5083c6eec3b0beac9b5b0f287a69e8169efbb469c19b9083c12b2ed239936e6f
5534516a5efff5230832d294df322980e67fd4dfc5e75a1dce0aa403faaa60d4
56dfaabecf830964bc2225b38737611d7841b962d29728817a256a93d667a9a6
5a9ab0fba861f1918824dc6bc37a104ce8eb35ebcf7291f91c9093e4c12cc98b
5b39dca97f810d0e15de04210c6b7526befaa3dde3bb2e55177ca44006b28a04
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6c48ac46d72a4390f2da433c8032b5a29153855dcdb3201231793ca72f1a26ba
75ba290f4a2dc25f7cad04db45ec4633f8cdbf33c36f1b0e49ccfae0ebe4547f
7d72100ec86eebc785afeaa00623f2f57fe87fd8136581d36b00b1fe3b5a3bd1
80a4f6fd21d8f7684a0168de5fc9496189b1b439b3e1ce3d28f4fee90615db1e
819a4224605c47089d7456012a957beef9f0a59191a8a63e4c0aefa6c3ece6b7
84524d095bafb3df71033f60605f1ab6f673ed0ff4b61dcc440239390f2a178b
871c4f67357d0f68b8bbcbb50e15be64f3378be9ab0c9aa60775906c22ff8053
89521c87c1fe061e63fb523bb11f2a328e9202574d73aa4c4e17de8a8f301c58
8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140
95c7c1bcbb515e5c4bf5cc79807d1b9d09f42efc1fb1cfe76024bd64a05a0850
9d019eccd2bc0f713cab4e42e37f9f3d8fbb022526850ea87248a09bd1c215a4
9e3924fe2017f9c46663dba4707736be8be378ed41e761587eb7513ae69ab1dc
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
adb4cbf2975bcd9372d011c822355117522c2f824e48b331d5fc0d93e29a60bc
b15f6b63346bdc77fe89b9d5192428516d42f3c22b80ba44c12d509b971976ad
b373dcb0598f1ed8d191cc80eddadc6740f7acfdc9d6904df7eb3151920017c7
c03ac2886c5fa5d60f74170b42385356759a00dbd98a94b0a8e4125bf13f80bf
c49449d823452f844a67cda8057f6d3896f977a92a4d8de62707a9f218291ce0
c5a05f0cae9d9e66f1a95b121fc706d7cbc09e031c18a31541f4bfd466ed7291
c677f7601d68004a5c0af802407899ba001333fd3c69e8993a8a757a8521b20d
caee5c83fc039dd72f1a1e00e295d143b73a79553b66a2ea62de7bc1201aa898
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dc5162092ed9c58899e9c79a86cc1b64a2f3714252a3d6bed0fb4562a234451f
f42a279f4552574aba15f36748a6bc636bc50e34db969a9b361f9f1ed455615e
fa529241dddbd17e0dd7b8ee301efa587826b81ed5b4b6223f1ee6e236e44442
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff

baleyu.com Open in urlscan Pro 206.119.93.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

86 %HTTPS

10 %IPv6

36 Domains

36 Subdomains

28 IPs

7 Countries

13066 kBTransfer

13370 kBSize

7 Cookies

0 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

baleyu.com Open in urlscan Pro
206.119.93.78 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

86 %
HTTPS

10 %
IPv6

36
Domains

36
Subdomains

28
IPs

7
Countries

13066 kB
Transfer

13370 kB
Size

7
Cookies

56 HTTP transactions
2 data transactions