baleyu.com Open in urlscan Pro
206.119.93.78 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://baleyu.com/
Submission: On November 03 via api (November 3rd 2022, 2:02:49 am UTC) from US — Scanned from DE

Summary HTTP 56 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 8 countries across 35 domains to perform 56 HTTP transactions. The main IP is 206.119.93.78, located in United States and belongs to SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG. The main domain is baleyu.com.

This is the only time baleyu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	206.119.93.78 206.119.93.78	140224 (SGPL-AS-A...) (SGPL-AS-AP STARCLOUD GLOBAL PTE.)
8	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
8	198.16.37.82 198.16.37.82	40065 (CNSERVERS) (CNSERVERS)
1	45.61.212.122 45.61.212.122	53587 (AZT) (AZT)
1	45.61.212.217 45.61.212.217	53587 (AZT) (AZT)
2	103.170.15.88 103.170.15.88	7483 (SKYCLOUD-...) (SKYCLOUD-NET Skycloud Computing co.)
4	23.205.240.173 23.205.240.173	16625 (AKAMAI-AS) (AKAMAI-AS)
3	20.255.32.7 20.255.32.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 3	78.46.107.74 78.46.107.74	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:303... 2606:4700:3038::6815:ea8d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3038::6815:e9a7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	3.36.126.81 3.36.126.81	16509 (AMAZON-02) (AMAZON-02)
1	79.133.177.230 79.133.177.230	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	2606:4700:303... 2606:4700:3038::6815:e9d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.247.50.228 172.247.50.228	40065 (CNSERVERS) (CNSERVERS)
1	240e:97c:2f:5... 240e:97c:2f:5::3c	58466 (CT-GUANGZ...) (CT-GUANGZHOU-IDC CHINANET Guangdong province network)
1	180.178.34.164 180.178.34.164	45753 (NETSEC-HK...) (NETSEC-HK Netsec Limited)
1	45.61.212.163 45.61.212.163	() ()
1	20.24.103.196 20.24.103.196	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.226.11.149 23.226.11.149	23881 (UDOMAIN-A...) (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd)
1	23.224.0.11 23.224.0.11	40065 (CNSERVERS) (CNSERVERS)
1	103.170.15.101 103.170.15.101	() ()
2	45.61.212.128 45.61.212.128	() ()
1	137.220.244.202 137.220.244.202	64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN)
1	20.239.197.175 20.239.197.175	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	104.143.94.110 104.143.94.110	() ()
1	2a06:98c1:312... 2a06:98c1:3120::3	() ()
1	2606:4700:303... 2606:4700:3034::ac43:c28e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	20.24.97.200 20.24.97.200	() ()
1	103.170.15.72 103.170.15.72	() ()
1	47.243.192.160 47.243.192.160	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
56	30

3 206.119.93.78 (United States)

ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG)

baleyu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 198.16.37.82 (Newark, United States)

ASN40065 (CNSERVERS, US)

hjha.bar	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.61.212.122 (United States)

ASN53587 (AZT, US)

592773xgg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.61.212.217 (United States)

ASN53587 (AZT, US)

339282bdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.170.15.88 (Taiwan)

ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)

832793jse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
328858prw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.205.240.173 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-240-173.deploy.static.akamaitechnologies.com

dimg04.c-ctrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.255.32.7 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

fadacaitp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 78.46.107.74 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.74.107.46.78.clients.your-server.de

kzeii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kvhdd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kvhmm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea8d (United States)

ASN13335 (CLOUDFLARENET, US)

kvhggg.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:e9a7 (United States)

ASN13335 (CLOUDFLARENET, US)

kvtlll.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.36.126.81 (Incheon, Korea, Republic Of) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-36-126-81.ap-northeast-2.compute.amazonaws.com

img.9275x.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.133.177.230 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

p3.douyinpic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:e9d8 (United States)

ASN13335 (CLOUDFLARENET, US)

kvtfff.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.247.50.228 (United States)

ASN40065 (CNSERVERS, US)

8499225.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 240e:97c:2f:5::3c (China)

ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN)

p.qlogo.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.178.34.164 (Hong Kong)

ASN45753 (NETSEC-HK Netsec Limited, HK)

258258048.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.61.212.163 (None, )

ASN- ()

vbutjg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.24.103.196 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tp.1468tu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.226.11.149 (Hong Kong)

ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK)

a666.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.224.0.11 (United States)

ASN40065 (CNSERVERS, US)

107.jisehe1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.170.15.101 (None, )

ASN- ()

rfyqtv2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.61.212.128 (None, )

ASN- ()

kmrcum2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
88225233827.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 137.220.244.202 (Tokyo, Japan)

ASN64050 (BCPL-SG BGPNET Global ASN, SG)

papatv.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.239.197.175 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

u0075.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.143.94.110 (None, ) 1 redirects

ASN- ()

kveii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (None, )

ASN- ()

kvhsss.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:c28e (United States)

ASN13335 (CLOUDFLARENET, US)

aoattsetp.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.24.97.200 (None, )

ASN- ()

58tu.1468tu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.170.15.72 (None, )

ASN- ()

n5267.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.243.192.160 (Central, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

www.xccc99.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	hjha.bar hjha.bar	140 KB
8	baidu.com hm.baidu.com — Cisco Umbrella Rank: 7141	48 KB
5	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 475	1 MB
4	c-ctrip.com dimg04.c-ctrip.com — Cisco Umbrella Rank: 75395	2 MB
3	fadacaitp.com fadacaitp.com	1 MB
3	baleyu.com baleyu.com	2 KB
2	1468tu.com tp.1468tu.com 58tu.1468tu.com	139 KB
1	xccc99.xyz www.xccc99.xyz	556 B
1	n5267.com n5267.com	29 KB
1	aoattsetp.vip aoattsetp.vip	691 KB
1	kvhsss.top kvhsss.top	29 KB
1	kveii.com 1 redirects kveii.com	133 B
1	u0075.com u0075.com — Cisco Umbrella Rank: 709522	7 KB
1	papatv.cloud papatv.cloud	248 KB
1	88225233827.com 88225233827.com	27 KB
1	kmrcum2.com kmrcum2.com	181 KB
1	rfyqtv2.com rfyqtv2.com	337 KB
1	jisehe1.com 107.jisehe1.com	783 KB
1	a666.one a666.one	69 KB
1	vbutjg.com vbutjg.com	601 KB
1	258258048.com 258258048.com	293 KB
1	qlogo.cn p.qlogo.cn — Cisco Umbrella Rank: 40436	368 KB
1	8499225.com 8499225.com	368 KB
1	kvtfff.top kvtfff.top — Cisco Umbrella Rank: 208194	477 KB
1	kvhmm.com 1 redirects kvhmm.com — Cisco Umbrella Rank: 208193	132 B
1	douyinpic.com p3.douyinpic.com — Cisco Umbrella Rank: 17211	550 KB
1	9275x.com 1 redirects img.9275x.com	119 B
1	kvtlll.top kvtlll.top — Cisco Umbrella Rank: 336410	979 KB
1	kvhdd.com 1 redirects kvhdd.com — Cisco Umbrella Rank: 337594	132 B
1	kvhggg.top kvhggg.top — Cisco Umbrella Rank: 845723	553 KB
1	kzeii.com 1 redirects kzeii.com — Cisco Umbrella Rank: 349839	133 B
1	328858prw.com 328858prw.com	653 KB
1	832793jse.com 832793jse.com	703 KB
1	339282bdb.com 339282bdb.com — Cisco Umbrella Rank: 972754	1 MB
1	592773xgg.com 592773xgg.com	664 KB
56	35

	Domain	Requested by
8	hjha.bar	baleyu.com hjha.bar
8	hm.baidu.com	baleyu.com hjha.bar
5	cdn.jsdelivr.net	hjha.bar
4	dimg04.c-ctrip.com	hjha.bar
3	fadacaitp.com	hjha.bar
3	baleyu.com	baleyu.com
1	www.xccc99.xyz	baleyu.com
1	n5267.com	hjha.bar
1	58tu.1468tu.com	hjha.bar
1	aoattsetp.vip	hjha.bar
1	kvhsss.top	hjha.bar
1	kveii.com	1 redirects
1	u0075.com	hjha.bar
1	papatv.cloud	hjha.bar
1	88225233827.com	hjha.bar
1	kmrcum2.com	hjha.bar
1	rfyqtv2.com	hjha.bar
1	107.jisehe1.com	hjha.bar
1	a666.one	hjha.bar
1	tp.1468tu.com	hjha.bar
1	vbutjg.com	hjha.bar
1	258258048.com	hjha.bar
1	p.qlogo.cn	hjha.bar
1	8499225.com	hjha.bar
1	kvtfff.top	hjha.bar
1	kvhmm.com	1 redirects
1	p3.douyinpic.com	hjha.bar
1	img.9275x.com	1 redirects
1	kvtlll.top	hjha.bar
1	kvhdd.com	1 redirects
1	kvhggg.top	hjha.bar
1	kzeii.com	1 redirects
1	328858prw.com	hjha.bar
1	832793jse.com	hjha.bar
1	339282bdb.com	hjha.bar
1	592773xgg.com	hjha.bar
56	36

This site contains no links.

Subject Issuer	Validity	Valid
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
hjha.bar R3	`2022-10-23` - `2023-01-21`	3 months	crt.sh
592773xgg.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-26` - `2023-10-26`	a year	crt.sh
339282bdb.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-26` - `2023-10-26`	a year	crt.sh
832793jse.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-26` - `2023-10-26`	a year	crt.sh
trip.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-09` - `2023-09-13`	a year	crt.sh
328858prw.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-26` - `2023-10-26`	a year	crt.sh
fadacaitp.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-18` - `2023-05-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
8499225.com ZeroSSL RSA Domain Secure Site CA	`2022-10-25` - `2023-01-23`	3 months	crt.sh
*.qpic.cn GlobalSign Organization Validation CA - SHA256 - G2	`2022-04-06` - `2023-05-08`	a year	crt.sh
258258047.com R3	`2022-10-10` - `2023-01-08`	3 months	crt.sh
vbutjg.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-08` - `2023-05-08`	a year	crt.sh
tp.1468tu.com R3	`2022-09-26` - `2022-12-25`	3 months	crt.sh
a666.one R3	`2022-10-22` - `2023-01-20`	3 months	crt.sh
*.jisehe1.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-19` - `2023-03-19`	a year	crt.sh
rfyqtv2.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-23` - `2023-03-23`	a year	crt.sh
kmrcum2.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-03-21`	a year	crt.sh
88225233827.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-09` - `2023-08-09`	a year	crt.sh
papatv.cloud ZeroSSL RSA Domain Secure Site CA	`2022-10-12` - `2023-01-10`	3 months	crt.sh
u0075.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-03` - `2023-07-03`	a year	crt.sh
	`2020-02-23` - `2023-02-22`	3 years	crt.sh
n5267.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-06` - `2023-07-06`	a year	crt.sh
www.xccc99.xyz TrustAsia RSA DV TLS CA G2	`2022-07-26` - `2023-07-26`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://baleyu.com/
Frame ID: 5BD27284F52965E4E89E7C509F4DD771
Requests: 9 HTTP requests in this frame

Frame: https://hjha.bar:8443/
Frame ID: 72E87A995569AD40E243059A97B7D03E
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

浙江城建联合装饰工程有限公司_杭州装修公司_专注杭州环保装修家装好品牌_城建装饰

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

56
Requests

84 %
HTTPS

22 %
IPv6

35
Domains

36
Subdomains

30
IPs

8
Countries

14685 kB
Transfer

14971 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif HTTP 301
https://kvhggg.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif

Request Chain 22

https://kvhdd.com/3a18042ae802ca6796e7d42a7d4a8b3a.gif HTTP 301
https://kvtlll.top/3a18042ae802ca6796e7d42a7d4a8b3a.gif

Request Chain 23

https://img.9275x.com/images/6352337a5fe50f0585d3ef4c.gif HTTP 302
https://p3.douyinpic.com/obj/tos-cn-i-dy/adf802dc8e9d4a068df37106b6b6a30a

Request Chain 24

https://kvhmm.com/8edcedee7846a3a8faee160477af5165.gif HTTP 301
https://kvtfff.top/8edcedee7846a3a8faee160477af5165.gif

Request Chain 44

https://kveii.com/f67b410855efed07dc1783436baaa5f7.gif HTTP 301
https://kvhsss.top/f67b410855efed07dc1783436baaa5f7.gif

56 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
baleyu.com/ 629 B
572 B 596ms
187ms Document
text/html 206.119.93.78
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL: http://baleyu.com/
Protocol: HTTP/1.1
Server: 206.119.93.78 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: openresty /
Resource Hash: 11b507546df8a41877897e0b2995c07b55c047ad56d50f154665d01242973871

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 03 Nov 2022 02:02:37 GMT
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK tiaozhuan.js Show response
baleyu.com/ 1 KB
993 B 186ms
185ms Script
application/javascript 206.119.93.78
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL: http://baleyu.com/tiaozhuan.js
Requested by: Host: baleyu.com
URL: http://baleyu.com/
Protocol: HTTP/1.1
Server: 206.119.93.78 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: openresty /
Resource Hash: 77ca4ce8ccd353c01604f37d1dc0bca9aa9122ffeb444e215583d04dea06faa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 03 Nov 2022 02:02:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2022 16:33:21 GMT
Server: openresty
ETag: W/"62e2ba51-576"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=180
Connection: close
Expires: Thu, 03 Nov 2022 02:05:38 GMT

GET
H/1.1 200
OK tongji.js Show response
baleyu.com/ 759 B
628 B 369ms
185ms Script
application/javascript 206.119.93.78
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL: http://baleyu.com/tongji.js
Requested by: Host: baleyu.com
URL: http://baleyu.com/
Protocol: HTTP/1.1
Server: 206.119.93.78 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: openresty /
Resource Hash: 388939644e37c8b5ec54fa6cb31cbdd3a02b1430a69c972e7b298c86a1b2dec0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 03 Nov 2022 02:02:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2022 16:35:10 GMT
Server: openresty
ETag: W/"62e2babe-2f7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=180
Connection: close
Expires: Thu, 03 Nov 2022 02:05:38 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 1579ms
357ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?f1d4fa7fc77845e82d7014194503e307

Requested by

Host: baleyu.com
URL: http://baleyu.com/tongji.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

9a0c09b96b96fd45c8edff175e835996ae3870e2f75881fd87b9f5fdc330650b

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 03 Nov 2022 02:02:39 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: e01929f44868615c4d603e714f1abf09
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11329

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 1557ms
336ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?2c826b7af1bbdd4b55533c61259bdc81

Requested by

Host: baleyu.com
URL: http://baleyu.com/tongji.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

26e14cbc399dbddc9f3b28c753735230b5da66b58f5f32555ccfa66ee8096751

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 03 Nov 2022 02:02:39 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 633d1c3aa6b062b9b2df29dec8f9ff80
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11329

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 1565ms
338ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?0479a3a671cc30fd27d45970393ba3c8

Requested by

Host: baleyu.com
URL: http://baleyu.com/tongji.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

6835b6d20deda9911586e5d28bbd627e251cfef2043225a36aa80142cfa5ba97

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 03 Nov 2022 02:02:39 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: b0860f0fd3c02fabcd3d804e9337ed1c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11330

GET
H2 200 / Show response
hjha.bar/ Frame 72E8 72 KB
14 KB 1161ms
404ms Document
text/html 198.16.37.82
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjha.bar:8443/

Requested by

Host: baleyu.com
URL: http://baleyu.com/tiaozhuan.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.82 Newark, United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

c062c554cf5e5a9d573d683a96a03356d40453705df36ef7167345c14b06d8cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://baleyu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 03 Nov 2022 02:02:39 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
hjha.bar/template/kuli04/js/ Frame 72E8 95 KB
37 KB 205ms
203ms Script
application/javascript 198.16.37.82
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjha.bar:8443/template/kuli04/js/jquery.min.js

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.82 Newark, United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:39 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 14 May 2022 13:14:00 GMT
server: nginx
etag: W/"627fab18-17b8b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Thu, 03 Nov 2022 14:02:39 GMT

GET
H2 200 swiper.min.js Show response
hjha.bar/template/kuli04/js/ Frame 72E8 94 KB
27 KB 408ms
407ms Script
application/javascript 198.16.37.82
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjha.bar:8443/template/kuli04/js/swiper.min.js

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.82 Newark, United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:39 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 14 May 2022 13:14:02 GMT
server: nginx
etag: W/"627fab1a-178a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Thu, 03 Nov 2022 14:02:39 GMT

GET
H2 200 bootstrap.min.js Show response
hjha.bar/template/kuli04/js/ Frame 72E8 39 KB
13 KB 409ms
408ms Script
application/javascript 198.16.37.82
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjha.bar:8443/template/kuli04/js/bootstrap.min.js

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.82 Newark, United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:39 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 14 May 2022 13:13:58 GMT
server: nginx
etag: W/"627fab16-9b00"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Thu, 03 Nov 2022 14:02:39 GMT

GET
H2 200 jquery.lazyload.min.js Show response
hjha.bar/template/kuli04/js/ Frame 72E8 3 KB
2 KB 409ms
409ms Script
application/javascript 198.16.37.82
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjha.bar:8443/template/kuli04/js/jquery.lazyload.min.js

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.82 Newark, United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:39 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 14 May 2022 13:14:00 GMT
server: nginx
etag: W/"627fab18-d35"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Thu, 03 Nov 2022 14:02:39 GMT

GET
H2 200 style.css
hjha.bar/template/kuli04/css/ Frame 72E8 32 KB
11 KB 407ms
406ms Stylesheet
text/css 198.16.37.82
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjha.bar:8443/template/kuli04/css/style.css?v=5

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.82 Newark, United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

22a525fd9b99500b6824d69a8dbb6e44684f0846fe85291b3d99c08e7c1ea71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:39 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 31 Jul 2022 11:38:05 GMT
server: nginx
etag: W/"62e6699d-7ef3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Thu, 03 Nov 2022 14:02:39 GMT

GET
H2 200 logo.jpg
hjha.bar/template/kuli04/images/ Frame 72E8 34 KB
35 KB 203ms
202ms Image
image/jpeg 198.16.37.82
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjha.bar:8443/template/kuli04/images/logo.jpg

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.82 Newark, United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

fa529241dddbd17e0dd7b8ee301efa587826b81ed5b4b6223f1ee6e236e44442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:40 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 15 May 2022 05:53:44 GMT
server: nginx
etag: "62809568-89f0"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 35312
expires: Sat, 03 Dec 2022 02:02:40 GMT

GET
H/1.1 200
OK 56e348b7f7c348f1922df8e109029a89.gif
592773xgg.com/ Frame 72E8 663 KB
664 KB 2859ms
160ms Image
image/gif 45.61.212.122
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://592773xgg.com/56e348b7f7c348f1922df8e109029a89.gif
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.122 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: a8de43276d16854ef7935475d9bb2cece4d62f93628a0546dc6587c147a135fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sat, 29 Oct 2022 06:13:53 GMT
Last-Modified: Fri, 28 Oct 2022 08:12:27 GMT
Server: nginx
ETag: "635b8eeb-a5cf2"
X-Cache: HIT from cloud-us2-cdnb-22
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 679154

GET
H/1.1 200
OK ba9a95f104cb4515a2e0506b22356b01.gif
339282bdb.com/ Frame 72E8 1 MB
1 MB 2040ms
187ms Image
image/gif 45.61.212.217
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://339282bdb.com/ba9a95f104cb4515a2e0506b22356b01.gif
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.217 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 993bb3ccc922975fa87b4ee2f646297b7cb4e10c862388db721cdeffb7e95edf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 31 Oct 2022 11:03:02 GMT
Last-Modified: Fri, 28 Oct 2022 11:58:35 GMT
Server: nginx
ETag: "635bc3eb-113971"
X-Cache: HIT from cloud-us3-cdnb-17
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1128817

GET
H/1.1 200
OK 623201c2748b46fcbfa7f024cb3e1338.gif
832793jse.com/ Frame 72E8 703 KB
703 KB 2715ms
163ms Image
image/gif 103.170.15.88
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://832793jse.com/623201c2748b46fcbfa7f024cb3e1338.gif
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.88 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sat, 29 Oct 2022 06:26:57 GMT
Last-Modified: Fri, 28 Oct 2022 11:57:57 GMT
Server: nginx
ETag: "635bc3c5-afb81"
X-Cache: HIT from yd11_13-cdn-g01-la2-18
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 719745

GET
H2 200 0393s120009rrlocdE7BE.gif
dimg04.c-ctrip.com/images/ Frame 72E8 965 KB
968 KB 1182ms
58ms Image
image/gif 23.205.240.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dimg04.c-ctrip.com/images/0393s120009rrlocdE7BE.gif
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.240.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-240-173.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3f8ad1230a54a7c36522b11dd277ff02b878dde5384334dfd98359759c0a7fba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:41 GMT
last-modified: Tue, 12 May 2015 01:00:00 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=15143926
timing-allow-origin: *
content-length: 988610
expires: Thu, 27 Apr 2023 08:41:27 GMT

GET
H2 200 0Z05r12000a1q2ru71C64.gif
dimg04.c-ctrip.com/images/ Frame 72E8 405 KB
406 KB 1161ms
37ms Image
image/gif 23.205.240.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dimg04.c-ctrip.com/images/0Z05r12000a1q2ru71C64.gif
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.240.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-240-173.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 17e78ffe065be76212de6b960082ea287cc0e712b6f170f44c63e2144ec14c84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:41 GMT
last-modified: Tue, 12 May 2015 01:00:00 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=15551784
timing-allow-origin: *
content-length: 414559
expires: Tue, 02 May 2023 01:59:05 GMT

GET
H2 200 0394d120009rs67vl455A.gif
dimg04.c-ctrip.com/images/ Frame 72E8 673 KB
675 KB 1172ms
49ms Image
image/gif 23.205.240.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dimg04.c-ctrip.com/images/0394d120009rs67vl455A.gif
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.240.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-240-173.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 89521c87c1fe061e63fb523bb11f2a328e9202574d73aa4c4e17de8a8f301c58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:41 GMT
last-modified: Tue, 12 May 2015 01:00:00 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=15156170
timing-allow-origin: *
content-length: 688878
expires: Thu, 27 Apr 2023 12:05:31 GMT

GET
H/1.1 200
OK 6c48e1c63b6d48a4a6d42b646ca47b79.gif
328858prw.com/ Frame 72E8 653 KB
653 KB 1771ms
164ms Image
image/gif 103.170.15.88
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://328858prw.com/6c48e1c63b6d48a4a6d42b646ca47b79.gif
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.88 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 543e8a7e680605b09ed3c18b6520822be19c3420f76192d0aa7ee84cc97f235b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sat, 29 Oct 2022 00:12:11 GMT
Last-Modified: Thu, 09 Jun 2022 09:05:50 GMT
Server: nginx
ETag: "62a1b7ee-a3477"
X-Cache: HIT from yd11_13-cdn-g01-la2-18
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 668791

GET
H2 200 68-960-120.gif
fadacaitp.com/ Frame 72E8 584 KB
582 KB 614ms
197ms Image
image/gif 20.255.32.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fadacaitp.com/68-960-120.gif

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.255.32.7 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

WAF/2.4-12.1 /

Resource Hash

71a317455923b5945e154db3b3358a0267c9940655d3cd1c9b1f2ed9f68fa66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:40 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 25 Jun 2022 13:09:19 GMT
server: WAF/2.4-12.1
etag: W/"62b708ff-91f5c"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=2592000
expires: Tue, 29 Nov 2022 18:31:02 GMT

GET
H2 200 90-960-120.gif
fadacaitp.com/ Frame 72E8 574 KB
574 KB 1007ms
590ms Image
image/gif 20.255.32.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fadacaitp.com/90-960-120.gif

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.255.32.7 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

WAF/2.4-12.1 /

Resource Hash

a6a134b78f571b5fd1d4ee985cd10b1b884cf2724a7794dd269f3f3a6476a089

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:40 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 26 May 2022 10:10:17 GMT
server: WAF/2.4-12.1
etag: W/"628f5209-8f6ee"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=2592000
expires: Tue, 29 Nov 2022 18:31:02 GMT

GET
H2

200

8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
kvhggg.top/ Frame 72E8
Redirect Chain

https://kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
https://kvhggg.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif

552 KB
553 KB

241ms
22ms

Image
image/gif

2606:4700:3038::6815:ea8d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvhggg.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: H2
Server: 2606:4700:3038::6815:ea8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16567
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 565615
last-modified: Mon, 10 Oct 2022 13:11:33 GMT
server: cloudflare
etag: "63441a05-8a16f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqLVOrbwtZ%2BwLmKFWO7j4jjP4OFv0UA0vArGSRy9Vzk9%2FE31NkVmF9ULOJXxKzsq5xeILsNOQyxcvPoBBoRTMOFMhpKJ3AMm3IRgzHGtCzKr9rDG260CrGBxkt5unADfQd%2FOIL4BzAFI"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 764187752849bb47-FRA
expires: Fri, 02 Dec 2022 21:26:33 GMT

Redirect headers

location: https://kvhggg.top/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
date: Thu, 03 Nov 2022 02:02:40 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 162
content-type: text/html

GET
H2

200

3a18042ae802ca6796e7d42a7d4a8b3a.gif
kvtlll.top/ Frame 72E8
Redirect Chain

https://kvhdd.com/3a18042ae802ca6796e7d42a7d4a8b3a.gif
https://kvtlll.top/3a18042ae802ca6796e7d42a7d4a8b3a.gif

978 KB
979 KB

69ms
23ms

Image
image/gif

2606:4700:3038::6815:e9a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvtlll.top/3a18042ae802ca6796e7d42a7d4a8b3a.gif
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: H2
Server: 2606:4700:3038::6815:e9a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed7fdbb2d11646a7ceb15c6531bd911fd2dc5989afff8219c124e1d61a81b315

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 623123
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1001238
last-modified: Wed, 17 Aug 2022 05:38:46 GMT
server: cloudflare
etag: "62fc7ee6-f4716"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pwNU5SrCQFdbveZ68Q2%2B9lUKjv9R9ZTpitbo3hiagppN5sjIhrPB%2FqJJoEbWl6HQom6yQXoB8PCwaHMpbM8v4tfEznQbhjpKZ7l%2FkaZu4aamAgKwCchqpFNUwjEXPaNHtGdJ%2BLIIRHnC"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 76418776897bbb7f-FRA
expires: Fri, 25 Nov 2022 20:57:18 GMT

Redirect headers

location: https://kvtlll.top/3a18042ae802ca6796e7d42a7d4a8b3a.gif
date: Thu, 03 Nov 2022 02:02:40 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 162
content-type: text/html

GET
H2

200

adf802dc8e9d4a068df37106b6b6a30a
p3.douyinpic.com/obj/tos-cn-i-dy/ Frame 72E8
Redirect Chain

https://img.9275x.com/images/6352337a5fe50f0585d3ef4c.gif
https://p3.douyinpic.com/obj/tos-cn-i-dy/adf802dc8e9d4a068df37106b6b6a30a

549 KB
550 KB

78ms
17ms

Image
image/gif

79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.douyinpic.com/obj/tos-cn-i-dy/adf802dc8e9d4a068df37106b6b6a30a
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: H2
Server: 79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: 54d436cbf368311b0aa7bb497ac1b5a4330067953e11b4ad2da233e07e923d05

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 18:33:53 GMT
via: n204-100-071, cache9.l2ot7-1[0,0,206-0,H], cache40.l2ot7-1[1,0], cache40.l2ot7-1[1,0], cache12.de3[0,0,200-0,H], cache6.de3[2,0]
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 26929
nw-session-id: 20221102183506010151092101396EADDEjxg2201dy
x-powered-by: ImageX
x-swift-cachetime: 31535739
x-cache: HIT TCP_HIT dirn:12:156280024 mlen:0
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-swift-savetime: Wed, 02 Nov 2022 18:38:15 GMT
x-length: 561802
content-length: 561802
last-modified: Wed, 02 Nov 2022 10:35:06 GMT
server: Tengine
x-tt-logid: 20221102183506010151092101396EADDE
x-response-date: Wed, 02 Nov 2022 18:35:06 GMT
ali-swift-global-savetime: 1667414034
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2022-11-02T18:35:06.668627192+08:00 28
cache-control: max-age=31536000
x-request-ip: fdbd:dc01:25:582::100
x-response-cinfo: 217.64.151.68
imagex-fmt: gif2gif
x-response-cache: edge_hit
timing-allow-origin: *, *
x-tt-trace-host: 01c995a5a9c24d2a17e9fb91a751d717cbb06b071aba4d417901c8a93132bac53dd92fcc69bff3b13a36c4c948923c22f9167225aa0faafd85a81bdc719d40f1d32dbdd68f03d688473b012bb4f41000c3cbf76617089d2e03d4ef95b2ac06b2fb
eagleid: 4f85b19a16674409634291409e

Redirect headers

location: https://p3.douyinpic.com/obj/tos-cn-i-dy/adf802dc8e9d4a068df37106b6b6a30a
cache-control: max-age=3600
referrer-policy: no-referrer

GET
H2

200

8edcedee7846a3a8faee160477af5165.gif
kvtfff.top/ Frame 72E8
Redirect Chain

https://kvhmm.com/8edcedee7846a3a8faee160477af5165.gif
https://kvtfff.top/8edcedee7846a3a8faee160477af5165.gif

475 KB
477 KB

68ms
22ms

Image
image/gif

2606:4700:3038::6815:e9d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvtfff.top/8edcedee7846a3a8faee160477af5165.gif
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: H2
Server: 2606:4700:3038::6815:e9d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37e407b33f89d82ed1e2e38a122150d522e16948daf9d2ba1ab40319dbb2912c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1051197
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 486900
last-modified: Sat, 03 Sep 2022 20:33:37 GMT
server: cloudflare
etag: "6313ba21-76df4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ja9soCaRx%2FMe2S9S%2BPu14El25yMyFjq7p1fir5bksL4AntvUd3PIwoS0649%2Bd3mPRKbL0NPzOUFPrWrrUD2xKBFdWVPOZRVvb8lRI3iUPoD04sfbMzzVKxKK25%2BTuJiNr%2BQqPi4WsQOH"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 7641877948f191f0-FRA
expires: Sun, 20 Nov 2022 22:02:44 GMT

Redirect headers

location: https://kvtfff.top/8edcedee7846a3a8faee160477af5165.gif
date: Thu, 03 Nov 2022 02:02:41 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 10061.gif
cdn.jsdelivr.net/gh/kkkll22/img@main/head/ Frame 72E8 392 KB
393 KB 64ms
23ms Image
image/gif 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/kkkll22/img@main/head/10061.gif

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

604a27548ca0d53214b581c0e2ad199acc8169f59afec68f82887add6abdbff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 42394
x-jsd-version: main
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 401696
x-served-by: cache-fra19165-FRA, cache-yyz4568-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"62120-sJcYImIzpiwLrVIh+uk4pmh0p30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J7IcqZdu9ohcTjum%2FI3oczTcV7kdwqLaJhSykoc4jVRpNVWMXkFe3VyLOrB7Wil1MJOqRfVYdh5hMzmHx9pvSbB%2FaJtIorQ6hULTMVj6iB4juYzCLS8Gv%2BZdR%2BynSw%2Biq9%2FWOLup%2BaNfhb9GVso%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76418774ca3f917d-FRA

GET
H2 200 960x80.gif
8499225.com/8499/ Frame 72E8 368 KB
368 KB 2288ms
330ms Image
image/gif 172.247.50.228
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8499225.com/8499/960x80.gif

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.247.50.228 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

qq.com /

Resource Hash

92af02f425cb82444f00ee9d8f910b28544fee2f770e2456bf92637ea7631241

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:42 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 26 Oct 2022 10:45:31 GMT
server: qq.com
etag: "63590fcb-5bf57"
x-cache-status: HIT
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 376663
expires: Fri, 02 Dec 2022 14:55:37 GMT

GET
H/1.1 200
OK 0
p.qlogo.cn/qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGYhYKg3gLoibMOWflFMAAd2Jk9MPryMvGkQp62dfLYbG8/ Frame 72E8 368 KB
368 KB 1946ms
532ms Image
image/gif 240e:97c:2f:5::3c
CT-GUANGZHOU-IDC ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.qlogo.cn/qqmail_head/ajNVdqHZLLCPQk7wicT3V7nUXWyXAIWjGYhYKg3gLoibMOWflFMAAd2Jk9MPryMvGkQp62dfLYbG8/0
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:97c:2f:5::3c , China, ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 92af02f425cb82444f00ee9d8f910b28544fee2f770e2456bf92637ea7631241

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

X-DataSrc: 2
Date: Thu, 03 Nov 2022 02:02:42 GMT
Size: 376663
Connection: keep-alive
Content-Length: 376663
X-Info: real data
X-ReqGue: 0
User-ReturnCode: 0
fid: 0
Last-Modified: Wed, 26 Oct 2022 19:00:53 GMT
Server: NWSs
X-Cpt: filename=0
Vary: Accept,Origin
Content-Type: image/gif
X-Delay: 59874 us
chid: 0
Cache-Control: max-age=2592000
X-BCheck: 0_1
X-NWS-LOG-UUID: f20db18e-cbba-4746-8ba8-5e0ad91e4f09

GET
H2 200 10151.gif
cdn.jsdelivr.net/gh/kkkll22/img@main/head/ Frame 72E8 607 KB
608 KB 440ms
439ms Image
image/gif 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/kkkll22/img@main/head/10151.gif

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75ba290f4a2dc25f7cad04db45ec4633f8cdbf33c36f1b0e49ccfae0ebe4547f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-jsd-version: main
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 621536
x-served-by: cache-fra19127-FRA, cache-yyz4565-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"97be0-yyA4T82wjwMBSXVhjlvX3mBDGe8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Usu9R8AbNs2qKg2BVXE3dzHOonTayGDgA8mlDguVVImXFd88CwD57li5I%2B2IaGvuXnLBCGw0xwJOMbJurYP%2BGdP8nfCCxueGm6Vp3b%2FLVNLCZAioMQrT2L2fIoSJnbfXvIcaYaoX8SMDwOCO834%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76418775cb7a917d-FRA

GET
H/1.1 200
OK 96080.gif
258258048.com/ Frame 72E8 293 KB
293 KB 1199ms
405ms Image
image/gif 180.178.34.164
NETSEC-HK Netsec ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://258258048.com:6986/96080.gif

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

180.178.34.164 , Hong Kong, ASN45753 (NETSEC-HK Netsec Limited, HK),

Reverse DNS

Software

cloudflare /

Resource Hash

61d729447f9bed44ec99b14e38937f67a9d7651bc483a5832b018ef066d00658

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 03 Nov 2022 02:02:42 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 10 Oct 2022 13:09:26 GMT
Server: cloudflare
ETag: "63441986-4947d"
X-Cache-Status: HIT
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 300157
Expires: Sat, 03 Dec 2022 01:59:21 GMT

GET
H2 200 3a3918c676784384be31e32b92fa34a7.gif
vbutjg.com/ Frame 72E8 601 KB
601 KB 3012ms
480ms Image
image/gif 45.61.212.163

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vbutjg.com/3a3918c676784384be31e32b92fa34a7.gif
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.163 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e0c771ac60d2f3a7ea69ae43615fe0b76c4a7671c7d732e0297ea6c0b79a6b9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 01:46:40 GMT
last-modified: Fri, 14 Oct 2022 13:24:15 GMT
server: nginx
etag: "634962ff-96273"
x-cache: HIT from cloud-us5-cdnb-03
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 615027

GET
H/1.1 200
OK 960x80.gif
tp.1468tu.com/58tu/ Frame 72E8 138 KB
139 KB 2497ms
394ms Image
image/gif 20.24.103.196
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tp.1468tu.com:1382/58tu/960x80.gif
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.24.103.196 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: X-Y / ASP.NET
Resource Hash: 603ae21e8a72947963d79e142c19e5fbd5051790910630851eb04b1afcb05f5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 03 Nov 2022 02:02:43 GMT
Last-Modified: Mon, 03 Oct 2022 09:03:10 GMT
Server: X-Y
ETag: "5782cbf56d7d81:0"
X-Powered-By: ASP.NET
X-Cache-Status: HIT
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 141603

GET
H3 200 960x80-1.gif
cdn.jsdelivr.net/gh/kkkll22/img@main/head/ Frame 72E8 44 KB
44 KB 144ms
144ms Image
image/gif 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/kkkll22/img@main/head/960x80-1.gif

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b15f6b63346bdc77fe89b9d5192428516d42f3c22b80ba44c12d509b971976ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-jsd-version: main
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44758
x-served-by: cache-fra19124-FRA, cache-scl2220021-SCL
x-jsd-version-type: branch
server: cloudflare
etag: W/"aed6-hF5K1ES+D5PhI177qGfqnIaQYP0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXzetbrh%2FXH2%2BqQG1c8tF1ISsUnaQCwSgixOul5nKz1HMfsiwEflPIYkoO3s7i8Yxt9LBM9EYSMu3vdTDlFPwR9nkR7Sq5WEo5RZnf8jixC55yc2%2Fn%2F57PlT3msuxKVmHJInaYx39h2RxhBELMI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76418778a93e92a2-FRA

GET
H3 200 960x80.gif
cdn.jsdelivr.net/gh/kkkll22/img@main/head/ Frame 72E8 178 KB
179 KB 25ms
24ms Image
image/gif 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/kkkll22/img@main/head/960x80.gif

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b373dcb0598f1ed8d191cc80eddadc6740f7acfdc9d6904df7eb3151920017c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 27699
x-jsd-version: main
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 182413
x-served-by: cache-fra19140-FRA, cache-cdg20746-CDG
x-jsd-version-type: branch
server: cloudflare
etag: W/"2c88d-iHJwx6wJOEqfCDMhqtFnWhvAPto"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgrU0qLXedqJoYv02ebEoKE7zq%2BTYrnYL7drtkp4qD6%2FkDqv1FfeRBUjVezmd9OLs8xQ%2F487tf1UGjsbDQ1WXF9og7JJKgQaCSJeboJuis9ZjQjyQaJcZHD1SCRbXf6I%2FN1C8fUjPEW%2FVvy0KQw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76418778a93f92a2-FRA

GET
H2 200 6358033431b62.gif
a666.one/i/2022/10/25/ Frame 72E8 69 KB
69 KB 954ms
165ms Image
image/gif 23.226.11.149
UDOMAIN-AS-AP UDo...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a666.one/i/2022/10/25/6358033431b62.gif

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.226.11.149 , Hong Kong, ASN23881 (UDOMAIN-AS-AP UDomain Web Hosting Company Ltd, HK),

Reverse DNS

Software

UDomain.com.hk-CDN /

Resource Hash

d8eabe8674cff4865bb0afb2da32f075f5612c78db36fdbed0a6482940726bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:42 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 15:39:32 GMT
server: UDomain.com.hk-CDN
etag: "63580334-11264"
x-cache-status: HIT
content-type: image/gif
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
content-length: 70244
expires: Sat, 03 Dec 2022 02:02:42 GMT

GET
H2 200 loading.svg
hjha.bar/template/kuli04/images/ Frame 72E8 506 B
662 B 205ms
202ms Image
image/svg+xml 198.16.37.82
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjha.bar:8443/template/kuli04/images/loading.svg

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.82 Newark, United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:40 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 08 Nov 2021 09:18:25 GMT
server: nginx
etag: "6188eb61-1fa"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 506

GET
H2 200 hy.gif
107.jisehe1.com/images/ Frame 72E8 782 KB
783 KB 988ms
158ms Image
image/gif 23.224.0.11
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://107.jisehe1.com/images/hy.gif

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.0.11 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

2b6a9b53114e36c800d36b460001279b5b27d86ad0b0f79d71bd5157d7d2ba8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:42 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 09 May 2022 14:54:52 GMT
server: nginx
etag: "62792b3c-c388a"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 800906
expires: Sat, 03 Dec 2022 02:02:42 GMT

GET
H/1.1 200
OK 88d67fb6db874b778540fb132cec8543.gif
rfyqtv2.com/ Frame 72E8 337 KB
337 KB 2598ms
469ms Image
image/gif 103.170.15.101

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rfyqtv2.com/88d67fb6db874b778540fb132cec8543.gif
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.101 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 627ba9f86b478606d3fc36097593d9513d273651c5fbf77723b91cc270947f4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 18 Oct 2022 11:59:24 GMT
Last-Modified: Mon, 16 May 2022 16:00:50 GMT
Server: nginx
ETag: "62827532-542af"
X-Cache: HIT from yd11_13-cdn-g01-la2-31
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 344751

GET
H2 200 0395r120009rrlaoiA9E2.gif
dimg04.c-ctrip.com/images/ Frame 72E8 125 KB
126 KB 31ms
30ms Image
image/gif 23.205.240.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dimg04.c-ctrip.com/images/0395r120009rrlaoiA9E2.gif
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.240.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-240-173.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7278dc0ab8fd6cae9ce33481833cd4fd5cdb817f28f344f7b07ed0f5cd04f47c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:41 GMT
last-modified: Tue, 12 May 2015 01:00:00 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 128118
expires: Tue, 02 May 2023 02:02:41 GMT

GET
H/1.1 200
OK 9d3ffb523da844a598cdfc412cbd0e40.gif
kmrcum2.com/ Frame 72E8 181 KB
181 KB 2947ms
454ms Image
image/gif 45.61.212.128

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kmrcum2.com/9d3ffb523da844a598cdfc412cbd0e40.gif
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.128 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 28dce5a4ccdf5e6f197b23e1932d1a0a4a590a28491b3cde2ea89f1e461cee4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 05:28:57 GMT
Last-Modified: Thu, 09 Jun 2022 09:07:30 GMT
Server: nginx
ETag: "62a1b852-2d461"
X-Cache: HIT from cloud-us2-cdnb-28
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 185441

GET
H/1.1 200
OK 692cdac1f5eb4eba9271f2ea2c0f0772.gif
88225233827.com/ Frame 72E8 27 KB
27 KB 2260ms
454ms Image
image/gif 45.61.212.128

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://88225233827.com/692cdac1f5eb4eba9271f2ea2c0f0772.gif
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.128 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 95c7c1bcbb515e5c4bf5cc79807d1b9d09f42efc1fb1cfe76024bd64a05a0850

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sun, 23 Oct 2022 18:38:21 GMT
Last-Modified: Mon, 29 Aug 2022 12:23:02 GMT
Server: nginx
ETag: "630cafa6-6b4d"
X-Cache: HIT from cloud-us2-cdnb-28
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 27469

GET
H2 200 ptv300.gif
papatv.cloud/ Frame 72E8 248 KB
248 KB 796ms
258ms Image
image/gif 137.220.244.202
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://papatv.cloud:1688/ptv300.gif

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.220.244.202 Tokyo, Japan, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

17a4f7b3d5caf413211515976326969951cc1bb9a3e32a9caa885fd6e3109368

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:43 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 30 Jan 2022 07:38:12 GMT
server: nginx
etag: "61f64064-3dee6"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 253670
expires: Sat, 03 Dec 2022 02:02:43 GMT

GET
H/1.1 200
OK 4ddb08e9b0514b5c883aa90aac186986.gif
u0075.com/ Frame 72E8 7 KB
7 KB 630ms
198ms Image
image/gif 20.239.197.175
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u0075.com/4ddb08e9b0514b5c883aa90aac186986.gif
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.239.197.175 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 6c48ac46d72a4390f2da433c8032b5a29153855dcdb3201231793ca72f1a26ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 03 Nov 2022 02:02:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Oct 2022 12:50:06 GMT
Server: WAF/2.4-12.1
ETag: W/"63495afe-1b54"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/gif
Connection: keep-alive

GET
H2 200 68-100-100.gif
fadacaitp.com/ Frame 72E8 68 KB
63 KB 198ms
197ms Image
image/gif 20.255.32.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fadacaitp.com/68-100-100.gif

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.255.32.7 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

WAF/2.4-12.1 /

Resource Hash

10c47a7b458381d69296524aaffdbd6ad00664153679d44ab03d11b2f17ac388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:43 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 16:42:17 GMT
server: WAF/2.4-12.1
etag: W/"62bc80e9-111ec"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=2592000
expires: Tue, 29 Nov 2022 18:35:23 GMT

GET
H2

200

f67b410855efed07dc1783436baaa5f7.gif
kvhsss.top/ Frame 72E8
Redirect Chain

https://kveii.com/f67b410855efed07dc1783436baaa5f7.gif
https://kvhsss.top/f67b410855efed07dc1783436baaa5f7.gif

28 KB
29 KB

541ms
27ms

Image
image/gif

2a06:98c1:3120::3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvhsss.top/f67b410855efed07dc1783436baaa5f7.gif
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: H2
Server: 2a06:98c1:3120::3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e3924fe2017f9c46663dba4707736be8be378ed41e761587eb7513ae69ab1dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 273112
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29082
last-modified: Mon, 11 Apr 2022 15:08:57 GMT
server: cloudflare
etag: "62544489-719a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BpXYA%2FGgp3kAfLNztkClAQTg2qputX4pY28zT9OjIhoQikdMBIIFhVagguxdiHl%2Fi1I%2BIZFioIk89ncP7jtPsarjT0gQSerEpPIWmPFLqvR1f49U9xXYU2n3wpha%2BlGQVPw9IVEJzdOX"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 764187918c779295-FRA
expires: Tue, 29 Nov 2022 22:10:53 GMT

Redirect headers

location: https://kvhsss.top/f67b410855efed07dc1783436baaa5f7.gif
date: Thu, 03 Nov 2022 02:02:44 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 klm29.gif
aoattsetp.vip/logotp/ Frame 72E8 690 KB
691 KB 74ms
23ms Image
image/gif 2606:4700:3034::ac43:c28e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoattsetp.vip/logotp/klm29.gif
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c28e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88e67b99365a0814cbdf10fd982322516af9f2bb613f1c72e218ba32a7a31fca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2021
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 706607
last-modified: Mon, 02 May 2022 08:41:33 GMT
server: cloudflare
etag: "626f993d-ac82f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOIpnxv2J1TKhjaQMzSE0%2FKO9DjHuH5vnDEERetGhFZOrfOPA9kFGCNrws0igCGrLYq2zm0kKM%2FZOojnDOJdgcV901Q5uLvOu2p4lj9MZ%2BQ5stAnl0L7lXLaTNE%2F7jKvDnaLYETT1FKFbCF3"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 76418786cf51916e-FRA
expires: Fri, 02 Dec 2022 14:16:24 GMT

GET
H3 200 app0921.jpg
cdn.jsdelivr.net/gh/kkkll22/img@main/index/ Frame 72E8 20 KB
21 KB 131ms
130ms Image
image/jpeg 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/kkkll22/img@main/index/app0921.jpg

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caee5c83fc039dd72f1a1e00e295d143b73a79553b66a2ea62de7bc1201aa898

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 02:02:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-jsd-version: main
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20633
x-served-by: cache-fra19146-FRA, cache-yyz4522-YYZ
x-jsd-version-type: branch
cf-bgj: h2pri
server: cloudflare
etag: W/"5099-VMb/3iQ6e9t0sk8fxRulpFMqano"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x19nXKh%2BUTCZOz3uqkD4bC2%2Fl27diyYHa%2FHeUavDlvF6hT%2BJnH9KXIC8cuKri%2BmE88U7IdaLLXfNb2%2BD%2FEdU%2FMSvHOFGsUdMxfsoCyKBvMF03QU9%2Bk71xbT3MJBDAGxFF0J1HK%2FIASZaN1fbGxI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 764187867b3f92a2-FRA

GET
H/1.1 530 250x250.gif
58tu.1468tu.com/58tu/ Frame 72E8 0
0 2460ms
198ms Image
text/html 20.24.97.200

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://58tu.1468tu.com/58tu/250x250.gif
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.24.97.200 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H/1.1 200
OK bf42ce11ec6d463089ce9700d48fda78.gif
n5267.com/ Frame 72E8 29 KB
29 KB 1603ms
460ms Image
image/gif 103.170.15.72

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n5267.com/bf42ce11ec6d463089ce9700d48fda78.gif
Requested by: Host: hjha.bar
URL: https://hjha.bar:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.72 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 2ca8007b97da4aa8dfe8e89950cd97d6c804f17d4d9cb51e0f7492335412724c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 06:12:33 GMT
Last-Modified: Thu, 29 Sep 2022 05:07:21 GMT
Server: nginx
ETag: "63352809-748c"
X-Cache: HIT from yd11_13-cdn-g01-la2-02
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 29836

GET
DATA 200
OK truncated
/ Frame 72E8 254 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame 72E8 30 KB
11 KB 370ms
370ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?41537b718b08fa02fbaf62417f6eff43

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

9ca9b38c6ebfa1715c0ef12d26f42cdc20ace41ad305e080ef7e713dd6cbc8e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 03 Nov 2022 02:02:40 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 52825ffa774c7126d21f9fddc39a2827
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11329

GET
H2 200 Gi205y2054274086 Show response
www.xccc99.xyz/aKZK/B-14502-d-D/teS/ Frame 72E8 48 B
556 B 628ms
204ms Script
text/html 47.243.192.160
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xccc99.xyz:4814/aKZK/B-14502-d-D/teS/Gi205y2054274086
Requested by: Host: baleyu.com
URL: http://baleyu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.243.192.160 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ebf0829271b6502a221eb6fc96f3203e573db9b399f24a064bbd874c448182d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Nov 2022 02:02:39 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, PATCH, POST, PUT, DELETE, OPTIONS
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: AuthToken, Authorization, Origin, Content-Type, Accept, X-Requested-With
content-length: 165
expires: -1

GET
DATA 200
OK truncated
/ Frame 72E8 2 KB
2 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f42a279f4552574aba15f36748a6bc636bc50e34db969a9b361f9f1ed455615e

Request headers

Referer
Origin: https://hjha.bar:8443
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 346ms
346ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2009158414&si=0479a3a671cc30fd27d45970393ba3c8&v=1.2.97&lv=1&sn=33955&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fbaleyu.com%2F&tt=%E6%B5%99%E6%B1%9F%E5%9F%8E%E5%BB%BA%E8%81%94%E5%90%88%E8%A3%85%E9%A5%B0%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8_%E6%9D%AD%E5%B7%9E%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8_%E4%B8%93%E6%B3%A8%E6%9D%AD%E5%B7%9E%E7%8E%AF%E4%BF%9D%E8%A3%85%E4%BF%AE%E5%AE%B6%E8%A3%85%E5%A5%BD%E5%93%81%E7%89%8C_%E5%9F%8E%E5%BB%BA%E8%A3%85%E9%A5%B0

Requested by

Host: baleyu.com
URL: http://baleyu.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Nov 2022 02:02:40 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 341ms
340ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=288132849&si=f1d4fa7fc77845e82d7014194503e307&v=1.2.97&lv=1&sn=33955&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fbaleyu.com%2F&tt=%E6%B5%99%E6%B1%9F%E5%9F%8E%E5%BB%BA%E8%81%94%E5%90%88%E8%A3%85%E9%A5%B0%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8_%E6%9D%AD%E5%B7%9E%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8_%E4%B8%93%E6%B3%A8%E6%9D%AD%E5%B7%9E%E7%8E%AF%E4%BF%9D%E8%A3%85%E4%BF%AE%E5%AE%B6%E8%A3%85%E5%A5%BD%E5%93%81%E7%89%8C_%E5%9F%8E%E5%BB%BA%E8%A3%85%E9%A5%B0

Requested by

Host: baleyu.com
URL: http://baleyu.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Nov 2022 02:02:40 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 321ms
321ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=292811560&si=2c826b7af1bbdd4b55533c61259bdc81&v=1.2.97&lv=1&sn=33955&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fbaleyu.com%2F&tt=%E6%B5%99%E6%B1%9F%E5%9F%8E%E5%BB%BA%E8%81%94%E5%90%88%E8%A3%85%E9%A5%B0%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8_%E6%9D%AD%E5%B7%9E%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8_%E4%B8%93%E6%B3%A8%E6%9D%AD%E5%B7%9E%E7%8E%AF%E4%BF%9D%E8%A3%85%E4%BF%AE%E5%AE%B6%E8%A3%85%E5%A5%BD%E5%93%81%E7%89%8C_%E5%9F%8E%E5%BB%BA%E8%A3%85%E9%A5%B0

Requested by

Host: baleyu.com
URL: http://baleyu.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Nov 2022 02:02:40 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame 72E8 43 B
299 B 338ms
338ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=883262727&si=41537b718b08fa02fbaf62417f6eff43&su=http%3A%2F%2Fbaleyu.com%2F&v=1.2.97&lv=1&sn=33956&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fhjha.bar%3A8443%2F&tt=%E9%BB%84%E9%87%91%E6%B5%B7%E5%B2%B8

Requested by

Host: hjha.bar
URL: https://hjha.bar:8443/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha.bar:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Nov 2022 02:02:44 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-20 16:46:40	Name: HMACCOUNT_BFESS Value: 9428F609921D4027
.baleyu.com/	1970-01-20 15:56:16	Name: Hm_lvt_0479a3a671cc30fd27d45970393ba3c8 Value: 1667440960
.baleyu.com/	1969-12-31 23:59:59	Name: Hm_lpvt_0479a3a671cc30fd27d45970393ba3c8 Value: 1667440960
.baleyu.com/	1970-01-20 15:56:16	Name: Hm_lvt_f1d4fa7fc77845e82d7014194503e307 Value: 1667440960
.baleyu.com/	1969-12-31 23:59:59	Name: Hm_lpvt_f1d4fa7fc77845e82d7014194503e307 Value: 1667440960
.baleyu.com/	1970-01-20 15:56:16	Name: Hm_lvt_2c826b7af1bbdd4b55533c61259bdc81 Value: 1667440960
.baleyu.com/	1969-12-31 23:59:59	Name: Hm_lpvt_2c826b7af1bbdd4b55533c61259bdc81 Value: 1667440960

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://hjha.bar:8443/ Message: Mixed Content: The page at 'https://hjha.bar:8443/' was loaded over HTTPS, but requested an insecure element 'http://58tu.1468tu.com/58tu/250x250.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hjha.bar:8443/(Line 1101) Message: Mixed Content: The page at 'https://hjha.bar:8443/' was loaded over HTTPS, but requested an insecure element 'http://58tu.1468tu.com/58tu/250x250.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://58tu.1468tu.com/58tu/250x250.gif Message: Failed to load resource: the server responded with a status of 530 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

107.jisehe1.com
258258048.com
328858prw.com
339282bdb.com
58tu.1468tu.com
592773xgg.com
832793jse.com
8499225.com
88225233827.com
a666.one
aoattsetp.vip
baleyu.com
cdn.jsdelivr.net
dimg04.c-ctrip.com
fadacaitp.com
hjha.bar
hm.baidu.com
img.9275x.com
kmrcum2.com
kveii.com
kvhdd.com
kvhggg.top
kvhmm.com
kvhsss.top
kvtfff.top
kvtlll.top
kzeii.com
n5267.com
p.qlogo.cn
p3.douyinpic.com
papatv.cloud
rfyqtv2.com
tp.1468tu.com
u0075.com
vbutjg.com
www.xccc99.xyz
103.170.15.101
103.170.15.72
103.170.15.88
103.235.46.191
104.143.94.110
137.220.244.202
172.247.50.228
180.178.34.164
198.16.37.82
20.239.197.175
20.24.103.196
20.24.97.200
20.255.32.7
206.119.93.78
23.205.240.173
23.224.0.11
23.226.11.149
240e:97c:2f:5::3c
2606:4700:3034::ac43:c28e
2606:4700:3038::6815:e9a7
2606:4700:3038::6815:e9d8
2606:4700:3038::6815:ea8d
2606:4700::6810:5914
2a06:98c1:3120::3
3.36.126.81
45.61.212.122
45.61.212.128
45.61.212.163
45.61.212.217
47.243.192.160
78.46.107.74
79.133.177.230
10c47a7b458381d69296524aaffdbd6ad00664153679d44ab03d11b2f17ac388
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
11b507546df8a41877897e0b2995c07b55c047ad56d50f154665d01242973871
17a4f7b3d5caf413211515976326969951cc1bb9a3e32a9caa885fd6e3109368
17e78ffe065be76212de6b960082ea287cc0e712b6f170f44c63e2144ec14c84
18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc
22a525fd9b99500b6824d69a8dbb6e44684f0846fe85291b3d99c08e7c1ea71f
26e14cbc399dbddc9f3b28c753735230b5da66b58f5f32555ccfa66ee8096751
28dce5a4ccdf5e6f197b23e1932d1a0a4a590a28491b3cde2ea89f1e461cee4d
2b6a9b53114e36c800d36b460001279b5b27d86ad0b0f79d71bd5157d7d2ba8c
2ca8007b97da4aa8dfe8e89950cd97d6c804f17d4d9cb51e0f7492335412724c
37e407b33f89d82ed1e2e38a122150d522e16948daf9d2ba1ab40319dbb2912c
388939644e37c8b5ec54fa6cb31cbdd3a02b1430a69c972e7b298c86a1b2dec0
3f8ad1230a54a7c36522b11dd277ff02b878dde5384334dfd98359759c0a7fba
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
543e8a7e680605b09ed3c18b6520822be19c3420f76192d0aa7ee84cc97f235b
54d436cbf368311b0aa7bb497ac1b5a4330067953e11b4ad2da233e07e923d05
603ae21e8a72947963d79e142c19e5fbd5051790910630851eb04b1afcb05f5a
604a27548ca0d53214b581c0e2ad199acc8169f59afec68f82887add6abdbff8
61d729447f9bed44ec99b14e38937f67a9d7651bc483a5832b018ef066d00658
627ba9f86b478606d3fc36097593d9513d273651c5fbf77723b91cc270947f4e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6835b6d20deda9911586e5d28bbd627e251cfef2043225a36aa80142cfa5ba97
6c48ac46d72a4390f2da433c8032b5a29153855dcdb3201231793ca72f1a26ba
71a317455923b5945e154db3b3358a0267c9940655d3cd1c9b1f2ed9f68fa66b
7278dc0ab8fd6cae9ce33481833cd4fd5cdb817f28f344f7b07ed0f5cd04f47c
75ba290f4a2dc25f7cad04db45ec4633f8cdbf33c36f1b0e49ccfae0ebe4547f
77ca4ce8ccd353c01604f37d1dc0bca9aa9122ffeb444e215583d04dea06faa4
88e67b99365a0814cbdf10fd982322516af9f2bb613f1c72e218ba32a7a31fca
89521c87c1fe061e63fb523bb11f2a328e9202574d73aa4c4e17de8a8f301c58
8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140
92af02f425cb82444f00ee9d8f910b28544fee2f770e2456bf92637ea7631241
95c7c1bcbb515e5c4bf5cc79807d1b9d09f42efc1fb1cfe76024bd64a05a0850
993bb3ccc922975fa87b4ee2f646297b7cb4e10c862388db721cdeffb7e95edf
9a0c09b96b96fd45c8edff175e835996ae3870e2f75881fd87b9f5fdc330650b
9ca9b38c6ebfa1715c0ef12d26f42cdc20ace41ad305e080ef7e713dd6cbc8e3
9e3924fe2017f9c46663dba4707736be8be378ed41e761587eb7513ae69ab1dc
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a6a134b78f571b5fd1d4ee985cd10b1b884cf2724a7794dd269f3f3a6476a089
a8de43276d16854ef7935475d9bb2cece4d62f93628a0546dc6587c147a135fa
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
b15f6b63346bdc77fe89b9d5192428516d42f3c22b80ba44c12d509b971976ad
b373dcb0598f1ed8d191cc80eddadc6740f7acfdc9d6904df7eb3151920017c7
c062c554cf5e5a9d573d683a96a03356d40453705df36ef7167345c14b06d8cb
caee5c83fc039dd72f1a1e00e295d143b73a79553b66a2ea62de7bc1201aa898
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d8eabe8674cff4865bb0afb2da32f075f5612c78db36fdbed0a6482940726bba
e0c771ac60d2f3a7ea69ae43615fe0b76c4a7671c7d732e0297ea6c0b79a6b9e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebf0829271b6502a221eb6fc96f3203e573db9b399f24a064bbd874c448182d3
ed7fdbb2d11646a7ceb15c6531bd911fd2dc5989afff8219c124e1d61a81b315
f42a279f4552574aba15f36748a6bc636bc50e34db969a9b361f9f1ed455615e
fa529241dddbd17e0dd7b8ee301efa587826b81ed5b4b6223f1ee6e236e44442
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff

baleyu.com Open in urlscan Pro 206.119.93.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

84 %HTTPS

22 %IPv6

35 Domains

36 Subdomains

30 IPs

8 Countries

14685 kBTransfer

14971 kBSize

7 Cookies

0 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

baleyu.com Open in urlscan Pro
206.119.93.78 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

84 %
HTTPS

22 %
IPv6

35
Domains

36
Subdomains

30
IPs

8
Countries

14685 kB
Transfer

14971 kB
Size

7
Cookies

56 HTTP transactions
2 data transactions