flow-consumer.ghz.icu Open in urlscan Pro
185.199.109.153  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response flow-consumer.ghz.icu/	24 KB 8 KB	370ms 176ms	Document text/html	185.199.109.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://flow-consumer.ghz.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-109-153.github.com Software GitHub.com / Resource Hash 944db38b5d5f32fbee7b89fcbffa57065fac0eba48b88af96421b5748fbb1eda Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 0 cache-control max-age=600 content-encoding gzip content-length 8162 content-type text/html; charset=utf-8 date Wed, 21 Feb 2024 10:44:08 GMT etag W/"65d5a510-609a" expires Wed, 21 Feb 2024 09:25:42 GMT last-modified Wed, 21 Feb 2024 07:24:00 GMT server GitHub.com vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 1 x-fastly-request-id a73f567cec47e727a1f20a85f81b64d02f4f88c0 x-github-request-id 0A3C:1B4C:4A2ED0:57E02F:65D5BF3C x-proxy-cache MISS x-served-by cache-bur-kbur8200045-BUR x-timer S1708512249.852589,VS0,VE98
GET H2	200	dashlite.css flow-consumer.ghz.icu/css/	486 KB 74 KB	177ms 175ms	Stylesheet text/css	185.199.109.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://flow-consumer.ghz.icu/css/dashlite.css Requested by Host: flow-consumer.ghz.icu URL: https://flow-consumer.ghz.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-109-153.github.com Software GitHub.com / Resource Hash 5945e507cf7036b68a8ec6bb8238f83adf740e2b56395bf4f201e3012c719a7c Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers x-fastly-request-id 3b07c253e8fa3e6cd22b9014b513bde518995fd0 date Wed, 21 Feb 2024 10:44:09 GMT content-encoding gzip via 1.1 varnish x-cache-hits 1 age 0 x-cache HIT x-proxy-cache MISS content-length 76012 x-served-by cache-bur-kbur8200045-BUR last-modified Wed, 21 Feb 2024 07:24:00 GMT server GitHub.com x-github-request-id 4EA8:40AB:4CCB6F:5A9748:65D5D0E6 x-timer S1708512249.037342,VS0,VE92 etag W/"65d5a510-79626" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=600 accept-ranges bytes expires Wed, 21 Feb 2024 10:41:03 GMT
GET H2	200	style.css flow-consumer.ghz.icu/css/	3 KB 1 KB	340ms 338ms	Stylesheet text/css	185.199.109.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://flow-consumer.ghz.icu/css/style.css?v=20220626 Requested by Host: flow-consumer.ghz.icu URL: https://flow-consumer.ghz.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-109-153.github.com Software GitHub.com / Resource Hash 1c0443b174520528f41a6606bef474866c599c3071e10f57694f13d2664839b8 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers x-fastly-request-id fe02d70ef2eaedf7946bcb847711f2437b1e5620 date Wed, 21 Feb 2024 10:44:09 GMT content-encoding gzip via 1.1 varnish x-cache-hits 1 age 0 x-cache HIT x-proxy-cache MISS content-length 1322 x-served-by cache-bur-kbur8200045-BUR last-modified Wed, 21 Feb 2024 07:24:00 GMT server GitHub.com x-github-request-id 8DDE:7A6E:4E7E50:5C8E05:65D5D0E6 x-timer S1708512249.037441,VS0,VE96 etag W/"65d5a510-cd3" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=600 accept-ranges bytes expires Wed, 21 Feb 2024 10:41:03 GMT
GET H2	200	/ Show response v1.hitokoto.cn/	213 B 1 KB	732ms 110ms	Script application/javascript	172.67.169.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://v1.hitokoto.cn/?encode=js&select=%23hitokoto Requested by Host: flow-consumer.ghz.icu URL: https://flow-consumer.ghz.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.169.115 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 321641c06e81f7221e2a64901272bb0e3a17063b49f2199bd235bd8e5512c758 Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 21 Feb 2024 10:44:10 GMT content-security-policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status EXPIRED x-permitted-cross-domain-policies none nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-dns-prefetch-control off content-encoding br cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 x-request-id 18633be1-9cd7-4975-81dd-8d01ca9ed1fe referrer-policy no-referrer last-modified Wed, 21 Feb 2024 10:44:07 GMT server cloudflare cross-origin-opener-policy same-origin x-download-options noopen x-frame-options SAMEORIGIN vary Origin, Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?1 access-control-expose-headers X-Request-Id report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mzgLHeLqLrsLHQ%2B85mQeGvRX54fX94iR8tYQA0ZJCOqOVUX4b12EJGPRZXA6Q%2BXIEVBEJpOTlV69QWZbo1dwDw8m9G7Fq8QX52M96bzJf%2F28dYJEuR3EYCwtpw%2FA%2BuX2w%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 858e647edfb27e88-LAX
GET H2	200	js-sdk-pro.min.js Show response sdk.51.la/	34 KB 13 KB	983ms 214ms	Script application/javascript	47.246.22.127 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://sdk.51.la/js-sdk-pro.min.js Requested by Host: flow-consumer.ghz.icu URL: https://flow-consumer.ghz.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 47.246.22.127 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 07:54:49 GMT via cache10.l2us1[0,0,304-0,H], cache22.l2us1[1,0], cache8.us13[0,0,200-0,H], cache2.us13[7,0] content-encoding gzip x-oss-request-id 65CF14C9ABB8F83638F681BD content-md5 JLtSDpUX8u0+2Ye0aur3Iw== age 442160 x-swift-cachetime 1295999 x-cache HIT TCP_MEM_HIT dirn:9:144511813 x-oss-cdn-auth success x-swift-savetime Fri, 16 Feb 2024 07:54:50 GMT content-length 12846 x-oss-object-type Normal last-modified Thu, 08 Jun 2023 02:24:34 GMT server Tengine vary Accept-Encoding ali-swift-global-savetime 1708070089 content-type application/javascript access-control-allow-origin * x-oss-storage-class Standard timing-allow-origin * x-oss-hash-crc64ecma 5143829838470429443 eagleid 2ff6169617085122498397151e x-oss-server-time 2
GET H2	200	f1f9c78d261e4914be79dd93deed6f05 p5.toutiaoimg.com/origin/pgc-image/	10 KB 11 KB	1898ms 243ms	Image image/png	61.184.9.218 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL https://p5.toutiaoimg.com/origin/pgc-image/f1f9c78d261e4914be79dd93deed6f05 Requested by Host: flow-consumer.ghz.icu URL: https://flow-consumer.ghz.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 61.184.9.218 Wuhan, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Byte-nginx / ImageX Resource Hash 2f617bb277280d635606cb5baf7f5c310b76679ae09461f8bd5202bd0db5b184 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 21 Feb 2024 10:44:10 GMT x-response-lb image via cache04.hbxyct04 x-tt-trace-tag id=5 x-tt-trace-id 202304281657470100060310420F16433B age 25839982 nw-session-id 202304281657489271CF2B54363A82B6E6f9t4703tt x-powered-by ImageX x-bdcdn-cache-status TCP_HIT server-timing inner; dur=37 x-length 10164 content-length 10164 x-request-id 378ddab662ef711cf81b96ea68ce7a67 last-modified Fri, 28 Apr 2023 08:57:48 GMT server Byte-nginx x-tt-logid 202304281657489271CF2B54363A82B6E6 x-response-date Fri, 28 Apr 2023 16:57:48 GMT content-type image/png access-control-allow-origin * nw-session-trace 2023-04-28T16:57:48.063644492+08:00 30 cache-control max-age=31536000 x-request-ip 5.182.16.6 x-response-cinfo 5.182.16.6 imagex-fmt png2png x-response-cache edge_hit timing-allow-origin * x-tt-trace-host 016ce5dbc81fd72e2a80c587ccd35abbd8fc38242d38167423ac220a5f46086219a26ea6545e5431a6ec184ff7e74eae34fa45714015b376268a1c5191b5cf173c9303b6197043a383d6a08fd79c6ea14ef8dd831ac9d5440d15ab0a122a77f3f5862a8753b7a57e0289af3486b2e2a456
GET H2	200	3-5.png sdk.51.la/icon/	473 B 842 B	984ms 216ms	Image image/png	47.246.22.127 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Show image Full URL https://sdk.51.la/icon/3-5.png Requested by Host: flow-consumer.ghz.icu URL: https://flow-consumer.ghz.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 47.246.22.127 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash cd0dac66551a78e41d44eace4a7cf69c0e3dc10c05a3cfe6828636bd9afdd085 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 08:47:14 GMT via cache36.l2us1[0,1,304-0,H], cache4.l2us1[3,0], cache1.us13[0,0,200-0,H], cache2.us13[7,0] x-oss-request-id 65CF211280540337319C2AF6 content-md5 KqOzT3g0218cvxc/VBUHlg== age 439015 x-swift-cachetime 1294079 x-cache HIT TCP_HIT dirn:10:64385756 x-oss-cdn-auth success x-swift-savetime Fri, 16 Feb 2024 09:19:15 GMT content-length 473 x-oss-object-type Normal last-modified Thu, 08 Jun 2023 02:25:01 GMT server Tengine etag "2AA3B34F7834DB5F1CBF173F54150796" ali-swift-global-savetime 1708073234 content-type image/png access-control-allow-origin * x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 4652980157010729591 eagleid 2ff6169617085122498397154e x-oss-server-time 6
GET H2	200	/ ip.vv1234.cn/ipx/	0 0	3603ms 1934ms	Image text/html	81.70.205.123 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Show image Full URL https://ip.vv1234.cn/ipx/ Requested by Host: flow-consumer.ghz.icu URL: https://flow-consumer.ghz.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 81.70.205.123 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers
GET H/1.1	200 OK	quote.js Show response v6-widget.51.la/v6/JjhvoI5bfYbANJBZ/	12 KB 5 KB	2479ms 612ms	Script application/x-javascript	61.160.192.101 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://v6-widget.51.la/v6/JjhvoI5bfYbANJBZ/quote.js?theme=0&f=12&display=1,1,1,1,0,1,1,1 Requested by Host: flow-consumer.ghz.icu URL: https://flow-consumer.ghz.icu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 61.160.192.101 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Tengine / Resource Hash be4008e517982508f578eb2ac8fd49d9260537ae3246ef86e788d40ec569435e Request headers Referer Origin https://flow-consumer.ghz.icu accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Wed, 21 Feb 2024 10:44:12 GMT Content-Encoding gzip Via cache41.l2cn3129[189,331,200-0,M], cache2.l2cn3129[333,0], kunlun2.cn6425[347,378,200-0,M], kunlun2.cn6425[380,0] x-oss-request-id 65D5D3FC81477F38377F6EB3 Content-MD5 zj2KZpLmVXEGxm3nhE/fIA== X-Swift-CacheTime 300 Transfer-Encoding chunked X-Cache MISS TCP_REFRESH_MISS dirn:9:924154976 x-oss-cdn-auth success Connection keep-alive X-Swift-SaveTime Wed, 21 Feb 2024 10:44:12 GMT x-oss-object-type Normal Last-Modified Wed, 21 Feb 2024 10:41:50 GMT Server Tengine Vary Accept-Encoding Ali-Swift-Global-Savetime 1708512252 Content-Type application/x-javascript Access-Control-Allow-Origin * x-oss-storage-class Standard Timing-Allow-Origin * x-oss-hash-crc64ecma 3963253357019775155 EagleId 3da0c00c17085122520027036e x-oss-server-time 3
GET H2	200	jquery.min.js Show response cdn.staticfile.org/jquery/3.6.0/	87 KB 35 KB	709ms 83ms	Script application/javascript	151.101.195.52 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.staticfile.org/jquery/3.6.0/jquery.min.js Requested by Host: flow-consumer.ghz.icu URL: https://flow-consumer.ghz.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.195.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers expires Tue, 18 Feb 2025 08:47:20 GMT date Wed, 21 Feb 2024 10:44:10 GMT content-encoding gzip via 1.1 varnish strict-transport-security max-age=300 age 179883 x-cache HIT content-length 34778 x-served-by cache-bur-kbur8200132-BUR last-modified Tue, 16 Jan 2024 22:07:00 GMT server nginx x-timer S1708512251.692324,VS0,VE0 etag W/"65a6fe04-15d9d" access-control-max-age 1800 access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true vary Accept-Encoding x-cloud-fetchl true accept-ranges bytes access-control-allow-headers Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Token x-cloud-global true x-cache-hits 8
GET H2	200	bootstrap.bundle.min.js Show response cdn.staticfile.org/bootstrap/4.6.1/js/	81 KB 26 KB	898ms 273ms	Script application/javascript	151.101.195.52 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.staticfile.org/bootstrap/4.6.1/js/bootstrap.bundle.min.js Requested by Host: flow-consumer.ghz.icu URL: https://flow-consumer.ghz.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.195.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers expires Tue, 18 Feb 2025 09:16:49 GMT date Wed, 21 Feb 2024 10:44:10 GMT content-encoding gzip via 1.1 varnish strict-transport-security max-age=300 age 178032 x-cache HIT content-length 25987 x-served-by cache-bur-kbur8200132-BUR last-modified Mon, 11 Dec 2023 16:01:36 GMT server nginx x-timer S1708512251.692332,VS0,VE1 etag W/"65773260-14535" access-control-max-age 1800 access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true vary Accept-Encoding x-cloud-fetchl true accept-ranges bytes access-control-allow-headers Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Token x-cloud-global true x-cache-hits 1
GET H2	200	layer.js Show response cdn.staticfile.org/layer/3.5.1/	22 KB 9 KB	826ms 202ms	Script application/javascript	151.101.195.52 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.staticfile.org/layer/3.5.1/layer.js Requested by Host: flow-consumer.ghz.icu URL: https://flow-consumer.ghz.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.195.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash a97e4941ceb1a7df7bcf5e9631b8d9e8f7b47d7ccb59b5ed3968380465e0e824 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers expires Tue, 18 Feb 2025 16:56:05 GMT date Wed, 21 Feb 2024 10:44:10 GMT content-encoding gzip via 1.1 varnish strict-transport-security max-age=300 age 179195 x-cache HIT content-length 8674 x-served-by cache-bur-kbur8200132-BUR last-modified Fri, 08 Dec 2023 23:07:55 GMT server nginx x-timer S1708512251.692356,VS0,VE1 etag W/"6573a1cb-58d2" access-control-max-age 1800 access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true vary Accept-Encoding x-cloud-fetchl true accept-ranges bytes access-control-allow-headers Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Token x-cloud-global true x-cache-hits 1
GET H2	200	nioapp.min.js Show response flow-consumer.ghz.icu/js/	8 KB 3 KB	311ms 306ms	Script application/javascript	185.199.109.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://flow-consumer.ghz.icu/js/nioapp.min.js Requested by Host: flow-consumer.ghz.icu URL: https://flow-consumer.ghz.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-109-153.github.com Software GitHub.com / Resource Hash 33d252c4d67d1a48f07e92a3e9f3274577611e6a46cea5014cad550311b6eb93 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers x-fastly-request-id 719faff2725d2e2fad57b7eec5f6566932924ed3 date Wed, 21 Feb 2024 10:44:10 GMT content-encoding gzip via 1.1 varnish x-cache-hits 1 age 0 x-cache HIT x-proxy-cache MISS content-length 3147 x-served-by cache-bur-kbur8200045-BUR last-modified Wed, 21 Feb 2024 07:24:00 GMT server GitHub.com x-github-request-id D584:1125:123989:154955:65D5D0E7 x-timer S1708512250.070923,VS0,VE126 etag W/"65d5a510-215b" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=600 accept-ranges bytes x-origin-cache HIT expires Wed, 21 Feb 2024 10:41:03 GMT
GET H2	200	script.js Show response flow-consumer.ghz.icu/js/	29 KB 7 KB	184ms 180ms	Script application/javascript	185.199.109.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://flow-consumer.ghz.icu/js/script.js Requested by Host: flow-consumer.ghz.icu URL: https://flow-consumer.ghz.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-109-153.github.com Software GitHub.com / Resource Hash 4ad1a8c666111fd8c7d95aa583a6014d4bd14d8621be2a6bc7174c55a6d96515 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers x-fastly-request-id 9dd63aba0fb1151293d12c4203dd62f916512fd4 date Wed, 21 Feb 2024 10:44:10 GMT content-encoding gzip via 1.1 varnish x-cache-hits 1 age 0 x-cache HIT x-proxy-cache MISS content-length 7194 x-served-by cache-bur-kbur8200045-BUR last-modified Wed, 21 Feb 2024 07:24:00 GMT server GitHub.com x-github-request-id A1EA:39B6:4BE616:59B01B:65D5D0E3 x-timer S1708512250.071101,VS0,VE103 etag W/"65d5a510-72b3" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=600 accept-ranges bytes expires Wed, 21 Feb 2024 10:41:03 GMT
GET H2	200	common.js Show response flow-consumer.ghz.icu/js/	2 KB 1 KB	176ms 173ms	Script application/javascript	185.199.109.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://flow-consumer.ghz.icu/js/common.js Requested by Host: flow-consumer.ghz.icu URL: https://flow-consumer.ghz.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-109-153.github.com Software GitHub.com / Resource Hash 8a420d591329bea86454b5c4f5cc7faa82b4e7b9f17a95a90a92ab2270102097 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers x-fastly-request-id cd51d2b8f27dc0fd09678a3ca503a93aba5db3a4 date Wed, 21 Feb 2024 10:44:10 GMT content-encoding gzip via 1.1 varnish x-cache-hits 1 age 0 x-cache HIT x-proxy-cache MISS content-length 879 x-served-by cache-bur-kbur8200045-BUR last-modified Wed, 21 Feb 2024 07:24:00 GMT server GitHub.com x-github-request-id BD06:8782:4C0CD4:59D997:65D5D0E6 x-timer S1708512250.071153,VS0,VE95 etag W/"65d5a510-9cf" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=600 accept-ranges bytes x-origin-cache HIT expires Wed, 21 Feb 2024 10:41:03 GMT
GET H2	200	vue.min.js Show response cdn.staticfile.org/vue/2.6.14/	92 KB 38 KB	862ms 241ms	Script application/javascript	151.101.195.52 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.staticfile.org/vue/2.6.14/vue.min.js Requested by Host: flow-consumer.ghz.icu URL: https://flow-consumer.ghz.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.195.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers expires Tue, 18 Feb 2025 08:47:33 GMT date Wed, 21 Feb 2024 10:44:10 GMT content-encoding gzip via 1.1 varnish strict-transport-security max-age=300 age 179870 x-cache HIT content-length 38133 x-served-by cache-bur-kbur8200132-BUR last-modified Sun, 17 Dec 2023 07:08:54 GMT server nginx x-timer S1708512251.692350,VS0,VE1 etag W/"657e9e86-16fc7" access-control-max-age 1800 access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true vary Accept-Encoding x-cloud-fetchl true accept-ranges bytes access-control-allow-headers Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Token x-cloud-global true x-cache-hits 1
GET H2	200	axios.min.js Show response cdn.staticfile.org/axios/0.26.0/	17 KB 7 KB	813ms 192ms	Script application/javascript	151.101.195.52 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.staticfile.org/axios/0.26.0/axios.min.js Requested by Host: flow-consumer.ghz.icu URL: https://flow-consumer.ghz.icu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.195.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 9de7375b7afd386e037872a35af5aa58e089986cfe9e5e2c783976528efb5f2f Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers expires Tue, 18 Feb 2025 17:08:03 GMT date Wed, 21 Feb 2024 10:44:10 GMT content-encoding gzip via 1.1 varnish strict-transport-security max-age=300 age 178210 x-cache HIT content-length 6599 x-served-by cache-bur-kbur8200132-BUR last-modified Mon, 11 Dec 2023 16:15:24 GMT server nginx x-timer S1708512251.692131,VS0,VE1 etag W/"6577359c-4559" access-control-max-age 1800 access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true vary Accept-Encoding x-cloud-fetchl true accept-ranges bytes access-control-allow-headers Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Token x-cloud-global true x-cache-hits 1
POST H/1.1	406	collect Show response collect-v6.51.la/v6/	0 521 B	1151ms 397ms	XHR text/plain	203.107.86.226 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://collect-v6.51.la/v6/collect?dt=4 Requested by Host: sdk.51.la URL: https://sdk.51.la/js-sdk-pro.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Access-Control-Allow-Origin https://flow-consumer.ghz.icu Date Wed, 21 Feb 2024 10:44:11 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Content-Length 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
GET H2	200	Nioicon.ttf flow-consumer.ghz.icu/fonts/	294 KB 134 KB	182ms 181ms	Font font/ttf	185.199.109.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://flow-consumer.ghz.icu/fonts/Nioicon.ttf Requested by Host: flow-consumer.ghz.icu URL: https://flow-consumer.ghz.icu/css/dashlite.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-109-153.github.com Software GitHub.com / Resource Hash e3dc9a348aa4c868d4d6a9e9b34fd5371006a088a5da3fb7a2444e6216d394a8 Request headers Referer https://flow-consumer.ghz.icu/css/dashlite.css Origin https://flow-consumer.ghz.icu accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers x-fastly-request-id cf2a06e249923faa9fc3d834cf1ddaab84c46c49 date Wed, 21 Feb 2024 10:44:10 GMT content-encoding gzip via 1.1 varnish x-cache-hits 1 age 0 x-cache HIT x-proxy-cache MISS content-length 137013 x-served-by cache-bur-kbur8200045-BUR last-modified Wed, 21 Feb 2024 07:24:00 GMT server GitHub.com x-github-request-id 55D4:1B4C:4BD171:59EF03:65D5D0E7 x-timer S1708512250.085830,VS0,VE103 etag W/"65d5a510-4970c" vary Accept-Encoding content-type font/ttf access-control-allow-origin * cache-control max-age=600 accept-ranges bytes x-origin-cache HIT expires Wed, 21 Feb 2024 10:41:03 GMT
GET H2	200	layer.css cdn.staticfile.org/layer/3.5.1/theme/default/	14 KB 3 KB	80ms 80ms	Stylesheet text/css	151.101.195.52 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.staticfile.org/layer/3.5.1/theme/default/layer.css?v=3.5.1 Requested by Host: cdn.staticfile.org URL: https://cdn.staticfile.org/layer/3.5.1/layer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.195.52 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers expires Tue, 18 Feb 2025 08:54:09 GMT date Wed, 21 Feb 2024 10:44:12 GMT content-encoding gzip via 1.1 varnish strict-transport-security max-age=300 age 179415 x-cache HIT content-length 3199 x-served-by cache-bur-kbur8200132-BUR last-modified Fri, 08 Dec 2023 23:08:01 GMT server nginx x-timer S1708512253.587865,VS0,VE0 etag W/"6573a1d1-37bf" access-control-max-age 1800 access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true vary Accept-Encoding x-cloud-fetchl true accept-ranges bytes access-control-allow-headers Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Token x-cloud-global true x-cache-hits 2
GET H2	200	/ tool.lu/netcard/	15 KB 15 KB	777ms 267ms	Image image/png	8.136.83.38 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Show image Full URL https://tool.lu/netcard/ Requested by Host: flow-consumer.ghz.icu URL: https://flow-consumer.ghz.icu/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.136.83.38 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash 2a0bc62dd47999330ede1110edca937e7884e654bc4138cb162daa2628f15f96 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 21 Feb 2024 10:44:14 GMT content-security-policy upgrade-insecure-requests x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubdomains; preload content-encoding br content-security-policy-report-only default-src *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.tool.lu *.baidu.com *.bdstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline' 'unsafe-eval' *.tool.lu *.baidu.com; img-src 'self' data: *.tool.lu *.href.lu *.baidu.com; media-src 'none'; child-src 'self' *.tool.lu; font-src *.tool.lu *.alicdn.com; connect-src 'self' *.tool.lu *.baidu.com *.alicdn.com; report-uri //a.tool.lu/csp content-disposition inline;filename=netcard.png x-backend-server izbp1bddlmdujhv83mreflz x-xss-protection 1; mode=block x-request-id 5a71cff8d688443c4dd4623626ccad53 x-ua-compatible IE=Edge server nginx etag W/"cd9a8bcaa79423f380a4a486171cf2c9" vary Accept-Encoding x-ratelimit-remaining 9 content-type image/png x-request-start 1708512254.253 x-ratelimit-limit 10

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| LA number| laWaitTime function| $ function| jQuery object| bootstrap object| layer object| NioApp function| star_plugin number| plugin_id number| plugin_is_star function| Vue function| axios object| errors

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			flow-consumer.ghz.icu/	1969-12-31 23:59:59	Name: __vtins__JpQlHp8uIBmFzxLI Value: %7B%22sid%22%3A%20%221f1bf6d8-e520-599e-bc01-4f14b62e1247%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201708514049995%2C%20%22ct%22%3A%201708512249995%7D
			flow-consumer.ghz.icu/	1970-01-21 04:11:12	Name: __51uvsct__JpQlHp8uIBmFzxLI Value: 1
			flow-consumer.ghz.icu/	1970-01-21 04:11:12	Name: __51vcke__JpQlHp8uIBmFzxLI Value: 26520470-298e-56ea-a447-b373a0ff2610
			flow-consumer.ghz.icu/	1970-01-21 04:11:12	Name: __51vuft__JpQlHp8uIBmFzxLI Value: 1708512250004

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://collect-v6.51.la/v6/collect?dt=4 Message: Failed to load resource: the server responded with a status of 406 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.staticfile.org
collect-v6.51.la
flow-consumer.ghz.icu
ip.vv1234.cn
p5.toutiaoimg.com
sdk.51.la
tool.lu
v1.hitokoto.cn
v6-widget.51.la
151.101.195.52
172.67.169.115
185.199.109.153
203.107.86.226
47.246.22.127
61.160.192.101
61.184.9.218
8.136.83.38
81.70.205.123
1c0443b174520528f41a6606bef474866c599c3071e10f57694f13d2664839b8
2a0bc62dd47999330ede1110edca937e7884e654bc4138cb162daa2628f15f96
2f617bb277280d635606cb5baf7f5c310b76679ae09461f8bd5202bd0db5b184
321641c06e81f7221e2a64901272bb0e3a17063b49f2199bd235bd8e5512c758
33d252c4d67d1a48f07e92a3e9f3274577611e6a46cea5014cad550311b6eb93
4ad1a8c666111fd8c7d95aa583a6014d4bd14d8621be2a6bc7174c55a6d96515
5945e507cf7036b68a8ec6bb8238f83adf740e2b56395bf4f201e3012c719a7c
5cdf3edb27b0c9f8e48918c486e9ae65a9e5beab806b64c4a7bc5bac53c0f540
7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f
8a420d591329bea86454b5c4f5cc7faa82b4e7b9f17a95a90a92ab2270102097
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17
944db38b5d5f32fbee7b89fcbffa57065fac0eba48b88af96421b5748fbb1eda
9de7375b7afd386e037872a35af5aa58e089986cfe9e5e2c783976528efb5f2f
a97e4941ceb1a7df7bcf5e9631b8d9e8f7b47d7ccb59b5ed3968380465e0e824
be4008e517982508f578eb2ac8fd49d9260537ae3246ef86e788d40ec569435e
cd0dac66551a78e41d44eace4a7cf69c0e3dc10c05a3cfe6828636bd9afdd085
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dc9a348aa4c868d4d6a9e9b34fd5371006a088a5da3fb7a2444e6216d394a8
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e