urlscan.io logo urlscan.io
SecurityTrails logo

www.haheks.com Open in urlscan Pro
172.247.221.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://haheks.com/
Effective URL: http://www.haheks.com/
Submission: On March 20 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 23 HTTP transactions. The main IP is 172.247.221.109, located in United States and belongs to CNSERVERS, US. The main domain is www.haheks.com.
This is the only time www.haheks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 172.247.221.109 40065 (CNSERVERS)
4 162.209.205.122 40065 (CNSERVERS)
7 9 198.16.62.21 40065 (CNSERVERS)
6 240e:96c:1100... 4812 (CHINANET-...)
1 23.12.144.228 20940 (AKAMAI-ASN1)
23 6
6    172.247.221.109 (United States)

ASN40065 (CNSERVERS, US)
haheks.com
www.haheks.com
4    162.209.205.122 (United States)

ASN40065 (CNSERVERS, US)
162.209.205.122
9    198.16.62.21 (United States)

ASN40065 (CNSERVERS, US)
d.haheks.com
6    240e:96c:1100:5a02:3::3f6 (China)

ASN4812 (CHINANET-SH-AP China Telecom Group, CN)
i1.go2yd.com
1    23.12.144.228 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-12-144-228.deploy.static.akamaitechnologies.com
store.heytapimage.com
Apex Domain
Subdomains		 Transfer
15 haheks.com
haheks.com
www.haheks.com
d.haheks.com
83 KB
6 go2yd.com
i1.go2yd.com — Cisco Umbrella Rank: 142769
103 KB
1 heytapimage.com
store.heytapimage.com — Cisco Umbrella Rank: 53533
146 B
0 jd.com Failed
dd-static.jd.com Failed
0 360.cn Failed
s.360.cn Failed
0 baidu.com Failed
push.zhanzhang.baidu.com Failed
23 6
Domain Requested by
9 d.haheks.com 7 redirects www.haheks.com
6 i1.go2yd.com www.haheks.com
5 www.haheks.com www.haheks.com
1 store.heytapimage.com www.haheks.com
1 haheks.com 1 redirects
0 dd-static.jd.com Failed www.haheks.com
0 s.360.cn Failed www.haheks.com
0 push.zhanzhang.baidu.com Failed 162.209.205.122
23 8

This site contains links to these domains. Also see Links.

Domain
haheks.com
ft.haheks.com
Subject Issuer Validity Valid
162.209.205.122
ZeroSSL ECC Domain Secure Site CA		 2024-03-03 -
2024-06-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://www.haheks.com/
Frame ID: 33F14BC85F9BC4921EE97E2C6469BE64
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

哈赫看书网-免费小说应有尽有

Page URL History Show full URLs

  1. https://haheks.com/ HTTP 301
    http://www.haheks.com/ Page URL

Page Statistics

23
Requests

17 %
HTTPS

20 %
IPv6

6
Domains

8
Subdomains

6
IPs

2
Countries

259 kB
Transfer

462 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://haheks.com/ HTTP 301
    http://www.haheks.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • http://d.haheks.com/uptu/r/e1pi.jpg?sm HTTP 301
  • https://i1.go2yd.com/image.php?url=YD_cnt_81_01NwkyYtAeox
Request Chain 12
  • http://d.haheks.com/uptu/r/eKep.jpg?sm HTTP 301
  • https://dd-static.jd.com/ddimg/jfs/t1/117411/29/31847/21095/63c852edF8e13e047/10d93195cef703d1.jpg
Request Chain 13
  • http://d.haheks.com/uptu/q/dFsT.jpg?sm HTTP 301
  • https://i1.go2yd.com/image.php?url=YD_cnt_81_01Npsag6fqff
Request Chain 14
  • http://d.haheks.com/uptu/q/dFQK.jpg?sm HTTP 301
  • https://dd-static.jd.com/ddimg/jfs/t1/116442/25/23390/17531/627edc86E06a5705c/818e663d5be21213.jpg
Request Chain 15
  • http://d.haheks.com/uptu/s/flFP.jpg?sm HTTP 301
  • https://store.heytapimage.com/cdo-portal/feedback/202302/04/ea5bb8a00edf1c0c8b31da6fc855bd3c.jpg
Request Chain 17
  • http://d.haheks.com/uptu/r/e1pn.jpg?sm HTTP 301
  • https://dd-static.jd.com/ddimg/jfs/t1/132732/39/33637/20689/63c854a6F7a225f7c/06f817f8145caa8e.jpg
Request Chain 18
  • http://d.haheks.com/uptu/r/euXs.jpg?sm HTTP 301
  • https://i1.go2yd.com/image.php?url=YD_cnt_81_01NpaJtY34bf
Request Chain 19
  • http://d.haheks.com/uptu/r/e13A.jpg?sm HTTP 301
  • https://i1.go2yd.com/image.php?url=YD_cnt_81_01Npe4gLa3mt
Request Chain 20
  • http://d.haheks.com/uptu/s/ffL0.jpg?sm HTTP 301
  • https://i1.go2yd.com/image.php?url=YD_cnt_81_01NvcPpOlr23
Request Chain 21
  • http://d.haheks.com/uptu/q/dpsx.jpg?sm HTTP 301
  • https://i1.go2yd.com/image.php?url=YD_cnt_81_01NtKbdLh0OL

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.haheks.com/
Redirect Chain
  • https://haheks.com/
  • http://www.haheks.com/
29 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.haheks.com/
Protocol
HTTP/1.1
Server
172.247.221.109 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
gunicorn/k8 /
Resource Hash
aa9a7903dccdbe3a8ebe812b6bd25d350b6087396c7bb80c7411f420755a0589

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Mar 2024 07:49:14 GMT
Expires
Wed, 20 Mar 2024 07:53:08 GMT
Last-Modified
Wed, 20 Mar 2024 07:43:08 GMT
Server
gunicorn/k8
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 20 Mar 2024 07:49:14 GMT
location
http://www.haheks.com/
server
gunicorn/k8
_b568fb68.css
162.209.205.122/xcdn5/css/ 		100 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://162.209.205.122:45678/xcdn5/css/_b568fb68.css?308
Requested by
Host: www.haheks.com
URL: http://www.haheks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
162.209.205.122 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
cc20 /
Resource Hash
824172dea73a98ef0f9a35827e449eb43b7615f86c66beb8d9e47379b233625c

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.haheks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 07:49:12 GMT
content-encoding
gzip
last-modified
Sun, 29 Oct 2023 18:26:43 GMT
server
cc20
max-age
5184000
etag
W/"653ea3e3-18faf"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-headers
X-Requested-With
expires
Fri, 19 Apr 2024 07:49:12 GMT
_style.css
162.209.205.122/xcdn5/www1/ 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://162.209.205.122:45678/xcdn5/www1/_style.css?308
Requested by
Host: www.haheks.com
URL: http://www.haheks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
162.209.205.122 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
cc20 /
Resource Hash
5ed884438ea272bd7392909bdb982aac2a6a5d33d54a433b21144d164292f9f9

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.haheks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 07:49:12 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 11:55:16 GMT
server
cc20
max-age
5184000
etag
W/"618d04a4-7599"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-headers
X-Requested-With
expires
Fri, 19 Apr 2024 07:49:12 GMT
logo.png
www.haheks.com/img/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.haheks.com/img/logo.png
Requested by
Host: www.haheks.com
URL: http://www.haheks.com/
Protocol
HTTP/1.1
Server
172.247.221.109 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
gunicorn/k8 /
Resource Hash
b5017c58269f5ced73674975b9cac8cd3b58718ac188b9621979429523dbbc71

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.haheks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 07:49:14 GMT
Last-Modified
Mon, 18 Mar 2024 15:16:03 GMT
Server
gunicorn/k8
ETag
"65f85ab3-57d8"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22488
floadNJg4.svg
www.haheks.com/ 		1 KB
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.haheks.com/floadNJg4.svg
Requested by
Host: www.haheks.com
URL: http://www.haheks.com/
Protocol
HTTP/1.1
Server
172.247.221.109 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
gunicorn/k8 /
Resource Hash
1a1a612e1d3bd747b6619754aa93a087e2afd729ef081a849e1d106135f32dfb

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.haheks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 07:49:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Oct 2023 17:07:43 GMT
Server
gunicorn/k8
ETag
W/"653d3fdf-41b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Fri, 19 Apr 2024 07:49:14 GMT
308.v2z16v
www.haheks.com/5yntn/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.haheks.com/5yntn/308.v2z16v
Requested by
Host: www.haheks.com
URL: http://www.haheks.com/
Protocol
HTTP/1.1
Server
172.247.221.109 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
gunicorn/k8 /
Resource Hash
9f15ff8444ff305145d4a9cdee67a43f1f5a6dc7b2be1689d27ee7335f5f33b9

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.haheks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 07:49:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Mar 2024 15:44:02 GMT
Server
gunicorn/k8
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css;charset=utf-8
Cache-Control
max-age=300
Connection
keep-alive
Expires
Wed, 20 Mar 2024 07:54:14 GMT
_init.js
162.209.205.122/xcdn5/js/ 		116 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://162.209.205.122:45678/xcdn5/js/_init.js?308
Requested by
Host: www.haheks.com
URL: http://www.haheks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
162.209.205.122 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
cc20 /
Resource Hash
a0b90db9ccbff769d683042dd2f0fe2a5d3d3bc2000e47e74dd515e73794d40f

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.haheks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 07:49:12 GMT
content-encoding
gzip
last-modified
Wed, 31 Jan 2024 17:10:52 GMT
server
cc20
max-age
5184000
etag
W/"65ba7f1c-1d0d2"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-headers
X-Requested-With
expires
Fri, 19 Apr 2024 07:49:12 GMT
_common.js
162.209.205.122/xcdn5/www1/ 		11 B
308 B 		Script
General
Check archive.org
Download Go to
Full URL
https://162.209.205.122:45678/xcdn5/www1/_common.js?308
Requested by
Host: www.haheks.com
URL: http://www.haheks.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
162.209.205.122 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
cc20 /
Resource Hash
4a09b0b796ddb5eabacf6e742fd26ff5d873513dbd9a8177061b92326657eab6

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.haheks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 07:49:12 GMT
last-modified
Thu, 11 Nov 2021 11:17:32 GMT
server
cc20
max-age
5184000
etag
"618cfbcc-b"
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
content-length
11
expires
Fri, 19 Apr 2024 07:49:12 GMT
push.js
push.zhanzhang.baidu.com/ 		0
0
tj
www.haheks.com/ 		0
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.haheks.com/tj?p=Z945ynkr|1710920955|73ltzi5tpi|1|1|1|241|1600*1200|en-US&n=uv&e=_HM_ZS
Requested by
Host: www.haheks.com
URL: http://www.haheks.com/
Protocol
HTTP/1.1
Server
172.247.221.109 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
gunicorn/k8 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.haheks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 07:49:14 GMT
Content-Encoding
gzip
Server
gunicorn/k8
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html;charset=utf-8
zz.gif
s.360.cn/so/ 		0
0
image.php
i1.go2yd.com/
Redirect Chain
  • http://d.haheks.com/uptu/r/e1pi.jpg?sm
  • https://i1.go2yd.com/image.php?url=YD_cnt_81_01NwkyYtAeox
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.go2yd.com/image.php?url=YD_cnt_81_01NwkyYtAeox
Requested by
Host: www.haheks.com
URL: http://www.haheks.com/
Protocol
H2
Server
240e:96c:1100:5a02:3::3f6 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
Tengine /
Resource Hash
ade3efff33886829a8e630769e5bcb44dc4cc35a3838fbb55b92bed7da863e17

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 18:37:08 GMT
via
cache01.tzcu02, cache29.l2cn2647[0,0,200-0,H], cache31.l2cn2647[0,0], ens-vcache13.cn5923[0,12,200-0,H], ens-vcache18.cn5923[20,0]
x-tt-trace-tag
id=5
age
479529
x-swift-cachetime
859512
x-cache
HIT TCP_HIT dirn:8:48759602
x-bdcdn-cache-status
TCP_HIT
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=YD_cnt_81_01NwkyYtAeox.JPEG
x-swift-savetime
Thu, 14 Mar 2024 19:51:56 GMT
content-length
16405
x-request-id
dc7836bcb7fc743dd0b56473b94a81c4
last-modified
Thu, 14 Mar 2024 09:16:14 GMT
server
Tengine
etag
bb68b25c4fd37f6ef6549403415d3c0d
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
ali-swift-global-savetime
1710441428
x-request-ip
153.35.52.177
cache-control
max-age=2592000
access-control-allow-credentials
true
x-response-cinfo
153.35.52.177
x-response-cache
edge_hit
timing-allow-origin
*
eagleid
b4a3cf1717109209576216925e

Redirect headers

Date
Wed, 20 Mar 2024 07:49:16 GMT
Referrer-Policy
no-referrer
Server
gunicorn/cc2
Max-Age
604800
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
text/html
Location
https://i1.go2yd.com/image.php?url=YD_cnt_81_01NwkyYtAeox
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Wed, 27 Mar 2024 07:49:16 GMT
39210.jpg
d.haheks.com/normal/1545324984/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://d.haheks.com/normal/1545324984/39210.jpg?sm
Requested by
Host: www.haheks.com
URL: http://www.haheks.com/
Protocol
HTTP/1.1
Server
198.16.62.21 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
gunicorn/cc2 /
Resource Hash
d4bec9e7dd247f1dbb1e327834da4adcc187b83f9f3f024c9b437b9642dc13d0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.haheks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 07:49:16 GMT
Last-Modified
Mon, 07 Mar 2022 05:39:18 GMT
Server
gunicorn/cc2
ETag
"57/70696335392e6a7067"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20429
10d93195cef703d1.jpg
dd-static.jd.com/ddimg/jfs/t1/117411/29/31847/21095/63c852edF8e13e047/
Redirect Chain
  • http://d.haheks.com/uptu/r/eKep.jpg?sm
  • https://dd-static.jd.com/ddimg/jfs/t1/117411/29/31847/21095/63c852edF8e13e047/10d93195cef703d1.jpg
0
0
image.php
i1.go2yd.com/
Redirect Chain
  • http://d.haheks.com/uptu/q/dFsT.jpg?sm
  • https://i1.go2yd.com/image.php?url=YD_cnt_81_01Npsag6fqff
12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.go2yd.com/image.php?url=YD_cnt_81_01Npsag6fqff
Requested by
Host: www.haheks.com
URL: http://www.haheks.com/
Protocol
H2
Server
240e:96c:1100:5a02:3::3f6 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
Tengine /
Resource Hash
29b15eec8222ffe833785f3bc6ae33f5eec15af39fc60a42d5ff1bf86f1f6225

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 18:25:55 GMT
via
cache07.tzcu02, cache30.l2cn2647[0,0,200-0,H], cache18.l2cn2647[0,0], ens-vcache27.cn5923[0,0,200-0,H], ens-vcache18.cn5923[11,0]
x-tt-trace-tag
id=5
age
480202
x-swift-cachetime
863704
x-cache
HIT TCP_HIT dirn:10:108981863
x-bdcdn-cache-status
TCP_HIT
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=YD_cnt_81_01Npsag6fqff.JPEG
x-swift-savetime
Thu, 14 Mar 2024 18:30:51 GMT
content-length
11885
x-request-id
4492c61001b65984227c7a066a978ead
last-modified
Thu, 14 Mar 2024 09:07:01 GMT
server
Tengine
etag
8bd0dffd33148d2fa5f92682d9bff9b8
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
ali-swift-global-savetime
1710440755
x-request-ip
153.35.52.178
cache-control
max-age=2592000
access-control-allow-credentials
true
x-response-cinfo
153.35.52.178
x-response-cache
edge_hit
timing-allow-origin
*
eagleid
b4a3cf1717109209576176919e

Redirect headers

Date
Wed, 20 Mar 2024 07:49:16 GMT
Referrer-Policy
no-referrer
Server
gunicorn/cc2
Max-Age
604800
Transfer-Encoding
chunked
X-Cache
EXPIRED
Content-Type
text/html
Location
https://i1.go2yd.com/image.php?url=YD_cnt_81_01Npsag6fqff
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Wed, 27 Mar 2024 07:49:16 GMT
818e663d5be21213.jpg
dd-static.jd.com/ddimg/jfs/t1/116442/25/23390/17531/627edc86E06a5705c/
Redirect Chain
  • http://d.haheks.com/uptu/q/dFQK.jpg?sm
  • https://dd-static.jd.com/ddimg/jfs/t1/116442/25/23390/17531/627edc86E06a5705c/818e663d5be21213.jpg
0
0
ea5bb8a00edf1c0c8b31da6fc855bd3c.jpg
store.heytapimage.com/cdo-portal/feedback/202302/04/
Redirect Chain
  • http://d.haheks.com/uptu/s/flFP.jpg?sm
  • https://store.heytapimage.com/cdo-portal/feedback/202302/04/ea5bb8a00edf1c0c8b31da6fc855bd3c.jpg
146 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store.heytapimage.com/cdo-portal/feedback/202302/04/ea5bb8a00edf1c0c8b31da6fc855bd3c.jpg
Requested by
Host: www.haheks.com
URL: http://www.haheks.com/
Protocol
HTTP/1.1
Server
23.12.144.228 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-12-144-228.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
687e74cf14e64265e77489c5ac7c452adf20b49c0ad8f300e7018d5c31036a4b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 07:49:17 GMT
X-Backend-Host
sol:80,0467:8080
Server
nginx
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
process-request-id
17109209577770a90c5bf00008654262-40a439b9e225529310c99fc50b6622b3
X-Gateway-Host
723b2a3d3fbd0f630f26784e108382411b2420363a75c8efeae01c53b3a52bd1c2ab755ca38117c7a91df5f9e91c1d4f,3da646b69d044eeca905543f4e369f30b2afd245cc9d429a8965a43ae2a8c575ddafeac46cde321e1183b9792f73705e
X-IP-Source
2003863e2ff8e39f2691361927843bcd
Connection
keep-alive
Akamai-Mon-Iucid-Del
1604534
Access-Control-Allow-Headers
*
Content-Length
146

Redirect headers

Date
Wed, 20 Mar 2024 07:49:16 GMT
Referrer-Policy
no-referrer
Server
gunicorn/cc2
Max-Age
604800
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
text/html
Location
https://store.heytapimage.com/cdo-portal/feedback/202302/04/ea5bb8a00edf1c0c8b31da6fc855bd3c.jpg
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Wed, 27 Mar 2024 07:49:16 GMT
41290.jpg
d.haheks.com/normal/629014074/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://d.haheks.com/normal/629014074/41290.jpg?sm
Requested by
Host: www.haheks.com
URL: http://www.haheks.com/
Protocol
HTTP/1.1
Server
198.16.62.21 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
gunicorn/cc2 /
Resource Hash
eaac6643a5e81615b5782067c9d788432701f85b533afdbc36f9d5bb56aa5708

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.haheks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 07:49:16 GMT
Last-Modified
Mon, 07 Mar 2022 05:39:18 GMT
Server
gunicorn/cc2
ETag
"11/70696331332e6a7067"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21506
06f817f8145caa8e.jpg
dd-static.jd.com/ddimg/jfs/t1/132732/39/33637/20689/63c854a6F7a225f7c/
Redirect Chain
  • http://d.haheks.com/uptu/r/e1pn.jpg?sm
  • https://dd-static.jd.com/ddimg/jfs/t1/132732/39/33637/20689/63c854a6F7a225f7c/06f817f8145caa8e.jpg
0
0
image.php
i1.go2yd.com/
Redirect Chain
  • http://d.haheks.com/uptu/r/euXs.jpg?sm
  • https://i1.go2yd.com/image.php?url=YD_cnt_81_01NpaJtY34bf
34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.go2yd.com/image.php?url=YD_cnt_81_01NpaJtY34bf
Requested by
Host: www.haheks.com
URL: http://www.haheks.com/
Protocol
H2
Server
240e:96c:1100:5a02:3::3f6 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
Tengine /
Resource Hash
a4adf07f7c4b4080059c102a8aab6fd89d59bbed7179d8fc2f38cab51ab398ee

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 18:35:51 GMT
via
cache24.sxmp,cache02.jscm02, cache28.l2cn3129[0,0,200-0,H], cache55.l2cn3129[1,0], ens-vcache20.cn5923[0,0,200-0,H], ens-vcache18.cn5923[24,0]
x-tt-trace-tag
id=5
age
479606
x-swift-cachetime
795256
x-cache
HIT TCP_HIT dirn:9:157809042
x-bdcdn-cache-status
TCP_MISS,TCP_HIT
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=YD_cnt_81_01NpaJtY34bf.JPEG
x-swift-savetime
Fri, 15 Mar 2024 13:41:35 GMT
content-length
34570
x-request-id
4d2be68882fecc0d79e2f0b3b8b1c136
last-modified
Tue, 05 Mar 2024 06:44:44 GMT
server
Tengine
etag
d564ecefaa890d4968931bab59225e6a
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
ali-swift-global-savetime
1710441351
x-request-ip
223.111.107.176
cache-control
max-age=2592000
access-control-allow-credentials
true
x-response-cinfo
223.111.107.176
x-response-cache
parent_hit
timing-allow-origin
*
eagleid
b4a3cf1717109209576046893e

Redirect headers

Date
Wed, 20 Mar 2024 07:49:16 GMT
Referrer-Policy
no-referrer
Server
gunicorn/cc2
Max-Age
604800
Transfer-Encoding
chunked
X-Cache
EXPIRED
Content-Type
text/html
Location
https://i1.go2yd.com/image.php?url=YD_cnt_81_01NpaJtY34bf
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Wed, 27 Mar 2024 07:49:16 GMT
image.php
i1.go2yd.com/
Redirect Chain
  • http://d.haheks.com/uptu/r/e13A.jpg?sm
  • https://i1.go2yd.com/image.php?url=YD_cnt_81_01Npe4gLa3mt
9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.go2yd.com/image.php?url=YD_cnt_81_01Npe4gLa3mt
Requested by
Host: www.haheks.com
URL: http://www.haheks.com/
Protocol
H2
Server
240e:96c:1100:5a02:3::3f6 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
Tengine /
Resource Hash
ce2a07749863ec9577d927c0eddbea8853a3fe7328b0fed3250409eb753ba84b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 18:20:46 GMT
via
cache08.tzcu02, cache61.l2cn2647[0,0,200-0,H], cache47.l2cn2647[1,0], ens-vcache13.cn5923[0,0,200-0,H], ens-vcache18.cn5923[23,0]
x-tt-trace-tag
id=5
age
480511
x-swift-cachetime
863127
x-cache
HIT TCP_HIT dirn:8:292632637
x-bdcdn-cache-status
TCP_HIT
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=YD_cnt_81_01Npe4gLa3mt.JPEG
x-swift-savetime
Thu, 14 Mar 2024 18:35:19 GMT
content-length
9652
x-request-id
668f1b3f89f7c0b1b1e3e61c25d1aaf8
last-modified
Thu, 14 Mar 2024 09:45:11 GMT
server
Tengine
etag
00bc86d4f220ede52f17cf1b4eba0c5f
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
ali-swift-global-savetime
1710440446
x-request-ip
153.35.52.209
cache-control
max-age=2592000
access-control-allow-credentials
true
x-response-cinfo
153.35.52.209
x-response-cache
edge_hit
timing-allow-origin
*
eagleid
b4a3cf1717109209575996884e

Redirect headers

Date
Wed, 20 Mar 2024 07:49:16 GMT
Referrer-Policy
no-referrer
Server
gunicorn/cc2
Max-Age
604800
Transfer-Encoding
chunked
X-Cache
EXPIRED
Content-Type
text/html
Location
https://i1.go2yd.com/image.php?url=YD_cnt_81_01Npe4gLa3mt
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Wed, 27 Mar 2024 07:49:16 GMT
image.php
i1.go2yd.com/
Redirect Chain
  • http://d.haheks.com/uptu/s/ffL0.jpg?sm
  • https://i1.go2yd.com/image.php?url=YD_cnt_81_01NvcPpOlr23
18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.go2yd.com/image.php?url=YD_cnt_81_01NvcPpOlr23
Requested by
Host: www.haheks.com
URL: http://www.haheks.com/
Protocol
H2
Server
240e:96c:1100:5a02:3::3f6 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
Tengine /
Resource Hash
9bd2c079043c99d7a964918bdd385e46ed3ee1b09547c9ceaa0d0eb1c08111f8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 18:30:57 GMT
via
cache88.sxmp,cache03.tzcu02, cache53.l2cn2647[0,0,200-0,H], cache2.l2cn2647[1,0], ens-vcache5.cn5923[0,0,200-0,H], ens-vcache18.cn5923[14,0]
x-tt-trace-tag
id=5
age
479900
x-swift-cachetime
849786
x-cache
HIT TCP_HIT dirn:10:197498913
x-bdcdn-cache-status
TCP_MISS,TCP_HIT
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=YD_cnt_81_01NvcPpOlr23.JPEG
x-swift-savetime
Thu, 14 Mar 2024 22:27:51 GMT
content-length
18444
x-request-id
152fd51c72bc188a341677f6cb9cc4fb
last-modified
Tue, 05 Mar 2024 08:43:20 GMT
server
Tengine
etag
c3981c6f97150b26d57b342298085fea
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
ali-swift-global-savetime
1710441057
x-request-ip
153.35.52.201
cache-control
max-age=2592000
access-control-allow-credentials
true
x-response-cinfo
153.35.52.201
x-response-cache
parent_hit
timing-allow-origin
*
eagleid
b4a3cf1717109209576086899e

Redirect headers

Date
Wed, 20 Mar 2024 07:49:16 GMT
Referrer-Policy
no-referrer
Server
gunicorn/cc2
Max-Age
604800
Transfer-Encoding
chunked
X-Cache
EXPIRED
Content-Type
text/html
Location
https://i1.go2yd.com/image.php?url=YD_cnt_81_01NvcPpOlr23
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Wed, 27 Mar 2024 07:49:16 GMT
image.php
i1.go2yd.com/
Redirect Chain
  • http://d.haheks.com/uptu/q/dpsx.jpg?sm
  • https://i1.go2yd.com/image.php?url=YD_cnt_81_01NtKbdLh0OL
11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.go2yd.com/image.php?url=YD_cnt_81_01NtKbdLh0OL
Requested by
Host: www.haheks.com
URL: http://www.haheks.com/
Protocol
H2
Server
240e:96c:1100:5a02:3::3f6 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2dc11b9a361875783a43e880224002693cdcc0d246f18080c8795ea230d845aa

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 21:56:30 GMT
via
cache02.tzcu02, cache73.l2cn2647[0,0,200-0,H], cache41.l2cn2647[1,0], ens-vcache14.cn5923[0,0,200-0,H], ens-vcache18.cn5923[10,0]
x-tt-trace-tag
id=5
age
467567
x-swift-cachetime
858623
x-cache
HIT TCP_HIT dirn:10:252565540
x-bdcdn-cache-status
TCP_HIT
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename=YD_cnt_81_01NtKbdLh0OL.JPEG
x-swift-savetime
Thu, 14 Mar 2024 23:26:07 GMT
content-length
11740
x-request-id
24706770f0d92e44c4673e5ef2d57a54
last-modified
Tue, 05 Mar 2024 12:01:38 GMT
server
Tengine
etag
e2c46ef3bb0cc9302469e3027a8abf4a
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
ali-swift-global-savetime
1710453390
x-request-ip
153.35.52.221
cache-control
max-age=2592000
access-control-allow-credentials
true
x-response-cinfo
153.35.52.221
x-response-cache
edge_hit
timing-allow-origin
*
eagleid
b4a3cf1717109209576126909e

Redirect headers

Date
Wed, 20 Mar 2024 07:49:16 GMT
Referrer-Policy
no-referrer
Server
gunicorn/cc2
Max-Age
604800
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
text/html
Location
https://i1.go2yd.com/image.php?url=YD_cnt_81_01NtKbdLh0OL
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Wed, 27 Mar 2024 07:49:16 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8637ee2f3a2a3d05ee0b65788308bc6599af8a9344ee52989057e0d8627b5782

Request headers

accept-language
en-US,en;q=0.9
Referer
http://www.haheks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
push.zhanzhang.baidu.com
URL
http://push.zhanzhang.baidu.com/push.js
Domain
s.360.cn
URL
http://s.360.cn/so/zz.gif?url=http%3A%2F%2Fwww.haheks.com%2F&sid=8a904f2a7da3c36a487e4503e959094f&token=8/am9o0c4.fs2kae7hdaah3.cw3w6wa/
Domain
dd-static.jd.com
URL
https://dd-static.jd.com/ddimg/jfs/t1/117411/29/31847/21095/63c852edF8e13e047/10d93195cef703d1.jpg
Domain
dd-static.jd.com
URL
https://dd-static.jd.com/ddimg/jfs/t1/116442/25/23390/17531/627edc86E06a5705c/818e663d5be21213.jpg
Domain
dd-static.jd.com
URL
https://dd-static.jd.com/ddimg/jfs/t1/132732/39/33637/20689/63c854a6F7a225f7c/06f817f8145caa8e.jpg

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| CAD object| xCoverList string| CDNV string| MOD string| TWMO string| FORM_HASH string| DOMA string| TJ string| ADN string| APP_NAME string| DIR string| TWPC string| TJN string| COOKIE_PRE string| CDN function| xCover object| INIT_EVENT string| CLIENTIP function| reloadcode function| login_check function| register_check function| addbookcase function| delbookcase boolean| isIOS boolean| isAndroid function| vkyfublh object| adObj boolean| isiOS function| _N1_ZS function| _N1_DJ function| _N2_ZS function| _N2_DJ function| _N3_ZS function| _N3_DJ function| _YY_ZS function| _YY_DJ function| _PC_ZS function| _HM_ZS object| CB string| A1_ function| z20000 string| A2_ function| z30001 function| sTimeout function| sInterval object| _TJEX function| unicodeEncode function| a0_0x521d function| a0_0x27c130 function| a0_0x51ad function| a0_0x34b0 function| a0_0xa6ab91 function| a0_0x4e88 function| a0_0x2abc function| a0_0x1b06 function| a0_0x1602 function| a0_0x1519 function| Zepto function| $ function| taskPool function| PathRouterSupport function| PathRouter function| post function| get object| setting object| API function| _alert function| showMask function| hideMask function| dialog function| toast object| lastLoadMoreElement object| GeoPattern function| Swipe function| ClipboardJS function| storage function| jQuery object| dd object| timing function| twLoader function| mzTpl function| imgError function| DIRURL function| formSubmit function| tj function| ajaxDialog function| loadSubPage number| _zid function| __lazyLoad function| initBannerBg function| shelfDel function| txtPassCallback number| CDNT

2 Cookies

Domain/Path Name / Value
www.haheks.com/ Name: 5ynkr_t
Value: 27
www.haheks.com/ Name: 5ynkr_cdn
Value: https%3A%2F%2F162.209.205.122%3A45678%2Fxcdn5%2F

1 Console Messages

Source Level URL
Text
network error URL: https://store.heytapimage.com/cdo-portal/feedback/202302/04/ea5bb8a00edf1c0c8b31da6fc855bd3c.jpg
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d.haheks.com
dd-static.jd.com
haheks.com
i1.go2yd.com
push.zhanzhang.baidu.com
s.360.cn
store.heytapimage.com
www.haheks.com
dd-static.jd.com
push.zhanzhang.baidu.com
s.360.cn
162.209.205.122
172.247.221.109
198.16.62.21
23.12.144.228
240e:96c:1100:5a02:3::3f6
1a1a612e1d3bd747b6619754aa93a087e2afd729ef081a849e1d106135f32dfb
29b15eec8222ffe833785f3bc6ae33f5eec15af39fc60a42d5ff1bf86f1f6225
2dc11b9a361875783a43e880224002693cdcc0d246f18080c8795ea230d845aa
4a09b0b796ddb5eabacf6e742fd26ff5d873513dbd9a8177061b92326657eab6
5ed884438ea272bd7392909bdb982aac2a6a5d33d54a433b21144d164292f9f9
687e74cf14e64265e77489c5ac7c452adf20b49c0ad8f300e7018d5c31036a4b
824172dea73a98ef0f9a35827e449eb43b7615f86c66beb8d9e47379b233625c
8637ee2f3a2a3d05ee0b65788308bc6599af8a9344ee52989057e0d8627b5782
9bd2c079043c99d7a964918bdd385e46ed3ee1b09547c9ceaa0d0eb1c08111f8
9f15ff8444ff305145d4a9cdee67a43f1f5a6dc7b2be1689d27ee7335f5f33b9
a0b90db9ccbff769d683042dd2f0fe2a5d3d3bc2000e47e74dd515e73794d40f
a4adf07f7c4b4080059c102a8aab6fd89d59bbed7179d8fc2f38cab51ab398ee
aa9a7903dccdbe3a8ebe812b6bd25d350b6087396c7bb80c7411f420755a0589
ade3efff33886829a8e630769e5bcb44dc4cc35a3838fbb55b92bed7da863e17
b5017c58269f5ced73674975b9cac8cd3b58718ac188b9621979429523dbbc71
ce2a07749863ec9577d927c0eddbea8853a3fe7328b0fed3250409eb753ba84b
d4bec9e7dd247f1dbb1e327834da4adcc187b83f9f3f024c9b437b9642dc13d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaac6643a5e81615b5782067c9d788432701f85b533afdbc36f9d5bb56aa5708