wheav.com Open in urlscan Pro
47.94.219.43  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response wheav.com/	4 KB 4 KB	1592ms 211ms	Document text/html	47.94.219.43 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://wheav.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 47.94.219.43 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash 45cdd22f5e059c29202964da7b9f14a1359fa889af7b475062c6e871e9fd1789 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes content-length 3714 content-type text/html date Tue, 02 Jul 2024 06:53:26 GMT etag "66189a31-e82" last-modified Fri, 12 Apr 2024 02:19:29 GMT server nginx
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	29 KB 12 KB	879ms 362ms	Script application/javascript	14.215.182.140 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?9ab3e872fe728917df2a412dd6ccb4bb Requested by Host: wheav.com URL: https://wheav.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software apache / Resource Hash c0918d4e9c3684bd5cde23ba0ba3e600eb15c523489874a99d586183ef84c796 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wheav.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 02 Jul 2024 06:53:28 GMT Content-Encoding gzip Strict-Transport-Security max-age=172800 Server apache Etag 140880cfad4c05ccaaa68ede9a605be8 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Content-Type application/javascript Cache-Control max-age=0, must-revalidate Content-Length 11257
GET H2	200	i.js Show response qzs.gdtimg.com/union/res/union_sdk/page/h5_sdk/	74 KB 23 KB	3965ms 291ms	Script application/javascript	2408:8630:2090:8:68::46
General Check archive.org Show headers Download Go to Full URL https://qzs.gdtimg.com/union/res/union_sdk/page/h5_sdk/i.js Requested by Host: wheav.com URL: https://wheav.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2408:8630:2090:8:68::46 -, , ASN (), Reverse DNS Software tencent-cos / Resource Hash 5ad90860e9014fdd767bf96c4c8bf8a3bf3a894fbc31b804b430f5431c0ed0cd Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wheav.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 09 Jun 2024 22:54:12 GMT content-encoding gzip x-cos-hash-crc64ecma 3271039733592553945 last-modified Tue, 19 Mar 2024 09:05:18 GMT server tencent-cos x-cache-lookup Cache Hit etag "e253c3fbf73464233f55ec7ec1f0e8e0" content-type application/javascript x-cos-request-id NjY2NjMyOTRfMTVmMDQyMWVfN2NhY18zMWI2M2Q1 x-cos-version-id MTg0NDUwMzMyMzQ1OTExNTQyOTA x-nws-log-uuid 3744118578496199918 accept-ranges bytes content-length 22966
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	463ms 364ms	Image image/gif	14.215.182.140 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=1557925285&si=9ab3e872fe728917df2a412dd6ccb4bb&v=1.3.0&lv=1&sn=2668&r=0&ww=1600&u=https%3A%2F%2Fwheav.com%2F&tt=%E4%B8%87%E5%92%8C%E5%95%86%E8%B4%B8%E8%B5%84%E8%AE%AF%20-%20%E9%A6%96%E9%A1%B5 Requested by Host: wheav.com URL: https://wheav.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wheav.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Tue, 02 Jul 2024 06:53:28 GMT Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Server apache Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43
GET H2	200	finger.js Show response qzonestyle.gtimg.cn/qzone/biz/res/tmpl/js/	34 KB 10 KB	2979ms 211ms	Script application/x-javascript	203.205.136.80
General Check archive.org Show headers Download Go to Full URL https://qzonestyle.gtimg.cn/qzone/biz/res/tmpl/js/finger.js Requested by Host: qzs.gdtimg.com URL: https://qzs.gdtimg.com/union/res/union_sdk/page/h5_sdk/i.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 203.205.136.80 -, , ASN (), Reverse DNS Software Lego Server / Resource Hash f5e54764f48a7a1fbf78627b904daedf4d22a299960408f09410642a7dffc911 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wheav.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-datasrc 9 date Tue, 02 Jul 2024 06:53:34 GMT content-encoding gzip x-cache-lookup Cache Hit x-real-ip 80.255.7.120 alt-svc quic=":443";ma=86400;v="39,38,37,36,35" content-length 10244 x-client-ip 80.255.7.120 x-reqgue 0 last-modified Thu, 13 Oct 2022 11:37:38 GMT server Lego Server vary Origin,Accept content-type application/x-javascript access-control-expose-headers x-client-proto-ver, X-Client-Ip, X-Server-Ip, X-Upstream-IP x-server-ip 203.205.136.80_eth0 x-nws-log-uuid 2179839124831276857 accept-ranges bytes x-upstream-ip $upstream_server
GET DATA	200 OK	truncated /	52 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cd7059bd5c8e99398ab4805b8e62c7acb64075dd921b65b9377ffe84a26c2e04 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	qbs.js Show response qzs.gdtimg.com/union/res/union_sdk/page/qbs/	5 KB 3 KB	524ms 284ms	Script application/javascript	2408:8630:2090:8:68::46
General Check archive.org Show headers Download Go to Full URL https://qzs.gdtimg.com/union/res/union_sdk/page/qbs/qbs.js Requested by Host: qzs.gdtimg.com URL: https://qzs.gdtimg.com/union/res/union_sdk/page/h5_sdk/i.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2408:8630:2090:8:68::46 -, , ASN (), Reverse DNS Software tencent-cos / Resource Hash adc445fd7c3c17e31bdd23260b9324c441daffbee0e75e694a717f9dfe815915 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wheav.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 11:03:22 GMT content-encoding gzip x-cos-hash-crc64ecma 12808943546812791501 last-modified Tue, 19 Mar 2024 09:05:18 GMT server tencent-cos x-cache-lookup Cache Hit etag "e497eb0ebc19236963c308814564818a" content-type application/javascript x-cos-request-id NjY2MmU4ZmFfZDIyZjJjMGJfZGEwNV8xZjA5Yjdk x-cos-version-id MTg0NDUwMzMyMzQ1OTEwNjk3MjY x-nws-log-uuid 12988302260135977844 accept-ranges bytes content-length 2292
GET H2	200	qbscomm.20150907.js Show response qzs.gdtimg.com/union/res/union_cdn/page/qbs/	22 KB 7 KB	354ms 304ms	Script application/javascript	2408:8630:2090:8:68::46
General Check archive.org Show headers Download Go to Full URL https://qzs.gdtimg.com/union/res/union_cdn/page/qbs/qbscomm.20150907.js Requested by Host: qzs.gdtimg.com URL: https://qzs.gdtimg.com/union/res/union_sdk/page/qbs/qbs.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2408:8630:2090:8:68::46 -, , ASN (), Reverse DNS Software tencent-cos / Resource Hash d8b4c69527b80b700fd2c4061bd3a6cbb97cfc24796ef8b36214bd31334b075d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wheav.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 06:34:32 GMT content-encoding gzip x-cos-hash-crc64ecma 4161575714082619615 last-modified Mon, 04 Sep 2023 03:02:00 GMT server tencent-cos x-cache-lookup Cache Hit etag "7d5277c0037b55549d1bf4cefd64f784" content-type application/javascript x-cos-request-id NjY2OTQxNzhfOTI4ZDFiMDlfMWZkZTRfMjRkN2RjZQ== x-cos-version-id MTg0NDUwNTAyNzcxODkzOTM1MDY x-nws-log-uuid 2763203400625006094 accept-ranges bytes content-length 6493
GET H2	200	gdtlib.20181219.js Show response qzs.gdtimg.com/union/res/union_cdn/page/qbs/	60 KB 16 KB	352ms 302ms	Script application/javascript	2408:8630:2090:8:68::46
General Check archive.org Show headers Download Go to Full URL https://qzs.gdtimg.com/union/res/union_cdn/page/qbs/gdtlib.20181219.js Requested by Host: qzs.gdtimg.com URL: https://qzs.gdtimg.com/union/res/union_sdk/page/qbs/qbs.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2408:8630:2090:8:68::46 -, , ASN (), Reverse DNS Software tencent-cos / Resource Hash 8e268ba72e08973a757cd28cdc4eb5aba8e125292306e31772f5887009a93955 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wheav.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 12 Jun 2024 23:35:29 GMT content-encoding gzip x-cos-hash-crc64ecma 12141877157093841336 last-modified Mon, 04 Sep 2023 03:02:00 GMT server tencent-cos x-cache-lookup Cache Hit etag "0c3167ac8156a07803090fb7a4d3a361" content-type application/javascript x-cos-request-id NjY2YTMwYzFfNTBjYzBlMWVfNGYzMF8xZThhMWQ5 x-cos-version-id MTg0NDUwNTAyNzcxODk0MzI0NjI x-nws-log-uuid 13222368371601557137 accept-ranges bytes content-length 16161
GET H2	200	ver.20170622.js Show response qzonestyle.gtimg.cn/qzone/biz/ac/comm/	3 KB 1 KB	2447ms 210ms	Script application/x-javascript	203.205.136.80
General Check archive.org Show headers Download Go to Full URL https://qzonestyle.gtimg.cn/qzone/biz/ac/comm/ver.20170622.js Requested by Host: qzs.gdtimg.com URL: https://qzs.gdtimg.com/union/res/union_sdk/page/qbs/qbs.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 203.205.136.80 -, , ASN (), Reverse DNS Software Lego Server / Resource Hash 362dbc0dae1059a97ba0caad96efe511eafbf13ba74e190d05df5d504125edd1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wheav.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-datasrc 9 date Tue, 02 Jul 2024 06:53:34 GMT content-encoding gzip x-cache-lookup Cache Hit x-real-ip 80.255.7.120 age 1025681 alt-svc quic=":443";ma=86400;v="39,38,37,36,35" content-length 572 x-client-ip 80.255.7.120 x-reqgue 0 last-modified Mon, 17 Oct 2022 17:04:04 GMT server Lego Server vary Origin,Accept content-type application/x-javascript access-control-expose-headers x-client-proto-ver, X-Client-Ip, X-Server-Ip, X-Upstream-IP cache-control max-age=31104000 x-server-ip 203.205.136.80_eth0 x-nws-log-uuid 17441892897960673997 accept-ranges bytes x-upstream-ip $upstream_server
GET H/1.1	200 OK	stgw_precon.html i.gdt.qq.com/	0 196 B	1854ms 451ms	Image text/html	43.152.44.86
General Check archive.org Show headers Download Go to Show image Full URL https://i.gdt.qq.com/stgw_precon.html Requested by Host: wheav.com URL: https://wheav.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.152.44.86 -, , ASN (), Reverse DNS Software stgw / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wheav.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 02 Jul 2024 06:53:33 GMT EO-LOG-UUID 16346589942193028263 Server stgw Connection keep-alive EO-Cache-Status MISS Content-Length 0 Content-Type text/html
GET H2	200	stgw_precon.html v.gdt.qq.com/	0 97 B	1911ms 350ms	Image text/html	240d:c010:64:a::2c
General Check archive.org Show headers Download Go to Show image Full URL https://v.gdt.qq.com/stgw_precon.html Requested by Host: wheav.com URL: https://wheav.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 240d:c010:64:a::2c -, , ASN (), Reverse DNS Software stgw / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wheav.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 06:53:33 GMT eo-log-uuid 15070732508870315504 server stgw eo-cache-status MISS content-length 0 content-type text/html
GET H/1.1	200 OK	0 pgdt.gtimg.cn/gdt/0/precon.png/	137 B 665 B	1650ms 105ms	Image image/png	101.33.11.246
General Check archive.org Show headers Download Go to Show image Full URL https://pgdt.gtimg.cn/gdt/0/precon.png/0?_=0.31890871130000886 Requested by Host: wheav.com URL: https://wheav.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 101.33.11.246 -, , ASN (), Reverse DNS Software NWSs / Resource Hash ad22c691212fc83d20dee3f8004c429d6b65f7209cf5847343de36114a662e53 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wheav.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers X-DataSrc 2 Date Mon, 24 Jun 2024 10:17:04 GMT X-Cache-Lookup Cache Hit Size 137 Connection keep-alive Content-Length 137 X-Info real data X-ReqGue 0 User-ReturnCode 0 fid 0 Last-Modified Thu, 23 Jun 2016 17:46:44 GMT Server NWSs X-Cpt filename=0 Vary Accept,Origin Content-Type image/png X-Delay 6071 us Access-control-allow-origin * chid 0 Cache-Control max-age=31536000 X-BCheck 0_1 X-NWS-LOG-UUID 1641251227010681516 Accept-Ranges bytes Timing-Allow-Origin *
GET H2	200	gdt_mview.fcg Show response mi.gdt.qq.com/	155 B 420 B	1645ms 290ms	XHR application/x-javascript	2408:80f1:21:3000::a3
General Check archive.org Show headers Download Go to Full URL https://mi.gdt.qq.com/gdt_mview.fcg?adposcount=1&posid=1009021365363698&count=1&sdata=[object%20Object]&support_https=1&appid=1206881071&s=%7B%22rwd%22%3A%220%22%2C%22rt%22%3A%221%22%2C%22vp%22%3A%222%22%2C%22fp%22%3A%22other%22%2C%22fpid%22%3A%22-999%22%2C%22uc%22%3A%220%22%2C%22pw%22%3A%221600%22%2C%22ph%22%3A%221200%22%2C%22dp%22%3A%221%22%2C%22bt%22%3A%22-1%22%2C%22net%22%3A%224%22%2C%22lan%22%3A%22de-DE%22%2C%22mt%22%3A%224095%22%2C%22mu%22%3A%222%22%2C%22fb%22%3A%2211%22%2C%22hislen%22%3A%222%22%2C%22fls%22%3A%22262139%22%7D&ext=%7B%22req%22%3A%7B%22c_w%22%3A1600%2C%22c_h%22%3A1200%2C%22c_os%22%3A%22%22%2C%22c_hl%22%3A%22de-DE%22%2C%22url%22%3A%22https%3A%2F%2Fwheav.com%2F%22%2C%22sdk_src%22%3A%22mobile_union_js%22%2C%22tmpallpt%22%3Atrue%2C%22click_ext%22%3A%22%22%2C%22aid%22%3Anull%2C%22nomatch%22%3Anull%2C%22webp%22%3A%221%22%2C%22appid%22%3A%221206881071%22%2C%22rst%22%3A%221600*1200%22%7D%2C%22pos%22%3A%7B%220%22%3A%7B%7D%7D%7D&qz_caller=qzfl_jg&_r=494472&charset=utf8&datafmt=jsonp&g_tk=5381 Requested by Host: qzs.gdtimg.com URL: https://qzs.gdtimg.com/union/res/union_cdn/page/qbs/qbscomm.20150907.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2408:80f1:21:3000::a3 -, , ASN (), Reverse DNS Software nginx / Resource Hash 2a344c08ac9fc76045b4609d0d4b16a6ea669db1ef26017896aaf9332f5ef1d3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wheav.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 06:53:36 GMT content-encoding gzip server nginx p3p CP=NOI NID NOR content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://wheav.com cache-control private, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true content-length 147 expires Thu, 01 Dec 1994 16:00:00 GMT
GET H2	200	stat_ff8856c.js Show response qzonestyle.gtimg.cn/qzone/biz/gdt/display/modules/mod/	6 KB 3 KB	224ms 207ms	Script application/x-javascript	203.205.136.80
General Check archive.org Show headers Download Go to Full URL https://qzonestyle.gtimg.cn/qzone/biz/gdt/display/modules/mod/stat_ff8856c.js?max_age=31536000 Requested by Host: qzs.gdtimg.com URL: https://qzs.gdtimg.com/union/res/union_cdn/page/qbs/gdtlib.20181219.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 203.205.136.80 -, , ASN (), Reverse DNS Software Lego Server / Resource Hash ad78b6f1a5c75ca810c17111e613b1c2c01e57094b06e7b5eb55b2654b5bd0c3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wheav.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 06:53:34 GMT content-encoding gzip x-cache-lookup Cache Hit x-real-ip 80.255.7.120 age 3630 alt-svc quic=":443";ma=86400;v="39,38,37,36,35" content-length 2614 x-client-ip 80.255.7.120 last-modified Sun, 10 Jul 2022 04:35:14 GMT server Lego Server etag "d1cac538aee73ba3bb103df3e6b46db4" vary Origin,Accept content-type application/x-javascript access-control-expose-headers x-client-proto-ver, X-Client-Ip, X-Server-Ip, X-Upstream-IP cache-control max-age=31536000 x-server-ip 203.205.136.80_eth0 x-nws-log-uuid 2854998480106988365 accept-ranges bytes x-upstream-ip $upstream_server
GET H2	200	asynload_a051ecb.js Show response qzonestyle.gtimg.cn/qzone/biz/gdt/display/modules/mod/	2 KB 963 B	291ms 291ms	Script application/x-javascript	203.205.136.80
General Check archive.org Show headers Download Go to Full URL https://qzonestyle.gtimg.cn/qzone/biz/gdt/display/modules/mod/asynload_a051ecb.js?max_age=31536000 Requested by Host: qzs.gdtimg.com URL: https://qzs.gdtimg.com/union/res/union_cdn/page/qbs/gdtlib.20181219.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 203.205.136.80 -, , ASN (), Reverse DNS Software Lego Server / Resource Hash 11af15ff9de1a607534985e4f053d5a709ba4c4d0dae67cd7fce24c11eda660a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wheav.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 06:53:34 GMT content-encoding gzip x-cache-lookup Cache Hit x-real-ip 80.255.7.120 age 929473 alt-svc quic=":443";ma=86400;v="39,38,37,36,35" content-length 772 x-client-ip 80.255.7.120 last-modified Fri, 05 Aug 2022 13:42:44 GMT server Lego Server etag "f5764b55ecde92d5dbd3ebecf8eb1721" vary Origin,Accept content-type application/x-javascript access-control-expose-headers x-client-proto-ver, X-Client-Ip, X-Server-Ip, X-Upstream-IP cache-control max-age=31536000 x-server-ip 203.205.136.80_eth0 x-nws-log-uuid 6389383714538960423 accept-ranges bytes x-upstream-ip $upstream_server
GET H2	404	favicon.ico wheav.com/	548 B 611 B	216ms 204ms	Other text/html	47.94.219.43 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://wheav.com/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 47.94.219.43 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx / Resource Hash d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wheav.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 06:53:35 GMT server nginx content-length 548 content-type text/html
GET H2	200	beacon_release_s.js Show response 3gimg.qq.com/mig_op/beacon/js/v113/	19 KB 7 KB	2891ms 228ms	Script application/javascript	113.194.51.61
General Check archive.org Show headers Download Go to Full URL https://3gimg.qq.com/mig_op/beacon/js/v113/beacon_release_s.js?appkey=JS05KY1G393HQI&vc=22.0726.1727 Requested by Host: qzs.gdtimg.com URL: https://qzs.gdtimg.com/union/res/union_sdk/page/h5_sdk/i.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 113.194.51.61 -, , ASN (), Reverse DNS Software TencentCOS / Resource Hash 4f6760b019b6d68d4d1375c454d77f8aa84d0c01dbae6d699e4e10c0161b1676 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wheav.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 10:36:25 GMT content-encoding gzip x-cos-object-type normal x-cache-lookup Cache Hit x-cos-storage-class STANDARD_IA content-length 7097 x-cos-hash-crc64ecma 11351787699286511572 last-modified Tue, 15 Mar 2022 21:25:00 GMT server TencentCOS etag "cba48dabdfe8fb151a7a781455a5e22d87cb78fa" access-control-allow-methods * content-type application/javascript access-control-allow-origin * access-control-allow-credentials true x-nws-log-uuid 16839204796783765212 accept-ranges bytes ip 11.142.45.77 access-control-allow-headers *
POST		upload otheve.beacon.qq.com/analytics/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

otheve.beacon.qq.com

URL

https://otheve.beacon.qq.com/analytics/upload?tp=js

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| _hmt string| __encode object| _a object| _0xb483 object| __Ox113793 object| TencentGDT boolean| _bdhm_loaded_9ab3e872fe728917df2a412dd6ccb4bb object| mini_tangram_log_kmp3e2

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hm.baidu.com/	1970-01-21 07:21:03	Name: HMACCOUNT_BFESS Value: A6A64A2B6E1448C5
			.wheav.com/	1970-01-21 06:30:39	Name: Hm_lvt_9ab3e872fe728917df2a412dd6ccb4bb Value: 1719903208
			.wheav.com/	1969-12-31 23:59:59	Name: Hm_lpvt_9ab3e872fe728917df2a412dd6ccb4bb Value: 1719903208

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://wheav.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3gimg.qq.com
hm.baidu.com
i.gdt.qq.com
mi.gdt.qq.com
otheve.beacon.qq.com
pgdt.gtimg.cn
qzonestyle.gtimg.cn
qzs.gdtimg.com
v.gdt.qq.com
wheav.com
otheve.beacon.qq.com
101.33.11.246
113.194.51.61
14.215.182.140
203.205.136.80
2408:80f1:21:3000::a3
2408:8630:2090:8:68::46
240d:c010:64:a::2c
43.152.44.86
47.94.219.43
11af15ff9de1a607534985e4f053d5a709ba4c4d0dae67cd7fce24c11eda660a
2a344c08ac9fc76045b4609d0d4b16a6ea669db1ef26017896aaf9332f5ef1d3
362dbc0dae1059a97ba0caad96efe511eafbf13ba74e190d05df5d504125edd1
45cdd22f5e059c29202964da7b9f14a1359fa889af7b475062c6e871e9fd1789
4f6760b019b6d68d4d1375c454d77f8aa84d0c01dbae6d699e4e10c0161b1676
5ad90860e9014fdd767bf96c4c8bf8a3bf3a894fbc31b804b430f5431c0ed0cd
8e268ba72e08973a757cd28cdc4eb5aba8e125292306e31772f5887009a93955
ad22c691212fc83d20dee3f8004c429d6b65f7209cf5847343de36114a662e53
ad78b6f1a5c75ca810c17111e613b1c2c01e57094b06e7b5eb55b2654b5bd0c3
adc445fd7c3c17e31bdd23260b9324c441daffbee0e75e694a717f9dfe815915
c0918d4e9c3684bd5cde23ba0ba3e600eb15c523489874a99d586183ef84c796
cd7059bd5c8e99398ab4805b8e62c7acb64075dd921b65b9377ffe84a26c2e04
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d8b4c69527b80b700fd2c4061bd3a6cbb97cfc24796ef8b36214bd31334b075d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5e54764f48a7a1fbf78627b904daedf4d22a299960408f09410642a7dffc911