Submitted URL: http://defiantist.com/
Effective URL: https://14290.xyz/
Submission Tags: shiny c290acadafe6362a fc6b18fd85158e2b mspecial Search All
Submission: On August 30 via api from JP — Scanned from JP

Summary

This website contacted 8 IPs in 2 countries across 10 domains to perform 28 HTTP transactions. The main IP is 155.159.199.39, located in Chicago, United States and belongs to CLAYERLIMITED-AS-AP Clayer Limited, HK. The main domain is 14290.xyz.
TLS certificate: Issued by R3 on August 28th 2022. Valid for: 3 months.
This is the only time 14290.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 155.159.219.214 137951 (CLAYERLIM...)
4 103.235.46.191 55967 (BAIDU Bei...)
10 155.159.199.39 137951 (CLAYERLIM...)
1 162.218.29.118 62587 (ANT-CLOUD)
1 162.214.234.147 46606 (UNIFIEDLA...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
28 8
Apex Domain
Subdomains
Transfer
10 14290.xyz
14290.xyz
133 KB
4 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8572
12 KB
3 defiantist.com
defiantist.com
2 KB
2 101927.com
101927.com
535 KB
2 101917.com
101917.com
280 KB
1 5752333.com
5752333.com
1 055999c.com
www.055999c.com
0 5975678.com Failed
5975678.com Failed
0 9394222.com Failed
www.9394222.com Failed
0 588bm.com Failed
www.588bm.com Failed
28 10
Domain Requested by
10 14290.xyz defiantist.com
14290.xyz
4 hm.baidu.com defiantist.com
14290.xyz
3 defiantist.com defiantist.com
2 101927.com 14290.xyz
2 101917.com 14290.xyz
1 5752333.com 14290.xyz
1 www.055999c.com 14290.xyz
0 5975678.com Failed 14290.xyz
0 www.9394222.com Failed 14290.xyz
0 www.588bm.com Failed 14290.xyz
28 10

This site contains links to these domains. Also see Links.

Domain
lh456.cc
Subject Issuer Validity Valid
baidu.com
GlobalSign RSA OV SSL CA 2018
2022-07-05 -
2023-08-06
a year crt.sh
79848.xyz
R3
2022-08-28 -
2022-11-26
3 months crt.sh
055999.com
Certum Domain Validation CA SHA2
2022-04-02 -
2023-04-02
a year crt.sh
5752333.com
R3
2022-08-17 -
2022-11-15
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-03-30 -
2023-03-30
a year crt.sh
*.101927.com
E1
2022-08-15 -
2022-11-13
3 months crt.sh

This page contains 2 frames:

Primary Page: https://14290.xyz/
Frame ID: 90610ABBE8DE4006096DBD605433D25B
Requests: 24 HTTP requests in this frame

Frame: https://14290.xyz/info.html
Frame ID: 8B840A69CC750D984DDE864C732B0FE9
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

安全访问

Page URL History Show full URLs

  1. http://defiantist.com/ Page URL
  2. https://14290.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

71 %
HTTPS

29 %
IPv6

10
Domains

10
Subdomains

8
IPs

2
Countries

962 kB
Transfer

1565 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://defiantist.com/ Page URL
  2. https://14290.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
defiantist.com/
5 KB
1 KB
Document
General
Full URL
http://defiantist.com/
Protocol
HTTP/1.1
Server
155.159.219.214 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
2a53a10c8a1f200b96f7e4432003976f4230619e9b2279efc8ce3950d530c9b3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
jp-JP,jp;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 30 Aug 2022 18:17:39 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
shouye.css
defiantist.com/css/
0
0
Stylesheet
General
Full URL
http://defiantist.com/css/shouye.css
Requested by
Host: defiantist.com
URL: http://defiantist.com/
Protocol
HTTP/1.1
Server
155.159.219.214 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://defiantist.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 30 Aug 2022 18:17:39 GMT
Server
nginx
Connection
keep-alive
Content-Length
146
Content-Type
text/html
dawei.js
defiantist.com/
1 KB
998 B
Script
General
Full URL
http://defiantist.com/dawei.js
Requested by
Host: defiantist.com
URL: http://defiantist.com/
Protocol
HTTP/1.1
Server
155.159.219.214 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://defiantist.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 30 Aug 2022 18:17:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 26 Aug 2022 16:43:37 GMT
Server
nginx
ETag
W/"6308f839-563"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 31 Aug 2022 06:17:39 GMT
hm.js
hm.baidu.com/
30 KB
0
Script
General
Full URL
https://hm.baidu.com/hm.js?8ad5ff7097c297d08560474d86a4d7c3
Requested by
Host: defiantist.com
URL: http://defiantist.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://defiantist.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 30 Aug 2022 18:17:39 GMT
Content-Encoding
gzip
Server
apache
Etag
27c6177fda53c233e78ad245d0646246
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11349
hm.js
hm.baidu.com/
24 KB
0
Script
General
Full URL
https://hm.baidu.com/hm.js?ee8dcd57038d2732a1a833eb70a77202
Requested by
Host: defiantist.com
URL: http://defiantist.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://defiantist.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 30 Aug 2022 18:17:39 GMT
Content-Encoding
gzip
Server
apache
Etag
22ba103c6e6ac4824b7ea50319f02791
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11341
Primary Request /
14290.xyz/
423 KB
34 KB
Document
General
Full URL
https://14290.xyz/
Requested by
Host: defiantist.com
URL: http://defiantist.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.199.39 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
de88d94bca18db91ce546b7e6cd9ee741298ad3cbb61a07c0c6f152ac0d77ee0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://defiantist.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 30 Aug 2022 18:17:39 GMT
etag
W/"630e1274-69ad1"
last-modified
Tue, 30 Aug 2022 13:36:52 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
reset.css-dfee.css
14290.xyz/css/
2 KB
981 B
Stylesheet
General
Full URL
https://14290.xyz/css/reset.css-dfee.css
Requested by
Host: 14290.xyz
URL: https://14290.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.199.39 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
40a79cfd17939e9dbaee86844e6cd48cd1cec771ae15dd01f12a235b7d18f629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14290.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 30 Aug 2022 18:17:40 GMT
content-encoding
gzip
last-modified
Tue, 17 May 2022 12:02:54 GMT
server
nginx
etag
W/"62838eee-672"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Wed, 31 Aug 2022 06:17:40 GMT
style.css-260.css
14290.xyz/css/
18 KB
5 KB
Stylesheet
General
Full URL
https://14290.xyz/css/style.css-260.css
Requested by
Host: 14290.xyz
URL: https://14290.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.199.39 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
3d5d3d6988c2a461eca5e83541a76ff2308cb907536922f98b54344cdc169c19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14290.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 30 Aug 2022 18:17:40 GMT
content-encoding
gzip
last-modified
Fri, 03 Jun 2022 10:42:24 GMT
server
nginx
etag
W/"6299e590-4650"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Wed, 31 Aug 2022 06:17:40 GMT
jquery1.7.2.min.js-dfw2.js
14290.xyz/js/
93 KB
37 KB
Script
General
Full URL
https://14290.xyz/js/jquery1.7.2.min.js-dfw2.js
Requested by
Host: 14290.xyz
URL: https://14290.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.199.39 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14290.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 30 Aug 2022 18:17:40 GMT
content-encoding
gzip
last-modified
Tue, 17 May 2022 12:02:54 GMT
server
nginx
etag
W/"62838eee-1727a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Wed, 31 Aug 2022 06:17:40 GMT
SuperSlide.js-5152.js
14290.xyz/js/
0
0
Script
General
Full URL
https://14290.xyz/js/SuperSlide.js-5152.js
Requested by
Host: 14290.xyz
URL: https://14290.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.199.39 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14290.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 30 Aug 2022 18:17:40 GMT
server
nginx
content-length
146
content-type
text/html
hcs.jpg
www.588bm.com/tu/
0
0

guapai.jpg
www.055999c.com/tu/
0
0
Image
General
Full URL
https://www.055999c.com/tu/guapai.jpg
Requested by
Host: 14290.xyz
URL: https://14290.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.218.29.118 , United States, ASN62587 (ANT-CLOUD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14290.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pao18.jpg
www.9394222.com/tu/
0
0

amtp.jpg
5752333.com/public/images/
0
0
Image
General
Full URL
https://5752333.com/public/images/amtp.jpg?1616881309
Requested by
Host: 14290.xyz
URL: https://14290.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.214.234.147 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-214-234-147.unifiedlayer.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14290.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

amgp.jpg
101917.com/new/
93 KB
93 KB
Image
General
Full URL
https://101917.com/new/amgp.jpg?133-9608
Requested by
Host: 14290.xyz
URL: https://14290.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d1fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75c93cdd5f2ea45810363c158cc66e499e2f364b2e8347f1128ed3ddd127818a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14290.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 30 Aug 2022 18:17:40 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
95009
last-modified
Tue, 30 Aug 2022 01:59:01 GMT
server
cloudflare
etag
"630d6ee5-17321"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7tico%2Byt71tZNtH7jYk2G2yHDuN400hAXObreAsiZn%2FsNpAZxg0oDxfX6UAoK9Iuf6nV3ptIUMelZ2X1iSGZcJQdXqsvX7uXrEc5br4tq6ggYOd9%2FMBO0SBHyEm9DgRoLhXNJwEDDjR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
742f864aa8b73475-NRT
expires
Thu, 29 Sep 2022 18:17:40 GMT
ampm.jpg
101927.com/new/
335 KB
336 KB
Image
General
Full URL
https://101927.com/new/ampm.jpg?133-9608
Requested by
Host: 14290.xyz
URL: https://14290.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb961ddd82390e8b0c00437b22aaa1c32a63d2dc6965edc93ec3a126f1e1d981

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14290.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 30 Aug 2022 18:17:40 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
343324
last-modified
Mon, 29 Aug 2022 14:54:32 GMT
server
cloudflare
etag
"630cd328-53d1c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkKAdV%2BgDz2b6o9U%2F6flocO%2B9rIpi1uwYzrMmND7TlvbfTK4xJaMPeLNrZGQqDbWijjkdtS8duAwHA5uk%2FaKxCd4QFKmVWUyFfhqEdKHSJzatATZbN8S67F1ROKjWyERRuMWQnbPpiG4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
742f864aa9d2af6d-NRT
expires
Thu, 29 Sep 2022 18:17:40 GMT
amsbx.jpg
101917.com/new/
186 KB
187 KB
Image
General
Full URL
https://101917.com/new/amsbx.jpg?133-9608
Requested by
Host: 14290.xyz
URL: https://14290.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d1fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbd6ed89d3fd7094b574028bc28462d656f03f5860c7f2ea25fa02ef68404ebe

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14290.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 30 Aug 2022 18:17:40 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
190516
last-modified
Mon, 29 Aug 2022 14:54:37 GMT
server
cloudflare
etag
"630cd32d-2e834"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBZrcdQr54e6dMGnTke8N1sDvqAjHwuCXQiuocY25ai%2FNsMwTNuqqRsascU5xDX%2Fl32ue2hojgvhdMe3dOg8qL1vZnLpNJYzG01sFApBgWaGBFzxUViuqUd%2BrGqQOCwmvskYSZSLFZ7E"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
742f864aa8b83475-NRT
expires
Thu, 29 Sep 2022 18:17:40 GMT
am047.jpg
101927.com/new/
198 KB
199 KB
Image
General
Full URL
https://101927.com/new/am047.jpg?133-9608
Requested by
Host: 14290.xyz
URL: https://14290.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3ffb87a204dc63d9f90a16749476490e1e9ca8001ea01bc41d995975896868d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14290.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 30 Aug 2022 18:17:40 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
203182
last-modified
Mon, 29 Aug 2022 14:53:54 GMT
server
cloudflare
etag
"630cd302-319ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcnIRy%2BW%2BuC%2FmgVjUGGJiLvDNt3N6BTf%2BbjEdXVunz50uO1xuY3v64aGn5XUzQuyY4ZEiXzM%2BZJatdN4zefPixEbaKsahZFpPdGmF4JKlE7yXVGydR1zfdtfAGWpb2FNpLy9kPFObPw3"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
742f864aa9d3af6d-NRT
expires
Thu, 29 Sep 2022 18:17:40 GMT
ad.js
14290.xyz/
258 B
471 B
Script
General
Full URL
https://14290.xyz/ad.js
Requested by
Host: 14290.xyz
URL: https://14290.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.199.39 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
431f4a97365ee1aa2117e5f571e63cd30249c1889a26201bba984711bd6c7700
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14290.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 30 Aug 2022 18:17:40 GMT
last-modified
Sat, 18 Jun 2022 08:19:18 GMT
server
nginx
etag
"62ad8a86-102"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
258
expires
Wed, 31 Aug 2022 06:17:40 GMT
bj.gif-151
5975678.com/5752333.com/public/images/
0
0

info.html
14290.xyz/ Frame 8B84
14 KB
4 KB
Document
General
Full URL
https://14290.xyz/info.html
Requested by
Host: 14290.xyz
URL: https://14290.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.199.39 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
1d54c99ffebba8483aeb251ca1804a729e70890339cee0b90649b6d6c10e1c04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://14290.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 30 Aug 2022 18:17:40 GMT
etag
W/"630e2dc9-3987"
last-modified
Tue, 30 Aug 2022 15:33:29 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
hm.js
hm.baidu.com/
30 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?ac0ac3c497831a39d8385d5c382b3b96
Requested by
Host: 14290.xyz
URL: https://14290.xyz/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
f252027ba0debd2256c19fe771dd5defe04d149a9ea305c6c9f030cf517b8bb1
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14290.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 30 Aug 2022 18:17:40 GMT
Content-Encoding
gzip
Server
apache
Etag
eec4e3e613749fb82ccd2985b52f11a4
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11341
tj.gif-sfdw
5975678.com/5752333.com/public/images/
0
0

jt.gif-sfdw
5975678.com/5752333.com/public/images/
0
0

jquery-1.11.3.min.js
14290.xyz/info_files/ Frame 8B84
94 KB
37 KB
Script
General
Full URL
https://14290.xyz/info_files/jquery-1.11.3.min.js
Requested by
Host: 14290.xyz
URL: https://14290.xyz/info.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.199.39 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14290.xyz/info.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 30 Aug 2022 18:17:40 GMT
content-encoding
gzip
last-modified
Tue, 17 May 2022 12:02:54 GMT
server
nginx
etag
W/"62838eee-176d5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Wed, 31 Aug 2022 06:17:40 GMT
clipboard.min.js
14290.xyz/info_files/ Frame 8B84
11 KB
4 KB
Script
General
Full URL
https://14290.xyz/info_files/clipboard.min.js
Requested by
Host: 14290.xyz
URL: https://14290.xyz/info.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.199.39 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
13ac2aa43e1bffd6fdf122b296e276fead1b0b61534fbd4483c1848ebb5f0089
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14290.xyz/info.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 30 Aug 2022 18:17:40 GMT
content-encoding
gzip
last-modified
Tue, 17 May 2022 12:02:54 GMT
server
nginx
etag
W/"62838eee-2aa6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Wed, 31 Aug 2022 06:17:40 GMT
addwxs.png
14290.xyz/info_files/ Frame 8B84
10 KB
10 KB
Image
General
Full URL
https://14290.xyz/info_files/addwxs.png
Requested by
Host: 14290.xyz
URL: https://14290.xyz/info.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
155.159.199.39 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
857d4f0eb2512ae2ea4cd88f7dc6db8162239426abba3d3c34a37d8a1adc55e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14290.xyz/info.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 30 Aug 2022 18:17:40 GMT
last-modified
Tue, 17 May 2022 12:02:52 GMT
server
nginx
etag
"62838eec-2904"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10500
expires
Thu, 29 Sep 2022 18:17:40 GMT
hm.gif
hm.baidu.com/
43 B
499 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=344899031&si=ac0ac3c497831a39d8385d5c382b3b96&su=http%3A%2F%2Fdefiantist.com%2F&v=1.2.97&lv=1&sn=46930&r=0&ww=1600&ct=!!&u=https%3A%2F%2F14290.xyz%2F&tt=%E5%AE%89%E5%85%A8%E8%AE%BF%E9%97%AE
Requested by
Host: 14290.xyz
URL: https://14290.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://14290.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Pragma
no-cache
Date
Tue, 30 Aug 2022 18:17:40 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
private, max-age=0, no-cache
Content-Type
image/gif
Content-Length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.588bm.com
URL
https://www.588bm.com/tu/hcs.jpg
Domain
www.9394222.com
URL
https://www.9394222.com/tu/pao18.jpg
Domain
5975678.com
URL
https://5975678.com/5752333.com/public/images/bj.gif-151
Domain
5975678.com
URL
https://5975678.com/5752333.com/public/images/tj.gif-sfdw
Domain
5975678.com
URL
https://5975678.com/5752333.com/public/images/jt.gif-sfdw

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| Words function| OutWord function| $ function| jQuery function| hidediv function| tojc object| _hmt function| ccdd boolean| _bdhm_loaded_ac0ac3c497831a39d8385d5c382b3b96 object| mini_tangram_log_1mdssc

2 Cookies

Domain/Path Name / Value
.14290.xyz/ Name: Hm_lvt_ac0ac3c497831a39d8385d5c382b3b96
Value: 1661883460
.14290.xyz/ Name: Hm_lpvt_ac0ac3c497831a39d8385d5c382b3b96
Value: 1661883460

6 Console Messages

Source Level URL
Text
network error URL: http://defiantist.com/css/shouye.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://14290.xyz/js/SuperSlide.js-5152.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://5975678.com/5752333.com/public/images/bj.gif-151
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://5975678.com/5752333.com/public/images/tj.gif-sfdw
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://5975678.com/5752333.com/public/images/jt.gif-sfdw
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://www.055999c.com/tu/guapai.jpg
Message:
Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

101917.com
101927.com
14290.xyz
5752333.com
5975678.com
defiantist.com
hm.baidu.com
www.055999c.com
www.588bm.com
www.9394222.com
5975678.com
www.588bm.com
www.9394222.com
103.235.46.191
155.159.199.39
155.159.219.214
162.214.234.147
162.218.29.118
2606:4700:3034::ac43:d1fb
2606:4700:3037::6815:5513
13ac2aa43e1bffd6fdf122b296e276fead1b0b61534fbd4483c1848ebb5f0089
1d54c99ffebba8483aeb251ca1804a729e70890339cee0b90649b6d6c10e1c04
2a53a10c8a1f200b96f7e4432003976f4230619e9b2279efc8ce3950d530c9b3
3d5d3d6988c2a461eca5e83541a76ff2308cb907536922f98b54344cdc169c19
40a79cfd17939e9dbaee86844e6cd48cd1cec771ae15dd01f12a235b7d18f629
431f4a97365ee1aa2117e5f571e63cd30249c1889a26201bba984711bd6c7700
4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889
75c93cdd5f2ea45810363c158cc66e499e2f364b2e8347f1128ed3ddd127818a
857d4f0eb2512ae2ea4cd88f7dc6db8162239426abba3d3c34a37d8a1adc55e3
bb961ddd82390e8b0c00437b22aaa1c32a63d2dc6965edc93ec3a126f1e1d981
cbd6ed89d3fd7094b574028bc28462d656f03f5860c7f2ea25fa02ef68404ebe
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
de88d94bca18db91ce546b7e6cd9ee741298ad3cbb61a07c0c6f152ac0d77ee0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f252027ba0debd2256c19fe771dd5defe04d149a9ea305c6c9f030cf517b8bb1
f3ffb87a204dc63d9f90a16749476490e1e9ca8001ea01bc41d995975896868d