urlscan.io logo urlscan.io
SecurityTrails logo

www.pgjsqc.com Open in urlscan Pro
47.76.194.61  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Effective URL: https://www.pgjsqc.com/
Submission: On June 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 18 domains to perform 67 HTTP transactions. The main IP is 47.76.194.61, located in Hong Kong, Hong Kong and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is www.pgjsqc.com.
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on April 3rd 2024. Valid for: 3 months.
This is the only time www.pgjsqc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 154.31.169.203 140224 (SGPL-AS-A...)
1 2a00:1450:400... 15169 (GOOGLE)
2 47.238.34.86 45102 (ALIBABA-C...)
2 142.250.185.130 15169 (GOOGLE)
2 14.215.182.140 4134 (CHINANET-...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2620:127:f00f... 13335 (CLOUDFLAR...)
1 18.66.192.125 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 34.102.147.248 396982 (GOOGLE-CL...)
2 34.98.67.3 396982 (GOOGLE-CL...)
1 35.244.174.68 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 206.119.106.88 140224 (SGPL-AS-A...)
1 2 47.76.194.61 45102 (ALIBABA-C...)
67 16
9    154.31.169.203 (Hong Kong, Hong Kong)

ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG)
ixwxj.xn--6krv12dbjjksed87a.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    47.238.34.86 (Hong Kong, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
tj.xiangguayingshi.com
tj.comkonyukhiv.com
2    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
2    14.215.182.140 (Guangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
hm.baidu.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2620:127:f00f:ff01:: (Canada)

ASN13335 (CLOUDFLARENET, US)
cdn.shopify.com
1    18.66.192.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-125.muc50.r.cloudfront.net
static.hotjar.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com
tag.rmp.rakuten.com
2    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
ut.rd.linksynergy.com
consent.linksynergy.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2606:4700:4400::6812:277d (United States)

ASN13335 (CLOUDFLARENET, US)
ws.audioeye.com
wsv3cdn.audioeye.com
1    206.119.106.88 (Hong Kong, Hong Kong)

ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG)
v7.downoks.com
2    47.76.194.61 (Hong Kong, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
www.pgjsqc.com
Apex Domain
Subdomains		 Transfer
9 xn--6krv12dbjjksed87a.com
ixwxj.xn--6krv12dbjjksed87a.com
85 KB
2 pgjsqc.com
www.pgjsqc.com
3 KB
2 audioeye.com
ws.audioeye.com — Cisco Umbrella Rank: 10672
wsv3cdn.audioeye.com — Cisco Umbrella Rank: 5582
732 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 119
3 KB
2 linksynergy.com
ut.rd.linksynergy.com — Cisco Umbrella Rank: 9460
consent.linksynergy.com — Cisco Umbrella Rank: 35382
705 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
69 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
189 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 10409
12 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 236
144 KB
1 downoks.com
v7.downoks.com
89 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 488
98 B
1 rakuten.com
tag.rmp.rakuten.com — Cisco Umbrella Rank: 8375
13 KB
1 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 887
409 B
1 shopify.com
cdn.shopify.com — Cisco Umbrella Rank: 2411
93 KB
1 comkonyukhiv.com
tj.comkonyukhiv.com
1 xiangguayingshi.com
tj.xiangguayingshi.com
821 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 324
30 KB
0 guscal.com Failed
ask.guscal.com Failed
67 18
Domain Requested by
9 ixwxj.xn--6krv12dbjjksed87a.com ixwxj.xn--6krv12dbjjksed87a.com
2 www.pgjsqc.com 1 redirects tj.xiangguayingshi.com
www.pgjsqc.com
2 www.facebook.com ixwxj.xn--6krv12dbjjksed87a.com
2 connect.facebook.net ixwxj.xn--6krv12dbjjksed87a.com
connect.facebook.net
2 www.googletagmanager.com ixwxj.xn--6krv12dbjjksed87a.com
www.googletagmanager.com
2 hm.baidu.com tj.xiangguayingshi.com
ixwxj.xn--6krv12dbjjksed87a.com
2 securepubads.g.doubleclick.net www.googletagservices.com
1 wsv3cdn.audioeye.com ws.audioeye.com
1 v7.downoks.com 1 redirects
1 ws.audioeye.com ixwxj.xn--6krv12dbjjksed87a.com
1 idsync.rlcdn.com ixwxj.xn--6krv12dbjjksed87a.com
1 consent.linksynergy.com ixwxj.xn--6krv12dbjjksed87a.com
1 ut.rd.linksynergy.com tag.rmp.rakuten.com
1 tag.rmp.rakuten.com ixwxj.xn--6krv12dbjjksed87a.com
1 static.hotjar.com www.googletagmanager.com
1 cdn.shopify.com ixwxj.xn--6krv12dbjjksed87a.com
1 tj.comkonyukhiv.com tj.xiangguayingshi.com
1 tj.xiangguayingshi.com ixwxj.xn--6krv12dbjjksed87a.com
1 www.googletagservices.com ixwxj.xn--6krv12dbjjksed87a.com
0 ask.guscal.com Failed www.pgjsqc.com
67 20

This site contains no links.

Subject Issuer Validity Valid
ixwxj.xn--6krv12dbjjksed87a.com
R3		 2024-05-23 -
2024-08-21		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
tj.xiangguayingshi.com
R3		 2024-05-23 -
2024-08-21		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
tj.comkonyukhiv.com
R3		 2024-05-23 -
2024-08-21		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
cdn.shopify.com
E1		 2024-05-03 -
2024-08-01		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-15 -
2024-06-13		 3 months crt.sh
tag.rmp.rakuten.com
WR3		 2024-05-29 -
2024-08-27		 3 months crt.sh
*.rd.linksynergy.com
ZeroSSL RSA Domain Secure Site CA		 2024-01-23 -
2025-01-22		 a year crt.sh
consent.linksynergy.com
GTS CA 1D4		 2024-04-10 -
2024-07-09		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-06 -
2025-03-05		 a year crt.sh
ws.audioeye.com
E1		 2024-05-01 -
2024-07-30		 3 months crt.sh
*.pgjsqa.com
TrustAsia RSA DV TLS CA G2		 2024-04-03 -
2024-07-02		 3 months crt.sh
wsv3cdn.audioeye.com
E1		 2024-05-17 -
2024-08-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.pgjsqc.com/
Frame ID: B7349296741683645C26C04CA3E51038
Requests: 66 HTTP requests in this frame

Frame: https://tj.comkonyukhiv.com/
Frame ID: FD2BCA8737D2A2B5FD08F82F34664FB3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ixwxj.xn--6krv12dbjjksed87a.com/ Page URL
  2. https://v7.downoks.com/bz6 HTTP 301
    https://www.pgjsqc.com/tg.php?id=bz6 HTTP 302
    https://www.pgjsqc.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • audioeye\.com/ae\.js
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • tag\.rmp\.rakuten\.com

Page Statistics

67
Requests

46 %
HTTPS

38 %
IPv6

18
Domains

20
Subdomains

16
IPs

5
Countries

644 kB
Transfer

1875 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ixwxj.xn--6krv12dbjjksed87a.com/ Page URL
  2. https://v7.downoks.com/bz6 HTTP 301
    https://www.pgjsqc.com/tg.php?id=bz6 HTTP 302
    https://www.pgjsqc.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ixwxj.xn--6krv12dbjjksed87a.com/ 		329 KB
85 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ixwxj.xn--6krv12dbjjksed87a.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.31.169.203 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
nginx / PHP/7.3.33
Resource Hash
14cda03411eee52a4ad207143972bfb738f51a23df6d64415dbd298cb82a5889

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 06 Jun 2024 02:54:26 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.3.33
shop.min.css
ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/ 		0
0
gpt.js
www.googletagservices.com/tag/js/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ixwxj.xn--6krv12dbjjksed87a.com
URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0d017d0529d504533646d510d45adbe5deffa6a3e92f8a9c142d31c779f4a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 02:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30728
x-xss-protection
0
server
cafe
etag
382 / 19880 / 31084294 / config-hash: 849232377292076647
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 06 Jun 2024 02:54:27 GMT
jquery.min.js
ixwxj.xn--6krv12dbjjksed87a.com/ajax/libs/jquery/1.8.3/ 		0
0
jquery.min.js
ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/ 		0
0
tongji8.js
tj.xiangguayingshi.com/static/js/ 		1 KB
821 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tj.xiangguayingshi.com/static/js/tongji8.js
Requested by
Host: ixwxj.xn--6krv12dbjjksed87a.com
URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.238.34.86 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx / PHP/7.3.33
Resource Hash
41da1952c82f8ff4e36b868cc8c9192b1c819cb322bd65eb9c5a21a15a70af32

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 02:54:28 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.33
vary
Accept-Encoding
content-type
text/plain;charset=utf-8
tongji.js
ixwxj.xn--6krv12dbjjksed87a.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ixwxj.xn--6krv12dbjjksed87a.com/tongji.js?s=8228
Requested by
Host: ixwxj.xn--6krv12dbjjksed87a.com
URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.31.169.203 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
nginx / PHP/7.3.33
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 02:54:27 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.33
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
require-v2.1.20.min.js
ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/ 		0
0
logo_desktop.svg
ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/ 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/logo_desktop.svg?v=2388749780173361819
Requested by
Host: ixwxj.xn--6krv12dbjjksed87a.com
URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.31.169.203 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
nginx / PHP/7.3.33
Resource Hash
dc20cc83aa4a7b4bfa9bae8f4d31f72e3bbafa163d96d9414e0c7daed78dda37

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 02:54:27 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.33
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
logo_mobile.svg
ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/ 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/logo_mobile.svg?v=11958682387239197184
Requested by
Host: ixwxj.xn--6krv12dbjjksed87a.com
URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.31.169.203 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
nginx / PHP/7.3.33
Resource Hash
dc20cc83aa4a7b4bfa9bae8f4d31f72e3bbafa163d96d9414e0c7daed78dda37

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 02:54:27 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.33
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406030101/ 		462 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406030101/pubads_impl.js?cb=31084294
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
238471b5f6cdbff6ab8cf75252ac0149dd6c21b70e287580845d95d4cfb4b8ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:01:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
60791
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147669
x-xss-protection
0
server
cafe
etag
6369709055313800849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 05 Jun 2025 10:01:16 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		79 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ixwxj.xn--6krv12dbjjksed87a.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e5f841b9d532f75289d09a6ba101b673b42a28bcb1538946846ff42c4b17f584
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 02:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
x-xss-protection
0
expires
Thu, 06 Jun 2024 02:54:27 GMT
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?2140ca2761cf42d0c94bd8c2aef12fa1
Requested by
Host: tj.xiangguayingshi.com
URL: https://tj.xiangguayingshi.com/static/js/tongji8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
400e63f425453188ce5076e76756d1a238d11414f292e493debc2f9378a59b3b
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 06 Jun 2024 02:54:29 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
bd1f22816593b77c5737ab1f9a7b5402
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11260
/
tj.comkonyukhiv.com/ Frame FD2B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tj.comkonyukhiv.com/
Requested by
Host: tj.xiangguayingshi.com
URL: https://tj.xiangguayingshi.com/static/js/tongji8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.238.34.86 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-length
609
content-type
text/html
date
Thu, 06 Jun 2024 02:54:29 GMT
etag
"642fc077-261"
last-modified
Fri, 07 Apr 2023 07:04:23 GMT
server
nginx
load_feature-04598b77b1103a920783be825a5f4c245a91397360c621cd772069cf99347113.js
ixwxj.xn--6krv12dbjjksed87a.com/s/assets/storefront/ 		0
0
storefront-21b5dddfc8b64c1ad68cee3ba7448d1ffa15c24e969ebc1fbccf1a3784b659ad.js
ixwxj.xn--6krv12dbjjksed87a.com/s/assets/shopify_pay/ 		0
0
features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js
ixwxj.xn--6krv12dbjjksed87a.com/s/assets/storefront/ 		0
0
modernizr.js
ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/ 		0
0
gtm.js
www.googletagmanager.com/ 		290 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PCWBM3G
Requested by
Host: ixwxj.xn--6krv12dbjjksed87a.com
URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f28869146a200269e93e326e8f0cac94822348dceac7728ecf130e6deacb45dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 02:54:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100612
x-xss-protection
0
last-modified
Thu, 06 Jun 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 06 Jun 2024 02:54:28 GMT
logo_desktop.svg
ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/ 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/logo_desktop.svg?v=2388749780173361819
Requested by
Host: ixwxj.xn--6krv12dbjjksed87a.com
URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.31.169.203 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
nginx / PHP/7.3.33
Resource Hash
dc20cc83aa4a7b4bfa9bae8f4d31f72e3bbafa163d96d9414e0c7daed78dda37

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 02:54:28 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.33
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
exchange.svg
ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/ 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/exchange.svg?v=3673565814698662704
Requested by
Host: ixwxj.xn--6krv12dbjjksed87a.com
URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.31.169.203 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
nginx / PHP/7.3.33
Resource Hash
dc20cc83aa4a7b4bfa9bae8f4d31f72e3bbafa163d96d9414e0c7daed78dda37

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 02:54:28 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.33
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
shipping.svg
ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/ 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/shipping.svg?v=14888150731861093681
Requested by
Host: ixwxj.xn--6krv12dbjjksed87a.com
URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.31.169.203 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
nginx / PHP/7.3.33
Resource Hash
dc20cc83aa4a7b4bfa9bae8f4d31f72e3bbafa163d96d9414e0c7daed78dda37

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 02:54:28 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.33
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
laundry.svg
ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/ 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/laundry.svg?v=16308465505918176161
Requested by
Host: ixwxj.xn--6krv12dbjjksed87a.com
URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.31.169.203 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
nginx / PHP/7.3.33
Resource Hash
dc20cc83aa4a7b4bfa9bae8f4d31f72e3bbafa163d96d9414e0c7daed78dda37

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 02:54:28 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.33
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
hero-banner.jpg
cdn.shopify.com/s/files/1/0084/0407/4543/t/34/assets/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0084/0407/4543/t/34/assets/hero-banner.jpg?v=3742567640957400440
Requested by
Host: ixwxj.xn--6krv12dbjjksed87a.com
URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afb5e77b4b5404880193a00816702dbd2c7f2b2019997a0b389162edeb9a49be
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 02:54:29 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
source-type
image/jpeg
server-timing
imagery;dur=491.987, imageryFetch;dur=72.309, imageryProcess;dur=419.053;desc="image", cfRequestDuration;dur=816.999912, ipv6
source-length
137408
content-length
94062
x-xss-protection
1; mode=block
x-request-id
a448d464-0d88-4d76-889c-275b09044985-1717642468
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 06 Jun 2024 02:54:29 GMT
server
cloudflare
x-shopid
8404074543
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KI6SOS55SKfLGjd%2B0WShinAinMAegI1l1CP82QbuhTZ0qYCoR0Ej7Ib3D1xpdAhGCiZ8fAS0PGsRSTQ4MfNCptguXKdiL4382ah%2F30ovw%2Bxy8fpsAAGWX9DOYsi779jVCB8wWzLsX5u5yBH9vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0084/0407/4543/t/34/assets/hero-banner.jpg>; rel="canonical"
cf-ray
88f51e34c9499066-FRA
hotjar-1371378.js
static.hotjar.com/c/ 		0
409 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1371378.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCWBM3G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-125.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 02:54:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
via
1.1 28e56b9ddced4ed414e75f87cbd0d976.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
etag
W/d41d8cd98f00b204e9800998ecf8427e
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
content-length
0
x-amz-cf-id
NX-HEAavrQj42kcVGStUyiH775E1KkSyhjCUbwuhDgZIcDvuDcRsyA==
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ixwxj.xn--6krv12dbjjksed87a.com
URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 06 Jun 2024 02:54:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57975
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=36, rtx=0, c=12, mss=1297, tbw=2810, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
Cho0QleQu2l2Xu01/bcZ2D/QmCW5SsmrjsRTX/XVCm0czR+ZXWrnB382eo3Vy9NV48eouoskzJpqvtrVFk8LOw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		262 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1024395412
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PCWBM3G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a09a6086fb07c848ca7d6aaab537373b14cadf6371cbb5a67a840cc79b55b995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 02:54:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92376
x-xss-protection
0
last-modified
Thu, 06 Jun 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 06 Jun 2024 02:54:28 GMT
120594.ct.js
tag.rmp.rakuten.com/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.rmp.rakuten.com/120594.ct.js
Requested by
Host: ixwxj.xn--6krv12dbjjksed87a.com
URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.147.102.34.bc.googleusercontent.com
Software
/
Resource Hash
8b82ba471247bdf26cd35208d47a457bf4d7852f05de9bf13209d4e3096a2d85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 02:54:29 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
last-modified
Thu, 06 Jun 2024 02:54:29 GMT
x-cache
miss
x-samesite
secure
content-type
text/javascript
cache-control
max-age=86400
x-dyn
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1634048716873419
connect.facebook.net/signals/config/ 		44 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1634048716873419?v=2.9.157&r=stable&domain=ixwxj.xn--6krv12dbjjksed87a.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cf62ababbcf71a29927ff50e659746916a76ea6336004f20821e677d3977d53d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 06 Jun 2024 02:54:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=65, mss=1297, tbw=63539, tp=-1, tpl=-1, uplat=369, ullat=1
pragma
public
x-fb-debug
jbPDsefjUsx5HvakDyxkm1KiC9Ncf45OTf+JhPg5h5RojpexQCcOS8kgmSI2cD4Cg/sBGR0kWZ84SXyyTCpbwA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
jsp
ut.rd.linksynergy.com/ 		148 B
414 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ut.rd.linksynergy.com/jsp?cn=rmuid&ro=0&cb=___rmuid
Requested by
Host: tag.rmp.rakuten.com
URL: https://tag.rmp.rakuten.com/120594.ct.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
deb63db8abe6dbb064ef8381c8cad3a6a86f6c35808c0ee0f7fde6f75c811ae5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/plain; charset=utf-8
date
Thu, 06 Jun 2024 02:54:29 GMT
via
1.1 google
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148
x-samesite
secure
p
consent.linksynergy.com/consent/v3/ 		37 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.linksynergy.com/consent/v3/p?rmch=cs&domain=ixwxj.xn--6krv12dbjjksed87a.com&sought=false&tp=gdpr&attr_sid=120594&aff_mid=44974&purposes=&vendors=&ext_id=488a22ea-ffc0-4d11-9f2f-02a98ad048c6
Requested by
Host: ixwxj.xn--6krv12dbjjksed87a.com
URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
date
Thu, 06 Jun 2024 02:54:29 GMT
via
1.1 google
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
x-samesite
secure
458359.gif
idsync.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458359.gif?partner_uid=7a25d419-2e29-4090-9eba-44b2fd0bdb57
Requested by
Host: ixwxj.xn--6krv12dbjjksed87a.com
URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 02:54:29 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1634048716873419&ev=PageView&dl=https%3A%2F%2Fixwxj.xn--6krv12dbjjksed87a.com%2F&rl=&if=false&ts=1717642469378&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=30&ler=empty&cdl=API_unavailable&it=1717642468960&coo=false&rqm=GET
Requested by
Host: ixwxj.xn--6krv12dbjjksed87a.com
URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2792, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 06 Jun 2024 02:54:29 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1634048716873419&ev=PageView&dl=https%3A%2F%2Fixwxj.xn--6krv12dbjjksed87a.com%2F&rl=&if=false&ts=1717642469378&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=30&ler=empty&cdl=API_unavailable&it=1717642468960&coo=false&rqm=FGET
Requested by
Host: ixwxj.xn--6krv12dbjjksed87a.com
URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x4447632d7e0e26ec","source_keys":["1","2"]},{"key_piece":"0x031b74ee5c956f2c","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 06 Jun 2024 02:54:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=10, mss=1297, tbw=3110, tp=-1, tpl=-1, uplat=504, ullat=0
pragma
no-cache
x-fb-debug
n9GZRAgk4Q8IT0ddSByT5eyWHOs+WU/a1MkltB3/BzERhIqhFfW08YVpcmzbwkeY/9COiZUK7aTbwrnsX6xK8g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=979834333&si=2140ca2761cf42d0c94bd8c2aef12fa1&v=1.3.0&lv=1&sn=35655&r=0&ww=1600&u=https%3A%2F%2Fixwxj.xn--6krv12dbjjksed87a.com%2F&tt=%E6%97%8B%E9%A3%8E%E5%8A%A0%E9%80%9F%E5%99%A8%E4%BA%8C%E7%BB%B4%E7%A0%81%E5%9B%BE%E7%89%87
Requested by
Host: ixwxj.xn--6krv12dbjjksed87a.com
URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Thu, 06 Jun 2024 02:54:29 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
ae.js
ws.audioeye.com/ 		1 KB
732 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.audioeye.com/ae.js
Requested by
Host: ixwxj.xn--6krv12dbjjksed87a.com
URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:277d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 02:54:30 GMT
content-encoding
gzip
surrogate-keys
cf-cache-status
HIT
server
cloudflare
age
15
etag
"8de22085ef422ff9b47e2c7e927dd3eb"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=120
cf-ray
88f51e3e98fa9bdd-FRA
favicon.ico
ixwxj.xn--6krv12dbjjksed87a.com/ 		15 B
154 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ixwxj.xn--6krv12dbjjksed87a.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.31.169.203 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
nginx / PHP/7.3.33
Resource Hash
dc20cc83aa4a7b4bfa9bae8f4d31f72e3bbafa163d96d9414e0c7daed78dda37

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 02:54:30 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.33
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
Primary Request /
www.pgjsqc.com/
Redirect Chain
  • https://v7.downoks.com/bz6
  • https://www.pgjsqc.com/tg.php?id=bz6
  • https://www.pgjsqc.com/
13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pgjsqc.com/
Requested by
Host: tj.xiangguayingshi.com
URL: https://tj.xiangguayingshi.com/static/js/tongji8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.76.194.61 Hong Kong, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
1dda1a762eec791c818749858f4778bd16b689ff8d74aa50dae7319cf0de0f9a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 06 Jun 2024 02:54:33 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/5.4.45

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Date
Thu, 06 Jun 2024 02:54:32 GMT
Location
/
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.45
bootstrap.js
wsv3cdn.audioeye.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://wsv3cdn.audioeye.com/bootstrap.js?d=ixwxj.xn--6krv12dbjjksed87a.com&cb=4d87458
Requested by
Host: ws.audioeye.com
URL: https://ws.audioeye.com/ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:277d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ixwxj.xn--6krv12dbjjksed87a.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 02:54:31 GMT
cf-cache-status
MISS
server
cloudflare
cf-ray
88f51e41c93930d6-FRA
content-length
0
vary
Accept-Encoding
index.css
www.pgjsqc.com/statics/pg/css/ 		0
0
default.css
www.pgjsqc.com/statics/pg/css/ 		0
0
logo.png
www.pgjsqc.com/statics/pg/images/ 		0
0
windows-sm.png
www.pgjsqc.com/statics/pg/images/ 		0
0
mac_sm.png
www.pgjsqc.com/statics/pg/images/ 		0
0
android_sm.png
www.pgjsqc.com/statics/pg/images/ 		0
0
iphone_sm.png
www.pgjsqc.com/statics/pg/images/ 		0
0
ys01.png
www.pgjsqc.com/statics/pg/images/ 		0
0
ys02.png
www.pgjsqc.com/statics/pg/images/ 		0
0
ys05.png
www.pgjsqc.com/statics/pg/images/ 		0
0
ys03.png
www.pgjsqc.com/statics/pg/images/ 		0
0
ys04.png
www.pgjsqc.com/statics/pg/images/ 		0
0
ys06.png
www.pgjsqc.com/statics/pg/images/ 		0
0
jl01.png
www.pgjsqc.com/statics/pg/images/ 		0
0
jl02.png
www.pgjsqc.com/statics/pg/images/ 		0
0
jl03.png
www.pgjsqc.com/statics/pg/images/ 		0
0
jl04.png
www.pgjsqc.com/statics/pg/images/ 		0
0
jl05.png
www.pgjsqc.com/statics/pg/images/ 		0
0
jl06.png
www.pgjsqc.com/statics/pg/images/ 		0
0
f01.png
www.pgjsqc.com/statics/pg/images/ 		0
0
f02.png
www.pgjsqc.com/statics/pg/images/ 		0
0
f03.png
www.pgjsqc.com/statics/pg/images/ 		0
0
f04.png
www.pgjsqc.com/statics/pg/images/ 		0
0
f05.png
www.pgjsqc.com/statics/pg/images/ 		0
0
f06.png
www.pgjsqc.com/statics/pg/images/ 		0
0
vue.js
www.pgjsqc.com/statics/pg/js/ 		0
0
index.js
www.pgjsqc.com/statics/pg/js/ 		0
0
snippet.js
ask.guscal.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ixwxj.xn--6krv12dbjjksed87a.com
URL
http://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/shop.min.css?v=4952464655228733848
Domain
ixwxj.xn--6krv12dbjjksed87a.com
URL
http://ixwxj.xn--6krv12dbjjksed87a.com/ajax/libs/jquery/1.8.3/jquery.min.js
Domain
ixwxj.xn--6krv12dbjjksed87a.com
URL
http://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/jquery.min.js?v=321923423407685781
Domain
ixwxj.xn--6krv12dbjjksed87a.com
URL
http://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/require-v2.1.20.min.js?v=13060290100259709168
Domain
ixwxj.xn--6krv12dbjjksed87a.com
URL
http://ixwxj.xn--6krv12dbjjksed87a.com/s/assets/storefront/load_feature-04598b77b1103a920783be825a5f4c245a91397360c621cd772069cf99347113.js
Domain
ixwxj.xn--6krv12dbjjksed87a.com
URL
http://ixwxj.xn--6krv12dbjjksed87a.com/s/assets/shopify_pay/storefront-21b5dddfc8b64c1ad68cee3ba7448d1ffa15c24e969ebc1fbccf1a3784b659ad.js?v=20230107
Domain
ixwxj.xn--6krv12dbjjksed87a.com
URL
http://ixwxj.xn--6krv12dbjjksed87a.com/s/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js
Domain
ixwxj.xn--6krv12dbjjksed87a.com
URL
http://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/modernizr.js?v=9188939603575101333
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/css/index.css
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/css/default.css
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/logo.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/windows-sm.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/mac_sm.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/android_sm.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/iphone_sm.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/ys01.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/ys02.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/ys05.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/ys03.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/ys04.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/ys06.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/jl01.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/jl02.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/jl03.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/jl04.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/jl05.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/jl06.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/f01.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/f02.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/f03.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/f04.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/f05.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/images/f06.png
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/js/vue.js
Domain
www.pgjsqc.com
URL
https://www.pgjsqc.com/statics/pg/js/index.js
Domain
ask.guscal.com
URL
https://ask.guscal.com/snippet.js?key=1762363195160264704

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Domain/Path Name / Value
ixwxj.xn--6krv12dbjjksed87a.com/ Name: inducedProtocolLevelredirect
Value: true
.xn--6krv12dbjjksed87a.com/ Name: _gcl_au
Value: 1.1.2037126.1717642469
.linksynergy.com/ Name: rmuid
Value: 6def9674-d0fa-4978-81f5-5bf1a83c3a63
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 09146F8D8AE0800D
.ixwxj.xn--6krv12dbjjksed87a.com/ Name: Hm_lvt_2140ca2761cf42d0c94bd8c2aef12fa1
Value: 1717642470
.ixwxj.xn--6krv12dbjjksed87a.com/ Name: Hm_lpvt_2140ca2761cf42d0c94bd8c2aef12fa1
Value: 1717642470
www.pgjsqc.com/ Name: cpretgsxid
Value: 11237

33 Console Messages

Source Level URL
Text
security error URL: https://ixwxj.xn--6krv12dbjjksed87a.com/(Line 580)
Message:
Mixed Content: The page at 'https://ixwxj.xn--6krv12dbjjksed87a.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/shop.min.css?v=4952464655228733848'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Message:
Mixed Content: The page at 'https://ixwxj.xn--6krv12dbjjksed87a.com/' was loaded over HTTPS, but requested an insecure script 'http://ixwxj.xn--6krv12dbjjksed87a.com/ajax/libs/jquery/1.8.3/jquery.min.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://ixwxj.xn--6krv12dbjjksed87a.com/(Line 3065)
Message:
Mixed Content: The page at 'https://ixwxj.xn--6krv12dbjjksed87a.com/' was loaded over HTTPS, but requested an insecure script 'http://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/jquery.min.js?v=321923423407685781'. This request has been blocked; the content must be served over HTTPS.
javascript warning URL: https://ixwxj.xn--6krv12dbjjksed87a.com/(Line 3065)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tj.xiangguayingshi.com/static/js/tongji8.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Message:
Mixed Content: The page at 'https://ixwxj.xn--6krv12dbjjksed87a.com/' was loaded over HTTPS, but requested an insecure script 'http://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/require-v2.1.20.min.js?v=13060290100259709168'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Message:
Mixed Content: The page at 'https://ixwxj.xn--6krv12dbjjksed87a.com/' was loaded over HTTPS, but requested an insecure element 'http://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/logo_desktop.svg?v=2388749780173361819'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Message:
Mixed Content: The page at 'https://ixwxj.xn--6krv12dbjjksed87a.com/' was loaded over HTTPS, but requested an insecure element 'http://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/logo_mobile.svg?v=11958682387239197184'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Message:
Mixed Content: The page at 'https://ixwxj.xn--6krv12dbjjksed87a.com/' was loaded over HTTPS, but requested an insecure element 'http://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/logo_desktop.svg?v=2388749780173361819'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://ixwxj.xn--6krv12dbjjksed87a.com/tongji.js?s=8228
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/logo_desktop.svg?v=2388749780173361819
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/logo_mobile.svg?v=11958682387239197184
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Message:
Mixed Content: The page at 'https://ixwxj.xn--6krv12dbjjksed87a.com/' was loaded over HTTPS, but requested an insecure script 'http://ixwxj.xn--6krv12dbjjksed87a.com/s/assets/storefront/load_feature-04598b77b1103a920783be825a5f4c245a91397360c621cd772069cf99347113.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Message:
Mixed Content: The page at 'https://ixwxj.xn--6krv12dbjjksed87a.com/' was loaded over HTTPS, but requested an insecure script 'http://ixwxj.xn--6krv12dbjjksed87a.com/s/assets/shopify_pay/storefront-21b5dddfc8b64c1ad68cee3ba7448d1ffa15c24e969ebc1fbccf1a3784b659ad.js?v=20230107'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Message:
Mixed Content: The page at 'https://ixwxj.xn--6krv12dbjjksed87a.com/' was loaded over HTTPS, but requested an insecure script 'http://ixwxj.xn--6krv12dbjjksed87a.com/s/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Message:
Mixed Content: The page at 'https://ixwxj.xn--6krv12dbjjksed87a.com/' was loaded over HTTPS, but requested an insecure script 'http://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/modernizr.js?v=9188939603575101333'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://ixwxj.xn--6krv12dbjjksed87a.com/(Line 5619)
Message:
Mixed Content: The page at 'https://ixwxj.xn--6krv12dbjjksed87a.com/' was loaded over HTTPS, but requested an insecure element 'http://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/logo_desktop.svg?v=2388749780173361819'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://ixwxj.xn--6krv12dbjjksed87a.com/(Line 5619)
Message:
Mixed Content: The page at 'https://ixwxj.xn--6krv12dbjjksed87a.com/' was loaded over HTTPS, but requested an insecure element 'http://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/logo_mobile.svg?v=11958682387239197184'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://ixwxj.xn--6krv12dbjjksed87a.com/(Line 5748)
Message:
Mixed Content: The page at 'https://ixwxj.xn--6krv12dbjjksed87a.com/' was loaded over HTTPS, but requested an insecure element 'http://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/logo_desktop.svg?v=2388749780173361819'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://ixwxj.xn--6krv12dbjjksed87a.com/(Line 1715)
Message:
Mixed Content: The page at 'https://ixwxj.xn--6krv12dbjjksed87a.com/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://login.mylistatbloomingdales.com:443/v1/login/user/create/submit'. This endpoint should be made available over a secure connection.
security warning URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Message:
Mixed Content: The page at 'https://ixwxj.xn--6krv12dbjjksed87a.com/' was loaded over HTTPS, but requested an insecure element 'http://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/exchange.svg?v=3673565814698662704'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Message:
Mixed Content: The page at 'https://ixwxj.xn--6krv12dbjjksed87a.com/' was loaded over HTTPS, but requested an insecure element 'http://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/shipping.svg?v=14888150731861093681'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Message:
Mixed Content: The page at 'https://ixwxj.xn--6krv12dbjjksed87a.com/' was loaded over HTTPS, but requested an insecure element 'http://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/laundry.svg?v=16308465505918176161'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/logo_desktop.svg?v=2388749780173361819
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/exchange.svg?v=3673565814698662704
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/shipping.svg?v=14888150731861093681
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ixwxj.xn--6krv12dbjjksed87a.com/s/files/1/0084/0407/4543/t/34/assets/laundry.svg?v=16308465505918176161
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://idsync.rlcdn.com/458359.gif?partner_uid=7a25d419-2e29-4090-9eba-44b2fd0bdb57
Message:
Failed to load resource: the server responded with a status of 451 ()
other warning URL: https://ixwxj.xn--6krv12dbjjksed87a.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://ixwxj.xn--6krv12dbjjksed87a.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://wsv3cdn.audioeye.com/bootstrap.js?d=ixwxj.xn--6krv12dbjjksed87a.com&cb=4d87458
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ask.guscal.com
cdn.shopify.com
connect.facebook.net
consent.linksynergy.com
hm.baidu.com
idsync.rlcdn.com
ixwxj.xn--6krv12dbjjksed87a.com
securepubads.g.doubleclick.net
static.hotjar.com
tag.rmp.rakuten.com
tj.comkonyukhiv.com
tj.xiangguayingshi.com
ut.rd.linksynergy.com
v7.downoks.com
ws.audioeye.com
wsv3cdn.audioeye.com
www.facebook.com
www.googletagmanager.com
www.googletagservices.com
www.pgjsqc.com
ask.guscal.com
ixwxj.xn--6krv12dbjjksed87a.com
www.pgjsqc.com
14.215.182.140
142.250.185.130
154.31.169.203
18.66.192.125
206.119.106.88
2606:4700:4400::6812:277d
2620:127:f00f:ff01::
2a00:1450:4001:806::2002
2a00:1450:4001:82f::2008
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.102.147.248
34.98.67.3
35.244.174.68
47.238.34.86
47.76.194.61
14cda03411eee52a4ad207143972bfb738f51a23df6d64415dbd298cb82a5889
1dda1a762eec791c818749858f4778bd16b689ff8d74aa50dae7319cf0de0f9a
238471b5f6cdbff6ab8cf75252ac0149dd6c21b70e287580845d95d4cfb4b8ea
400e63f425453188ce5076e76756d1a238d11414f292e493debc2f9378a59b3b
41da1952c82f8ff4e36b868cc8c9192b1c819cb322bd65eb9c5a21a15a70af32
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
8b82ba471247bdf26cd35208d47a457bf4d7852f05de9bf13209d4e3096a2d85
a09a6086fb07c848ca7d6aaab537373b14cadf6371cbb5a67a840cc79b55b995
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
afb5e77b4b5404880193a00816702dbd2c7f2b2019997a0b389162edeb9a49be
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf62ababbcf71a29927ff50e659746916a76ea6336004f20821e677d3977d53d
dc20cc83aa4a7b4bfa9bae8f4d31f72e3bbafa163d96d9414e0c7daed78dda37
deb63db8abe6dbb064ef8381c8cad3a6a86f6c35808c0ee0f7fde6f75c811ae5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f841b9d532f75289d09a6ba101b673b42a28bcb1538946846ff42c4b17f584
f0d017d0529d504533646d510d45adbe5deffa6a3e92f8a9c142d31c779f4a89
f28869146a200269e93e326e8f0cac94822348dceac7728ecf130e6deacb45dc