urlscan.io logo urlscan.io
SecurityTrails logo

elm.head2.fun Open in urlscan Pro
2606:4700:3031::6815:224f  Public Scan

Go To Rescan Add Verdict Report
URL: https://elm.head2.fun/
Submission: On March 14 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 46 HTTP transactions. The main IP is 2606:4700:3031::6815:224f, located in United States and belongs to CLOUDFLARENET, US. The main domain is elm.head2.fun.
TLS certificate: Issued by E1 on January 31st 2024. Valid for: 3 months.
This is the only time elm.head2.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2606:4700:303... 13335 (CLOUDFLAR...)
12 2404:2280:1b2... 24429 (TAOBAO Zh...)
12 101.91.140.56 4812 (CHINANET-...)
1 47.246.137.66 45102 (ALIBABA-C...)
1 124.239.14.253 4134 (CHINANET-...)
1 59.82.132.149 37963 (ALIBABA-C...)
2 2401:b180:700... 37963 (ALIBABA-C...)
2 122.192.65.242 4837 (CHINA169-...)
1 203.119.175.231 37963 (ALIBABA-C...)
3 47.99.58.69 37963 (ALIBABA-C...)
46 11
11    2606:4700:3031::6815:224f (United States)

ASN13335 (CLOUDFLARENET, US)
elm.head2.fun
12    2404:2280:1b2:0:3::a (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
x.alicdn.com
g.alicdn.com
12    101.91.140.56 (Shanghai, China)

ASN4812 (CHINANET-SH-AP China Telecom Group, CN)
tianqi.2345.com
1    47.246.137.66 (Singapore, Singapore)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
c3n6xv.tdum.alibaba.com
1    124.239.14.253 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
ynuf.aliapp.org
1    59.82.132.149 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
cf.aliyun.com
2    2401:b180:7003::2e (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
gm.mmstat.com
2    122.192.65.242 (Nanjing, China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
web.50bangzh.com
1    203.119.175.231 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
acjs.aliyun.com
3    47.99.58.69 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
arms-retcode.aliyuncs.com
Apex Domain
Subdomains		 Transfer
12 2345.com
tianqi.2345.com — Cisco Umbrella Rank: 394004
172 KB
12 alicdn.com
x.alicdn.com — Cisco Umbrella Rank: 176838
g.alicdn.com — Cisco Umbrella Rank: 9171
773 KB
11 head2.fun
elm.head2.fun
277 KB
3 aliyuncs.com
arms-retcode.aliyuncs.com — Cisco Umbrella Rank: 37682
2 50bangzh.com
web.50bangzh.com — Cisco Umbrella Rank: 399415
1 KB
2 mmstat.com
gm.mmstat.com — Cisco Umbrella Rank: 19065
435 B
2 aliyun.com
cf.aliyun.com — Cisco Umbrella Rank: 68447
acjs.aliyun.com — Cisco Umbrella Rank: 73705
419 B
1 aliapp.org
ynuf.aliapp.org — Cisco Umbrella Rank: 9983
921 B
1 alibaba.com
c3n6xv.tdum.alibaba.com
257 B
46 9
Domain Requested by
12 tianqi.2345.com elm.head2.fun
tianqi.2345.com
11 elm.head2.fun elm.head2.fun
g.alicdn.com
10 g.alicdn.com elm.head2.fun
g.alicdn.com
3 arms-retcode.aliyuncs.com g.alicdn.com
2 web.50bangzh.com tianqi.2345.com
2 gm.mmstat.com elm.head2.fun
2 x.alicdn.com elm.head2.fun
1 acjs.aliyun.com elm.head2.fun
1 cf.aliyun.com g.alicdn.com
1 ynuf.aliapp.org g.alicdn.com
1 c3n6xv.tdum.alibaba.com g.alicdn.com
46 11

This site contains no links.

Subject Issuer Validity Valid
head2.fun
E1		 2024-01-31 -
2024-04-30		 3 months crt.sh
*.tbcdn.cn
GlobalSign Organization Validation CA - SHA256 - G3		 2023-12-26 -
2024-07-30		 7 months crt.sh
2345.com
TrustAsia RSA OV TLS CA G3		 2023-10-31 -
2024-11-21		 a year crt.sh
*.alibaba.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-03-13 -
2025-04-14		 a year crt.sh
*.alibabachengdun.com
GlobalSign Organization Validation CA - SHA256 - G3		 2023-12-15 -
2024-09-28		 9 months crt.sh
cf.aliyun.com
GlobalSign RSA OV SSL CA 2018		 2023-10-12 -
2024-05-18		 7 months crt.sh
*.mmstat.com
GlobalSign Organization Validation CA - SHA256 - G3		 2023-08-01 -
2024-09-01		 a year crt.sh
*.50bangzh.com
TrustAsia RSA DV TLS CA G3		 2023-06-25 -
2024-07-14		 a year crt.sh
*.aliyun.com
GlobalSign Organization Validation CA - SHA256 - G3		 2023-11-29 -
2024-12-30		 a year crt.sh
*.arms.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-01-11 -
2025-02-11		 a year crt.sh

This page contains 2 frames:

Primary Page: https://elm.head2.fun/
Frame ID: CB8914585254D7D40EF1A82AC894D797
Requests: 33 HTTP requests in this frame

Frame: https://tianqi.2345.com/plugin/widget/index.htm?s=1&z=1&t=0&v=0&d=2&bd=0&k=&f=&ltf=009944&htf=cc0000&q=1&e=1&a=1&c=54511&w=290&h=96&align=center
Frame ID: A7F4663B0AD6BAE985311F3454A033B1
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

の我了麽

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

100 %
HTTPS

30 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

1225 kB
Transfer

3831 kB
Size

19
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
elm.head2.fun/ 		27 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elm.head2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:224f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b71437529030c1084a68ed4774c88cb2b9725d7a2c3f9c2f8af9fa090838094b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
X-Requested-With,content-type, Authorization
access-control-allow-methods
GET, POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86457ad09dcd8dba-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 14 Mar 2024 16:00:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o82oA3o9fjZMxDAuu3zcZ2dUfVEtW%2BGQhyIjgLICJNkJhk3nNt%2FkV%2B1sswwRJ9zqyFFO8rnxJeEp3mN19IFFKmdan9bretghE%2BGhIhuUOR78NGpO4JJQYYlDXuVZTeQ7KqJrDWjRKn%2BxMqOu"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
index.css
x.alicdn.com/vip/havana-nlogin/0.7.11/ 		53 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://x.alicdn.com/vip/havana-nlogin/0.7.11/index.css
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1b2:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d04e5747d813a9e1fe2f45aedeb7ee01805383cf1fccfb27badb04aaa8c9d53d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 12:04:07 GMT
content-encoding
gzip
via
cache21.l2us1[2696,2695,200-0,M], cache36.l2us1[2697,0], cache36.l2us1[2698,0], ens-cache1.us19[0,0,200-0,H], ens-cache2.us19[1,0]
x-oss-request-id
65F2E7B7F78CE43439220257
content-md5
Dxng6Ac9GOcx34V7yaXmEg==
age
14213
x-swift-cachetime
86400
x-cache
HIT TCP_HIT dirn:12:678907638
x-oss-cdn-auth
fail
x-swift-savetime
Thu, 14 Mar 2024 12:04:07 GMT
content-length
25931
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1710417847
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000,s-maxage=86400
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
x-oss-hash-crc64ecma
13058571094326212082
eagleid
082d349617104320602367013e
x-oss-server-time
24
ns_f_95_3_f.js
g.alicdn.com/secdev/nsv/1.0.87/ 		133 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.alicdn.com/secdev/nsv/1.0.87/ns_f_95_3_f.js
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1b2:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
6321a57503c58373f7e409c1526b06b1612571431260cbb6b48818e30d412a4c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:51:41 GMT
content-encoding
gzip
via
cache30.l2us1[0,0,200-0,H], cache36.l2us1[1,0], cache36.l2us1[1,0], ens-cache18.us19[0,0,200-0,H], ens-cache9.us19[1,0]
x-oss-request-id
65F30EFDF596842DFE5EA77D
content-md5
xnfVwddJYCtG7wC7U27nxQ==
age
4159
x-swift-cachetime
84904
x-cache
HIT TCP_MEM_HIT dirn:12:560310395
x-swift-savetime
Thu, 14 Mar 2024 15:16:37 GMT
content-length
48743
x-bucket-code
4
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1710427901
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,s-maxage=86400
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
10597345340756177699
eagleid
082d349d17104320602108295e
x-oss-server-time
46
htmltocanvas.min.js
g.alicdn.com/bsop-static/sufei-punish/0.1.49/build/ 		197 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.alicdn.com/bsop-static/sufei-punish/0.1.49/build/htmltocanvas.min.js
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1b2:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
19e73cd884974e0a76aa436798e06ed4efbcc1185159e413b7fbad34e57cad8b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:00:19 GMT
content-encoding
gzip
via
cache16.l2us1[140,140,200-0,M], cache1.l2us1[141,0], cache1.l2us1[142,0], ens-cache3.us19[0,0,200-0,H], ens-cache9.us19[2,0]
x-oss-request-id
65F302F3FF9A92240305B653
content-md5
qyhmpcYGnaycbfDTn6nTMA==
age
7241
x-swift-cachetime
86400
x-cache
HIT TCP_MEM_HIT dirn:12:124971622
x-swift-savetime
Thu, 14 Mar 2024 14:00:19 GMT
content-length
46519
x-bucket-code
4
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1710424819
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,s-maxage=86400
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
8797021185562924015
eagleid
082d349d17104320602098289e
x-oss-server-time
65
et_f.js
g.alicdn.com/AWSC/et/1.70.8/ 		207 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.alicdn.com/AWSC/et/1.70.8/et_f.js
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1b2:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
80cc031dcc272fe700570ad4c79131cd15789978233437e9585d78242259f575

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 07:24:07 GMT
content-encoding
gzip
via
cache11.l2us1[141,141,200-0,M], cache29.l2us1[143,0], cache29.l2us1[143,0], ens-cache9.us19[0,0,200-0,H], ens-cache9.us19[1,0]
x-oss-request-id
65F2A6172B634784A7E770F8
content-md5
v5SLIogbFmOxHXr9JMJUWw==
age
31013
x-swift-cachetime
86400
x-cache
HIT TCP_MEM_HIT dirn:9:793198593
x-swift-savetime
Thu, 14 Mar 2024 07:24:07 GMT
content-length
73193
x-bucket-code
4
x-oss-object-type
Normal
server
Tengine
ali-swift-global-savetime
1710401047
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,s-maxage=86400
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
7014528079290689285
eagleid
082d349d17104320602118298e
x-oss-server-time
69
bootstrap.min.css
elm.head2.fun/stylesheets/ 		158 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://elm.head2.fun/stylesheets/bootstrap.min.css
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:224f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a4317c03b8d4d20c4c54e163b6d3c16e0107b02d4ee9acd7406d9f7c725cc8f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:01:03 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 06 Dec 2023 14:03:26 GMT
server
cloudflare
etag
W/"278e7-18c3f70cbb0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nDQOu9y%2F2QMyTyhLn9auB%2BODVg%2FjdHFwkPPVk2urTUhYBGZzkiWAj2HLJv2%2BoMBV93Q2IMGM6Nv64vNa98g9DYwPaukJnY5yDCCrNjN2f0kICzTaOCDYMszUbCCh5vlbUMe2oKTwNILGnSnA"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
86457ad688628dba-MIA
access-control-allow-headers
X-Requested-With,content-type, Authorization
jquery.slim.min.js
elm.head2.fun/javascripts/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elm.head2.fun/javascripts/jquery.slim.min.js
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:224f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f048d0806cf057e5f2d7e965a3474670625d26475fcfb9b5b35833114d974d39

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:01:03 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 06 Dec 2023 14:03:26 GMT
server
cloudflare
etag
W/"11abc-18c3f70cbb0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HVunrvREpaGbrJ6MqYIKDmiTNd8Cy9MhpRbAx%2FzaHpegaYClIjYOn8JljOwfsS8zI8p%2FkhC37rKEcP329usJFx9l%2Bv%2B10%2B%2B8bPj9AdmXvpwXmkJC636hDOi%2FqVLX48wMb1vnpc%2BcTyGZLF%2Ff"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
86457ad688678dba-MIA
access-control-allow-headers
X-Requested-With,content-type, Authorization
bootstrap.bundle.min.js
elm.head2.fun/javascripts/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elm.head2.fun/javascripts/bootstrap.bundle.min.js
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:224f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d876b078facc7382a4c6e25565819108619ca8f61a5174e4f0b7723cb3b7d345

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:01:02 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 06 Dec 2023 14:03:26 GMT
server
cloudflare
etag
W/"1453b-18c3f70cbb0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C8kzIpoiuPMO6qL2yV6Zk3oHS7uVG9AszG3%2F6k6S7969vVioQE3lbGShV3MvpA7lgqlJompwYE5or4PU8IKsJOeDjHjP%2Fw78po5ObfqGVttYVGOSoQLXCTtpbO4QIw2nFBjDv0YsEqaCTHnL"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
86457ad688698dba-MIA
access-control-allow-headers
X-Requested-With,content-type, Authorization
mdui.min.css
elm.head2.fun/javascripts/ 		318 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://elm.head2.fun/javascripts/mdui.min.css
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:224f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8babdd3274b68c8587dc44d908c0e8020ee3b4dc75f5e9a8c7a94e0e1de9da0e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:01:03 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 06 Dec 2023 14:03:26 GMT
server
cloudflare
etag
W/"4f6de-18c3f70cbb0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5yIOArhOmzKSsiE490gR442%2BRKjpn1IJ4V%2FJPRmrARGbWoYCdcJyjFpkqhgWD7SivuQu13Ju9okD%2B0%2F%2BBOy3Lh99qqoml7L4%2B7BJkE9h3r4D52NG2EnPa80%2BXJcDqVYfeHSeAFnNXnph5Xeu"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
86457ad688668dba-MIA
access-control-allow-headers
X-Requested-With,content-type, Authorization
mdui.min.js
elm.head2.fun/javascripts/ 		72 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elm.head2.fun/javascripts/mdui.min.js
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:224f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4d8a99b06592a496d2447946c9f623f4288ad42a0d4c28fa639d4de5a9582203

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:01:02 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 06 Dec 2023 14:03:26 GMT
server
cloudflare
etag
W/"1212a-18c3f70cbb0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y9WuKeO%2FuS1K%2BhM0SEH7seuFN26VpAZ6hQVIvmPN6S8f3PzhYSva3PGOElZSzWkXxWugjG%2BYO4q8GI%2BrDl6sRfeU4v5%2Bkpntdf%2B0iyOd05%2FdmJnK8IzQ6Y3HeBKN9M74%2Fi4dhfDNp6oYFP85"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
86457ad6886a8dba-MIA
access-control-allow-headers
X-Requested-With,content-type, Authorization
aa.png
elm.head2.fun/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elm.head2.fun/images/aa.png
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:224f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9a6d38c50e1004e5fd1b73e6763bbc4352d5cb806ba120f0b3df4f380939fc22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:01:04 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
content-length
8874
last-modified
Wed, 06 Dec 2023 14:03:26 GMT
server
cloudflare
etag
W/"22aa-18c3f70cbb0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bO64U9Owag3uvgBC7urRUd7y0HyPM8IkEsGOvT1WuDjZTqApLxpDJ0VoZtg5nVTKSTy4Tb54mb0SGrYRmqNGjNIHtqOgO%2FE2QqA5qAW4mz2km2FbE7JQRYdvkF%2BtLWoPd7W%2Fj1jfHz4mM6Tf"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
86457af03c5c67c2-MIA
access-control-allow-headers
X-Requested-With,content-type, Authorization
ejs.min.js
elm.head2.fun/javascripts/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elm.head2.fun/javascripts/ejs.min.js
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:224f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f7e96823ff1eb50330ccc85f8cc9694efb19990a7fe31aa72f9acdf5e5abd628

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:01:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 06 Dec 2023 14:03:26 GMT
server
cloudflare
etag
W/"5d63-18c3f70cbb0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oe%2FLPoXwbBWRHK95SIxA%2FJH%2BA%2B5zme%2FVMDBkl1pfOlaT%2FGQts6buN5pYefIVfTeRxzmkypi%2FJ5Q1j5RfGWcQmhb2bB6H0CQxTiruZxATsL%2FBEG7cYiPCgzXqEl6uoMTuUYdBdz%2BGxWsCVQiv"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
86457ad6988d8dba-MIA
access-control-allow-headers
X-Requested-With,content-type, Authorization
index.js
elm.head2.fun/javascripts/ 		378 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elm.head2.fun/javascripts/index.js
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:224f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1552a9dc1361dd6cfe868377444b7d7b00232ae7cad3ce89fe57640c3cbd7ce4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:01:07 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 06 Dec 2023 14:03:26 GMT
server
cloudflare
etag
W/"5e7ad-18c3f70cbb0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JgM9oNe%2Fmf%2FY6aK58vmrPEWbT4IZBLWkKiC%2FStMFEC%2Bp2MMzMSRnGQXWKGSx%2F6qM2qqQjJpnG4B6HxYlltf1ZypADIU3Q3sfI8XXya6KrDFHWNvtB%2Bh%2Bxbq6YV%2FOyKQ%2FCfiC5B4PP%2B9nE01%2B"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
86457ad6d8e58dba-MIA
access-control-allow-headers
X-Requested-With,content-type, Authorization
/
g.alicdn.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.alicdn.com/??mtb/lib-promise/3.1.3/polyfillB.js,mtb/lib-windvane/3.0.7/windvane.js
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1b2:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
df154cc50836073dd4b1f2572ea3fb1ab0f9e180e58d2cf085061bbd0be33b0b

Request headers

Referer
https://elm.head2.fun/
Origin
https://elm.head2.fun
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 15:07:53 GMT
content-encoding
gzip
via
cache26.l2us1[169,169,200-0,M], cache25.l2us1[170,0], cache25.l2us1[170,0], ens-cache2.us19[0,0,200-0,H], ens-cache3.us19[1,0]
x-oss-request-id
65F312C9F596842DFE7FFE59
content-md5
JifVEYiUXrmAm4B/x/wkKg==
age
3188
x-swift-cachetime
3600
x-cache
HIT TCP_MEM_HIT dirn:12:386274379
x-swift-savetime
Thu, 14 Mar 2024 15:07:53 GMT
content-length
3942
x-bucket-code
4
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1710428873
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,s-maxage=3600
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
6996595059999626840
eagleid
082d349717104320618344906e
x-oss-server-time
1
index.js
elm.head2.fun/vip/havana-nlogin/0.9.26/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://elm.head2.fun/vip/havana-nlogin/0.9.26/index.js
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:224f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://elm.head2.fun/
Origin
https://elm.head2.fun
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:01:02 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=be2bauRrtjwKlbtEnRdTqZVWOeCmBUzkIYQcfYAPBOGAkEhgYaDV7apJPT8v3vwll6gE%2F9xLpfaVFzirf6yHXCAeWmER1lyWK8YdyTIAQYlFsVG%2FaEB7bSsSYu0FFgyxfU1e6QREQKSEhOi5"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
86457ae2aee867c2-MIA
access-control-allow-headers
X-Requested-With,content-type, Authorization
alt-svc
h3=":443"; ma=86400
/
x.alicdn.com/vip/havana-nlogin/0.9.26/assets/ 		614 KB
224 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.alicdn.com/vip/havana-nlogin/0.9.26/assets/??cm-numberAuth-web-sdk.js,customization-numberAuth-web-sdk.js,import-numberAuth-web-sdk.js
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1b2:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
bb7538a50f851a09fe94bb26bf9d95d06d5fae3935c39b1c76e9b6806f6572a5

Request headers

Referer
https://elm.head2.fun/
Origin
https://elm.head2.fun
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 12:02:18 GMT
content-encoding
gzip
via
cache11.l2us1[947,956,200-0,M], cache36.l2us1[957,0], cache36.l2us1[958,0], ens-cache2.us19[0,53,200-0,H], ens-cache3.us19[54,0]
x-oss-request-id
65F2E74A7C78E535385D6C36
content-md5
vO9seBrY7AIp4TuOu53/Pw==
age
14324
x-swift-cachetime
86400
x-cache
HIT TCP_HIT dirn:12:330909549
x-swift-savetime
Thu, 14 Mar 2024 12:02:18 GMT
content-length
228378
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1710417738
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,s-maxage=86400
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
x-oss-hash-crc64ecma
3410156508581701901
eagleid
082d349717104320627306906e
x-oss-server-time
44
bl.js
elm.head2.fun/javascripts/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elm.head2.fun/javascripts/bl.js
Requested by
Host: g.alicdn.com
URL: https://g.alicdn.com/secdev/nsv/1.0.87/ns_f_95_3_f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:224f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
caa17208ba4e8fc27121fb29036b6f39ae9d31778a453df5ed9f32cba2bf3197

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:01:04 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 06 Dec 2023 14:03:26 GMT
server
cloudflare
etag
W/"a364-18c3f70cbb0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7n68Mq9cKIDlKA5UwntFx0lPCj7XGHhBSgcE3bibCmiLA2vBA7P0PcnQnJd3Cr2%2Bf4N84DSkeIiFOFGYNPL0tcYb%2B496D%2FCdfoTF2rqklV5ZgXg0VFkfyxZPn0VbmsfCt3n%2BGyofFYjAtn0W"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
86457af04c7b67c2-MIA
access-control-allow-headers
X-Requested-With,content-type, Authorization
/
g.alicdn.com/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.alicdn.com/??/AWSC/AWSC/awsc.js,/sd/baxia/2.0.32/baxiaCommon.js
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/javascripts/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1b2:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
1030b03d2559cfd3bbb156e77f43ad393e6a139ba704379d217c8b3105ea7a31

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 15:59:43 GMT
content-encoding
gzip
via
cache9.l2us1[165,164,200-0,M], cache11.l2us1[166,0], cache11.l2us1[166,0], ens-cache13.us19[0,0,200-0,H], ens-cache9.us19[0,0]
x-oss-request-id
65F31EEFC60405F541EF7A4E
content-md5
Rupfl/z/S9GSOkfYBoLxOg==
age
83
x-swift-cachetime
3600
x-cache
HIT TCP_MEM_HIT dirn:12:537817886
x-swift-savetime
Thu, 14 Mar 2024 15:59:44 GMT
content-length
15126
x-bucket-code
4
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1710431984
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200,s-maxage=3600
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
11315460301797627201
eagleid
082d349d17104320674488731e
x-oss-server-time
1
index.htm
tianqi.2345.com/plugin/widget/ Frame A7F4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tianqi.2345.com/plugin/widget/index.htm?s=1&z=1&t=0&v=0&d=2&bd=0&k=&f=&ltf=009944&htf=cc0000&q=1&e=1&a=1&c=54511&w=290&h=96&align=center
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.140.56 Shanghai, China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
/
Resource Hash
1e447981c5b0d1a3b39968d3c8dff27c27699f9c76fadaad2483b7042c19af8a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://elm.head2.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Age
39
Cache-Control
max-age=300
Connection
keep-alive
Content-Encoding
gzip
Content-Length
804
Content-Type
text/html
Date
Thu, 14 Mar 2024 16:01:08 GMT
ETag
W/"65f205c2-792"
Expires
Thu, 14 Mar 2024 16:05:29 GMT
Last-Modified
Wed, 13 Mar 2024 20:00:02 GMT
P3P
CP=CAO PSA OUR
Strict-Transport-Security
max-age=15768000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
x-hits
2
fireyejs.js
g.alicdn.com/AWSC/fireyejs/1.227.0/ 		254 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.alicdn.com/AWSC/fireyejs/1.227.0/fireyejs.js
Requested by
Host: g.alicdn.com
URL: https://g.alicdn.com/??/AWSC/AWSC/awsc.js,/sd/baxia/2.0.32/baxiaCommon.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1b2:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d742a4679b713c18461fbcf1ec88b23b667b54f9d6b567c78ee008bd439938ec

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 08:33:59 GMT
content-encoding
gzip
via
cache14.l2us1[0,0,200-0,H], cache15.l2us1[1,0], cache15.l2us1[1,0], ens-cache7.us19[0,0,200-0,H], ens-cache9.us19[1,0]
x-oss-request-id
65F2B677C60405F5412DB445
content-md5
nLbiPbLI05mzG50doCQxLQ==
age
26828
x-swift-cachetime
86400
x-cache
HIT TCP_MEM_HIT dirn:9:1440897624
x-swift-savetime
Thu, 14 Mar 2024 08:33:59 GMT
content-length
110384
x-bucket-code
4
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1710405239
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,s-maxage=86400
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
8789762147753337502
eagleid
082d349d17104320675608999e
x-oss-server-time
19
nc.js
g.alicdn.com/sd/ncpc/ 		216 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.alicdn.com/sd/ncpc/nc.js?t=2015052012
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/javascripts/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1b2:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
994aae2408fa3aaca7faec5f32d6b0245012786ee65eec40df3ab54b48992b0a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 15:29:11 GMT
content-encoding
gzip
via
cache24.l2us1[0,0,200-0,H], cache10.l2us1[1,0], cache10.l2us1[1,0], ens-cache4.us19[0,0,200-0,H], ens-cache9.us19[1,0]
x-oss-request-id
65F317C7C60405F541B0CBB4
content-md5
EZmEYdPXfd6efvcqZeCEKQ==
age
1916
x-swift-cachetime
3599
x-cache
HIT TCP_MEM_HIT dirn:10:73955588
x-swift-savetime
Thu, 14 Mar 2024 15:29:12 GMT
content-length
57378
x-bucket-code
4
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1710430151
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,s-maxage=3600
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
1561788439659902122
eagleid
082d349d17104320675601001e
x-oss-server-time
65
dss.js
c3n6xv.tdum.alibaba.com/ 		52 B
257 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c3n6xv.tdum.alibaba.com/dss.js
Requested by
Host: g.alicdn.com
URL: https://g.alicdn.com/AWSC/fireyejs/1.227.0/fireyejs.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
47.246.137.66 Singapore, Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash
a2b1ccff671e5a534e703497728edbf16bd31db4ad043f742f8ca0b104e0769e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:01:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
server
Tengine
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
eagleeye-traceid
2103231117104320681055235e4b53
wu.json
ynuf.aliapp.org/w/ 		156 B
921 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ynuf.aliapp.org/w/wu.json
Requested by
Host: g.alicdn.com
URL: https://g.alicdn.com/AWSC/fireyejs/1.227.0/fireyejs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.239.14.253 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
f37552f4530d99f15445efdb86a3c2a03340abe9a7c60225d0ff18f9abb56ba2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 16:01:08 GMT
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Server
Tengine
ETag
G79ACBD9BE18F4F92C764FE6968CFBF14BA225E767566D5E498
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/javascript;charset=utf-8
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
Accept,X-PINGARUNER,CONTENT-TYPE,X-Requested-With
Content-Length
156
X-XSS-Protection
1; mode=block
X-Application-Context
umid-web:cn-prod:7001
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/gif
initialize.jsonp
cf.aliyun.com/nocaptcha/ 		94 B
276 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.aliyun.com/nocaptcha/initialize.jsonp?a=CF_APP_TBLogin_PC&t=dc601705f204f36fd658e72ca9c32e6ea07bf11c&scene=&lang=zh_CN&v=v1.2.21&href=https%3A%2F%2Felm.head2.fun%2F&comm={}&callback=initializeJsonp_08011942782915007
Requested by
Host: g.alicdn.com
URL: https://g.alicdn.com/secdev/nsv/1.0.87/ns_f_95_3_f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
59.82.132.149 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash
4afd4df1a72261a338ea3e51a798068d325536757a9cdac93a658a1712da95fb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
text/javascript;charset=UTF-8
Date
Thu, 14 Mar 2024 16:01:08 GMT
Server
Tengine
Connection
close
Content-Length
94
Content-Language
zh-CN
collina.js
g.alicdn.com/AWSC/uab/1.140.0/ 		243 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.alicdn.com/AWSC/uab/1.140.0/collina.js
Requested by
Host: g.alicdn.com
URL: https://g.alicdn.com/??/AWSC/AWSC/awsc.js,/sd/baxia/2.0.32/baxiaCommon.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1b2:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
04975704505b42dc124568d9d4be26aee2d4592826a0487920cb1d016d1a8e58

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 19:44:25 GMT
content-encoding
gzip
via
cache9.l2us1[151,151,200-0,M], cache34.l2us1[152,0], cache34.l2us1[153,0], ens-cache16.us19[0,0,200-0,H], ens-cache9.us19[1,0]
x-oss-request-id
65F20219BD4F6A80EE6BF69D
content-md5
dftrlNyzqciau1mj/9dUbw==
age
73002
x-swift-cachetime
86400
x-cache
HIT TCP_MEM_HIT dirn:5:454116431
x-swift-savetime
Wed, 13 Mar 2024 19:44:25 GMT
content-length
105494
x-bucket-code
4
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1710359065
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,s-maxage=86400
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
17940526130122019226
eagleid
082d349d17104320677891503e
x-oss-server-time
55
um.js
g.alicdn.com/AWSC/WebUMID/1.93.0/ 		173 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.alicdn.com/AWSC/WebUMID/1.93.0/um.js
Requested by
Host: g.alicdn.com
URL: https://g.alicdn.com/??/AWSC/AWSC/awsc.js,/sd/baxia/2.0.32/baxiaCommon.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1b2:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
4c4701ca975df0019b9ce5ffd2a8d33f413bad55663a9f64ba9369da7a444db0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 10:56:05 GMT
content-encoding
gzip
via
cache36.l2us1[245,257,200-0,M], cache6.l2us1[258,0], cache6.l2us1[259,0], ens-cache2.us19[0,0,200-0,H], ens-cache9.us19[0,0]
x-oss-request-id
65F2D7C54650AD3739FE2B84
content-md5
pM/3ginlb95fKNGZlnmh0Q==
age
18302
x-swift-cachetime
86400
x-cache
HIT TCP_MEM_HIT dirn:7:1923838035
x-swift-savetime
Thu, 14 Mar 2024 10:56:05 GMT
content-length
67905
x-bucket-code
3
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1710413765
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,s-maxage=86400
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
2332966527039349753
eagleid
082d349d17104320677921510e
x-oss-server-time
36
sufei-seed.js
g.alicdn.com/sd/sufei/0.3.112/app/common/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.alicdn.com/sd/sufei/0.3.112/app/common/sufei-seed.js
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/javascripts/index.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1b2:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2d8d7d750b0bbfd68e970b334e9a8af8db6e996fbe0d859e73db7dcf2d837627

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 15:39:07 GMT
content-encoding
gzip
via
cache9.l2us1[92,92,200-0,M], cache21.l2us1[93,0], cache21.l2us1[94,0], ens-cache11.us19[0,0,200-0,H], ens-cache9.us19[0,0]
x-oss-request-id
65F31A1A2B634784A7C96F14
content-md5
9yLuOfnbZoFja4Jn3DH29w==
age
1320
x-swift-cachetime
3600
x-cache
HIT TCP_MEM_HIT dirn:12:474194720
x-swift-savetime
Thu, 14 Mar 2024 15:39:07 GMT
content-length
2828
x-bucket-code
4
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1710430747
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,s-maxage=3600
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
956172597390126575
eagleid
082d349d17104320677941516e
x-oss-server-time
17
fsp.1.1
gm.mmstat.com/ 		43 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gm.mmstat.com/fsp.1.1?code=13&msg=init%20monitor%3B&pid=sufeiPunish&page=https%3A%2F%2Felm.head2.fun%2F&query=&hash=&referrer=&title=%E3%81%AE%E6%88%91%E4%BA%86%E9%BA%BD&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.128%20Safari%2F537.36&c1=dc601705f204f36fd658e72ca9c32e6ea07bf11c&c2=CF_APP_TBLogin_PC
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:b180:7003::2e , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 16:01:08 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
fsp.1.1
gm.mmstat.com/ 		43 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gm.mmstat.com/fsp.1.1?code=13&msg=%3Dnc_1_nocaptcha%3Dnc_1_wrapperclass%3Dnc_wrapper%3Dnc_1__n1t_loangclass%3Dnc_scale%3Dnc_1__bgclass%3Dnc_bgstyle%3Dwth%3A0%3B%3Dnc_1__scale_text_loangclass%3Dscale_textspanclass%3Dnc-lang-cntata-nc-lang%3D_Loangb%E5%8A%A0%E8%BD%BD%E4%B8%ADbspan%3Dnc-loang-crcleclass%3Dnc-loang-crcleclass%3Dsk-crcle1sk-crcleclass%3Dsk-crcle2sk-crcleclass%3Dsk-crcle3sk-crcleclass%3Dsk-crcle4sk-crcleclass%3Dsk-crcle5sk-crcleclass%3Dsk-crcle6sk-crcleclass%3Dsk-crcle7sk-crcleclass%3Dsk-crcle8sk-crcleclass%3Dsk-crcle9sk-crcleclass%3Dsk-crcle10sk-crcleclass%3Dsk-crcle11sk-crcleclass%3Dsk-crcle12sk-crcle%3B&pid=sufeiPunish&page=https%3A%2F%2Felm.head2.fun%2F&query=&hash=&referrer=&title=%E3%81%AE%E6%88%91%E4%BA%86%E9%BA%BD&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.128%20Safari%2F537.36&c1=dc601705f204f36fd658e72ca9c32e6ea07bf11c&c2=CF_APP_TBLogin_PC
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2401:b180:7003::2e , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 16:01:08 GMT
server
nginx
p3p
CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
wea_plugin_widget.css
tianqi.2345.com/tqpcimg/tianqiimg/theme4/css/old/ Frame A7F4 		61 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tianqi.2345.com/tqpcimg/tianqiimg/theme4/css/old/wea_plugin_widget.css
Requested by
Host: tianqi.2345.com
URL: https://tianqi.2345.com/plugin/widget/index.htm?s=1&z=1&t=0&v=0&d=2&bd=0&k=&f=&ltf=009944&htf=cc0000&q=1&e=1&a=1&c=54511&w=290&h=96&align=center
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.140.56 Shanghai, China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
/
Resource Hash
39c40db8cd58c98795e5beb174c4ebc4597dde0df74c99db65b3d6fb9487cc13

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tianqi.2345.com/plugin/widget/index.htm?s=1&z=1&t=0&v=0&d=2&bd=0&k=&f=&ltf=009944&htf=cc0000&q=1&e=1&a=1&c=54511&w=290&h=96&align=center
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 16:01:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Dec 2022 06:20:40 GMT
Age
24711
ETag
W/"63a15438-f58f"
Vary
Accept-Encoding
x-hits
223457
Content-Type
text/css
P3P
CP=CAO PSA OUR, CP=CAO PSA OUR
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6852
Expires
Fri, 15 Mar 2024 09:09:17 GMT
jquery-1.8.3.min.js
tianqi.2345.com/tqpcimg/tianqiimg/theme4/js/ Frame A7F4 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tianqi.2345.com/tqpcimg/tianqiimg/theme4/js/jquery-1.8.3.min.js
Requested by
Host: tianqi.2345.com
URL: https://tianqi.2345.com/plugin/widget/index.htm?s=1&z=1&t=0&v=0&d=2&bd=0&k=&f=&ltf=009944&htf=cc0000&q=1&e=1&a=1&c=54511&w=290&h=96&align=center
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.140.56 Shanghai, China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
/
Resource Hash
143353b7db9dac2f09a4508b6cd5749f758e40f5d0a0816fcd19b21fde1ba4ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tianqi.2345.com/plugin/widget/index.htm?s=1&z=1&t=0&v=0&d=2&bd=0&k=&f=&ltf=009944&htf=cc0000&q=1&e=1&a=1&c=54511&w=290&h=96&align=center
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 16:01:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Dec 2022 06:20:40 GMT
Age
2922
ETag
W/"63a15438-1b6f3"
Vary
Accept-Encoding
x-hits
18740
Content-Type
application/javascript
P3P
CP=CAO PSA OUR, CP=CAO PSA OUR
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36001
Expires
Thu, 14 Mar 2024 16:12:26 GMT
common2_v20160923084755.js
tianqi.2345.com/tqpcimg/tianqiimg/theme4/js/old/ Frame A7F4 		58 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tianqi.2345.com/tqpcimg/tianqiimg/theme4/js/old/common2_v20160923084755.js
Requested by
Host: tianqi.2345.com
URL: https://tianqi.2345.com/plugin/widget/index.htm?s=1&z=1&t=0&v=0&d=2&bd=0&k=&f=&ltf=009944&htf=cc0000&q=1&e=1&a=1&c=54511&w=290&h=96&align=center
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.140.56 Shanghai, China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
/
Resource Hash
3fc042eaab6ad01d1e898bbf03b27b383db4df93b0d9c273300298d46d1fe829

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tianqi.2345.com/plugin/widget/index.htm?s=1&z=1&t=0&v=0&d=2&bd=0&k=&f=&ltf=009944&htf=cc0000&q=1&e=1&a=1&c=54511&w=290&h=96&align=center
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 16:01:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Dec 2022 06:20:40 GMT
Age
2905
ETag
W/"63a15438-e79a"
Vary
Accept-Encoding
x-hits
17922
Content-Type
application/javascript
P3P
CP=CAO PSA OUR, CP=CAO PSA OUR
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13332
Expires
Thu, 14 Mar 2024 16:12:43 GMT
citySelectData.js
tianqi.2345.com/tqpcimg/tianqiimg/theme4/js/old/ Frame A7F4 		85 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tianqi.2345.com/tqpcimg/tianqiimg/theme4/js/old/citySelectData.js
Requested by
Host: tianqi.2345.com
URL: https://tianqi.2345.com/plugin/widget/index.htm?s=1&z=1&t=0&v=0&d=2&bd=0&k=&f=&ltf=009944&htf=cc0000&q=1&e=1&a=1&c=54511&w=290&h=96&align=center
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.140.56 Shanghai, China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
/
Resource Hash
3e4e8674c7863eb930624cd01d94ce7fab46c262ab88a35dd49021b9b3b051cc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tianqi.2345.com/plugin/widget/index.htm?s=1&z=1&t=0&v=0&d=2&bd=0&k=&f=&ltf=009944&htf=cc0000&q=1&e=1&a=1&c=54511&w=290&h=96&align=center
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 16:01:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Dec 2022 06:20:40 GMT
Age
3234
ETag
W/"63a15438-1552c"
Vary
Accept-Encoding
x-hits
20024
Content-Type
application/javascript
P3P
CP=CAO PSA OUR, CP=CAO PSA OUR
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34475
Expires
Thu, 14 Mar 2024 16:07:15 GMT
interCitySelectData.js
tianqi.2345.com/tqpcimg/tianqiimg/theme4/js/old/ Frame A7F4 		172 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tianqi.2345.com/tqpcimg/tianqiimg/theme4/js/old/interCitySelectData.js
Requested by
Host: tianqi.2345.com
URL: https://tianqi.2345.com/plugin/widget/index.htm?s=1&z=1&t=0&v=0&d=2&bd=0&k=&f=&ltf=009944&htf=cc0000&q=1&e=1&a=1&c=54511&w=290&h=96&align=center
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.140.56 Shanghai, China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
/
Resource Hash
ed683cb5c1c6f24c2165d7616418d292120aed77fdbc4983088bad4e0afe0485

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tianqi.2345.com/plugin/widget/index.htm?s=1&z=1&t=0&v=0&d=2&bd=0&k=&f=&ltf=009944&htf=cc0000&q=1&e=1&a=1&c=54511&w=290&h=96&align=center
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 16:01:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Dec 2022 06:20:40 GMT
Age
1662
ETag
W/"63a15438-2b101"
Vary
Accept-Encoding
x-hits
9458
Content-Type
application/javascript
P3P
CP=CAO PSA OUR, CP=CAO PSA OUR
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
69250
Expires
Thu, 14 Mar 2024 16:33:27 GMT
smallCityName.js
tianqi.2345.com/tqpcimg/tianqiimg/theme4/js/old/ Frame A7F4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tianqi.2345.com/tqpcimg/tianqiimg/theme4/js/old/smallCityName.js
Requested by
Host: tianqi.2345.com
URL: https://tianqi.2345.com/plugin/widget/index.htm?s=1&z=1&t=0&v=0&d=2&bd=0&k=&f=&ltf=009944&htf=cc0000&q=1&e=1&a=1&c=54511&w=290&h=96&align=center
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.140.56 Shanghai, China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
/
Resource Hash
d4fc28c6590a14cf643a0c2ae0f4b64067a8b7e4d50f8e970045ca88b6336464

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tianqi.2345.com/plugin/widget/index.htm?s=1&z=1&t=0&v=0&d=2&bd=0&k=&f=&ltf=009944&htf=cc0000&q=1&e=1&a=1&c=54511&w=290&h=96&align=center
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 16:01:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Dec 2022 06:20:40 GMT
Age
631
ETag
W/"63a15438-628"
Vary
Accept-Encoding
x-hits
3633
Content-Type
application/javascript
P3P
CP=CAO PSA OUR, CP=CAO PSA OUR
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
684
Expires
Thu, 14 Mar 2024 16:50:38 GMT
widget.js
tianqi.2345.com/tqpcimg/tianqiimg/theme4/js/old/ Frame A7F4 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tianqi.2345.com/tqpcimg/tianqiimg/theme4/js/old/widget.js
Requested by
Host: tianqi.2345.com
URL: https://tianqi.2345.com/plugin/widget/index.htm?s=1&z=1&t=0&v=0&d=2&bd=0&k=&f=&ltf=009944&htf=cc0000&q=1&e=1&a=1&c=54511&w=290&h=96&align=center
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.140.56 Shanghai, China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
/
Resource Hash
649d13e3dcc93c317c6fed4f369bdb6770a4674202163f971708e13f6e1dfbf2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tianqi.2345.com/plugin/widget/index.htm?s=1&z=1&t=0&v=0&d=2&bd=0&k=&f=&ltf=009944&htf=cc0000&q=1&e=1&a=1&c=54511&w=290&h=96&align=center
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 16:01:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Dec 2022 06:20:40 GMT
Age
618
ETag
W/"63a15438-28ca"
Vary
Accept-Encoding
x-hits
3501
Content-Type
application/javascript
P3P
CP=CAO PSA OUR, CP=CAO PSA OUR
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2950
Expires
Thu, 14 Mar 2024 16:50:51 GMT
tianqiplugin
web.50bangzh.com/js/ Frame A7F4 		373 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://web.50bangzh.com/js/tianqiplugin
Requested by
Host: tianqi.2345.com
URL: https://tianqi.2345.com/plugin/widget/index.htm?s=1&z=1&t=0&v=0&d=2&bd=0&k=&f=&ltf=009944&htf=cc0000&q=1&e=1&a=1&c=54511&w=290&h=96&align=center
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
122.192.65.242 Nanjing, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
9a999287478b37b3a684d710c52e1235142e12fdd75c2fad5eb1a92b9ef14646

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tianqi.2345.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:01:09 GMT
content-length
373
content-type
application/x-javascript
error
acjs.aliyun.com/ 		0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acjs.aliyun.com/error?v=um_107_85&e=Illegal%20invocation&stack=TypeError%3A%20Illegal%20invocation%0A%20%20%20%20at%20https%3A%2F%2Fg.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A12368%0A%20%20%20%20at%20https%3A%2F%2Fg.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A12935%0A%20%20%20%20at%20e%20(https%3A%2F%2Fg.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A27137)%0A%20%20%20%20at%20https%3A%2F%2Fg.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A26921%0A%20%20%20%20at%20https%3A%2F%2Fg.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A27127%0A%20%20%20%20at%20e%20(https%3A%2F%2Fg.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A27137)%0A%20%20%20%20at%20X%20(https%3A%2F%2Fg.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A77517)
Requested by
Host: elm.head2.fun
URL: https://elm.head2.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
203.119.175.231 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Tengine/Aserver /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:01:10 GMT
strict-transport-security
max-age=0
server
Tengine/Aserver
timing-allow-origin
*
content-length
0
eagleeye-traceid
2150431417104320703495160ef1d6
content-type
application/octet-stream
detect2013_plugin.php
tianqi.2345.com/t/ Frame A7F4 		889 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tianqi.2345.com/t/detect2013_plugin.php
Requested by
Host: tianqi.2345.com
URL: https://tianqi.2345.com/tqpcimg/tianqiimg/theme4/js/old/common2_v20160923084755.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.140.56 Shanghai, China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
/
Resource Hash
2c3e026f1bdf9224b15312a16a365e025434dde4b67504a2e828a97ba6a1b240

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tianqi.2345.com/plugin/widget/index.htm?s=1&z=1&t=0&v=0&d=2&bd=0&k=&f=&ltf=009944&htf=cc0000&q=1&e=1&a=1&c=54511&w=290&h=96&align=center
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 16:01:10 GMT
Age
0
x-hits
0
P3P
CP=CAO PSA OUR
Content-Type
text/html;charset=gbk
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
889
54511.js
tianqi.2345.com/t/shikuang/ Frame A7F4 		259 B
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tianqi.2345.com/t/shikuang/54511.js?1710432070819
Requested by
Host: tianqi.2345.com
URL: https://tianqi.2345.com/tqpcimg/tianqiimg/theme4/js/old/common2_v20160923084755.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.140.56 Shanghai, China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
/
Resource Hash
abbc8231ec66e6e0e28ec4bae48a3c42270d11aade66c758cb68ccd110468fe7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tianqi.2345.com/plugin/widget/index.htm?s=1&z=1&t=0&v=0&d=2&bd=0&k=&f=&ltf=009944&htf=cc0000&q=1&e=1&a=1&c=54511&w=290&h=96&align=center
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 16:01:10 GMT
Last-Modified
Thu, 14 Mar 2024 15:59:28 GMT
Age
0
ETag
"65f31ee0-103"
x-hits
0
Content-Type
application/javascript
P3P
CP=CAO PSA OUR
Cache-Control
max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
259
Expires
Thu, 14 Mar 2024 16:02:10 GMT
tianqiplugin
web.50bangzh.com/web/ Frame A7F4 		0
798 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.50bangzh.com/web/tianqiplugin?uId2=RVNNSORKTX&r=https%3A%2F%2Felm.head2.fun%2F&fBL=1600*1200
Requested by
Host: tianqi.2345.com
URL: https://tianqi.2345.com/plugin/widget/index.htm?s=1&z=1&t=0&v=0&d=2&bd=0&k=&f=&ltf=009944&htf=cc0000&q=1&e=1&a=1&c=54511&w=290&h=96&align=center
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
122.192.65.242 Nanjing, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tianqi.2345.com/plugin/widget/index.htm?s=1&z=1&t=0&v=0&d=2&bd=0&k=&f=&ltf=009944&htf=cc0000&q=1&e=1&a=1&c=54511&w=290&h=96&align=center
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Thu, 14 Mar 2024 16:01:10 GMT
cache-control
no-cache, must-revalidate
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
plugin-widget.png
tianqi.2345.com/tqpcimg/tianqiimg/theme4/images/old/ Frame A7F4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tianqi.2345.com/tqpcimg/tianqiimg/theme4/images/old/plugin-widget.png
Requested by
Host: tianqi.2345.com
URL: https://tianqi.2345.com/tqpcimg/tianqiimg/theme4/css/old/wea_plugin_widget.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.140.56 Shanghai, China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
/
Resource Hash
f3e91d915cec0bf4a14247bfa0731081937f950999f6d599aebb7927e0d1ab64

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tianqi.2345.com/tqpcimg/tianqiimg/theme4/css/old/wea_plugin_widget.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 16:01:11 GMT
Last-Modified
Tue, 20 Dec 2022 06:20:40 GMT
Age
456860
ETag
"63a15438-633"
x-hits
2088581
Content-Type
image/png
P3P
CP=CAO PSA OUR, CP=CAO PSA OUR
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1587
Expires
Mon, 08 Apr 2024 09:06:50 GMT
w_day.png
tianqi.2345.com/tqpcimg/tianqiimg/theme4/images/old/ Frame A7F4 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tianqi.2345.com/tqpcimg/tianqiimg/theme4/images/old/w_day.png
Requested by
Host: tianqi.2345.com
URL: https://tianqi.2345.com/tqpcimg/tianqiimg/theme4/css/old/wea_plugin_widget.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.140.56 Shanghai, China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
/
Resource Hash
1b751e23fc25ef5af719435a5e02df1ab2cc548daf8caea1635251451e583d10

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tianqi.2345.com/tqpcimg/tianqiimg/theme4/css/old/wea_plugin_widget.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 16:01:11 GMT
Last-Modified
Tue, 20 Dec 2022 06:20:40 GMT
Age
456575
ETag
"63a15438-1136"
x-hits
234021
Content-Type
image/png
P3P
CP=CAO PSA OUR, CP=CAO PSA OUR
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4406
Expires
Mon, 08 Apr 2024 09:11:36 GMT
r.png
arms-retcode.aliyuncs.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://arms-retcode.aliyuncs.com/r.png?t=resourceError&times=1&page=elm.head2.fun&tag=undefined_213d3bbc16544989615803717e32d6&release=0.7.11&begin=1710432067387&c1=eleme_sms_h5&c2=eleme&c3=&src=https%3A%2F%2Felm.head2.fun%2Fvip%2Fhavana-nlogin%2F0.9.26%2Findex.js&node_name=script&xpath=html.%20%3E%20body%23mini-login-body.eleme.lang-zh_CN..mobile.theme-default%20%3E%20script.&sr=1600x1200&vp=1600x1200&ct=4g&uid=X2lULt9Xrksfjp3FF9Uvr7twRIzw&sid=gLlFjt6Lrqpfns3me9s3rRnwma9g&pid=gf3el0xc6g%40256d85bbd150cf1&_v=1.8.30&pv_id=wslX1tUyr0tf6g35b7R8qm0g940p&sampling=1&z=ltrf37qg
Requested by
Host: g.alicdn.com
URL: https://g.alicdn.com/secdev/nsv/1.0.87/ns_f_95_3_f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.99.58.69 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Mar 2024 16:01:12 GMT
server
nginx
timing-allow-origin
*
content-type
image/png
r.png
arms-retcode.aliyuncs.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://arms-retcode.aliyuncs.com/r.png?t=pv&times=1&page=elm.head2.fun&tag=undefined_213d3bbc16544989615803717e32d6&release=0.7.11&begin=1710432071372&c1=eleme_sms_h5&c2=eleme&c3=&uid=X2lULt9Xrksfjp3FF9Uvr7twRIzw&dt=%E3%81%AE%E6%88%91%E4%BA%86%E9%BA%BD&dr=&dpr=1.00&de=utf-8&ul=en&sr=1600x1200&vp=1600x1200&ct=4g&sid=gLlFjt6Lrqpfns3me9s3rRnwma9g&pid=gf3el0xc6g%40256d85bbd150cf1&_v=1.8.30&pv_id=wslX1tUyr0tf6g35b7R8qm0g940p&sampling=1&dl=https%3A%2F%2Felm.head2.fun%2F&z=ltrf37qh
Requested by
Host: g.alicdn.com
URL: https://g.alicdn.com/secdev/nsv/1.0.87/ns_f_95_3_f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.99.58.69 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Mar 2024 16:01:12 GMT
server
nginx
timing-allow-origin
*
content-type
image/png
r.png
arms-retcode.aliyuncs.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://arms-retcode.aliyuncs.com/r.png?t=perf&times=1&page=elm.head2.fun&tag=undefined_213d3bbc16544989615803717e32d6&release=0.7.11&begin=1710432058857&c1=eleme_sms_h5&c2=eleme&c3=&dns=0&tcp=77&ssl=45&ttfb=933&trans=62&dom=7491&res=3920&firstbyte=1010&fpt=1107&tti=8598&ready=8599&load=12518&ct=4g&bandwidth=10&navtype=Other&autoSend=true&sr=1600x1200&vp=1600x1200&uid=X2lULt9Xrksfjp3FF9Uvr7twRIzw&sid=gLlFjt6Lrqpfns3me9s3rRnwma9g&pid=gf3el0xc6g%40256d85bbd150cf1&_v=1.8.30&pv_id=wslX1tUyr0tf6g35b7R8qm0g940p&sampling=1&z=ltrf37qi
Requested by
Host: g.alicdn.com
URL: https://g.alicdn.com/secdev/nsv/1.0.87/ns_f_95_3_f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.99.58.69 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://elm.head2.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Mar 2024 16:01:12 GMT
server
nginx
timing-allow-origin
*
content-type
image/png

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| html2canvas object| __awsc_et__ object| __etModule function| etSign function| $ function| jQuery object| bootstrap object| mdui object| ejs function| check object| a object| divObj object| content function| GetQueryString function| clearCookie object| __bl number| PAGE_START_LOAD_TIME boolean| LOGIN_UMID_LOAD object| viewConfig object| viewData object| _lang function| BrowserLogger function| __oFetch_ function| __oXMLHttpRequest_ boolean| __hasInitBlSdk object| goldlog_queue object| __core-js_shared__ function| ThirdPartLogin object| events function| dingTalkEmbeddedQRLoginJumpFn object| DingTalkIntervalNum number| DingTalkInitTime object| LazyLoad object| miniLogin function| showDialog function| hideDialog object| commonDialogNode number| sendAfterInitMessageTimes number| sendAfterInitMessageInterval object| lib object| WindVane object| core object| YDRZAuthLogin function| PhoneServerCustomization function| PhoneNumberServer function| baxiaCommon object| AWSC object| AWSCInner function| AWSCFY number| etrprtrt object| __baxia__ boolean| Baxia_JS_LOAD object| fyglobalopt object| globalOpt number| _nc_initialized object| UA_Opt object| _sec_module object| outer_nc_list function| noCaptcha boolean| NC_JS_LOAD object| __nc function| initializeJsonp_08011942782915007 number| _umopt_npfp number| _umopt_cris number| __acjs number| _uab_module object| __acjs_awsc_140 object| __umModule object| umx object| um number| __sufei_injected__ object| sufei boolean| cnetagUpadeStatus object| __umjsonCall boolean| afterInitSent

19 Cookies

Domain/Path Name / Value
web.50bangzh.com/web/tianqiplugin Name: uHTL
Value: 1
web.50bangzh.com/web/tianqiplugin Name: uHTT
Value: 1710432070
elm.head2.fun/ Name: XSRF-TOKEN
Value: c447b430-2466-470d-bfcc-9bdeec027377
elm.head2.fun/ Name: _samesite_flag_
Value: true
elm.head2.fun/ Name: 3PcFlag
Value: 1710432059721
elm.head2.fun/ Name: 3PcFlagTmall
Value: 1710432059721
elm.head2.fun/ Name: cookie2
Value: 1f28d1bebbaf5fbdc284403c279592d7
elm.head2.fun/ Name: t
Value: 1c7429fc3bf4ee87a2dff9ed9a1b7cd7
elm.head2.fun/ Name: _tb_token_
Value: 319de87e53ebf
.head2.fun/ Name: l
Value: fBOyMJfVPd8AwruQBOfaFurza77OSIRYYuPzaNbMi9fP_k1B5jTd51LDvZT6C3MNF67wR38nvpgBBeYBqQAonxvtcR1R11MmndLHR35..
.head2.fun/ Name: tfstk
Value: ePg9pVYSVpvguJWzxFKn02OYPkOHrVhNjAl5o-2GcvHKEvZgcqAakSFYKmjiiP1ZYYc5SVxaoZUaur9kEH4xsfz4l44loBGZqLkcrLYkrfGaur9kECynIBsOXlBSNJgng6PpN7h_pZHqJ5ZObfwdlZgdrle5oJQflDFN49uoyCrOEOrlfBdd0iz6TB58zkIdhTgU98ATWiS4xXPLEBdd0ir_TWek6PIV0kcF.
elm.head2.fun/ Name: _bl_uid
Value: X2lULt9Xrksfjp3FF9Uvr7twRIzw
elm.head2.fun/ Name: ql
Value: 1a
elm.head2.fun/ Name: _uab_collina
Value: 171043206767562168482933
.ynuf.aliapp.org/ Name: cbc
Value: G0C0A6B35198B366C1ADA693253990155514BE04E9DF4749878
.mmstat.com/ Name: sca
Value: 317d3547
.web.50bangzh.com/ Name: uidFlag
Value: 1
.web.50bangzh.com/ Name: uUid
Value: 709965F31F46000EDA5856860002
.50bangzh.com/ Name: suid
Value: 709965F31F46000EDA5856860002

3 Console Messages

Source Level URL
Text
network error URL: https://elm.head2.fun/vip/havana-nlogin/0.9.26/index.js
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://elm.head2.fun/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security warning URL: https://elm.head2.fun/
Message:
Mixed Content: The page at 'https://elm.head2.fun/' was loaded over HTTPS, but requested an insecure element 'http://acjs.aliyun.com/error?v=um_107_85&e=Illegal%20invocation&stack=TypeError%3A%20Illegal%20invocation%0A%20%20%20%20at%20https%3A%2F%2Fg.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A12368%0A%20%20%20%20at%20https%3A%2F%2Fg.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A12935%0A%20%20%20%20at%20e%20(https%3A%2F%2Fg.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A27137)%0A%20%20%20%20at%20https%3A%2F%2Fg.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A26921%0A%20%20%20%20at%20https%3A%2F%2Fg.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A27127%0A%20%20%20%20at%20e%20(https%3A%2F%2Fg.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A27137)%0A%20%20%20%20at%20X%20(https%3A%2F%2Fg.alicdn.com%2FAWSC%2FWebUMID%2F1.93.0%2Fum.js%3A1%3A77517)'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acjs.aliyun.com
arms-retcode.aliyuncs.com
c3n6xv.tdum.alibaba.com
cf.aliyun.com
elm.head2.fun
g.alicdn.com
gm.mmstat.com
tianqi.2345.com
web.50bangzh.com
x.alicdn.com
ynuf.aliapp.org
101.91.140.56
122.192.65.242
124.239.14.253
203.119.175.231
2401:b180:7003::2e
2404:2280:1b2:0:3::a
2606:4700:3031::6815:224f
47.246.137.66
47.99.58.69
59.82.132.149
04975704505b42dc124568d9d4be26aee2d4592826a0487920cb1d016d1a8e58
1030b03d2559cfd3bbb156e77f43ad393e6a139ba704379d217c8b3105ea7a31
143353b7db9dac2f09a4508b6cd5749f758e40f5d0a0816fcd19b21fde1ba4ea
1552a9dc1361dd6cfe868377444b7d7b00232ae7cad3ce89fe57640c3cbd7ce4
19e73cd884974e0a76aa436798e06ed4efbcc1185159e413b7fbad34e57cad8b
1b751e23fc25ef5af719435a5e02df1ab2cc548daf8caea1635251451e583d10
1e447981c5b0d1a3b39968d3c8dff27c27699f9c76fadaad2483b7042c19af8a
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2c3e026f1bdf9224b15312a16a365e025434dde4b67504a2e828a97ba6a1b240
2d8d7d750b0bbfd68e970b334e9a8af8db6e996fbe0d859e73db7dcf2d837627
39c40db8cd58c98795e5beb174c4ebc4597dde0df74c99db65b3d6fb9487cc13
3e4e8674c7863eb930624cd01d94ce7fab46c262ab88a35dd49021b9b3b051cc
3fc042eaab6ad01d1e898bbf03b27b383db4df93b0d9c273300298d46d1fe829
4afd4df1a72261a338ea3e51a798068d325536757a9cdac93a658a1712da95fb
4c4701ca975df0019b9ce5ffd2a8d33f413bad55663a9f64ba9369da7a444db0
4d8a99b06592a496d2447946c9f623f4288ad42a0d4c28fa639d4de5a9582203
6321a57503c58373f7e409c1526b06b1612571431260cbb6b48818e30d412a4c
649d13e3dcc93c317c6fed4f369bdb6770a4674202163f971708e13f6e1dfbf2
80cc031dcc272fe700570ad4c79131cd15789978233437e9585d78242259f575
8babdd3274b68c8587dc44d908c0e8020ee3b4dc75f5e9a8c7a94e0e1de9da0e
994aae2408fa3aaca7faec5f32d6b0245012786ee65eec40df3ab54b48992b0a
9a6d38c50e1004e5fd1b73e6763bbc4352d5cb806ba120f0b3df4f380939fc22
9a999287478b37b3a684d710c52e1235142e12fdd75c2fad5eb1a92b9ef14646
a2b1ccff671e5a534e703497728edbf16bd31db4ad043f742f8ca0b104e0769e
a4317c03b8d4d20c4c54e163b6d3c16e0107b02d4ee9acd7406d9f7c725cc8f2
abbc8231ec66e6e0e28ec4bae48a3c42270d11aade66c758cb68ccd110468fe7
b71437529030c1084a68ed4774c88cb2b9725d7a2c3f9c2f8af9fa090838094b
bb7538a50f851a09fe94bb26bf9d95d06d5fae3935c39b1c76e9b6806f6572a5
caa17208ba4e8fc27121fb29036b6f39ae9d31778a453df5ed9f32cba2bf3197
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d04e5747d813a9e1fe2f45aedeb7ee01805383cf1fccfb27badb04aaa8c9d53d
d4fc28c6590a14cf643a0c2ae0f4b64067a8b7e4d50f8e970045ca88b6336464
d742a4679b713c18461fbcf1ec88b23b667b54f9d6b567c78ee008bd439938ec
d876b078facc7382a4c6e25565819108619ca8f61a5174e4f0b7723cb3b7d345
df154cc50836073dd4b1f2572ea3fb1ab0f9e180e58d2cf085061bbd0be33b0b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed683cb5c1c6f24c2165d7616418d292120aed77fdbc4983088bad4e0afe0485
f048d0806cf057e5f2d7e965a3474670625d26475fcfb9b5b35833114d974d39
f37552f4530d99f15445efdb86a3c2a03340abe9a7c60225d0ff18f9abb56ba2
f3e91d915cec0bf4a14247bfa0731081937f950999f6d599aebb7927e0d1ab64
f7e96823ff1eb50330ccc85f8cc9694efb19990a7fe31aa72f9acdf5e5abd628