urlscan.io logo urlscan.io
SecurityTrails logo

hlslia.com Open in urlscan Pro
112.213.116.72  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bbonline.top/
Effective URL: https://hlslia.com/?dc=WUMINGC
Submission: On October 30 via manual from BH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 23 HTTP transactions. The main IP is 112.213.116.72, located in Hong Kong and belongs to BCPL-SG BGPNET Global ASN, SG. The main domain is hlslia.com.
TLS certificate: Issued by R3 on September 7th 2022. Valid for: 3 months.
This is the only time hlslia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 103.202.50.15 26658 (HENGTONG-...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
10 112.213.116.72 64050 (BCPL-SG B...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 154.39.67.91 ()
1 3.232.242.170 14618 (AMAZON-AES)
23 10
4    103.202.50.15 (Hong Kong)

ASN26658 (HENGTONG-IDC-LLC, US)
bbonline.top
www.bbonline.top
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
hcsj.live
10    112.213.116.72 (Hong Kong)

ASN64050 (BCPL-SG BGPNET Global ASN, SG)
hlslia.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    154.39.67.91 (None, )

ASN- ()
prod.aapippay.com
1    3.232.242.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-242-170.compute-1.amazonaws.com
api.ipify.org
Apex Domain
Subdomains		 Transfer
10 hlslia.com
hlslia.com
785 KB
4 bbonline.top
bbonline.top
www.bbonline.top
3 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
20 KB
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2856
248 B
1 aapippay.com
prod.aapippay.com
1 google.de
www.google.de — Cisco Umbrella Rank: 6364
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
438 B
1 hcsj.live
hcsj.live
669 B
0 baidu.com Failed
hm.baidu.com Failed
23 10
Domain Requested by
10 hlslia.com hcsj.live
hlslia.com
3 www.bbonline.top www.bbonline.top
2 www.google-analytics.com hlslia.com
www.google-analytics.com
1 api.ipify.org hlslia.com
1 prod.aapippay.com hlslia.com
1 www.google.de hlslia.com
1 www.google.com hlslia.com
1 stats.g.doubleclick.net www.google-analytics.com
1 hcsj.live www.bbonline.top
1 bbonline.top 1 redirects
0 hm.baidu.com Failed hcsj.live
23 11

This site contains no links.

Subject Issuer Validity Valid
*.hcsj.live
E1		 2022-10-28 -
2023-01-26		 3 months crt.sh
hlslia.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
prod.aapippay.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2022-02-07 -
2023-03-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://hlslia.com/?dc=WUMINGC
Frame ID: 7E4B69B0599D47C340F0D7DA0272FF5D
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

黑料社

Page URL History Show full URLs

  1. http://bbonline.top/ HTTP 301
    http://www.bbonline.top/index.php Page URL
  2. https://hcsj.live/ Page URL
  3. https://hlslia.com/?dc=WUMINGC Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

23
Requests

78 %
HTTPS

56 %
IPv6

10
Domains

11
Subdomains

10
IPs

4
Countries

809 kB
Transfer

1439 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bbonline.top/ HTTP 301
    http://www.bbonline.top/index.php Page URL
  2. https://hcsj.live/ Page URL
  3. https://hlslia.com/?dc=WUMINGC Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bbonline.top/ HTTP 301
  • http://www.bbonline.top/index.php

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index.php
www.bbonline.top/
Redirect Chain
  • http://bbonline.top/
  • http://www.bbonline.top/index.php
2 KB
889 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.bbonline.top/index.php
Protocol
HTTP/1.1
Server
103.202.50.15 , Hong Kong, ASN26658 (HENGTONG-IDC-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
f69ea6363e04a4edd299bce3574bc615f69c6807f8ce9fb3d1b80a8946749d54

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 30 Oct 2022 11:28:42 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html
Date
Sun, 30 Oct 2022 11:28:39 GMT
Location
http://www.bbonline.top/index.php
Server
nginx
common.js
www.bbonline.top/ 		2 KB
868 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.bbonline.top/common.js
Requested by
Host: www.bbonline.top
URL: http://www.bbonline.top/index.php
Protocol
HTTP/1.1
Server
103.202.50.15 , Hong Kong, ASN26658 (HENGTONG-IDC-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
8fc9cde51b56b2e08bfd856a6c31d1fda6630fa8ff5de36a27f1636acb12b2c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.bbonline.top/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sun, 30 Oct 2022 11:28:43 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
tj.js
www.bbonline.top/ 		518 B
674 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.bbonline.top/tj.js
Requested by
Host: www.bbonline.top
URL: http://www.bbonline.top/index.php
Protocol
HTTP/1.1
Server
103.202.50.15 , Hong Kong, ASN26658 (HENGTONG-IDC-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
d6cc5ffba67018b7eaad60cd4b02b7d9b875cd4693f80b313e91c6f0c04199dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.bbonline.top/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sun, 30 Oct 2022 11:28:43 GMT
Server
nginx
Connection
keep-alive
Content-Length
518
Content-Type
application/x-javascript
/
hcsj.live/ 		372 B
669 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hcsj.live/
Requested by
Host: www.bbonline.top
URL: http://www.bbonline.top/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d387b4d9a44c18c9de03936151d95251b720bc0d513b91a01fd057f87b051052

Request headers

Referer
http://www.bbonline.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7623cf0669ac9043-FRA
content-encoding
br
content-type
text/html
date
Sun, 30 Oct 2022 11:28:39 GMT
last-modified
Fri, 28 Oct 2022 03:18:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPmeuziZe3ZyR9Vh3L0jAA1nMP7v7qm82GJcVlAQVcfx1mwWimNfD3JGM7E8kHPcZDa9%2Flc4g1v23DxCyMoMo9U4Nk1eI1wWSb874Tl8yV7QXQhT1QmpmQc861UmA8AAN6UJTv4hPxA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
hm.js
hm.baidu.com/ 		0
0
Primary Request /
hlslia.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hlslia.com/?dc=WUMINGC
Requested by
Host: hcsj.live
URL: https://hcsj.live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
112.213.116.72 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
8b704eccb727fb9504433172ad68c8c7d8e16c21c8f1ab55a7e727aed8b1d7ed

Request headers

Referer
https://hcsj.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 30 Oct 2022 11:30:33 GMT
Server
openresty/1.21.4.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
app.8d0c1b25.css
hlslia.com/css/ 		247 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hlslia.com/css/app.8d0c1b25.css
Requested by
Host: hlslia.com
URL: https://hlslia.com/?dc=WUMINGC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
112.213.116.72 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
790b4e3505df1b99b3afcc5ff6d1cb668b86f91e16af45e51acbb091911e4b1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hlslia.com/?dc=WUMINGC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sun, 30 Oct 2022 11:30:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Oct 2022 12:55:12 GMT
Server
openresty/1.21.4.1
ETag
W/"63480ab0-3db80"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
chunk-vendors.b30a8066.css
hlslia.com/css/ 		82 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hlslia.com/css/chunk-vendors.b30a8066.css
Requested by
Host: hlslia.com
URL: https://hlslia.com/?dc=WUMINGC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
112.213.116.72 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
cfba461140764037e5b5003cdbb1434e16776d9eeccafedbe9d745359bbde9d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hlslia.com/?dc=WUMINGC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sun, 30 Oct 2022 11:30:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Oct 2022 12:55:12 GMT
Server
openresty/1.21.4.1
ETag
W/"63480ab0-14746"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
app.e8888b60.js
hlslia.com/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hlslia.com/js/app.e8888b60.js
Requested by
Host: hlslia.com
URL: https://hlslia.com/?dc=WUMINGC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
112.213.116.72 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
f20f895ef64fcc8992f418872af14e99005053873cd7998fe33ee963d216700f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hlslia.com/?dc=WUMINGC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sun, 30 Oct 2022 11:30:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Oct 2022 12:55:12 GMT
Server
openresty/1.21.4.1
ETag
W/"63480ab0-3f9c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
chunk-vendors.bcd6c973.js
hlslia.com/js/ 		503 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hlslia.com/js/chunk-vendors.bcd6c973.js
Requested by
Host: hlslia.com
URL: https://hlslia.com/?dc=WUMINGC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
112.213.116.72 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
5f20c4e41b0fca3bc06abaf719e1f455622002d55fa35789e1b534027ba61457

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hlslia.com/?dc=WUMINGC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sun, 30 Oct 2022 11:30:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Oct 2022 12:55:12 GMT
Server
openresty/1.21.4.1
ETag
W/"63480ab0-7db73"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: hlslia.com
URL: https://hlslia.com/?dc=WUMINGC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hlslia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 30 Oct 2022 11:01:58 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1603
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 30 Oct 2022 13:01:58 GMT
collect
www.google-analytics.com/j/ 		4 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=235534706&t=pageview&_s=1&dl=https%3A%2F%2Fhlslia.com%2F%3Fdc%3DWUMINGC&dr=https%3A%2F%2Fhcsj.live%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1755108785&gjid=1783000857&cid=116467807.1667129321&tid=UA-165940626-2&_gid=808410874.1667129321&_r=1&_slc=1&z=385835003
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hlslia.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 11:28:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hlslia.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-165940626-2&cid=116467807.1667129321&jid=1755108785&gjid=1783000857&_gid=808410874.1667129321&_u=IEBAAEAAAAAAACAAI~&z=1886096357
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hlslia.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 30 Oct 2022 11:28:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hlslia.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-165940626-2&cid=116467807.1667129321&jid=1755108785&_u=IEBAAEAAAAAAACAAI~&z=1139369395
Requested by
Host: hlslia.com
URL: https://hlslia.com/?dc=WUMINGC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hlslia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 11:28:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-165940626-2&cid=116467807.1667129321&jid=1755108785&_u=IEBAAEAAAAAAACAAI~&z=1139369395
Requested by
Host: hlslia.com
URL: https://hlslia.com/?dc=WUMINGC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hlslia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Oct 2022 11:28:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nuS0EDXSczKgf3Xh
prod.aapippay.com/plm/okn/ijb/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.aapippay.com/plm/okn/ijb/nuS0EDXSczKgf3Xh
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.39.67.91 -, , ASN (),
Reverse DNS
Software
qq.com /
Resource Hash
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://hlslia.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers
Content-Length,Content-Type,Authorization,X-User-Agent,User-Agent
access-control-allow-methods
GET,POST,PUT,HEAD,DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Disposition,Refresh-Authorization,Cur-Ver
access-control-max-age
0
content-length
0
date
Sun, 30 Oct 2022 11:28:45 GMT
server
qq.com
x-cache-status
MISS
x-frame-options
sameorigin
nuS0EDXSczKgf3Xh
prod.aapippay.com/plm/okn/ijb/ 		0
0
/
api.ipify.org/ 		21 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: hlslia.com
URL: https://hlslia.com/js/chunk-vendors.bcd6c973.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.232.242.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-242-170.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
f44576598504595f892634db6c20c387bcab13709337b9c0feddb692a2f31e21

Request headers

Accept
application/json, text/plain, */*
Referer
https://hlslia.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sun, 30 Oct 2022 11:28:43 GMT
Via
1.1 vegur
Server
Cowboy
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://hlslia.com
Connection
keep-alive
Content-Length
21
bg.cbf25545.jpg
hlslia.com/img/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hlslia.com/img/bg.cbf25545.jpg
Requested by
Host: hlslia.com
URL: https://hlslia.com/css/app.8d0c1b25.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
112.213.116.72 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
d175f733fb17100757bf7e8c191a9188080809978d230059d79fde48bedf81f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hlslia.com/css/app.8d0c1b25.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sun, 30 Oct 2022 11:30:35 GMT
Last-Modified
Thu, 13 Oct 2022 12:55:12 GMT
Server
openresty/1.21.4.1
ETag
"63480ab0-fbd4"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64468
logo.b5679c43.png
hlslia.com/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hlslia.com/img/logo.b5679c43.png
Requested by
Host: hlslia.com
URL: https://hlslia.com/css/app.8d0c1b25.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
112.213.116.72 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
4c012ca049fccc36276ff60273bdb740def5cdfac23cbecb845e50c62ad9643d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hlslia.com/css/app.8d0c1b25.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sun, 30 Oct 2022 11:30:35 GMT
Last-Modified
Thu, 13 Oct 2022 12:55:12 GMT
Server
openresty/1.21.4.1
ETag
"63480ab0-1d7e"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7550
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bc8e78f1c51056c425ae117a7b1c9f72100e7fbffd63ca532301b2863a24e8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a862281c77b7719d575afd5527feff4f6e613bad46b040daba0c2a1083694e53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca61674238bef804f30b77437d4f7a2ec7361f85fcb6e3721b53fa9865c06d43

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d4b25804ad6a8442e97a31ef23f8d8e333fb26643bd5214097e8466522038b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83bd01cb72268631a81947c987c4f658f9f72af957a010a08c0f0450b18ab79c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
breakingText.c076b1a0.png
hlslia.com/img/ 		448 KB
448 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hlslia.com/img/breakingText.c076b1a0.png
Requested by
Host: hlslia.com
URL: https://hlslia.com/css/app.8d0c1b25.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
112.213.116.72 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
4b85a467b19fa69f777fcb410795365d4e8521e56f7c3798636fa0d6a80d28dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hlslia.com/css/app.8d0c1b25.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sun, 30 Oct 2022 11:30:35 GMT
Last-Modified
Thu, 13 Oct 2022 12:55:12 GMT
Server
openresty/1.21.4.1
ETag
"63480ab0-6ffb9"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
458681
iosBtn.b98b77dc.png
hlslia.com/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hlslia.com/img/iosBtn.b98b77dc.png
Requested by
Host: hlslia.com
URL: https://hlslia.com/?dc=WUMINGC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
112.213.116.72 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
4272bd73beb3db35880d338379659055e2ad279b50ae34432c4e2561ad2ede94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hlslia.com/?dc=WUMINGC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sun, 30 Oct 2022 11:30:35 GMT
Last-Modified
Thu, 13 Oct 2022 12:55:12 GMT
Server
openresty/1.21.4.1
ETag
"63480ab0-173a"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5946
androidBtn.303ca3db.png
hlslia.com/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hlslia.com/img/androidBtn.303ca3db.png
Requested by
Host: hlslia.com
URL: https://hlslia.com/?dc=WUMINGC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
112.213.116.72 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
ebec8e7dce3e6c83e3e529bfed8b8a61e9b101c7932575eb0ff23100f7b3bd85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hlslia.com/?dc=WUMINGC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Sun, 30 Oct 2022 11:30:36 GMT
Last-Modified
Thu, 13 Oct 2022 12:55:12 GMT
Server
openresty/1.21.4.1
ETag
"63480ab0-1314"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4884

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.js?acd25db5e814513c3cfaa5998c3cee92
Domain
prod.aapippay.com
URL
https://prod.aapippay.com/plm/okn/ijb/nuS0EDXSczKgf3Xh

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webpackJsonp object| lib number| rem number| dpr function| Hammer object| regeneratorRuntime boolean| ga-disable-UA-165940626-2

3 Cookies

Domain/Path Name / Value
.hlslia.com/ Name: _ga
Value: GA1.2.116467807.1667129321
.hlslia.com/ Name: _gid
Value: GA1.2.808410874.1667129321
.hlslia.com/ Name: _gat
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
bbonline.top
hcsj.live
hlslia.com
hm.baidu.com
prod.aapippay.com
stats.g.doubleclick.net
www.bbonline.top
www.google-analytics.com
www.google.com
www.google.de
hm.baidu.com
prod.aapippay.com
103.202.50.15
112.213.116.72
154.39.67.91
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:829::2003
2a00:1450:400c:c0c::9c
2a06:98c1:3121::3
3.232.242.170
4272bd73beb3db35880d338379659055e2ad279b50ae34432c4e2561ad2ede94
4b85a467b19fa69f777fcb410795365d4e8521e56f7c3798636fa0d6a80d28dc
4c012ca049fccc36276ff60273bdb740def5cdfac23cbecb845e50c62ad9643d
5d4b25804ad6a8442e97a31ef23f8d8e333fb26643bd5214097e8466522038b1
5f20c4e41b0fca3bc06abaf719e1f455622002d55fa35789e1b534027ba61457
790b4e3505df1b99b3afcc5ff6d1cb668b86f91e16af45e51acbb091911e4b1c
83bd01cb72268631a81947c987c4f658f9f72af957a010a08c0f0450b18ab79c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b704eccb727fb9504433172ad68c8c7d8e16c21c8f1ab55a7e727aed8b1d7ed
8bc8e78f1c51056c425ae117a7b1c9f72100e7fbffd63ca532301b2863a24e8b
8fc9cde51b56b2e08bfd856a6c31d1fda6630fa8ff5de36a27f1636acb12b2c8
a862281c77b7719d575afd5527feff4f6e613bad46b040daba0c2a1083694e53
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
ca61674238bef804f30b77437d4f7a2ec7361f85fcb6e3721b53fa9865c06d43
cfba461140764037e5b5003cdbb1434e16776d9eeccafedbe9d745359bbde9d8
d175f733fb17100757bf7e8c191a9188080809978d230059d79fde48bedf81f9
d387b4d9a44c18c9de03936151d95251b720bc0d513b91a01fd057f87b051052
d6cc5ffba67018b7eaad60cd4b02b7d9b875cd4693f80b313e91c6f0c04199dc
ebec8e7dce3e6c83e3e529bfed8b8a61e9b101c7932575eb0ff23100f7b3bd85
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f20f895ef64fcc8992f418872af14e99005053873cd7998fe33ee963d216700f
f44576598504595f892634db6c20c387bcab13709337b9c0feddb692a2f31e21
f69ea6363e04a4edd299bce3574bc615f69c6807f8ce9fb3d1b80a8946749d54