urlscan.io logo urlscan.io
SecurityTrails logo

khla.top Open in urlscan Pro
68.66.226.92  Public Scan

Go To Rescan Add Verdict Report
URL: https://khla.top/
Submission: On March 23 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 32 HTTP transactions. The main IP is 68.66.226.92, located in United States and belongs to A2HOSTING, US. The main domain is khla.top.
TLS certificate: Issued by R3 on March 22nd 2024. Valid for: 3 months.
This is the only time khla.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 7 68.66.226.92 55293 (A2HOSTING)
9 2607:f8b0:400... 15169 (GOOGLE)
1 124.221.187.192 45090 (TENCENT-N...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
32 8
7    68.66.226.92 (United States)

ASN55293 (A2HOSTING, US)
PTR: az1-ts4.a2hosting.com
khla.top
9    2607:f8b0:4004:c07::9a (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    124.221.187.192 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
tool.xiawuyouke.com
3    2606:4700:3037::6815:1a0c (United States)

ASN13335 (CLOUDFLARENET, US)
1.jacie.top
1    2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2607:f8b0:4004:c1d::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4004:c0b::63 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 143
tpc.googlesyndication.com — Cisco Umbrella Rank: 204
278 KB
7 khla.top
khla.top
84 KB
3 jacie.top
1.jacie.top
22 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 5
1 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
534 B
1 xiawuyouke.com
tool.xiawuyouke.com Failed
160 KB
32 6
Domain Requested by
9 pagead2.googlesyndication.com khla.top
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 khla.top 2 redirects khla.top
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 1.jacie.top khla.top
1.jacie.top
1 www.google.com tpc.googlesyndication.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 tool.xiawuyouke.com khla.top
32 7
Subject Issuer Validity Valid
www.khla.top.sky888.a2hosted.com
R3		 2024-03-22 -
2024-06-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
jacie.top
GTS CA 1P5		 2024-02-11 -
2024-05-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://khla.top/
Frame ID: 5BF4A1529856259D62DC586A977E6BF8
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1711213447767808&output=html&adk=1812271804&adf=3025194257&lmt=1711204471&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fkhla.top%2F&pra=5&wgl=1&easpi=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711204470224&bpp=651&bdt=284&idt=905&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7401423826307&frm=20&pv=2&ga_vid=1103304948.1711204471&ga_sid=1711204471&ga_hid=578071553&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082034%2C42531706%2C44795921%2C95325974%2C95326316%2C31082078%2C95322195%2C95326913&oid=2&pvsid=4135678435126000&tmod=2141045776&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=943
Frame ID: BCCFF2DF3F34597D436D2D7E430B7762
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B81949A9BF5131ECEBFE16B78484B0F0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 79BEAC568DE63A540976F982E6AD9C6C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

下午有課中小學教育在線辅助網

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

32
Requests

66 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

8
IPs

2
Countries

545 kB
Transfer

1128 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://khla.top/?zb_system/script/jquery-2.2.4.min.js HTTP 0
  • http://tool.xiawuyouke.com/zb_system/script/jquery-2.2.4.min.js
Request Chain 7
  • https://khla.top/?zb_users/upload/2019/07/201907221563804691607577.png HTTP 302
  • https://tool.xiawuyouke.com/zb_users/upload/2019/07/201907221563804691607577.png
Request Chain 11
  • https://khla.top/?zb_system/script/zblogphp.js HTTP 0
  • http://tool.xiawuyouke.com/zb_system/script/zblogphp.js
Request Chain 12
  • https://khla.top/?zb_users/theme/hnysweb/style/js/jquery.lazyload.js?v=1.9.1 HTTP 0
  • http://tool.xiawuyouke.com/zb_users/theme/hnysweb/style/js/jquery.lazyload.js?v=1.9.1
Request Chain 13
  • https://khla.top/?zb_users/theme/hnysweb/style/js/hnysnet.js HTTP 0
  • http://tool.xiawuyouke.com/zb_users/theme/hnysweb/style/js/hnysnet.js
Request Chain 15
  • https://khla.top/?zb_users/theme/hnysweb/style/?zb_users/theme/hnysweb/style/css/iconfont.woff2 HTTP 302
  • https://khla.top/
Request Chain 16
  • https://khla.top/?zb_users/plugin/sf_praise_sdk/js/sf_praise_sdk.js HTTP 0
  • http://tool.xiawuyouke.com/zb_users/plugin/sf_praise_sdk/js/sf_praise_sdk.js

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
khla.top/ 		28 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://khla.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.66.226.92 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ts4.a2hosting.com
Software
LiteSpeed / PHP/7.4.33
Resource Hash
b88107dd2dfb906acb6394f5e74d9e35462563e1b9e8b5e3bc6a00f15645833c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-type
text/html;charset=utf-8
date
Sat, 23 Mar 2024 14:34:29 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.33
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1711213447767808
Requested by
Host: khla.top
URL: https://khla.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
517692fc1defc2a305c1424e1638161ff3f21b38210810fa62f3af15544c2ae0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://khla.top/
Origin
https://khla.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 14:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51065
x-xss-protection
0
server
cafe
etag
2289437674417473504
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 23 Mar 2024 14:34:30 GMT
/
khla.top/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://khla.top/?zb_users/theme/hnysweb/style/index2.css
Requested by
Host: khla.top
URL: https://khla.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.66.226.92 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ts4.a2hosting.com
Software
LiteSpeed / PHP/7.4.33
Resource Hash
adbe058b4918989924f698c200909921c805f69ef0a7bffa4edcc1e32bc561d4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://khla.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 14:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
server
LiteSpeed
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=from
cache-control
public, max-age=604800
expires
Sat, 30 Mar 2024 14:34:30 GMT
jquery-2.2.4.min.js
tool.xiawuyouke.com/zb_system/script/
Redirect Chain
  • https://khla.top/?zb_system/script/jquery-2.2.4.min.js
  • http://tool.xiawuyouke.com/zb_system/script/jquery-2.2.4.min.js
0
0
/
khla.top/ 		0
0
/
khla.top/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://khla.top/?zb_system/script/c_html_js_add.php
Requested by
Host: khla.top
URL: https://khla.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.66.226.92 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ts4.a2hosting.com
Software
LiteSpeed / PHP/7.4.33
Resource Hash
735139a2a023ae0e533b62983e978c519cf79bef42b5795002e9f9665bea9ed0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://khla.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 14:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
server
LiteSpeed
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript;charset=utf-8
cache-control
public, max-age=604800
content-length
1761
expires
Sat, 30 Mar 2024 14:34:30 GMT
/
khla.top/ 		0
0
/
khla.top/ 		0
0
201907221563804691607577.png
tool.xiawuyouke.com/zb_users/upload/2019/07/
Redirect Chain
  • https://khla.top/?zb_users/upload/2019/07/201907221563804691607577.png
  • https://tool.xiawuyouke.com/zb_users/upload/2019/07/201907221563804691607577.png
160 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tool.xiawuyouke.com/zb_users/upload/2019/07/201907221563804691607577.png
Requested by
Host: khla.top
URL: https://khla.top/
Protocol
H2
Server
124.221.187.192 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
781fcc71b7b6f9160524a452ad3d93c51262e9cb017414a8f01fc1678bfe673d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://khla.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 14:34:33 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 22 Jul 2019 14:11:31 GMT
server
nginx
etag
"5d35c413-27f7b"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
163707
expires
Mon, 22 Apr 2024 14:34:33 GMT

Redirect headers

date
Sat, 23 Mar 2024 14:34:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
server
LiteSpeed
x-powered-by
PHP/7.4.33
x-frame-options
SAMEORIGIN
content-type
image/jpeg; charset=UTF-8
location
http://tool.xiawuyouke.com/zb_users/upload/2019/07/201907221563804691607577.png
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
expires
Sat, 30 Mar 2024 14:34:30 GMT
/
khla.top/ 		0
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9778993251120237
Requested by
Host: khla.top
URL: https://khla.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b182f11e870ef78380a9ecedd772ccc518720d75794f48db78fd5f4d3241ad96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://khla.top/
Origin
https://khla.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 14:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50890
x-xss-protection
0
server
cafe
etag
2284234289167353555
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 23 Mar 2024 14:34:30 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/ 		407 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js?bust=31082078
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1711213447767808
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab0ad9bee95d906ed3438be619f8a95a2765487b108eb6f9e748674604ff03db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://khla.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 14:34:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141396
x-xss-protection
0
server
cafe
etag
17747550397926424998
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Mar 2024 14:34:30 GMT
zblogphp.js
tool.xiawuyouke.com/zb_system/script/
Redirect Chain
  • https://khla.top/?zb_system/script/zblogphp.js
  • http://tool.xiawuyouke.com/zb_system/script/zblogphp.js
0
0
jquery.lazyload.js
tool.xiawuyouke.com/zb_users/theme/hnysweb/style/js/
Redirect Chain
  • https://khla.top/?zb_users/theme/hnysweb/style/js/jquery.lazyload.js?v=1.9.1
  • http://tool.xiawuyouke.com/zb_users/theme/hnysweb/style/js/jquery.lazyload.js?v=1.9.1
0
0
hnysnet.js
tool.xiawuyouke.com/zb_users/theme/hnysweb/style/js/
Redirect Chain
  • https://khla.top/?zb_users/theme/hnysweb/style/js/hnysnet.js
  • http://tool.xiawuyouke.com/zb_users/theme/hnysweb/style/js/hnysnet.js
0
0
matomo.js
1.jacie.top/matomo/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1.jacie.top/matomo/matomo.js
Requested by
Host: khla.top
URL: https://khla.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1a0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://khla.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 14:34:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
534732
content-encoding
br
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 18 Apr 2023 11:33:06 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i8x8f6jvjO0R%2BWShhHznx%2FXc7kK7Xlec1mPGvwH3Wxzi2nvV8tVHw9R0gmt2XiUCuVFE3zpfVK8D3KisnU27UasculSmcUvkWFskUtCQ9Qij10ck2%2BbjVq09%2BztaSIP9uH3K8zRJkemxQg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
868f2488cfb54bbd-BUF
expires
Sun, 24 Mar 2024 10:02:19 GMT
/
khla.top/
Redirect Chain
  • https://khla.top/?zb_users/theme/hnysweb/style/?zb_users/theme/hnysweb/style/css/iconfont.woff2
  • https://khla.top/
28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://khla.top/
Requested by
Host: khla.top
URL: https://khla.top/?zb_users/theme/hnysweb/style/index2.css
Protocol
H3
Server
68.66.226.92 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ts4.a2hosting.com
Software
LiteSpeed / PHP/7.4.33
Resource Hash
1d7bc1a1b18a150b12267eddcb1056edf32a7d4debf2d915d891953f5ea59760
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://khla.top/?zb_users/theme/hnysweb/style/index2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 14:34:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
server
LiteSpeed
x-powered-by
PHP/7.4.33
x-frame-options
SAMEORIGIN
content-type
*/*;charset=utf-8

Redirect headers

date
Sat, 23 Mar 2024 14:34:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
server
LiteSpeed
x-powered-by
PHP/7.4.33
x-frame-options
SAMEORIGIN
content-type
text/html; charset=gbk
location
/
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
sf_praise_sdk.js
tool.xiawuyouke.com/zb_users/plugin/sf_praise_sdk/js/
Redirect Chain
  • https://khla.top/?zb_users/plugin/sf_praise_sdk/js/sf_praise_sdk.js
  • http://tool.xiawuyouke.com/zb_users/plugin/sf_praise_sdk/js/sf_praise_sdk.js
0
0
ads
googleads.g.doubleclick.net/pagead/ Frame BCCF 		603 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1711213447767808&output=html&adk=1812271804&adf=3025194257&lmt=1711204471&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fkhla.top%2F&pra=5&wgl=1&easpi=1&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711204470224&bpp=651&bdt=284&idt=905&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7401423826307&frm=20&pv=2&ga_vid=1103304948.1711204471&ga_sid=1711204471&ga_hid=578071553&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082022%2C31082034%2C42531706%2C44795921%2C95325974%2C95326316%2C31082078%2C95322195%2C95326913&oid=2&pvsid=4135678435126000&tmod=2141045776&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=943
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js?bust=31082078
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://khla.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Mar 2024 14:34:31 GMT
expires
Sat, 23 Mar 2024 14:34:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=left-bar&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: khla.top
URL: https://khla.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://khla.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Mar 2024 14:34:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=left-bar&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: khla.top
URL: https://khla.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://khla.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Mar 2024 14:34:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
matomo.php
1.jacie.top/matomo/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://1.jacie.top/matomo/matomo.php?action_name=%E4%B8%8B%E5%8D%88%E6%9C%89%E8%AA%B2%E4%B8%AD%E5%B0%8F%E5%AD%B8%E6%95%99%E8%82%B2%E5%9C%A8%E7%B7%9A%E8%BE%85%E5%8A%A9%E7%B6%B2&idsite=1&rec=1&r=845085&h=4&m=34&s=31&url=https%3A%2F%2Fkhla.top%2F&_id=a34ef8ffa4bc2cd9&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=iPD4tq&pf_net=1120&pf_srv=1309&pf_tfr=1&pf_dm1=1179&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: 1.jacie.top
URL: https://1.jacie.top/matomo/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1a0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://khla.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers
matomo.php
1.jacie.top/matomo/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://1.jacie.top/matomo/matomo.php?action_name=%E4%B8%8B%E5%8D%88%E6%9C%89%E8%AA%B2%E4%B8%AD%E5%B0%8F%E5%AD%B8%E6%95%99%E8%82%B2%E5%9C%A8%E7%B7%9A%E8%BE%85%E5%8A%A9%E7%B6%B2&idsite=1&rec=1&r=019888&h=4&m=34&s=31&url=https%3A%2F%2Fkhla.top%2F&_id=a34ef8ffa4bc2cd9&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=MepQrs&pf_net=1120&pf_srv=1309&pf_tfr=1&pf_dm1=1179&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: 1.jacie.top
URL: https://1.jacie.top/matomo/matomo.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1a0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://khla.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers
/
khla.top/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://khla.top/?zb_users/theme/hnysweb/style/css/iconfont.woff
Requested by
Host: khla.top
URL: https://khla.top/?zb_users/theme/hnysweb/style/index2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
68.66.226.92 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ts4.a2hosting.com
Software
LiteSpeed / PHP/7.4.33
Resource Hash
0dec3ba61fd56c8fabcfbd24ad62c54ba0368a3c803ed6c2c808fd3212205eec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://khla.top/?zb_users/theme/hnysweb/style/index2.css
Origin
https://khla.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 14:34:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
server
LiteSpeed
x-powered-by
PHP/7.4.33
x-frame-options
SAMEORIGIN
content-type
application/font-woff
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240320&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js?bust=31082078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92854262c3ff59f133062e63263edf2d58cc8a900e9f4dd5ffbacd93a033cfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://khla.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 14:34:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12162
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js?bust=31082078
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://khla.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 14:34:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 23 Mar 2024 14:34:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B819 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://khla.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
71305
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Mar 2024 18:46:10 GMT
expires
Sat, 22 Mar 2025 18:46:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 79BE 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ff658c9c458d67801cdf7de1db7a4d82602573e2924cfea280004b4d658d60bc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dpG6Pbp-yxGmpGpC82pxwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://khla.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-dpG6Pbp-yxGmpGpC82pxwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 23 Mar 2024 14:34:35 GMT
expires
Sat, 23 Mar 2024 14:34:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js
pagead2.googlesyndication.com/bg/ Frame B819 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 14:28:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15865
x-xss-protection
0
last-modified
Thu, 14 Mar 2024 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 23 Mar 2025 14:28:12 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 79BE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240320&jk=4135678435126000&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B819 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?LczUMw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 14:34:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240320&jk=4135678435126000&bg=!cXKlcj3NAAZaswqNerM7ADQBe5WfOMPigUh4QnizsTJWsltDl8nnyEtvBxSKiHvd5hppAFM7zYV4GTFUwR0PFtIQM0M3AgAAAIJSAAAAAmgBB34ANdoFWtCHz5oDpXbHQDTNlCeyW1nHyE8qb_dcV51ZZXwTYBSWt7HjloPMzCUtgpIBFcDeUv5nCgDRGh4lRh-15zZ1uSwbzIx32UtTEOABOIBSmqVGDnBr9BzTzvAwbn1sSxxuK69qPFydIHeIvv6UCssrvIa23noc-WsME5fRul4gI6xUwFcXh30HGUnNnLiWkKEjpRZBeISZuZugLzWdiS8n27A6h7_mB1odlHJ9XJrVomUQBsQt1fKSruqOr2GujQ7QKwxCRqDhD1zbXEyHc5qzYPKUhcDHqvoWHRN9I180tF1uzHEEnEJoIgqIr89Lnz4tkl5gPTURfTIevICUN8BpIMU6Rr47BuKZAnIR2qEYvvFBi3mr1_DrRZChKnNqYFGO3KXPm2cZ6Q3nBOSbwdSRE6kic6mLtk_vdxHN4S7s7b-gcqoWK1sjfZQYnaRLA4beeN3tmMlLigzskkOylOvaRkdj7ttpU8gQLxXe4mU2pWm0quhVnVByfUXZIpS7RwgOUGjyK_ishJRg9Fa1fxM5fxFgqsG7J_FgSn1ULL1qmf_qpURlO47JnVE35Lf_xQQ9kjzAto8P7z-xAJd6ax5qhj9cO8CxhlcHb621Oucd6pmQuipSQUXOcWxhIIZJzpHX5cICgcRdCkP_QUVlU-SmfD1Pd3bgWukXZiosEOhAqBZCuX_2XDitfcs4xb6MSLriAhbjNCuP3XTOkNw1tc2Jn8lXp6c5Tomr0ccKdOSAuLLA2x-vY96BEdeTVU9B1PJZdlQ3rFoz_BB7QjzcEswNm1FUIR4plvzJpa4GgAvV72zm3E0zPEsxNdsW0Oi2AFfF0dFM3ulyoVtiulbHXNkh1VbD-TP9r_cWQEt5lMoeNMoVIUOzRZbOca0-v3xY9sRNwyZ27OwcgwQ1zzS7CtEQqjjR4QLrQtuFu9qp7RtfQ7xcrXVu3pT-tGfcywhpZVcJTdEuXrAuigK0BYuozVe4yyWdjd-RdaB77Lmk7hb9AqAiFL_IvtbXaMO_TRBpEBRgdLWall8GSj-cxS0_cbLnMcmQ5Z6XlC82TAnfTV7lQI2it7J5Pi8RnjiBoxGXnCXeIhxJF0r0cZMHBo-NSc9LmORazIDA9LE3ZUPgxVuGk59NSP4AGEd2GwjQg_ljAAyanCB39yjw2vjldNzO4BOK2w1m7eWXXW_OSuIidA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://khla.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tool.xiawuyouke.com
URL
http://tool.xiawuyouke.com/zb_system/script/jquery-2.2.4.min.js
Domain
khla.top
URL
https://khla.top/?zb_system/script/zblogphp.js
Domain
khla.top
URL
https://khla.top/?zb_users/theme/hnysweb/style/js/jquery.lazyload.js?v=1.9.1
Domain
khla.top
URL
https://khla.top/?zb_users/theme/hnysweb/style/js/hnysnet.js
Domain
khla.top
URL
https://khla.top/?zb_users/plugin/sf_praise_sdk/js/sf_praise_sdk.js
Domain
tool.xiawuyouke.com
URL
http://tool.xiawuyouke.com/zb_system/script/zblogphp.js
Domain
tool.xiawuyouke.com
URL
http://tool.xiawuyouke.com/zb_users/theme/hnysweb/style/js/jquery.lazyload.js?v=1.9.1
Domain
tool.xiawuyouke.com
URL
http://tool.xiawuyouke.com/zb_users/theme/hnysweb/style/js/hnysnet.js
Domain
tool.xiawuyouke.com
URL
http://tool.xiawuyouke.com/zb_users/plugin/sf_praise_sdk/js/sf_praise_sdk.js

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter string| google_user_agent_client_hint object| zbpConfig undefined| zbp undefined| bloghost undefined| cookiespath undefined| ajaxurl undefined| lang_comment_name_error undefined| lang_comment_email_error undefined| lang_comment_content_error object| _paq function| google_spfd number| google_unique_id object| google_sv_map function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| GoogleGcLKhOms

3 Cookies

Domain/Path Name / Value
khla.top/ Name: _pk_id.1.def5
Value: a34ef8ffa4bc2cd9.1711204471.
khla.top/ Name: _pk_ses.1.def5
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

8 Console Messages

Source Level URL
Text
security error URL: https://khla.top/
Message:
Mixed Content: The page at 'https://khla.top/' was loaded over HTTPS, but requested an insecure script 'http://tool.xiawuyouke.com/zb_system/script/jquery-2.2.4.min.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://khla.top/
Message:
Mixed Content: The page at 'https://khla.top/' was loaded over HTTPS, but requested an insecure script 'http://tool.xiawuyouke.com/zb_system/script/zblogphp.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://khla.top/
Message:
Mixed Content: The page at 'https://khla.top/' was loaded over HTTPS, but requested an insecure script 'http://tool.xiawuyouke.com/zb_users/theme/hnysweb/style/js/jquery.lazyload.js?v=1.9.1'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://khla.top/
Message:
Mixed Content: The page at 'https://khla.top/' was loaded over HTTPS, but requested an insecure script 'http://tool.xiawuyouke.com/zb_users/theme/hnysweb/style/js/hnysnet.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://khla.top/
Message:
Mixed Content: The page at 'https://khla.top/' was loaded over HTTPS, but requested an insecure script 'http://tool.xiawuyouke.com/zb_users/plugin/sf_praise_sdk/js/sf_praise_sdk.js'. This request has been blocked; the content must be served over HTTPS.
other warning URL: https://khla.top/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://khla.top/
Message:
Failed to decode downloaded font: https://khla.top/?zb_users/theme/hnysweb/style/?zb_users/theme/hnysweb/style/css/iconfont.woff2
other warning URL: https://khla.top/
Message:
OTS parsing error: invalid sfntVersion: 168442913

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.jacie.top
googleads.g.doubleclick.net
khla.top
pagead2.googlesyndication.com
tool.xiawuyouke.com
tpc.googlesyndication.com
www.google.com
khla.top
tool.xiawuyouke.com
124.221.187.192
2606:4700:3037::6815:1a0c
2607:f8b0:4004:c07::9a
2607:f8b0:4004:c0b::63
2607:f8b0:4004:c1b::9d
2607:f8b0:4004:c1d::84
68.66.226.92
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0dec3ba61fd56c8fabcfbd24ad62c54ba0368a3c803ed6c2c808fd3212205eec
1d7bc1a1b18a150b12267eddcb1056edf32a7d4debf2d915d891953f5ea59760
517692fc1defc2a305c1424e1638161ff3f21b38210810fa62f3af15544c2ae0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
735139a2a023ae0e533b62983e978c519cf79bef42b5795002e9f9665bea9ed0
781fcc71b7b6f9160524a452ad3d93c51262e9cb017414a8f01fc1678bfe673d
92854262c3ff59f133062e63263edf2d58cc8a900e9f4dd5ffbacd93a033cfdf
ab0ad9bee95d906ed3438be619f8a95a2765487b108eb6f9e748674604ff03db
adbe058b4918989924f698c200909921c805f69ef0a7bffa4edcc1e32bc561d4
b182f11e870ef78380a9ecedd772ccc518720d75794f48db78fd5f4d3241ad96
b88107dd2dfb906acb6394f5e74d9e35462563e1b9e8b5e3bc6a00f15645833c
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff658c9c458d67801cdf7de1db7a4d82602573e2924cfea280004b4d658d60bc