qh.tdav500.xyz Open in urlscan Pro
104.233.173.196 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ralhjs.com/
Effective URL:
https://qh.tdav500.xyz/
Submission: On July 22 via api (July 22nd 2023, 3:33:47 am UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 18 domains to perform 49 HTTP transactions. The main IP is 104.233.173.196, located in United States and belongs to PEGTECHINC-AP-03, US. The main domain is qh.tdav500.xyz.
TLS certificate: Issued by R3 on July 21st 2023. Valid for: 3 months.

This is the only time qh.tdav500.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	107.149.33.216 107.149.33.216	54600 (PEGTECHINC) (PEGTECHINC)
5	42.236.73.41 42.236.73.41	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
2	42.236.73.39 42.236.73.39	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
1	104.233.173.201 104.233.173.201	398993 (PEGTECHIN...) (PEGTECHINC-AP-03)
13	104.233.173.196 104.233.173.196	398993 (PEGTECHIN...) (PEGTECHINC-AP-03)
1	42.236.73.38 42.236.73.38	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
5	104.233.173.205 104.233.173.205	() ()
49	8

4 107.149.33.216 (United States) 1 redirects

ASN54600 (PEGTECHINC, US)

ralhjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ralhjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 42.236.73.41 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
PTR: hn.kd.ny.adsl

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 42.236.73.39 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
PTR: hn.kd.ny.adsl

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.233.173.201 (United States)

ASN398993 (PEGTECHINC-AP-03, US)

3.tdtz.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.233.173.196 (United States)

ASN398993 (PEGTECHINC-AP-03, US)

qh.tdav500.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yf.tdav500.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 42.236.73.38 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
PTR: hn.kd.ny.adsl

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.233.173.205 (None, )

ASN- ()

js.tdfby.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	tdav500.xyz qh.tdav500.xyz yf.tdav500.xyz	112 KB
8	51.la js.users.51.la — Cisco Umbrella Rank: 78243 ia.51.la — Cisco Umbrella Rank: 74642	13 KB
5	tdfby.xyz js.tdfby.xyz	4 KB
4	ralhjs.com 1 redirects ralhjs.com www.ralhjs.com	2 KB
1	tdtz.xyz 3.tdtz.xyz	647 B
0	lxbd2.com Failed lxbd2.com Failed
0	loli.net Failed s2.loli.net Failed
0	mross011.com Failed mross011.com Failed
0	alicdn.com Failed img.alicdn.com Failed
0	abc748596aaa.vip Failed abc748596aaa.vip Failed
0	bcebos.com Failed tm00738.bj.bcebos.com Failed
0	7780tp.com Failed 7780tp.com Failed
0	lexs9.com Failed lexs9.com Failed
0	tscf8.com Failed tscf8.com Failed
0	xiod.xyz Failed xiod.xyz Failed
0	doyoudoits.com Failed doyoudoits.com Failed
0	vcvbnmto.xyz Failed v.vcvbnmto.xyz Failed
0	tudousp.com Failed js.tudousp.com Failed
49	18

	Domain	Requested by
11	qh.tdav500.xyz	3.tdtz.xyz qh.tdav500.xyz
5	js.tdfby.xyz	qh.tdav500.xyz
5	js.users.51.la	www.ralhjs.com 3.tdtz.xyz qh.tdav500.xyz
3	ia.51.la	www.ralhjs.com 3.tdtz.xyz
3	www.ralhjs.com	www.ralhjs.com
2	yf.tdav500.xyz	3.tdtz.xyz
1	3.tdtz.xyz	www.ralhjs.com
1	ralhjs.com	1 redirects
0	lxbd2.com Failed	qh.tdav500.xyz
0	s2.loli.net Failed	qh.tdav500.xyz
0	mross011.com Failed	qh.tdav500.xyz
0	img.alicdn.com Failed	qh.tdav500.xyz
0	abc748596aaa.vip Failed	qh.tdav500.xyz
0	tm00738.bj.bcebos.com Failed	qh.tdav500.xyz
0	7780tp.com Failed	qh.tdav500.xyz
0	lexs9.com Failed	qh.tdav500.xyz
0	tscf8.com Failed	qh.tdav500.xyz
0	xiod.xyz Failed	qh.tdav500.xyz
0	doyoudoits.com Failed	www.ralhjs.com
0	v.vcvbnmto.xyz Failed	www.ralhjs.com
0	js.tudousp.com Failed	qh.tdav500.xyz
49	21

This site contains no links.

Subject Issuer	Validity	Valid
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2023-04-14` - `2024-05-15`	a year	crt.sh
1.tdtz.xyz R3	`2023-05-19` - `2023-08-17`	3 months	crt.sh
qh.tdav500.xyz R3	`2023-07-21` - `2023-10-19`	3 months	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2023-04-20` - `2024-05-21`	a year	crt.sh
1.tudousp.com R3	`2023-07-09` - `2023-10-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://qh.tdav500.xyz/
Frame ID: EFFBB3328CC4AAF6292907A32B393F82
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ralhjs.com/ HTTP 301
http://www.ralhjs.com/index.php Page URL
https://3.tdtz.xyz/x-tz/tz3.html Page URL
https://qh.tdav500.xyz/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

51 %
HTTPS

0 %
IPv6

18
Domains

21
Subdomains

8
IPs

2
Countries

131 kB
Transfer

486 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ralhjs.com/ HTTP 301
http://www.ralhjs.com/index.php Page URL
https://3.tdtz.xyz/x-tz/tz3.html Page URL
https://qh.tdav500.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ralhjs.com/ HTTP 301
http://www.ralhjs.com/index.php

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

index.php Show response
www.ralhjs.com/
Redirect Chain

http://ralhjs.com/
http://www.ralhjs.com/index.php

3 KB
950 B

594ms
195ms

Document
text/html

107.149.33.216
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ralhjs.com/index.php
Protocol: HTTP/1.1
Server: 107.149.33.216 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 901733c1b9b235ce5b9febfa01bcbc6d0a0cc5970f3cce2698c71cb114824eb0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 22 Jul 2023 03:33:39 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html
Date: Sat, 22 Jul 2023 03:33:38 GMT
Location: http://www.ralhjs.com/index.php
Server: nginx

GET
H/1.1 200
OK common.js Show response
www.ralhjs.com/ 257 B
413 B 191ms
191ms Script
application/x-javascript 107.149.33.216
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ralhjs.com/common.js
Requested by: Host: www.ralhjs.com
URL: http://www.ralhjs.com/index.php
Protocol: HTTP/1.1
Server: 107.149.33.216 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: ae3c441f96e2a6fdb5f6668f7a96ac136fbcd596dcd95606473437326db68013

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ralhjs.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 03:33:39 GMT
Server: nginx
Connection: keep-alive
Content-Length: 257
Content-Type: application/x-javascript

GET
H/1.1 200
OK tj.js Show response
www.ralhjs.com/ 206 B
362 B 188ms
188ms Script
application/x-javascript 107.149.33.216
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ralhjs.com/tj.js
Requested by: Host: www.ralhjs.com
URL: http://www.ralhjs.com/index.php
Protocol: HTTP/1.1
Server: 107.149.33.216 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: c99dd0dd7af713a591e68fda6c087a89cfd0f9c0a39dfff408a6cb9fd84c51d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ralhjs.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 03:33:39 GMT
Server: nginx
Connection: keep-alive
Content-Length: 206
Content-Type: application/x-javascript

GET
H/1.1 200
OK 21732003.js Show response
js.users.51.la/ 5 KB
3 KB 645ms
210ms Script
application/javascript 42.236.73.41
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21732003.js
Requested by: Host: www.ralhjs.com
URL: http://www.ralhjs.com/tj.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 42.236.73.41 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: openresty /
Resource Hash: d288d7c4b00a8ea7a3e35b7d147da7bc2003e5681f35dda220822cbe426168ed

Request headers

Referer: http://www.ralhjs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 22 Jul 2023 03:33:41 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK 21733773.js Show response
js.users.51.la/ 5 KB
3 KB 696ms
229ms Script
application/javascript 42.236.73.41
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21733773.js
Requested by: Host: www.ralhjs.com
URL: http://www.ralhjs.com/tj.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 42.236.73.41 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: openresty /
Resource Hash: 408330fb01ab51df88ea399ee21fa27be6617ed6ae0b1ade68984b326232214a

Request headers

Referer: http://www.ralhjs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 22 Jul 2023 03:33:41 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200 go1
ia.51.la/ 0
73 B 497ms
225ms Image
text/plain 42.236.73.39
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ia.51.la/go1?id=21732003&rt=1689996821733&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%2597%25A0%25E7%25A0%2581a%25E2%2585%25B4%25E5%2585%258D%25E8%25B4%25B9%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E5%259B%259B%25E5%258C%25BA%252C%2520%252C%25E4%25BA%259A%25E6%25B4%25B2%25E5%258D%25A1%25E4%25B8%2580%25E5%258D%25A1%25E4%25BA%258C%25E5%258D%25A1%25E4%25B8%2589%25E6%2596%25B0%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7&ing=1&ekc=&sid=1689996821733&tt=%25E9%2584%2582%25E5%25B0%2594%25E5%25A4%259A%25E6%2596%25AF%25E9%25A5%25AD%25E8%25AF%259D%25E7%2594%25B5%25E5%25AD%2590%25E5%2595%2586%25E5%258A%25A1%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E6%2597%25A0%25E7%25A0%2581a%25E2%2585%25B4%25E5%2585%258D%25E8%25B4%25B9%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E5%259B%259B%25E5%258C%25BA%252C%2520%252C%25E4%25BA%259A%25E6%25B4%25B2%25E5%258D%25A1%25E4%25B8%2580%25E5%258D%25A1%25E4%25BA%258C%25E5%258D%25A1%25E4%25B8%2589%25E6%2596%25B0%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7%25E7%25B2%25BE%25E5%2593%2581%25E4%25BA%259A%25E6%25B4%25B2%25E4%25B8%2593%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%252C%25E5%259B%25BD%25E4%25BA%25A7%25E7%2599%25BD%25E8%25A2%259C%25E7%2594%25B7GAYCHINA%25E9%259C%25B8%25E9%2581%2593%25E5%25A4%25AA%25E5%25AD%2590%252C%25E9%259F%25A9%25E5%259B%25BD%25E6%2597%25A0%25E7%25A0%2581%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E7%2594%25B5%25E5%25BD%25B1&cu=http%253A%252F%252Fwww.ralhjs.com%252Findex.php&pu=
Requested by: Host: www.ralhjs.com
URL: http://www.ralhjs.com/index.php
Protocol: HTTP/1.1
Server: 42.236.73.39 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ralhjs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 03:33:26 GMT
Content-Length: 0

GET
H/1.1 200 go1
ia.51.la/ 0
73 B 450ms
225ms Image
text/plain 42.236.73.39
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ia.51.la/go1?id=21733773&rt=1689996821784&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%2597%25A0%25E7%25A0%2581a%25E2%2585%25B4%25E5%2585%258D%25E8%25B4%25B9%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E5%259B%259B%25E5%258C%25BA%252C%2520%252C%25E4%25BA%259A%25E6%25B4%25B2%25E5%258D%25A1%25E4%25B8%2580%25E5%258D%25A1%25E4%25BA%258C%25E5%258D%25A1%25E4%25B8%2589%25E6%2596%25B0%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7&ing=2&ekc=&sid=1689996821784&tt=%25E9%2584%2582%25E5%25B0%2594%25E5%25A4%259A%25E6%2596%25AF%25E9%25A5%25AD%25E8%25AF%259D%25E7%2594%25B5%25E5%25AD%2590%25E5%2595%2586%25E5%258A%25A1%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E6%2597%25A0%25E7%25A0%2581a%25E2%2585%25B4%25E5%2585%258D%25E8%25B4%25B9%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E5%259B%259B%25E5%258C%25BA%252C%2520%252C%25E4%25BA%259A%25E6%25B4%25B2%25E5%258D%25A1%25E4%25B8%2580%25E5%258D%25A1%25E4%25BA%258C%25E5%258D%25A1%25E4%25B8%2589%25E6%2596%25B0%25E5%258C%25BA%252C%25E5%259B%25BD%25E4%25BA%25A7%25E7%25B2%25BE%25E5%2593%2581%25E4%25BA%259A%25E6%25B4%25B2%25E4%25B8%2593%25E5%258C%25BA%25E6%2597%25A0%25E7%25A0%2581%25E7%25A0%25B4%25E8%25A7%25A3%25E7%2589%2588%252C%25E5%259B%25BD%25E4%25BA%25A7%25E7%2599%25BD%25E8%25A2%259C%25E7%2594%25B7GAYCHINA%25E9%259C%25B8%25E9%2581%2593%25E5%25A4%25AA%25E5%25AD%2590%252C%25E9%259F%25A9%25E5%259B%25BD%25E6%2597%25A0%25E7%25A0%2581%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E7%2594%25B5%25E5%25BD%25B1&cu=http%253A%252F%252Fwww.ralhjs.com%252Findex.php&pu=
Requested by: Host: www.ralhjs.com
URL: http://www.ralhjs.com/index.php
Protocol: HTTP/1.1
Server: 42.236.73.39 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ralhjs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 03:31:15 GMT
Content-Length: 0

GET
H2 200 tz3.html Show response
3.tdtz.xyz/x-tz/ 644 B
647 B 1667ms
286ms Document
text/html 104.233.173.201
PEGTECHINC-AP-03

General

Check archive.org

Show headers Download Go to

Full URL

https://3.tdtz.xyz/x-tz/tz3.html

Requested by

Host: www.ralhjs.com
URL: http://www.ralhjs.com/common.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.233.173.201 , United States, ASN398993 (PEGTECHINC-AP-03, US),

Reverse DNS

Software

nginx /

Resource Hash

b4bb8dde1c7238f9de52c9940dc2715071326b661aad9f107d987b593009818e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.ralhjs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sat, 22 Jul 2023 11:38:49 GMT
etag: W/"64bac23b-284"
last-modified: Fri, 21 Jul 2023 17:36:59 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H/1.1 200
OK 21489619.js Show response
js.users.51.la/ 5 KB
3 KB 230ms
230ms Script
application/javascript 42.236.73.41
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21489619.js
Requested by: Host: 3.tdtz.xyz
URL: https://3.tdtz.xyz/x-tz/tz3.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 42.236.73.41 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: openresty /
Resource Hash: bd10c4e7d75694c20c7868273f2fa6327ca3cfbbd0d4394bf6292c0eb05b0c78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3.tdtz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 03:33:43 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 404 0.22096801383562403
qh.tdav500.xyz/ 0
0 1663ms
624ms Image
text/html 104.233.173.196
PEGTECHINC-AP-03

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qh.tdav500.xyz/0.22096801383562403
Requested by: Host: 3.tdtz.xyz
URL: https://3.tdtz.xyz/x-tz/tz3.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.233.173.196 , United States, ASN398993 (PEGTECHINC-AP-03, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3.tdtz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H2 404 0.26036333988659544
yf.tdav500.xyz/ 0
0 938ms
290ms Image
text/html 104.233.173.196
PEGTECHINC-AP-03

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yf.tdav500.xyz/0.26036333988659544
Requested by: Host: 3.tdtz.xyz
URL: https://3.tdtz.xyz/x-tz/tz3.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.233.173.196 , United States, ASN398993 (PEGTECHINC-AP-03, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3.tdtz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H/1.1 200 go1
ia.51.la/ 0
73 B 958ms
238ms Image
text/plain 42.236.73.38
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ia.51.la/go1?id=21489619&rt=1689996823997&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1689996823997&tt=&kw=&cu=https%253A%252F%252F3.tdtz.xyz%252Fx-tz%252Ftz3.html&pu=http%253A%252F%252Fwww.ralhjs.com%252F
Requested by: Host: 3.tdtz.xyz
URL: https://3.tdtz.xyz/x-tz/tz3.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 42.236.73.38 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3.tdtz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 03:33:28 GMT
Content-Length: 0

GET
H2 200 /
yf.tdav500.xyz/ 0
0 722ms
721ms Document
text/html 104.233.173.196
PEGTECHINC-AP-03

General

Check archive.org

Show headers Download Go to

Full URL

https://yf.tdav500.xyz/

Requested by

Host: 3.tdtz.xyz
URL: https://3.tdtz.xyz/x-tz/tz3.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.233.173.196 , United States, ASN398993 (PEGTECHINC-AP-03, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://3.tdtz.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 22 Jul 2023 11:38:50 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 Primary Request / Show response
qh.tdav500.xyz/ 70 KB
14 KB 371ms
371ms Document
text/html 104.233.173.196
PEGTECHINC-AP-03

General

Check archive.org

Show headers Download Go to

Full URL

https://qh.tdav500.xyz/

Requested by

Host: 3.tdtz.xyz
URL: https://3.tdtz.xyz/x-tz/tz3.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.233.173.196 , United States, ASN398993 (PEGTECHINC-AP-03, US),

Reverse DNS

Software

nginx /

Resource Hash

3f5f2a1b6caf2948b14aa529b10dda083867d59afe89b6c944d8cee4bf60cf61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://3.tdtz.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 22 Jul 2023 11:38:51 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
qh.tdav500.xyz/template/mb1/css/ 143 KB
26 KB 298ms
295ms Stylesheet
text/css 104.233.173.196
PEGTECHINC-AP-03

General

Check archive.org

Show headers Download Go to

Full URL

https://qh.tdav500.xyz/template/mb1/css/bootstrap.min.css

Requested by

Host: qh.tdav500.xyz
URL: https://qh.tdav500.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.233.173.196 , United States, ASN398993 (PEGTECHINC-AP-03, US),

Reverse DNS

Software

nginx /

Resource Hash

538d049fd82e615676e49d85918f6b6603e8401e047a256e3ff77f67e464d2bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qh.tdav500.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 11:38:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 13:24:24 GMT
server: nginx
etag: W/"61b35508-23af3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 22 Jul 2023 23:38:51 GMT

GET
H2 200 common.css
qh.tdav500.xyz/template/mb1/css/ 9 KB
2 KB 588ms
585ms Stylesheet
text/css 104.233.173.196
PEGTECHINC-AP-03

General

Check archive.org

Show headers Download Go to

Full URL

https://qh.tdav500.xyz/template/mb1/css/common.css

Requested by

Host: qh.tdav500.xyz
URL: https://qh.tdav500.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.233.173.196 , United States, ASN398993 (PEGTECHINC-AP-03, US),

Reverse DNS

Software

nginx /

Resource Hash

fbd0d174288a660597f17a782ed788dd04185f391b46a013b977bcf1cc39cb51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qh.tdav500.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 11:38:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 16:13:36 GMT
server: nginx
etag: W/"625453b0-22d0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 22 Jul 2023 23:38:51 GMT

GET
H2 200 hmlcss.css
qh.tdav500.xyz/template/mb1/css/ 81 KB
18 KB 875ms
872ms Stylesheet
text/css 104.233.173.196
PEGTECHINC-AP-03

General

Check archive.org

Show headers Download Go to

Full URL

https://qh.tdav500.xyz/template/mb1/css/hmlcss.css

Requested by

Host: qh.tdav500.xyz
URL: https://qh.tdav500.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.233.173.196 , United States, ASN398993 (PEGTECHINC-AP-03, US),

Reverse DNS

Software

nginx /

Resource Hash

24c381de634686ff7f15f73b30f1f104433f046e25fd408e7838ef5c0f37401c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qh.tdav500.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 11:38:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 17 Jun 2023 08:01:40 GMT
server: nginx
etag: W/"648d6864-142d8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 22 Jul 2023 23:38:51 GMT

GET
H2 200 app.css
qh.tdav500.xyz/template/mb1/css/ 3 KB
1 KB 876ms
874ms Stylesheet
text/css 104.233.173.196
PEGTECHINC-AP-03

General

Check archive.org

Show headers Download Go to

Full URL

https://qh.tdav500.xyz/template/mb1/css/app.css

Requested by

Host: qh.tdav500.xyz
URL: https://qh.tdav500.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.233.173.196 , United States, ASN398993 (PEGTECHINC-AP-03, US),

Reverse DNS

Software

nginx /

Resource Hash

a9c9538a8af6b62c3593217be1a1482b5688758938aaa745d1fbaa4f7e9abdfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qh.tdav500.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 11:38:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 21 May 2022 15:56:32 GMT
server: nginx
etag: W/"62890bb0-abb"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 22 Jul 2023 23:38:51 GMT

GET
H2 200 jquery.min.js Show response
qh.tdav500.xyz/template/mb1/js/ 95 KB
37 KB 876ms
874ms Script
application/javascript 104.233.173.196
PEGTECHINC-AP-03

General

Check archive.org

Show headers Download Go to

Full URL

https://qh.tdav500.xyz/template/mb1/js/jquery.min.js

Requested by

Host: qh.tdav500.xyz
URL: https://qh.tdav500.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.233.173.196 , United States, ASN398993 (PEGTECHINC-AP-03, US),

Reverse DNS

Software

nginx /

Resource Hash

8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qh.tdav500.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 11:38:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 08 Jul 2022 12:34:02 GMT
server: nginx
etag: W/"62c8243a-17b8a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 22 Jul 2023 23:38:51 GMT

GET
H2 200 jquery.lazyload.min.js Show response
qh.tdav500.xyz/template/mb1/js/ 3 KB
2 KB 876ms
874ms Script
application/javascript 104.233.173.196
PEGTECHINC-AP-03

General

Check archive.org

Show headers Download Go to

Full URL

https://qh.tdav500.xyz/template/mb1/js/jquery.lazyload.min.js

Requested by

Host: qh.tdav500.xyz
URL: https://qh.tdav500.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.233.173.196 , United States, ASN398993 (PEGTECHINC-AP-03, US),

Reverse DNS

Software

nginx /

Resource Hash

ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qh.tdav500.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 11:38:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 11:25:34 GMT
server: nginx
etag: W/"61b3392e-d35"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 22 Jul 2023 23:38:51 GMT

GET
H2 200 home.js Show response
qh.tdav500.xyz/static/js/ 37 KB
10 KB 877ms
874ms Script
application/javascript 104.233.173.196
PEGTECHINC-AP-03

General

Check archive.org

Show headers Download Go to

Full URL

https://qh.tdav500.xyz/static/js/home.js

Requested by

Host: qh.tdav500.xyz
URL: https://qh.tdav500.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.233.173.196 , United States, ASN398993 (PEGTECHINC-AP-03, US),

Reverse DNS

Software

nginx /

Resource Hash

1a52c16e5a7fc905630d52185ca457108cb0a65a4567cf6157709c1c5eceb311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qh.tdav500.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 11:38:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 06:28:32 GMT
server: nginx
etag: W/"61249190-95a5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 22 Jul 2023 23:38:51 GMT

GET
H2 200 dingbu.js Show response
js.tdfby.xyz/ 6 KB
952 B 1388ms
303ms Script
application/javascript 104.233.173.205

General

Check archive.org

Show headers Download Go to

Full URL

https://js.tdfby.xyz/dingbu.js

Requested by

Host: qh.tdav500.xyz
URL: https://qh.tdav500.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.233.173.205 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

ed1fe0430a8099567281447f9d082f3dc6eee8c7d3913a01cae5788acd4c4b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qh.tdav500.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 11:38:52 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 22 Jul 2023 00:06:36 GMT
server: nginx
etag: W/"64bb1d8c-177a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 22 Jul 2023 23:38:52 GMT

GET
H2 200 xuanfu.js Show response
js.tdfby.xyz/ 3 KB
964 B 1389ms
304ms Script
application/javascript 104.233.173.205

General

Check archive.org

Show headers Download Go to

Full URL

https://js.tdfby.xyz/xuanfu.js

Requested by

Host: qh.tdav500.xyz
URL: https://qh.tdav500.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.233.173.205 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

43071bba6282cea9245f9cacd7533cc9b5ef33feca8520627328825197b03889

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qh.tdav500.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 11:38:52 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 21 Jul 2023 21:48:44 GMT
server: nginx
etag: W/"64bafd3c-d95"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 22 Jul 2023 23:38:52 GMT

GET
H2 200 wz2.js Show response
js.tdfby.xyz/ 1 KB
528 B 1390ms
305ms Script
application/javascript 104.233.173.205

General

Check archive.org

Show headers Download Go to

Full URL

https://js.tdfby.xyz/wz2.js

Requested by

Host: qh.tdav500.xyz
URL: https://qh.tdav500.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.233.173.205 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

262acf27fddfcbdf0b6e01b30f4e9bae6b0a091120611b783a27958207b90760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qh.tdav500.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 11:38:52 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 16 Jul 2023 13:12:17 GMT
server: nginx
etag: W/"64b3ecb1-478"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 22 Jul 2023 23:38:52 GMT

GET
H2 200 wz.js Show response
js.tdfby.xyz/ 4 KB
927 B 1391ms
307ms Script
application/javascript 104.233.173.205

General

Check archive.org

Show headers Download Go to

Full URL

https://js.tdfby.xyz/wz.js

Requested by

Host: qh.tdav500.xyz
URL: https://qh.tdav500.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.233.173.205 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

2e3c2f57f9df5ac41ac0aad06af21b6d3b1b4bcb51a67a5c031830b2331e460d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qh.tdav500.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 11:38:52 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 22 Jul 2023 00:41:22 GMT
server: nginx
etag: W/"64bb25b2-e81"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 22 Jul 2023 23:38:52 GMT

GET
H2 200 zhongbu.js Show response
js.tdfby.xyz/ 2 KB
725 B 1390ms
306ms Script
application/javascript 104.233.173.205

General

Check archive.org

Show headers Download Go to

Full URL

https://js.tdfby.xyz/zhongbu.js

Requested by

Host: qh.tdav500.xyz
URL: https://qh.tdav500.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.233.173.205 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8c515acc215da9a447a4128b7afa5071ba37ba8264ec83070cddbf3dc9b3cd0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qh.tdav500.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 11:38:52 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 16 Jul 2023 13:14:01 GMT
server: nginx
etag: W/"64b3ed19-66a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 22 Jul 2023 23:38:52 GMT

GET
H2 200 sp.js Show response
qh.tdav500.xyz/template/mb1/ads/ 2 KB
780 B 876ms
875ms Script
application/javascript 104.233.173.196
PEGTECHINC-AP-03

General

Check archive.org

Show headers Download Go to

Full URL

https://qh.tdav500.xyz/template/mb1/ads/sp.js

Requested by

Host: qh.tdav500.xyz
URL: https://qh.tdav500.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.233.173.196 , United States, ASN398993 (PEGTECHINC-AP-03, US),

Reverse DNS

Software

nginx /

Resource Hash

157dfb8e1e980da7d33fcd631c9bd1e45fc326e58f20cf148c5d0b9129bb1f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qh.tdav500.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 11:38:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 16 Jul 2023 13:12:44 GMT
server: nginx
etag: W/"64b3eccc-8e8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 22 Jul 2023 23:38:51 GMT

GET
H2 200 loading.svg
qh.tdav500.xyz/template/mb1/image/ 506 B
641 B 475ms
475ms Image
image/svg+xml 104.233.173.196
PEGTECHINC-AP-03

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qh.tdav500.xyz/template/mb1/image/loading.svg

Requested by

Host: qh.tdav500.xyz
URL: https://qh.tdav500.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.233.173.196 , United States, ASN398993 (PEGTECHINC-AP-03, US),

Reverse DNS

Software

nginx /

Resource Hash

fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qh.tdav500.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 11:38:52 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Dec 2021 11:26:38 GMT
server: nginx
etag: "61b3396e-1fa"
content-type: image/svg+xml

GET dibu.js
js.tudousp.com/ 0
0

GET
H/1.1 200
OK 21620743.js Show response
js.users.51.la/ 5 KB
3 KB 414ms
413ms Script
application/javascript 42.236.73.41
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21620743.js
Requested by: Host: qh.tdav500.xyz
URL: https://qh.tdav500.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 42.236.73.41 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: openresty /
Resource Hash: c5356e946765c02bac93930089c11f984aa10bf6fb5f2ad95c57d725dea79d50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qh.tdav500.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 03:33:47 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK 21605545.js Show response
js.users.51.la/ 5 KB
3 KB 395ms
395ms Script
application/javascript 42.236.73.41
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21605545.js
Requested by: Host: qh.tdav500.xyz
URL: https://qh.tdav500.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 42.236.73.41 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: openresty /
Resource Hash: a913622aaec15effb430d8ba49bc394a8baa87dc1102d80e4d6461a61c07c831

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qh.tdav500.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 03:33:47 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET /
v.vcvbnmto.xyz/Wqvy/o-7345-Z-578/ 0
0

GET faptm
doyoudoits.com/sputxgfx/faptm1rmn0cqkotd7aecb/2076/ 0
0

GET k9-ky960x60.gif
xiod.xyz/ 0
0

GET 68a7807de3933bf7079116fa9df99e6f.gif
tscf8.com/ 0
0

GET 367a5d7cf2783366e00aa501e70389d2.gif
lexs9.com/ 0
0

GET xpj960-60.gif
xiod.xyz/ 0
0

GET 960x60.gif
7780tp.com/7780/ 0
0

GET YB-se-960x80.gif
tm00738.bj.bcebos.com/ 0
0

GET 960-80A.gif
abc748596aaa.vip/9820/ 0
0

GET O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg
img.alicdn.com/imgextra/i1/133635909329/ 0
0

GET 363336fe019a7dad576dbc0cd5e59477.gif
mross011.com/ 0
0

GET zAxwCKkLnFjlaQ8.jpg
s2.loli.net/2022/05/21/ 0
0

GET f1067f057f9f3415205bc5de44bd7d5b.gif
lxbd2.com/ 0
0

GET a671a2eebd0687c3d3b58dd905b52129.gif
tscf8.com/ 0
0

GET 300x300.gif
7780tp.com/7780/ 0
0

GET 6b4bc2393b34f569886385798f04319d.gif
lxbd2.com/ 0
0

GET d41aeed3b9aa52d7fcd37a6dbed93ace.gif
tscf8.com/ 0
0

GET video-play.png
qh.tdav500.xyz/template/mb1/image/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.tudousp.com
URL: https://js.tudousp.com/dibu.js

Domain: v.vcvbnmto.xyz
URL: https://v.vcvbnmto.xyz/Wqvy/o-7345-Z-578/

Domain: doyoudoits.com
URL: https://doyoudoits.com/sputxgfx/faptm1rmn0cqkotd7aecb/2076/faptm

Domain: xiod.xyz
URL: https://xiod.xyz/k9-ky960x60.gif

Domain: tscf8.com
URL: https://tscf8.com/68a7807de3933bf7079116fa9df99e6f.gif

Domain: lexs9.com
URL: https://lexs9.com/367a5d7cf2783366e00aa501e70389d2.gif

Domain: xiod.xyz
URL: https://xiod.xyz/xpj960-60.gif

Domain: 7780tp.com
URL: https://7780tp.com/7780/960x60.gif

Domain: tm00738.bj.bcebos.com
URL: https://tm00738.bj.bcebos.com/YB-se-960x80.gif

Domain: abc748596aaa.vip
URL: https://abc748596aaa.vip/9820/960-80A.gif

Domain: img.alicdn.com
URL: https://img.alicdn.com/imgextra/i1/133635909329/O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg

Domain: mross011.com
URL: https://mross011.com/363336fe019a7dad576dbc0cd5e59477.gif

Domain: s2.loli.net
URL: https://s2.loli.net/2022/05/21/zAxwCKkLnFjlaQ8.jpg

Domain: lxbd2.com
URL: https://lxbd2.com/f1067f057f9f3415205bc5de44bd7d5b.gif

Domain: tscf8.com
URL: https://tscf8.com/a671a2eebd0687c3d3b58dd905b52129.gif

Domain: 7780tp.com
URL: https://7780tp.com/7780/300x300.gif

Domain: lxbd2.com
URL: https://lxbd2.com/6b4bc2393b34f569886385798f04319d.gif

Domain: tscf8.com
URL: https://tscf8.com/d41aeed3b9aa52d7fcd37a6dbed93ace.gif

Domain: qh.tdav500.xyz
URL: https://qh.tdav500.xyz/template/mb1/image/video-play.png

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ralhjs.com/	1969-12-31 23:59:59	Name: __tins__21732003 Value: %7B%22sid%22%3A%201689996821733%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201689998621733%7D
www.ralhjs.com/	1969-12-31 23:59:59	Name: __51cke__ Value:
www.ralhjs.com/	1969-12-31 23:59:59	Name: __tins__21733773 Value: %7B%22sid%22%3A%201689996821784%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201689998621784%7D
www.ralhjs.com/	1969-12-31 23:59:59	Name: __51laig__ Value: 2
3.tdtz.xyz/	1969-12-31 23:59:59	Name: __tins__21489619 Value: %7B%22sid%22%3A%201689996823997%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201689998623997%7D
3.tdtz.xyz/	1969-12-31 23:59:59	Name: __51cke__ Value:
3.tdtz.xyz/	1969-12-31 23:59:59	Name: __51laig__ Value: 1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.ralhjs.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21732003.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.ralhjs.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21732003.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.ralhjs.com/tj.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21733773.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://yf.tdav500.xyz/0.26036333988659544 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://qh.tdav500.xyz/0.22096801383562403 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.tdtz.xyz
7780tp.com
abc748596aaa.vip
doyoudoits.com
ia.51.la
img.alicdn.com
js.tdfby.xyz
js.tudousp.com
js.users.51.la
lexs9.com
lxbd2.com
mross011.com
qh.tdav500.xyz
ralhjs.com
s2.loli.net
tm00738.bj.bcebos.com
tscf8.com
v.vcvbnmto.xyz
www.ralhjs.com
xiod.xyz
yf.tdav500.xyz
7780tp.com
abc748596aaa.vip
doyoudoits.com
img.alicdn.com
js.tudousp.com
lexs9.com
lxbd2.com
mross011.com
qh.tdav500.xyz
s2.loli.net
tm00738.bj.bcebos.com
tscf8.com
v.vcvbnmto.xyz
xiod.xyz
104.233.173.196
104.233.173.201
104.233.173.205
107.149.33.216
42.236.73.38
42.236.73.39
42.236.73.41
157dfb8e1e980da7d33fcd631c9bd1e45fc326e58f20cf148c5d0b9129bb1f88
1a52c16e5a7fc905630d52185ca457108cb0a65a4567cf6157709c1c5eceb311
24c381de634686ff7f15f73b30f1f104433f046e25fd408e7838ef5c0f37401c
262acf27fddfcbdf0b6e01b30f4e9bae6b0a091120611b783a27958207b90760
2e3c2f57f9df5ac41ac0aad06af21b6d3b1b4bcb51a67a5c031830b2331e460d
3f5f2a1b6caf2948b14aa529b10dda083867d59afe89b6c944d8cee4bf60cf61
408330fb01ab51df88ea399ee21fa27be6617ed6ae0b1ade68984b326232214a
43071bba6282cea9245f9cacd7533cc9b5ef33feca8520627328825197b03889
538d049fd82e615676e49d85918f6b6603e8401e047a256e3ff77f67e464d2bd
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
8c515acc215da9a447a4128b7afa5071ba37ba8264ec83070cddbf3dc9b3cd0b
901733c1b9b235ce5b9febfa01bcbc6d0a0cc5970f3cce2698c71cb114824eb0
a913622aaec15effb430d8ba49bc394a8baa87dc1102d80e4d6461a61c07c831
a9c9538a8af6b62c3593217be1a1482b5688758938aaa745d1fbaa4f7e9abdfa
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
ae3c441f96e2a6fdb5f6668f7a96ac136fbcd596dcd95606473437326db68013
b4bb8dde1c7238f9de52c9940dc2715071326b661aad9f107d987b593009818e
bd10c4e7d75694c20c7868273f2fa6327ca3cfbbd0d4394bf6292c0eb05b0c78
c5356e946765c02bac93930089c11f984aa10bf6fb5f2ad95c57d725dea79d50
c99dd0dd7af713a591e68fda6c087a89cfd0f9c0a39dfff408a6cb9fd84c51d4
d288d7c4b00a8ea7a3e35b7d147da7bc2003e5681f35dda220822cbe426168ed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed1fe0430a8099567281447f9d082f3dc6eee8c7d3913a01cae5788acd4c4b89
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff
fbd0d174288a660597f17a782ed788dd04185f391b46a013b977bcf1cc39cb51

qh.tdav500.xyz Open in urlscan Pro 104.233.173.196 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

51 %HTTPS

0 %IPv6

18 Domains

21 Subdomains

8 IPs

2 Countries

131 kBTransfer

486 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

qh.tdav500.xyz Open in urlscan Pro
104.233.173.196 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

51 %
HTTPS

0 %
IPv6

18
Domains

21
Subdomains

8
IPs

2
Countries

131 kB
Transfer

486 kB
Size

7
Cookies

49 HTTP transactions
0 data transactions