njlfby.com Open in urlscan Pro
222.186.168.156  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response njlfby.com/	42 KB 7 KB	1516ms 671ms	Document text/html	222.186.168.156 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://njlfby.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 222.186.168.156 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Apache / Resource Hash f46883c3c715fa6ca6ed518a4cb9425fa1166a346eafdb7301ba33d9ed23135c Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-length 7238 content-type text/html; charset=utf-8 date Tue, 04 Jun 2024 04:03:46 GMT server Apache vary Accept-Encoding
GET H2	200	style.css njlfby.com/template/heisejianyue/css/	14 KB 3 KB	185ms 182ms	Stylesheet text/css	222.186.168.156 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://njlfby.com/template/heisejianyue/css/style.css Requested by Host: njlfby.com URL: https://njlfby.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 222.186.168.156 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Apache / Resource Hash ec98c4557d3db4412fd384d03f6533137f768d360ad4fd5648367ffc729080d6 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://njlfby.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 04:03:46 GMT content-encoding gzip last-modified Mon, 03 Jun 2024 17:30:04 GMT server Apache etag "36d1-619ffaf0d3c89-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 3391
GET H2	200	jquery.js Show response njlfby.com/static/js/	90 KB 32 KB	366ms 364ms	Script text/javascript	222.186.168.156 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://njlfby.com/static/js/jquery.js Requested by Host: njlfby.com URL: https://njlfby.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 222.186.168.156 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Apache / Resource Hash 20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://njlfby.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 04:03:46 GMT content-encoding gzip last-modified Mon, 03 Jun 2024 17:30:04 GMT server Apache etag "169d9-619ffaf0ca049-gzip" vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 32784
GET H2	200	home.js Show response njlfby.com/static/js/	37 KB 9 KB	185ms 183ms	Script text/javascript	222.186.168.156 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://njlfby.com/static/js/home.js Requested by Host: njlfby.com URL: https://njlfby.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 222.186.168.156 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Apache / Resource Hash 1a52c16e5a7fc905630d52185ca457108cb0a65a4567cf6157709c1c5eceb311 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://njlfby.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 04:03:46 GMT content-encoding gzip last-modified Mon, 03 Jun 2024 17:30:04 GMT server Apache etag "95a5-619ffaf0c9c60-gzip" vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 9186
GET H2	200	tgg.js Show response www.biyyy.com/template/semo/dg/	913 B 642 B	1162ms 169ms	Script application/javascript	107.149.170.129 PEG-SV
General Check archive.org Show headers Download Go to Full URL https://www.biyyy.com/template/semo/dg/tgg.js Requested by Host: njlfby.com URL: https://njlfby.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.149.170.129 , United States, ASN54600 (PEG-SV, US), Reverse DNS Software Apache / Resource Hash 12743c5cecbef5a49dcf7766a93bf2cb18677d6a87012eaf43a8b862b7692d83 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://njlfby.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 04:03:47 GMT content-encoding gzip last-modified Sun, 02 Jun 2024 16:43:17 GMT server Apache etag "391-619eae9e2270b-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 566
GET H2	200	t1.js Show response www.biyyy.com/template/semo/dg/	411 B 352 B	1166ms 174ms	Script application/javascript	107.149.170.129 PEG-SV
General Check archive.org Show headers Download Go to Full URL https://www.biyyy.com/template/semo/dg/t1.js Requested by Host: njlfby.com URL: https://njlfby.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.149.170.129 , United States, ASN54600 (PEG-SV, US), Reverse DNS Software Apache / Resource Hash a7a8045df705f59009777ba7c38bce23af276b4a90b298d0c5c3783c52712b75 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://njlfby.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 04:03:47 GMT content-encoding gzip last-modified Fri, 31 May 2024 15:34:40 GMT server Apache etag "19b-619c1b8d0dd8e-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 275
GET H2	200	tlm.js Show response www.biyyy.com/template/semo/dg/	9 KB 3 KB	1161ms 169ms	Script application/javascript	107.149.170.129 PEG-SV
General Check archive.org Show headers Download Go to Full URL https://www.biyyy.com/template/semo/dg/tlm.js Requested by Host: njlfby.com URL: https://njlfby.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 107.149.170.129 , United States, ASN54600 (PEG-SV, US), Reverse DNS Software Apache / Resource Hash afdea591a0410a09f063aa3e016cc7fbf984352ea1782f4050a007bb474eb862 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://njlfby.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 04:03:47 GMT content-encoding gzip last-modified Sun, 02 Jun 2024 22:34:01 GMT server Apache etag "2589-619efd0327181-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 2638
GET H2	200	z.js Show response s9.cnzz.com/	10 KB 10 KB	1617ms 405ms	Script application/javascript	240e:f7:7c00:10a:3::3f2 CHINATELECOM-ZHEJ...
General Check archive.org Show headers Download Go to Full URL https://s9.cnzz.com/z.js?id=1281358358 Requested by Host: njlfby.com URL: https://njlfby.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 240e:f7:7c00:10a:3::3f2 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN), Reverse DNS Software Tengine / Resource Hash 9a04c8683975ec735655f6fcbb0de3de927055e46b85137f712f8b2c1dd06eba Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://njlfby.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 04:01:08 GMT via cache49.l2cn3130[0,0,304-0,H], cache39.l2cn3130[1,0], cache6.cn4101[0,0,200-0,H], cache6.cn4101[0,0] server Tengine age 160 x-swift-cachetime 283 etag W/"8857307840166643954" ali-swift-global-savetime 1717473668 content-type application/javascript x-cache HIT TCP_MEM_HIT dirn:-2:-2 cache-control public, max-age=300 x-swift-savetime Tue, 04 Jun 2024 04:01:25 GMT timing-allow-origin * content-length 10196 eagleid dcb9a89a17174738281536597e
GET H2	200	bg_icon.jpg njlfby.com/template/heisejianyue/img/	4 KB 4 KB	198ms 197ms	Image image/jpeg	222.186.168.156 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL https://njlfby.com/template/heisejianyue/img/bg_icon.jpg Requested by Host: njlfby.com URL: https://njlfby.com/template/heisejianyue/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 222.186.168.156 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Apache / Resource Hash f654cc9daac86f2e7a514d9e3c28710cc58060cf43f37529c243b38cb9951adb Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://njlfby.com/template/heisejianyue/css/style.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 04:03:47 GMT last-modified Mon, 03 Jun 2024 17:30:04 GMT server Apache accept-ranges bytes etag "f1b-619ffaf0d4841" content-length 3867 content-type image/jpeg
GET H2	200	logo.jpg njlfby.com/template/heisejianyue/img/	7 KB 7 KB	198ms 198ms	Image image/jpeg	222.186.168.156 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL https://njlfby.com/template/heisejianyue/img/logo.jpg Requested by Host: njlfby.com URL: https://njlfby.com/template/heisejianyue/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 222.186.168.156 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Apache / Resource Hash 17c2bdb60f5b6a3850b449a99e68feed1ff77c650b43bfa926203c959dfa3e4b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://njlfby.com/template/heisejianyue/css/style.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 04:03:47 GMT last-modified Mon, 03 Jun 2024 17:30:04 GMT server Apache accept-ranges bytes etag "1a83-619ffaf0d4841" content-length 6787 content-type image/jpeg
GET H2	200	icon_seacrh.png njlfby.com/template/heisejianyue/img/	348 B 427 B	197ms 197ms	Image image/png	222.186.168.156 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL https://njlfby.com/template/heisejianyue/img/icon_seacrh.png Requested by Host: njlfby.com URL: https://njlfby.com/template/heisejianyue/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 222.186.168.156 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Apache / Resource Hash c35811436039fbd6efc50c0bb111831d8bf6d9afbe92a46a038cd9efb34738af Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://njlfby.com/template/heisejianyue/css/style.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 04:03:47 GMT last-modified Mon, 03 Jun 2024 17:30:04 GMT server Apache accept-ranges bytes etag "15c-619ffaf0d4841" content-length 348 content-type image/png
GET H2	200	O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg img.alicdn.com/imgextra/i1/133635909329/	3 KB 3 KB	298ms 16ms	Image image/avif	2404:2280:1cc:0:715::3fb TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Show image Full URL https://img.alicdn.com/imgextra/i1/133635909329/O1CN01tjzAup2Imjb8FL1oh_!!133635909329.jpg Requested by Host: njlfby.com URL: https://njlfby.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2404:2280:1cc:0:715::3fb , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Picasso Resource Hash 3724b8fd47d02379fa76d99f3ef90b3f3c108de19d4f0ae9899352dc7ffbebd3 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://njlfby.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 27 May 2024 18:46:21 GMT via cache16.l2us1[0,-1,200-0,H], cache22.l2us1[1,0], ens-cache11.de5[0,0,200-0,H], ens-cache8.de5[1,0] picasso-cache-info HIT age 638246 x-swift-cachetime 31535924 x-powered-by Picasso request-time 0.006 x-cache HIT TCP_MEM_HIT dirn:-2:-2 x-swift-savetime Mon, 27 May 2024 18:47:38 GMT s-rt 10 content-length 2725 server Tengine vary Accept picasso-image-type normal content-type image/avif traceid 2ff6189f17168355817666353e ali-swift-global-savetime 1716835582 cache-control max-age=31536000 picasso-ret-code SUCCESS access-control-allow-origin * timing-allow-origin * picasso-fmt jpg2avif eagleid a3b55c9c17174738282591229e
GET H2	200	8.gif loadimg.cdn-xxx.com/images/gif/	229 KB 229 KB	59ms 20ms	Image image/webp	2606:4700:21::681b:c258 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://loadimg.cdn-xxx.com/images/gif/8.gif Requested by Host: njlfby.com URL: https://njlfby.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:c258 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 62fa8ae63cf718a1e81bcf8f135538e3ca68c692c8a0c0778fe31791c572cd84 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://njlfby.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 04:03:48 GMT strict-transport-security max-age=31536000 cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1649777 cf-polished origFmt=gif, origSize=487658 content-disposition inline; filename="8.webp" content-length 234142 cf-bgj imgq:85,h2pri last-modified Sun, 04 Sep 2022 06:53:10 GMT server cloudflare etag "63144b56-770ea" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0fF%2BGnvJ1ib%2ByrJs9%2BBlJiZuLGm5jovf8yfxQNcEeNs9pYvhtrEozX9FiXKL%2FWglq26JA98znl2G%2Fn78SqIXymPI8vzuWfLPoH%2FJ7HRc3aNy3i2arSeD%2BStuE7unA2EKj%2F9vZZe4zmpYFPIn%2BNBERSs%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=2592000 accept-ranges bytes cf-ray 88e509010fec5a71-VIE expires Sat, 08 Jun 2024 00:11:46 GMT
GET H3	200	KTV960x606282db1f6e5759e1.gif www.imageoss.com/images/2023/12/05/	66 KB 67 KB	629ms 17ms	Image image/gif	172.67.172.31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.imageoss.com/images/2023/12/05/KTV960x606282db1f6e5759e1.gif Requested by Host: njlfby.com URL: https://njlfby.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.172.31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d33e732a07c272be1a89827ef79207fb7a6e138b416ef4a34479e88626a004c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://njlfby.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 04:03:48 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6337863 alt-svc h3=":443"; ma=86400 content-length 67888 last-modified Tue, 05 Dec 2023 08:36:09 GMT server cloudflare etag "656ee0f9-10930" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hqnP2V5PsVu7OL5fPmA6dx5gWY5hkRyn3zeKymEkVNl%2F%2Fn8ap%2B9rNOp94VUA10QF0sX3OrGronzXtb9jsBN9Re04r96gH5%2BvJc8jzR8ES9VG6pVeJBfUcnM3Wjl5bmk7KU7P"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=31536000 accept-ranges bytes cf-ray 88e509049c4f9b86-FRA priority u=1,i
GET H/1.1	200 OK	4620 Show response 49da463d383540cbdg.keilfcy.com/sc/	10 KB 10 KB	933ms 308ms	Script text/javascript	154.23.151.92 SGPL-AS-AP STARCL...
General Check archive.org Show headers Download Go to Full URL https://49da463d383540cbdg.keilfcy.com:8007/sc/4620?n=trbhvvkp Requested by Host: njlfby.com URL: https://njlfby.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 154.23.151.92 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG), Reverse DNS Software nginx/1.18.0 / PHP/5.6.31 Resource Hash 7fc98fc0d8838411066ed0de3c5bbd8692c470af4ae86ff1aa7f74c22edcd8a6 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://njlfby.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma max-age=1800 Date Tue, 04 Jun 2024 04:03:48 GMT Server nginx/1.18.0 X-Powered-By PHP/5.6.31 Transfer-Encoding chunked P3P CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Access-Control-Allow-Origin * Content-Type text/javascript; charset=utf-8 Cache-Control max-age=1800 Connection keep-alive
GET H/1.1	200 OK	3664 Show response 4337c3546a23e046kg.oiocklg.com/sc/	10 KB 10 KB	1020ms 312ms	Script text/javascript	154.23.151.101 SGPL-AS-AP STARCL...
General Check archive.org Show headers Download Go to Full URL https://4337c3546a23e046kg.oiocklg.com:8008/sc/3664?n=muhpzila Requested by Host: njlfby.com URL: https://njlfby.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 154.23.151.101 Hong Kong, Hong Kong, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG), Reverse DNS Software nginx/1.18.0 / PHP/5.6.31 Resource Hash 2038ca429aa569fc373a1bf1ecb68fae6e9bac01d3e7f74f48e15919901f83dd Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://njlfby.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma max-age=1800 Date Tue, 04 Jun 2024 04:03:48 GMT Server nginx/1.18.0 X-Powered-By PHP/5.6.31 Transfer-Encoding chunked P3P CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Access-Control-Allow-Origin * Content-Type text/javascript; charset=utf-8 Cache-Control max-age=1800 Connection keep-alive
GET H2	200	load.gif njlfby.com/template/heisejianyue/img/	19 KB 20 KB	197ms 196ms	Image image/gif	222.186.168.156 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL https://njlfby.com/template/heisejianyue/img/load.gif Requested by Host: njlfby.com URL: https://njlfby.com/template/heisejianyue/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 222.186.168.156 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Apache / Resource Hash 970162fed0084f6f43a67a7ebf545562ee53ea951ae65c6db956f4f289d59a29 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://njlfby.com/template/heisejianyue/css/style.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 04:03:48 GMT last-modified Mon, 03 Jun 2024 17:30:04 GMT server Apache accept-ranges bytes etag "4dae-619ffaf0d4841" content-length 19886 content-type image/gif
POST H2	200	stat.htm z12.cnzz.com/	2 B 123 B	1136ms 159ms	Ping text/html	36.156.202.74 CMNET-JIANGSU-AP ...
General Check archive.org Show headers Download Go to Full URL https://z12.cnzz.com/stat.htm?id=1281358358&r=&lg=de-de&ntime=none&cnzz_eid=1292330409-1717473828-&showp=1600x1200&p=https%3A%2F%2Fnjlfby.com%2F&t=%E5%A4%A9%E5%A0%82%E7%94%B5%E5%BD%B1%E7%BD%91-%E6%9C%80%E6%96%B0%E9%AB%98%E6%B8%85%E7%94%B5%E5%BD%B1-%E7%83%AD%E9%97%A8%E7%9F%AD%E5%89%A7%E7%9F%AD%E8%A7%86%E9%A2%91-%E5%A5%BD%E7%9C%8B%E7%9A%84%E7%94%B5%E8%A7%86%E5%89%A7%E5%85%8D%E8%B4%B9%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B&umuuid=18fe16ade4148-03da1d912ec953-26001c51-1d4c00-18fe16ade42c77&h=1 Requested by Host: s9.cnzz.com URL: https://s9.cnzz.com/z.js?id=1281358358 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305 Server 36.156.202.74 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN), Reverse DNS Software Tengine / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://njlfby.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 04:03:49 GMT content-encoding gzip server Tengine vary Accept-Encoding content-type text/html; charset=utf-8
GET H2	200	c.js Show response c.cnzz.com/	907 B 864 B	293ms 287ms	Script application/javascript	240e:f7:7c00:10a:3::3f2 CHINATELECOM-ZHEJ...
General Check archive.org Show headers Download Go to Full URL https://c.cnzz.com/c.js?web_id=1281358358&t=z Requested by Host: s9.cnzz.com URL: https://s9.cnzz.com/z.js?id=1281358358 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 240e:f7:7c00:10a:3::3f2 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN), Reverse DNS Software Tengine / Resource Hash 9f47f236146c126e4d4146608262bcb7a46bede00c0b3e2e7179f54916e00850 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://njlfby.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 03:58:55 GMT via cache58.l2cn3130[84,83,304-0,M], cache39.l2cn3130[85,0], cache22.cn4101[0,0,200-0,H], cache6.cn4101[0,0] content-encoding gzip age 293 x-swift-cachetime 321 x-cache HIT TCP_MEM_HIT dirn:-2:-2 x-swift-savetime Tue, 04 Jun 2024 03:58:55 GMT content-length 591 server Tengine etag W/"2150611992335150566" vary accept-encoding ali-swift-global-savetime 1717473535 content-type application/javascript cache-control public, max-age=321 timing-allow-origin * eagleid dcb9a89a17174738285707207e
GET H2	200	favicon.ico njlfby.com/template/heisejianyue/img/	17 KB 5 KB	198ms 197ms	Other image/x-icon	222.186.168.156 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://njlfby.com/template/heisejianyue/img/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 222.186.168.156 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software Apache / Resource Hash 4c02f5cb2ee99494107e7e87160173224a56f2f025eabc18bf5d517c4c3ee3ff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://njlfby.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 04:03:49 GMT content-encoding gzip last-modified Mon, 03 Jun 2024 17:30:04 GMT server Apache etag "423e-619ffaf0d4841-gzip" vary Accept-Encoding content-type image/x-icon accept-ranges bytes content-length 4752

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| base64EncodeChars object| base64DecodeChars function| base64encode function| base64decode function| utf16to8 function| utf8to16 object| MAC object| maccms string| url string| img object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1281358358 number| trbhvvkp_is_ws object| 1uu3gxsa number| trbhvvkp_is_kk number| muhpzila_is_ws object| 8vj6r7b number| muhpzila_is_kk

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.njlfby.com/	1970-01-21 01:26:38	Name: UM_distinctid Value: 18fe16ade4148-03da1d912ec953-26001c51-1d4c00-18fe16ade42c77
			njlfby.com/	1970-01-21 01:26:38	Name: CNZZDATA1281358358 Value: 1292330409-1717473828-%7C1717473828

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://s9.cnzz.com/z.js?id=1281358358 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/c.js?web_id=1281358358&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://s9.cnzz.com/z.js?id=1281358358 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/c.js?web_id=1281358358&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4337c3546a23e046kg.oiocklg.com
49da463d383540cbdg.keilfcy.com
c.cnzz.com
img.alicdn.com
loadimg.cdn-xxx.com
njlfby.com
s9.cnzz.com
www.biyyy.com
www.imageoss.com
z12.cnzz.com
107.149.170.129
154.23.151.101
154.23.151.92
172.67.172.31
222.186.168.156
2404:2280:1cc:0:715::3fb
240e:f7:7c00:10a:3::3f2
2606:4700:21::681b:c258
36.156.202.74
12743c5cecbef5a49dcf7766a93bf2cb18677d6a87012eaf43a8b862b7692d83
17c2bdb60f5b6a3850b449a99e68feed1ff77c650b43bfa926203c959dfa3e4b
1a52c16e5a7fc905630d52185ca457108cb0a65a4567cf6157709c1c5eceb311
2038ca429aa569fc373a1bf1ecb68fae6e9bac01d3e7f74f48e15919901f83dd
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d33e732a07c272be1a89827ef79207fb7a6e138b416ef4a34479e88626a004c
3724b8fd47d02379fa76d99f3ef90b3f3c108de19d4f0ae9899352dc7ffbebd3
4c02f5cb2ee99494107e7e87160173224a56f2f025eabc18bf5d517c4c3ee3ff
62fa8ae63cf718a1e81bcf8f135538e3ca68c692c8a0c0778fe31791c572cd84
7fc98fc0d8838411066ed0de3c5bbd8692c470af4ae86ff1aa7f74c22edcd8a6
970162fed0084f6f43a67a7ebf545562ee53ea951ae65c6db956f4f289d59a29
9a04c8683975ec735655f6fcbb0de3de927055e46b85137f712f8b2c1dd06eba
9f47f236146c126e4d4146608262bcb7a46bede00c0b3e2e7179f54916e00850
a7a8045df705f59009777ba7c38bce23af276b4a90b298d0c5c3783c52712b75
afdea591a0410a09f063aa3e016cc7fbf984352ea1782f4050a007bb474eb862
c35811436039fbd6efc50c0bb111831d8bf6d9afbe92a46a038cd9efb34738af
ec98c4557d3db4412fd384d03f6533137f768d360ad4fd5648367ffc729080d6
f46883c3c715fa6ca6ed518a4cb9425fa1166a346eafdb7301ba33d9ed23135c
f654cc9daac86f2e7a514d9e3c28710cc58060cf43f37529c243b38cb9951adb