exchangegy.cc Open in urlscan Pro
172.67.141.169 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://exchangegy.cc/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On November 13 via api (November 13th 2024, 2:39:23 pm UTC) from IT — Scanned from IT

Summary HTTP 46 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 46 HTTP transactions. The main IP is 172.67.141.169, located in United States and belongs to CLOUDFLARENET, US. The main domain is exchangegy.cc.
TLS certificate: Issued by WE1 on November 13th 2024. Valid for: 3 months.

This is the only time exchangegy.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	172.67.141.169 172.67.141.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	18.173.205.87 18.173.205.87	16509 (AMAZON-02) (AMAZON-02)
22	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2408:4005:30a... 2408:4005:30a:4302:6218:d8d9:db29:5dd8	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
46	5

13 172.67.141.169 (United States)

ASN13335 (CLOUDFLARENET, US)

exchangegy.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.173.205.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-87.fra56.r.cloudfront.net

intapi.hihick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

pic.hihick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2408:4005:30a:4302:6218:d8d9:db29:5dd8 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

cdn.dcloud.net.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	hihick.com intapi.hihick.com pic.hihick.com	419 KB
13	exchangegy.cc exchangegy.cc	399 KB
1	dcloud.net.cn cdn.dcloud.net.cn — Cisco Umbrella Rank: 66003	418 B
46	3

	Domain	Requested by
22	pic.hihick.com
13	exchangegy.cc	exchangegy.cc
9	intapi.hihick.com	exchangegy.cc
1	cdn.dcloud.net.cn	exchangegy.cc
46	4

This site contains no links.

Subject Issuer	Validity	Valid
exchangegy.cc WE1	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.hihick.com Amazon RSA 2048 M03	`2024-09-24` - `2025-10-23`	a year	crt.sh
hihick.com WE1	`2024-11-04` - `2025-02-02`	3 months	crt.sh
*.dcloud.net.cn Certum Domain Validation CA SHA2	`2024-08-12` - `2025-09-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://exchangegy.cc/
Frame ID: 8644D804BADE90A0E792DC408E967D14
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Page Statistics

46
Requests

98 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

5
IPs

3
Countries

818 kB
Transfer

1631 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
exchangegy.cc/ 1009 B
1 KB 540ms
455ms Document
text/html 172.67.141.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchangegy.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b73fd695bc58f93e4f82d7b76fc5c653f029d4d7809d95dc717484c9553f35a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e1f82991d59bb3d-FRA
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Wed, 13 Nov 2024 14:39:15 GMT
last-modified: Sun, 29 Sep 2024 11:59:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eZ5yWNTF3SYHIqCm48Pa4sGLb%2B4rU13m9fd2PqCWi7MBkWodN89%2Bvgs2VDqVoEAAhO0Caz4%2F1IRftRmhLTTgyFU2kZIUXIlWzDAM707xiyDw98K0%2BPA2LzZ2dnK%2F0qh9"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=36725&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4144&recv_bytes=4485&delivery_rate=452&cwnd=12000&unsent_bytes=0&cid=afeda211fac3b84e&ts=467&x=1" cfHdrFlush;dur=0

GET
H3 200 index.2da1efab.css
exchangegy.cc/static/ 94 KB
26 KB 806ms
805ms Stylesheet
text/css 172.67.141.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchangegy.cc/static/index.2da1efab.css
Requested by: Host: exchangegy.cc
URL: https://exchangegy.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e97de9a247807f12d74101e9f736250b2410be4e1ed3d17ed875e4b08cf66c83

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"66f94138-178f9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1r%2BTuQPGF4J5tadUs6bPFs6i8FF531NnqTtcOWGDiDtUqf8VGxNCyp4wsDUrvurbVA4mkZWlycMJ%2BgrHWVp7duSLUdKJH2WTiSvZ2QB9j87M8A99ORqNB1PAMWL%2FOWWZ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1f829c1f97bb3d-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=36415&sent=76&recv=45&lost=0&retrans=0&sent_bytes=77028&recv_bytes=6787&delivery_rate=402226&cwnd=33600&unsent_bytes=0&cid=afeda211fac3b84e&ts=1288&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:16 GMT
content-type: text/css
last-modified: Sun, 29 Sep 2024 11:59:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 chunk-vendors.36862506.js Show response
exchangegy.cc/static/js/ 858 KB
263 KB 637ms
636ms Script
application/javascript 172.67.141.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchangegy.cc/static/js/chunk-vendors.36862506.js
Requested by: Host: exchangegy.cc
URL: https://exchangegy.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44d6b95870ede19c73b39e50733302f3c1c515a7cb0686588485428b945c471d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"66f94138-d67a3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4DxcjlXKmwkZr9nS1yUT4wYHRwACKLx6KJtXhf1VhcgI5SD9wQ%2BlMdFOaqRmmIQHCZIhUTdYgS4rf3l8qadOCfUkEZUQycFKzKtmvptsYS2syuk%2FEitPxNGu47iSjBFI"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1f829c1f98bb3d-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37574&sent=48&recv=31&lost=0&retrans=0&sent_bytes=44996&recv_bytes=6176&delivery_rate=563037&cwnd=31200&unsent_bytes=0&cid=afeda211fac3b84e&ts=1119&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 29 Sep 2024 11:59:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 index.28cd7714.js Show response
exchangegy.cc/static/js/ 169 KB
38 KB 477ms
477ms Script
application/javascript 172.67.141.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchangegy.cc/static/js/index.28cd7714.js
Requested by: Host: exchangegy.cc
URL: https://exchangegy.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8700eae2dab1a628f950831490d432db6681dbc4feba7b91772c2ef779a76b1d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"66f94138-2a223"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UQIb5FJf6oHNdAfxss2l2dP%2Fjl4yUxfiiGMnylnhHc7V%2BRaCOVpb5YPjE9jbDISyY%2BtLiMrAbIsNUowrDyMzKDOCbjUlzsYA4fnxP3%2FKzVwjbbfxM%2FZ%2B9K5az7fpGnTd"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1f829c1f9abb3d-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39481&sent=15&recv=14&lost=0&retrans=0&sent_bytes=5428&recv_bytes=5444&delivery_rate=30728&cwnd=12000&unsent_bytes=0&cid=afeda211fac3b84e&ts=952&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 29 Sep 2024 11:59:52 GMT
vary: Accept-Encoding
server: cloudflare

OPTIONS
H2 200 info
intapi.hihick.com/sys/app/ 0
0 890ms
753ms Preflight 18.173.205.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intapi.hihick.com/sys/app/info
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-access-client,x-access-domain
Access-Control-Request-Method: POST
Origin: https://exchangegy.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-access-client, x-access-domain
access-control-allow-methods: POST
access-control-allow-origin: https://exchangegy.cc
access-control-max-age: 1800
content-length: 0
date: Wed, 13 Nov 2024 14:39:17 GMT
server: nginx
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 044b6ab929e12b48b2113c346ddcec30.cloudfront.net (CloudFront)
x-amz-cf-id: 9rFOF40ipSQ_JBpqEfJZaYViDhxHUazUS2-6PbaH6ZatC93y_zQM2Q==
x-amz-cf-pop: FRA56-P12
x-cache: Miss from cloudfront

OPTIONS
H2 200 get_locale
intapi.hihick.com/sys/app/ 0
0 994ms
858ms Preflight 18.173.205.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intapi.hihick.com/sys/app/get_locale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-access-client,x-access-domain
Access-Control-Request-Method: POST
Origin: https://exchangegy.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-access-client, x-access-domain
access-control-allow-methods: POST
access-control-allow-origin: https://exchangegy.cc
access-control-max-age: 1800
content-length: 0
date: Wed, 13 Nov 2024 14:39:18 GMT
server: nginx
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 044b6ab929e12b48b2113c346ddcec30.cloudfront.net (CloudFront)
x-amz-cf-id: ba1vsMIgGtK0yyfGd9PAUVS4V3kO3fjDqdkY6cjr2B31LixF1PA4hw==
x-amz-cf-pop: FRA56-P12
x-cache: Miss from cloudfront

GET
H3 200 pages-aegis-aegis~pages-defray-amount-amount~pages-defray-bank-bank~pages-defray-bankpay-bankpay~pag~c83e7da0.6b022ad2.js Show response
exchangegy.cc/static/js/ 54 KB
31 KB 646ms
645ms Script
application/javascript 172.67.141.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchangegy.cc/static/js/pages-aegis-aegis~pages-defray-amount-amount~pages-defray-bank-bank~pages-defray-bankpay-bankpay~pag~c83e7da0.6b022ad2.js
Requested by: Host: exchangegy.cc
URL: https://exchangegy.cc/static/js/index.28cd7714.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1765a4f4c49d9414dce3eda2118885af80e3771d871b982fe664b613a9f0697

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"66f94138-d747"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=35KgP3mX4JVBlnD33xGeXUK%2FUgSyIa11HylDhvYO63zTU9Dt2mTpmcIJ%2FqfONJku0LxwCBT7tViveeDDEU9L3QCt64xe1ucOEfS00GQL4pOjNALukEg6Qj5eRXpYQWpV"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1f82a47d9fbb3d-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37658&sent=325&recv=93&lost=0&retrans=0&sent_bytes=361456&recv_bytes=10678&delivery_rate=231822&cwnd=87600&unsent_bytes=0&cid=afeda211fac3b84e&ts=2485&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 29 Sep 2024 11:59:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 pages-defray-bank-bank~pages-defray-bankpay-bankpay~pages-tabBar-assets~pages-tabBar-home~pages-view~5f3e730a.0344e6f2.js Show response
exchangegy.cc/static/js/ 13 KB
4 KB 550ms
549ms Script
application/javascript 172.67.141.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchangegy.cc/static/js/pages-defray-bank-bank~pages-defray-bankpay-bankpay~pages-tabBar-assets~pages-tabBar-home~pages-view~5f3e730a.0344e6f2.js
Requested by: Host: exchangegy.cc
URL: https://exchangegy.cc/static/js/index.28cd7714.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d71514a6c89a74f65e30f3ec6b414a8fcbcfc8f0d094354f0e286ad16c3e1973

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"66f94138-3261"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RB8ZbPHTraMoAWlTBIo3QVrDi0heYc8RbFapzsKqaZ4S%2BFpOo%2FRc7ji1Vk1x5SmHSPhqq%2FOW1f68c9KQ8d2LcZrS5Gsj8GFRa7uCBJZlvjvk4kHwpklp8PKCRyAFX4Jl"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1f82a47da1bb3d-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37504&sent=319&recv=91&lost=0&retrans=0&sent_bytes=355480&recv_bytes=10588&delivery_rate=6790&cwnd=87600&unsent_bytes=0&cid=afeda211fac3b84e&ts=2386&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 29 Sep 2024 11:59:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 pages-tabBar-home.fd1e01f1.js Show response
exchangegy.cc/static/js/ 14 KB
5 KB 547ms
547ms Script
application/javascript 172.67.141.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchangegy.cc/static/js/pages-tabBar-home.fd1e01f1.js
Requested by: Host: exchangegy.cc
URL: https://exchangegy.cc/static/js/index.28cd7714.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69518cd7d3e587d7390851b6051c35dabdebb3d6a588682ffdb77c4d49b4a961

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"66f94138-36f4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k2UDNrCb4ymNeU3rlSKrUhrnKNz0rEiZyf9TcktdIGylNjzBRI0jAfNCfBcf0GyoOUQnHM4wmx2m%2F0O59E2NBydd1s4U5xF304pd5YYm7br2Ee57yv8jwOfCvqkLPnpu"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1f82a47da2bb3d-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37504&sent=314&recv=91&lost=0&retrans=0&sent_bytes=350410&recv_bytes=10588&delivery_rate=6790&cwnd=87600&unsent_bytes=0&cid=afeda211fac3b84e&ts=2384&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:17 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 29 Sep 2024 11:59:52 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 200 info Show response
intapi.hihick.com/sys/app/ 9 KB
9 KB 520ms
519ms XHR
application/json 18.173.205.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intapi.hihick.com/sys/app/info
Requested by: Host: exchangegy.cc
URL: https://exchangegy.cc/static/js/chunk-vendors.36862506.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: d9aa23f2d136e545a4e6244340ce3f41d3eefa16cfe42e0debb7ab661960585e

Request headers

X-Access-Domain: exchangegy.cc
Referer: https://exchangegy.cc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-Access-Client: 1
content-type: application/json;charset=UTF-8

Response headers

access-control-allow-credentials: true
x-trace-id: OYjdWQZAIM
via: 1.1 044b6ab929e12b48b2113c346ddcec30.cloudfront.net (CloudFront)
access-control-allow-origin: https://exchangegy.cc
x-cache: Miss from cloudfront
x-amz-cf-id: hHNQs1YoQIqo3J3CUSHeVl4fT-AEXGe7UYdsgHd2GI-d35OAMScnZQ==
date: Wed, 13 Nov 2024 14:39:18 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: nginx
x-amz-cf-pop: FRA56-P12

POST
H2 200 get_locale Show response
intapi.hihick.com/sys/app/ 153 B
535 B 224ms
222ms XHR
application/json 18.173.205.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intapi.hihick.com/sys/app/get_locale
Requested by: Host: exchangegy.cc
URL: https://exchangegy.cc/static/js/chunk-vendors.36862506.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b572ef08fdc51c2bc778d41984ed96895f03c89280f487f6d0aa29cd6e4e3e09

Request headers

X-Access-Domain: exchangegy.cc
Referer: https://exchangegy.cc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-Access-Client: 1
content-type: application/json;charset=UTF-8

Response headers

access-control-allow-credentials: true
x-trace-id: j2KazMPQeG
via: 1.1 044b6ab929e12b48b2113c346ddcec30.cloudfront.net (CloudFront)
access-control-allow-origin: https://exchangegy.cc
x-cache: Miss from cloudfront
x-amz-cf-id: maAWfX-Fpsgs4NmeRdJiztvr4AD8gHeE5gxhaei53cPI7qRdfG9cBQ==
date: Wed, 13 Nov 2024 14:39:18 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: nginx
x-amz-cf-pop: FRA56-P12

GET
H3 200 homeHL.png
exchangegy.cc/static/imgs/icon/ 738 B
1 KB 427ms
427ms Image
image/png 172.67.141.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchangegy.cc/static/imgs/icon/homeHL.png
Requested by: Host: exchangegy.cc
URL: https://exchangegy.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92829d53ee42ce41cc6e25a6aa03c97ec99e05d7fcc67839e0f3fd352fbcc03a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "66f94138-2e2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W0o3UNNHNegLmabyrPGe3TAtI1TSFy34LSA5pjPd1%2F22F%2FNgLESqoLRnGD48j%2Bo%2Br9jWfpJeNK2%2Bv37kMsf2%2BGonAw1olhQm5kwV%2BnAQ4WxziNG%2FU6OpdzUISs7Qh79R"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1f82a4adb4bb3d-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37892&sent=310&recv=89&lost=0&retrans=0&sent_bytes=347307&recv_bytes=10498&delivery_rate=1654499&cwnd=87600&unsent_bytes=0&cid=afeda211fac3b84e&ts=2292&x=1", cfHdrFlush;dur=0
content-length: 738
date: Wed, 13 Nov 2024 14:39:17 GMT
content-type: image/png
last-modified: Sun, 29 Sep 2024 11:59:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 order.png
exchangegy.cc/static/imgs/icon/ 965 B
2 KB 568ms
567ms Image
image/png 172.67.141.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchangegy.cc/static/imgs/icon/order.png
Requested by: Host: exchangegy.cc
URL: https://exchangegy.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45d81cad6092af3dd5b03596e207c130c8567dcb4c2193ed8264c476917fe833

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "66f94138-3c5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f1zuVDnjmpc1HWloIhEZSJZk80Uv4O8H5m6xlyIQL3sRKV6mz6rjruz0f8nptVwMXK3Mt8DAqrR9o0Qom3rTUpfPEFDXmFR%2FK0OiCl6u5xmO0Cr7Y93VvOEtLFlytCJp"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1f82a4adb6bb3d-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37504&sent=323&recv=91&lost=0&retrans=0&sent_bytes=359831&recv_bytes=10588&delivery_rate=6790&cwnd=87600&unsent_bytes=0&cid=afeda211fac3b84e&ts=2431&x=1", cfHdrFlush;dur=0
content-length: 965
date: Wed, 13 Nov 2024 14:39:17 GMT
content-type: image/png
last-modified: Sun, 29 Sep 2024 11:59:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 my.png
exchangegy.cc/static/imgs/icon/ 1 KB
2 KB 465ms
464ms Image
image/png 172.67.141.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchangegy.cc/static/imgs/icon/my.png
Requested by: Host: exchangegy.cc
URL: https://exchangegy.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 365649829b82a49562ebd36f0afdb443baaa68fb3f2b965a11dca827e45909e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "66f94138-403"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AlgPtMVFi3gWLQVTh5IF7JwwwE3WZWrjDoWfkAtqDQZZFjELKU%2BRbsIxsdMur256jWDCxKqeilKdw%2FMWAhAIpujKNfI2Fzmj%2F%2BdFdjVUZdfoxYfZcfoUZbHFm8yjDJ2U"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1f82a4adb7bb3d-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37892&sent=312&recv=89&lost=0&retrans=0&sent_bytes=348715&recv_bytes=10498&delivery_rate=1654499&cwnd=87600&unsent_bytes=0&cid=afeda211fac3b84e&ts=2330&x=1", cfHdrFlush;dur=0
content-length: 1027
date: Wed, 13 Nov 2024 14:39:17 GMT
content-type: image/png
last-modified: Sun, 29 Sep 2024 11:59:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 200 list
intapi.hihick.com/trade/app/market/ 0
0 399ms
399ms Preflight 18.173.205.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intapi.hihick.com/trade/app/market/list
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-access-client,x-access-domain
Access-Control-Request-Method: POST
Origin: https://exchangegy.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-access-client, x-access-domain
access-control-allow-methods: POST
access-control-allow-origin: https://exchangegy.cc
access-control-max-age: 1800
content-length: 0
date: Wed, 13 Nov 2024 14:39:18 GMT
server: nginx
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 044b6ab929e12b48b2113c346ddcec30.cloudfront.net (CloudFront)
x-amz-cf-id: oDiYyKy6WebSBI8eXMheAtjzxGbKmiSYz_pAzRjZKe23C6Ndke85lQ==
x-amz-cf-pop: FRA56-P12
x-cache: Miss from cloudfront

OPTIONS
H2 200 banner_list
intapi.hihick.com/sys/app/home/ 0
0 437ms
436ms Preflight 18.173.205.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intapi.hihick.com/sys/app/home/banner_list
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-access-client,x-access-domain
Access-Control-Request-Method: POST
Origin: https://exchangegy.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-access-client, x-access-domain
access-control-allow-methods: POST
access-control-allow-origin: https://exchangegy.cc
access-control-max-age: 1800
content-length: 0
date: Wed, 13 Nov 2024 14:39:18 GMT
server: nginx
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 044b6ab929e12b48b2113c346ddcec30.cloudfront.net (CloudFront)
x-amz-cf-id: dM4oS9BHKu2idpqxosAIPI7oqLiPBOWpUfl1pyuiSRkVv2_eVwLp_Q==
x-amz-cf-pop: FRA56-P12
x-cache: Miss from cloudfront

POST
H2 200 list Show response
intapi.hihick.com/trade/app/market/ 5 KB
5 KB 447ms
446ms XHR
application/json 18.173.205.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intapi.hihick.com/trade/app/market/list
Requested by: Host: exchangegy.cc
URL: https://exchangegy.cc/static/js/chunk-vendors.36862506.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 335d8bb75c269ff643ea2f934a4b80103b3735b940ff0246ce3cf742ef1937e0

Request headers

X-Access-Domain: exchangegy.cc
Referer: https://exchangegy.cc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-Access-Client: 1
content-type: application/json;charset=UTF-8

Response headers

access-control-allow-credentials: true
x-trace-id: KuoEjXV77f
via: 1.1 044b6ab929e12b48b2113c346ddcec30.cloudfront.net (CloudFront)
access-control-allow-origin: https://exchangegy.cc
x-cache: Miss from cloudfront
x-amz-cf-id: Kqin-3pmCRcrsCL4paOqejukpW0ra49zmB9kjDkl97KdQqrDOY0MZw==
date: Wed, 13 Nov 2024 14:39:18 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: nginx
x-amz-cf-pop: FRA56-P12

POST
H2 200 banner_list Show response
intapi.hihick.com/sys/app/home/ 429 B
814 B 241ms
240ms XHR
application/json 18.173.205.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intapi.hihick.com/sys/app/home/banner_list
Requested by: Host: exchangegy.cc
URL: https://exchangegy.cc/static/js/chunk-vendors.36862506.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 0ecec1dc1c85edc0e4574fef38bcdd23989cff437985345b5249d5f68f2c39de

Request headers

X-Access-Domain: exchangegy.cc
Referer: https://exchangegy.cc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-Access-Client: 1
content-type: application/json;charset=UTF-8

Response headers

access-control-allow-credentials: true
x-trace-id: NvHk8vYr4K
via: 1.1 044b6ab929e12b48b2113c346ddcec30.cloudfront.net (CloudFront)
access-control-allow-origin: https://exchangegy.cc
x-cache: Miss from cloudfront
x-amz-cf-id: wrY9Yzyo1imZ1qAC2huzeImTCRrk234nmY74zWMTRHWiZ5WlJTGWDQ==
date: Wed, 13 Nov 2024 14:39:18 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: nginx
x-amz-cf-pop: FRA56-P12

GET
H3 200 quick_bg.png
exchangegy.cc/static/imgs/ 18 KB
19 KB 645ms
644ms Image
image/png 172.67.141.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchangegy.cc/static/imgs/quick_bg.png
Requested by: Host: exchangegy.cc
URL: https://exchangegy.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b14bd630f6c64ff9ac223bea708f29180474b58569b1f4030000759377e56d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "66f94138-4999"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=24EBKqi3K77jN6OXW2kb3FlU6BCoBSv2JCzFFpC5bG0F5sX2DDoXTidt%2FlgPRPHtb%2FhPkye50SQJf2dJP2dcDOOYQB1rxHComf4kGjHI2YP40oJZfucX9p0NugVvMGYb"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1f82a8a8ebbb3d-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37087&sent=361&recv=99&lost=0&retrans=0&sent_bytes=400672&recv_bytes=11548&delivery_rate=14805&cwnd=87600&unsent_bytes=0&cid=afeda211fac3b84e&ts=3149&x=1", cfHdrFlush;dur=0
content-length: 18841
date: Wed, 13 Nov 2024 14:39:18 GMT
content-type: image/png
last-modified: Sun, 29 Sep 2024 11:59:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 icon_quick_recharge.png
exchangegy.cc/static/imgs/ 6 KB
6 KB 426ms
426ms Image
image/png 172.67.141.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchangegy.cc/static/imgs/icon_quick_recharge.png
Requested by: Host: exchangegy.cc
URL: https://exchangegy.cc/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9ba22fec046a398834c6ad218b480ec6768037aca905d30b42b76d63924db56

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "66f94138-165a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DiEQidM9a6e7LHkLaS9QKEZYA5WwC%2BiOwDFZXks8nmg9YNLgqsLwzU%2FK22o79oZc%2FjrxHbvS3L7J7xIbl3m23qRzgPpwtMGu%2BAQkG%2BmLALSM%2B%2Fi9UtGS3S4E8mVfxqPC"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1f82a8a8f3bb3d-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37220&sent=355&recv=98&lost=0&retrans=0&sent_bytes=394184&recv_bytes=11503&delivery_rate=909203&cwnd=87600&unsent_bytes=0&cid=afeda211fac3b84e&ts=2936&x=1", cfHdrFlush;dur=0
content-length: 5722
date: Wed, 13 Nov 2024 14:39:18 GMT
content-type: image/png
last-modified: Sun, 29 Sep 2024 11:59:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 f9af17c0584640488417243900aa4e58.png
pic.hihick.com/images/2024/8/19/ 54 KB
55 KB 240ms
165ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.hihick.com/images/2024/8/19/f9af17c0584640488417243900aa4e58.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2956ff1e95f076d225c79df6c01cd8baa2faad02f5bd8382e24dd1a565e26fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "104add8e9da43bcc8df70c7c17e13fc1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uUGGfjNsR2c%2Fmy6VJv0wgJZp24fANbMAfedS3w5kaDXgK99K5DFLVQK4yC20iPpDOorvvmczysysFZldZ%2BPhsSKOcV%2BNwjlUKHTbLQFjNn6%2BhAul%2BxIGva5U0sKzb8yKhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43236&sent=16&recv=14&lost=0&retrans=0&sent_bytes=4299&recv_bytes=6239&delivery_rate=454&cwnd=12000&unsent_bytes=0&cid=24d4176f0f803e1a&ts=184&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:18 GMT
content-type: application/octet-stream
last-modified: Mon, 19 Aug 2024 06:23:21 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17FA6162B4E439D2
cf-ray: 8e1f82ad598c37d8-FRA
accept-ranges: bytes
content-length: 55498
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 3c4c871536b2402589c8e41f797c1bd5.png
pic.hihick.com/images/2024/8/19/ 83 KB
84 KB 322ms
248ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.hihick.com/images/2024/8/19/3c4c871536b2402589c8e41f797c1bd5.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4a984420f30b553a3576a5ebdfb318f2514bc5db0870053f7e4df7b8e54ffca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "a271fec336c4617263f8bf186bc26d4b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MfRer4My9fLIe33m106KYfODKQ8qKXR%2FngeyPoY7Zx7VrkfVspX9umN9LX2iRouBRLLiQmy96UnldNgWJfsjj8VzwP1Yv0XytezZKQLd%2FSTJyd6FQ6Ip5UX%2BYoVp0HR3jA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=41525&sent=36&recv=17&lost=0&retrans=0&sent_bytes=25899&recv_bytes=6368&delivery_rate=190164&cwnd=14400&unsent_bytes=0&cid=24d4176f0f803e1a&ts=241&x=1", cfExtPri, cfHdrFlush;dur=23
date: Wed, 13 Nov 2024 14:39:18 GMT
content-type: application/octet-stream
last-modified: Mon, 19 Aug 2024 06:23:39 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1802D6F7F1A003C6
cf-ray: 8e1f82adb9dd37d8-FRA
accept-ranges: bytes
content-length: 85163
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 794f9f1021b744359d552915f82246e3.png
pic.hihick.com/images/2024/8/19/ 62 KB
62 KB 324ms
250ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.hihick.com/images/2024/8/19/794f9f1021b744359d552915f82246e3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a0999ed114c126cec1e6c929cf4dd64bffa7848bc7085c5f56321f060966734

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "b7bca3d1e42b54af16684dd423e5a26a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dzTXTMjbjsSCM7F9p%2BX%2Ba5jou4AGIYb2b49ldEDR7lcA%2BWKvVaDhe4Fz1oL%2FGCEbHmVfq9Z5TVeneWzGr86PfXUySDASNxxzrgD2t58Yevc0Fcn2r0OC0CrWdVkvHW23CA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=41525&sent=36&recv=17&lost=0&retrans=0&sent_bytes=25899&recv_bytes=6368&delivery_rate=190164&cwnd=14400&unsent_bytes=0&cid=24d4176f0f803e1a&ts=258&x=1", cfExtPri, cfHdrFlush;dur=7
date: Wed, 13 Nov 2024 14:39:18 GMT
content-type: application/octet-stream
last-modified: Mon, 19 Aug 2024 06:23:51 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17FA69885F4524B9
cf-ray: 8e1f82adb9de37d8-FRA
accept-ranges: bytes
content-length: 63112
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 7efa0f35b5384222b81a3d651156cfa8.png
pic.hihick.com/images/2024/8/19/ 71 KB
71 KB 280ms
207ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.hihick.com/images/2024/8/19/7efa0f35b5384222b81a3d651156cfa8.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

483a28debb012bafe8baa1e270b0322eeb50ac6d10fafabaea66ed2ac8548a07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "079fd2e6d3cc1354d68344a0f12b0503"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ovddVRe4lJ9aa0BPSctS5topzYQB2YyRlufGdDm5l2Q5mCtfL8oUTSiGBjO3y0DxZLzsnfcotTus8TcCgFek7o0jM2nrOesijLnOwP5siwrwH3pkgw6AFRSwCkOq%2Fap2dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43236&sent=26&recv=14&lost=0&retrans=0&sent_bytes=16299&recv_bytes=6239&delivery_rate=454&cwnd=12000&unsent_bytes=0&cid=24d4176f0f803e1a&ts=188&x=1", cfExtPri, cfHdrFlush;dur=35
date: Wed, 13 Nov 2024 14:39:18 GMT
content-type: application/octet-stream
last-modified: Mon, 19 Aug 2024 06:24:05 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17FA5E58E7623130
cf-ray: 8e1f82ad598937d8-FRA
accept-ranges: bytes
content-length: 72348
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 favicon.ico
exchangegy.cc/ 1009 B
1 KB 518ms
517ms Other
text/html 172.67.141.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exchangegy.cc/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b73fd695bc58f93e4f82d7b76fc5c653f029d4d7809d95dc717484c9553f35a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LVw9XpAJBQ%2BW6akQc4nk%2FkeOgGDPGcLkRWS5EvEfVgqX2w0ViIseOk1339qy8brDHAr8ZOUFaMHcDwTc4cwMMO8hqqf9a1V36c%2FhTfo06GArl8rWoh56LTAKZD4Wdp3S"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e1f82ad6c8cbb3d-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=37336&sent=379&recv=102&lost=0&retrans=0&sent_bytes=420570&recv_bytes=11979&delivery_rate=498084&cwnd=87600&unsent_bytes=0&cid=afeda211fac3b84e&ts=3779&x=1", cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:19 GMT
content-type: text/html; charset=utf-8
last-modified: Sun, 29 Sep 2024 11:59:52 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 e1fe9de55d1340a99d52007ad141d051.png
pic.hihick.com/images/2024/8/18/ 16 KB
16 KB 390ms
390ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.hihick.com/images/2024/8/18/e1fe9de55d1340a99d52007ad141d051.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d1f0797ad3385c6472cb5ce77cbdef7d69d6c34761e421aeb984d10c96017c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "83330d47d559e7a24c9999d4e17a3cd7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OBWPX7LHMVSmCsJwDGciuIcnWe1T0jL2GpSNETvxnZS0PUvHMIjSGGb74GcpJXBAWyEM3HQxz%2BFEmUcUobCSl2%2FjI5kU%2Bs70AkycupmqP1C98BJJl5T09Xvom0ND%2B6T7Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=42120&sent=170&recv=38&lost=0&retrans=0&sent_bytes=179490&recv_bytes=12415&delivery_rate=1090456&cwnd=83400&unsent_bytes=0&cid=24d4176f0f803e1a&ts=414&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:18 GMT
content-type: application/octet-stream
last-modified: Sat, 17 Aug 2024 16:01:30 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17FA61629C613BCE
cf-ray: 8e1f82ad799937d8-FRA
accept-ranges: bytes
content-length: 16019
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 3a65ffb01aeb40398b69c66979a1b228.ico
pic.hihick.com/images/2024/8/18/ 4 KB
5 KB 194ms
194ms Other
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pic.hihick.com/images/2024/8/18/3a65ffb01aeb40398b69c66979a1b228.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb85639bd3a6a7afa42a64d575bf24cb0a7b3d587c9132438ede30ef6e9142e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "d3060d3fdc125ad74d161fd9ec1f7a50"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5VvWrpNlMUbI53ca8og41cJjdIyQzhi0Z%2BXDjAIvwBVdfWSMWY1vuyJ9tmDIAdAQlIwp8iBRaM0nAzUprlfB8Aed4WC5Rdq5qFhwDGYZcVwAa4YDwtPkBvsUMvsEHQdddg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43236&sent=26&recv=14&lost=0&retrans=0&sent_bytes=16299&recv_bytes=6239&delivery_rate=454&cwnd=12000&unsent_bytes=0&cid=24d4176f0f803e1a&ts=200&x=1", cfExtPri, cfHdrFlush;dur=23
date: Wed, 13 Nov 2024 14:39:18 GMT
content-type: application/octet-stream
last-modified: Sat, 17 Aug 2024 16:00:34 GMT
vary: Origin, Accept-Encoding
priority: u=1,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17FA64DE1FC8BA15
cf-ray: 8e1f82ad799e37d8-FRA
accept-ranges: bytes
content-length: 4286
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 16686e9d12ce4864aa044352f2f60a23.png
pic.hihick.com/images/2024/6/29/ 1 KB
2 KB 194ms
192ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.hihick.com/images/2024/6/29/16686e9d12ce4864aa044352f2f60a23.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f72b9a231c13012613217eec2bec27b923204e8c6cebc2b2ae51485d2b5d679d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "75f196b437f9d87fdc198bc904c66c4c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gEwhwlvjTyr4MkmZDzKphUIcYzA2C5%2BIzE75l9Q8BA78%2BoW7naq2pXVCsmqvGk8Ek3gUuGevpl4EaFKLueC8HPQtRsNi1lbXrmLlFLDqhkgbaaiEdd319dPTGkU2BveMLA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=42120&sent=170&recv=38&lost=0&retrans=0&sent_bytes=179490&recv_bytes=12415&delivery_rate=1090456&cwnd=83400&unsent_bytes=0&cid=24d4176f0f803e1a&ts=399&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:18 GMT
content-type: application/octet-stream
last-modified: Sat, 29 Jun 2024 07:18:00 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17FA64D9EA3E305A
cf-ray: 8e1f82aeaae637d8-FRA
accept-ranges: bytes
content-length: 1125
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 a0f442e9545e4f58b8eb445b57bc0b90.png
pic.hihick.com/images/2024/6/29/ 3 KB
3 KB 193ms
192ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.hihick.com/images/2024/6/29/a0f442e9545e4f58b8eb445b57bc0b90.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f4502d8c5254df1eb0eb8d124c7684b4f02e2a5004525d5bd7acd18a6ebb9fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "cb84d3ca48a52e3df1025731a8bef4ec"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V3CXrrJ0IUKiO7k8qxbqFWbV9mKArkruFWX4Mswevf77cM9EHcjQ58gMsjzuBAkKrNIt6x5v3Qhmpa%2F%2B2HnqVwULNMLyeBhoWPaMVnMspf76uCa8mHX2OSkZtKeRYUoCBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=42120&sent=170&recv=38&lost=0&retrans=0&sent_bytes=179490&recv_bytes=12415&delivery_rate=1090456&cwnd=83400&unsent_bytes=0&cid=24d4176f0f803e1a&ts=393&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:18 GMT
content-type: application/octet-stream
last-modified: Sat, 29 Jun 2024 07:18:27 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17FA65512EFB074A
cf-ray: 8e1f82aeaae737d8-FRA
accept-ranges: bytes
content-length: 2560
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 5e35ce2dfd5947beb53a2ee1b8b98599.png
pic.hihick.com/images/2024/6/29/ 1 KB
2 KB 226ms
224ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.hihick.com/images/2024/6/29/5e35ce2dfd5947beb53a2ee1b8b98599.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

595a7c97f329934d40fa297958ccbb31d3cd101c2965b02a32a7c96fd49c9e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "8658d5935ab59ee39d15c39226279d46"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8X46g25p69hEEoFKHol7tEqLh1HXY5frRMTzvbUiXzKdGdQMLUiENdobfc29PyRYDraPO7F5VycDtLyQagFy%2BowEYqy4Tk4zyL5LJwJ9WPq%2Fdx1oRyrGy3OOXHiZNz02qw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=41373&sent=300&recv=46&lost=0&retrans=0&sent_bytes=327049&recv_bytes=12776&delivery_rate=2070852&cwnd=166200&unsent_bytes=0&cid=24d4176f0f803e1a&ts=452&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:19 GMT
content-type: application/octet-stream
last-modified: Sat, 29 Jun 2024 07:18:58 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17FA5E0B7FBEA6C2
cf-ray: 8e1f82af0b3937d8-FRA
accept-ranges: bytes
content-length: 1100
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 e082f2579df0462c9dd6cd33432a4265.png
pic.hihick.com/images/2024/7/3/ 1 KB
2 KB 229ms
227ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.hihick.com/images/2024/7/3/e082f2579df0462c9dd6cd33432a4265.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac3824adc2a37e25d5e63fe30c4de623c0985730450f3e12b58bcc58677d107d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "79cbcbdfcc32e9ed14054fb9f306d76b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZDP4Y2mc023ebGV%2Ff6T1GZkr8%2B375IxGckpknPlRv51JhMFMq47hbMVPBbGMzM%2BdeyKulnLxAGQX11uzwroKJttHBlZWax6suABExL7TqnSZcXcFmDs2DMa0JhwDyTnK3g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=41373&sent=302&recv=46&lost=0&retrans=0&sent_bytes=329005&recv_bytes=12776&delivery_rate=2070852&cwnd=166200&unsent_bytes=0&cid=24d4176f0f803e1a&ts=455&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:19 GMT
content-type: application/octet-stream
last-modified: Wed, 03 Jul 2024 07:53:28 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17FA69883C121DB8
cf-ray: 8e1f82af0b3c37d8-FRA
accept-ranges: bytes
content-length: 1315
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 f47d434c6c9c42b481f0338b7dd8413a.png
pic.hihick.com/images/2024/6/29/ 8 KB
9 KB 194ms
192ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.hihick.com/images/2024/6/29/f47d434c6c9c42b481f0338b7dd8413a.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a402a7c4bd3b750d9c34247733a8657fb05a5fe2a978d03fcd8a782bc032aadf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "94d4fedceb35227405256e8397d0b4ed"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lSKzVk4%2FsOiYCg%2B6vMpWR2ZsG4dynwARNePgS2MABT%2BmZi7Qm9wxz5UpR833J8L1%2BFO2wYxKqEEQ4E5GjcOEWsCsQife1znlG3NEDBEWAxvhjBoGn4MYrDrRxP0jckdSsw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=42120&sent=170&recv=38&lost=0&retrans=0&sent_bytes=179490&recv_bytes=12415&delivery_rate=1090456&cwnd=83400&unsent_bytes=0&cid=24d4176f0f803e1a&ts=403&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:18 GMT
content-type: application/octet-stream
last-modified: Sat, 29 Jun 2024 07:22:10 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17FA5E0B9A048846
cf-ray: 8e1f82aeaaea37d8-FRA
accept-ranges: bytes
content-length: 8054
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 0b99df75e07648bcade545084eceb986.png
pic.hihick.com/images/2024/6/29/ 1 KB
2 KB 269ms
268ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.hihick.com/images/2024/6/29/0b99df75e07648bcade545084eceb986.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a99c8c0238f961540ff208aa2c4de2795c431d989c08bda1d95397d843196a8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "a8174c14b5333db6cdf9459377ea4062"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SPHNH%2Bi6TiJiTrVSj8OkN0xAy0Z3BGFAJ2xZBx2QtpWwv4cmqH70Cwvd1VVQw2m2j3YHp%2Fa1fZYwtf%2FD1Wn1mF%2FXfw7tw4mXxllHi054%2BPkTeN1PoTovNpked5I7evlBOw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43532&sent=315&recv=54&lost=6&retrans=6&sent_bytes=342037&recv_bytes=13153&delivery_rate=2713120&cwnd=116339&unsent_bytes=0&cid=24d4176f0f803e1a&ts=498&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:19 GMT
content-type: application/octet-stream
last-modified: Sat, 29 Jun 2024 10:35:02 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17FA65512CB48345
cf-ray: 8e1f82af4b7f37d8-FRA
accept-ranges: bytes
content-length: 1426
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 2387f8ac583d4da0aab13c5315ca690a.png
pic.hihick.com/images/2024/6/29/ 1 KB
2 KB 273ms
272ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.hihick.com/images/2024/6/29/2387f8ac583d4da0aab13c5315ca690a.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

689f4313c40e98326ad30bdd24ceb7bd273b32cc0c080ef1528d425937bdeb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "4119a4119257947d75974ee50258b121"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bTz0K3RHnQqnduLVhTeOrCFDJabLa%2FYbp2y650ZQ872NDheW6PHIddw4aKI09KOpm9fRG68LeY%2FvnspHxSGP2AQWSCpXW4mnW6iATqpN7evqMnTW5k7CL%2FtNHJ2%2FLRPV4w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43532&sent=317&recv=54&lost=6&retrans=6&sent_bytes=344321&recv_bytes=13153&delivery_rate=2713120&cwnd=116339&unsent_bytes=0&cid=24d4176f0f803e1a&ts=498&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:19 GMT
content-type: application/octet-stream
last-modified: Sat, 29 Jun 2024 10:37:09 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17FA6162DADEA4EC
cf-ray: 8e1f82af4b8037d8-FRA
accept-ranges: bytes
content-length: 1307
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 142291cb01d34797879bb5a9a2a6c8b8.png
pic.hihick.com/images/2024/6/29/ 13 KB
14 KB 282ms
280ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.hihick.com/images/2024/6/29/142291cb01d34797879bb5a9a2a6c8b8.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bef73a90bc9dceddf6c33111f65794a0937e64aed5e72d0af9058e7ebfc73b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "8c1cd6652575da469d2d0fe0c2811d24"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yG1QJos%2FUMvypCzWquu%2FHfnA1Xc5LN%2BotPo5n5Aa1lXGvoar3ZFhzytptGGWpeoXGsuXfQ1qrp2PklKEMDAKj%2Fc4ATfvx%2BuTggJ%2BjHHv1j62sWBJ57p2G46Nbxz2ggWJDg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43532&sent=323&recv=54&lost=6&retrans=6&sent_bytes=350442&recv_bytes=13153&delivery_rate=2713120&cwnd=116339&unsent_bytes=0&cid=24d4176f0f803e1a&ts=500&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:19 GMT
content-type: application/octet-stream
last-modified: Sat, 29 Jun 2024 07:23:30 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 18037338DB0DE43E
cf-ray: 8e1f82af4b8137d8-FRA
accept-ranges: bytes
content-length: 13273
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 a3945e4ca03e4b13810edecd576f8521.png
pic.hihick.com/images/2024/6/29/ 1 KB
2 KB 274ms
272ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.hihick.com/images/2024/6/29/a3945e4ca03e4b13810edecd576f8521.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eedb605b601d24286034b55b362387e5627b346a0ef69e2afd92177968e1e755

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "7290ed52436b197f22dec959794a77cf"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iPpmpk%2Bhzi1mT579ZplxIdePwiGDJs19Vx%2Fqs4qU2KGJvVLaN6C4RojbzhMqUSMIeEwAAHvPFdsiC61asgO5qssnGnvL51%2B341IybNO5xF5K25uV7lDZ%2BHTag3Ch4sBIWg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43532&sent=317&recv=54&lost=6&retrans=6&sent_bytes=344321&recv_bytes=13153&delivery_rate=2713120&cwnd=116339&unsent_bytes=0&cid=24d4176f0f803e1a&ts=498&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:19 GMT
content-type: application/octet-stream
last-modified: Sat, 29 Jun 2024 07:23:54 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17FA6162E100B979
cf-ray: 8e1f82af4b8437d8-FRA
accept-ranges: bytes
content-length: 1289
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 7e0c854e6933400f887eb7b4b61b9973.png
pic.hihick.com/images/2024/7/1/ 2 KB
3 KB 282ms
280ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.hihick.com/images/2024/7/1/7e0c854e6933400f887eb7b4b61b9973.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c238ca45ef7cfa4e5400f25e35ca8debf8b5440297cecfcf90b133a569cdad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "7338a6c9511b290f21c9e760a27f2571"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9pSPlNc1aD8nTclWQ5mXitbkY1syIjtTWRhj7w3z2z6Nd1%2BxXSue21fhPwajGSCdknTbXAbyWZyFS3YXx95ZyhQgcDU2jHjD2Wef%2FPv3Fufr9odzvoxlwpeX8xCFRA8tLw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43532&sent=335&recv=54&lost=6&retrans=6&sent_bytes=364814&recv_bytes=13153&delivery_rate=2713120&cwnd=116339&unsent_bytes=0&cid=24d4176f0f803e1a&ts=501&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:19 GMT
content-type: application/octet-stream
last-modified: Mon, 01 Jul 2024 13:12:22 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17FA69885E61A1D4
cf-ray: 8e1f82af4b8537d8-FRA
accept-ranges: bytes
content-length: 2426
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 4b89b60ce3f24f25a16dc8f17ffaccd4.png
pic.hihick.com/images/2024/7/3/ 12 KB
13 KB 285ms
283ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.hihick.com/images/2024/7/3/4b89b60ce3f24f25a16dc8f17ffaccd4.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6be9791c35324eaab4410cd026374d6f474d6d9ced74dc46e687b05ccff0a15d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "4ea0a1f7f0562ca23f9e863a043a7a32"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jsBn4xy9FZieBBaiGBHX6MGlzMwhneP5gU6ExCQKqP29aLPbkUMc6Y6sEqzeWAKGOIobko8Cv5YBg9Z%2FtVsNoSrMz1%2BPs13jqWLn9z7lW9Glj0Io0obojpleLh4mVOnk1g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43532&sent=353&recv=54&lost=6&retrans=6&sent_bytes=385234&recv_bytes=13153&delivery_rate=2713120&cwnd=116339&unsent_bytes=0&cid=24d4176f0f803e1a&ts=503&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:19 GMT
content-type: application/octet-stream
last-modified: Wed, 03 Jul 2024 07:57:17 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17FA65512C52EEDD
cf-ray: 8e1f82af4b8837d8-FRA
accept-ranges: bytes
content-length: 12563
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 fb10ae2c1a4f42f688a8518b76dbe79a.png
pic.hihick.com/images/2024/7/1/ 16 KB
16 KB 285ms
283ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.hihick.com/images/2024/7/1/fb10ae2c1a4f42f688a8518b76dbe79a.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

681ae79ffa5123d3d59558ee05a188c67e7feffd670e1d3f49d97b10e914c795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "6edcc6f67b530920caa03be72fd41bc8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5NElDR497KLc5SEI8Vj6QmNT%2FgAYEW9pJXyWMGDAJg0cb9HnIbscLoJhjXXxNx1f3vwWW6000wZ5OkFuS%2BFh93l2MqsuGeKVthiz3aaFRdOX5CsF6wG%2FDDrNhhzDwwj%2BuA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43532&sent=338&recv=54&lost=6&retrans=6&sent_bytes=368117&recv_bytes=13153&delivery_rate=2713120&cwnd=116339&unsent_bytes=0&cid=24d4176f0f803e1a&ts=503&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:19 GMT
content-type: application/octet-stream
last-modified: Mon, 01 Jul 2024 13:14:03 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17FA5E0B848D1100
cf-ray: 8e1f82af4b8937d8-FRA
accept-ranges: bytes
content-length: 15930
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 2437180e864e40fabcc36e1cc1d89c86.png
pic.hihick.com/images/2024/7/1/ 953 B
2 KB 274ms
272ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.hihick.com/images/2024/7/1/2437180e864e40fabcc36e1cc1d89c86.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e7d0965ce52308846834de79ad8305ea31542444a1ba54888843fc0214418f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "92f9d15be55070c0f267e7b9609211da"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d8wmjIVtYv9Q%2FloNjqImrubTNC0eH99S9VVR%2F5vwGz16li3KV9rp9yGWIYDgFJyik8T7cuXY2UeW3tnWO5AucHtV1h%2BiNf7Xx6NwreB5VnGQRhzIQXrX7CwGCqV5Lpx71Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43532&sent=321&recv=54&lost=6&retrans=6&sent_bytes=348631&recv_bytes=13153&delivery_rate=2713120&cwnd=116339&unsent_bytes=0&cid=24d4176f0f803e1a&ts=499&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:19 GMT
content-type: application/octet-stream
last-modified: Mon, 01 Jul 2024 13:15:02 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17FA65512DD98622
cf-ray: 8e1f82af4b8a37d8-FRA
accept-ranges: bytes
content-length: 953
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 fdf0a32c3c3249d2b507679fb6794282.png
pic.hihick.com/images/2024/7/1/ 4 KB
5 KB 268ms
266ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.hihick.com/images/2024/7/1/fdf0a32c3c3249d2b507679fb6794282.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16eecf37faaff03922f57b89bb71f0aab6ae2efee3f180c1a44719eeab5415bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "d55bc0bec798e710c23f04e74c3d9e79"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IOWUcWwvoVXS3b8i863zjlcZnuQxcbFW9t%2B8U6Av3FWAzV3IB7GOKOZMaoE%2F8cCfMSdNt19Zi7PIBiccTyMCXkbda5mLKxWuG2K4f%2FjLSCzRYiGBMmAnfexnznUC3WoXLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43532&sent=310&recv=54&lost=6&retrans=6&sent_bytes=337039&recv_bytes=13153&delivery_rate=2713120&cwnd=116339&unsent_bytes=0&cid=24d4176f0f803e1a&ts=496&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:19 GMT
content-type: application/octet-stream
last-modified: Mon, 01 Jul 2024 13:17:53 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17FA5E0B850C166C
cf-ray: 8e1f82af4b8e37d8-FRA
accept-ranges: bytes
content-length: 4064
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 972d79162b9b4317ad6eda09fc3feac6.png
pic.hihick.com/images/2024/7/3/ 2 KB
2 KB 287ms
286ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.hihick.com/images/2024/7/3/972d79162b9b4317ad6eda09fc3feac6.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d19aaaa1c6726c1ae74a33a8075c20d6cb3b4ead304c9cb86b0bd7a3ecc25e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "453a8397666a124722fb4d5ba37dda27"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=36rc5DdE8rY2bW9olUbKYuyb7uQINge7wqCETfQIvdABcqp2nVWphI98yM%2Fv0MgqSaNFkYklP37ESGq8YxgtLSRwJpYSGZ%2Fl3aPqTES1KvfAZimWWNnH5ZHvECKSD%2B%2FRIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43337&sent=387&recv=55&lost=6&retrans=6&sent_bytes=425007&recv_bytes=13203&delivery_rate=2792123&cwnd=116339&unsent_bytes=0&cid=24d4176f0f803e1a&ts=509&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:19 GMT
content-type: application/octet-stream
last-modified: Wed, 03 Jul 2024 07:55:33 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17FA69885260D769
cf-ray: 8e1f82af4b9337d8-FRA
accept-ranges: bytes
content-length: 1728
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 d058802c5af34b99968654bed9de3071.webp
pic.hihick.com/images/2024/7/26/ 24 KB
25 KB 287ms
285ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.hihick.com/images/2024/7/26/d058802c5af34b99968654bed9de3071.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f67721e1a4c0d9a3da5fab9c60debf1af38b491204e4660709fc2699d38a68a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cf-cache-status: HIT
etag: "3f06df211919cba8a5637f1f5b073d62"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZLqXyc3ZNk8eSwIjYcTf888beCafKQ3LvwC4ZOJ8OXy3fPU3PmNr2pWFH6XFSIb44SqdVoPnhuyUQlt%2FlIUXRy3aS0eo6yElvR62IrIkXaJDYkFDjeWjgnPnyW9PmKgBA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=43337&sent=365&recv=55&lost=6&retrans=6&sent_bytes=398904&recv_bytes=13203&delivery_rate=2792123&cwnd=116339&unsent_bytes=0&cid=24d4176f0f803e1a&ts=508&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 13 Nov 2024 14:39:19 GMT
content-type: application/octet-stream
last-modified: Fri, 26 Jul 2024 09:49:04 GMT
vary: Origin, Accept-Encoding
priority: u=3,i
x-amz-id-2: 12f52455fec93308ce8752c5cd6fac851e2701e3cbbe93d8c6d10bd7fcee5547
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 17FA61631CB4EBDE
cf-ray: 8e1f82af4b9537d8-FRA
accept-ranges: bytes
content-length: 24726
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 shadow-grey.png
cdn.dcloud.net.cn/img/ 136 B
418 B 938ms
246ms Image
image/png 2408:4005:30a:4302:6218:d8d9:db29:5dd8
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.dcloud.net.cn/img/shadow-grey.png
Requested by: Host: exchangegy.cc
URL: https://exchangegy.cc/static/index.2da1efab.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2408:4005:30a:4302:6218:d8d9:db29:5dd8 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://exchangegy.cc/

Response headers

cache-control: max-age=3600
etag: "5cf8b5bf-88"
expires: Wed, 13 Nov 2024 15:39:20 GMT
accept-ranges: bytes
content-length: 136
date: Wed, 13 Nov 2024 14:39:20 GMT
content-type: image/png
last-modified: Thu, 06 Jun 2019 06:42:07 GMT
server: nginx

POST
H2 200 list Show response
intapi.hihick.com/trade/app/market/ 5 KB
5 KB 517ms
515ms XHR
application/json 18.173.205.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intapi.hihick.com/trade/app/market/list
Requested by: Host: exchangegy.cc
URL: https://exchangegy.cc/static/js/chunk-vendors.36862506.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-87.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 1894e5a832c0649a2c562024197237a0fd6126b67e3401069d70121f7b75e3c2

Request headers

X-Access-Domain: exchangegy.cc
Referer: https://exchangegy.cc/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-Access-Client: 1
content-type: application/json;charset=UTF-8

Response headers

access-control-allow-credentials: true
x-trace-id: ZrL3jb9Xqg
via: 1.1 044b6ab929e12b48b2113c346ddcec30.cloudfront.net (CloudFront)
access-control-allow-origin: https://exchangegy.cc
x-cache: Miss from cloudfront
x-amz-cf-id: Uq23LMHXLfsymwImPmBBwQGCXN_cbvs2pNYQjsFmmfuHkcn2vlc5tw==
date: Wed, 13 Nov 2024 14:39:21 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: nginx
x-amz-cf-pop: FRA56-P12

POST list
intapi.hihick.com/trade/app/market/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: intapi.hihick.com
URL: https://intapi.hihick.com/trade/app/market/list

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dcloud.net.cn/	1970-01-21 10:34:28	Name: __uni__uid Value: 2yld2Gc0uhiO3iyMA5xxAg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.dcloud.net.cn
exchangegy.cc
intapi.hihick.com
pic.hihick.com
intapi.hihick.com
172.67.141.169
18.173.205.87
188.114.96.3
2408:4005:30a:4302:6218:d8d9:db29:5dd8
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3
0e7d0965ce52308846834de79ad8305ea31542444a1ba54888843fc0214418f4
0ecec1dc1c85edc0e4574fef38bcdd23989cff437985345b5249d5f68f2c39de
0f4502d8c5254df1eb0eb8d124c7684b4f02e2a5004525d5bd7acd18a6ebb9fc
16eecf37faaff03922f57b89bb71f0aab6ae2efee3f180c1a44719eeab5415bd
1894e5a832c0649a2c562024197237a0fd6126b67e3401069d70121f7b75e3c2
1c238ca45ef7cfa4e5400f25e35ca8debf8b5440297cecfcf90b133a569cdad9
2956ff1e95f076d225c79df6c01cd8baa2faad02f5bd8382e24dd1a565e26fd1
2bef73a90bc9dceddf6c33111f65794a0937e64aed5e72d0af9058e7ebfc73b2
335d8bb75c269ff643ea2f934a4b80103b3735b940ff0246ce3cf742ef1937e0
365649829b82a49562ebd36f0afdb443baaa68fb3f2b965a11dca827e45909e0
44d6b95870ede19c73b39e50733302f3c1c515a7cb0686588485428b945c471d
45d81cad6092af3dd5b03596e207c130c8567dcb4c2193ed8264c476917fe833
483a28debb012bafe8baa1e270b0322eeb50ac6d10fafabaea66ed2ac8548a07
595a7c97f329934d40fa297958ccbb31d3cd101c2965b02a32a7c96fd49c9e11
5f67721e1a4c0d9a3da5fab9c60debf1af38b491204e4660709fc2699d38a68a
681ae79ffa5123d3d59558ee05a188c67e7feffd670e1d3f49d97b10e914c795
689f4313c40e98326ad30bdd24ceb7bd273b32cc0c080ef1528d425937bdeb95
69518cd7d3e587d7390851b6051c35dabdebb3d6a588682ffdb77c4d49b4a961
6be9791c35324eaab4410cd026374d6f474d6d9ced74dc46e687b05ccff0a15d
6d19aaaa1c6726c1ae74a33a8075c20d6cb3b4ead304c9cb86b0bd7a3ecc25e9
6d1f0797ad3385c6472cb5ce77cbdef7d69d6c34761e421aeb984d10c96017c5
7a0999ed114c126cec1e6c929cf4dd64bffa7848bc7085c5f56321f060966734
8700eae2dab1a628f950831490d432db6681dbc4feba7b91772c2ef779a76b1d
8b14bd630f6c64ff9ac223bea708f29180474b58569b1f4030000759377e56d2
8b73fd695bc58f93e4f82d7b76fc5c653f029d4d7809d95dc717484c9553f35a
92829d53ee42ce41cc6e25a6aa03c97ec99e05d7fcc67839e0f3fd352fbcc03a
a402a7c4bd3b750d9c34247733a8657fb05a5fe2a978d03fcd8a782bc032aadf
a99c8c0238f961540ff208aa2c4de2795c431d989c08bda1d95397d843196a8d
ac3824adc2a37e25d5e63fe30c4de623c0985730450f3e12b58bcc58677d107d
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
b572ef08fdc51c2bc778d41984ed96895f03c89280f487f6d0aa29cd6e4e3e09
b9ba22fec046a398834c6ad218b480ec6768037aca905d30b42b76d63924db56
d4a984420f30b553a3576a5ebdfb318f2514bc5db0870053f7e4df7b8e54ffca
d71514a6c89a74f65e30f3ec6b414a8fcbcfc8f0d094354f0e286ad16c3e1973
d9aa23f2d136e545a4e6244340ce3f41d3eefa16cfe42e0debb7ab661960585e
e97de9a247807f12d74101e9f736250b2410be4e1ed3d17ed875e4b08cf66c83
eb85639bd3a6a7afa42a64d575bf24cb0a7b3d587c9132438ede30ef6e9142e1
eedb605b601d24286034b55b362387e5627b346a0ef69e2afd92177968e1e755
f1765a4f4c49d9414dce3eda2118885af80e3771d871b982fe664b613a9f0697
f72b9a231c13012613217eec2bec27b923204e8c6cebc2b2ae51485d2b5d679d

exchangegy.cc Open in urlscan Pro 172.67.141.169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

46 Requests

98 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

5 IPs

3 Countries

818 kBTransfer

1631 kBSize

1 Cookies

0 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

exchangegy.cc Open in urlscan Pro
172.67.141.169 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

98 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

5
IPs

3
Countries

818 kB
Transfer

1631 kB
Size

1
Cookies

46 HTTP transactions
1 data transactions