m.xl18.run Open in urlscan Pro
47.246.2.230 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xinliaio.com/
Effective URL:
https://m.xl18.run/register?affi=2118
Submission: On April 28 via api (April 28th 2019, 9:57:12 am UTC) from DE

Summary HTTP 55 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 18 domains to perform 55 HTTP transactions. The main IP is 47.246.2.230, located in San Mateo, United States and belongs to TAOBAO Zhejiang Taobao Network Co.,Ltd, CN. The main domain is m.xl18.run.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on September 19th 2018. Valid for: a year.

This is the only time m.xl18.run was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	154.219.196.90 154.219.196.90	54600 (PEGTECHINC) (PEGTECHINC - PEG TECH INC)
1	14.152.86.48 14.152.86.48	134763 (CT-DONGGU...) (CT-DONGGUAN-IDC CHINANET Guangdong province network)
4	103.197.70.30 103.197.70.30	134705 (ITACE-AS-...) (ITACE-AS-AP Itace International Limited)
1 1	2606:4700:30:... 2606:4700:30::681b:9e62	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	47.246.2.225 47.246.2.225	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
6	47.246.2.230 47.246.2.230	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	80.231.126.236 80.231.126.236	6453 (AS6453) (AS6453 - TATA COMMUNICATIONS (AMERICA) INC)
3	47.246.2.231 47.246.2.231	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1 3	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
6	47.75.199.185 47.75.199.185	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
1	80.231.126.181 80.231.126.181	6453 (AS6453) (AS6453 - TATA COMMUNICATIONS (AMERICA) INC)
4	107.154.199.22 107.154.199.22	19551 (INCAPSULA) (INCAPSULA - Incapsula Inc)
2	211.151.177.140 211.151.177.140	4847 (CNIX-AP C...) (CNIX-AP China Networks Inter-Exchange)
2	47.107.35.121 47.107.35.121	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
2	120.78.31.77 120.78.31.77	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
2	13.32.223.80 13.32.223.80	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
55	18

9 154.219.196.90 (Los Angeles, United States)

ASN54600 (PEGTECHINC - PEG TECH INC, US)

xinliaio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 14.152.86.48 (Guangzhou, China)

ASN134763 (CT-DONGGUAN-IDC CHINANET Guangdong province network, CN)

img4.imgtn.bdimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.197.70.30 (Hong Kong)

ASN134705 (ITACE-AS-AP Itace International Limited, HK)

www.yibet888.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:9e62 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

18uk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.2.225 (San Mateo, United States) 1 redirects

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

m.xl18.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 47.246.2.230 (San Mateo, United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

m.xl18.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.231.126.236 (Spain)

ASN6453 (AS6453 - TATA COMMUNICATIONS (AMERICA) INC, US)

cdn.xmkxx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 47.246.2.231 (San Mateo, United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

img.xletcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 47.75.199.185 (San Mateo, United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

socket.xletcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.231.126.181 (Spain)

ASN6453 (AS6453 - TATA COMMUNICATIONS (AMERICA) INC, US)

cdn.xmkxx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.154.199.22 (Redwood City, United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 107.154.199.22.ip.incapdns.net

api.xl18api02.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.yucedi.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 211.151.177.140 (Beijing, China)

ASN4847 (CNIX-AP China Networks Inter-Exchange, CN)

api.xmnhw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.107.35.121 (Hangzhou, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

log-api.xletcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 120.78.31.77 (Hangzhou, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

www.xl18api03.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.223.80 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-223-80.fra56.r.cloudfront.net

www.18lckiii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	xletcdn.com img.xletcdn.com socket.xletcdn.com log-api.xletcdn.com	27 KB
9	xinliaio.com xinliaio.com	24 KB
7	xl18.run 1 redirects m.xl18.run www.xl18.run Failed	287 KB
4	yibet888.com www.yibet888.com	2 KB
3	google-analytics.com 1 redirects www.google-analytics.com	17 KB
3	xmkxx.com cdn.xmkxx.com	29 KB
2	18lckiii.com www.18lckiii.com	1 KB
2	xl18api03.com www.xl18api03.com	836 B
2	xmnhw.com api.xmnhw.com	1 KB
2	yucedi.org www.yucedi.org	833 B
2	xl18api02.com api.xl18api02.com	1 KB
2	jsdelivr.net cdn.jsdelivr.net	22 KB
2	googletagmanager.com www.googletagmanager.com	43 KB
1	doubleclick.net stats.g.doubleclick.net	103 B
1	18uk.net 1 redirects 18uk.net	385 B
1	bdimg.com img4.imgtn.bdimg.com	16 KB
0	xl18.org Failed www.xl18.org Failed
0	baidu.com Failed hm.baidu.com Failed push.zhanzhang.baidu.com Failed
55	18

	Domain	Requested by
9	xinliaio.com	xinliaio.com
7	m.xl18.run	1 redirects www.yibet888.com m.xl18.run
6	socket.xletcdn.com	cdn.jsdelivr.net m.xl18.run
4	www.yibet888.com	xinliaio.com www.yibet888.com
3	www.google-analytics.com	1 redirects www.googletagmanager.com m.xl18.run
3	img.xletcdn.com	m.xl18.run
3	cdn.xmkxx.com	m.xl18.run
2	www.18lckiii.com	m.xl18.run
2	www.xl18api03.com	m.xl18.run
2	log-api.xletcdn.com	m.xl18.run
2	api.xmnhw.com	m.xl18.run
2	www.yucedi.org	m.xl18.run
2	api.xl18api02.com	m.xl18.run
2	cdn.jsdelivr.net	m.xl18.run
2	www.googletagmanager.com	m.xl18.run
1	stats.g.doubleclick.net	m.xl18.run
1	18uk.net	1 redirects
1	img4.imgtn.bdimg.com	xinliaio.com
0	www.xl18.run Failed
0	www.xl18.org Failed	m.xl18.run
0	push.zhanzhang.baidu.com Failed	www.yibet888.com
0	hm.baidu.com Failed	www.yibet888.com
55	22

This site contains links to these domains. Also see Links.

Domain
www.xl18.run

Subject Issuer	Validity	Valid
yibet888.com TrustAsia TLS RSA CA	`2018-10-20` - `2019-10-20`	a year	crt.sh
m.xl18.run Encryption Everywhere DV TLS CA - G1	`2018-09-19` - `2019-09-19`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
ssl363648.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-04-06` - `2019-10-13`	6 months	crt.sh
cdn.xmkxx.com Encryption Everywhere DV TLS CA - G1	`2018-08-03` - `2019-08-03`	a year	crt.sh
img.xletcdn.com Encryption Everywhere DV TLS CA - G1	`2018-09-17` - `2019-09-17`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
socket.xletcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-08-24` - `2019-08-24`	a year	crt.sh
incapsula.com GlobalSign CloudSSL CA - SHA256 - G3	`2019-03-29` - `2020-02-07`	10 months	crt.sh
www.yucedi.org COMODO RSA Domain Validation Secure Server CA	`2019-01-08` - `2020-01-08`	a year	crt.sh
api.xmnhw.com COMODO RSA Domain Validation Secure Server CA	`2018-09-25` - `2019-09-25`	a year	crt.sh
log-api.xletcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-11-07` - `2019-11-07`	a year	crt.sh
www.xl18api03.com COMODO RSA Domain Validation Secure Server CA	`2018-08-31` - `2019-08-31`	a year	crt.sh
www.18lckiii.com Amazon	`2018-11-20` - `2019-12-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://m.xl18.run/register?affi=2118
Frame ID: EB01980B65C51FBED435E8DE5475CCFA
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://xinliaio.com/ Page URL
https://www.yibet888.com/to/18luck.html Page URL
http://18uk.net/ HTTP 301
http://m.xl18.run/register?affi=2118 HTTP 301
https://m.xl18.run/register?affi=2118 Page URL

Detected technologies

Node.js (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

env /^io$/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^io$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

webpack (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^webpackJsonp$/i

Piwik () Expand

Overall confidence: 100%
Detected patterns

env /^Piwik$/i
env /^_paq$/i

Page Statistics

55
Requests

75 %
HTTPS

26 %
IPv6

18
Domains

22
Subdomains

18
IPs

5
Countries

472 kB
Transfer

1410 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.xl18.run/zh-cn/help/Terms.aspx
Title: 条款和义务

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xinliaio.com/ Page URL
https://www.yibet888.com/to/18luck.html Page URL
http://18uk.net/ HTTP 301
http://m.xl18.run/register?affi=2118 HTTP 301
https://m.xl18.run/register?affi=2118 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1319712369&t=pageview&_s=1&dl=https%3A%2F%2Fm.xl18.run%2Fregister%3Faffi%3D2118&ul=en-us&de=UTF-8&dt=%E6%96%B0%E5%88%A918luck%20-%20%E6%96%B0%E5%88%A918luck%E5%9C%A8%E7%BA%BF%E5%A8%B1%E4%B9%90%E7%BD%91&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=967399770&gjid=1283949430&cid=642165931.1556445414&tid=UA-76828495-9&_gid=1343131362.1556445414&_r=1&gtm=2ou430&z=504049213 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76828495-9&cid=642165931.1556445414&jid=967399770&_gid=1343131362.1556445414&gjid=1283949430&_v=j73&z=504049213

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
xinliaio.com/ 18 KB
4 KB 745ms
153ms Document
text/html 154.219.196.90
PEG TECH INC

General

Check archive.org

Show headers Download Go to

Full URL: http://xinliaio.com/
Protocol: HTTP/1.1
Server: 154.219.196.90 Los Angeles, United States, ASN54600 (PEGTECHINC - PEG TECH INC, US),
Reverse DNS
Software: nginx /
Resource Hash: d2567596ddeb43a0612a7c4788bce1d77bb62eb99258259cdf9507e1f851ff5c

Request headers

Host: xinliaio.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx
Date: Sun, 28 Apr 2019 09:57:14 GMT
Content-Type: text/html
Last-Modified: Fri, 26 Apr 2019 10:24:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5cc2dc4a-48c4"
Content-Encoding: gzip

GET
H/1.1 200
OK app.css
xinliaio.com/templets/default/css/ 29 KB
7 KB 155ms
153ms Stylesheet
text/css 154.219.196.90
PEG TECH INC

General

Check archive.org

Show headers Download Go to

Full URL: http://xinliaio.com/templets/default/css/app.css
Requested by: Host: xinliaio.com
URL: http://xinliaio.com/
Protocol: HTTP/1.1
Server: 154.219.196.90 Los Angeles, United States, ASN54600 (PEGTECHINC - PEG TECH INC, US),
Reverse DNS
Software: nginx /
Resource Hash: c5df1d9779c97b91ed3881098c1ac7166958859c87d4d2b7e8e860168f6e3454

Request headers

Referer: http://xinliaio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 28 Apr 2019 09:57:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Nov 2018 07:35:06 GMT
Server: nginx
ETag: W/"5bee732a-7369"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 28 Apr 2019 21:57:14 GMT

GET
H/1.1 200
OK font-awesome.min.css
xinliaio.com/templets/default/css/ 28 KB
8 KB 309ms
153ms Stylesheet
text/css 154.219.196.90
PEG TECH INC

General

Check archive.org

Show headers Download Go to

Full URL: http://xinliaio.com/templets/default/css/font-awesome.min.css
Requested by: Host: xinliaio.com
URL: http://xinliaio.com/
Protocol: HTTP/1.1
Server: 154.219.196.90 Los Angeles, United States, ASN54600 (PEGTECHINC - PEG TECH INC, US),
Reverse DNS
Software: nginx /
Resource Hash: b5675b0d1ee88db374b1e60e301fda9f0c1d3585f47173468827115fc4e529c2

Request headers

Referer: http://xinliaio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 28 Apr 2019 09:57:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Nov 2018 07:35:12 GMT
Server: nginx
ETag: W/"5bee7330-7103"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 28 Apr 2019 21:57:14 GMT

GET
H/1.1 200
OK mediaelementplayer.css
xinliaio.com/templets/default/css/ 24 KB
5 KB 462ms
153ms Stylesheet
text/css 154.219.196.90
PEG TECH INC

General

Check archive.org

Show headers Download Go to

Full URL: http://xinliaio.com/templets/default/css/mediaelementplayer.css
Requested by: Host: xinliaio.com
URL: http://xinliaio.com/
Protocol: HTTP/1.1
Server: 154.219.196.90 Los Angeles, United States, ASN54600 (PEGTECHINC - PEG TECH INC, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0a0b91b5956c59a3d7ddcc24af21a3e49e44ac0dd444a4838eb986877fc70

Request headers

Referer: http://xinliaio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 28 Apr 2019 09:57:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Nov 2018 07:35:16 GMT
Server: nginx
ETag: W/"5bee7334-6093"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 28 Apr 2019 21:57:15 GMT

GET
H/1.1 200
OK u=2531842703,3972980523&fm=200&gp=0.jpg
img4.imgtn.bdimg.com/it/ 15 KB
16 KB 1448ms
231ms Image
image/jpeg 14.152.86.48
CT-DONGGUAN-IDC C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img4.imgtn.bdimg.com/it/u=2531842703,3972980523&fm=200&gp=0.jpg
Requested by: Host: xinliaio.com
URL: http://xinliaio.com/
Protocol: HTTP/1.1
Server: 14.152.86.48 Guangzhou, China, ASN134763 (CT-DONGGUAN-IDC CHINANET Guangdong province network, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 17e3b499705b2cb540e7566b7dac19e891a4cf1f72cff12f24f7486c5a644a82

Request headers

Referer: http://xinliaio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 28 Apr 2019 09:56:49 GMT
Ohc-Response-Time: 1 0 0 0 0 0
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
Server: JSP3/2.0.14
Age: 801857
ETag: 39bf24660d57f22de0c19112e8dc0140
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2628000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15811
Expires: Wed, 15 May 2019 17:57:05 GMT

GET
H/1.1 404
Not Found jquery.min.js
xinliaio.com/templates/default/js/ 0
0 500ms
153ms Script
text/html 154.219.196.90
PEG TECH INC

General

Check archive.org

Show headers Download Go to

Full URL: http://xinliaio.com/templates/default/js/jquery.min.js
Requested by: Host: xinliaio.com
URL: http://xinliaio.com/
Protocol: HTTP/1.1
Server: 154.219.196.90 Los Angeles, United States, ASN54600 (PEGTECHINC - PEG TECH INC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://xinliaio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 28 Apr 2019 09:57:15 GMT
Server: nginx
Connection: keep-alive
Content-Length: 564
Content-Type: text/html

GET
H/1.1 200
OK js.js Show response
xinliaio.com/ 138 B
451 B 500ms
154ms Script
application/javascript 154.219.196.90
PEG TECH INC

General

Check archive.org

Show headers Download Go to

Full URL: http://xinliaio.com/js.js
Requested by: Host: xinliaio.com
URL: http://xinliaio.com/
Protocol: HTTP/1.1
Server: 154.219.196.90 Los Angeles, United States, ASN54600 (PEGTECHINC - PEG TECH INC, US),
Reverse DNS
Software: nginx /
Resource Hash: fc06a69563384a384bf8b34eed69fdb7f290b8b97e46fe4e6654674ffa028828

Request headers

Referer: http://xinliaio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 28 Apr 2019 09:57:15 GMT
Last-Modified: Fri, 26 Apr 2019 09:59:41 GMT
Server: nginx
ETag: "5cc2d68d-8a"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 138
Expires: Sun, 28 Apr 2019 21:57:15 GMT

GET
H/1.1 404
Not Found fontawesome-webfont.woff2
xinliaio.com/templets/default/fonts/ 0
0 154ms
153ms Font
text/html 154.219.196.90
PEG TECH INC

General

Check archive.org

Show headers Download Go to

Full URL: http://xinliaio.com/templets/default/fonts/fontawesome-webfont.woff2?v=4.6.2
Requested by: Host: xinliaio.com
URL: http://xinliaio.com/
Protocol: HTTP/1.1
Server: 154.219.196.90 Los Angeles, United States, ASN54600 (PEGTECHINC - PEG TECH INC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://xinliaio.com/templets/default/css/font-awesome.min.css
Origin: http://xinliaio.com

Response headers

Date: Sun, 28 Apr 2019 09:57:15 GMT
Server: nginx
Connection: keep-alive
Content-Length: 564
Content-Type: text/html

GET
H/1.1 200
OK 18luck.js Show response
www.yibet888.com/js/zq/2019/4/h/ 520 B
764 B 1627ms
600ms Script
application/javascript 103.197.70.30
ITACE-AS-AP Itace...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yibet888.com/js/zq/2019/4/h/18luck.js
Requested by: Host: xinliaio.com
URL: http://xinliaio.com/js.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.197.70.30 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: a2cea2059b7e08cec155755ff6fafa3f36c8fa517df554e99424196aeea4f142

Request headers

Referer: http://xinliaio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sun, 28 Apr 2019 09:54:25 GMT
Last-Modified: Mon, 22 Apr 2019 06:09:30 GMT
Server: nginx
ETag: "5cbd5a9a-208"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 520

GET
H/1.1 404
Not Found fontawesome-webfont.woff
xinliaio.com/templets/default/fonts/ 0
0 153ms
153ms Font
text/html 154.219.196.90
PEG TECH INC

General

Check archive.org

Show headers Download Go to

Full URL: http://xinliaio.com/templets/default/fonts/fontawesome-webfont.woff?v=4.6.2
Requested by: Host: xinliaio.com
URL: http://xinliaio.com/
Protocol: HTTP/1.1
Server: 154.219.196.90 Los Angeles, United States, ASN54600 (PEGTECHINC - PEG TECH INC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://xinliaio.com/templets/default/css/font-awesome.min.css
Origin: http://xinliaio.com

Response headers

Date: Sun, 28 Apr 2019 09:57:15 GMT
Server: nginx
Connection: keep-alive
Content-Length: 564
Content-Type: text/html

GET
H/1.1 404
Not Found fontawesome-webfont.ttf
xinliaio.com/templets/default/fonts/ 0
0 154ms
153ms Font
text/html 154.219.196.90
PEG TECH INC

General

Check archive.org

Show headers Download Go to

Full URL: http://xinliaio.com/templets/default/fonts/fontawesome-webfont.ttf?v=4.6.2
Requested by: Host: xinliaio.com
URL: http://xinliaio.com/
Protocol: HTTP/1.1
Server: 154.219.196.90 Los Angeles, United States, ASN54600 (PEGTECHINC - PEG TECH INC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://xinliaio.com/templets/default/css/font-awesome.min.css
Origin: http://xinliaio.com

Response headers

Date: Sun, 28 Apr 2019 09:57:15 GMT
Server: nginx
Connection: keep-alive
Content-Length: 564
Content-Type: text/html

GET
H/1.1 200
OK all.js Show response
www.yibet888.com/js/zq/ 413 B
657 B 280ms
280ms Script
application/javascript 103.197.70.30
ITACE-AS-AP Itace...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yibet888.com/js/zq/all.js
Requested by: Host: www.yibet888.com
URL: https://www.yibet888.com/js/zq/2019/4/h/18luck.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.197.70.30 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 56abf19de36478058755dd522156d694e18a749d7f1299f7564a289458f5b9fa

Request headers

Referer: http://xinliaio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sun, 28 Apr 2019 09:54:25 GMT
Last-Modified: Thu, 01 Nov 2018 01:38:06 GMT
Server: nginx
ETag: "5bda58fe-19d"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 413

GET hm.js
hm.baidu.com/ 0
0

GET
H/1.1 200
OK 18luck.js
www.yibet888.com/js/zq/to/ 110 B
353 B 337ms
336ms Script
application/javascript 103.197.70.30
ITACE-AS-AP Itace...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yibet888.com/js/zq/to/18luck.js
Requested by: Host: www.yibet888.com
URL: https://www.yibet888.com/js/zq/2019/4/h/18luck.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.197.70.30 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://xinliaio.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sun, 28 Apr 2019 09:54:25 GMT
Last-Modified: Tue, 13 Nov 2018 07:08:42 GMT
Server: nginx
ETag: "5bea787a-6e"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110

GET push.js
push.zhanzhang.baidu.com/ 0
0

GET
H/1.1 200
OK 18luck.html
www.yibet888.com/to/ 269 B
500 B 264ms
263ms Document
text/html 103.197.70.30
ITACE-AS-AP Itace...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yibet888.com/to/18luck.html
Requested by: Host: xinliaio.com
URL: http://xinliaio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.197.70.30 , Hong Kong, ASN134705 (ITACE-AS-AP Itace International Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: www.yibet888.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://xinliaio.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://xinliaio.com/

Response headers

Server: nginx
Date: Sun, 28 Apr 2019 09:54:26 GMT
Content-Type: text/html
Content-Length: 269
Last-Modified: Tue, 12 Mar 2019 06:43:50 GMT
Connection: keep-alive
ETag: "5c875526-10d"
Accept-Ranges: bytes

GET
H2

404

Primary Request register Show response
m.xl18.run/
Redirect Chain

http://18uk.net/
http://m.xl18.run/register?affi=2118
https://m.xl18.run/register?affi=2118

4 KB
2 KB

1449ms
826ms

Document
text/html

47.246.2.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.xl18.run/register?affi=2118
Requested by: Host: www.yibet888.com
URL: https://www.yibet888.com/to/18luck.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.2.230 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 69b4d26d99a1db5a925db4a113b65b58abd1be3699965caddf17750fc55d88a1

Request headers

:method: GET
:authority: m.xl18.run
:scheme: https
:path: /register?affi=2118
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 404
server: Tengine
content-type: text/html
date: Sun, 28 Apr 2019 09:56:52 GMT
vary: Accept-Encoding
x-oss-request-id: 5CC578E410F5103B561FA6DE
last-modified: Tue, 23 Apr 2019 04:20:32 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7306852443078226904
x-oss-storage-class: Standard
content-md5: 1qG2+hAK/UJAOsdoWMAS7Q==
x-oss-server-time: 6
content-encoding: gzip
ali-swift-global-savetime: 1556445412
via: cache13.l2hk71[78,404-1280,M], cache21.l2hk71[79,0], cache1.ru3[760,404-1280,M], cache15.ru3[761,0]
x-swift-error: orig response 4XX error orig response 4XX error
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Sun, 28 Apr 2019 09:56:53 GMT
x-swift-cachetime: 1
access-control-allow-headers: *
timing-allow-origin: *
eagleid: 2ff602a315564454123987394e

Redirect headers

Server: Tengine
Date: Sun, 28 Apr 2019 09:56:51 GMT
Content-Type: text/html
Content-Length: 278
Connection: keep-alive
Location: https://m.xl18.run/register?affi=2118
Access-Control-Allow-Headers: *
Via: cache11.ru3[,0]
Timing-Allow-Origin: *
EagleId: 2ff6029f15564454117211413e

GET
H2 200 app.c85cb5f93d7c0a902e062ae85c52e63e.css
m.xl18.run/static/css/ 50 KB
13 KB 254ms
253ms Stylesheet
text/css 47.246.2.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.xl18.run/static/css/app.c85cb5f93d7c0a902e062ae85c52e63e.css
Requested by: Host: m.xl18.run
URL: https://m.xl18.run/register?affi=2118
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.2.230 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: ce93cd9320865da19488da8e937bbc0e1706c42aa55b4a4f62deb44606caa39e

Request headers

Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 26 Apr 2019 02:30:01 GMT
content-encoding: gzip
x-oss-request-id: 5CC26D29C57BD4AA0962E42A
content-md5: nCpCxckc+fmclhNJXF7n/Q==
age: 199612
x-cache: HIT TCP_HIT dirn:10:96921612
status: 200
x-swift-cachetime: 2592000
x-swift-savetime: Fri, 26 Apr 2019 12:50:39 GMT
content-length: 13192
x-oss-object-type: Normal
access-control-allow-headers: *
last-modified: Tue, 23 Apr 2019 04:20:33 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1556245801
content-type: text/css
via: cache28.l2hk71[0,200-0,H], cache4.l2hk71[1,0], cache8.ru3[0,200-0,H], cache15.ru3[7,0]
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 15169286666273007741
eagleid: 2ff602a315564454132407858e
x-oss-server-time: 107

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 63 KB
24 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-76828495-9

Requested by

Host: m.xl18.run
URL: https://m.xl18.run/register?affi=2118

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

3ed9de8e88af4ecb68ade7bbd5cbe66aafc0cc3d10612cb7bf6233c575938a4d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 28 Apr 2019 09:56:53 GMT
content-encoding: br
last-modified: Fri, 26 Apr 2019 19:20:18 GMT
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 24714
x-xss-protection: 0
expires: Sun, 28 Apr 2019 09:56:53 GMT

GET
H2 200 socket.io.js Show response
cdn.jsdelivr.net/npm/socket.io-client@2.1.1/dist/ 61 KB
18 KB 84ms
14ms Script
application/javascript 2606:4700::6810:5514
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/socket.io-client@2.1.1/dist/socket.io.js

Requested by

Host: m.xl18.run
URL: https://m.xl18.run/register?affi=2118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e2d3db4408e44abebf3107d88297c0c9f2234c2eb8837210b5fa9fb2b75852b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 28 Apr 2019 09:56:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-ray: 4ce82b390e59beee-FRA
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
x-served-by: cache-ams21051-AMS, cache-hhn1527-HHN
server: cloudflare
jsd-meta: 1552000739900, 9d802c44dc28, pr, /3/2018-08-08/16-55-18.616Z-WyJucG0iLCJzb2NrZXQuaW8tY2xpZW50IiwiL2Rpc3Qvc29ja2V0LmlvLmpzIiwiMi4xLjEiXQ==, 0
etag: W/"f3e6-RGQvsNcRr71b5KG78OKOUc5m3Jw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *

GET
H2 200 md5.min.js Show response
cdn.jsdelivr.net/npm/js-md5@0.7.2/src/ 10 KB
3 KB 81ms
12ms Script
application/javascript 2606:4700::6810:5514
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-md5@0.7.2/src/md5.min.js

Requested by

Host: m.xl18.run
URL: https://m.xl18.run/register?affi=2118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

819ea625864bf229a828cc19bc6076ba2882ab620bb22b05c14e1a6eb8118bdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 28 Apr 2019 09:56:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cache: HIT, HIT
status: 200
x-served-by: cache-ams4138-AMS, cache-hhn1532-HHN
timing-allow-origin: *
server: cloudflare
etag: W/"27c1-yr8Ul5yO7eG/3f+rk3svEN4s3AY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 4ce82b390e5bbeee-FRA

GET
H2 200 loggly.tracker-latest.min.js Show response
cdn.xmkxx.com/js/ 2 KB
2 KB 2115ms
43ms Script
text/javascript 80.231.126.236
TATA COMMUNICATIO...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xmkxx.com/js/loggly.tracker-latest.min.js
Requested by: Host: m.xl18.run
URL: https://m.xl18.run/register?affi=2118
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 80.231.126.236 , Spain, ASN6453 (AS6453 - TATA COMMUNICATIONS (AMERICA) INC, US),
Reverse DNS
Software: Tengine /
Resource Hash: 1002227cd334b24988575ff8435e9ddade75e2ca588d8db606734c32078faae9

Request headers

Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 24 Apr 2019 12:03:37 GMT
via: cache28.l2hk71[0,304-0,H], cache11.l2hk71[334,0], cache8.es1[0,200-0,H], cache9.es1[1,0]
x-oss-request-id: 5CC05099271EEE2558F866FE
content-md5: LZrIJjZMpyAJwkx2xKKI0w==
age: 337998
x-cache: HIT TCP_MEM_HIT dirn:0:384307524
status: 200
access-control-max-age: 3000
x-swift-cachetime: 259200
x-swift-savetime: Thu, 25 Apr 2019 16:15:15 GMT
content-encoding: gzip
x-oss-object-type: Normal
ali-swift-global-savetime: 1544617104
last-modified: Thu, 18 Oct 2018 12:10:24 GMT
server: Tengine
etag: W/"2D9AC826364CA72009C24C76C4A288D3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=259200
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 565844180995498964
eagleid: 50e77ed115564454153271079e
x-oss-server-time: 8
expires: Sat, 27 Apr 2019 12:03:37 GMT

GET
H2 200 manifest.f3efc41ddf7bbef706c7.js Show response
m.xl18.run/static/js/ 2 KB
2 KB 65ms
64ms Script
application/javascript 47.246.2.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.xl18.run/static/js/manifest.f3efc41ddf7bbef706c7.js
Requested by: Host: m.xl18.run
URL: https://m.xl18.run/register?affi=2118
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.2.230 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 6a06aa9c835f9ea293b8cb6ad1ea3104c99c0d929d90e3065fd4854bd0342ad2

Request headers

Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 26 Apr 2019 10:24:08 GMT
content-encoding: gzip
x-oss-request-id: 5CC2DC48382B4F5D5F02993E
content-md5: BFbc51bJ1xzWg8cpm53IsQ==
age: 171165
x-cache: HIT TCP_HIT dirn:10:221333659
status: 200
x-swift-cachetime: 2592000
x-swift-savetime: Fri, 26 Apr 2019 12:50:39 GMT
content-length: 1421
x-oss-object-type: Normal
access-control-allow-headers: *
last-modified: Tue, 23 Apr 2019 04:20:32 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1556274248
content-type: application/javascript
via: cache31.l2hk71[0,200-0,H], cache30.l2hk71[0,0], cache2.ru3[0,200-0,H], cache15.ru3[1,0]
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 8112484870274614709
eagleid: 2ff602a315564454132417860e
x-oss-server-time: 18

GET
H2 200 app.0d54750cf9afdf0bb329.js Show response
m.xl18.run/static/js/ 582 KB
190 KB 65ms
65ms Script
application/javascript 47.246.2.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.xl18.run/static/js/app.0d54750cf9afdf0bb329.js
Requested by: Host: m.xl18.run
URL: https://m.xl18.run/register?affi=2118
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.2.230 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: dd713757eeef1b6147066aa90b9dd457166c7779502f99e0be2fb3a9065cea62

Request headers

Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 26 Apr 2019 11:21:40 GMT
content-encoding: gzip
x-oss-request-id: 5CC2E9C49BF380E22B0EA96E
content-md5: mYgKdC1+1PSPhZPeVeVAsQ==
age: 167713
x-cache: HIT TCP_HIT dirn:11:95186145
status: 200
x-swift-cachetime: 2592000
x-swift-savetime: Fri, 26 Apr 2019 12:50:39 GMT
content-length: 194161
x-oss-object-type: Normal
access-control-allow-headers: *
last-modified: Tue, 23 Apr 2019 04:20:33 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1556277700
content-type: application/javascript
via: cache26.l2sg52[0,200-0,H], cache27.l2sg52[1,0], cache20.ru3[0,200-0,H], cache15.ru3[2,0]
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 4846161192326833438
eagleid: 2ff602a315564454132417861e
x-oss-server-time: 31

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 52 KB
19 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53J8H4V

Requested by

Host: m.xl18.run
URL: https://m.xl18.run/register?affi=2118

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

ab6d3795c59c670726c0b346b2022cbe0a0bf9d271d8c509c6a659d8c86405d4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 28 Apr 2019 09:56:53 GMT
content-encoding: br
last-modified: Fri, 26 Apr 2019 19:20:18 GMT
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 19282
x-xss-protection: 0
expires: Sun, 28 Apr 2019 09:56:53 GMT

GET
H2 200 piwik.js Show response
cdn.xmkxx.com/js/ 64 KB
25 KB 1898ms
83ms Script
text/javascript 80.231.126.236
TATA COMMUNICATIO...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xmkxx.com/js/piwik.js
Requested by: Host: m.xl18.run
URL: https://m.xl18.run/register?affi=2118
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 80.231.126.236 , Spain, ASN6453 (AS6453 - TATA COMMUNICATIONS (AMERICA) INC, US),
Reverse DNS
Software: Tengine /
Resource Hash: 5c166a5d40aeefd0679a14f95e47ff28824e66abba82adfa30be41803cc25632

Request headers

Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 27 Apr 2019 08:26:55 GMT
via: cache6.l2hk71[0,304-0,H], cache27.l2hk71[7,0], cache1.es1[0,200-0,H], cache9.es1[2,0]
x-oss-request-id: 5CC4124FB8509911F9A0EE0A
content-md5: NNUBWUHkkBSFx5dGZ7hRYg==
age: 91800
x-cache: HIT TCP_MEM_HIT dirn:9:338170073
status: 200
access-control-max-age: 3000
x-swift-cachetime: 259200
x-swift-savetime: Sat, 27 Apr 2019 12:27:17 GMT
content-encoding: gzip
x-oss-object-type: Normal
ali-swift-global-savetime: 1547182549
last-modified: Thu, 10 Jan 2019 09:36:11 GMT
server: Tengine
etag: W/"34D5015941E4901485C7974667B85162"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=259200
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 13535809602641452422
eagleid: 50e77ed115564454153271080e
x-oss-server-time: 60
expires: Tue, 30 Apr 2019 08:26:55 GMT

GET
H2 200 bg_home.png
img.xletcdn.com/ 6 KB
7 KB 425ms
72ms Image
image/png 47.246.2.231
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.xletcdn.com/bg_home.png
Requested by: Host: m.xl18.run
URL: https://m.xl18.run/register?affi=2118
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.2.231 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 01592f88e3c412237f6cf009c76264f68f21db4bbfc3da329c72a15df2fbf74d

Request headers

Referer: https://m.xl18.run/static/css/app.c85cb5f93d7c0a902e062ae85c52e63e.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 10 Apr 2019 13:35:55 GMT
via: cache17.l2sg52[0,200-0,H], cache34.l2sg52[41,0], cache8.ru3[0,200-0,H], cache9.ru3[2,0]
x-oss-request-id: 5CADF13BD79A6B1DACF335E7
content-md5: YNI9pTlUeadXCVILZeHrWQ==
age: 1542058
x-cache: HIT TCP_HIT dirn:10:210617894
status: 200
x-swift-cachetime: 2592000
x-swift-savetime: Tue, 23 Apr 2019 02:50:29 GMT
content-length: 6466
x-oss-object-type: Normal
access-control-allow-headers: *
last-modified: Wed, 26 Sep 2018 08:42:51 GMT
server: Tengine
etag: "60D23DA5395479A75709520B65E1EB59"
ali-swift-global-savetime: 1544450818
content-type: image/png
cache-control: no-cache
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 7743705903119852433
eagleid: 2ff6029d15564454138587797e
x-oss-server-time: 208

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-76828495-9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 597
date: Sun, 28 Apr 2019 09:46:56 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17543
expires: Sun, 28 Apr 2019 11:46:56 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1319712369&t=pageview&_s=1&dl=https%3A%2F%2Fm.xl18.run%2Fregister%3Faffi%3D2118&ul=en-us&de=UTF-8&dt=%E6%96%B0%E5%88%A918luck%20-%20%E6%96%B0...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76828495-9&cid=642165931.1556445414&jid=967399770&_gid=1343131362.1556445414&gjid=1283949430&_v=j73&z=504049213

35 B
103 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c0c::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76828495-9&cid=642165931.1556445414&jid=967399770&_gid=1343131362.1556445414&gjid=1283949430&_v=j73&z=504049213

Requested by

Host: m.xl18.run
URL: https://m.xl18.run/register?affi=2118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Sun, 28 Apr 2019 09:56:53 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Apr 2019 09:56:53 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76828495-9&cid=642165931.1556445414&jid=967399770&_gid=1343131362.1556445414&gjid=1283949430&_v=j73&z=504049213
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vendor-async.44556e95591c972c8cd8.js Show response
m.xl18.run/static/js/ 274 KB
76 KB 66ms
65ms Script
application/javascript 47.246.2.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.xl18.run/static/js/vendor-async.44556e95591c972c8cd8.js
Requested by: Host: m.xl18.run
URL: https://m.xl18.run/static/js/manifest.f3efc41ddf7bbef706c7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.2.230 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 1b24c929a5fef83ae06beae21bca82f8b48ada0ab0caa0173ac0a5ab09c7a371

Request headers

Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 26 Apr 2019 02:30:03 GMT
content-encoding: gzip
x-oss-request-id: 5CC26D2BAD894A2AC2C93B15
content-md5: 8knEi83gxHKZgZMIAJO22Q==
age: 199610
x-cache: HIT TCP_HIT dirn:10:197170078
status: 200
x-swift-cachetime: 2592000
x-swift-savetime: Fri, 26 Apr 2019 12:50:40 GMT
content-length: 77333
x-oss-object-type: Normal
access-control-allow-headers: *
last-modified: Tue, 23 Apr 2019 04:20:37 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1556245803
content-type: application/javascript
via: cache21.l2hk71[0,200-0,H], cache29.l2hk71[29,0], cache11.ru3[0,200-0,H], cache15.ru3[1,0]
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 4559469093731306745
eagleid: 2ff602a315564454136468101e
x-oss-server-time: 43

GET
H2 200 23.0d55a27aff5b79d57bab.js Show response
m.xl18.run/static/js/ 9 KB
3 KB 68ms
68ms Script
application/javascript 47.246.2.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.xl18.run/static/js/23.0d55a27aff5b79d57bab.js
Requested by: Host: m.xl18.run
URL: https://m.xl18.run/static/js/manifest.f3efc41ddf7bbef706c7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.2.230 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 2078ce2c574103999f5b4d828a941e84df3b47d7200d133ccdc107f8536bd0d1

Request headers

Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 26 Apr 2019 12:01:57 GMT
content-encoding: gzip
x-oss-request-id: 5CC2F3359F065340295051A6
content-md5: 6dgWAvY6qgG0vf3nPSLyfw==
age: 165296
x-cache: HIT TCP_HIT dirn:10:344260252
status: 200
x-swift-cachetime: 2592000
x-swift-savetime: Fri, 26 Apr 2019 12:50:40 GMT
content-length: 3134
x-oss-object-type: Normal
access-control-allow-headers: *
last-modified: Tue, 23 Apr 2019 04:20:32 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1556280117
content-type: application/javascript
via: cache17.l2sg52[0,200-0,H], cache17.l2sg52[0,0], cache15.ru3[0,200-0,H], cache15.ru3[2,0]
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 7600600706739164620
eagleid: 2ff602a315564454136468102e
x-oss-server-time: 18

OPTIONS
H2 204 / Show response
socket.xletcdn.com/socket.io/ 0
345 B 862ms
276ms XHR
text/plain 47.75.199.185
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://socket.xletcdn.com/socket.io/?EIO=3&transport=polling&t=MfZO43s
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/socket.io-client@2.1.1/dist/socket.io.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.199.185 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://m.xl18.run
Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: apptype,appversion,clienttype,deviceid,key,sn

Response headers

date: Sun, 28 Apr 2019 09:56:54 GMT
server: nginx/1.10.3 (Ubuntu)
access-control-allow-origin: https://m.xl18.run
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
status: 204
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,DeviceId,Sn,Key,AppType,ClientType,AppVersion
content-length: 0

GET
H2 200 env.json Show response
cdn.xmkxx.com/ 4 KB
2 KB 1214ms
43ms XHR
application/json 80.231.126.181
TATA COMMUNICATIO...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xmkxx.com/env.json
Requested by: Host: m.xl18.run
URL: https://m.xl18.run/static/js/app.0d54750cf9afdf0bb329.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 80.231.126.181 , Spain, ASN6453 (AS6453 - TATA COMMUNICATIONS (AMERICA) INC, US),
Reverse DNS
Software: Tengine /
Resource Hash: 7a8fccb636d039386ef3f1cdcf4642709100bf1b92b6209c5bd03ee2ebd58250

Request headers

Accept: application/json, text/plain, */*
Referer: https://m.xl18.run/register?affi=2118
Origin: https://m.xl18.run
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 26 Apr 2019 11:37:50 GMT
content-encoding: gzip
vary: Accept-Encoding
x-oss-request-id: 5CC2ED8E41F2DEF095663DE0
content-md5: gdlcnGv5pnDnu1dhxKhIrQ==
age: 166744
x-cache: HIT TCP_HIT dirn:11:127406563
status: 200
x-swift-cachetime: 259200
x-swift-savetime: Fri, 26 Apr 2019 11:37:50 GMT
content-length: 1388
x-oss-object-type: Normal
access-control-allow-origin: *
last-modified: Fri, 26 Apr 2019 11:29:47 GMT
server: Tengine
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: cache8.l2hk71[1477,200-0,M], cache36.l2hk71[1478,0], cache10.es1[0,200-0,H], cache8.es1[1,0]
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 15390077984918095189
eagleid: 50e77ed015564454148387543e
x-oss-server-time: 9
ali-swift-global-savetime: 1556278670

GET
H2 200 collect
www.google-analytics.com/ 35 B
100 B 8ms
7ms Image
image/gif 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j73&a=1319712369&t=pageview&_s=2&dl=https%3A%2F%2Fm.xl18.run%2Fregister%3Faffi%3D2118&dp=%2Fregister%3Faffi%3D2118&ul=en-us&de=UTF-8&dt=%E6%96%B0%E5%88%A918luck%20-%20%E6%96%B0%E5%88%A918luck%E5%9C%A8%E7%BA%BF%E5%A8%B1%E4%B9%90%E7%BD%91&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAUAB~&jid=&gjid=&cid=642165931.1556445414&tid=UA-76828495-9&_gid=1343131362.1556445414&gtm=2ou430&z=1025744352

Requested by

Host: m.xl18.run
URL: https://m.xl18.run/register?affi=2118

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2019 01:30:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4350399
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo.png
img.xletcdn.com/ 14 KB
15 KB 256ms
139ms Image
image/png 47.246.2.231
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.xletcdn.com/logo.png
Requested by: Host: m.xl18.run
URL: https://m.xl18.run/register?affi=2118
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.2.231 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 8339b930b67c15c80786c0416b775eafc67863b219df3d3b33b18eb970ca8518

Request headers

Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 07 Apr 2019 21:53:01 GMT
via: cache19.l2sg52[0,200-0,H], cache12.l2sg52[1,0], cache13.ru3[0,200-0,H], cache9.ru3[2,0]
x-oss-request-id: 5CAA713DB3EDD0265D3DE28E
content-md5: aROwiohD+YQIRhi/nQLLsA==
age: 1771432
x-cache: HIT TCP_HIT dirn:9:186222235
status: 200
x-swift-cachetime: 2592000
x-swift-savetime: Tue, 23 Apr 2019 02:50:30 GMT
content-length: 14536
x-oss-object-type: Normal
access-control-allow-headers: *
last-modified: Wed, 26 Sep 2018 08:42:21 GMT
server: Tengine
etag: "6913B08A8843F984084618BF9D02CBB0"
ali-swift-global-savetime: 1544227486
content-type: image/png
cache-control: no-cache
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 7902943853792970308
eagleid: 2ff6029d15564454138687806e
x-oss-server-time: 40

GET
H2 200 icon_check.png
img.xletcdn.com/ 1 KB
2 KB 252ms
144ms Image
image/png 47.246.2.231
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.xletcdn.com/icon_check.png
Requested by: Host: m.xl18.run
URL: https://m.xl18.run/register?affi=2118
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.2.231 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 4b05dba89da227c99ab291165b4b496dcc08e14f7ad99939df30a6d5e17ad2aa

Request headers

Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 12 Apr 2019 11:46:56 GMT
via: cache25.l2sg52[0,200-0,H], cache10.l2sg52[3,0], cache18.ru3[0,200-0,H], cache9.ru3[12,0]
x-oss-request-id: 5CB07AB07046DF3E74B295C0
content-md5: gODBgZsWz8Ujzwb/ojOWcQ==
age: 1375797
x-cache: HIT TCP_HIT dirn:9:254816415
status: 200
x-swift-cachetime: 2592000
x-swift-savetime: Tue, 23 Apr 2019 02:50:30 GMT
content-length: 1316
x-oss-object-type: Normal
access-control-allow-headers: *
last-modified: Wed, 26 Sep 2018 08:42:23 GMT
server: Tengine
etag: "80E0C1819B16CFC523CF06FFA2339671"
ali-swift-global-savetime: 1544288380
content-type: image/png
cache-control: no-cache
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 4726265264664981968
eagleid: 2ff6029d15564454138687805e
x-oss-server-time: 66

GET
H2 200 / Show response
socket.xletcdn.com/socket.io/ 99 B
294 B 810ms
262ms XHR
text/plain 47.75.199.185
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://socket.xletcdn.com/socket.io/?EIO=3&transport=polling&t=MfZO43s
Requested by: Host: m.xl18.run
URL: https://m.xl18.run/register?affi=2118
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.199.185 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: bdb44e9e9a0f758735ba828d1c4c3554d79a5310a3ae10bb74e057135fbfd7dc

Request headers

deviceId: 1bf05fa6-a334-4657-9dd8-518dd45dae45
Origin: https://m.xl18.run
appType: 0
sn: 1556445413
Accept: */*
Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
key: f7e9074e50761b87f9170f4dbe75b9cc
clientType: mobileWeb
appVersion: 2.3.11

Response headers

status: 200
date: Sun, 28 Apr 2019 09:56:55 GMT
access-control-allow-credentials: true
server: nginx/1.10.3 (Ubuntu)
access-control-allow-origin: https://m.xl18.run
content-length: 99
content-type: text/plain; charset=UTF-8

OPTIONS
H2 204 speed-test Show response
api.xl18api02.com/v1/ 0
671 B 1288ms
1168ms XHR
text/plain 107.154.199.22
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xl18api02.com/v1/speed-test

Requested by

Host: m.xl18.run
URL: https://m.xl18.run/static/js/app.0d54750cf9afdf0bb329.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.199.22 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

107.154.199.22.ip.incapdns.net

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Access-Control-Request-Method: GET
Origin: https://m.xl18.run
Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: clienttype

Response headers

date: Sun, 28 Apr 2019 09:56:55 GMT
server: nginx/1.10.3 (Ubuntu)
access-control-allow-origin: https://m.xl18.run
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
content-type: text/plain; charset=utf-8
status: 204
x-iinfo: 14-67689679-67689680 NNNN CT(285 576 0) RT(1556445414403 0) q(0 0 8 0) r(11 11) U5
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,DeviceId,accessToken,AppType,ClientType,AppVersion,osVersion,deviceInfo,appBuildVersion,referer
content-length: 0
x-cdn: Incapsula

OPTIONS
H2 204 / Show response
socket.xletcdn.com/socket.io/ 0
345 B 275ms
275ms XHR
text/plain 47.75.199.185
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://socket.xletcdn.com/socket.io/?EIO=3&transport=polling&t=MfZO4U5&sid=ABIIA8xYdKqvFUUNAAf6
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/socket.io-client@2.1.1/dist/socket.io.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.199.185 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://m.xl18.run
Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: apptype,appversion,clienttype,deviceid,key,sn

Response headers

date: Sun, 28 Apr 2019 09:56:55 GMT
server: nginx/1.10.3 (Ubuntu)
access-control-allow-origin: https://m.xl18.run
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
status: 204
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,DeviceId,Sn,Key,AppType,ClientType,AppVersion
content-length: 0

GET
H2 200 piwik.php
www.yucedi.org/ 43 B
468 B 1619ms
1210ms Image
image/gif 107.154.199.22
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yucedi.org/piwik.php?action_name=%E6%96%B0%E5%88%A918luck%20-%20%E6%96%B0%E5%88%A918luck%E5%9C%A8%E7%BA%BF%E5%A8%B1%E4%B9%90%E7%BD%91&idsite=1&rec=1&r=614016&h=9&m=56&s=55&url=https%3A%2F%2Fm.xl18.run%2Fregister%3Faffi%3D2118&_id=a48336a58e8acd2b&_idts=1556445415&_idvc=1&_idn=0&_refts=0&_viewts=1556445415&send_image=1&cookie=1&res=1600x1200&gt_ms=826&pv_id=55Uaz0

Requested by

Host: m.xl18.run
URL: https://m.xl18.run/register?affi=2118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.199.22 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

107.154.199.22.ip.incapdns.net

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 28 Apr 2019 09:56:56 GMT
server: nginx/1.10.3 (Ubuntu)
access-control-allow-origin: *
vary: Origin
content-type: image/gif
status: 200
x-iinfo: 13-44545899-44545900 NNNN CT(283 572 0) RT(1556445415227 0) q(0 0 8 0) r(12 12) U5
cache-control: no-store
access-control-allow-credentials: true
strict-transport-security: max-age=31536000;
x-cdn: Incapsula

GET
H2 200 / Show response
socket.xletcdn.com/socket.io/ 12 KB
2 KB 545ms
263ms XHR
text/plain 47.75.199.185
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://socket.xletcdn.com/socket.io/?EIO=3&transport=polling&t=MfZO4U5&sid=ABIIA8xYdKqvFUUNAAf6
Requested by: Host: m.xl18.run
URL: https://m.xl18.run/register?affi=2118
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.199.185 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 14636c3bb0cbd61301581f8e88661d2b1c9b9e175b63f5c06e35bbe188bf3a5a

Request headers

deviceId: 1bf05fa6-a334-4657-9dd8-518dd45dae45
Origin: https://m.xl18.run
appType: 0
sn: 1556445413
Accept: */*
Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
key: f7e9074e50761b87f9170f4dbe75b9cc
clientType: mobileWeb
appVersion: 2.3.11

Response headers

date: Sun, 28 Apr 2019 09:56:56 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
status: 200
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://m.xl18.run
access-control-allow-credentials: true
content-length: 1764

OPTIONS
H2 204 / Show response
socket.xletcdn.com/socket.io/ 0
345 B 276ms
275ms XHR
text/plain 47.75.199.185
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://socket.xletcdn.com/socket.io/?EIO=3&transport=polling&t=MfZO4g-&sid=ABIIA8xYdKqvFUUNAAf6
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/socket.io-client@2.1.1/dist/socket.io.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.199.185 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://m.xl18.run
Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: apptype,appversion,clienttype,deviceid,key,sn

Response headers

date: Sun, 28 Apr 2019 09:56:56 GMT
server: nginx/1.10.3 (Ubuntu)
access-control-allow-origin: https://m.xl18.run
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
status: 204
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,DeviceId,Sn,Key,AppType,ClientType,AppVersion
content-length: 0

GET
H2 200 speed-test Show response
api.xl18api02.com/v1/ 10 KB
637 B 318ms
317ms XHR
application/json 107.154.199.22
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xl18api02.com/v1/speed-test

Requested by

Host: m.xl18.run
URL: https://m.xl18.run/register?affi=2118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.199.22 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

107.154.199.22.ip.incapdns.net

Software

nginx/1.10.3 (Ubuntu) / ASP.NET

Resource Hash

4a338490c732ad7ae83aab87f7be90c34ab214cc96fcb311c084012d63d523e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://m.xl18.run/register?affi=2118
Origin: https://m.xl18.run
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
clientType: mobileWeb

Response headers

date: Sun, 28 Apr 2019 09:56:56 GMT
content-encoding: gzip
x-cdn: Incapsula
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
x-iinfo: 14-67689943-67689680 PNNN RT(1556445415575 0) q(0 0 0 0) r(3 3) U5
content-length: 186
request-context: appId=cid-v1:b9085203-3a93-495e-a2f9-5409df7529ec
pragma: no-cache
server: nginx/1.10.3 (Ubuntu)
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
expires: -1

GET
H2 200 piwik.php
www.yucedi.org/ 43 B
365 B 1180ms
1180ms Image
image/gif 107.154.199.22
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yucedi.org/piwik.php?action_name=%E6%96%B0%E5%88%A918luck%20-%20%E6%96%B0%E5%88%A918luck%E5%9C%A8%E7%BA%BF%E5%A8%B1%E4%B9%90%E7%BD%91&idsite=1&rec=1&r=441251&h=9&m=56&s=55&url=https%3A%2F%2Fm.xl18.run%2Fregister%3Faffi%3D2118&_id=a48336a58e8acd2b&_idts=1556445415&_idvc=1&_idn=0&_refts=0&_viewts=1556445415&send_image=1&cookie=1&res=1600x1200&gt_ms=826&pv_id=0s60fy

Requested by

Host: m.xl18.run
URL: https://m.xl18.run/register?affi=2118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.199.22 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

107.154.199.22.ip.incapdns.net

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 28 Apr 2019 09:56:57 GMT
server: nginx/1.10.3 (Ubuntu)
access-control-allow-origin: *
vary: Origin
content-type: image/gif
status: 200
x-iinfo: 13-44545944-44545946 NNNN CT(279 561 0) RT(1556445415617 0) q(0 0 8 0) r(11 11) U5
cache-control: no-store
access-control-allow-credentials: true
strict-transport-security: max-age=31536000;
x-cdn: Incapsula

GET
H2 200 / Show response
socket.xletcdn.com/socket.io/ 3 B
197 B 289ms
288ms XHR
text/plain 47.75.199.185
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://socket.xletcdn.com/socket.io/?EIO=3&transport=polling&t=MfZO4g-&sid=ABIIA8xYdKqvFUUNAAf6
Requested by: Host: m.xl18.run
URL: https://m.xl18.run/register?affi=2118
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.199.185 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0

Request headers

deviceId: 1bf05fa6-a334-4657-9dd8-518dd45dae45
Origin: https://m.xl18.run
appType: 0
sn: 1556445413
Accept: */*
Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
key: f7e9074e50761b87f9170f4dbe75b9cc
clientType: mobileWeb
appVersion: 2.3.11

Response headers

status: 200
date: Sun, 28 Apr 2019 09:56:56 GMT
access-control-allow-credentials: true
server: nginx/1.10.3 (Ubuntu)
access-control-allow-origin: https://m.xl18.run
content-length: 3
content-type: text/plain; charset=UTF-8

OPTIONS
H/1.1 204
No Content speed-test Show response
api.xmnhw.com/v1/ 0
643 B 1551ms
334ms XHR
text/plain 211.151.177.140
CNIX-AP China Net...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.xmnhw.com/v1/speed-test
Requested by: Host: m.xl18.run
URL: https://m.xl18.run/static/js/app.0d54750cf9afdf0bb329.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.151.177.140 Beijing, China, ASN4847 (CNIX-AP China Networks Inter-Exchange, CN),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://m.xl18.run
Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: clienttype

Response headers

Date: Sun, 28 Apr 2019 09:56:59 GMT
Server: nginx/1.10.3 (Ubuntu)
X-Ar-Debug: 362475-5-8160613-0;PO;R;-;-;0, 499442;PO;R;-;-;0
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://m.xl18.run
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,DeviceId,accessToken,AppType,ClientType,AppVersion,osVersion,deviceInfo,appBuildVersion,referer
Content-Length: 0

GET
H/1.1 200
OK speed-test Show response
api.xmnhw.com/v1/ 10 KB
689 B 344ms
343ms XHR
application/json 211.151.177.140
CNIX-AP China Net...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xmnhw.com/v1/speed-test

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

211.151.177.140 Beijing, China, ASN4847 (CNIX-AP China Networks Inter-Exchange, CN),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) / ASP.NET

Resource Hash

f2ab9037d2ab8e5dd42fabc3214b15056520fb8215b0488fdc6dafba71d06794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept: application/json, text/plain, */*
Referer: https://m.xl18.run/register?affi=2118
Origin: https://m.xl18.run
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
clientType: mobileWeb

Response headers

Pragma: no-cache
Date: Sun, 28 Apr 2019 09:56:59 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
X-AspNet-Version: 4.0.30319
X-Ar-Debug: 362475-5-8160613-1;PO;R;-;-;0, 499442;PO;R;-;-;0
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000;
Content-Type: application/json
Access-Control-Allow-Origin: *
Expires: -1
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 185
Request-Context: appId=cid-v1:b9085203-3a93-495e-a2f9-5409df7529ec

OPTIONS /
www.xl18.org/ 0
0

OPTIONS /
www.xl18.run/ 0
0

OPTIONS
H2 200 response-time Show response
log-api.xletcdn.com/v1/log/ 0
380 B 1392ms
753ms XHR
text/plain 47.107.35.121
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://log-api.xletcdn.com/v1/log/response-time
Requested by: Host: m.xl18.run
URL: https://m.xl18.run/static/js/app.0d54750cf9afdf0bb329.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.107.35.121 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://m.xl18.run
Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: accesstoken,clienttype,content-type,deviceid

Response headers

pragma: no-cache
date: Sun, 28 Apr 2019 09:57:01 GMT
server: nginx/1.10.3 (Ubuntu)
x-aspnet-version: 4.0.30319
access-control-allow-origin: *
x-powered-by: ASP.NET
status: 200
cache-control: no-cache
access-control-allow-headers: accesstoken,clienttype,content-type,deviceid, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,DeviceId,accessToken,AppType,ClientType,AppVersion,osVersion,deviceInfo,appBuildVersion,refer
content-length: 0
expires: -1

OPTIONS
H2 204 speed-test Show response
www.xl18api03.com/v1/ 0
398 B 1668ms
271ms XHR
text/plain 120.78.31.77
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xl18api03.com/v1/speed-test
Requested by: Host: m.xl18.run
URL: https://m.xl18.run/static/js/app.0d54750cf9afdf0bb329.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 120.78.31.77 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://m.xl18.run
Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: clienttype

Response headers

date: Sun, 28 Apr 2019 09:57:02 GMT
server: nginx/1.10.3 (Ubuntu)
access-control-allow-origin: https://m.xl18.run
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
content-type: text/plain; charset=utf-8
status: 204
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,DeviceId,accessToken,AppType,ClientType,AppVersion,osVersion,deviceInfo,appBuildVersion,referer
content-length: 0

POST
H2 200 response-time Show response
log-api.xletcdn.com/v1/log/ 37 B
388 B 1647ms
1646ms XHR
application/json 47.107.35.121
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://log-api.xletcdn.com/v1/log/response-time
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.107.35.121 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) / ASP.NET
Resource Hash: 2aa3c9127f947ff8f3df3ed3c297fba4bbba55d7c2a57eef8b63dd5c243b5c75

Request headers

deviceId: 1bf05fa6-a334-4657-9dd8-518dd45dae45
accessToken
Origin: https://m.xl18.run
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://m.xl18.run/register?affi=2118
clientType: mobileWeb

Response headers

pragma: no-cache
date: Sun, 28 Apr 2019 09:57:03 GMT
server: nginx/1.10.3 (Ubuntu)
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,DeviceId,accessToken,AppType,ClientType,AppVersion,osVersion,deviceInfo,appBuildVersion,refer
content-length: 37
expires: -1

GET
H2 200 speed-test Show response
www.xl18api03.com/v1/ 10 KB
438 B 353ms
352ms XHR
application/json 120.78.31.77
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xl18api03.com/v1/speed-test
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 120.78.31.77 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) / ASP.NET
Resource Hash: 52338068c7ff6c427176c6ddc7ab785d5851ea044b632e0701278841c8625431

Request headers

Accept: application/json, text/plain, */*
Referer: https://m.xl18.run/register?affi=2118
Origin: https://m.xl18.run
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
clientType: mobileWeb

Response headers

pragma: no-cache
date: Sun, 28 Apr 2019 09:57:02 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-type: application/json
access-control-allow-origin: *
expires: -1
cache-control: no-cache
content-length: 186
request-context: appId=cid-v1:b9085203-3a93-495e-a2f9-5409df7529ec

OPTIONS
H2 200 speed-test Show response
www.18lckiii.com/v1/ 0
404 B 900ms
834ms XHR
application/json 13.32.223.80
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.18lckiii.com/v1/speed-test
Requested by: Host: m.xl18.run
URL: https://m.xl18.run/static/js/app.0d54750cf9afdf0bb329.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.223.80 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-223-80.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://m.xl18.run
Referer: https://m.xl18.run/register?affi=2118
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: clienttype

Response headers

date: Sun, 28 Apr 2019 09:57:04 GMT
via: 1.1 1136b0fc7377c6211173282a3992a814.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-apigw-id: Y1_VmGxEoE0FmaQ=
x-amzn-requestid: f9f74552-699b-11e9-b26f-297f26790e22
access-control-allow-methods: GET,OPTIONS
content-type: application/json
status: 200
x-cache: Miss from cloudfront
access-control-allow-headers: Content-Type,deviceId,accessToken,clientType,appType,appVersion,osVersion,deviceInfo
content-length: 0
x-amz-cf-id: N7yWgg17qyxnpK4exItbRynx1A5fEzDRX1LDm-6tGyQNoac0DYbQIg==

GET
H2 200 speed-test Show response
www.18lckiii.com/v1/ 10 KB
730 B 1242ms
1242ms XHR
application/json 13.32.223.80
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.18lckiii.com/v1/speed-test
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.223.80 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-223-80.fra56.r.cloudfront.net
Software: / ASP.NET
Resource Hash: bc6a9890eb1b958a26ceec464835be4f14b4fb83c9f552c410ca9fa733fd8223

Request headers

Accept: application/json, text/plain, */*
Referer: https://m.xl18.run/register?affi=2118
Origin: https://m.xl18.run
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
clientType: mobileWeb

Response headers

date: Sun, 28 Apr 2019 09:57:05 GMT
content-encoding: gzip
x-amzn-remapped-content-length: 185
x-amzn-remapped-date: Sun, 28 Apr 2019 09:57:07 GMT
x-aspnet-version: 4.0.30319
access-control-allow-origin: *
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
status: 200
x-amz-apigw-id: Y1_VxEaRoE0Fufg=
content-length: 185
x-amz-cf-id: PkB0RsF_7BZ5be36Y3qubvjIp9YYWx57siXRLfqTozg80Ib61n6LXQ==
request-context: appId=cid-v1:b9085203-3a93-495e-a2f9-5409df7529ec
pragma: no-cache
x-amzn-requestid: fa9e81aa-699b-11e9-beda-09b8a1e06a08
content-type: application/json
via: 1.1 1136b0fc7377c6211173282a3992a814.cloudfront.net (CloudFront)
cache-control: no-cache
x-amzn-remapped-server: Microsoft-IIS/8.5
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.js?5ff404c656e5189a61bc23a6f527bd22

Domain: push.zhanzhang.baidu.com
URL: http://push.zhanzhang.baidu.com/push.js

Domain: www.xl18.org
URL: https://www.xl18.org/

Domain: www.xl18.run
URL: http://www.xl18.run/

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
m.xl18.run/	1970-01-19 09:46:40	Name: _pk_id.1.bca8 Value: a48336a58e8acd2b.1556445415.1.1556445415.1556445415.
.xl18.run/	1970-01-19 00:22:11	Name: _gid Value: GA1.2.1343131362.1556445414
m.xl18.run/	1969-12-31 23:59:59	Name: _affi Value: 2118
m.xl18.run/	1970-01-19 00:20:47	Name: _pk_ses.1.bca8 Value: *
m.xl18.run/	1969-12-31 23:59:59	Name: _uuid Value: 1bf05fa6-a334-4657-9dd8-518dd45dae45
m.xl18.run/	1969-12-31 23:59:59	Name: logglytrackingsession Value: 17e067c1-a2c5-4d0c-ba5f-03449979fabe
.xl18.run/	1970-01-19 00:20:45	Name: _gat_gtag_UA_76828495_9 Value: 1
.xl18.run/	1970-01-19 17:51:57	Name: _ga Value: GA1.2.642165931.1556445414

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://m.xl18.run/static/js/app.0d54750cf9afdf0bb329.js(Line 1) Message: ABIIA8xYdKqvFUUNAAf6
console-api	log	URL: https://m.xl18.run/static/js/app.0d54750cf9afdf0bb329.js(Line 1) Message: [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

18uk.net
api.xl18api02.com
api.xmnhw.com
cdn.jsdelivr.net
cdn.xmkxx.com
hm.baidu.com
img.xletcdn.com
img4.imgtn.bdimg.com
log-api.xletcdn.com
m.xl18.run
push.zhanzhang.baidu.com
socket.xletcdn.com
stats.g.doubleclick.net
www.18lckiii.com
www.google-analytics.com
www.googletagmanager.com
www.xl18.org
www.xl18.run
www.xl18api03.com
www.yibet888.com
www.yucedi.org
xinliaio.com
hm.baidu.com
push.zhanzhang.baidu.com
www.xl18.org
www.xl18.run
103.197.70.30
107.154.199.22
120.78.31.77
13.32.223.80
14.152.86.48
154.219.196.90
211.151.177.140
2606:4700:30::681b:9e62
2606:4700::6810:5514
2a00:1450:4001:81a::2008
2a00:1450:4001:821::200e
2a00:1450:400c:c0c::9a
47.107.35.121
47.246.2.225
47.246.2.230
47.246.2.231
47.75.199.185
80.231.126.181
80.231.126.236
01592f88e3c412237f6cf009c76264f68f21db4bbfc3da329c72a15df2fbf74d
1002227cd334b24988575ff8435e9ddade75e2ca588d8db606734c32078faae9
14636c3bb0cbd61301581f8e88661d2b1c9b9e175b63f5c06e35bbe188bf3a5a
17e3b499705b2cb540e7566b7dac19e891a4cf1f72cff12f24f7486c5a644a82
1b24c929a5fef83ae06beae21bca82f8b48ada0ab0caa0173ac0a5ab09c7a371
2078ce2c574103999f5b4d828a941e84df3b47d7200d133ccdc107f8536bd0d1
2aa3c9127f947ff8f3df3ed3c297fba4bbba55d7c2a57eef8b63dd5c243b5c75
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
3ed9de8e88af4ecb68ade7bbd5cbe66aafc0cc3d10612cb7bf6233c575938a4d
4a338490c732ad7ae83aab87f7be90c34ab214cc96fcb311c084012d63d523e4
4b05dba89da227c99ab291165b4b496dcc08e14f7ad99939df30a6d5e17ad2aa
52338068c7ff6c427176c6ddc7ab785d5851ea044b632e0701278841c8625431
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56abf19de36478058755dd522156d694e18a749d7f1299f7564a289458f5b9fa
5c166a5d40aeefd0679a14f95e47ff28824e66abba82adfa30be41803cc25632
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
69b4d26d99a1db5a925db4a113b65b58abd1be3699965caddf17750fc55d88a1
6a06aa9c835f9ea293b8cb6ad1ea3104c99c0d929d90e3065fd4854bd0342ad2
71f0a0b91b5956c59a3d7ddcc24af21a3e49e44ac0dd444a4838eb986877fc70
7a8fccb636d039386ef3f1cdcf4642709100bf1b92b6209c5bd03ee2ebd58250
819ea625864bf229a828cc19bc6076ba2882ab620bb22b05c14e1a6eb8118bdc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8339b930b67c15c80786c0416b775eafc67863b219df3d3b33b18eb970ca8518
8e2d3db4408e44abebf3107d88297c0c9f2234c2eb8837210b5fa9fb2b75852b
a2cea2059b7e08cec155755ff6fafa3f36c8fa517df554e99424196aeea4f142
ab6d3795c59c670726c0b346b2022cbe0a0bf9d271d8c509c6a659d8c86405d4
b5675b0d1ee88db374b1e60e301fda9f0c1d3585f47173468827115fc4e529c2
bc6a9890eb1b958a26ceec464835be4f14b4fb83c9f552c410ca9fa733fd8223
bdb44e9e9a0f758735ba828d1c4c3554d79a5310a3ae10bb74e057135fbfd7dc
c5df1d9779c97b91ed3881098c1ac7166958859c87d4d2b7e8e860168f6e3454
ce93cd9320865da19488da8e937bbc0e1706c42aa55b4a4f62deb44606caa39e
d2567596ddeb43a0612a7c4788bce1d77bb62eb99258259cdf9507e1f851ff5c
dd713757eeef1b6147066aa90b9dd457166c7779502f99e0be2fb3a9065cea62
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2ab9037d2ab8e5dd42fabc3214b15056520fb8215b0488fdc6dafba71d06794
fc06a69563384a384bf8b34eed69fdb7f290b8b97e46fe4e6654674ffa028828

m.xl18.run Open in urlscan Pro 47.246.2.230 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

75 %HTTPS

26 %IPv6

18 Domains

22 Subdomains

18 IPs

5 Countries

472 kBTransfer

1410 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

m.xl18.run Open in urlscan Pro
47.246.2.230 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

75 %
HTTPS

26 %
IPv6

18
Domains

22
Subdomains

18
IPs

5
Countries

472 kB
Transfer

1410 kB
Size

8
Cookies

55 HTTP transactions
0 data transactions