Submitted URL: http://cf-worker-vless.lau.life/p/1993c9589a03
Effective URL: https://www.163.com/
Submission: On August 14 via api from US — Scanned from DE

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 36 HTTP transactions. The main IP is 163.181.131.215, located in Frankfurt am Main, Germany and belongs to TAOBAO Zhejiang Taobao Network Co.,Ltd, CN. The main domain is www.163.com. The Cisco Umbrella rank of the primary domain is 27690.
TLS certificate: Issued by GeoTrust RSA CN CA G2 on March 28th 2024. Valid for: a year.
This is the only time www.163.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 2606:4700:303... 13335 (CLOUDFLAR...)
16 2404:2280:1cc... 24429 (TAOBAO Zh...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 163.181.131.215 24429 (TAOBAO Zh...)
36 5
Apex Domain
Subdomains
Transfer
16 126.net
static.ws.126.net — Cisco Umbrella Rank: 89646
h5.analytics.126.net Failed
nimg.ws.126.net Failed
477 KB
6 lau.life
cf-worker-vless.lau.life
11 KB
1 163.com
www.163.com — Cisco Umbrella Rank: 27690
101 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1223
7 KB
0 127.net Failed
urswebzj.nosdn.127.net Failed
36 5
Domain Requested by
16 static.ws.126.net cf-worker-vless.lau.life
static.ws.126.net
www.163.com
6 cf-worker-vless.lau.life 1 redirects cf-worker-vless.lau.life
static.cloudflareinsights.com
1 www.163.com cf-worker-vless.lau.life
1 static.cloudflareinsights.com cf-worker-vless.lau.life
0 nimg.ws.126.net Failed www.163.com
0 urswebzj.nosdn.127.net Failed www.163.com
0 h5.analytics.126.net Failed
36 7

This site contains no links.

Subject Issuer Validity Valid
lau.life
E5
2024-07-15 -
2024-10-13
3 months crt.sh
*.ws.126.net
TrustAsia RSA OV TLS CA G2
2023-11-15 -
2024-12-08
a year crt.sh
cloudflareinsights.com
WE1
2024-07-06 -
2024-10-04
3 months crt.sh
*.163.com
GeoTrust RSA CN CA G2
2024-03-28 -
2025-04-27
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.163.com/
Frame ID: 88E2E93F3E7D6693BDCB9E038778A68F
Requests: 34 HTTP requests in this frame

Frame: https://cf-worker-vless.lau.life/cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/main.js
Frame ID: 363CA6CA539821334532828B39B7FB13
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

网易

Page URL History Show full URLs

  1. http://cf-worker-vless.lau.life/p/1993c9589a03 HTTP 307
    https://cf-worker-vless.lau.life/p/1993c9589a03 Page URL
  2. https://www.163.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

36
Requests

61 %
HTTPS

75 %
IPv6

5
Domains

7
Subdomains

5
IPs

3
Countries

595 kB
Transfer

1683 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cf-worker-vless.lau.life/p/1993c9589a03 HTTP 307
    https://cf-worker-vless.lau.life/p/1993c9589a03 Page URL
  2. https://www.163.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://cf-worker-vless.lau.life/p/1993c9589a03 HTTP 307
  • https://cf-worker-vless.lau.life/p/1993c9589a03
Request Chain 7
  • https://cf-worker-vless.lau.life/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://cf-worker-vless.lau.life/cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/main.js

36 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
1993c9589a03
cf-worker-vless.lau.life/p/
Redirect Chain
  • http://cf-worker-vless.lau.life/p/1993c9589a03
  • https://cf-worker-vless.lau.life/p/1993c9589a03
4 KB
2 KB
Document
General
Full URL
https://cf-worker-vless.lau.life/p/1993c9589a03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9b93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70c7a55c6efca2f13d9f1b370b6662f59c9d91895a7a33016f09344b07f61efa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
8b31b01edaf46637-AMS
content-encoding
br
content-type
text/html; charset=GBK
date
Wed, 14 Aug 2024 14:38:20 GMT
expires
Wed, 14 Aug 2024 14:48:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=58yGoI28VXy6i5jMIBaDPZb95KL3JTntzoZ7GcLDCZ6NNSfj4OiYVZx06VGinN8fMRVVc%2FvEm%2F6IP9cGum%2FhL7lKzdQiVri%2FS8cu9DOfn6kVfJrVjisAcn%2B9CFoRfy0d5VZXItPMD4qqiqEFLe4EpRSKkAs8DMg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Location
https://cf-worker-vless.lau.life/p/1993c9589a03
Non-Authoritative-Reason
HttpsUpgrades
sports.lUxzeWcW7D4G.1.css
static.ws.126.net/f2e/products/2018_404/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://static.ws.126.net/f2e/products/2018_404/css/sports.lUxzeWcW7D4G.1.css
Requested by
Host: cf-worker-vless.lau.life
URL: https://cf-worker-vless.lau.life/p/1993c9589a03
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
124f417c220b961ce37ceca9474ca6a7d5ed96790fc2f518d1d036d860fea3cd

Request headers

Referer
https://cf-worker-vless.lau.life/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 04 Jul 2024 21:43:58 GMT
content-encoding
gzip
via
cache63.l2nu20-8[0,0,200-0,H], cache63.l2nu20-8[1,0], cache32.l2hk2[0,0,200-0,H], cache15.l2hk2[0,0], cache20.l2de2[184,185,200-0,M], cache23.l2de2[186,0], ens-cache11.de5[0,1,200-0,H], ens-cache4.de5[20,0]
cdn-ip
2404:2280:1cc:0:3::a
age
3516865
x-swift-cachetime
2402193
x-cache
HIT TCP_HIT dirn:11:178967273
cdn-user-ip
2a02:6ea0:c71b:0:1012:e0c:dfd8:4b1c
x-swift-savetime
Tue, 06 Aug 2024 02:27:25 GMT
content-length
6523
last-modified
Mon, 08 Oct 2018 04:03:27 GMT
server
Tengine
x-cache-remote
HIT
cdn-source
ali
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-content-from
netease
cache-control
max-age=86400, max-age=5184000, max-age=5184000
access-control-allow-credentials
false
ali-swift-global-savetime
1720129438
timing-allow-origin
*
eagleid
a3b55c9817236463034958987e
expires
Fri, 05 Jul 2024 21:43:58 GMT
2018_404.1260716.css
static.ws.126.net/f2e/products/2018_404/
1 KB
1 KB
Stylesheet
General
Full URL
https://static.ws.126.net/f2e/products/2018_404/2018_404.1260716.css
Requested by
Host: cf-worker-vless.lau.life
URL: https://cf-worker-vless.lau.life/p/1993c9589a03
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
0eef48dd5399f3713f1ad28158e6301ac14d94053757c245461ec10d707dfe4e

Request headers

Referer
https://cf-worker-vless.lau.life/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 08 Jul 2024 12:58:44 GMT
via
cache59.l2nu20-8[103,103,304-0,M], cache67.l2nu20-8[104,0], cache25.l2hk2[0,19,200-0,H], cache20.l2hk2[22,0], cache19.l2de2[0,0,200-0,H], cache20.l2de2[0,0], ens-cache12.de5[0,0,200-0,H], ens-cache4.de5[7,0]
content-encoding
gzip
cdn-ip
2404:2280:1cc:0:3::a
age
3202779
x-swift-cachetime
2716280
x-cache
HIT TCP_HIT dirn:11:260433359
cdn-user-ip
2a02:6ea0:c71b:0:1012:e0c:dfd8:4b1c
x-swift-savetime
Tue, 06 Aug 2024 02:27:24 GMT
content-length
468
last-modified
Tue, 09 Oct 2018 01:48:31 GMT
server
Tengine
x-cache-remote
HIT
cdn-source
ali
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-content-from
netease
cache-control
max-age=86400, max-age=5184000, max-age=5184000
access-control-allow-credentials
false
ali-swift-global-savetime
1720443524
timing-allow-origin
*
eagleid
a3b55c9817236463034938957e
expires
Tue, 09 Jul 2024 12:58:44 GMT
404.gif
static.ws.126.net/f2e/products/2018_404/images/
186 KB
187 KB
Image
General
Full URL
https://static.ws.126.net/f2e/products/2018_404/images/404.gif
Requested by
Host: cf-worker-vless.lau.life
URL: https://cf-worker-vless.lau.life/p/1993c9589a03
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e11bc04b34d639d82bd9133fc5f28f04acfb0ccd559e0d721b31dc45f81d8199

Request headers

Referer
https://cf-worker-vless.lau.life/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 09:04:54 GMT
via
cache9.l2nu20-8[241,241,304-0,M], cache26.l2nu20-8[243,0], cache15.l2hk2[272,271,200-0,H], cache34.l2hk2[273,0], cache8.l2de2[0,0,304-0,H], cache19.l2de2[2,0], ens-cache5.de5[0,0,200-0,H], ens-cache4.de5[12,0]
cdn-ip
2404:2280:1cc:0:3::a
age
106409
x-swift-cachetime
5176818
x-cache
HIT TCP_HIT dirn:12:553104639
cdn-user-ip
2a02:6ea0:c71b:0:1012:e0c:dfd8:4b1c
x-swift-savetime
Tue, 13 Aug 2024 11:04:36 GMT
content-length
190735
last-modified
Tue, 09 Oct 2018 01:48:46 GMT
server
Tengine
x-cache-remote
HIT
cdn-source
ali
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
x-content-from
netease
cache-control
max-age=86400, max-age=5184000, max-age=5184000
access-control-allow-credentials
false
ali-swift-global-savetime
1723539894
accept-ranges
bytes
timing-allow-origin
*
eagleid
a3b55c9817236463034951000e
expires
Wed, 14 Aug 2024 09:04:54 GMT
2018_404.1260686.min.js
static.ws.126.net/f2e/products/2018_404/
754 B
821 B
Script
General
Full URL
https://static.ws.126.net/f2e/products/2018_404/2018_404.1260686.min.js
Requested by
Host: cf-worker-vless.lau.life
URL: https://cf-worker-vless.lau.life/p/1993c9589a03
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
61b05d9685d0db0ca5ddde3310096e917d05b48f86e417a3732667d253688be2

Request headers

Referer
https://cf-worker-vless.lau.life/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 12:00:45 GMT
via
cache63.l2nu20-8[101,101,304-0,M], cache16.l2nu20-8[103,0], cache23.l2hk2[0,0,304-0,H], cache30.l2hk2[0,0], cache11.l2de2[0,0,200-0,H], cache11.l2de2[0,0], ens-cache13.de5[0,0,200-0,H], ens-cache4.de5[5,0]
content-encoding
gzip
cdn-ip
2404:2280:1cc:0:3::a
age
1996658
x-swift-cachetime
3922401
x-cache
HIT TCP_HIT dirn:11:244492446
cdn-user-ip
2a02:6ea0:c71b:0:1012:e0c:dfd8:4b1c
x-swift-savetime
Tue, 06 Aug 2024 02:27:24 GMT
content-length
429
last-modified
Mon, 08 Oct 2018 04:03:04 GMT
server
Tengine
x-cache-remote
HIT
cdn-source
ali
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-content-from
netease
cache-control
max-age=86400, max-age=5184000, max-age=5184000
access-control-allow-credentials
false
ali-swift-global-savetime
1721649645
timing-allow-origin
*
eagleid
a3b55c9817236463034958995e
expires
Tue, 23 Jul 2024 12:00:45 GMT
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: cf-worker-vless.lau.life
URL: https://cf-worker-vless.lau.life/p/1993c9589a03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
https://cf-worker-vless.lau.life/
Origin
https://cf-worker-vless.lau.life
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 14:38:21 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8b31b0258cc60eb4-AMS
NTM-JKXHFGGT-8.js
static.ws.126.net/163/frontend/antnest/
24 KB
9 KB
Script
General
Full URL
https://static.ws.126.net/163/frontend/antnest/NTM-JKXHFGGT-8.js
Requested by
Host: cf-worker-vless.lau.life
URL: https://cf-worker-vless.lau.life/p/1993c9589a03
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
9657354c3f9f4c22ea67bc9876122cc14e84e2899898a468f007754f8efc7c3c

Request headers

Referer
https://cf-worker-vless.lau.life/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 14:38:24 GMT
via
cache9.l2nu20-8[209,208,304-0,H], cache3.l2nu20-8[211,0], cache12.l2hk2[474,474,304-0,H], cache35.l2hk2[475,0], cache8.l2fr1[789,789,304-0,H], cache4.l2fr1[791,0], ens-cache5.de5[811,811,200-0,H], ens-cache4.de5[983,0]
content-encoding
gzip
x-nos-object-name
163%2Ffrontend%2Fantnest%2FNTM-JKXHFGGT-8.js
x-nos-request-id
45ca39d4-64d2-484d-a83c-1540986683d5
cdn-ip
2404:2280:1cc:0:3::a
age
0
x-swift-cachetime
60
x-cache
HIT TCP_REFRESH_HIT dirn:12:54240610
cdn-user-ip
2a02:6ea0:c71b:0:1012:e0c:dfd8:4b1c
content-disposition
inline; filename="163%2Ffrontend%2Fantnest%2FNTM-JKXHFGGT-8.js"
x-swift-savetime
Wed, 14 Aug 2024 14:38:24 GMT
x-nos-storage-class
STANDARD
content-length
8785
last-modified
Wed, 02 Jan 2019 02:45:16 GMT
server
Tengine
x-cache-remote
HIT
cdn-source
ali
x-nos-requesttype
GetObject
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
ali-swift-global-savetime
1723646304
cache-control
max-age=60
access-control-allow-credentials
false
timing-allow-origin
*
eagleid
a3b55c9817236463035851958e
main.js
cf-worker-vless.lau.life/cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/ Frame 363C
Redirect Chain
  • https://cf-worker-vless.lau.life/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://cf-worker-vless.lau.life/cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/main.js?
8 KB
4 KB
Script
General
Full URL
https://cf-worker-vless.lau.life/cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/main.js?
Requested by
Host: cf-worker-vless.lau.life
URL: https://cf-worker-vless.lau.life/p/1993c9589a03
Protocol
H3
Server
2606:4700:3033::ac43:9b93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60d10695059dded96b46bba3d4a45aa7d016ffe3c72eb069215d4ba4901ebf6f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 14:38:23 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d1AsxxiXQC3aWfvBBt3UD9QQsITGep%2B9u9X5ZJAeDFqBe3lvAZMdR%2BoD8vDKjghTYV6MZqvxO8EbWTEi6TgLQpuufhpiPzb61NT9EwH03pWwjm6RjK2GNUWWwZvaZwytbCkK2i0tU9bcPdfT96rgUj3l6Ivy8%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8b31b035fc30971b-AMS
alt-svc
h3=":443"; ma=86400
priority
u=3,i=?0

Redirect headers

date
Wed, 14 Aug 2024 14:38:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y8V04A41VjXONnoNXpYbWcGKvWdD57JMcZWGEIw3P5JoB%2BALLk2bJDl8RCfy4z7pSNeeWVkoeaQ8rfukbiPtGyZGGe9I5K8zJZ5ry%2BVqcKlEl8gKI6ctb5nzEJP7YgHQuvwve%2BUKrhLpB%2FgMJxt%2Bzb2GDrGp2XU%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/cc21665cd7b9/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8b31b035dc316637-AMS
alt-svc
h3=":443"; ma=86400
content-length
0
8b31b01edaf46637
cf-worker-vless.lau.life/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 363C
0
707 B
XHR
General
Full URL
https://cf-worker-vless.lau.life/cdn-cgi/challenge-platform/h/b/jsd/r/8b31b01edaf46637
Requested by
Host: cf-worker-vless.lau.life
URL: https://cf-worker-vless.lau.life/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9b93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 14 Aug 2024 14:38:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JVD3IRC%2FpX3Y13fGT%2BBZYuxNRupHMRIydtXsQquWguFvz0cNKOlrDf%2FPYL0ofVOm%2FFunspqFhG%2BYmgKPuDFid1bm5eS40J5D%2FaGKkm3zezQKB45nemHeIBjziP7hCltl6NhAub7KQe9AnfGkmhd38mCHExVDdM8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8b31b037bdb7971b-AMS
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=1,i
antanalysis.min.js
static.ws.126.net/163/frontend/libs/
25 KB
10 KB
Script
General
Full URL
https://static.ws.126.net/163/frontend/libs/antanalysis.min.js
Requested by
Host: static.ws.126.net
URL: https://static.ws.126.net/163/frontend/antnest/NTM-JKXHFGGT-8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e10056474b3fd2b8e86a7e43a25ff70f9410ede32ed9573cc0a811cd9c01e988

Request headers

Referer
https://cf-worker-vless.lau.life/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 14:37:28 GMT
via
cache24.l2su121-6[154,56,304-0,C], cache10.l2su121-6[58,0], cache31.l2sg2[0,0,304-0,H], cache22.l2sg2[1,0], cache29.l2fr1[0,0,304-0,H], cache6.l2fr1[1,0], ens-cache5.de5[0,0,200-0,H], ens-cache4.de5[17,0]
content-encoding
gzip
x-nos-object-name
163%2Ffrontend%2Flibs%2Fantanalysis.min.js
x-nos-request-id
97a35cbe-3538-41d2-ad58-1628ecfbb75c
cdn-ip
2404:2280:1cc:0:3::a
age
56
x-swift-cachetime
54
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
cdn-user-ip
2a02:6ea0:c71b:0:1012:e0c:dfd8:4b1c
content-disposition
inline; filename="163%2Ffrontend%2Flibs%2Fantanalysis.min.js"
x-swift-savetime
Wed, 14 Aug 2024 14:37:34 GMT
x-nos-storage-class
STANDARD
content-length
9443
last-modified
Thu, 01 Aug 2024 09:24:34 GMT
server
Tengine
x-cache-remote
HIT
cdn-source
ali
x-nos-requesttype
GetObject
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
ali-swift-global-savetime
1723646248
cache-control
max-age=60
access-control-allow-credentials
false
timing-allow-origin
*
eagleid
a3b55c9817236463046181546e
rum
cf-worker-vless.lau.life/cdn-cgi/
0
147 B
XHR
General
Full URL
https://cf-worker-vless.lau.life/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9b93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cf-worker-vless.lau.life/p/1993c9589a03
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 14 Aug 2024 14:38:24 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://cf-worker-vless.lau.life
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8b31b03c5ac8971b-AMS
favicon.ico
cf-worker-vless.lau.life/
7 KB
3 KB
Other
General
Full URL
https://cf-worker-vless.lau.life/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9b93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07cd869bc2c4d85e1ad8eb4a80ba13d50c7cf5e4029509f2a682b733bfe61deb

Request headers

Referer
https://cf-worker-vless.lau.life/p/1993c9589a03
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 14:38:25 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-lookup
Cache Hit, Cache Miss, Cache Miss, Cache Miss
server-timing
cdn-cache;desc=hit, edge;dur=343
s-req-type
0
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 27 Oct 2021 12:17:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tk3lguZUVzh%2BAT5rAwgo%2F5pfBOVzhBtRWbVsTpaq9Dvir6gQw5Q3jsAxND1NzASL7DZ%2F9Aa5i6lEQDAh4rjzMIVxGCmMlVKBzQ7VmJbWwu8QZcAzQWzRXoBUVImA1tuKeSgL6hrdQ%2FXVrFuISRzV06V%2BIFWd5g4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
x-nws-log-uuid
6502569076602751330
cf-ray
8b31b03c5ac9971b-AMS
priority
u=1,i
s-req-id
1634995076004484346
c
h5.analytics.126.net/news/
0
0

Primary Request /
www.163.com/
516 KB
101 KB
Document
General
Full URL
https://www.163.com/
Requested by
Host: cf-worker-vless.lau.life
URL: https://cf-worker-vless.lau.life/p/1993c9589a03
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.131.215 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
b35a1352773a77e055af88f0dc55afb78e6d6d6fd558b1a9f371dd4c284a8547

Request headers

Referer
https://cf-worker-vless.lau.life/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
9
ali-swift-global-savetime
1723646297
cache-control
no-cache,no-store,private
cdn-ip
163.181.131.215
cdn-source
Ali
cdn-user-ip
138.199.38.132
content-encoding
gzip
content-length
102636
content-type
text/html; charset=utf-8
date
Wed, 14 Aug 2024 14:38:17 GMT
eagleid
a3b5839617236463067563303e
expires
Wed, 14 Aug 2024 14:39:37 GMT
server
Tengine
timing-allow-origin
*
vary
special-area
via
cache36.l2su121-6[214,213,200-0,M], cache9.l2su121-6[215,0], cache1.l2hk2[220,113,200-0,C], cache23.l2hk2[114,0], cache14.l2us1[0,0,200-0,H], cache35.l2us1[1,0], ens-cache4.de7[0,0,200-0,H], ens-cache2.de7[1,0]
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-cache-remote
HIT
x-swift-cachetime
29
x-swift-savetime
Wed, 14 Aug 2024 14:38:18 GMT
head~6f57d52c3da93.css
static.ws.126.net/163/f2e/www/index20170701/css/
134 KB
25 KB
Stylesheet
General
Full URL
https://static.ws.126.net/163/f2e/www/index20170701/css/head~6f57d52c3da93.css
Requested by
Host: www.163.com
URL: https://www.163.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d6c83c8dab97aba6b79f7dacaf265907c65da72136db27812882c160b988f5c1

Request headers

Referer
https://www.163.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 09:45:41 GMT
via
cache5.l2st3-1[269,268,304-0,M], cache37.l2st3-1[270,0], cache11.l2hk2[274,273,304-0,H], cache22.l2hk2[276,0], cache20.l2de2[0,0,200-0,H], cache21.l2de2[0,0], ens-cache3.de5[0,0,200-0,H], ens-cache8.de5[4,0]
content-encoding
gzip
x-nos-object-name
163%2Ff2e%2Fwww%2Findex20170701%2Fcss%2Fhead%7E6f57d52c3da93.css
x-nos-request-id
01018847-d484-4bed-adad-764264676c14
cdn-ip
2404:2280:1cc:0:3::a
age
1313566
x-swift-cachetime
4605494
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
cdn-user-ip
2a02:6ea0:c71b:0:1012:e0c:dfd8:4b1c
content-disposition
inline; filename="163%2Ff2e%2Fwww%2Findex20170701%2Fcss%2Fhead%7E6f57d52c3da93.css"
x-swift-savetime
Tue, 06 Aug 2024 02:27:27 GMT
x-nos-storage-class
STANDARD
content-length
24968
last-modified
Mon, 01 Apr 2024 07:28:24 GMT
server
Tengine
x-cache-remote
HIT
cdn-source
ali
x-nos-requesttype
GetObject
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
ali-swift-global-savetime
1722332741
cache-control
max-age=5184000
access-control-allow-credentials
false
timing-allow-origin
*
eagleid
a3b55c9c17236463070802344e
commonnav_headcss-fad753559b.css
static.ws.126.net/163/f2e/commonnav2019/css/
35 KB
8 KB
Stylesheet
General
Full URL
https://static.ws.126.net/163/f2e/commonnav2019/css/commonnav_headcss-fad753559b.css
Requested by
Host: www.163.com
URL: https://www.163.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
a0358e1c1cae75a9e74141b98119bb3eef54692cc6992bee6c5cdd716bbb7e9a

Request headers

Referer
https://www.163.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 28 Jun 2024 05:14:16 GMT
via
cache35.l2st3-1[425,249,304-0,C], cache16.l2st3-1[251,0], cache32.l2hk2[0,0,304-0,H], cache14.l2hk2[1,0], cache6.l2de2[0,0,200-0,H], cache11.l2de2[1,0], ens-cache10.de5[0,0,200-0,H], ens-cache8.de5[8,0]
content-encoding
gzip
x-nos-object-name
163%2Ff2e%2Fcommonnav2019%2Fcss%2Fcommonnav_headcss-fad753559b.css
x-nos-request-id
8b71369b-5812-425b-a2c7-d366b2d77d2e
cdn-ip
2404:2280:1cc:0:3::a
age
4094651
x-swift-cachetime
1773349
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
cdn-user-ip
2a02:6ea0:c71b:0:1012:e0c:dfd8:4b1c
content-disposition
inline; filename="163%2Ff2e%2Fcommonnav2019%2Fcss%2Fcommonnav_headcss-fad753559b.css"
x-swift-savetime
Tue, 06 Aug 2024 16:38:27 GMT
x-nos-storage-class
STANDARD
content-length
7194
last-modified
Thu, 18 Jan 2024 03:21:36 GMT
server
Tengine
x-cache-remote
HIT
cdn-source
ali
x-nos-requesttype
GetObject
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
ali-swift-global-savetime
1719551656
cache-control
max-age=5184000
access-control-allow-credentials
false
timing-allow-origin
*
eagleid
a3b55c9c17236463070642193e
message.js
urswebzj.nosdn.127.net/webzj_cdn101/
0
0

topapp.jpg
static.ws.126.net/f2e/include/common_nav/images/
16 KB
17 KB
Image
General
Full URL
https://static.ws.126.net/f2e/include/common_nav/images/topapp.jpg
Requested by
Host: www.163.com
URL: https://www.163.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
15aa001f940852a4e77dc62aa85c027dd6abc85da2607da88a541bb4ca6654ec

Request headers

Referer
https://www.163.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 20 Jun 2024 14:02:52 GMT
via
cache60.l2nu20-8[154,153,304-0,M], cache32.l2nu20-8[156,0], cache36.l2hk2[0,0,304-0,H], cache30.l2hk2[1,0], cache17.l2de2[0,0,200-0,H], cache17.l2de2[1,0], ens-cache1.de5[0,0,200-0,H], ens-cache8.de5[9,0]
cdn-ip
2404:2280:1cc:0:3::a
age
4754135
x-swift-cachetime
1165871
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
cdn-user-ip
2a02:6ea0:c71b:0:1012:e0c:dfd8:4b1c
x-swift-savetime
Tue, 06 Aug 2024 02:11:41 GMT
content-length
16814
last-modified
Sat, 19 Dec 2015 06:38:31 GMT
server
Tengine
x-cache-remote
HIT
cdn-source
ali
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-content-from
netease
cache-control
max-age=86400, max-age=5184000, max-age=5184000
access-control-allow-credentials
false
ali-swift-global-savetime
1718892172
accept-ranges
bytes
timing-allow-origin
*
eagleid
a3b55c9c17236463070802364e
expires
Fri, 21 Jun 2024 14:02:52 GMT
commonnav_headjs-b196c5c919.js
static.ws.126.net/163/f2e/commonnav2019/js/
28 KB
11 KB
Script
General
Full URL
https://static.ws.126.net/163/f2e/commonnav2019/js/commonnav_headjs-b196c5c919.js
Requested by
Host: www.163.com
URL: https://www.163.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
a8b6e5a867578c246efc75d5ec938b456adeea00be0278cdae8fa706704108cd

Request headers

Referer
https://www.163.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 03:41:18 GMT
content-encoding
gzip
via
cache14.l2nu20-8[254,254,200-0,M], cache56.l2nu20-8[255,0], cache12.l2hk2[0,0,200-0,H], cache3.l2hk2[1,0], cache16.l2de2[0,4,200-0,H], cache9.l2de2[5,0], ens-cache5.de5[0,0,200-0,H], ens-cache8.de5[4,0]
x-nos-object-name
163%2Ff2e%2Fcommonnav2019%2Fjs%2Fcommonnav_headjs-b196c5c919.js
x-nos-request-id
bd6a26d8-3dd3-4493-abee-8963c820f803
cdn-ip
2404:2280:1cc:0:3::a
age
2545029
x-swift-cachetime
3322971
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
cdn-user-ip
2a02:6ea0:c71b:0:1012:e0c:dfd8:4b1c
content-disposition
inline; filename="163%2Ff2e%2Fcommonnav2019%2Fjs%2Fcommonnav_headjs-b196c5c919.js"
x-swift-savetime
Tue, 06 Aug 2024 16:38:27 GMT
x-nos-storage-class
STANDARD
content-length
10857
last-modified
Thu, 04 Jul 2024 03:30:10 GMT
server
Tengine
x-cache-remote
HIT
cdn-source
ali
x-nos-requesttype
GetObject
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
ali-swift-global-savetime
1721101278
cache-control
max-age=5184000
access-control-allow-credentials
false
timing-allow-origin
*
eagleid
a3b55c9c17236463070802356e
/
nimg.ws.126.net/
0
0

/
nimg.ws.126.net/
0
0

/
nimg.ws.126.net/
0
0

/
nimg.ws.126.net/
0
0

/
nimg.ws.126.net/
0
0

/
nimg.ws.126.net/
0
0

/
nimg.ws.126.net/
0
0

/
nimg.ws.126.net/
0
0

/
nimg.ws.126.net/
0
0

/
nimg.ws.126.net/
0
0

/
nimg.ws.126.net/
0
0

adtracker2022.bd7afba2.js
static.ws.126.net/163/f2e/modules/adtracker2022/
32 KB
11 KB
Script
General
Full URL
https://static.ws.126.net/163/f2e/modules/adtracker2022/adtracker2022.bd7afba2.js
Requested by
Host: www.163.com
URL: https://www.163.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
a204b24c6d67e5da9680b43a645040dd52f960a04d1b907cfd9d85bbfcf6f63f

Request headers

Referer
https://www.163.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 25 Jun 2024 14:46:15 GMT
via
cache46.l2st3-1[0,0,304-0,H], cache24.l2st3-1[0,0], cache23.l2hk2[0,0,200-0,H], cache23.l2hk2[1,0], cache10.l2de2[188,187,200-0,M], cache8.l2de2[189,0], ens-cache15.de5[0,0,200-0,H], ens-cache8.de5[2,0]
content-encoding
gzip
x-nos-object-name
163%2Ff2e%2Fmodules%2Fadtracker2022%2Fadtracker2022.bd7afba2.js
x-nos-request-id
7256e8ca-16cd-4b30-8f47-0b17cc2b6134
cdn-ip
2404:2280:1cc:0:3::a
age
4319532
x-swift-cachetime
1599528
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
cdn-user-ip
2a02:6ea0:c71b:0:1012:e0c:dfd8:4b1c
content-disposition
inline; filename="163%2Ff2e%2Fmodules%2Fadtracker2022%2Fadtracker2022.bd7afba2.js"
x-swift-savetime
Tue, 06 Aug 2024 02:27:27 GMT
x-nos-storage-class
STANDARD
content-length
10884
last-modified
Thu, 16 Nov 2023 02:28:41 GMT
server
Tengine
x-cache-remote
HIT
cdn-source
ali
x-nos-requesttype
GetObject
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
ali-swift-global-savetime
1719326775
cache-control
max-age=5184000
access-control-allow-credentials
false
timing-allow-origin
*
eagleid
a3b55c9c17236463070842371e
antanalysis.min.js
static.ws.126.net/163/frontend/libs/
25 KB
10 KB
Script
General
Full URL
https://static.ws.126.net/163/frontend/libs/antanalysis.min.js
Requested by
Host: www.163.com
URL: https://www.163.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e10056474b3fd2b8e86a7e43a25ff70f9410ede32ed9573cc0a811cd9c01e988

Request headers

Referer
https://www.163.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 14:37:28 GMT
via
cache24.l2su121-6[154,56,304-0,C], cache10.l2su121-6[58,0], cache31.l2sg2[0,0,304-0,H], cache22.l2sg2[1,0], cache29.l2fr1[0,0,304-0,H], cache6.l2fr1[1,0], ens-cache5.de5[0,0,200-0,H], ens-cache8.de5[4,0]
content-encoding
gzip
x-nos-object-name
163%2Ffrontend%2Flibs%2Fantanalysis.min.js
x-nos-request-id
97a35cbe-3538-41d2-ad58-1628ecfbb75c
cdn-ip
2404:2280:1cc:0:3::a
age
59
x-swift-cachetime
54
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
cdn-user-ip
2a02:6ea0:c71b:0:1012:e0c:dfd8:4b1c
content-disposition
inline; filename="163%2Ffrontend%2Flibs%2Fantanalysis.min.js"
x-swift-savetime
Wed, 14 Aug 2024 14:37:34 GMT
x-nos-storage-class
STANDARD
content-length
9443
last-modified
Thu, 01 Aug 2024 09:24:34 GMT
server
Tengine
x-cache-remote
HIT
cdn-source
ali
x-nos-requesttype
GetObject
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
ali-swift-global-savetime
1723646248
cache-control
max-age=60
access-control-allow-credentials
false
timing-allow-origin
*
eagleid
a3b55c9c17236463070802350e
NTM-KFGT6I8U-30.js
static.ws.126.net/163/frontend/antnest/
33 KB
11 KB
Script
General
Full URL
https://static.ws.126.net/163/frontend/antnest/NTM-KFGT6I8U-30.js?0706
Requested by
Host: www.163.com
URL: https://www.163.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
3cac48ab022ffe5508cf5e003ee7e77239fbf0e9208028aa97bcbf8ba18b2441

Request headers

Referer
https://www.163.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 14 Aug 2024 14:38:24 GMT
via
cache36.l2nu20-8[163,163,304-0,H], cache24.l2nu20-8[164,0], cache11.l2hk2[0,0,304-0,H], cache12.l2hk2[1,0], cache13.l2fr1[310,309,304-0,H], cache4.l2fr1[311,0], ens-cache16.de5[328,328,200-0,H], ens-cache8.de5[331,0]
content-encoding
gzip
x-nos-object-name
163%2Ffrontend%2Fantnest%2FNTM-KFGT6I8U-30.js
x-nos-request-id
165c263e-a844-40b3-88dd-e722457f101b
cdn-ip
2404:2280:1cc:0:3::a
age
3
x-swift-cachetime
57
x-cache
HIT TCP_REFRESH_HIT dirn:-2:-2
cdn-user-ip
2a02:6ea0:c71b:0:1012:e0c:dfd8:4b1c
content-disposition
inline; filename="163%2Ffrontend%2Fantnest%2FNTM-KFGT6I8U-30.js"
x-swift-savetime
Wed, 14 Aug 2024 14:38:27 GMT
x-nos-storage-class
STANDARD
content-length
10429
last-modified
Mon, 04 Jul 2022 06:27:17 GMT
server
Tengine
x-cache-remote
HIT
cdn-source
ali
x-nos-requesttype
GetObject
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
ali-swift-global-savetime
1723646304
cache-control
max-age=60
access-control-allow-credentials
false
timing-allow-origin
*
eagleid
a3b55c9c17236463071732935e
foot~bb6eb2bffe4be.js
static.ws.126.net/163/f2e/www/index20170701/js/
146 KB
48 KB
Script
General
Full URL
https://static.ws.126.net/163/f2e/www/index20170701/js/foot~bb6eb2bffe4be.js
Requested by
Host: www.163.com
URL: https://www.163.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
f8c864937a01df52fd1c0cdfe317bbead19b128408b25b1465b0a8db15606f2c

Request headers

Referer
https://www.163.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 08:46:54 GMT
via
cache27.l2st3-1[0,0,304-0,H], cache19.l2st3-1[2,0], cache22.l2hk2[5,5,304-0,H], cache33.l2hk2[7,0], cache4.l2de2[0,10,200-0,H], cache12.l2de2[12,0], ens-cache10.de5[0,0,200-0,H], ens-cache8.de5[3,0]
content-encoding
gzip
x-nos-object-name
163%2Ff2e%2Fwww%2Findex20170701%2Fjs%2Ffoot%7Ebb6eb2bffe4be.js
x-nos-request-id
77c19c86-0993-4d90-80c2-8ec29b28b6cb
cdn-ip
2404:2280:1cc:0:3::a
age
1576293
x-swift-cachetime
4342767
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
cdn-user-ip
2a02:6ea0:c71b:0:1012:e0c:dfd8:4b1c
content-disposition
inline; filename="163%2Ff2e%2Fwww%2Findex20170701%2Fjs%2Ffoot%7Ebb6eb2bffe4be.js"
x-swift-savetime
Tue, 06 Aug 2024 02:27:27 GMT
x-nos-storage-class
STANDARD
content-length
48121
last-modified
Thu, 16 May 2024 08:45:01 GMT
server
Tengine
x-cache-remote
HIT
cdn-source
ali
x-nos-requesttype
GetObject
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
ali-swift-global-savetime
1722070014
cache-control
max-age=5184000
access-control-allow-credentials
false
timing-allow-origin
*
eagleid
a3b55c9c17236463071732944e
search2022.cdbc9331.js
static.ws.126.net/163/f2e/modules/search2022/
69 KB
22 KB
Script
General
Full URL
https://static.ws.126.net/163/f2e/modules/search2022/search2022.cdbc9331.js
Requested by
Host: www.163.com
URL: https://www.163.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d007fcc7b27488a33c16cb87deb338d29e6354639556efc9da1fbd9288890ca9

Request headers

Referer
https://www.163.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 19 Jun 2024 22:17:08 GMT
via
cache8.l2nu20-8[310,310,304-0,M], cache45.l2nu20-8[312,0], cache1.l2hk2[0,0,200-0,H], cache17.l2hk2[1,0], cache5.l2de2[0,0,200-0,H], cache19.l2de2[1,0], ens-cache11.de5[0,0,200-0,H], ens-cache8.de5[4,0]
content-encoding
gzip
x-nos-object-name
163%2Ff2e%2Fmodules%2Fsearch2022%2Fsearch2022.cdbc9331.js
x-nos-request-id
000eb1a7-e983-4188-9c7c-080d551f6015
cdn-ip
2404:2280:1cc:0:3::a
age
4810879
x-swift-cachetime
1057121
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
cdn-user-ip
2a02:6ea0:c71b:0:1012:e0c:dfd8:4b1c
content-disposition
inline; filename="163%2Ff2e%2Fmodules%2Fsearch2022%2Fsearch2022.cdbc9331.js"
x-swift-savetime
Tue, 06 Aug 2024 16:38:27 GMT
x-nos-storage-class
STANDARD
content-length
22294
last-modified
Wed, 13 Apr 2022 01:57:08 GMT
server
Tengine
x-cache-remote
HIT
cdn-source
ali
x-nos-requesttype
GetObject
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
ali-swift-global-savetime
1718835428
cache-control
max-age=5184000
access-control-allow-credentials
false
timing-allow-origin
*
eagleid
a3b55c9c17236463071762961e
aria.js
static.ws.126.net/163/f2e/common/wza230620/
342 KB
100 KB
Script
General
Full URL
https://static.ws.126.net/163/f2e/common/wza230620/aria.js?appid=a6655141bab6921b58446b4b806b9fbf
Requested by
Host: www.163.com
URL: https://www.163.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
74176684588ed726e45699f714ad4afa04ef48cb2c4652bfb506d0a4ac538aec

Request headers

Referer
https://www.163.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 03 Jul 2024 04:07:04 GMT
content-encoding
gzip
via
cache51.l2nu20-8[312,312,200-0,M], cache23.l2nu20-8[313,0], cache31.l2hk2[0,0,200-0,H], cache35.l2hk2[1,0], cache17.l2de2[0,0,200-0,H], cache9.l2de2[1,0], ens-cache3.de5[0,0,200-0,H], ens-cache8.de5[5,0]
x-nos-object-name
163%2Ff2e%2Fcommon%2Fwza230620%2Faria.js
x-nos-request-id
42da4096-9615-4d8e-8212-4c7a78916831
cdn-ip
2404:2280:1cc:0:3::a
age
3666683
x-swift-cachetime
2201317
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
cdn-user-ip
2a02:6ea0:c71b:0:1012:e0c:dfd8:4b1c
content-disposition
inline; filename="163%2Ff2e%2Fcommon%2Fwza230620%2Faria.js"
x-swift-savetime
Tue, 06 Aug 2024 16:38:27 GMT
x-nos-storage-class
STANDARD
content-length
102176
last-modified
Tue, 20 Jun 2023 09:15:51 GMT
server
Tengine
x-cache-remote
HIT
cdn-source
ali
x-nos-requesttype
GetObject
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
ali-swift-global-savetime
1719979624
cache-control
max-age=5184000
access-control-allow-credentials
false
timing-allow-origin
*
eagleid
a3b55c9c17236463071752947e

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
h5.analytics.126.net
URL
https://h5.analytics.126.net/news/c?%7B%22val_nm%22%3A%22c-ntm%22%2C%22val_act%22%3A%22pageview%22%2C%22projectid%22%3A%22NTM-JKXHFGGT-8%22%2C%22sdk_ver%22%3A%222.2.0%22%2C%22session_id%22%3A1723646305023%2C%22ct%22%3A%22%22%2C%22source%22%3A%22other%22%2C%22uuid%22%3A%22027413021ae781d08f0d4087b29e3383%22%2C%22channel%22%3A%22%22%2C%22val_url%22%3A%22https%3A%2F%2Fcf-worker-vless.lau.life%2Fp%2F1993c9589a03%22%2C%22uid%22%3A%22%22%2C%22uname%22%3A%22%22%2C%22val_ref%22%3A%22%22%2C%22val_ref_from%22%3A%22%22%2C%22origin_from%22%3A%22%22%2C%22sc%22%3A%221600*1200%22%2C%22info%22%3A%7B%22spstitle%22%3A%22%E7%BD%91%E6%98%93-404%22%2C%22spssid%22%3A%22%22%2C%22spsw%22%3A0%2C%22ptime%22%3A%22%22%7D%2C%22tm%22%3A1723646305023%7D
Domain
urswebzj.nosdn.127.net
URL
https://urswebzj.nosdn.127.net/webzj_cdn101/message.js
Domain
nimg.ws.126.net
URL
https://nimg.ws.126.net/?url=http%3A%2F%2Fcms-bucket.ws.126.net%2F2024%2F0814%2F7089c32ap00si79yd00kkc000ak0057c.png&thumbnail=453y225&quality=100&type=jpg
Domain
nimg.ws.126.net
URL
https://nimg.ws.126.net/?url=http%3A%2F%2Fcms-bucket.ws.126.net%2F2024%2F0814%2F89505c06p00si79yx001oc000550038c.png&thumbnail=185y116&quality=100&type=jpg
Domain
nimg.ws.126.net
URL
https://nimg.ws.126.net/?url=http%3A%2F%2Fcms-bucket.ws.126.net%2F2024%2F0814%2Ff4b5d4c8j00si6t8u01oxc000550038c.jpg&thumbnail=185y116&quality=100&type=jpg
Domain
nimg.ws.126.net
URL
https://nimg.ws.126.net/?url=http%3A%2F%2Fcms-bucket.ws.126.net%2F2024%2F0314%2F68b5128fj00sabxoq0004c0005k003hc.jpg&thumbnail=200y125&quality=100&type=jpg
Domain
nimg.ws.126.net
URL
https://nimg.ws.126.net/?url=http%3A%2F%2Fcms-bucket.ws.126.net%2F2024%2F0314%2F6f067a8ej00sabxly0008c0005k003hc.jpg&thumbnail=200y125&quality=100&type=jpg
Domain
nimg.ws.126.net
URL
https://nimg.ws.126.net/?url=http%3A%2F%2Fvideoimg.ws.126.net%2Fcover%2F20240814%2FZyqQRoDx3_cover.jpg&thumbnail=380y184&quality=100&type=jpg
Domain
nimg.ws.126.net
URL
https://nimg.ws.126.net/?url=http%3A%2F%2Fvideoimg.ws.126.net%2Fcover%2F20240814%2FZyqQRoDx3_cover.jpg&thumbnail=198y112&quality=100&type=jpg
Domain
nimg.ws.126.net
URL
https://nimg.ws.126.net/?url=http%3A%2F%2Fcms-bucket.ws.126.net%2F2024%2F0814%2Faa96123fp00si6tdm007ac0009c0070c.png&thumbnail=185y116&quality=100&type=jpg
Domain
nimg.ws.126.net
URL
https://nimg.ws.126.net/?url=http%3A%2F%2Fcms-bucket.ws.126.net%2F2024%2F0814%2F73dd7969p00si6tes00ctc0009c0070c.png&thumbnail=185y116&quality=100&type=jpg
Domain
nimg.ws.126.net
URL
https://nimg.ws.126.net/?url=https%3A%2F%2Fhouse-public.ws.126.net%2Fhouse-public%2Fhome_5e11181dc70d1387dd98b86587e604a4.jpeg&thumbnail=185y116&quality=100&type=jpg
Domain
nimg.ws.126.net
URL
https://nimg.ws.126.net/?url=https%3A%2F%2Fhouse-public.ws.126.net%2Fhouse-public%2Fhome_0a7c618c1331306f6ba752fff29cf1ad.jpeg&thumbnail=185y116&quality=100&type=jpg

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| wljd_arr boolean| isExposure boolean| neteaseBgFestival object| curTime object| startTime object| endTime object| js_index2017_wrap number| winWidth

2 Cookies

Domain/Path Name / Value
.lau.life/ Name: cf_clearance
Value: o4uObiB4n0IemY5kint31aWqhfE8waRvQ7BtIbdapQ4-1723646303-1.0.1.1-a_KPEyc1Z0P8axAzdUGXcv_H5KcTXzpX6ViqT5evjsmAOhCthe3CULaBYQZHp8BhJuNtWQhCgLVheR184_52mA
cf-worker-vless.lau.life/ Name: _antanalysis_s_id
Value: 1723646305023

3 Console Messages

Source Level URL
Text
network error URL: https://cf-worker-vless.lau.life/p/1993c9589a03
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://cf-worker-vless.lau.life/p/1993c9589a03
Message:
Mixed Content: The page at 'https://cf-worker-vless.lau.life/p/1993c9589a03' was loaded over HTTPS, but requested an insecure element 'http://static.ws.126.net/f2e/products/2018_404/images/404.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://cf-worker-vless.lau.life/p/1993c9589a03(Line 25)
Message:
Mixed Content: The page at 'https://cf-worker-vless.lau.life/p/1993c9589a03' was loaded over HTTPS, but requested an insecure element 'http://static.ws.126.net/f2e/products/2018_404/images/404.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cf-worker-vless.lau.life
h5.analytics.126.net
nimg.ws.126.net
static.cloudflareinsights.com
static.ws.126.net
urswebzj.nosdn.127.net
www.163.com
h5.analytics.126.net
nimg.ws.126.net
urswebzj.nosdn.127.net
163.181.131.215
2404:2280:1cc:0:3::a
2606:4700:3033::ac43:9b93
2606:4700::6810:4f49
07cd869bc2c4d85e1ad8eb4a80ba13d50c7cf5e4029509f2a682b733bfe61deb
0eef48dd5399f3713f1ad28158e6301ac14d94053757c245461ec10d707dfe4e
124f417c220b961ce37ceca9474ca6a7d5ed96790fc2f518d1d036d860fea3cd
15aa001f940852a4e77dc62aa85c027dd6abc85da2607da88a541bb4ca6654ec
3cac48ab022ffe5508cf5e003ee7e77239fbf0e9208028aa97bcbf8ba18b2441
60d10695059dded96b46bba3d4a45aa7d016ffe3c72eb069215d4ba4901ebf6f
61b05d9685d0db0ca5ddde3310096e917d05b48f86e417a3732667d253688be2
70c7a55c6efca2f13d9f1b370b6662f59c9d91895a7a33016f09344b07f61efa
74176684588ed726e45699f714ad4afa04ef48cb2c4652bfb506d0a4ac538aec
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
9657354c3f9f4c22ea67bc9876122cc14e84e2899898a468f007754f8efc7c3c
a0358e1c1cae75a9e74141b98119bb3eef54692cc6992bee6c5cdd716bbb7e9a
a204b24c6d67e5da9680b43a645040dd52f960a04d1b907cfd9d85bbfcf6f63f
a8b6e5a867578c246efc75d5ec938b456adeea00be0278cdae8fa706704108cd
b35a1352773a77e055af88f0dc55afb78e6d6d6fd558b1a9f371dd4c284a8547
d007fcc7b27488a33c16cb87deb338d29e6354639556efc9da1fbd9288890ca9
d6c83c8dab97aba6b79f7dacaf265907c65da72136db27812882c160b988f5c1
e10056474b3fd2b8e86a7e43a25ff70f9410ede32ed9573cc0a811cd9c01e988
e11bc04b34d639d82bd9133fc5f28f04acfb0ccd559e0d721b31dc45f81d8199
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8c864937a01df52fd1c0cdfe317bbead19b128408b25b1465b0a8db15606f2c