ct-if.xyz Open in urlscan Pro
13.248.203.177 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wausauultimate.com/
Effective URL:
https://ct-if.xyz/?zqll
Submission: On April 16 via api (April 16th 2023, 7:30:00 pm UTC) from US — Scanned from DE

Summary HTTP 34 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 34 HTTP transactions. The main IP is 13.248.203.177, located in United States and belongs to AMAZON-02, US. The main domain is ct-if.xyz.
TLS certificate: Issued by R3 on March 18th 2023. Valid for: 3 months.

This is the only time ct-if.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	107.149.14.164 107.149.14.164	54600 (PEGTECHINC) (PEGTECHINC)
3	34.92.237.129 34.92.237.129	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	47.253.50.2 47.253.50.2	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	103.143.19.103 103.143.19.103	134760 (CHINANET-...) (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network)
1	13.248.203.177 13.248.203.177	16509 (AMAZON-02) (AMAZON-02)
13	23.90.149.106 23.90.149.106	() ()
5	90.84.161.22 90.84.161.22	() ()
34	8

1 107.149.14.164 (United States)

ASN54600 (PEGTECHINC, US)

wausauultimate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.92.237.129 (Central, Hong Kong)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 129.237.92.34.bc.googleusercontent.com

www.krqfypj1kcm3l.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.253.50.2 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.143.19.103 (China)

ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN)

collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.203.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac1ad89cbd4d25254.awsglobalaccelerator.com

ct-if.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 23.90.149.106 (None, )

ASN- ()

io1.zjhxpnk.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
io4.zjhxpnk.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 90.84.161.22 (None, )

ASN- ()

io2.zjhxpnk.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	zjhxpnk.cn io1.zjhxpnk.cn io3.zjhxpnk.cn Failed io4.zjhxpnk.cn io2.zjhxpnk.cn	135 KB
3	krqfypj1kcm3l.com www.krqfypj1kcm3l.com	3 KB
2	51.la sdk.51.la — Cisco Umbrella Rank: 54552 collect-v6.51.la — Cisco Umbrella Rank: 49718	13 KB
1	ct-if.xyz ct-if.xyz	2 KB
1	wausauultimate.com wausauultimate.com	456 B
0	jsezjpy.cn Failed io3.c.jsezjpy.cn Failed
0	baidu.com Failed hm.baidu.com Failed
34	7

	Domain	Requested by
7	io4.zjhxpnk.cn	ct-if.xyz
6	io1.zjhxpnk.cn	ct-if.xyz
5	io2.zjhxpnk.cn	ct-if.xyz
3	www.krqfypj1kcm3l.com	wausauultimate.com www.krqfypj1kcm3l.com
1	ct-if.xyz	wausauultimate.com
1	collect-v6.51.la	sdk.51.la
1	sdk.51.la	www.krqfypj1kcm3l.com
1	wausauultimate.com
0	io3.c.jsezjpy.cn Failed	io1.zjhxpnk.cn
0	hm.baidu.com Failed	ct-if.xyz
0	io3.zjhxpnk.cn Failed	ct-if.xyz
34	11

This site contains no links.

Subject Issuer	Validity	Valid
ct-l8.xyz R3	`2023-03-18` - `2023-06-16`	3 months	crt.sh
zjhxpnk.cn R3	`2023-04-06` - `2023-07-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ct-if.xyz/?zqll
Frame ID: 67D34F930D852F23B2AFDD21CC4CB7B4
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://wausauultimate.com/ Page URL
http://www.krqfypj1kcm3l.com:7777/?2023_403 Page URL
https://ct-if.xyz/?zqll Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

56 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

8
IPs

3
Countries

153 kB
Transfer

1450 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wausauultimate.com/ Page URL
http://www.krqfypj1kcm3l.com:7777/?2023_403 Page URL
https://ct-if.xyz/?zqll Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
wausauultimate.com/ 625 B
456 B 857ms
189ms Document
text/html 107.149.14.164
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://wausauultimate.com/
Protocol: HTTP/1.1
Server: 107.149.14.164 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 30ed5738bc07de3fff0b903453d882c59fe741a1a4fd826d0d12d2bcd00f7b1a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 16 Apr 2023 19:29:49 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK 22.js Show response
www.krqfypj1kcm3l.com/tj/ 136 B
449 B 3849ms
1763ms Script
application/javascript 34.92.237.129
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.krqfypj1kcm3l.com:7777/tj/22.js
Requested by: Host: wausauultimate.com
URL: http://wausauultimate.com/
Protocol: HTTP/1.1
Server: 34.92.237.129 Central, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 129.237.92.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a9f8490dd21b53ae4477fdd631c4f6868c543345474cd280a68f6f572f24a3ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://wausauultimate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sun, 16 Apr 2023 19:29:52 GMT
Last-Modified: Fri, 14 Apr 2023 11:56:20 GMT
Server: nginx
ETag: "64393f64-88"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 136
Expires: Mon, 17 Apr 2023 07:29:52 GMT

GET
H/1.1 200
OK 11.js
www.krqfypj1kcm3l.com/tj/ 67 B
379 B 583ms
583ms Script
application/javascript 34.92.237.129
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.krqfypj1kcm3l.com:7777/tj/11.js
Requested by: Host: www.krqfypj1kcm3l.com
URL: http://www.krqfypj1kcm3l.com:7777/tj/22.js
Protocol: HTTP/1.1
Server: 34.92.237.129 Central, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 129.237.92.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: http://wausauultimate.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sun, 16 Apr 2023 19:29:53 GMT
Last-Modified: Sun, 16 Apr 2023 04:29:39 GMT
Server: nginx
ETag: "643b79b3-43"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67
Expires: Mon, 17 Apr 2023 07:29:53 GMT

GET
H/1.1 200
OK / Show response
www.krqfypj1kcm3l.com/ 3 KB
2 KB 584ms
583ms Document
text/html 34.92.237.129
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.krqfypj1kcm3l.com:7777/?2023_403
Requested by: Host: www.krqfypj1kcm3l.com
URL: http://www.krqfypj1kcm3l.com:7777/tj/11.js
Protocol: HTTP/1.1
Server: 34.92.237.129 Central, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 129.237.92.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8795b1fba6c36437c39de35fb600e9525a64ae7ca72e48d0a72dbe0e9736a3cc

Request headers

Referer: http://wausauultimate.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 16 Apr 2023 19:29:54 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 379ms
126ms Script
application/javascript 47.253.50.2
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: http://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: www.krqfypj1kcm3l.com
URL: http://www.krqfypj1kcm3l.com:7777/?2023_403
Protocol: HTTP/1.1
Server: 47.253.50.2 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: openresty /
Resource Hash: d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.krqfypj1kcm3l.com:7777/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sun, 16 Apr 2023 19:29:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 04:34:55 GMT
Server: openresty
ETag: W/"63bceaef-861a"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=1296000
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H/1.1 200 collect Show response
collect-v6.51.la/v6/ 0
408 B 929ms
256ms XHR
text/plain 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to

Full URL: http://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: http://sdk.51.la/js-sdk-pro.min.js
Protocol: HTTP/1.1
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.krqfypj1kcm3l.com:7777/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://www.krqfypj1kcm3l.com:7777
Date: Sun, 16 Apr 2023 19:29:56 GMT
Access-Control-Allow-Credentials: true
Server: CloudWAF
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 Primary Request / Show response
ct-if.xyz/ 4 KB
2 KB 788ms
260ms Document
text/html 13.248.203.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ct-if.xyz/?zqll

Requested by

Host: wausauultimate.com
URL: http://wausauultimate.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

13.248.203.177 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ac1ad89cbd4d25254.awsglobalaccelerator.com

Software

nginx /

Resource Hash

1ab6f60e509a97fe6073b917e6353476b0cb0581041b65d4195f41e204cdb748

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://www.krqfypj1kcm3l.com:7777/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 16 Apr 2023 19:29:57 GMT
server: nginx
strict-transport-security: max-age=15768000
vary: Accept-Encoding

GET
H/1.1 200
OK lazysizes-umd.min.js Show response
io1.zjhxpnk.cn/static/label/ 8 KB
4 KB 2069ms
43ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.zjhxpnk.cn/static/label/lazysizes-umd.min.js

Requested by

Host: ct-if.xyz
URL: https://ct-if.xyz/?zqll

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ct-if.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

nginx-hit: 1
Date: Sun, 16 Apr 2023 19:29:59 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-CCDN-CacheTTL: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE1[4],EU-GER-frankfurt-EDGE4-CACHE2[0,TCP_HIT,3],EU-GER-frankfurt-GLOBAL1-CACHE2[3],EU-GER-frankfurt-GLOBAL1-CACHE14[0,TCP_HIT,2]
Age: 145986
Connection: keep-alive
Content-Length: 3496
Last-Modified: Mon, 27 Feb 2023 07:12:00 GMT
Server: openresty
ETag: W/"63fc57c0-1ee0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-CCDN-Expires: 2446014
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
Expires: Fri, 14 Apr 2023 14:49:31 GMT

GET
H/1.1 200
OK label-com3.js Show response
io1.zjhxpnk.cn/static/label/ 5 KB
3 KB 2068ms
42ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.zjhxpnk.cn/static/label/label-com3.js

Requested by

Host: ct-if.xyz
URL: https://ct-if.xyz/?zqll

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

3424fa37407f5d90f134f65f3a65026582ee0e392f04f1ac4aca6463117812fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ct-if.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

nginx-hit: 1
Date: Sun, 16 Apr 2023 19:29:59 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-CCDN-CacheTTL: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE2[3],EU-GER-frankfurt-EDGE4-CACHE1[0,TCP_HIT,2],EU-GER-frankfurt-GLOBAL1-CACHE2[3],EU-GER-frankfurt-GLOBAL1-CACHE1[0,TCP_HIT,1]
Age: 82714
Connection: keep-alive
Content-Length: 2010
Last-Modified: Mon, 27 Feb 2023 07:12:00 GMT
Server: openresty
ETag: W/"63fc57c0-15b5"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-CCDN-Expires: 2509286
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
Expires: Fri, 14 Apr 2023 14:49:31 GMT

GET
H/1.1 200
OK ls.unveilhooks.min.js Show response
io1.zjhxpnk.cn/static/label/ 2 KB
2 KB 2071ms
45ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.zjhxpnk.cn/static/label/ls.unveilhooks.min.js

Requested by

Host: ct-if.xyz
URL: https://ct-if.xyz/?zqll

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ct-if.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

nginx-hit: 1
Date: Sun, 16 Apr 2023 19:29:59 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-CCDN-CacheTTL: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE1[3],EU-GER-frankfurt-EDGE4-CACHE1[0,TCP_HIT,3],EU-GER-frankfurt-GLOBAL1-CACHE5[2],EU-GER-frankfurt-GLOBAL1-CACHE11[0,TCP_HIT,2]
Age: 82714
Connection: keep-alive
Content-Length: 828
Last-Modified: Mon, 27 Feb 2023 07:12:00 GMT
Server: openresty
ETag: W/"63fc57c0-750"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-CCDN-Expires: 2509286
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
Expires: Fri, 14 Apr 2023 14:49:31 GMT

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
io1.zjhxpnk.cn/static/label/ 91 KB
33 KB 2070ms
44ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.zjhxpnk.cn/static/label/jquery-1.10.2.min.js

Requested by

Host: ct-if.xyz
URL: https://ct-if.xyz/?zqll

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ct-if.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

nginx-hit: 1
Date: Sun, 16 Apr 2023 19:29:59 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-CCDN-CacheTTL: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE2[4],EU-GER-frankfurt-EDGE4-CACHE1[0,TCP_HIT,3],EU-GER-frankfurt-GLOBAL1-CACHE8[14],EU-GER-frankfurt-GLOBAL1-CACHE4[0,TCP_HIT,11]
Age: 133573
Connection: keep-alive
Content-Length: 32785
Last-Modified: Mon, 27 Feb 2023 07:12:00 GMT
Server: openresty
ETag: W/"63fc57c0-16bac"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-CCDN-Expires: 2458427
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
Expires: Fri, 14 Apr 2023 14:49:31 GMT

GET bbcd1003fb2653bd.js
io3.zjhxpnk.cn/upload/script/04/ 0
0

GET
H/1.1 200
OK e9f10fed7601d8f0.js Show response
io4.zjhxpnk.cn/upload/script/04/ 47 KB
5 KB 2072ms
47ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io4.zjhxpnk.cn/upload/script/04/e9f10fed7601d8f0.js

Requested by

Host: ct-if.xyz
URL: https://ct-if.xyz/?zqll

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

caf0707b23f4b10a5336d9cdc0aecbb83c48d333d17f5fc1648a0483d3edbaba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ct-if.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

nginx-hit: 1
Date: Sun, 16 Apr 2023 19:29:59 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-CCDN-CacheTTL: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE2[6],EU-GER-frankfurt-EDGE4-CACHE1[0,TCP_HIT,5],EU-GER-frankfurt-GLOBAL1-CACHE7[508],EU-GER-frankfurt-GLOBAL1-CACHE10[503,TCP_MISS,506],EU-GER-frankfurt-GLOBAL1-CACHE10[502,TCP_MISS,504]
Age: 11470
Connection: keep-alive
Content-Length: 4670
Last-Modified: Sun, 16 Apr 2023 16:07:57 GMT
Server: openresty
ETag: W/"643c1d5d-bc1c"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-CCDN-Expires: 2580530
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
Expires: Sun, 23 Apr 2023 16:18:49 GMT

GET
H/1.1 200
OK 88943fc23a4bfc75.js Show response
io4.zjhxpnk.cn/upload/script/04/ 320 KB
15 KB 2088ms
62ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io4.zjhxpnk.cn/upload/script/04/88943fc23a4bfc75.js

Requested by

Host: ct-if.xyz
URL: https://ct-if.xyz/?zqll

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

e132fc9bb5e7732a9b28b75a9bf15925ce3b018c97e865567d7ca1392337ac00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ct-if.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sun, 16 Apr 2023 19:29:59 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-CCDN-CacheTTL: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE1[23],EU-GER-frankfurt-EDGE4-CACHE1[17,TCP_MISS,21],EU-GER-frankfurt-GLOBAL1-CACHE8[16],EU-GER-frankfurt-GLOBAL1-CACHE4[0,TCP_HIT,12]
Age: 1
Connection: keep-alive
Content-Length: 14707
Last-Modified: Sun, 16 Apr 2023 19:06:44 GMT
Server: openresty
ETag: W/"643c4744-50128"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-CCDN-Expires: 2590825
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
Expires: Sun, 23 Apr 2023 19:10:24 GMT

GET e19f7195ddfd20be.js
io3.zjhxpnk.cn/upload/script/04/ 0
0

GET
H/1.1 200
OK 67b22a5fc1c0cf9b.js Show response
io4.zjhxpnk.cn/upload/script/04/ 237 KB
13 KB 2084ms
59ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io4.zjhxpnk.cn/upload/script/04/67b22a5fc1c0cf9b.js

Requested by

Host: ct-if.xyz
URL: https://ct-if.xyz/?zqll

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

3c8a992f0d79fbe12c5bd30be597755aaa6fca2073805ef0290fbf1ab6d3bc64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ct-if.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

nginx-hit: 1
Date: Sun, 16 Apr 2023 19:29:59 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-CCDN-CacheTTL: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE1[19],EU-GER-frankfurt-EDGE4-CACHE2[0,TCP_HIT,19],EU-GER-frankfurt-GLOBAL1-CACHE3[20],EU-GER-frankfurt-GLOBAL1-CACHE9[0,TCP_HIT,18]
Age: 870
Connection: keep-alive
Content-Length: 12071
Last-Modified: Sun, 16 Apr 2023 19:06:44 GMT
Server: openresty
ETag: W/"643c4744-3b4d4"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-CCDN-Expires: 2591130
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
Expires: Sun, 23 Apr 2023 19:10:24 GMT

GET 2ea731b321824f71.js
io3.zjhxpnk.cn/upload/script/04/ 0
0

GET
H/1.1 200
OK 2ba714dd22164244.js Show response
io2.zjhxpnk.cn/upload/script/04/ 125 KB
7 KB 2079ms
56ms Script
application/javascript 90.84.161.22

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.zjhxpnk.cn/upload/script/04/2ba714dd22164244.js

Requested by

Host: ct-if.xyz
URL: https://ct-if.xyz/?zqll

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

0624941ec126874775ba00f38382e104aa52baa3cc2b6bb806534d5ff45e8970

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ct-if.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

nginx-hit: 1
Date: Sun, 16 Apr 2023 19:29:59 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-CCDN-CacheTTL: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[16],EU-GER-frankfurt-EDGE5-CACHE5[0,TCP_HIT,16],EU-GER-frankfurt-GLOBAL1-CACHE11[677],EU-GER-frankfurt-GLOBAL1-CACHE5[514,TCP_MISS,672],EU-GER-frankfurt-GLOBAL1-CACHE5[511,TCP_MISS,514]
Age: 1175
Connection: keep-alive
Content-Length: 6430
Last-Modified: Sun, 16 Apr 2023 19:06:44 GMT
Server: openresty
ETag: W/"643c4744-1f2dc"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-CCDN-Expires: 2590825
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
Expires: Sun, 23 Apr 2023 19:10:24 GMT

GET c611fd537e5aa0b2.js
io3.zjhxpnk.cn/upload/script/04/ 0
0

GET
H/1.1 200
OK 83aaf19a956a00ad.js Show response
io1.zjhxpnk.cn/upload/script/04/ 105 KB
9 KB 2068ms
44ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.zjhxpnk.cn/upload/script/04/83aaf19a956a00ad.js

Requested by

Host: ct-if.xyz
URL: https://ct-if.xyz/?zqll

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

2a231af88df0aceabf7c4667355a4e2c10b79d1c99587071fefcfc88799b0034

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ct-if.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

nginx-hit: 1
Date: Sun, 16 Apr 2023 19:29:59 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-CCDN-CacheTTL: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE2[3],EU-GER-frankfurt-EDGE4-CACHE2[0,TCP_HIT,2],EU-GER-frankfurt-GLOBAL1-CACHE2[492],EU-GER-frankfurt-GLOBAL1-CACHE6[489,TCP_MISS,491],EU-GER-frankfurt-GLOBAL1-CACHE6[488,TCP_MISS,488]
Age: 11470
Connection: keep-alive
Content-Length: 8017
Last-Modified: Sun, 16 Apr 2023 16:07:57 GMT
Server: openresty
ETag: W/"643c1d5d-1a2e8"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-CCDN-Expires: 2580530
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
Expires: Sun, 23 Apr 2023 16:18:49 GMT

GET
H/1.1 200
OK d978de972c7ccbea.js Show response
io4.zjhxpnk.cn/upload/script/04/ 182 KB
8 KB 2071ms
46ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io4.zjhxpnk.cn/upload/script/04/d978de972c7ccbea.js

Requested by

Host: ct-if.xyz
URL: https://ct-if.xyz/?zqll

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

a8f38e8025234135106bdb8eb8ca186262eb8a519490cb7549504a853b65c391

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ct-if.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

nginx-hit: 1
Date: Sun, 16 Apr 2023 19:29:59 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-CCDN-CacheTTL: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE2[5],EU-GER-frankfurt-EDGE4-CACHE2[0,TCP_HIT,2],EU-GER-frankfurt-GLOBAL1-CACHE10[526],EU-GER-frankfurt-GLOBAL1-CACHE11[523,TCP_MISS,526],EU-GER-frankfurt-GLOBAL1-CACHE11[522,TCP_MISS,523]
Age: 54703
Connection: keep-alive
Content-Length: 7746
Last-Modified: Sun, 16 Apr 2023 04:06:54 GMT
Server: openresty
ETag: W/"643b745e-2d86c"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-CCDN-Expires: 2537297
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
Expires: Sun, 23 Apr 2023 04:18:16 GMT

GET 01a581379cf78008.js
io3.zjhxpnk.cn/upload/script/04/ 0
0

GET
H/1.1 200
OK 47c41100cec65570.js Show response
io4.zjhxpnk.cn/upload/script/04/ 54 KB
6 KB 2081ms
56ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io4.zjhxpnk.cn/upload/script/04/47c41100cec65570.js

Requested by

Host: ct-if.xyz
URL: https://ct-if.xyz/?zqll

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

db4baa2eb4f071e103800a8314d9f724169b20fadb4be83c5f99165bd328c609

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ct-if.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

nginx-hit: 1
Date: Sun, 16 Apr 2023 19:29:59 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-CCDN-CacheTTL: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE2[16],EU-GER-frankfurt-EDGE4-CACHE1[0,TCP_HIT,15],EU-GER-frankfurt-GLOBAL1-CACHE2[15],EU-GER-frankfurt-GLOBAL1-CACHE8[0,TCP_HIT,14]
Age: 40701
Connection: keep-alive
Content-Length: 5645
Last-Modified: Sun, 16 Apr 2023 08:07:04 GMT
Server: openresty
ETag: W/"643baca8-d970"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-CCDN-Expires: 2551299
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
Expires: Sun, 23 Apr 2023 08:10:29 GMT

GET
H/1.1 200
OK a4a5890aed599a0e.js Show response
io2.zjhxpnk.cn/upload/script/04/ 8 KB
3 KB 2065ms
42ms Script
application/javascript 90.84.161.22

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.zjhxpnk.cn/upload/script/04/a4a5890aed599a0e.js

Requested by

Host: ct-if.xyz
URL: https://ct-if.xyz/?zqll

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

3c3c3e6ac95f5dd2945622c18e9fb5ef6c6bb92186a41aa7e4dc050e98434d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ct-if.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

nginx-hit: 1
Date: Sun, 16 Apr 2023 19:29:59 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-CCDN-CacheTTL: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE1[3],EU-GER-frankfurt-EDGE5-CACHE4[0,TCP_HIT,2],EU-GER-frankfurt-GLOBAL1-CACHE11[6],EU-GER-frankfurt-GLOBAL1-CACHE4[0,TCP_HIT,5]
Age: 11112
Connection: keep-alive
Content-Length: 2703
Last-Modified: Sun, 16 Apr 2023 16:07:57 GMT
Server: openresty
ETag: W/"643c1d5d-2180"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-CCDN-Expires: 2580888
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
Expires: Sun, 23 Apr 2023 16:18:49 GMT

GET 71ab2f4249a84324.js
io3.zjhxpnk.cn/upload/script/04/ 0
0

GET
H/1.1 200
OK 470572bb09ef3837.js Show response
io2.zjhxpnk.cn/upload/script/04/ 11 KB
3 KB 2070ms
46ms Script
application/javascript 90.84.161.22

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.zjhxpnk.cn/upload/script/04/470572bb09ef3837.js

Requested by

Host: ct-if.xyz
URL: https://ct-if.xyz/?zqll

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

e5b69c52c85927a81b72ddeba3527d80c2fe3f9a64bc4ce9312f0f046e9acf62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ct-if.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

nginx-hit: 1
Date: Sun, 16 Apr 2023 19:29:59 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-CCDN-CacheTTL: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE6[3],EU-GER-frankfurt-EDGE5-CACHE5[0,TCP_HIT,1],EU-GER-frankfurt-GLOBAL1-CACHE14[19],EU-GER-frankfurt-GLOBAL1-CACHE14[0,TCP_HIT,18]
Age: 11112
Connection: keep-alive
Content-Length: 1762
Last-Modified: Sun, 16 Apr 2023 16:07:57 GMT
Server: openresty
ETag: W/"643c1d5d-2da8"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-CCDN-Expires: 2580888
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
Expires: Sun, 23 Apr 2023 16:18:49 GMT

GET eaee309108aea97f.js
io3.zjhxpnk.cn/upload/script/04/ 0
0

GET
H/1.1 200
OK 62727782492b78b7.js Show response
io1.zjhxpnk.cn/upload/script/04/ 28 KB
3 KB 2066ms
43ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.zjhxpnk.cn/upload/script/04/62727782492b78b7.js

Requested by

Host: ct-if.xyz
URL: https://ct-if.xyz/?zqll

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

5478a281a063f30329e1a14bacd19cc004a4721bb7f4e81cd4490753be01276b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ct-if.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

nginx-hit: 1
Date: Sun, 16 Apr 2023 19:29:59 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-CCDN-CacheTTL: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE1[2],EU-GER-frankfurt-EDGE4-CACHE2[0,TCP_HIT,2],EU-GER-frankfurt-GLOBAL1-CACHE1[18],EU-GER-frankfurt-GLOBAL1-CACHE5[0,TCP_HIT,18]
Age: 40472
Connection: keep-alive
Content-Length: 2360
Last-Modified: Sun, 16 Apr 2023 08:07:04 GMT
Server: openresty
ETag: W/"643baca8-6fbc"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-CCDN-Expires: 2551528
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
Expires: Sun, 23 Apr 2023 08:10:29 GMT

GET
H/1.1 200
OK 4bee9e774e53598a.js Show response
io2.zjhxpnk.cn/upload/script/04/ 7 KB
3 KB 2070ms
46ms Script
application/javascript 90.84.161.22

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.zjhxpnk.cn/upload/script/04/4bee9e774e53598a.js

Requested by

Host: ct-if.xyz
URL: https://ct-if.xyz/?zqll

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

0f1dd0f6a482c3c8d4a5973601633539af7675ab3de30c3c71084194880e3a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ct-if.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

nginx-hit: 1
Date: Sun, 16 Apr 2023 19:29:59 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-CCDN-CacheTTL: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE2[3],EU-GER-frankfurt-EDGE5-CACHE2[0,TCP_HIT,2],EU-GER-frankfurt-GLOBAL1-CACHE6[497],EU-GER-frankfurt-GLOBAL1-CACHE2[493,TCP_MISS,496],EU-GER-frankfurt-GLOBAL1-CACHE2[493,TCP_MISS,494]
Age: 553303
Connection: keep-alive
Content-Length: 2489
Last-Modified: Mon, 10 Apr 2023 09:47:11 GMT
Server: openresty
ETag: W/"6433db1f-1a08"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-CCDN-Expires: 2038697
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
Expires: Mon, 17 Apr 2023 09:48:16 GMT

GET
H/1.1 200
OK 214a0354325346a4.js Show response
io4.zjhxpnk.cn/upload/script/04/ 1 KB
1 KB 2069ms
45ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io4.zjhxpnk.cn/upload/script/04/214a0354325346a4.js

Requested by

Host: ct-if.xyz
URL: https://ct-if.xyz/?zqll

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

679cde40972ae32dae486adff2eefb913d3db219bd2e0bcb1310f925aca710ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ct-if.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

nginx-hit: 1
Date: Sun, 16 Apr 2023 19:29:59 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-CCDN-CacheTTL: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE1[3],EU-GER-frankfurt-EDGE4-CACHE1[0,TCP_HIT,2],EU-GER-frankfurt-GLOBAL1-CACHE1[2],EU-GER-frankfurt-GLOBAL1-CACHE8[0,TCP_HIT,2]
Age: 116160
Connection: keep-alive
Content-Length: 460
Last-Modified: Fri, 07 Apr 2023 05:36:04 GMT
Server: openresty
ETag: W/"642fabc4-400"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-CCDN-Expires: 2475840
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
Expires: Fri, 14 Apr 2023 16:25:24 GMT

GET
H/1.1 200
OK 5ffc1c25e8aed09c.js Show response
io2.zjhxpnk.cn/upload/script/04/ 171 KB
13 KB 2078ms
54ms Script
application/javascript 90.84.161.22

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.zjhxpnk.cn/upload/script/04/5ffc1c25e8aed09c.js

Requested by

Host: ct-if.xyz
URL: https://ct-if.xyz/?zqll

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

1f557d5fc0afe337389a8ad883e18129dbf8b389eb591c7d1cac9783f9145dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ct-if.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

nginx-hit: 1
Date: Sun, 16 Apr 2023 19:29:59 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-CCDN-CacheTTL: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE3[13],EU-GER-frankfurt-EDGE5-CACHE5[0,TCP_HIT,12],EU-GER-frankfurt-GLOBAL1-CACHE9[661],EU-GER-frankfurt-GLOBAL1-CACHE7[499,TCP_MISS,660],EU-GER-frankfurt-GLOBAL1-CACHE7[497,TCP_MISS,499]
Age: 1175
Connection: keep-alive
Content-Length: 12845
Last-Modified: Sun, 16 Apr 2023 19:06:44 GMT
Server: openresty
ETag: W/"643c4744-2ad68"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-CCDN-Expires: 2590825
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
Expires: Sun, 23 Apr 2023 19:10:24 GMT

GET
H/1.1 200
OK f7389b643fe24225.js Show response
io4.zjhxpnk.cn/upload/script/04/ 6 KB
3 KB 2117ms
44ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io4.zjhxpnk.cn/upload/script/04/f7389b643fe24225.js

Requested by

Host: ct-if.xyz
URL: https://ct-if.xyz/?zqll

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

5d445cd10a7e41c1ac8b398db0c45556a633d284539b4b8b4c57633631fd158e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ct-if.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

nginx-hit: 1
Date: Sun, 16 Apr 2023 19:29:59 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
X-CCDN-CacheTTL: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE1[4],EU-GER-frankfurt-EDGE4-CACHE1[0,TCP_HIT,3],EU-GER-frankfurt-GLOBAL1-CACHE11[2],EU-GER-frankfurt-GLOBAL1-CACHE8[0,TCP_HIT,1]
Age: 114115
Connection: keep-alive
Content-Length: 2270
Last-Modified: Mon, 10 Apr 2023 09:47:11 GMT
Server: openresty
ETag: W/"6433db1f-168c"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-CCDN-Expires: 2477885
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
Expires: Mon, 17 Apr 2023 09:48:16 GMT

GET hm.js
hm.baidu.com/ 0
0

GET 76093885d2032e50d553844d642288
io3.c.jsezjpy.cn/upload/epy/img/202212/73/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: io3.zjhxpnk.cn
URL: https://io3.zjhxpnk.cn/upload/script/04/bbcd1003fb2653bd.js

Domain: io3.zjhxpnk.cn
URL: https://io3.zjhxpnk.cn/upload/script/04/e19f7195ddfd20be.js

Domain: io3.zjhxpnk.cn
URL: https://io3.zjhxpnk.cn/upload/script/04/2ea731b321824f71.js

Domain: io3.zjhxpnk.cn
URL: https://io3.zjhxpnk.cn/upload/script/04/c611fd537e5aa0b2.js

Domain: io3.zjhxpnk.cn
URL: https://io3.zjhxpnk.cn/upload/script/04/01a581379cf78008.js

Domain: io3.zjhxpnk.cn
URL: https://io3.zjhxpnk.cn/upload/script/04/71ab2f4249a84324.js

Domain: io3.zjhxpnk.cn
URL: https://io3.zjhxpnk.cn/upload/script/04/eaee309108aea97f.js

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.js?319d6a814ceca2439fc2df906ce35522

Domain: io3.c.jsezjpy.cn
URL: https://io3.c.jsezjpy.cn/upload/epy/img/202212/73/76093885d2032e50d553844d642288

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.krqfypj1kcm3l.com/	1970-01-20 11:07:56	Name: baiduCount Value: 1
www.krqfypj1kcm3l.com/	1969-12-31 23:59:59	Name: __vtins__K0z0U0wRJq4K71Rr Value: %7B%22sid%22%3A%20%22cbdaa995-1fdc-5b9c-b1d3-f75b8b7385c2%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201681675195529%2C%20%22ct%22%3A%201681673395529%7D
www.krqfypj1kcm3l.com/	1970-01-20 20:43:53	Name: __51uvsct__K0z0U0wRJq4K71Rr Value: 1
www.krqfypj1kcm3l.com/	1970-01-20 20:43:53	Name: __51vcke__K0z0U0wRJq4K71Rr Value: 61bdf2db-8aef-59cf-989f-d7ab5745ba38
www.krqfypj1kcm3l.com/	1970-01-20 20:43:53	Name: __51vuft__K0z0U0wRJq4K71Rr Value: 1681673395532

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.krqfypj1kcm3l.com:7777/tj/22.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.krqfypj1kcm3l.com:7777/tj/11.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.krqfypj1kcm3l.com:7777/tj/22.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.krqfypj1kcm3l.com:7777/tj/11.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

collect-v6.51.la
ct-if.xyz
hm.baidu.com
io1.zjhxpnk.cn
io2.zjhxpnk.cn
io3.c.jsezjpy.cn
io3.zjhxpnk.cn
io4.zjhxpnk.cn
sdk.51.la
wausauultimate.com
www.krqfypj1kcm3l.com
hm.baidu.com
io3.c.jsezjpy.cn
io3.zjhxpnk.cn
103.143.19.103
107.149.14.164
13.248.203.177
23.90.149.106
34.92.237.129
47.253.50.2
90.84.161.22
0624941ec126874775ba00f38382e104aa52baa3cc2b6bb806534d5ff45e8970
0f1dd0f6a482c3c8d4a5973601633539af7675ab3de30c3c71084194880e3a45
1ab6f60e509a97fe6073b917e6353476b0cb0581041b65d4195f41e204cdb748
1f557d5fc0afe337389a8ad883e18129dbf8b389eb591c7d1cac9783f9145dd1
2a231af88df0aceabf7c4667355a4e2c10b79d1c99587071fefcfc88799b0034
30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421
30ed5738bc07de3fff0b903453d882c59fe741a1a4fd826d0d12d2bcd00f7b1a
3424fa37407f5d90f134f65f3a65026582ee0e392f04f1ac4aca6463117812fc
3c3c3e6ac95f5dd2945622c18e9fb5ef6c6bb92186a41aa7e4dc050e98434d7a
3c8a992f0d79fbe12c5bd30be597755aaa6fca2073805ef0290fbf1ab6d3bc64
3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747
5478a281a063f30329e1a14bacd19cc004a4721bb7f4e81cd4490753be01276b
5d445cd10a7e41c1ac8b398db0c45556a633d284539b4b8b4c57633631fd158e
679cde40972ae32dae486adff2eefb913d3db219bd2e0bcb1310f925aca710ff
8795b1fba6c36437c39de35fb600e9525a64ae7ca72e48d0a72dbe0e9736a3cc
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
a8f38e8025234135106bdb8eb8ca186262eb8a519490cb7549504a853b65c391
a9f8490dd21b53ae4477fdd631c4f6868c543345474cd280a68f6f572f24a3ca
caf0707b23f4b10a5336d9cdc0aecbb83c48d333d17f5fc1648a0483d3edbaba
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
db4baa2eb4f071e103800a8314d9f724169b20fadb4be83c5f99165bd328c609
e132fc9bb5e7732a9b28b75a9bf15925ce3b018c97e865567d7ca1392337ac00
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b69c52c85927a81b72ddeba3527d80c2fe3f9a64bc4ce9312f0f046e9acf62

ct-if.xyz Open in urlscan Pro 13.248.203.177 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

56 %HTTPS

0 %IPv6

7 Domains

11 Subdomains

8 IPs

3 Countries

153 kBTransfer

1450 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

5 Cookies

2 Console Messages

Indicators

ct-if.xyz Open in urlscan Pro
13.248.203.177 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

56 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

8
IPs

3
Countries

153 kB
Transfer

1450 kB
Size

5
Cookies

34 HTTP transactions
0 data transactions