baleyu.com Open in urlscan Pro
206.119.93.78 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://baleyu.com/
Submission: On March 03 via api (March 3rd 2023, 10:05:26 am UTC) from US — Scanned from DE

Summary HTTP 67 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 45 domains to perform 67 HTTP transactions. The main IP is 206.119.93.78, located in United States and belongs to SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG. The main domain is baleyu.com.

This is the only time baleyu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	206.119.93.78 206.119.93.78	140224 (SGPL-AS-A...) (SGPL-AS-AP STARCLOUD GLOBAL PTE.)
8	198.16.37.83 198.16.37.83	40065 (CNSERVERS) (CNSERVERS)
7	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	103.170.15.115 103.170.15.115	() ()
1	103.170.15.75 103.170.15.75	7483 (SKYCLOUD-...) (SKYCLOUD-NET Skycloud Computing co.)
2	45.61.212.230 45.61.212.230	53587 (AZT) (AZT)
3	45.61.212.130 45.61.212.130	53587 (AZT) (AZT)
1	103.170.15.105 103.170.15.105	7483 (SKYCLOUD-...) (SKYCLOUD-NET Skycloud Computing co.)
1	2606:4700:303... 2606:4700:3038::6815:e9be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	38.54.37.233 38.54.37.233	138915 (KAOPU-HK ...) (KAOPU-HK Kaopu Cloud HK Limited)
2	163.181.92.230 163.181.92.230	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
3	163.181.92.225 163.181.92.225	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	23.225.139.251 23.225.139.251	40065 (CNSERVERS) (CNSERVERS)
1	2600:9000:200... 2600:9000:200a:d600:10:6ea1:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	20.213.27.188 20.213.27.188	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	172.83.155.45 172.83.155.45	201106 (SPARTANHOST) (SPARTANHOST)
4	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	107.148.202.17 107.148.202.17	() ()
1	172.247.50.240 172.247.50.240	() ()
1	2600:9000:200... 2600:9000:200a:7200:14:9a36:9680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.224.101.37 23.224.101.37	40065 (CNSERVERS) (CNSERVERS)
67	21

3 206.119.93.78 (United States)

ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG)

baleyu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 198.16.37.83 (United States)

ASN40065 (CNSERVERS, US)

hjha2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.170.15.115 (None, )

ASN- ()

99996aaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.170.15.75 (Taiwan)

ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)

375772rug.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.61.212.230 (United States)

ASN53587 (AZT, US)

199aaa.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
66663aaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.61.212.130 (United States)

ASN53587 (AZT, US)

3888537ccc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
66668aaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
573569djd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.170.15.105 (Taiwan)

ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)

5529ddd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:e9be (United States)

ASN13335 (CLOUDFLARENET, US)

img1.imgtp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 38.54.37.233 (Manila, Philippines) 5 redirects

ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK)

img.2128a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.1129555.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.1136999.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.8622a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.1153555.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 163.181.92.230 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

image.uc.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 163.181.92.225 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

p3.douyinpic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.225.139.251 (United States)

ASN40065 (CNSERVERS, US)

pic.picnewsss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200a:d600:10:6ea1:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

kzeii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.213.27.188 (Sydney, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tu.jnctupian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.83.155.45 (Seattle, United States)

ASN201106 (SPARTANHOST, GB)

kzeqq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.148.202.17 (None, )

ASN- ()

3p8801.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.247.50.240 (None, )

ASN- ()

8499163.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200a:7200:14:9a36:9680:93a1 (United States)

ASN16509 (AMAZON-02, US)

u22088.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.224.101.37 (United States)

ASN40065 (CNSERVERS, US)

8499165.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	hjha2.com hjha2.com	141 KB
7	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8406	47 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 339	852 KB
3	douyinpic.com p3.douyinpic.com — Cisco Umbrella Rank: 26423	2 MB
3	baleyu.com baleyu.com	2 KB
2	uc.cn image.uc.cn — Cisco Umbrella Rank: 68396	742 KB
1	8499165.com 8499165.com	181 KB
1	u22088.com u22088.com — Cisco Umbrella Rank: 550543	15 KB
1	1153555.com 1 redirects img.1153555.com	119 B
1	66663aaa.com 66663aaa.com	151 KB
1	573569djd.com 573569djd.com	21 KB
1	8499163.com 8499163.com	434 KB
1	8622a.com 1 redirects img.8622a.com	118 B
1	3p8801.co 3p8801.co	240 KB
1	1136999.com 1 redirects img.1136999.com	134 B
1	kzeqq.com kzeqq.com — Cisco Umbrella Rank: 906681	211 KB
1	66668aaa.com 66668aaa.com	708 KB
1	jnctupian.com tu.jnctupian.com	518 KB
1	kzeii.com kzeii.com — Cisco Umbrella Rank: 926361	553 KB
1	picnewsss.com pic.picnewsss.com — Cisco Umbrella Rank: 531837	357 KB
1	1129555.com 1 redirects img.1129555.com	119 B
1	2128a.com 1 redirects img.2128a.com	134 B
1	imgtp.com img1.imgtp.com
1	5529ddd.com 5529ddd.com	818 KB
1	3888537ccc.com 3888537ccc.com	574 KB
1	199aaa.us 199aaa.us	729 KB
1	375772rug.com 375772rug.com	1 MB
1	99996aaa.com 99996aaa.com	564 KB
0	toutiaoimg.com Failed p3.toutiaoimg.com Failed
0	afuyer.com Failed vs.afuyer.com Failed
0	sljttpkj.net Failed tu.sljttpkj.net Failed
0	aliyuncs.com Failed yaoji666.oss-cn-hongkong.aliyuncs.com Failed
0	tsmgsoce.com Failed tgqd.tsmgsoce.com Failed
0	ibb.co Failed i.ibb.co Failed ibb.co Failed
0	511500044.com Failed 511500044.com Failed
0	2321a.com Failed img.2321a.com Failed
0	99887aaa.com Failed 99887aaa.com Failed
0	253669vqx.com Failed 253669vqx.com Failed
0	8818ddd.com Failed 8818ddd.com Failed
0	n5267.com Failed n5267.com Failed
0	kveii.com Failed kveii.com Failed
0	9366qq.com Failed 9366qq.com Failed
0	ezfxpuo.cn Failed qp.ezfxpuo.cn Failed
0	360buyimg.com Failed kjimg10.360buyimg.com Failed
0	ldmnq.com Failed ldbbs.ldmnq.com Failed
67	45

	Domain	Requested by
8	hjha2.com	baleyu.com hjha2.com
7	hm.baidu.com	baleyu.com hjha2.com
4	cdn.jsdelivr.net	hjha2.com
3	p3.douyinpic.com	hjha2.com
3	baleyu.com	baleyu.com
2	image.uc.cn	hjha2.com
1	8499165.com	hjha2.com
1	u22088.com	hjha2.com
1	img.1153555.com	1 redirects
1	66663aaa.com	hjha2.com
1	573569djd.com	hjha2.com
1	8499163.com	hjha2.com
1	img.8622a.com	1 redirects
1	3p8801.co	hjha2.com
1	img.1136999.com	1 redirects
1	kzeqq.com	hjha2.com
1	66668aaa.com	hjha2.com
1	tu.jnctupian.com	hjha2.com
1	kzeii.com	hjha2.com
1	pic.picnewsss.com	hjha2.com
1	img.1129555.com	1 redirects
1	img.2128a.com	1 redirects
1	img1.imgtp.com	hjha2.com
1	5529ddd.com	hjha2.com
1	3888537ccc.com	hjha2.com
1	199aaa.us	hjha2.com
1	375772rug.com	hjha2.com
1	99996aaa.com	hjha2.com
0	ibb.co Failed	hjha2.com
0	p3.toutiaoimg.com Failed	hjha2.com
0	vs.afuyer.com Failed	hjha2.com
0	tu.sljttpkj.net Failed	hjha2.com
0	yaoji666.oss-cn-hongkong.aliyuncs.com Failed	hjha2.com
0	tgqd.tsmgsoce.com Failed	hjha2.com
0	i.ibb.co Failed	hjha2.com
0	511500044.com Failed	hjha2.com
0	img.2321a.com Failed	hjha2.com
0	99887aaa.com Failed	hjha2.com
0	253669vqx.com Failed	hjha2.com
0	8818ddd.com Failed	hjha2.com
0	n5267.com Failed	hjha2.com
0	kveii.com Failed	hjha2.com
0	9366qq.com Failed	hjha2.com
0	qp.ezfxpuo.cn Failed	hjha2.com
0	kjimg10.360buyimg.com Failed	hjha2.com
0	ldbbs.ldmnq.com Failed	hjha2.com
67	46

This site contains no links.

Subject Issuer	Validity	Valid
hjha2.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-04` - `2024-02-04`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
99996aaa.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-20` - `2023-11-20`	a year	crt.sh
375772rug.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-26` - `2023-10-26`	a year	crt.sh
199aaa.us Sectigo RSA Domain Validation Secure Server CA	`2023-02-13` - `2024-02-13`	a year	crt.sh
3888537ccc.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-24` - `2023-12-24`	a year	crt.sh
5529ddd.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-06` - `2024-02-06`	a year	crt.sh
*.imgtp.com GTS CA 1P5	`2023-02-28` - `2023-05-29`	3 months	crt.sh
pic.picnewsss.com Buypass Class 2 CA 5	`2022-12-07` - `2023-06-04`	6 months	crt.sh
kzeii.com Amazon RSA 2048 M01	`2022-12-19` - `2024-01-18`	a year	crt.sh
tu.jnctupian.com R3	`2023-02-24` - `2023-05-25`	3 months	crt.sh
66668aaa.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-20` - `2023-11-20`	a year	crt.sh
kzeqq.com R3	`2022-12-29` - `2023-03-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
3p8801.co Sectigo RSA Domain Validation Secure Server CA	`2023-02-01` - `2024-02-01`	a year	crt.sh
8499163.com ZeroSSL RSA Domain Secure Site CA	`2023-02-28` - `2023-05-29`	3 months	crt.sh
573569djd.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-26` - `2023-10-26`	a year	crt.sh
66663aaa.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-20` - `2023-11-20`	a year	crt.sh
u22088.com Amazon RSA 2048 M01	`2023-01-09` - `2024-02-07`	a year	crt.sh
8499165.com ZeroSSL RSA Domain Secure Site CA	`2023-02-28` - `2023-05-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://baleyu.com/
Frame ID: 79DBB8361809395910301D93F3BB0D7A
Requests: 9 HTTP requests in this frame

Frame: https://hjha2.com:8443/
Frame ID: DFBC672C11777DE0828BB9305393847A
Requests: 60 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

浙江城建联合装饰工程有限公司_杭州装修公司_专注杭州环保装修家装好品牌_城建装饰

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

67
Requests

54 %
HTTPS

19 %
IPv6

45
Domains

46
Subdomains

21
IPs

6
Countries

10548 kB
Transfer

10850 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://img.2128a.com/images/63d363fb60c3f47a6f40b86b.gif HTTP 302
https://image.uc.cn/s/wemedia/s/upload/2023/q3SOb91gn1dbf1d/1d8c0a33061f066a16298cce18b48994.gif

Request Chain 22

https://img.1129555.com/images/63fc411d2bf31932c34b8956.gif HTTP 302
https://p3.douyinpic.com/obj/tos-cn-i-dy/83908e7e94cd4714bb798d797ed38b3e

Request Chain 31

https://img.1136999.com/images/63e9e19b602bf44ad5847d1f.gif HTTP 302
https://image.uc.cn/s/wemedia/s/upload/2023/a0oCJ01gp4pik9m/6e73313cdde03b1eaa22d2f2f0fc51c7.gif

Request Chain 37

https://img.8622a.com/images/63d365f860c3f47a6f40b86d.gif HTTP 302
https://p3.douyinpic.com/obj/tos-cn-i-dy/391fc240e177412e819fc9d1bb506d25

Request Chain 43

https://img.1153555.com/images/638dee7409ca91e0020145cf.giff HTTP 302
https://p3.douyinpic.com/obj/tos-cn-i-dy/c768343f40ef43138274f4d00dce8367

67 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
baleyu.com/ 629 B
572 B 518ms
212ms Document
text/html 206.119.93.78
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL: http://baleyu.com/
Protocol: HTTP/1.1
Server: 206.119.93.78 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: openresty /
Resource Hash: 11b507546df8a41877897e0b2995c07b55c047ad56d50f154665d01242973871

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 03 Mar 2023 10:05:17 GMT
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK tiaozhuan.js Show response
baleyu.com/ 1 KB
996 B 200ms
199ms Script
application/javascript 206.119.93.78
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL: http://baleyu.com/tiaozhuan.js
Requested by: Host: baleyu.com
URL: http://baleyu.com/
Protocol: HTTP/1.1
Server: 206.119.93.78 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: openresty /
Resource Hash: 1e3737ed1f849f7ff53fbfcf55521b77d8316652cd9591e72f3d22d26296a202

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 10:05:17 GMT
Content-Encoding: gzip
Last-Modified: Sun, 06 Nov 2022 07:30:00 GMT
Server: openresty
ETag: W/"63676278-578"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=180
Connection: close
Expires: Fri, 03 Mar 2023 10:08:17 GMT

GET
H/1.1 200
OK tongji.js Show response
baleyu.com/ 759 B
628 B 421ms
211ms Script
application/javascript 206.119.93.78
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL: http://baleyu.com/tongji.js
Requested by: Host: baleyu.com
URL: http://baleyu.com/
Protocol: HTTP/1.1
Server: 206.119.93.78 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: openresty /
Resource Hash: 388939644e37c8b5ec54fa6cb31cbdd3a02b1430a69c972e7b298c86a1b2dec0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 10:05:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2022 16:35:10 GMT
Server: openresty
ETag: W/"62e2babe-2f7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=180
Connection: close
Expires: Fri, 03 Mar 2023 10:08:17 GMT

GET
H2 200 / Show response
hjha2.com/ Frame DFBC 89 KB
15 KB 1099ms
504ms Document
text/html 198.16.37.83
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjha2.com:8443/

Requested by

Host: baleyu.com
URL: http://baleyu.com/tiaozhuan.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.83 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

902213227a20ce8b7465de4a199192e6e050c1d1b971a6bf9960fea3de46c6cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://baleyu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 03 Mar 2023 10:05:18 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 918ms
337ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?f1d4fa7fc77845e82d7014194503e307

Requested by

Host: baleyu.com
URL: http://baleyu.com/tongji.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

631edb4b272e74dbab37ed80c04c1605aec8cdef36ea477fd8734d3f70ea7ffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 10:05:18 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 36007cfffaca1a91ecb40eb4cab596d1
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11254

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 931ms
351ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?2c826b7af1bbdd4b55533c61259bdc81

Requested by

Host: baleyu.com
URL: http://baleyu.com/tongji.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

616e6655353bb59c837f4585d68651990832749bed42c094a3cb158c1db16d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 10:05:18 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 1d76a28ff984caa39f17cae28fd0a2a2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11254

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 914ms
335ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?0479a3a671cc30fd27d45970393ba3c8

Requested by

Host: baleyu.com
URL: http://baleyu.com/tongji.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

dd4702d3d0f5b3588110b1c8274704f013fa7a6fe6d2c0f2009f7887b3317123

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 10:05:18 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: f200f7e9eb6a572d3b4e8910b8802b2b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11255

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 361ms
361ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2079276359&si=f1d4fa7fc77845e82d7014194503e307&v=1.3.0&lv=1&sn=10849&r=0&ww=1600&u=http%3A%2F%2Fbaleyu.com%2F&tt=%E6%B5%99%E6%B1%9F%E5%9F%8E%E5%BB%BA%E8%81%94%E5%90%88%E8%A3%85%E9%A5%B0%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8_%E6%9D%AD%E5%B7%9E%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8_%E4%B8%93%E6%B3%A8%E6%9D%AD%E5%B7%9E%E7%8E%AF%E4%BF%9D%E8%A3%85%E4%BF%AE%E5%AE%B6%E8%A3%85%E5%A5%BD%E5%93%81%E7%89%8C_%E5%9F%8E%E5%BB%BA%E8%A3%85%E9%A5%B0

Requested by

Host: baleyu.com
URL: http://baleyu.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:05:19 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 363ms
363ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1274445004&si=0479a3a671cc30fd27d45970393ba3c8&v=1.3.0&lv=1&sn=10849&r=0&ww=1600&u=http%3A%2F%2Fbaleyu.com%2F&tt=%E6%B5%99%E6%B1%9F%E5%9F%8E%E5%BB%BA%E8%81%94%E5%90%88%E8%A3%85%E9%A5%B0%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8_%E6%9D%AD%E5%B7%9E%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8_%E4%B8%93%E6%B3%A8%E6%9D%AD%E5%B7%9E%E7%8E%AF%E4%BF%9D%E8%A3%85%E4%BF%AE%E5%AE%B6%E8%A3%85%E5%A5%BD%E5%93%81%E7%89%8C_%E5%9F%8E%E5%BB%BA%E8%A3%85%E9%A5%B0

Requested by

Host: baleyu.com
URL: http://baleyu.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:05:19 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 376ms
376ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=514057782&si=2c826b7af1bbdd4b55533c61259bdc81&v=1.3.0&lv=1&sn=10849&r=0&ww=1600&u=http%3A%2F%2Fbaleyu.com%2F&tt=%E6%B5%99%E6%B1%9F%E5%9F%8E%E5%BB%BA%E8%81%94%E5%90%88%E8%A3%85%E9%A5%B0%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8_%E6%9D%AD%E5%B7%9E%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8_%E4%B8%93%E6%B3%A8%E6%9D%AD%E5%B7%9E%E7%8E%AF%E4%BF%9D%E8%A3%85%E4%BF%AE%E5%AE%B6%E8%A3%85%E5%A5%BD%E5%93%81%E7%89%8C_%E5%9F%8E%E5%BB%BA%E8%A3%85%E9%A5%B0

Requested by

Host: baleyu.com
URL: http://baleyu.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://baleyu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:05:19 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 jquery.min.js Show response
hjha2.com/template/kuli04/js/ Frame DFBC 95 KB
37 KB 512ms
511ms Script
application/javascript 198.16.37.83
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjha2.com:8443/template/kuli04/js/jquery.min.js

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.83 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:05:19 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 14 May 2022 13:14:00 GMT
server: nginx
etag: W/"627fab18-17b8b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 03 Mar 2023 22:05:19 GMT

GET
H2 200 swiper.min.js Show response
hjha2.com/template/kuli04/js/ Frame DFBC 94 KB
27 KB 765ms
764ms Script
application/javascript 198.16.37.83
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjha2.com:8443/template/kuli04/js/swiper.min.js

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.83 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:05:19 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 14 May 2022 13:14:02 GMT
server: nginx
etag: W/"627fab1a-178a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 03 Mar 2023 22:05:19 GMT

GET
H2 200 bootstrap.min.js Show response
hjha2.com/template/kuli04/js/ Frame DFBC 39 KB
13 KB 765ms
764ms Script
application/javascript 198.16.37.83
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjha2.com:8443/template/kuli04/js/bootstrap.min.js

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.83 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:05:19 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 14 May 2022 13:13:58 GMT
server: nginx
etag: W/"627fab16-9b00"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 03 Mar 2023 22:05:19 GMT

GET
H2 200 jquery.lazyload.min.js Show response
hjha2.com/template/kuli04/js/ Frame DFBC 3 KB
2 KB 765ms
764ms Script
application/javascript 198.16.37.83
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjha2.com:8443/template/kuli04/js/jquery.lazyload.min.js

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.83 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:05:19 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 14 May 2022 13:14:00 GMT
server: nginx
etag: W/"627fab18-d35"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 03 Mar 2023 22:05:19 GMT

GET
H2 200 style.css
hjha2.com/template/kuli04/css/ Frame DFBC 32 KB
11 KB 763ms
763ms Stylesheet
text/css 198.16.37.83
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://hjha2.com:8443/template/kuli04/css/style.css?v=5

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.83 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

22a525fd9b99500b6824d69a8dbb6e44684f0846fe85291b3d99c08e7c1ea71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:05:19 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 31 Jul 2022 11:38:05 GMT
server: nginx
etag: W/"62e6699d-7ef3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Fri, 03 Mar 2023 22:05:19 GMT

GET
H2 200 logo.jpg
hjha2.com/template/kuli04/images/ Frame DFBC 34 KB
35 KB 253ms
252ms Image
image/jpeg 198.16.37.83
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjha2.com:8443/template/kuli04/images/logo.jpg

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.83 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

fa529241dddbd17e0dd7b8ee301efa587826b81ed5b4b6223f1ee6e236e44442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:05:20 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 15 May 2022 05:53:44 GMT
server: nginx
etag: "62809568-89f0"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 35312
expires: Sun, 02 Apr 2023 10:05:20 GMT

GET
H/1.1 200
OK 2ffa649e5259458c8a91a61f7fb59951.gif
99996aaa.com/ Frame DFBC 564 KB
564 KB 2549ms
447ms Image
image/gif 103.170.15.115

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://99996aaa.com/2ffa649e5259458c8a91a61f7fb59951.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.115 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 0b374b57ebcf263193d88c13eddb10aecc4e3e9ce6b0bba17fc9cb0b053bf438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 23 Feb 2023 22:54:40 GMT
Last-Modified: Fri, 23 Dec 2022 06:29:53 GMT
Server: nginx
ETag: "63a54ae1-8cf85"
X-Cache: HIT from yd11_13-cdn-g01-la2-45
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 577413

GET
H/1.1 200
OK 2955f1d87c77457da4e7362ec1f4451f.gif
375772rug.com/ Frame DFBC 1 MB
1 MB 1115ms
160ms Image
image/gif 103.170.15.75
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://375772rug.com/2955f1d87c77457da4e7362ec1f4451f.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.75 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: 93f61a1a835dd1c3203ac05d024fc907d5bd541d3f458d014ced06fafce93e53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 06:32:01 GMT
Last-Modified: Fri, 30 Dec 2022 07:01:59 GMT
Server: nginx
ETag: "63ae8ce7-104685"
X-Cache: HIT from yd11_13-cdn-g01-la2-05
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1066629

GET
H/1.1 200
OK dd126931554140a09a8e6d9e66aa3008.gif
199aaa.us/ Frame DFBC 729 KB
729 KB 2059ms
145ms Image
image/gif 45.61.212.230
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://199aaa.us/dd126931554140a09a8e6d9e66aa3008.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.230 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: a298680bd0a8897d02ad92bd0370aedbde69a6f6e52cb60feafde6e0a04bffea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 12:29:21 GMT
Last-Modified: Tue, 14 Feb 2023 06:39:50 GMT
Server: nginx
ETag: "63eb2cb6-b6233"
X-Cache: HIT from cloud-us3-cdnb-30
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 746035

GET
H/1.1 200
OK dc579626b1af4d8eadd868e5039ab257.gif
3888537ccc.com/ Frame DFBC 574 KB
574 KB 1391ms
436ms Image
image/gif 45.61.212.130
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3888537ccc.com/dc579626b1af4d8eadd868e5039ab257.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.130 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 710d132ebb59eb0b07a8117dcdcf7c4606064f7351113d4f4fef860ed551ba3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 23 Feb 2023 20:25:19 GMT
Last-Modified: Wed, 08 Feb 2023 12:17:41 GMT
Server: nginx
ETag: "63e392e5-8f627"
X-Cache: HIT from cloud-us2-cdnb-30
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 587303

GET
H/1.1 200
OK b5a87763441b47f0ae586da82373196e.gif
5529ddd.com/ Frame DFBC 817 KB
818 KB 1772ms
450ms Image
image/gif 103.170.15.105
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5529ddd.com/b5a87763441b47f0ae586da82373196e.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.105 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: d97ecf8f032827472d136c190f837c6fdc9bccdee52788dc6055bd7faf973030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 08:07:53 GMT
Last-Modified: Tue, 14 Feb 2023 08:49:48 GMT
Server: nginx
ETag: "63eb4b2c-cc590"
X-Cache: HIT from yd11_13-cdn-g01-la2-35
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 837008

GET
H2 404 b1e1hDcd.gif
img1.imgtp.com/2023/01/25/ Frame DFBC 0
0 88ms
17ms Image
text/html 2606:4700:3038::6815:e9be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.imgtp.com/2023/01/25/b1e1hDcd.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2

200

1d8c0a33061f066a16298cce18b48994.gif
image.uc.cn/s/wemedia/s/upload/2023/q3SOb91gn1dbf1d/ Frame DFBC
Redirect Chain

https://img.2128a.com/images/63d363fb60c3f47a6f40b86b.gif
https://image.uc.cn/s/wemedia/s/upload/2023/q3SOb91gn1dbf1d/1d8c0a33061f066a16298cce18b48994.gif

389 KB
390 KB

71ms
10ms

Image
image/gif

163.181.92.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.uc.cn/s/wemedia/s/upload/2023/q3SOb91gn1dbf1d/1d8c0a33061f066a16298cce18b48994.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Server: 163.181.92.230 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 57cd9a9aef42e1f36ca0d9cf8c98f4200850f17d87468ee42b4edd62d33993b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 01:30:28 GMT
via: cache11.l2us1[0,0,200-0,H], cache33.l2us1[1,0], ens-cache4.de5[0,0,200-0,H], ens-cache15.de5[1,0]
server: Tengine
age: 66
x-swift-cachetime: 430474
x-image-resized: 1
ali-swift-global-savetime: 1677634229
content-type: image/GIF
access-control-allow-origin: *
x-cache: HIT TCP_MEM_HIT dirn:13:302835039
cache-control: max-age=432000
x-swift-savetime: Wed, 01 Mar 2023 01:55:55 GMT
timing-allow-origin: *
content-length: 398571
eagleid: a3b55ca316778379222587902e

Redirect headers

location: https://image.uc.cn/s/wemedia/s/upload/2023/q3SOb91gn1dbf1d/1d8c0a33061f066a16298cce18b48994.gif
cache-control: max-age=600
referrer-policy: no-referrer

GET
H2

200

83908e7e94cd4714bb798d797ed38b3e
p3.douyinpic.com/obj/tos-cn-i-dy/ Frame DFBC
Redirect Chain

https://img.1129555.com/images/63fc411d2bf31932c34b8956.gif
https://p3.douyinpic.com/obj/tos-cn-i-dy/83908e7e94cd4714bb798d797ed38b3e

951 KB
953 KB

542ms
8ms

Image
image/gif

163.181.92.225
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.douyinpic.com/obj/tos-cn-i-dy/83908e7e94cd4714bb798d797ed38b3e
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Server: 163.181.92.225 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: dbcb332696caf3332f858f9d5920bde313fcfc25185717125019fa0236c77dc3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:04:24 GMT
via: n131-119-209, cache12.l2de2[0,0,206-0,H], cache4.l2de2[1,0], cache4.l2de2[1,0], ens-cache12.de5[0,0,200-0,H], ens-cache10.de5[1,0]
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 950458
nw-session-id: 2023022017244026E813B7A7D4948340E5v5pkm01dy
x-powered-by: ImageX
x-swift-cachetime: 31533221
x-cache: HIT TCP_MEM_HIT dirn:-2:-2 mlen:0
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-swift-savetime: Mon, 20 Feb 2023 10:50:43 GMT
x-length: 974206
content-length: 974206
last-modified: Mon, 20 Feb 2023 09:24:40 GMT
server: Tengine
x-tt-logid: 2023022017244026E813B7A7D4948340E5
x-response-date: Mon, 20 Feb 2023 17:24:40 GMT
ali-swift-global-savetime: 1676887464
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2023-02-20T17:24:40.947216621+08:00 68
cache-control: max-age=31536000
x-request-ip: fdbd:dc03:8:577::15
x-response-cinfo: 185.213.155.162
imagex-fmt: gif2gif
x-response-cache: edge_hit
timing-allow-origin: *, *
x-tt-trace-host: 01f6f27c903389b7e3419d26a28660c8866f5871d75c7028ed664bf69ea415173b578002591a1f86ba0d08bde0b425f512fe9bf5189d58edaa2cb640b89e5d82aa65798fdaa892ac2bdf1096eab8643ced119e0d337b96c45f16201b56ebe29d63
eagleid: a3b55c9e16778379221981703e

Redirect headers

location: https://p3.douyinpic.com/obj/tos-cn-i-dy/83908e7e94cd4714bb798d797ed38b3e
cache-control: max-age=600
referrer-policy: no-referrer

GET
H2 200 960-80.gif
pic.picnewsss.com/tu-2022290039/ Frame DFBC 356 KB
357 KB 1104ms
150ms Image
image/gif 23.225.139.251
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.picnewsss.com/tu-2022290039/960-80.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 23.225.139.251 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: b7384ed8b6206194206f49e4746f131cd9fe540febd376624e7da404d3b11ce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 12:39:56 GMT
last-modified: Thu, 02 Mar 2023 12:39:56 GMT
server: nginx
etag: "1677760796"
x-cache: HIT, policy, memory
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 364912
expires: Sat, 01 Apr 2023 12:39:56 GMT

GET
H2 200 8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
kzeii.com/ Frame DFBC 552 KB
553 KB 1141ms
195ms Image
image/gif 2600:9000:200a:d600:10:6ea1:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:200a:d600:10:6ea1:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 18:41:58 GMT
via: 1.1 900a893b03bf29fa958d4587d585157e.cloudfront.net (CloudFront)
last-modified: Mon, 19 Dec 2022 09:06:43 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 55404
etag: "6a2c609ad0c46bb1b8d9cd39eacde625"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 565615
x-amz-cf-id: OBx94Eats48Oza7Jbd3zwTEe-DDpcsGL9AMrBBeBlpPa0MlOSK41EQ==

GET
H2 200 jnc60av.gif
tu.jnctupian.com/jnc/ Frame DFBC 517 KB
518 KB 1303ms
245ms Image
image/gif 20.213.27.188
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tu.jnctupian.com/jnc/jnc60av.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.213.27.188 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 277605d0c224bbca09f57860ddcd36d65ee706ffe21c88a68c873b4f7af0c023

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:05:21 GMT
last-modified: Sun, 19 Feb 2023 10:35:20 GMT
server: WAF/2.4-12.1
etag: "63f1fb68-814f1"
x-cache-status: HIT
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 529649
expires: Sat, 01 Apr 2023 10:13:33 GMT

GET
H/1.1 200
OK 761b92b8d7ce4182ab054a1f89b6063f.gif
66668aaa.com/ Frame DFBC 708 KB
708 KB 851ms
146ms Image
image/gif 45.61.212.130
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://66668aaa.com/761b92b8d7ce4182ab054a1f89b6063f.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.130 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: c677f7601d68004a5c0af802407899ba001333fd3c69e8993a8a757a8521b20d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 07:34:10 GMT
Last-Modified: Tue, 15 Nov 2022 04:33:24 GMT
Server: nginx
ETag: "63731694-b0f85"
X-Cache: HIT from cloud-us2-cdnb-30
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 724869

GET 0093e3ff-3d28-4f89-91b1-fcfbd82eabcf.gif
ldbbs.ldmnq.com/bbs/topic/images/2023-1/ Frame DFBC 0
0

GET 810ef977e1cd11c0.gif
kjimg10.360buyimg.com/ott/jfs/t1/222610/4/20743/688878/6380d41fEdd27fc60/ Frame DFBC 0
0

GET c45dd20fdac2727b.gif
kjimg10.360buyimg.com/ott/jfs/t1/120993/16/33030/1021535/6380d2dbE2ee6e05e/ Frame DFBC 0
0

GET
H2 200 4510a38ced51413e7ec196f793adc219.gif
kzeqq.com/ Frame DFBC 210 KB
211 KB 916ms
175ms Image
image/gif 172.83.155.45
SPARTANHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kzeqq.com/4510a38ced51413e7ec196f793adc219.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.83.155.45 Seattle, United States, ASN201106 (SPARTANHOST, GB),
Reverse DNS
Software: nginx /
Resource Hash: ad58e28c6c8eee95306e8b797e3a90644f94378217bbb935ecc35d7e434be9bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:05:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 309
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 215372
last-modified: Tue, 07 Feb 2023 11:56:07 GMT
server: nginx
etag: "63e23c57-3494c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEtvuvkIC6unDtDSvMoJjA3cZoePwvs4DB51m4lzXqGsOuE%2Brom9YMokua53jYY6xxgcmQz%2FNE3%2BAwGI01UpnuY2Wx7wGVuCY9F1ivQBXkXmYHlharIb5fo%2FD9GG"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 79f0a13c6f0b8431-YVR
expires: Fri, 03 Mar 2023 22:05:22 GMT

GET
H2

200

6e73313cdde03b1eaa22d2f2f0fc51c7.gif
image.uc.cn/s/wemedia/s/upload/2023/a0oCJ01gp4pik9m/ Frame DFBC
Redirect Chain

https://img.1136999.com/images/63e9e19b602bf44ad5847d1f.gif
https://image.uc.cn/s/wemedia/s/upload/2023/a0oCJ01gp4pik9m/6e73313cdde03b1eaa22d2f2f0fc51c7.gif

351 KB
352 KB

8ms
8ms

Image
image/gif

163.181.92.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.uc.cn/s/wemedia/s/upload/2023/a0oCJ01gp4pik9m/6e73313cdde03b1eaa22d2f2f0fc51c7.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Server: 163.181.92.230 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 2e8a70478fccea91f2965cbb6d81c1d03f3152ba97d2d671ba04a1dbd74c3d69

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 01:30:31 GMT
via: cache7.l2us1[0,0,200-0,H], cache3.l2us1[1,0], ens-cache6.de5[0,0,200-0,H], ens-cache15.de5[1,0]
server: Tengine
age: 66
x-swift-cachetime: 430471
x-image-resized: 1
ali-swift-global-savetime: 1677634231
content-type: image/GIF
access-control-allow-origin: *
x-cache: HIT TCP_MEM_HIT dirn:13:622239348
cache-control: max-age=432000
x-swift-savetime: Wed, 01 Mar 2023 01:56:00 GMT
timing-allow-origin: *
content-length: 359804
eagleid: a3b55ca316778379234758698e

Redirect headers

location: https://image.uc.cn/s/wemedia/s/upload/2023/a0oCJ01gp4pik9m/6e73313cdde03b1eaa22d2f2f0fc51c7.gif
cache-control: max-age=600
referrer-policy: no-referrer

GET 960X80.gif
qp.ezfxpuo.cn/ Frame DFBC 0
0

GET
H2 200 10151.gif
cdn.jsdelivr.net/gh/kkkll22/img@main/head/ Frame DFBC 607 KB
608 KB 32ms
14ms Image
image/gif 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/kkkll22/img@main/head/10151.gif

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75ba290f4a2dc25f7cad04db45ec4633f8cdbf33c36f1b0e49ccfae0ebe4547f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:05:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 28344
x-jsd-version: main
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 621536
x-served-by: cache-fra-eddf8230083-FRA, cache-jnb7021-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"97be0-yyA4T82wjwMBSXVhjlvX3mBDGe8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6YQOO%2BqcA3JPaSwhzDccJUDra09gcz0Wgf%2FN1snDDuTazZBctpRS%2BQduNlpZAuGOMjEoYoERxAkd6UUNR%2FRWHn96ga83664JqdWGiUkp2XV2LBJZKSgyKfbXkxDcAgTosZWkvokNetPlNFLh3Kc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a210f868d9291e3-FRA

GET
H2 200 960-80.gif
3p8801.co/xx/ Frame DFBC 240 KB
240 KB 1043ms
151ms Image
image/gif 107.148.202.17

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3p8801.co/xx/960-80.gif

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

107.148.202.17 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

ed59427c64a4afd50b701a80dbfc0d8c5ed28d2502b9e883879c45549c0d26dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:05:23 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 02 Jan 2023 08:23:25 GMT
server: nginx
etag: "63b2947d-3bf80"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 245632
expires: Sun, 02 Apr 2023 10:05:23 GMT

GET
H2 200 960x80-1.gif
cdn.jsdelivr.net/gh/kkkll22/img@main/head/ Frame DFBC 44 KB
44 KB 16ms
15ms Image
image/gif 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/kkkll22/img@main/head/960x80-1.gif

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b15f6b63346bdc77fe89b9d5192428516d42f3c22b80ba44c12d509b971976ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:05:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 48
x-jsd-version: main
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44758
x-served-by: cache-fra-eddf8230082-FRA, cache-yyz4530-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"aed6-hF5K1ES+D5PhI177qGfqnIaQYP0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpBvouYCbg53HCwwj%2FTuJ2AQ5eKWO0wHsG%2BE%2BfkIWx64yK8jOXyPdnwhoWd%2BAyGgpLMLkpncRfK9DchLKmeOJYHNfPJSDA5u24HroWF4prJh4OmYSZ0Pi%2F14BXCoZHXCublM3dtHsevRJJshSbk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a210f86bdd991e3-FRA

GET
H2 200 960x80.gif
cdn.jsdelivr.net/gh/kkkll22/img@main/head/ Frame DFBC 178 KB
179 KB 18ms
17ms Image
image/gif 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/kkkll22/img@main/head/960x80.gif

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b373dcb0598f1ed8d191cc80eddadc6740f7acfdc9d6904df7eb3151920017c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:05:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 25748
x-jsd-version: main
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 182413
x-served-by: cache-fra-eddf8230050-FRA, cache-yyz4580-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2c88d-iHJwx6wJOEqfCDMhqtFnWhvAPto"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyrK9%2Bvj3oVwVvRup7x3X2%2Be8i0fKpLBNmZA5t6i8G1vq4Pp2wqTJ9Xw8Nd%2BZ4YMyLXxq1U8W%2FVqFip%2BfdlBIeSa3OW6MgmWXZr7h4nk3KGDquf5FXgbATqwfFgJf78J9qz1bhIuGN1IqwDsHXE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a210f86bdda91e3-FRA

GET
H2

200

391fc240e177412e819fc9d1bb506d25
p3.douyinpic.com/obj/tos-cn-i-dy/ Frame DFBC
Redirect Chain

https://img.8622a.com/images/63d365f860c3f47a6f40b86d.gif
https://p3.douyinpic.com/obj/tos-cn-i-dy/391fc240e177412e819fc9d1bb506d25

549 KB
550 KB

8ms
8ms

Image
image/gif

163.181.92.225
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.douyinpic.com/obj/tos-cn-i-dy/391fc240e177412e819fc9d1bb506d25
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Server: 163.181.92.225 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: 54d436cbf368311b0aa7bb497ac1b5a4330067953e11b4ad2da233e07e923d05

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 07:27:24 GMT
via: n132-067-168, cache8.l2de2[0,0,206-0,H], cache14.l2de2[0,0], cache14.l2de2[1,0], ens-cache5.de5[0,0,200-0,H], ens-cache10.de5[1,0]
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 355081
nw-session-id: 202302270700476DF852298901A81FD099mxbp503dy
x-powered-by: ImageX
x-swift-cachetime: 31458470
x-cache: HIT TCP_MEM_HIT dirn:12:660961449 mlen:0
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-swift-savetime: Tue, 28 Feb 2023 04:59:34 GMT
x-length: 561802
content-length: 561802
last-modified: Sun, 26 Feb 2023 23:00:47 GMT
server: Tengine
x-tt-logid: 202302270700476DF852298901A81FD099
x-response-date: Mon, 27 Feb 2023 07:00:47 GMT
ali-swift-global-savetime: 1677482844
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2023-02-27T07:00:47.134586721+08:00 53
cache-control: max-age=31536000
x-request-ip: fdbd:dc03:14:26::146
x-response-cinfo: 185.213.155.162
imagex-fmt: gif2gif
x-response-cache: edge_hit
timing-allow-origin: *, *
x-tt-trace-host: 01379cab1c1506965721d8319a04cc898d2db55e53240673dfffe07d9aaa4b5610faf5cf9d973e3684d93ad0a1fb944b89e942466feeb0fb759598d2d71f30a80d49cb883794042341c07355003d2135a5a060b2b8fae6f23670b49fe186c99c18d4f3d8c0423da9ea0862ea9830851794
eagleid: a3b55c9e16778379251793597e

Redirect headers

location: https://p3.douyinpic.com/obj/tos-cn-i-dy/391fc240e177412e819fc9d1bb506d25
cache-control: max-age=600
referrer-policy: no-referrer

GET
H2 200 960x160.gif
8499163.com/8499/ Frame DFBC 434 KB
434 KB 725ms
147ms Image
image/gif 172.247.50.240

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8499163.com/8499/960x160.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.50.240 -, , ASN (),
Reverse DNS
Software: qq.com /
Resource Hash: e27ce8615a286f31afae3a6f5580deb2e30d2e9c0a4248a3b7e2d165a89f2cb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:05:23 GMT
last-modified: Sat, 24 Dec 2022 13:20:16 GMT
server: qq.com
etag: "6c674-5f092c350014a"
x-cache-status: HIT
content-type: image/gif
accept-ranges: bytes
content-length: 444020

GET
H2 200 loading.svg
hjha2.com/template/kuli04/images/ Frame DFBC 506 B
662 B 258ms
254ms Image
image/svg+xml 198.16.37.83
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjha2.com:8443/template/kuli04/images/loading.svg

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.16.37.83 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:05:20 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 08 Nov 2021 09:18:25 GMT
server: nginx
etag: "6188eb61-1fa"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 506

GET
H/1.1 200
OK 06bc2769a3cc4268b5c43cf6eeb7ee95.gif
573569djd.com/ Frame DFBC 20 KB
21 KB 1986ms
143ms Image
image/gif 45.61.212.130
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://573569djd.com/06bc2769a3cc4268b5c43cf6eeb7ee95.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.130 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 5623987f3399652066ac075bbf5ff8e116e13c846219fdafd4fb8d48e2b643ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 02:59:06 GMT
Last-Modified: Fri, 23 Dec 2022 06:28:18 GMT
Server: nginx
ETag: "63a54a82-51df"
X-Cache: HIT from cloud-us2-cdnb-30
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 20959

GET c0ba90b97aaff0d0.gif
kjimg10.360buyimg.com/ott/jfs/t1/91201/17/34468/130902/6380d288Ebab53dae/ Frame DFBC 0
0

GET
H/1.1 200
OK 777d2af1e8a74ca3aa77500ba390d2b8.gif
66663aaa.com/ Frame DFBC 151 KB
151 KB 1407ms
435ms Image
image/gif 45.61.212.230
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://66663aaa.com/777d2af1e8a74ca3aa77500ba390d2b8.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.230 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 84524d095bafb3df71033f60605f1ab6f673ed0ff4b61dcc440239390f2a178b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 13:12:34 GMT
Last-Modified: Fri, 09 Dec 2022 06:52:37 GMT
Server: nginx
ETag: "6392db35-25b8e"
X-Cache: HIT from cloud-us3-cdnb-30
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 154510

GET
H2

200

c768343f40ef43138274f4d00dce8367
p3.douyinpic.com/obj/tos-cn-i-dy/ Frame DFBC
Redirect Chain

https://img.1153555.com/images/638dee7409ca91e0020145cf.giff
https://p3.douyinpic.com/obj/tos-cn-i-dy/c768343f40ef43138274f4d00dce8367

142 KB
143 KB

8ms
8ms

Image
image/gif

163.181.92.225
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.douyinpic.com/obj/tos-cn-i-dy/c768343f40ef43138274f4d00dce8367
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Server: 163.181.92.225 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: 4d9cdc5aabed45dcf2f79a2419794013cc0cb5af8a58e63731c5d311be796432

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 13:56:45 GMT
via: n204-100-082, cache16.l2de2[0,0,206-0,H], cache15.l2de2[3,0], cache15.l2de2[4,0], ens-cache1.de5[0,0,200-0,H], ens-cache10.de5[1,0]
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 7589320
nw-session-id: 2022120520592301020209215633D07BDCgtd9201dy
x-powered-by: ImageX
x-swift-cachetime: 31521633
x-cache: HIT TCP_MEM_HIT dirn:13:246565245
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-swift-savetime: Mon, 05 Dec 2022 17:56:12 GMT
x-length: 145431
content-length: 145431
last-modified: Mon, 05 Dec 2022 12:59:23 GMT
server: Tengine
x-tt-logid: 2022120520592301020209215633D07BDC
x-response-date: Mon, 05 Dec 2022 20:59:23 GMT
ali-swift-global-savetime: 1670248605
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2022-12-05T20:59:23.223743581+08:00 44
cache-control: max-age=31536000
x-request-ip: fdbd:dc01:25:346::75
x-response-cinfo: 185.213.155.162
imagex-fmt: gif2gif
x-response-cache: edge_hit
timing-allow-origin: *, *
x-tt-trace-host: 01c70dd2b30bede540a99194c063ce108159c44006b08f21a38fa9080f95248a12541d65c08e8426b4002e6d9e681b457dc2570678624b71fd0fb9d3885e93d3ad2c93e90d33728c4c10b49a71849980734459e698a83a65e0545dee7ecb1c9153
eagleid: a3b55c9e16778379250383500e

Redirect headers

location: https://p3.douyinpic.com/obj/tos-cn-i-dy/c768343f40ef43138274f4d00dce8367
cache-control: max-age=600
referrer-policy: no-referrer

GET 18a826d2c1854a968a41d3ed4a8b3040.gif
9366qq.com/ Frame DFBC 0
0

GET f67b410855efed07dc1783436baaa5f7.gif
kveii.com/ Frame DFBC 0
0

GET
H3 200 app0921.jpg
cdn.jsdelivr.net/gh/kkkll22/img@main/index/ Frame DFBC 20 KB
21 KB 230ms
230ms Image
image/jpeg 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/kkkll22/img@main/index/app0921.jpg

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caee5c83fc039dd72f1a1e00e295d143b73a79553b66a2ea62de7bc1201aa898

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:05:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-jsd-version: main
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20633
x-served-by: cache-fra-eddf8230119-FRA, cache-jnb7026-JNB
x-jsd-version-type: branch
cf-bgj: h2pri
server: cloudflare
etag: W/"5099-VMb/3iQ6e9t0sk8fxRulpFMqano"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvXfn1rJY4UhSrZX63dvW3XQaaoGk%2FnXgPXuZB7nDQ01LUR%2BuSn3q3g4ZpXJskMEWJYvLilnMXV5h6Sgb28eZx2D4NRliB8dYCvb%2FQd3xaqi028u9L0MXqkyzVxmTWKdOEUGzwOICI9RlZFlKpk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a210f974d5c3827-FRA

GET bf42ce11ec6d463089ce9700d48fda78.gif
n5267.com/ Frame DFBC 0
0

GET 43b96ed8779042a7993e758263415b8f.gif
8818ddd.com/ Frame DFBC 0
0

GET ea0205dd2b044b828f59e1e34d305c5e.gif
253669vqx.com/ Frame DFBC 0
0

GET ccc593dbd14e435090d641cfcfd54d7c.gif
99887aaa.com/ Frame DFBC 0
0

GET 63d3646760c3f47a6f40b86c.gif
img.2321a.com/images/ Frame DFBC 0
0

GET 100-100.gif
511500044.com/uploads/2023/01/ Frame DFBC 0
0

GET 300.gif
i.ibb.co/BzS1Fs3/ Frame DFBC 0
0

GET 120X120.gif
qp.ezfxpuo.cn/ Frame DFBC 0
0

GET hy.gif
tgqd.tsmgsoce.com/imgf/ Frame DFBC 0
0

GET 666.gif
yaoji666.oss-cn-hongkong.aliyuncs.com/gg/ Frame DFBC 0
0

GET 200-200.png
tu.sljttpkj.net/3569tu/ Frame DFBC 0
0

GET mdsq.jpg
vs.afuyer.com/ Frame DFBC 0
0

GET 120-120.gif
pic.picnewsss.com/tu-2022290039/ Frame DFBC 0
0

GET 290299ed48d84c7b99d8fbd8a96a254c
p3.toutiaoimg.com/origin/pgc-image/ Frame DFBC 0
0

GET rfsFvLQ
ibb.co/ Frame DFBC 0
0

GET
DATA 200
OK truncated
/ Frame DFBC 254 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 84bfbebcdad0296b623216802be82672.gif
u22088.com/ Frame DFBC 15 KB
15 KB 980ms
192ms Image
image/gif 2600:9000:200a:7200:14:9a36:9680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u22088.com/84bfbebcdad0296b623216802be82672.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:200a:7200:14:9a36:9680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 869e12cacf70ec0ced9208a285ca779e2371a411df8e7b9d788da32344912e04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 05:17:00 GMT
via: 1.1 c2e4ac979e01c116ae8349b7d6d1489a.cloudfront.net (CloudFront)
last-modified: Sat, 17 Dec 2022 11:45:02 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 3991865
etag: "45937719da73b701bd554f3996019dff"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 15158
x-amz-cf-id: Z_vRaxYQyxiiElynaw-UkViz44MvxUnzZ2ZpyRrjI6nTFidVu8xydQ==

GET
H2 200 150x150.gif
8499165.com/8499/ Frame DFBC 181 KB
181 KB 1065ms
147ms Image
image/gif 23.224.101.37
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8499165.com/8499/150x150.gif
Requested by: Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.224.101.37 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: qq.com /
Resource Hash: 321cb2617b9399c60d8f5fe163363faab0f872f5c88646ce900d17604817a1a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:05:21 GMT
last-modified: Wed, 28 Dec 2022 09:29:16 GMT
server: qq.com
etag: "2d353-5f0e00094173c"
x-cache-status: HIT
content-type: image/gif
accept-ranges: bytes
content-length: 185171

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame DFBC 29 KB
11 KB 360ms
360ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?41537b718b08fa02fbaf62417f6eff43

Requested by

Host: hjha2.com
URL: https://hjha2.com:8443/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

2b114eb78e7c595475bc20bfc4cf5cd5f2ea92bc241714a487a96aa72cfe77d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hjha2.com:8443/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 10:05:20 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: b63571e9b487ae2105fad5c0f69d45f5
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11254

GET
DATA 200
OK truncated
/ Frame DFBC 2 KB
2 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f42a279f4552574aba15f36748a6bc636bc50e34db969a9b361f9f1ed455615e

Request headers

Referer
Origin: https://hjha2.com:8443
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET hm.gif
hm.baidu.com/ Frame DFBC 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ldbbs.ldmnq.com
URL: https://ldbbs.ldmnq.com/bbs/topic/images/2023-1/0093e3ff-3d28-4f89-91b1-fcfbd82eabcf.gif

Domain: kjimg10.360buyimg.com
URL: https://kjimg10.360buyimg.com/ott/jfs/t1/222610/4/20743/688878/6380d41fEdd27fc60/810ef977e1cd11c0.gif

Domain: kjimg10.360buyimg.com
URL: https://kjimg10.360buyimg.com/ott/jfs/t1/120993/16/33030/1021535/6380d2dbE2ee6e05e/c45dd20fdac2727b.gif

Domain: qp.ezfxpuo.cn
URL: https://qp.ezfxpuo.cn/960X80.gif

Domain: kjimg10.360buyimg.com
URL: https://kjimg10.360buyimg.com/ott/jfs/t1/91201/17/34468/130902/6380d288Ebab53dae/c0ba90b97aaff0d0.gif

Domain: 9366qq.com
URL: https://9366qq.com/18a826d2c1854a968a41d3ed4a8b3040.gif

Domain: kveii.com
URL: https://kveii.com/f67b410855efed07dc1783436baaa5f7.gif

Domain: n5267.com
URL: https://n5267.com/bf42ce11ec6d463089ce9700d48fda78.gif

Domain: 8818ddd.com
URL: https://8818ddd.com/43b96ed8779042a7993e758263415b8f.gif

Domain: 253669vqx.com
URL: https://253669vqx.com/ea0205dd2b044b828f59e1e34d305c5e.gif

Domain: 99887aaa.com
URL: https://99887aaa.com/ccc593dbd14e435090d641cfcfd54d7c.gif

Domain: img.2321a.com
URL: https://img.2321a.com/images/63d3646760c3f47a6f40b86c.gif

Domain: 511500044.com
URL: https://511500044.com/uploads/2023/01/100-100.gif?_t=1673959608

Domain: i.ibb.co
URL: https://i.ibb.co/BzS1Fs3/300.gif

Domain: qp.ezfxpuo.cn
URL: https://qp.ezfxpuo.cn/120X120.gif

Domain: tgqd.tsmgsoce.com
URL: https://tgqd.tsmgsoce.com/imgf/hy.gif

Domain: yaoji666.oss-cn-hongkong.aliyuncs.com
URL: https://yaoji666.oss-cn-hongkong.aliyuncs.com/gg/666.gif

Domain: tu.sljttpkj.net
URL: https://tu.sljttpkj.net/3569tu/200-200.png

Domain: vs.afuyer.com
URL: https://vs.afuyer.com/mdsq.jpg

Domain: pic.picnewsss.com
URL: https://pic.picnewsss.com/tu-2022290039/120-120.gif

Domain: p3.toutiaoimg.com
URL: https://p3.toutiaoimg.com/origin/pgc-image/290299ed48d84c7b99d8fbd8a96a254c

Domain: ibb.co
URL: https://ibb.co/rfsFvLQ

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1414857116&si=41537b718b08fa02fbaf62417f6eff43&su=http%3A%2F%2Fbaleyu.com%2F&v=1.3.0&lv=1&sn=10851&r=0&ww=1600&u=https%3A%2F%2Fhjha2.com%3A8443%2F&tt=%E9%BB%84%E9%87%91%E6%B5%B7%E5%B2%B8

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-20 19:39:57	Name: HMACCOUNT_BFESS Value: CC89A937A5AB127A
.baleyu.com/	1970-01-20 18:49:33	Name: Hm_lvt_f1d4fa7fc77845e82d7014194503e307 Value: 1677837919
.baleyu.com/	1969-12-31 23:59:59	Name: Hm_lpvt_f1d4fa7fc77845e82d7014194503e307 Value: 1677837919
.baleyu.com/	1970-01-20 18:49:33	Name: Hm_lvt_0479a3a671cc30fd27d45970393ba3c8 Value: 1677837919
.baleyu.com/	1969-12-31 23:59:59	Name: Hm_lpvt_0479a3a671cc30fd27d45970393ba3c8 Value: 1677837919
.baleyu.com/	1970-01-20 18:49:33	Name: Hm_lvt_2c826b7af1bbdd4b55533c61259bdc81 Value: 1677837919
.baleyu.com/	1969-12-31 23:59:59	Name: Hm_lpvt_2c826b7af1bbdd4b55533c61259bdc81 Value: 1677837919

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://hjha2.com:8443/ Message: Mixed Content: The page at 'https://hjha2.com:8443/' was loaded over HTTPS, but requested an insecure element 'http://511500044.com/uploads/2023/01/100-100.gif?_t=1673959608'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://hjha2.com:8443/(Line 1324) Message: Mixed Content: The page at 'https://hjha2.com:8443/' was loaded over HTTPS, but requested an insecure element 'http://511500044.com/uploads/2023/01/100-100.gif?_t=1673959608'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://img1.imgtp.com/2023/01/25/b1e1hDcd.gif Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

199aaa.us
253669vqx.com
375772rug.com
3888537ccc.com
3p8801.co
511500044.com
5529ddd.com
573569djd.com
66663aaa.com
66668aaa.com
8499163.com
8499165.com
8818ddd.com
9366qq.com
99887aaa.com
99996aaa.com
baleyu.com
cdn.jsdelivr.net
hjha2.com
hm.baidu.com
i.ibb.co
ibb.co
image.uc.cn
img.1129555.com
img.1136999.com
img.1153555.com
img.2128a.com
img.2321a.com
img.8622a.com
img1.imgtp.com
kjimg10.360buyimg.com
kveii.com
kzeii.com
kzeqq.com
ldbbs.ldmnq.com
n5267.com
p3.douyinpic.com
p3.toutiaoimg.com
pic.picnewsss.com
qp.ezfxpuo.cn
tgqd.tsmgsoce.com
tu.jnctupian.com
tu.sljttpkj.net
u22088.com
vs.afuyer.com
yaoji666.oss-cn-hongkong.aliyuncs.com
253669vqx.com
511500044.com
8818ddd.com
9366qq.com
99887aaa.com
hm.baidu.com
i.ibb.co
ibb.co
img.2321a.com
kjimg10.360buyimg.com
kveii.com
ldbbs.ldmnq.com
n5267.com
p3.toutiaoimg.com
pic.picnewsss.com
qp.ezfxpuo.cn
tgqd.tsmgsoce.com
tu.sljttpkj.net
vs.afuyer.com
yaoji666.oss-cn-hongkong.aliyuncs.com
103.170.15.105
103.170.15.115
103.170.15.75
103.235.46.191
107.148.202.17
163.181.92.225
163.181.92.230
172.247.50.240
172.83.155.45
198.16.37.83
20.213.27.188
206.119.93.78
23.224.101.37
23.225.139.251
2600:9000:200a:7200:14:9a36:9680:93a1
2600:9000:200a:d600:10:6ea1:f8c0:93a1
2606:4700:3038::6815:e9be
2606:4700::6810:5614
38.54.37.233
45.61.212.130
45.61.212.230
0b374b57ebcf263193d88c13eddb10aecc4e3e9ce6b0bba17fc9cb0b053bf438
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
11b507546df8a41877897e0b2995c07b55c047ad56d50f154665d01242973871
1e3737ed1f849f7ff53fbfcf55521b77d8316652cd9591e72f3d22d26296a202
22a525fd9b99500b6824d69a8dbb6e44684f0846fe85291b3d99c08e7c1ea71f
277605d0c224bbca09f57860ddcd36d65ee706ffe21c88a68c873b4f7af0c023
2b114eb78e7c595475bc20bfc4cf5cd5f2ea92bc241714a487a96aa72cfe77d6
2e8a70478fccea91f2965cbb6d81c1d03f3152ba97d2d671ba04a1dbd74c3d69
321cb2617b9399c60d8f5fe163363faab0f872f5c88646ce900d17604817a1a0
388939644e37c8b5ec54fa6cb31cbdd3a02b1430a69c972e7b298c86a1b2dec0
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
4d9cdc5aabed45dcf2f79a2419794013cc0cb5af8a58e63731c5d311be796432
54d436cbf368311b0aa7bb497ac1b5a4330067953e11b4ad2da233e07e923d05
5623987f3399652066ac075bbf5ff8e116e13c846219fdafd4fb8d48e2b643ed
57cd9a9aef42e1f36ca0d9cf8c98f4200850f17d87468ee42b4edd62d33993b8
616e6655353bb59c837f4585d68651990832749bed42c094a3cb158c1db16d08
631edb4b272e74dbab37ed80c04c1605aec8cdef36ea477fd8734d3f70ea7ffe
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
710d132ebb59eb0b07a8117dcdcf7c4606064f7351113d4f4fef860ed551ba3f
75ba290f4a2dc25f7cad04db45ec4633f8cdbf33c36f1b0e49ccfae0ebe4547f
84524d095bafb3df71033f60605f1ab6f673ed0ff4b61dcc440239390f2a178b
869e12cacf70ec0ced9208a285ca779e2371a411df8e7b9d788da32344912e04
8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140
902213227a20ce8b7465de4a199192e6e050c1d1b971a6bf9960fea3de46c6cb
93f61a1a835dd1c3203ac05d024fc907d5bd541d3f458d014ced06fafce93e53
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a298680bd0a8897d02ad92bd0370aedbde69a6f6e52cb60feafde6e0a04bffea
ad58e28c6c8eee95306e8b797e3a90644f94378217bbb935ecc35d7e434be9bd
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
b15f6b63346bdc77fe89b9d5192428516d42f3c22b80ba44c12d509b971976ad
b373dcb0598f1ed8d191cc80eddadc6740f7acfdc9d6904df7eb3151920017c7
b7384ed8b6206194206f49e4746f131cd9fe540febd376624e7da404d3b11ce1
c677f7601d68004a5c0af802407899ba001333fd3c69e8993a8a757a8521b20d
caee5c83fc039dd72f1a1e00e295d143b73a79553b66a2ea62de7bc1201aa898
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d97ecf8f032827472d136c190f837c6fdc9bccdee52788dc6055bd7faf973030
dbcb332696caf3332f858f9d5920bde313fcfc25185717125019fa0236c77dc3
dd4702d3d0f5b3588110b1c8274704f013fa7a6fe6d2c0f2009f7887b3317123
e27ce8615a286f31afae3a6f5580deb2e30d2e9c0a4248a3b7e2d165a89f2cb5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed59427c64a4afd50b701a80dbfc0d8c5ed28d2502b9e883879c45549c0d26dd
f42a279f4552574aba15f36748a6bc636bc50e34db969a9b361f9f1ed455615e
fa529241dddbd17e0dd7b8ee301efa587826b81ed5b4b6223f1ee6e236e44442
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff

baleyu.com Open in urlscan Pro 206.119.93.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

67 Requests

54 %HTTPS

19 %IPv6

45 Domains

46 Subdomains

21 IPs

6 Countries

10548 kBTransfer

10850 kBSize

7 Cookies

0 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

baleyu.com Open in urlscan Pro
206.119.93.78 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

54 %
HTTPS

19 %
IPv6

45
Domains

46
Subdomains

21
IPs

6
Countries

10548 kB
Transfer

10850 kB
Size

7
Cookies

67 HTTP transactions
2 data transactions