www.xiaohaimai.com Open in urlscan Pro
156.235.148.205  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.xiaohaimai.com/	102 KB 13 KB	2842ms 451ms	Document text/html	156.235.148.205 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Full URL https://www.xiaohaimai.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 156.235.148.205 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash f347fc38a6aa4efb8b4bfc1f9bd2f5b4ec7c4115cb669a17c66fdd6a760b5cd2 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 27 Dec 2023 23:35:23 GMT server nginx strict-transport-security max-age=31536000 vary Accept-Encoding
GET H2	200	reset.css www.xiaohaimai.com/template/skin3/css/	1 KB 912 B	228ms 226ms	Stylesheet text/css	156.235.148.205 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Full URL https://www.xiaohaimai.com/template/skin3/css/reset.css Requested by Host: www.xiaohaimai.com URL: https://www.xiaohaimai.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 156.235.148.205 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash b6e5b55e772555e447c8f0ee7f4f3f893eea7fbeb380b47a037533398c148c04 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://www.xiaohaimai.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 23:35:24 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Sat, 21 Oct 2023 07:46:30 GMT server nginx etag W/"653381d6-557" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Thu, 28 Dec 2023 11:35:24 GMT
GET H2	200	style.css www.xiaohaimai.com/template/skin3/css/	67 KB 14 KB	229ms 228ms	Stylesheet text/css	156.235.148.205 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Full URL https://www.xiaohaimai.com/template/skin3/css/style.css Requested by Host: www.xiaohaimai.com URL: https://www.xiaohaimai.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 156.235.148.205 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash 6ad3e579036bdb1b261c236babe22f6f21e9df9bce88b89b68ae492c88f8db66 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://www.xiaohaimai.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 23:35:24 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Sat, 18 Nov 2023 17:00:29 GMT server nginx etag W/"6558edad-10a56" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Thu, 28 Dec 2023 11:35:24 GMT
GET H2	200	header.css www.xiaohaimai.com/template/skin3/css/	1 KB 759 B	230ms 229ms	Stylesheet text/css	156.235.148.205 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Full URL https://www.xiaohaimai.com/template/skin3/css/header.css Requested by Host: www.xiaohaimai.com URL: https://www.xiaohaimai.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 156.235.148.205 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash 6cce9846a8933b0a497b5cb5e1ba8f9bddf5751675505bad16d1fa15b45f0b5c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://www.xiaohaimai.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 23:35:24 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Sat, 21 Oct 2023 07:55:37 GMT server nginx etag W/"653383f9-5a1" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Thu, 28 Dec 2023 11:35:24 GMT
GET H2	200	logo.png www.xiaohaimai.com/template/skin3/images/	11 KB 11 KB	230ms 229ms	Image image/png	156.235.148.205 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Show image Full URL https://www.xiaohaimai.com/template/skin3/images/logo.png Requested by Host: www.xiaohaimai.com URL: https://www.xiaohaimai.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 156.235.148.205 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash 0c24f1638ba4588c7cfb5b1bea583645f0534317717e1c275ed99e802cc127b8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://www.xiaohaimai.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 23:35:24 GMT strict-transport-security max-age=31536000 last-modified Sat, 18 Nov 2023 15:02:28 GMT server nginx etag "6558d204-2cfb" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 11515 expires Fri, 26 Jan 2024 23:35:24 GMT
GET H2	200	A8.js Show response www.xiaohaimai.com/	178 B 391 B	231ms 230ms	Script application/javascript	156.235.148.205 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Full URL https://www.xiaohaimai.com/A8.js Requested by Host: www.xiaohaimai.com URL: https://www.xiaohaimai.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 156.235.148.205 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash a141f9346e3fdf3c3111c15c4a3c90d98bfa5679b469ed0c5f997f6078860387 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://www.xiaohaimai.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 23:35:24 GMT strict-transport-security max-age=31536000 last-modified Wed, 27 Dec 2023 02:27:06 GMT server nginx etag "658b8b7a-b2" content-type application/javascript cache-control max-age=43200 accept-ranges bytes content-length 178 expires Thu, 28 Dec 2023 11:35:24 GMT
GET H2	200	c Show response api.tongjiniao.com/	11 KB 4 KB	802ms 262ms	Script text/plain	43.248.117.186 CHINANET-JIANGSU-...
General Check archive.org Show headers Download Go to Full URL https://api.tongjiniao.com/c?_=593467334834143232 Requested by Host: www.xiaohaimai.com URL: https://www.xiaohaimai.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.248.117.186 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN), Reverse DNS Software nginx / Resource Hash 752a6d9dadc1c20d8d01021dff8319a6186253afc33d286a860b9816fc4966a5 Request headers accept-language en-US,en;q=0.9 Referer https://www.xiaohaimai.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 23:35:24 GMT content-encoding br server nginx content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control no-cache,no-store, no-cache access-control-allow-credentials true access-control-allow-headers DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization content-length 4001
GET H2	200	footerbg.png www.xiaohaimai.com/template/skin3/images/	26 KB 26 KB	228ms 228ms	Image image/png	156.235.148.205 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Show image Full URL https://www.xiaohaimai.com/template/skin3/images/footerbg.png Requested by Host: www.xiaohaimai.com URL: https://www.xiaohaimai.com/template/skin3/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 156.235.148.205 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash 2b858c01faa5cacfefd349e40518baadd47fd67502d32eddd616c3b5823ff745 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://www.xiaohaimai.com/template/skin3/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 23:35:24 GMT strict-transport-security max-age=31536000 last-modified Sat, 21 Oct 2023 07:46:32 GMT server nginx etag "653381d8-673e" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 26430 expires Fri, 26 Jan 2024 23:35:24 GMT
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	29 KB 12 KB	830ms 351ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?e0a94351480ac55d2c79e73c9af89052 Requested by Host: www.xiaohaimai.com URL: https://www.xiaohaimai.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash 6825b727683071c0cd2f29e00f94288ebeb869709f46bf887126c25e8f1b1ed3 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers accept-language en-US,en;q=0.9 Referer https://www.xiaohaimai.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 27 Dec 2023 23:35:25 GMT Content-Encoding gzip Strict-Transport-Security max-age=172800 Server apache Etag 569046252100012a76dd6135f0746119 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Content-Type application/javascript Cache-Control max-age=0, must-revalidate Content-Length 11257
POST H2	200	r Show response api.tongjiniao.com/	42 B 305 B	1761ms 1258ms	XHR application/json	43.248.117.186 CHINANET-JIANGSU-...
General Check archive.org Show headers Download Go to Full URL https://api.tongjiniao.com/r?t=1703720129&p=202301297435469660 Requested by Host: api.tongjiniao.com URL: https://api.tongjiniao.com/c?_=593467334834143232 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.248.117.186 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN), Reverse DNS Software nginx / Resource Hash 7ee2a3a5e4b1e50bb31b22d8399f9917073e0421d56c5da3699371ec79af2082 Request headers Referer https://www.xiaohaimai.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Wed, 27 Dec 2023 23:35:26 GMT content-encoding br server nginx content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-cache,no-store, no-cache access-control-allow-credentials true access-control-allow-headers DNT,Keep-Alive,User-Agent,Cache-Control,Content-Type,Authorization content-length 46
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	317ms 317ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=821216627&si=e0a94351480ac55d2c79e73c9af89052&v=1.3.0&lv=1&sn=6731&r=0&ww=1600&u=https%3A%2F%2Fwww.xiaohaimai.com%2F&tt=%E9%BB%91%E7%99%BD%E7%9B%B4%E6%92%AD%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%7C%E9%BB%91%E7%99%BD%E7%9B%B4%E6%92%AD%E5%85%8D%E8%B4%B9%E4%BD%93%E8%82%B2%E7%9B%B4%E6%92%AD%E9%AB%98%E6%B8%85%7C%E9%BB%91%E7%99%BD%E7%9B%B4%E6%92%ADnba%E5%85%8D%E8%B4%B9%E8%A7%82%E7%9C%8B%E7%AF%AE%E7%90%83 Requested by Host: www.xiaohaimai.com URL: https://www.xiaohaimai.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.xiaohaimai.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Pragma no-cache Date Wed, 27 Dec 2023 23:35:26 GMT Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Server apache Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43
GET H2	200	tj_min.js Show response www.xiaohaimai.com/	43 KB 15 KB	453ms 452ms	Script application/javascript	156.235.148.205 DXTL-HK DXTL Tseu...
General Check archive.org Show headers Download Go to Full URL https://www.xiaohaimai.com/tj_min.js Requested by Host: www.xiaohaimai.com URL: https://www.xiaohaimai.com/A8.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 156.235.148.205 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK), Reverse DNS Software nginx / Resource Hash 44733ffebffc0dc8d0031e281b05c6bfdd4b16d50dff71292e88bcbf6b393b01 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://www.xiaohaimai.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 23:35:26 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Wed, 27 Dec 2023 02:27:06 GMT server nginx etag W/"658b8b7a-aa31" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Thu, 28 Dec 2023 11:35:26 GMT
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	324ms 324ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1488078316&si=ee0687be6aaee7ccff99e9d5721b7aeb&v=1.3.0&lv=1&sn=6732&r=0&ww=1600&u=www.xiaohaimai.com.51.la%2F&tt=%E9%BB%91%E7%99%BD%E7%9B%B4%E6%92%AD%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%7C%E9%BB%91%E7%99%BD%E7%9B%B4%E6%92%AD%E5%85%8D%E8%B4%B9%E4%BD%93%E8%82%B2%E7%9B%B4%E6%92%AD%E9%AB%98%E6%B8%85%7C%E9%BB%91%E7%99%BD%E7%9B%B4%E6%92%ADnba%E5%85%8D%E8%B4%B9%E8%A7%82%E7%9C%8B%E7%AF%AE%E7%90%83 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.xiaohaimai.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Pragma no-cache Date Wed, 27 Dec 2023 23:35:27 GMT Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Server apache Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| _hmt boolean| _bdhm_loaded_e0a94351480ac55d2c79e73c9af89052 object| mini_tangram_log_8dbsdp string| site_hostname string| site_href string| site_hash object| root_spilt string| suffix function| tongji string| ok_site_hostname string| ok_site_href string| ok_site_hash boolean| _bdhm_loaded_ee0687be6aaee7ccff99e9d5721b7aeb object| mini_tangram_log_u0l5cl

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hm.baidu.com/	1970-01-21 02:51:20	Name: HMACCOUNT_BFESS Value: C5F9D6A1DA583169
			.www.xiaohaimai.com/	1970-01-21 02:00:56	Name: Hm_lvt_e0a94351480ac55d2c79e73c9af89052 Value: 1703720126
			.www.xiaohaimai.com/	1969-12-31 23:59:59	Name: Hm_lpvt_e0a94351480ac55d2c79e73c9af89052 Value: 1703720126
			.www.xiaohaimai.com/	1970-01-21 02:00:56	Name: Hm_lvt_ee0687be6aaee7ccff99e9d5721b7aeb Value: 1703720127
			.www.xiaohaimai.com/	1969-12-31 23:59:59	Name: Hm_lpvt_ee0687be6aaee7ccff99e9d5721b7aeb Value: 1703720127

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.tongjiniao.com
hm.baidu.com
www.xiaohaimai.com
103.235.46.191
156.235.148.205
43.248.117.186
0c24f1638ba4588c7cfb5b1bea583645f0534317717e1c275ed99e802cc127b8
2b858c01faa5cacfefd349e40518baadd47fd67502d32eddd616c3b5823ff745
44733ffebffc0dc8d0031e281b05c6bfdd4b16d50dff71292e88bcbf6b393b01
6825b727683071c0cd2f29e00f94288ebeb869709f46bf887126c25e8f1b1ed3
6ad3e579036bdb1b261c236babe22f6f21e9df9bce88b89b68ae492c88f8db66
6cce9846a8933b0a497b5cb5e1ba8f9bddf5751675505bad16d1fa15b45f0b5c
752a6d9dadc1c20d8d01021dff8319a6186253afc33d286a860b9816fc4966a5
7ee2a3a5e4b1e50bb31b22d8399f9917073e0421d56c5da3699371ec79af2082
a141f9346e3fdf3c3111c15c4a3c90d98bfa5679b469ed0c5f997f6078860387
b6e5b55e772555e447c8f0ee7f4f3f893eea7fbeb380b47a037533398c148c04
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
f347fc38a6aa4efb8b4bfc1f9bd2f5b4ec7c4115cb669a17c66fdd6a760b5cd2