urlscan.io logo urlscan.io
SecurityTrails logo

www.theartofselfalignment.com Open in urlscan Pro
45.59.113.184  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://theartofselfalignment.com/
Effective URL: http://www.theartofselfalignment.com/index.php
Submission: On October 03 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 12 domains to perform 45 HTTP transactions. The main IP is 45.59.113.184, located in Los Angeles, United States and belongs to QUICKPACKET, US. The main domain is www.theartofselfalignment.com.
This is the only time www.theartofselfalignment.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 45.59.113.184 46261 (QUICKPACKET)
1 182.61.201.93 38365 (BAIDU Bei...)
3 104.247.198.186 46261 (QUICKPACKET)
2 39.156.68.163 9808 (CHINAMOBI...)
6 103.235.46.191 55967 (BAIDU Bei...)
13 104.247.198.190 46261 (QUICKPACKET)
3 104.103.100.203 16625 (AKAMAI-AS)
1 1 45.154.215.92 ()
1 2a06:98c1:312... ()
1 4.34.42.101 ()
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 45.89.208.114 40065 (CNSERVERS)
1 240e:97c:2f:5... ()
7 2606:4700:e2:... 13335 (CLOUDFLAR...)
45 14
4    45.59.113.184 (Los Angeles, United States)

ASN46261 (QUICKPACKET, US)
PTR: 45.59.113.184.static.quadranet.com
theartofselfalignment.com
www.theartofselfalignment.com
1    182.61.201.93 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
push.zhanzhang.baidu.com
3    104.247.198.186 (Los Angeles, United States)

ASN46261 (QUICKPACKET, US)
001.heiniu102.com
2    39.156.68.163 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)
api.share.baidu.com
6    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
13    104.247.198.190 (Los Angeles, United States)

ASN46261 (QUICKPACKET, US)
www.heiniu105.site
3    104.103.100.203 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-100-203.deploy.static.akamaitechnologies.com
dimg04.c-ctrip.com
1    45.154.215.92 (None, )

ASN- ()
kveii.com
1    2a06:98c1:3121::c (None, )

ASN- ()
acoozza.top
1    4.34.42.101 (None, )

ASN- ()
p9.toutiaoimg.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.tupku.top
1    45.89.208.114 (Germany)

ASN40065 (CNSERVERS, US)
ddcdn.comtucdncom.com
1    240e:97c:2f:5::3c (None, )

ASN- ()
p.qlogo.cn
7    2606:4700:e2::ac40:8d1d (United States)

ASN13335 (CLOUDFLARENET, US)
fmlb.netlbtu.com
Apex Domain
Subdomains		 Transfer
13 heiniu105.site
www.heiniu105.site
454 KB
9 baidu.com
push.zhanzhang.baidu.com — Cisco Umbrella Rank: 78853
api.share.baidu.com — Cisco Umbrella Rank: 62825
hm.baidu.com — Cisco Umbrella Rank: 7858
37 KB
7 netlbtu.com
fmlb.netlbtu.com — Cisco Umbrella Rank: 128257
63 KB
4 theartofselfalignment.com
theartofselfalignment.com
www.theartofselfalignment.com
4 KB
3 c-ctrip.com
dimg04.c-ctrip.com — Cisco Umbrella Rank: 60313
2 MB
3 heiniu102.com
001.heiniu102.com
1 KB
1 qlogo.cn
p.qlogo.cn Failed
1 comtucdncom.com
ddcdn.comtucdncom.com — Cisco Umbrella Rank: 183012
454 KB
1 tupku.top
www.tupku.top — Cisco Umbrella Rank: 706511
2 MB
1 toutiaoimg.com
p9.toutiaoimg.com
1 acoozza.top
acoozza.top
779 KB
1 kveii.com
kveii.com
133 B
45 12
Domain Requested by
13 www.heiniu105.site 001.heiniu102.com
www.heiniu105.site
7 fmlb.netlbtu.com www.heiniu105.site
6 hm.baidu.com www.theartofselfalignment.com
www.heiniu105.site
3 dimg04.c-ctrip.com www.heiniu105.site
3 001.heiniu102.com www.theartofselfalignment.com
001.heiniu102.com
3 www.theartofselfalignment.com www.theartofselfalignment.com
2 api.share.baidu.com www.theartofselfalignment.com
1 p.qlogo.cn www.heiniu105.site
1 ddcdn.comtucdncom.com www.heiniu105.site
1 www.tupku.top www.heiniu105.site
1 p9.toutiaoimg.com www.heiniu105.site
1 acoozza.top www.heiniu105.site
1 kveii.com 1 redirects
1 push.zhanzhang.baidu.com www.theartofselfalignment.com
1 theartofselfalignment.com 1 redirects
45 15

This site contains no links.

Subject Issuer Validity Valid
001.heiniu102.com
R3		 2022-09-01 -
2022-11-30		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2022-07-05 -
2023-08-06		 a year crt.sh
heiniu102.site
R3		 2022-09-25 -
2022-12-24		 3 months crt.sh
trip.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-09 -
2023-09-13		 a year crt.sh
*.toutiaoimg.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-07-29 -
2023-07-28		 a year crt.sh
*.tupku.top
GTS CA 1P5		 2022-08-23 -
2022-11-21		 3 months crt.sh
*.comtucdncom.com
Certum Domain Validation CA SHA2		 2022-08-07 -
2023-09-05		 a year crt.sh
*.qpic.cn
GlobalSign Organization Validation CA - SHA256 - G2		 2022-04-06 -
2023-05-08		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-09 -
2023-04-09		 a year crt.sh

This page contains 3 frames:

Primary Page: http://www.theartofselfalignment.com/index.php
Frame ID: 279484ABBE697CFBFAE9AF96DA3771B3
Requests: 10 HTTP requests in this frame

Frame: https://www.heiniu105.site/
Frame ID: A3E309850DF92078A41118F2E7A82374
Requests: 33 HTTP requests in this frame

Frame: https://www.heiniu105.site/logo.html
Frame ID: F4D0C9C6280CA5055BE4E9EDAD799B48
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

吴忠灸颗商贸有限公司

Page URL History Show full URLs

  1. http://theartofselfalignment.com/ HTTP 301
    http://www.theartofselfalignment.com/index.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

80 %
HTTPS

29 %
IPv6

12
Domains

15
Subdomains

14
IPs

5
Countries

5494 kB
Transfer

5844 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://theartofselfalignment.com/ HTTP 301
    http://www.theartofselfalignment.com/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://kveii.com/dc0247b33019ed0ca09c321bb6fb4656.gif HTTP 301
  • https://acoozza.top/dc0247b33019ed0ca09c321bb6fb4656.gif

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
www.theartofselfalignment.com/
Redirect Chain
  • http://theartofselfalignment.com/
  • http://www.theartofselfalignment.com/index.php
801 B
942 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.theartofselfalignment.com/index.php
Protocol
HTTP/1.1
Server
45.59.113.184 Los Angeles, United States, ASN46261 (QUICKPACKET, US),
Reverse DNS
45.59.113.184.static.quadranet.com
Software
nginx /
Resource Hash
6a980845cc2700e75a8517f858f8d27ec9200893aca0710f65af76a523791cb5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
801
Content-Type
text/html
Date
Mon, 03 Oct 2022 15:46:09 GMT
Server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html
Date
Mon, 03 Oct 2022 15:46:08 GMT
Location
http://www.theartofselfalignment.com/index.php
Server
nginx
common.js
www.theartofselfalignment.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.theartofselfalignment.com/common.js
Requested by
Host: www.theartofselfalignment.com
URL: http://www.theartofselfalignment.com/index.php
Protocol
HTTP/1.1
Server
45.59.113.184 Los Angeles, United States, ASN46261 (QUICKPACKET, US),
Reverse DNS
45.59.113.184.static.quadranet.com
Software
nginx /
Resource Hash
3a7bfc39189a2cf6742d0029e566d7f2ee95de1e3bee0929f203cd40002f464a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.theartofselfalignment.com/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 15:46:09 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
tj.js
www.theartofselfalignment.com/ 		998 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.theartofselfalignment.com/tj.js
Requested by
Host: www.theartofselfalignment.com
URL: http://www.theartofselfalignment.com/index.php
Protocol
HTTP/1.1
Server
45.59.113.184 Los Angeles, United States, ASN46261 (QUICKPACKET, US),
Reverse DNS
45.59.113.184.static.quadranet.com
Software
nginx /
Resource Hash
6bfe0b2aa694c65286920da6bc6fd0c45ff9c546f61a726fb355d7d3f9fa5c57

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.theartofselfalignment.com/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 15:46:09 GMT
Server
nginx
Connection
keep-alive
Content-Length
998
Content-Type
application/x-javascript
push.js
push.zhanzhang.baidu.com/ 		281 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
http://push.zhanzhang.baidu.com/push.js
Requested by
Host: www.theartofselfalignment.com
URL: http://www.theartofselfalignment.com/index.php
Protocol
HTTP/1.1
Server
182.61.201.93 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.theartofselfalignment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 15:46:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Nov 2015 07:47:55 GMT
Server
apache
Etag
"4078521116"
Vary
Accept-Encoding
Content-Type
text/javascript
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
227
Expires
Tue, 03 Oct 2023 15:46:11 GMT
index.php
001.heiniu102.com/news/ Frame A3E3 		836 B
732 B 		Document
General
Check archive.org
Download Go to
Full URL
https://001.heiniu102.com/news/index.php
Requested by
Host: www.theartofselfalignment.com
URL: http://www.theartofselfalignment.com/common.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.247.198.186 Los Angeles, United States, ASN46261 (QUICKPACKET, US),
Reverse DNS
Software
nginx /
Resource Hash
fe2a3a6eec16ef268c15678e1c263607d84869459590a58718338e2715f9ad24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.theartofselfalignment.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 03 Oct 2022 15:46:10 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
s.gif
api.share.baidu.com/ 		0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://api.share.baidu.com/s.gif?l=http://www.theartofselfalignment.com/index.php
Requested by
Host: www.theartofselfalignment.com
URL: http://www.theartofselfalignment.com/index.php
Protocol
HTTP/1.1
Server
39.156.68.163 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.theartofselfalignment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 15:46:11 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8
hm.js
hm.baidu.com/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?f5a5c5c92b8ba0ce4c14073f16113b3c
Requested by
Host: www.theartofselfalignment.com
URL: http://www.theartofselfalignment.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
ea91cff4edce86babb62e0234189805d6aac8622946268bbddb6817e1681f399
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.theartofselfalignment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 15:46:10 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
2542c630c120114e0e1f68ae9c3206b6
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11342
hm.js
hm.baidu.com/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?9e56529d77aefedc801126c7e456e410
Requested by
Host: www.theartofselfalignment.com
URL: http://www.theartofselfalignment.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
b5adfe6a4b42235421761853f4512d44aa336cfdc7abe3abcb55c3fcccc14a7f
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.theartofselfalignment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 15:46:10 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
e7accf0be83d7923e526e62bcfe2f9a0
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11343
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1172878451&si=9e56529d77aefedc801126c7e456e410&v=1.2.97&lv=1&sn=26366&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.theartofselfalignment.com%2Findex.php&tt=%E5%90%B4%E5%BF%A0%E7%81%B8%E9%A2%97%E5%95%86%E8%B4%B8%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
Requested by
Host: www.theartofselfalignment.com
URL: http://www.theartofselfalignment.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.theartofselfalignment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Oct 2022 15:46:11 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1407075982&si=f5a5c5c92b8ba0ce4c14073f16113b3c&v=1.2.97&lv=1&sn=26366&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.theartofselfalignment.com%2Findex.php&tt=%E5%90%B4%E5%BF%A0%E7%81%B8%E9%A2%97%E5%95%86%E8%B4%B8%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
Requested by
Host: www.theartofselfalignment.com
URL: http://www.theartofselfalignment.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.theartofselfalignment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Oct 2022 15:46:11 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
api.php
001.heiniu102.com/news/ Frame A3E3 		33 B
180 B 		Document
General
Check archive.org
Download Go to
Full URL
https://001.heiniu102.com/news/api.php
Requested by
Host: 001.heiniu102.com
URL: https://001.heiniu102.com/news/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.247.198.186 Los Angeles, United States, ASN46261 (QUICKPACKET, US),
Reverse DNS
Software
nginx /
Resource Hash
5a319cbe9dafe108b31f94d2b9ff0360108236393f7252057bcbaf6ebcc3d048
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://001.heiniu102.com/news/index.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 03 Oct 2022 15:46:11 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
data.php
001.heiniu102.com/news/ Frame A3E3 		325 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://001.heiniu102.com/news/data.php
Requested by
Host: 001.heiniu102.com
URL: https://001.heiniu102.com/news/api.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.247.198.186 Los Angeles, United States, ASN46261 (QUICKPACKET, US),
Reverse DNS
Software
nginx /
Resource Hash
9e0d0ebc4900039e39d74f2687002dd12048e8b07b513e116b14513779526037
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://001.heiniu102.com/news/api.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:11 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
s.gif
api.share.baidu.com/ 		0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://api.share.baidu.com/s.gif?l=http://www.theartofselfalignment.com/index.php
Requested by
Host: www.theartofselfalignment.com
URL: http://www.theartofselfalignment.com/index.php
Protocol
HTTP/1.1
Server
39.156.68.163 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.theartofselfalignment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 15:46:11 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8
/
www.heiniu105.site/ Frame A3E3 		41 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heiniu105.site/
Requested by
Host: 001.heiniu102.com
URL: https://001.heiniu102.com/news/data.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.247.198.190 Los Angeles, United States, ASN46261 (QUICKPACKET, US),
Reverse DNS
Software
nginx /
Resource Hash
9192a5860db22afa06d3ccfa11af7d7179230f874e40be1142236c9eb9ffad41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://001.heiniu102.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 03 Oct 2022 15:46:13 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
ate.css
www.heiniu105.site/template/heiniu/css/ Frame A3E3 		74 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heiniu105.site/template/heiniu/css/ate.css
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.247.198.190 Los Angeles, United States, ASN46261 (QUICKPACKET, US),
Reverse DNS
Software
nginx /
Resource Hash
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:13 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 04 Jan 2022 15:13:24 GMT
server
nginx
etag
W/"61d46414-126e4"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Tue, 04 Oct 2022 03:46:13 GMT
zui.css
www.heiniu105.site/template/heiniu/css/ Frame A3E3 		89 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.heiniu105.site/template/heiniu/css/zui.css
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.247.198.190 Los Angeles, United States, ASN46261 (QUICKPACKET, US),
Reverse DNS
Software
nginx /
Resource Hash
03f908452d864ad8f9160352ab681729274c0abb1ea3e5398244290d4dac06b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:13 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 19 May 2022 10:41:58 GMT
server
nginx
etag
W/"62861ef6-164b3"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Tue, 04 Oct 2022 03:46:13 GMT
jquery.min.js
www.heiniu105.site/template/heiniu/static/js/ Frame A3E3 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heiniu105.site/template/heiniu/static/js/jquery.min.js
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.247.198.190 Los Angeles, United States, ASN46261 (QUICKPACKET, US),
Reverse DNS
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:13 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 08 Jan 2022 14:07:32 GMT
server
nginx
etag
W/"61d99aa4-17b8b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Tue, 04 Oct 2022 03:46:13 GMT
jquery.lazyload.min.js
www.heiniu105.site/template/heiniu/static/js/ Frame A3E3 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heiniu105.site/template/heiniu/static/js/jquery.lazyload.min.js
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.247.198.190 Los Angeles, United States, ASN46261 (QUICKPACKET, US),
Reverse DNS
Software
nginx /
Resource Hash
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:13 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 08 Jan 2022 14:08:22 GMT
server
nginx
etag
W/"61d99ad6-d35"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Tue, 04 Oct 2022 03:46:13 GMT
0395s120009rrkqgpCDF2.gif
dimg04.c-ctrip.com/images/ Frame A3E3 		798 KB
800 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dimg04.c-ctrip.com/images/0395s120009rrkqgpCDF2.gif
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.103.100.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-100-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
049fdd340bc76119a804f270a8c261c4fe2e0d7a8f93797ee50476191bdf80f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:14 GMT
last-modified
Tue, 12 May 2015 01:00:00 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=10694833
timing-allow-origin
*
content-length
817338
expires
Sat, 04 Feb 2023 10:33:27 GMT
dc0247b33019ed0ca09c321bb6fb4656.gif
acoozza.top/ Frame A3E3
Redirect Chain
  • https://kveii.com/dc0247b33019ed0ca09c321bb6fb4656.gif
  • https://acoozza.top/dc0247b33019ed0ca09c321bb6fb4656.gif
777 KB
779 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acoozza.top/dc0247b33019ed0ca09c321bb6fb4656.gif
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Server
2a06:98c1:3121::c -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba4e934ee23a0c156e0b14b61757398bfff3e6c41b4b1ab72d803e39169b469

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84119
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
795791
last-modified
Wed, 23 Mar 2022 06:52:01 GMT
server
cloudflare
etag
"623ac391-c248f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYcHe1qH3a1D8SzrfgjeZuG%2FjHe%2BLV9aeLunVCiCYIMDczk%2BWFxNJHDZfghzOfoi%2FFxvb1lK5AgHGTaJ8HG6wl%2FhLuTgwiU8qWSyLG%2BesSOyP7NU2azQhJRDfny9d%2B0cY4YmNifDDcgeuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7546cf3f4fd89b83-FRA
expires
Tue, 01 Nov 2022 16:24:16 GMT

Redirect headers

location
https://acoozza.top/dc0247b33019ed0ca09c321bb6fb4656.gif
date
Mon, 03 Oct 2022 15:46:14 GMT
strict-transport-security
max-age=31536000
server
nginx
content-length
162
content-type
text/html
03950120009rs7dn26B5E.gif
dimg04.c-ctrip.com/images/ Frame A3E3 		873 KB
875 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dimg04.c-ctrip.com/images/03950120009rs7dn26B5E.gif
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.103.100.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-100-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b63a862a0f65ff9f685e9b67fd171a6df96878469b0a85d1da2f644399c0409f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:14 GMT
last-modified
Tue, 12 May 2015 01:00:00 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=10508053
timing-allow-origin
*
content-length
893726
expires
Thu, 02 Feb 2023 06:40:27 GMT
03964120009z0w8i44344.gif
dimg04.c-ctrip.com/images/ Frame A3E3 		435 KB
437 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dimg04.c-ctrip.com/images/03964120009z0w8i44344.gif
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.103.100.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-100-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aeefa12a7a2daa7ef3c04e1545d05163f8f6d95e1b8651fe7ea2893115bb6315

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:14 GMT
last-modified
Tue, 12 May 2015 01:00:00 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=14303412
timing-allow-origin
*
content-length
445879
expires
Sat, 18 Mar 2023 04:56:26 GMT
11.jpg
www.heiniu105.site/static/images/ Frame A3E3 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heiniu105.site/static/images/11.jpg
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.247.198.190 Los Angeles, United States, ASN46261 (QUICKPACKET, US),
Reverse DNS
Software
nginx /
Resource Hash
0a92137ad0c4e87ec493f14e257f26f58ea0a4ddca21cc6ef66a82dd1a0166ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:14 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 02 Sep 2022 11:00:52 GMT
server
nginx
etag
"6311e264-4326"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
17190
expires
Wed, 02 Nov 2022 15:46:14 GMT
1.gif
www.heiniu105.site/static/images/ Frame A3E3 		254 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heiniu105.site/static/images/1.gif
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.247.198.190 Los Angeles, United States, ASN46261 (QUICKPACKET, US),
Reverse DNS
Software
nginx /
Resource Hash
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:14 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 30 Aug 2022 15:22:21 GMT
server
nginx
etag
"630e2b2d-fe"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
254
expires
Wed, 02 Nov 2022 15:46:14 GMT
dl.js
www.heiniu105.site/template/heiniu/html9/ads/ Frame A3E3 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.heiniu105.site/template/heiniu/html9/ads/dl.js
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.247.198.190 Los Angeles, United States, ASN46261 (QUICKPACKET, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:14 GMT
server
nginx
etag
"630de475-8a"
content-length
138
content-type
text/html
440e4613c87e49aaa978851137a2e2cb
p9.toutiaoimg.com/origin/pgc-image/ Frame A3E3 		47 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p9.toutiaoimg.com/origin/pgc-image/440e4613c87e49aaa978851137a2e2cb
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
4.34.42.101 -, , ASN (),
Reverse DNS
Software
nginx / ImageX
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:15 GMT
x-response-lb
image
x-tt-trace-tag
id=09;cdn-cache=hit;type=static
nw-session-id
202110011459210101940982193F1AF1C7sjvgq03tt
x-powered-by
ImageX
x-cache
HIT from BC103_US-Colorado-Denver-1-cache-1(baishan)
x-bdcdn-cache-status
TCP_MISS
server-timing
cdn-cache;desc=HIT,edge;dur=2
x-length
86697
content-length
86697
last-modified
Fri, 01 Oct 2021 06:59:21 GMT
server
nginx
x-tt-logid
202110011459210101940982193F1AF1C7
x-response-date
Fri, 01 Oct 2021 14:59:21 GMT
content-type
image/gif
access-control-allow-origin
*
nw-session-trace
2021-10-01T14:59:21.256856375+08:00 43
cache-control
max-age=31536000
x-response-cinfo
80.255.10.197
imagex-fmt
gif2gif
x-response-cache
edge_hit
timing-allow-origin
*
x-ser
BC199_dx-lt-yd-jiangsu-huaian-8-cache-10, BC199_dx-lt-yd-jiangsu-huaian-8-cache-10, BC108_US-Colorado-Denver-1-cache-2, BC108_US-Colorado-Denver-1-cache-2, BC103_US-Colorado-Denver-1-cache-1, BC103_US-Colorado-Denver-1-cache-1
031815-80.gif
www.tupku.top/lm/ Frame A3E3 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tupku.top/lm/031815-80.gif
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aed8c090aa7bff3de4c028efced6a87dd7645bc15d265cdddf106f3f5dd9435

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1201091
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1626999
last-modified
Thu, 07 Jul 2022 15:13:11 GMT
server
cloudflare
etag
"62c6f807-18d377"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29D0VExiE0cNvVnUKOEGO0Ku6KSPA9bjnreuUbe156XBFDT5w3gyJcPtXUIV1IdtWEohG8%2F0RU5VTW5DgNzKJ0PMTICeVjp28DSVGpb3p83hJg9KcYLbs0%2F2tZmF9IMhtc6TPCRfRt03ujWE"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7546cf37cbddbbe6-FRA
expires
Wed, 19 Oct 2022 06:57:23 GMT
loading.svg
www.heiniu105.site/template/heiniu/images/ Frame A3E3 		506 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heiniu105.site/template/heiniu/images/loading.svg
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.247.198.190 Los Angeles, United States, ASN46261 (QUICKPACKET, US),
Reverse DNS
Software
nginx /
Resource Hash
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:14 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 09 Jan 2022 08:39:24 GMT
server
nginx
etag
"61da9f3c-1fa"
content-type
image/svg+xml
accept-ranges
bytes
content-length
506
3dbaac8a18dffbb986cb8ada5afe756f.jpg
ddcdn.comtucdncom.com/upload/vod/20211208-1/ Frame A3E3 		454 KB
454 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddcdn.comtucdncom.com/upload/vod/20211208-1/3dbaac8a18dffbb986cb8ada5afe756f.jpg
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.89.208.114 , Germany, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Tengine /
Resource Hash
07de171b4735f70b00021bf230231faf69573e9e90e60b3974aeae196375a27d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 15:46:14 GMT
Last-Modified
Thu, 11 Aug 2022 04:51:48 GMT
Server
Tengine
ETag
"62f48ae4-7171e"
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Cache
hit
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
464670
0
p.qlogo.cn/qqmail_head/exDQ4ofPz1kmmHxzRWkqxuiaS1ef2WDKV9IlGqQ01KRp1TcLC88449sRZyibbnmqia1/ Frame A3E3 		0
0
0
p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/ Frame A3E3 		0
0
0
p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZTee7pdNQtTmNRpGbcuGVd3R5dJqQ2WeTg/ Frame A3E3 		32 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZTee7pdNQtTmNRpGbcuGVd3R5dJqQ2WeTg/0
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:97c:2f:5::3c -, , ASN (),
Reverse DNS
Software
NWSs /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-DataSrc
2
Date
Mon, 03 Oct 2022 15:46:15 GMT
Size
1607696
Connection
keep-alive
Content-Length
1607696
X-Info
real data
X-ReqGue
0
User-ReturnCode
0
fid
0
Last-Modified
Sat, 10 Jul 2021 16:21:45 GMT
Server
NWSs
X-Cpt
filename=0
Vary
Accept,Origin
Content-Type
image/gif
X-Delay
84428 us
chid
0
Cache-Control
max-age=2592000
X-BCheck
0_1
X-NWS-LOG-UUID
2640fb31-e5a7-4141-b451-800cd1a8eecf
logo.html
www.heiniu105.site/ Frame F4D0 		904 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heiniu105.site/logo.html
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.247.198.190 Los Angeles, United States, ASN46261 (QUICKPACKET, US),
Reverse DNS
Software
nginx /
Resource Hash
ed839998dcaea302be5bbe68a966aad7658f8e9bfff1ac213487ea0c58396c73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.heiniu105.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
904
content-type
text/html
date
Mon, 03 Oct 2022 15:46:14 GMT
etag
"6310baad-388"
last-modified
Thu, 01 Sep 2022 13:59:09 GMT
server
nginx
strict-transport-security
max-age=31536000
hm.js
hm.baidu.com/ Frame A3E3 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?d4e0c5a80073dc4a06760f766d6bd014
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
2ba3db66001173b7649203bd687c1b99b9db936822b17ebdb2bcb09c2f5ffb89
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Mon, 03 Oct 2022 15:46:14 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
76fef5a83369cf2c432794f0b8c5c913
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11341
video-mask.png
www.heiniu105.site/template/heiniu/images/ Frame A3E3 		107 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heiniu105.site/template/heiniu/images/video-mask.png
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/template/heiniu/css/zui.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.247.198.190 Los Angeles, United States, ASN46261 (QUICKPACKET, US),
Reverse DNS
Software
nginx /
Resource Hash
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/template/heiniu/css/zui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:14 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 04 Jan 2022 15:14:22 GMT
server
nginx
etag
"61d4644e-6b"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
107
expires
Wed, 02 Nov 2022 15:46:14 GMT
video-play.png
www.heiniu105.site/template/heiniu/images/ Frame A3E3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heiniu105.site/template/heiniu/images/video-play.png
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/template/heiniu/css/zui.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.247.198.190 Los Angeles, United States, ASN46261 (QUICKPACKET, US),
Reverse DNS
Software
nginx /
Resource Hash
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/template/heiniu/css/zui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:14 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 04 Jan 2022 15:14:20 GMT
server
nginx
etag
"61d4644c-61f"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1567
expires
Wed, 02 Nov 2022 15:46:14 GMT
tyogovkoiiv1305tyogovkoiiv013611.jpg
fmlb.netlbtu.com/upload/vod/2022/10-02/13/ Frame A3E3 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/10-02/13/tyogovkoiiv1305tyogovkoiiv013611.jpg
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8d1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd3a2cec018c7fed7cb2a37a879f5958faa6844bea732103113c9e874bbb031

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3299
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9429
cf-bgj
h2pri
last-modified
Sun, 02 Oct 2022 05:05:01 GMT
server
cloudflare
etag
"4a5e4861cd6d81:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOaQEyiTzXOIuvwZpYqFKUl9gCr55OUp6aW1Pxq960IKlRvsr4tEH1xnwzwBCIlbnZ2ZuMznm1FsFUfzymatU2bueUjDi6A2PvjiqmNaFY8zAvfgsGM9yI2DolxTn%2Bbf5dlD3X88DZz9TPU%2Fk5pa"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7546cf37dbd18fe9-FRA
cp2tejnt1tx1305cp2tejnt1tx023613.jpg
fmlb.netlbtu.com/upload/vod/2022/10-02/13/ Frame A3E3 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/10-02/13/cp2tejnt1tx1305cp2tejnt1tx023613.jpg
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8d1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5730352e43eab3a407c0d020ba1b9c7c29881e7e356c6dada7e601df52738796

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3301
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8850
cf-bgj
h2pri
last-modified
Sun, 02 Oct 2022 05:05:02 GMT
server
cloudflare
etag
"693773871cd6d81:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uzjf23z4e8De5QFWvd%2BY5vo2AQ7ZxHL5zAd5fxFN7cMtDX009QGJeqGanP5ugXnF1OajE3XNGtMb8a7Q6xPbZnEKnRW1er0%2FcpzQBW%2Bh3Wu7PefrbErA%2F1WsFTzUJB2YuFQZ210AeSVEieMRjmaR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7546cf37dbd38fe9-FRA
jsjxm2rl5ez1305jsjxm2rl5ez033615.jpg
fmlb.netlbtu.com/upload/vod/2022/10-02/13/ Frame A3E3 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/10-02/13/jsjxm2rl5ez1305jsjxm2rl5ez033615.jpg
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8d1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d813c4975bdfa16e1f119af90f067ea385da69db11036537367ae90b4ed131e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3301
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9410
cf-bgj
h2pri
last-modified
Sun, 02 Oct 2022 05:05:03 GMT
server
cloudflare
etag
"b85815881cd6d81:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0RPttCsFz1LJkvu8JU9PP%2BWkPpf1UcY05k1Vye3aTq%2F3QaHHBc%2F9qe8QxVuLW02vkPAQB01bc48tqA6SaOdk%2FLNAWbtGeLYfFLW5vXQ6v%2BS1K95rh4ps51Hxo%2BlTNt3l74X6BynYZCbn4BHWvbC"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7546cf37dbd48fe9-FRA
0objjeus5ym13050objjeus5ym043617.jpg
fmlb.netlbtu.com/upload/vod/2022/10-02/13/ Frame A3E3 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/10-02/13/0objjeus5ym13050objjeus5ym043617.jpg
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8d1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49ec6d116531083d6361d6a66d21ca77a5b3eb5a962cde7eba555d2313875e18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4592
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8382
cf-bgj
h2pri
last-modified
Sun, 02 Oct 2022 05:05:04 GMT
server
cloudflare
etag
"46849d881cd6d81:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2FfOkqHZJtqOucxYsBkA2h5yqNW%2FfrGzGGJ1%2F63mdHg%2BNkdgSeygI6weYmTNvKCsfQa5fC6%2Bk%2BYqKSNz%2BSA10WJmY9wYw0aJXgip3FFDI0L7%2B2blBq9SosLwPFb1hlIlH8mrv80hyihG%2BC4BUgHX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7546cf37dbd98fe9-FRA
hwrll5qcvry1305hwrll5qcvry053619.jpg
fmlb.netlbtu.com/upload/vod/2022/10-02/13/ Frame A3E3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/10-02/13/hwrll5qcvry1305hwrll5qcvry053619.jpg
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8d1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7644eb9a20ee6f671b055c971af87d63c291c9f16c945fc387bd8542f55f107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2267
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7986
cf-bgj
h2pri
last-modified
Sun, 02 Oct 2022 05:05:05 GMT
server
cloudflare
etag
"bc2f2a891cd6d81:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdKijJnzoWMXRxDrnYdk0vDo4ZmxdK6WiQKnq2uzRD4ggSHU84wH84GLioYoimRv8Uvs0IAYu6%2FRs%2BtYDTHP6yR%2FN9RZ7Jnq3UQ7rhuvTjqLgT%2FuN9beUam0XvDNk4EsolL8wkiB4zCPxvkcDZ%2Fi"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7546cf37dbd68fe9-FRA
jgo5mdlrnde1305jgo5mdlrnde063621.jpg
fmlb.netlbtu.com/upload/vod/2022/10-02/13/ Frame A3E3 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/10-02/13/jgo5mdlrnde1305jgo5mdlrnde063621.jpg
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8d1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21174da535ece4caaa7145c2fe1b19e66de365013c6b4120b1f20e6fe28bcc9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3300
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9668
cf-bgj
h2pri
last-modified
Sun, 02 Oct 2022 05:05:06 GMT
server
cloudflare
etag
"8696b4891cd6d81:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uo2Cm0gqFaK1IC%2FpOMNHv3KgDIZCif1k0Ai5quE77zynSKMoswH0W9vxG5siOmMAMnkF0eD2%2Bg8gB2nIG%2BLx4%2FH8CtC8ZLWzfSRqnJXlDAYLtJOHbkQbDNfB45snUErDXAKgJXy6%2FNf2LmEhGiqc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7546cf380c388fe9-FRA
bcahbkwjoya1305bcahbkwjoya073623.jpg
fmlb.netlbtu.com/upload/vod/2022/10-02/13/ Frame A3E3 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/10-02/13/bcahbkwjoya1305bcahbkwjoya073623.jpg
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8d1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6e3e5571c6acc3ae3429428b734fc65222be9778588a33267e02af64f580694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2267
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8635
cf-bgj
h2pri
last-modified
Sun, 02 Oct 2022 05:05:07 GMT
server
cloudflare
etag
"42fa3e8a1cd6d81:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kac%2FkopGEXgtEf%2BE22MPu8kzN1StxEs4fuyGEzHEGDP5y0AfnX7NrQsmid%2FQnaM1qUnXxaUmRGSZ1T6nf2WOjxMthZwZVQpO2dEu7DGVdhlBHVtm3S59zwCKDyPqVtVyuHCCDASYWi07l69uyv4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7546cf380c398fe9-FRA
LOGO1.png
www.heiniu105.site/ Frame F4D0 		361 KB
362 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.heiniu105.site/LOGO1.png
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/logo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.247.198.190 Los Angeles, United States, ASN46261 (QUICKPACKET, US),
Reverse DNS
Software
nginx /
Resource Hash
dc4cebb48b3ba6425c0086b60bb77c8e5ab58eed01a2b7548411c8171ca9f608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/logo.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 15:46:14 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 31 Aug 2022 11:39:34 GMT
server
nginx
etag
"630f4876-5a590"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
370064
expires
Wed, 02 Nov 2022 15:46:14 GMT
hm.gif
hm.baidu.com/ Frame A3E3 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1309848383&si=d4e0c5a80073dc4a06760f766d6bd014&su=https%3A%2F%2F001.heiniu102.com%2F&v=1.2.97&lv=1&sn=26370&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww.heiniu105.site%2F&tt=%E9%BB%91%E7%89%9B%E5%BD%B1%E8%A7%86
Requested by
Host: www.heiniu105.site
URL: https://www.heiniu105.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.heiniu105.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Oct 2022 15:46:15 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
p.qlogo.cn
URL
https://p.qlogo.cn/qqmail_head/exDQ4ofPz1kmmHxzRWkqxuiaS1ef2WDKV9IlGqQ01KRp1TcLC88449sRZyibbnmqia1/0
Domain
p.qlogo.cn
URL
https://p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| Page object| _hmt boolean| _bdhm_loaded_9e56529d77aefedc801126c7e456e410 object| mini_tangram_log_ml9csy boolean| _bdhm_loaded_f5a5c5c92b8ba0ce4c14073f16113b3c object| mini_tangram_log_wd4kx8

5 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 86994697A89B08EE
.www.theartofselfalignment.com/ Name: Hm_lvt_9e56529d77aefedc801126c7e456e410
Value: 1664811971
.www.theartofselfalignment.com/ Name: Hm_lpvt_9e56529d77aefedc801126c7e456e410
Value: 1664811971
.www.theartofselfalignment.com/ Name: Hm_lvt_f5a5c5c92b8ba0ce4c14073f16113b3c
Value: 1664811971
.www.theartofselfalignment.com/ Name: Hm_lpvt_f5a5c5c92b8ba0ce4c14073f16113b3c
Value: 1664811971

1 Console Messages

Source Level URL
Text
network error URL: https://www.heiniu105.site/template/heiniu/html9/ads/dl.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

001.heiniu102.com
acoozza.top
api.share.baidu.com
ddcdn.comtucdncom.com
dimg04.c-ctrip.com
fmlb.netlbtu.com
hm.baidu.com
kveii.com
p.qlogo.cn
p9.toutiaoimg.com
push.zhanzhang.baidu.com
theartofselfalignment.com
www.heiniu105.site
www.theartofselfalignment.com
www.tupku.top
p.qlogo.cn
103.235.46.191
104.103.100.203
104.247.198.186
104.247.198.190
182.61.201.93
240e:97c:2f:5::3c
2606:4700:e2::ac40:8d1d
2a06:98c1:3121::3
2a06:98c1:3121::c
39.156.68.163
4.34.42.101
45.154.215.92
45.59.113.184
45.89.208.114
03f908452d864ad8f9160352ab681729274c0abb1ea3e5398244290d4dac06b2
049fdd340bc76119a804f270a8c261c4fe2e0d7a8f93797ee50476191bdf80f4
07de171b4735f70b00021bf230231faf69573e9e90e60b3974aeae196375a27d
0a92137ad0c4e87ec493f14e257f26f58ea0a4ddca21cc6ef66a82dd1a0166ca
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
21174da535ece4caaa7145c2fe1b19e66de365013c6b4120b1f20e6fe28bcc9b
2ba3db66001173b7649203bd687c1b99b9db936822b17ebdb2bcb09c2f5ffb89
3a7bfc39189a2cf6742d0029e566d7f2ee95de1e3bee0929f203cd40002f464a
49ec6d116531083d6361d6a66d21ca77a5b3eb5a962cde7eba555d2313875e18
4aed8c090aa7bff3de4c028efced6a87dd7645bc15d265cdddf106f3f5dd9435
5730352e43eab3a407c0d020ba1b9c7c29881e7e356c6dada7e601df52738796
5a319cbe9dafe108b31f94d2b9ff0360108236393f7252057bcbaf6ebcc3d048
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
6a980845cc2700e75a8517f858f8d27ec9200893aca0710f65af76a523791cb5
6bfe0b2aa694c65286920da6bc6fd0c45ff9c546f61a726fb355d7d3f9fa5c57
7ba4e934ee23a0c156e0b14b61757398bfff3e6c41b4b1ab72d803e39169b469
9192a5860db22afa06d3ccfa11af7d7179230f874e40be1142236c9eb9ffad41
9e0d0ebc4900039e39d74f2687002dd12048e8b07b513e116b14513779526037
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
aeefa12a7a2daa7ef3c04e1545d05163f8f6d95e1b8651fe7ea2893115bb6315
afd3a2cec018c7fed7cb2a37a879f5958faa6844bea732103113c9e874bbb031
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d
b5adfe6a4b42235421761853f4512d44aa336cfdc7abe3abcb55c3fcccc14a7f
b63a862a0f65ff9f685e9b67fd171a6df96878469b0a85d1da2f644399c0409f
b6e3e5571c6acc3ae3429428b734fc65222be9778588a33267e02af64f580694
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d7644eb9a20ee6f671b055c971af87d63c291c9f16c945fc387bd8542f55f107
d813c4975bdfa16e1f119af90f067ea385da69db11036537367ae90b4ed131e1
dc4cebb48b3ba6425c0086b60bb77c8e5ab58eed01a2b7548411c8171ca9f608
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea91cff4edce86babb62e0234189805d6aac8622946268bbddb6817e1681f399
ed839998dcaea302be5bbe68a966aad7658f8e9bfff1ac213487ea0c58396c73
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff
fe2a3a6eec16ef268c15678e1c263607d84869459590a58718338e2715f9ad24