www.xjzjxh.com Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://xjzjxh.com/
Effective URL:
https://www.xjzjxh.com/
Submission: On December 11 via api (December 11th 2024, 4:22:26 pm UTC) from US — Scanned from NL

Summary HTTP 26 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 26 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.xjzjxh.com.
TLS certificate: Issued by WE1 on December 7th 2024. Valid for: 3 months.

This is the only time www.xjzjxh.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
1 9	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	90.84.161.20 90.84.161.20	2285 (OCB_HONEY...) (OCB_HONEY_CDN_ASN Orange S.A.)
14	2606:4700:303... 2606:4700:3033::6815:14a0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	4

9 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

xjzjxh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.xjzjxh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.xjzjxh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 90.84.161.20 (France)

ASN2285 (OCB_HONEY_CDN_ASN Orange S.A., FR)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3033::6815:14a0 (United States)

ASN13335 (CLOUDFLARENET, US)

image.sanxiang-sh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	sanxiang-sh.com image.sanxiang-sh.com	22 MB
11	xjzjxh.com 1 redirects xjzjxh.com www.xjzjxh.com	60 KB
2	51.la sdk.51.la — Cisco Umbrella Rank: 73455 collect-v6.51.la — Cisco Umbrella Rank: 78995	34 KB
26	3

	Domain	Requested by
14	image.sanxiang-sh.com	www.xjzjxh.com
10	www.xjzjxh.com	www.xjzjxh.com
1	collect-v6.51.la	sdk.51.la
1	sdk.51.la	www.xjzjxh.com
1	xjzjxh.com	1 redirects
26	5

This site contains links to these domains. Also see Links.

Domain
www.sanxiang-sh.com
apps.apple.com
beian.miit.gov.cn

Subject Issuer	Validity	Valid
xjzjxh.com WE1	`2024-12-07` - `2025-03-07`	3 months	crt.sh
*.51.la GlobalSign RSA OV SSL CA 2018	`2024-03-19` - `2025-04-20`	a year	crt.sh
bb91c0aa.sni.cloudflaressl.com WE1	`2024-11-12` - `2025-02-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.xjzjxh.com/
Frame ID: B8C41630E13805B80B9994A069C529A7
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

telegram官网 - TG纸飞机官网,强大的群组功能,让团队协作更高效

Page URL History Show full URLs

https://xjzjxh.com/ HTTP 301
https://www.xjzjxh.com/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

5
Subdomains

4
IPs

3
Countries

22145 kB
Transfer

22199 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sanxiang-sh.com/upload/tsetup-x64.5.7.2.exe
Title: 下载Telegram for 中文电脑版

Search URL Search Domain Scan URL

URL: https://www.sanxiang-sh.com/upload/Telegram.apk
Title: 下载Telegram for Android安卓版

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/telegram-messenger/id686449807
Title: 下载Telegram for iPhone/iPad

Search URL Search Domain Scan URL

URL: https://beian.miit.gov.cn/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://xjzjxh.com/ HTTP 301
https://www.xjzjxh.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.xjzjxh.com/ Redirect Chain https://xjzjxh.com/ https://www.xjzjxh.com/	6 KB 3 KB	527ms 471ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.xjzjxh.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b3f3c3b2b76e2d97c416e22daa37e14b05922829344a588b87b1e93c63cbda6a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f06d00869b90b70-AMS content-encoding zstd content-type text/html; charset=utf-8 date Wed, 11 Dec 2024 16:22:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3n9a7GqGffnsJBjdzNxhYLBP%2F2q%2Bux%2FQUmadC1hco5W%2FQSWjr%2FHuViMEY26L%2BIdI4oWCcsppSbJ%2B2Cmee0nvC7gDe%2FChLxXqRmtLAwNqWhX0OhiZsyuhVACKzFshKFR6XZQIxsmSYYmpkotRdw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=14467&min_rtt=14248&rtt_var=2421&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3995&recv_bytes=2286&delivery_rate=265760&cwnd=253&unsent_bytes=0&cid=d1fbd953fd39e710&ts=477&x=0" Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f06d004fff228ac-AMS content-type text/html date Wed, 11 Dec 2024 16:22:17 GMT location https://www.xjzjxh.com/ nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lRK376vkAugMW%2BfyRQ3Fe5nQk3i4LoFRC4Trfoyo3am2zDOEwBDfnoKQydzv0BSR%2BZuaRWwohAcq8eXkJE48msx0Dr6vlnECUC5niB4x7kaAg8Oy2SY4EaYPm51v"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=14934&min_rtt=14622&rtt_var=2639&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4143&recv_bytes=4478&delivery_rate=700&cwnd=12000&unsent_bytes=0&cid=04fdee9b6153e081&ts=497&x=1" cfExtPri cfHdrFlush;dur=0
GET H2	200	style.min.css www.xjzjxh.com/static/css/	18 KB 4 KB	646ms 645ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.xjzjxh.com/static/css/style.min.css Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0cf3a8396e22bbee85a7789cef4124ccf6ad737030362682831f91e9c5b84bd8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H7s778j23%2BHfcTonUsBqwRYUV4pGFPcWkYT6fihDUIWs1bLN3SxscD7GLU6TmOuRoV8hEXHF3XMXZu602cIt05Xx5x0neeIJ2HbeAtsnseQfywT9rtzYtrEb0D5ZixplVqwf407Hc2D6tHdNgw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d00b5d4e0b70-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=14462&min_rtt=14248&rtt_var=1371&sent=12&recv=14&lost=0&retrans=0&sent_bytes=6881&recv_bytes=2415&delivery_rate=358138&cwnd=257&unsent_bytes=0&cid=d1fbd953fd39e710&ts=1128&x=0" date Wed, 11 Dec 2024 16:22:18 GMT content-type text/css; charset=utf-8 last-modified Wed, 20 Nov 2024 08:29:53 GMT vary Accept-Encoding server cloudflare
GET H2	200	js-sdk-pro.min.js Show response sdk.51.la/	34 KB 34 KB	1111ms 462ms	Script text/plain	90.84.161.20 OCB_HONEY_CDN_ASN...
General Check archive.org Show headers Download Go to Full URL https://sdk.51.la/js-sdk-pro.min.js?id=3KK9Zot37TeXAqY2&ck=3KK9Zot37TeXAqY2 Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 90.84.161.20 , France, ASN2285 (OCB_HONEY_CDN_ASN Orange S.A., FR), Reverse DNS Software openresty / Resource Hash `c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/ Response headers cache-control no-store access-control-allow-credentials true via EU-GER-frankfurt-EDGE5-CACHE4[440],EU-GER-frankfurt-EDGE5-CACHE4[ovl,437],CHN-HElangfang-GLOBAL6-CACHE33[ovl,15] access-control-allow-origin * x-ccdn-req-id-46b1 62bca130b5eb4ab11394d0a94136c4f8 date Wed, 11 Dec 2024 16:22:19 GMT content-type text/plain; charset=utf-8 server openresty
GET H2	200	td_laptop.png image.sanxiang-sh.com/tg-08/	185 KB 186 KB	416ms 319ms	Image image/jpeg	2606:4700:3033::6815:14a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/td_laptop.png Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:14a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3a1d4890b3e91a01c20c65b75f1ae028e3c445cad1fd2d249dd0868876dfe4b4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "40d4266e5aadc87cceec1ab420dc2692" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XEHyJRJs6j1QjgJnzY0YNfx18iGesfByo9A27HryrdVVR6GlcHL8L07dHvQM2zVfiQYhjn6Tzn2s%2BEtgQKbP3ItDS9eKkd1RizmJTGkw%2BSLunQuzMNN6QBFtHQVMjOvZFxX6s7djGchJ8UNOjMGThvzBthI%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d00bfb42b942-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=14820&min_rtt=14578&rtt_var=2448&sent=9&recv=13&lost=0&retrans=0&sent_bytes=3957&recv_bytes=2307&delivery_rate=264765&cwnd=253&unsent_bytes=0&cid=545b6fc0898e27bd&ts=327&x=0" content-length 189734 date Wed, 11 Dec 2024 16:22:18 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:53 GMT vary Accept-Encoding server cloudflare
GET H2	200	SiteAndroid.jpg image.sanxiang-sh.com/tg-08/	21 KB 21 KB	462ms 365ms	Image image/jpeg	2606:4700:3033::6815:14a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/SiteAndroid.jpg Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:14a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `15a94720d72ed1727fb281ed4af914e17cd8166bb18f5a8484f32f9faff4f365` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "f5eb8dcf9b18f19053034101e920574e" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LpsMh0Ew6s8EoCc6sRx08Kr8DpG1TNHYTbtK05jVRDond3lGQ7cpd9Q%2B%2FrIGDQr1mma0LpRP%2FxIn12gKNh2KtlFNDClBCPqyMJpj09weD76E%2B4%2FvhmujEro80dVFKGddGpirMwha8XooXXWGC5JQBX9b%2B3I%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d00bfb44b942-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=15116&min_rtt=14469&rtt_var=71&sent=199&recv=54&lost=0&retrans=0&sent_bytes=196257&recv_bytes=2307&delivery_rate=4600859&cwnd=376&unsent_bytes=0&cid=545b6fc0898e27bd&ts=373&x=0" content-length 21090 date Wed, 11 Dec 2024 16:22:18 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:52 GMT vary Accept-Encoding server cloudflare
GET H2	200	SiteiOS.jpg image.sanxiang-sh.com/tg-08/	31 KB 31 KB	310ms 310ms	Image image/jpeg	2606:4700:3033::6815:14a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/SiteiOS.jpg Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:14a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5a2c666b6e4f30ff921353cd9a3eccc09b9314c5c5ab11e1a3928936e497b2dc` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "89486a05599a1cfd549f8fb2d70e7d73" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P5dcRE7na0qtQUjCNH0SkDd2KuALkbtOQsULL9dzDVgopt4S3dUY2xIDVYAqW44Vr9sS9iTPFoVpV48Mn72Kmh6W4eNPr9W2o4kWVuGTbk99aEPpNbAIz7GmmSLwIEDHiriWysjgAsF0lqaqbZeL%2BYsCryQ%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d00e3e46b942-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=15281&min_rtt=14469&rtt_var=167&sent=903&recv=187&lost=0&retrans=0&sent_bytes=1095448&recv_bytes=2431&delivery_rate=13566085&cwnd=486&unsent_bytes=64850&cid=545b6fc0898e27bd&ts=673&x=0" content-length 31305 date Wed, 11 Dec 2024 16:22:18 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:52 GMT vary Accept-Encoding server cloudflare
GET H2	200	d1.gif image.sanxiang-sh.com/tg-08/	2 MB 2 MB	266ms 266ms	Image image/jpeg	2606:4700:3033::6815:14a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/d1.gif Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:14a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `58a9156f7cb557eb157598032fd67ade899a5a8b635455fbeb46c7bfa0f122e4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "cbd2d6af702cab22fb23c7d159abc428" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l288WwPdK%2B8FfE%2FU34Dv%2FNxTb6Uk357Khxm2j61suKubWfrLejUbU5CnipIpwVQx6DarNeVbPl%2Bky83COlqokys0UD5THpIAba76sLSCAUBUiWP5%2BtGwjxnajLIIFquXLMmgS5GWi2LA6cOX4x%2BGgZ9ff8A%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d00e4e5cb942-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=15347&min_rtt=14469&rtt_var=486&sent=219&recv=88&lost=0&retrans=0&sent_bytes=217998&recv_bytes=2431&delivery_rate=5048024&cwnd=388&unsent_bytes=0&cid=545b6fc0898e27bd&ts=643&x=0" content-length 2415534 date Wed, 11 Dec 2024 16:22:18 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:47 GMT vary Accept-Encoding server cloudflare
GET H2	200	d2.gif image.sanxiang-sh.com/tg-08/	2 MB 2 MB	319ms 319ms	Image image/jpeg	2606:4700:3033::6815:14a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/d2.gif Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:14a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8acbaebd980880be300562b4721fda46636837c7ca7e174edfe0dc8f9248d97b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "3ddffc96032b4b586b63950436e1b19f" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iFZtyk%2FNuNXJpJ5ucYHAHZzqA1NGyQzSqs%2Fq%2FhlEcypPVOcOAy4fwhiFusqgMmxEGGdEWZ%2FDZJSwHEBbAnmgGWwBY1g4gLxWHMdAdrn6zKKKwxdYkJMgGSSdiMjum%2BABl8iXkNoB4C5kXTi8BNlaAV3g4II%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d010392fb942-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=22532&min_rtt=14469&rtt_var=10419&sent=2137&recv=977&lost=0&retrans=0&sent_bytes=2673405&recv_bytes=2491&delivery_rate=55079583&cwnd=1925&unsent_bytes=0&cid=545b6fc0898e27bd&ts=1002&x=0" content-length 1867995 date Wed, 11 Dec 2024 16:22:19 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:46 GMT vary Accept-Encoding server cloudflare
GET H2	200	d3.gif image.sanxiang-sh.com/tg-08/	2 MB 2 MB	314ms 311ms	Image image/jpeg	2606:4700:3033::6815:14a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/d3.gif Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:14a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4461cfec85ed4d48b6aa70f9feb464520862cf001dd3b36ce84401112ebdc5f1` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "b66ccb48aae5492d0043602a8809739d" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p7X6q42L31Q%2BfTR8lq9aFiEyTAezFmkQ4gv6ycRbSWduvvoQdUMDFIUllrbMU2ED%2F4RhJOklPCBtNLmOTunLDsruGcGuwOflIjoVAqpmXP4M4FA4gjOJy2LaaD4fPbw%2FXSbSRuxioWvzUcFKBS88YzqvfBQ%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d0139d7db942-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=21621&min_rtt=14000&rtt_var=494&sent=7223&recv=1711&lost=498&retrans=816&sent_bytes=9215219&recv_bytes=3009&delivery_rate=55079583&cwnd=1425&unsent_bytes=12970&cid=545b6fc0898e27bd&ts=1534&x=0" content-length 2146221 date Wed, 11 Dec 2024 16:22:19 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:48 GMT vary Accept-Encoding server cloudflare
GET H2	200	d4.gif image.sanxiang-sh.com/tg-08/	3 MB 3 MB	565ms 563ms	Image image/jpeg	2606:4700:3033::6815:14a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/d4.gif Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:14a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1ada80884d0ad4df743330129d9fbdcf0ca1603ef669276d3772b84697daff16` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "28746cea3fa3fe45e9a77eac83cc83eb" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XaV6FxaNpkXwvVs8tLigJdFFCB%2FVgWPVRRiOzoA3reGxvdo5QkSWXpUCnDK%2Ftx2jNcQPp1VwcomC%2FgPXvX4n7Rhi6UnFEqlc%2Ffm78Vy%2FpfM%2FY00DKmlYI8UMWwz4IP8lCelKJwprXugcGQiGHdJW505%2BRnM%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d0139d7eb942-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=22056&min_rtt=14000&rtt_var=108&sent=15603&recv=4172&lost=0&retrans=3236&sent_bytes=19973197&recv_bytes=3009&delivery_rate=39737672&cwnd=3297&unsent_bytes=0&cid=545b6fc0898e27bd&ts=1794&x=0" content-length 3373417 date Wed, 11 Dec 2024 16:22:20 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:49 GMT vary Accept-Encoding server cloudflare
GET H2	200	d5.gif image.sanxiang-sh.com/tg-08/	2 MB 2 MB	371ms 369ms	Image image/jpeg	2606:4700:3033::6815:14a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/d5.gif Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:14a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `424f0701dcb8542900712d39693b91db8758a1ddb0a33c21cfb502a8a71cdad8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "6ae9949dd516f905186883c3dc5f082b" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s1%2BYGptDEzGG%2BJFbpYKlY9ULo3jihHNRMwtX1z02gD56B3IDQ8hNv5f953ivs5dhRj5OOCA1e0NU4Gipobi7an8Mw6WahvRHCDa%2BFvF1s57UJWqU5cRXuJ5jwbbHGDErsrWaCJQ3ZZfbgEnS%2BZs3Y6R41xI%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d0139d81b942-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=17416&min_rtt=14000&rtt_var=510&sent=8563&recv=2291&lost=0&retrans=830&sent_bytes=10911332&recv_bytes=3009&delivery_rate=87412447&cwnd=2336&unsent_bytes=0&cid=545b6fc0898e27bd&ts=1556&x=0" content-length 1696890 date Wed, 11 Dec 2024 16:22:19 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:47 GMT vary Accept-Encoding server cloudflare
GET H2	200	d6.gif image.sanxiang-sh.com/tg-08/	2 MB 2 MB	370ms 367ms	Image image/jpeg	2606:4700:3033::6815:14a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/d6.gif Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:14a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `de5ccab1886506b6c45b16b5037a80f20e1ba53b3e5fda65e174a784559e8e30` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "443b2a218ba5a3010b778986488af448" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rkg0qH0Wljrf0fN5vcMOFcxcpZzCKyJaAC2E3aY7c0pVgwKjj0W6MC8RXLbo1cXKBCZGLuuiZN5ZN6qMkON%2BOLDhRQWbOnh%2FEVE83ao3HFk5lwZOdePhTK7KF0gPWNGyZQtTMBqTp6YHx3D6XQAcl%2B0C2v0%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d0139d84b942-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=17416&min_rtt=14000&rtt_var=510&sent=8563&recv=2291&lost=0&retrans=830&sent_bytes=10911332&recv_bytes=3009&delivery_rate=87412447&cwnd=2336&unsent_bytes=0&cid=545b6fc0898e27bd&ts=1556&x=0" content-length 1999661 date Wed, 11 Dec 2024 16:22:19 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:47 GMT vary Accept-Encoding server cloudflare
GET H2	200	d7.gif image.sanxiang-sh.com/tg-08/	3 MB 3 MB	325ms 323ms	Image image/jpeg	2606:4700:3033::6815:14a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/d7.gif Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:14a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d6037e1cea2e2ec907c6315e6fcff8cf5ab39a6857408ab5800504b7f28897d7` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "1a1a1e97120c2dd2b6b3c8c0f77ca236" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yhmorUCawtBIVLGODgfPK4SRc6Q0CWvq3jx9nY4JVxU8IINS7%2F3A2xLIp2yHXLgt%2F49IIbIfeiuGvZSf80BMz6ovWkUxN6B5Sn3TfsyXV%2Fsjp0dMx%2BT7%2BMGW9MVSfMWyw4Jh4RkJgEfwRIBo6pSqc6qcmtA%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d0139d87b942-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=21029&min_rtt=14000&rtt_var=47&sent=7735&recv=2078&lost=190&retrans=830&sent_bytes=9869609&recv_bytes=3009&delivery_rate=86635546&cwnd=2013&unsent_bytes=59594&cid=545b6fc0898e27bd&ts=1551&x=0" content-length 3222729 date Wed, 11 Dec 2024 16:22:19 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:51 GMT vary Accept-Encoding server cloudflare
GET H2	200	d8.gif image.sanxiang-sh.com/tg-08/	2 MB 2 MB	266ms 263ms	Image image/jpeg	2606:4700:3033::6815:14a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/d8.gif Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:14a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5d362fd03c23bf20a038ed5b9e3169ef8cb07df1f7d17ea3b03c6752641cf523` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "80515db845d4fc2b936127d4324ff322" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qJuKUPcZhBdIEwHvZY6G70kDgnvyuwqIrqnQGzc60%2BksX3CP86sWID1FvH%2FPw2QwOtoOmyHc5rQPL7n15CsF5GVXJEhE21OITJ3qTi3VHRIes8voss2p9EL2AdPTElLvMfdHHrevjuPBHcNjhgGS3%2B5mkkw%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d0139d88b942-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=15947&min_rtt=14000&rtt_var=103&sent=3924&recv=1512&lost=0&retrans=318&sent_bytes=4956053&recv_bytes=3009&delivery_rate=55079583&cwnd=1925&unsent_bytes=0&cid=545b6fc0898e27bd&ts=1496&x=0" content-length 2603040 date Wed, 11 Dec 2024 16:22:19 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:51 GMT vary Accept-Encoding server cloudflare
GET H2	200	d9.gif image.sanxiang-sh.com/tg-08/	3 MB 3 MB	309ms 307ms	Image image/jpeg	2606:4700:3033::6815:14a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/d9.gif Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:14a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e76ed8bc1cf9d0a09c8b6407af9bc59dad845b5b4aa220ee89037035f35abbf8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "5d09f9927641c16d5b62da8f2f877f50" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lcwfV%2BiwMiBAJWXDA0txBrqKwKh4QwfND9kIB%2BeeU0UUpCupQQMuWI46wUeVkSdzCrrnlMvHlWH5pyiXxMcI%2FHlcJkg%2BmxKymJhLdZxmA45kn1yLI1YsxjgkPGKW%2FNNYA0XlEu8qFZt5pJYnrco9HRWAIH8%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d013ad89b942-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=18892&min_rtt=14000&rtt_var=560&sent=5850&recv=1531&lost=0&retrans=318&sent_bytes=7442506&recv_bytes=3009&delivery_rate=55079583&cwnd=1925&unsent_bytes=63553&cid=545b6fc0898e27bd&ts=1516&x=0" content-length 2968347 date Wed, 11 Dec 2024 16:22:19 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:52 GMT vary Accept-Encoding server cloudflare
GET H2	200	top.png image.sanxiang-sh.com/tg-08/	8 KB 8 KB	323ms 321ms	Image image/jpeg	2606:4700:3033::6815:14a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image.sanxiang-sh.com/tg-08/top.png Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:14a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a5a74fe3ca2bf59450003d4fa2caf08292643e843892e45454d769f81113bfb6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "17328ab16157f861dcbf1c23749bb46a" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fwpp%2FbBtG1LmqiVFU6BWlzDqcNCmLiOPISsnGa6CV1y4kMAz1Zij9lxqsVa6Z98cimxDZGorFXeqoyQWQVQcFm71EQvoPO1yyB9SCgZTpPNIIyrgcXreCLYsQvbfr%2FWwl5rWwJa61%2FrorOSrn1nZBh0njIA%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d013ad8bb942-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=20935&min_rtt=14000&rtt_var=87&sent=7731&recv=1934&lost=322&retrans=830&sent_bytes=9866953&recv_bytes=3009&delivery_rate=86635546&cwnd=1808&unsent_bytes=62250&cid=545b6fc0898e27bd&ts=1548&x=0" content-length 7927 date Wed, 11 Dec 2024 16:22:19 GMT content-type image/jpeg last-modified Mon, 02 Dec 2024 10:00:53 GMT vary Accept-Encoding server cloudflare
GET H3	200	jquery.js Show response www.xjzjxh.com/static/js/	85 KB 32 KB	815ms 814ms	Script text/javascript	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.xjzjxh.com/static/js/jquery.js Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f1a9c17b50d6278a694406d9e5dce160f81afd7a2683dfdf07f0651c38bdaa8e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w4pXnRLFXiDAv%2BDzTAasajk%2FP0YQJczHeBuXKS5RSRO42EeRUu4qrqDG210qPIZN893m4DbxWN1IdEBaoKk15eYcBy%2F8Y%2BDaRxbjz%2BlgKJWO3%2Be%2FichQ%2B5K%2BpVTuIi5nCg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d0119b2165f1-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=14584&min_rtt=14267&rtt_var=2498&sent=24&recv=17&lost=0&retrans=0&sent_bytes=12172&recv_bytes=8466&delivery_rate=700&cwnd=12000&unsent_bytes=0&cid=23dd36a4a4517354&ts=1790&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 16:22:19 GMT content-type text/javascript; charset=utf-8 last-modified Fri, 15 Nov 2024 08:01:43 GMT vary Accept-Encoding priority u=2,i=?0
GET H3	200	public.js Show response www.xjzjxh.com/static/js/	1 KB 1 KB	503ms 502ms	Script text/javascript	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.xjzjxh.com/static/js/public.js Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5d980ce2f83a0af6ceca8264539e0380ff235e8c621bca2f22f1bc2db9b4fa5f` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2FH4LoPv91H%2FDmP6yQqisg%2FL63s0jnGRSrvzVZEI7WQ41LJDYCqtUeRF4DxZ1azUfotGi5cmELzxTq1%2BQCN%2FjeEQ7StLj1WYsT6Uh6fp2gaO3UzWMEw22s%2FhTI7axIAF8A%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d0137cde65f1-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=14584&min_rtt=14267&rtt_var=2498&sent=17&recv=17&lost=0&retrans=0&sent_bytes=6485&recv_bytes=8466&delivery_rate=700&cwnd=12000&unsent_bytes=0&cid=23dd36a4a4517354&ts=1781&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 16:22:19 GMT content-type text/javascript; charset=utf-8 last-modified Fri, 15 Nov 2024 08:01:43 GMT vary Accept-Encoding priority u=2,i=?0
POST H2	200	collect Show response collect-v6.51.la/v6/	0 280 B	407ms 246ms	XHR text/plain	90.84.161.20 OCB_HONEY_CDN_ASN...
General Check archive.org Show headers Download Go to Full URL https://collect-v6.51.la/v6/collect?dt=4 Requested by Host: sdk.51.la URL: https://sdk.51.la/js-sdk-pro.min.js?id=3KK9Zot37TeXAqY2&ck=3KK9Zot37TeXAqY2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 90.84.161.20 , France, ASN2285 (OCB_HONEY_CDN_ASN Orange S.A., FR), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/ Response headers via EU-GER-frankfurt-EDGE5-CACHE4[217],EU-GER-frankfurt-EDGE5-CACHE4[ovl,211] access-control-allow-origin https://www.xjzjxh.com x-ccdn-req-id-46b1 b66f75acbefb1cbb6236686fc060bcc4 content-length 0 date Wed, 11 Dec 2024 16:22:19 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials true
GET H3	200	t_logo_sprite.svg www.xjzjxh.com/static/image/	23 KB 7 KB	626ms 625ms	Image image/svg+xml	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.xjzjxh.com/static/image/t_logo_sprite.svg Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/static/css/style.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `832fbefd7a4fe8f651058597d9f1910883d1cbd56d0ceb343e7d6170aeecf982` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/static/css/style.min.css Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=reNQJ9W5u5X%2BhplcMNxPVc%2F4wu9t9cRa6r5gx1twLsOgSOhyoxhJmM2GfD8gqEvCpdXwuMAO5Pspzuo6ep3ivYFBVnoJeC7%2B%2BjPFbDZWF50BSG5TxdoZlNbckoHot%2FA5TQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d0139d1365f1-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16750&min_rtt=14267&rtt_var=2279&sent=61&recv=40&lost=0&retrans=0&sent_bytes=50138&recv_bytes=9461&delivery_rate=130684&cwnd=26400&unsent_bytes=0&cid=23dd36a4a4517354&ts=1930&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 16:22:20 GMT content-type image/svg+xml last-modified Fri, 15 Nov 2024 08:01:43 GMT vary Accept-Encoding priority u=3,i
GET H3	200	app_icon_desktop.svg www.xjzjxh.com/static/image/	3 KB 3 KB	475ms 474ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.xjzjxh.com/static/image/app_icon_desktop.svg Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/static/css/style.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/static/css/style.min.css Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zt439hF9Rp%2FlsErwhGNfCEsLoQGbhKW8MaVmgzB0uYC0oqflU2%2FRcFtDLZDVu7nigxVWcyEBpMuX0W2dqInDoKs4YkJ%2FM%2BxHlw%2BeySx6EXS%2FTkXzrSuCk2Ud1ZC%2BnoJdRw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d0139d1665f1-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=14584&min_rtt=14267&rtt_var=2498&sent=15&recv=17&lost=0&retrans=0&sent_bytes=4306&recv_bytes=8466&delivery_rate=700&cwnd=12000&unsent_bytes=0&cid=23dd36a4a4517354&ts=1780&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 16:22:19 GMT content-type text/html; charset=utf-8 last-modified Wed, 11 Dec 2024 16:22:19 GMT vary Accept-Encoding priority u=3,i
GET H3	200	SiteIconAndroid.svg www.xjzjxh.com/static/image/	3 KB 3 KB	518ms 517ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.xjzjxh.com/static/image/SiteIconAndroid.svg Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/static/css/style.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/static/css/style.min.css Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1SmyX69XcdvuHl79rD7XoLTgcjhc9X8jp0fBagI%2BRHHxwYAN45JfmT%2FJgVt3cdJPtLbxcmtjJEQe2D543hoiBGT7oXvkQDbSKTmEtlzqD1ZWOWXDqfPFzCkNDohYfhMqpg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d0139d1765f1-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16692&min_rtt=14267&rtt_var=1437&sent=58&recv=32&lost=0&retrans=0&sent_bytes=47965&recv_bytes=9111&delivery_rate=25259&cwnd=26400&unsent_bytes=0&cid=23dd36a4a4517354&ts=1822&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 16:22:19 GMT content-type text/html; charset=utf-8 last-modified Wed, 11 Dec 2024 16:22:19 GMT vary Accept-Encoding priority u=3,i
GET H3	200	SiteIconApple.svg www.xjzjxh.com/static/image/	3 KB 3 KB	478ms 477ms	Image text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.xjzjxh.com/static/image/SiteIconApple.svg Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/static/css/style.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/static/css/style.min.css Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MZBDBdfozPT%2FOZVFzoQ0SdotjSI8z8BTYN2G2SJTdKFTWpmHA%2BXWLX6z38v9xaodQZgavQmBiH1Spk53bU3HuuVP4FYHbiPevAk7pkbWEvFCFyONylF9rtdKvn3FDmAItQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d0139d1965f1-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=14584&min_rtt=14267&rtt_var=2498&sent=19&recv=17&lost=0&retrans=0&sent_bytes=7826&recv_bytes=8466&delivery_rate=700&cwnd=12000&unsent_bytes=0&cid=23dd36a4a4517354&ts=1781&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 16:22:19 GMT content-type text/html; charset=utf-8 last-modified Wed, 11 Dec 2024 16:22:19 GMT vary Accept-Encoding priority u=3,i
GET H3	200	AlibabaPuHuiTi-2-55-Regular.ttf www.xjzjxh.com/static/fonts/	3 KB 2 KB	468ms 468ms	Font text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.xjzjxh.com/static/fonts/AlibabaPuHuiTi-2-55-Regular.ttf Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/static/css/style.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1973f52727a36c59411b6b6fede4ded7a4c4a137af13dfcf6254d3c77862cca0` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.xjzjxh.com Referer https://www.xjzjxh.com/static/css/style.min.css Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=249TyZ%2BqVrVx%2FUeR3qO%2BfQr4VGT%2FeO1xu7H%2F7QH1ZVYjRwUJP3IKg5Alt2Wq9L%2FRIGYMXY8l%2BmlVbskdDLwQdngC%2BG%2FjFhweaiLWB19BCNZGRT6vVqLJkSFR5A6PR1CAvQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d013bd2e65f1-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=14584&min_rtt=14267&rtt_var=2498&sent=22&recv=17&lost=0&retrans=0&sent_bytes=10009&recv_bytes=8466&delivery_rate=700&cwnd=12000&unsent_bytes=0&cid=23dd36a4a4517354&ts=1787&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 16:22:19 GMT content-type text/html; charset=utf-8 last-modified Wed, 11 Dec 2024 16:22:19 GMT vary Accept-Encoding priority u=0,i=?0
GET H3	200	AlibabaPuHuiTi-2-105-Heavy.ttf www.xjzjxh.com/static/fonts/	3 KB 2 KB	498ms 498ms	Font text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.xjzjxh.com/static/fonts/AlibabaPuHuiTi-2-105-Heavy.ttf Requested by Host: www.xjzjxh.com URL: https://www.xjzjxh.com/static/css/style.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1973f52727a36c59411b6b6fede4ded7a4c4a137af13dfcf6254d3c77862cca0` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.xjzjxh.com Referer https://www.xjzjxh.com/static/css/style.min.css Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=njZNVFRU3iZDeNqE7iR26QBUz6GQxlz7o8ab3uS1j%2FSvXk%2F9ZI%2B8ujuXW6WgCKQc64TGSg4v5S%2FuxGh3jHFBSay%2B0a2LRRFO3BHmFYAq1ac8XbtmpySorVhKANitA%2FKO4Q%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d013bd2f65f1-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=16480&min_rtt=14267&rtt_var=1901&sent=56&recv=30&lost=0&retrans=0&sent_bytes=45807&recv_bytes=9025&delivery_rate=22288&cwnd=26400&unsent_bytes=0&cid=23dd36a4a4517354&ts=1817&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 11 Dec 2024 16:22:19 GMT content-type text/html; charset=utf-8 last-modified Wed, 11 Dec 2024 16:22:19 GMT vary Accept-Encoding priority u=0,i=?0
GET H2	200	telegram-favicon.ico image.sanxiang-sh.com/	4 KB 5 KB	321ms 320ms	Other image/jpeg	2606:4700:3033::6815:14a0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://image.sanxiang-sh.com/telegram-favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:14a0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `181349b08b8da309823b3b6a670ce13581ff82af7b03db71ba60c705d0620261` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.xjzjxh.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "975b4112a366cca6b9bf2c84e268268c" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KCvUZYzBWJRzTZXbPxp1QpgS43l1Lx8RMUdU%2Fu4drL6H6txEHk3FywfqtfwzoR2QaJI2%2FovZSjd5dmVaJNfolLmuBoF5SN8PsZ8kk9H2NeXcNUchmOpomAU3FamlA7Onia28Dz3zjQdzEC76K8D4EKJfO4A%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f06d0220dc4b942-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=17474&min_rtt=14000&rtt_var=438&sent=22990&recv=5485&lost=0&retrans=5225&sent_bytes=29347312&recv_bytes=3150&delivery_rate=110128197&cwnd=3298&unsent_bytes=0&cid=545b6fc0898e27bd&ts=3846&x=0" content-length 4286 date Wed, 11 Dec 2024 16:22:22 GMT content-type image/jpeg last-modified Fri, 06 Dec 2024 07:06:32 GMT vary Accept-Encoding server cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.xjzjxh.com/	1969-12-31 23:59:59	Name: __vtins__3KK9Zot37TeXAqY2 Value: %7B%22sid%22%3A%20%22430d4ea2-a361-54bf-9f97-ad2e5fac1f64%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201733935939445%2C%20%22ct%22%3A%201733934139445%7D
www.xjzjxh.com/	1970-01-21 11:14:54	Name: __51uvsct__3KK9Zot37TeXAqY2 Value: 1
www.xjzjxh.com/	1970-01-21 11:14:54	Name: __51vcke__3KK9Zot37TeXAqY2 Value: a8d63e6c-592a-569b-8976-19aab07023b6
www.xjzjxh.com/	1970-01-21 11:14:54	Name: __51vuft__3KK9Zot37TeXAqY2 Value: 1733934139447

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.xjzjxh.com/ Message: Failed to decode downloaded font: https://www.xjzjxh.com/static/fonts/AlibabaPuHuiTi-2-55-Regular.ttf
other	warning	URL: https://www.xjzjxh.com/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://www.xjzjxh.com/ Message: Failed to decode downloaded font: https://www.xjzjxh.com/static/fonts/AlibabaPuHuiTi-2-105-Heavy.ttf
other	warning	URL: https://www.xjzjxh.com/ Message: OTS parsing error: invalid sfntVersion: 1008813135

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

collect-v6.51.la
image.sanxiang-sh.com
sdk.51.la
www.xjzjxh.com
xjzjxh.com
188.114.97.3
2606:4700:3033::6815:14a0
2a06:98c1:3121::3
90.84.161.20
0cf3a8396e22bbee85a7789cef4124ccf6ad737030362682831f91e9c5b84bd8
15a94720d72ed1727fb281ed4af914e17cd8166bb18f5a8484f32f9faff4f365
181349b08b8da309823b3b6a670ce13581ff82af7b03db71ba60c705d0620261
1973f52727a36c59411b6b6fede4ded7a4c4a137af13dfcf6254d3c77862cca0
1ada80884d0ad4df743330129d9fbdcf0ca1603ef669276d3772b84697daff16
3a1d4890b3e91a01c20c65b75f1ae028e3c445cad1fd2d249dd0868876dfe4b4
424f0701dcb8542900712d39693b91db8758a1ddb0a33c21cfb502a8a71cdad8
4461cfec85ed4d48b6aa70f9feb464520862cf001dd3b36ce84401112ebdc5f1
58a9156f7cb557eb157598032fd67ade899a5a8b635455fbeb46c7bfa0f122e4
5a2c666b6e4f30ff921353cd9a3eccc09b9314c5c5ab11e1a3928936e497b2dc
5d362fd03c23bf20a038ed5b9e3169ef8cb07df1f7d17ea3b03c6752641cf523
5d980ce2f83a0af6ceca8264539e0380ff235e8c621bca2f22f1bc2db9b4fa5f
832fbefd7a4fe8f651058597d9f1910883d1cbd56d0ceb343e7d6170aeecf982
8acbaebd980880be300562b4721fda46636837c7ca7e174edfe0dc8f9248d97b
a5a74fe3ca2bf59450003d4fa2caf08292643e843892e45454d769f81113bfb6
b3f3c3b2b76e2d97c416e22daa37e14b05922829344a588b87b1e93c63cbda6a
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa
d6037e1cea2e2ec907c6315e6fcff8cf5ab39a6857408ab5800504b7f28897d7
de5ccab1886506b6c45b16b5037a80f20e1ba53b3e5fda65e174a784559e8e30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76ed8bc1cf9d0a09c8b6407af9bc59dad845b5b4aa220ee89037035f35abbf8
f1a9c17b50d6278a694406d9e5dce160f81afd7a2683dfdf07f0651c38bdaa8e

www.xjzjxh.com Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

50 %IPv6

3 Domains

5 Subdomains

4 IPs

3 Countries

22145 kBTransfer

22199 kBSize

4 Cookies

4 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

www.xjzjxh.com Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

5
Subdomains

4
IPs

3
Countries

22145 kB
Transfer

22199 kB
Size

4
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!