Submitted URL: http://byhilton.com/
Effective URL: http://www.byhilton.com/
Submission: On April 01 via manual from US

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 27 HTTP transactions. The main IP is 23.230.173.140, located in United States and belongs to EGIHOSTING, US. The main domain is www.byhilton.com.
This is the only time www.byhilton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 23.230.173.140 18779 (EGIHOSTING)
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 122.228.91.87 134771 (CHINATELE...)
8 23.27.133.50 18779 (EGIHOSTING)
1 218.94.207.228 4134 (CHINANET-...)
1 183.131.207.66 136190 (CHINATELE...)
2 47.246.43.168 24429 (TAOBAO Zh...)
1 240e:ff:f101:... 4816 (CHINANET-...)
1 203.205.254.152 132203 (TENCENT-N...)
1 1 240d:c040:1:4... 132203 (TENCENT-N...)
1 203.205.248.187 132203 (TENCENT-N...)
27 11
Domain Requested by
8 yeyekan1.com yykan10.com
6 yykan10.com www.byhilton.com
yykan10.com
3 www.byhilton.com www.byhilton.com
2 p.qlogo.cn yykan10.com
2 at.180cq.cn yeyekan1.com
1 sz.btfs.mail.ftn.qq.com yykan10.com
1 wx.mail.qq.com 1 redirects
1 ia.51.la www.byhilton.com
1 s9.cnzz.com yykan10.com
1 js.users.51.la www.byhilton.com
1 byhilton.com 1 redirects
0 p26-tt.byteimg.com Failed yykan10.com
0 www.govshenzhen.cn Failed yeyekan1.com
27 13

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-03-24 -
2022-03-23
a year crt.sh
*.users.51.la
GlobalSign GCC R3 DV TLS CA 2020
2020-08-27 -
2022-04-19
2 years crt.sh
yeyekan1.com
R3
2021-03-27 -
2021-06-25
3 months crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G2
2021-01-05 -
2022-02-06
a year crt.sh
at.180cq.cn
Encryption Everywhere DV TLS CA - G1
2021-03-18 -
2022-03-18
a year crt.sh
*.qpic.cn
GlobalSign Organization Validation CA - SHA256 - G2
2020-06-16 -
2021-06-17
a year crt.sh
*.ftn.qq.com
GlobalSign Organization Validation CA - SHA256 - G2
2021-01-15 -
2022-02-16
a year crt.sh

This page contains 2 frames:

Primary Page: http://www.byhilton.com/
Frame ID: A80EA1DD3B083084605F1F59D916A302
Requests: 5 HTTP requests in this frame

Frame: https://yykan10.com/
Frame ID: 927839AA3069E877E2115B03272956FC
Requests: 22 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://byhilton.com/ HTTP 301
    http://www.byhilton.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

27
Requests

78 %
HTTPS

27 %
IPv6

10
Domains

13
Subdomains

11
IPs

4
Countries

752 kB
Transfer

1023 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://byhilton.com/ HTTP 301
    http://www.byhilton.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://img.downk.cc/item/6033a81583b6f643682677d4.gif HTTP 302
  • https://p26-tt.byteimg.com/origin/pgc-image/8cae346873f04cce92f520f1cbc29198
Request Chain 25
  • https://wx.mail.qq.com/webnote/viewfile?fileid=ZF0014_nvbN2LyMFh8uI2oAXCmXVb2&notekey=QtziGXWPpMlGRc2cRnDWph8soN-wTpCVnNeTbiNo9z0&name=%E4%B8%8A.gif&size=115834&md5=c6b86074f8dc03982dd7c8aa243c4266&sha=39f5542e93c031efda85ed798944ff920e1312d5 HTTP 302
  • https://sz.btfs.mail.ftn.qq.com/ftn_handler/bdc92ced933b7166a542cae37193f00eb3ccbb042c3e536257efc747d8725658dcc0b0249a327624d28171e2fbd382cf4e0a7554774b9f511a9367c6fec3d7a2?compressed=0&dtype=1&fname=%E4%B8%8A.gif

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.byhilton.com/
Redirect Chain
  • http://byhilton.com/
  • http://www.byhilton.com/
2 KB
727 B
Document
General
Full URL
http://www.byhilton.com/
Protocol
HTTP/1.1
Server
23.230.173.140 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
20216bd5ff0071e20e2f3bdcdaef1de5eef32090a7a40360c65827e0c62575db

Request headers

Host
www.byhilton.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Thu, 01 Apr 2021 17:21:40 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Thu, 01 Apr 2021 17:21:39 GMT
Content-Type
text/html
Content-Length
0
Connection
keep-alive
Location
http://www.byhilton.com/
common.js
www.byhilton.com/
1 KB
863 B
Script
General
Full URL
http://www.byhilton.com/common.js
Requested by
Host: www.byhilton.com
URL: http://www.byhilton.com/
Protocol
HTTP/1.1
Server
23.230.173.140 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
a68e00f7d4c112fdc1bd0525061f74bc0180ad90a39b1a065720fc650818eb54

Request headers

Referer
http://www.byhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Apr 2021 17:21:40 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
application/x-javascript
tj.js
www.byhilton.com/
102 B
258 B
Script
General
Full URL
http://www.byhilton.com/tj.js
Requested by
Host: www.byhilton.com
URL: http://www.byhilton.com/
Protocol
HTTP/1.1
Server
23.230.173.140 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
e44c68646be19064cfe9b4d179e8254fc635b0dca0235bee25f5b6538f0d8187

Request headers

Referer
http://www.byhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Apr 2021 17:21:41 GMT
Server
nginx
Connection
keep-alive
Content-Length
102
Content-Type
application/x-javascript
/
yykan10.com/ Frame 9278
56 KB
6 KB
Document
General
Full URL
https://yykan10.com/
Requested by
Host: www.byhilton.com
URL: http://www.byhilton.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:5c50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c31cba90c462ca0fca5583fee9393e631cc4bec7bbf5f38b42c8c90d10a4767c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
yykan10.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.byhilton.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.byhilton.com/

Response headers

date
Thu, 01 Apr 2021 17:21:35 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=db98798f9ca6de272a6a0e0a28f0dd11e1617297695; expires=Sat, 01-May-21 17:21:35 GMT; path=/; domain=.yykan10.com; HttpOnly; SameSite=Lax
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
cf-request-id
09300d7af90000c27c7a826000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hidTBB0AlOcf4hndyyQywEkg3cq4qXZDep3TQrV5FCnVzFFg840xX2HLdVrdz9mGBjPTJGnJv3b0XMmA9u9cFVPMDGerQxUE3PunACVu8KZNw6dvdRn5TA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
63937ea4cf03c27c-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
21093075.js
js.users.51.la/
5 KB
3 KB
Script
General
Full URL
https://js.users.51.la/21093075.js
Requested by
Host: www.byhilton.com
URL: http://www.byhilton.com/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
122.228.91.87 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
c875d8961144b27beaa5bda6eb743c66c29c60498ce2b8c5dc7a62ecfa25e206

Request headers

Referer
http://www.byhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-id
21093075
Date
Thu, 01 Apr 2021 17:21:36 GMT
Content-Encoding
gzip
X-Ws-Request-Id
60660120_xin113_43871-26367
Age
29185
Transfer-Encoding
chunked
X-Via
1.1 PSjsczsxdh62:0 (Cdn Cache Server V2.0)[40 200 0], 1.1 PSjsyzdx6jk53:0 (Cdn Cache Server V2.0)[89 200 2], 1.1 ianxin170:7 (Cdn Cache Server V2.0)[0 200 0]
Content-Disposition
inline;filename=f.txt
Connection
keep-alive
Request-Id
000001786403EEC1941593750A35600F
x-reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSztc0qhqfgDN38IHuRg9u6RipKNG5I4
Last-Modified
Wed Mar 24 19:16:53 CST 2021
Server
nginx/1.14.0
ETag
"b946223d6b5e70fd17484f7d8590be8b"
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
version-id
G001117863F3A045FFFF941452C209EC
bootstrap.min.css
yykan10.com/template/pc/static/css/ Frame 9278
136 KB
20 KB
Stylesheet
General
Full URL
https://yykan10.com/template/pc/static/css/bootstrap.min.css
Requested by
Host: yykan10.com
URL: https://yykan10.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:5c50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6e1d34c18249f876c53a91843159d70feff59ef549462b05a9b14e15485d3ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://yykan10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:21:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
14746
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09300d7e410000c27c3f1c8000000001
last-modified
Mon, 01 Feb 2021 13:09:26 GMT
server
cloudflare
etag
W/"6017fd86-2212e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8meqDrNFazEFfo8pkJ6cENr8nmxYIxKohbauZ8R0HOuOE6dx1e3DeuA8DchUZKH19Z0YJ%2BOuJ%2BPzZfygQMUs9EE6p6ak%2BVL0ZhhKGYoVV770FTq1XHRJ1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
63937eaa0d3ec27c-FRA
expires
Fri, 02 Apr 2021 01:15:50 GMT
swiper.min.css
yykan10.com/template/pc/static/css/ Frame 9278
17 KB
3 KB
Stylesheet
General
Full URL
https://yykan10.com/template/pc/static/css/swiper.min.css
Requested by
Host: yykan10.com
URL: https://yykan10.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:5c50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://yykan10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:21:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
14746
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09300d7e420000c27c6390c000000001
last-modified
Mon, 01 Feb 2021 13:09:26 GMT
server
cloudflare
etag
W/"6017fd86-4562"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mzu7msHPY6ANwMDjDPJ4ZOeebR5YlmKnSsafI49vowF7ytNPWe%2BaI%2BBeIT4oEksE6jWuhYRjKjyK5GtAShVqbYycrV02NfjRDT40F%2ByJvRB8dVtU2MVA6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
63937eaa0d43c27c-FRA
expires
Fri, 02 Apr 2021 01:15:50 GMT
style.css
yykan10.com/template/pc/static/css/ Frame 9278
66 KB
11 KB
Stylesheet
General
Full URL
https://yykan10.com/template/pc/static/css/style.css
Requested by
Host: yykan10.com
URL: https://yykan10.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:5c50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ef46c4182dc7e56dc39948b952f1e67e63b16bde833e68619b72246bf712dc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://yykan10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:21:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
14746
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09300d7e420000c27cfcb70000000001
last-modified
Mon, 01 Feb 2021 15:07:56 GMT
server
cloudflare
etag
W/"6018194c-108f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i1Y74G3uxerRPsj%2BZye0zOu8veBkVs7NLWHVMjPWbzx0uL4%2FJpPGGL4Gdy%2FH%2BYOFshTobTnOqmkkAdWHaqsLcpzoNp2OikeV%2F%2BZF1PYo2VlUS8z9tEPhpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
63937eaa0d44c27c-FRA
expires
Fri, 02 Apr 2021 01:15:50 GMT
white.css
yykan10.com/template/pc/static/css/ Frame 9278
9 KB
3 KB
Stylesheet
General
Full URL
https://yykan10.com/template/pc/static/css/white.css
Requested by
Host: yykan10.com
URL: https://yykan10.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:5c50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee27d73e8a3e6caeaa09c79beab8c8216bce6f9f3d15fbcad195613edaae26e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://yykan10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:21:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
14746
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09300d7e430000c27ce78c1000000001
last-modified
Mon, 01 Feb 2021 13:09:28 GMT
server
cloudflare
etag
W/"6017fd88-25d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zjrtw5A4NK8ObjQi6rbQtLRaEoHXBL3MH0mzYl%2FUaD%2Bx%2BH2gxx5N8otki0kajlZbB0hrEa2oAvQUWEyN0Tnl9Mpl1sABM9OfBuzFmnHLgmhDVL1fvcOLpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
63937eaa0d46c27c-FRA
expires
Fri, 02 Apr 2021 01:15:50 GMT
mm-content.css
yykan10.com/template/pc/static/css/ Frame 9278
6 KB
1 KB
Stylesheet
General
Full URL
https://yykan10.com/template/pc/static/css/mm-content.css
Requested by
Host: yykan10.com
URL: https://yykan10.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:5c50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77df0ce17bee199f8fd916d8ff6c35658f101c24ccb3ed547db8af83233375f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://yykan10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:21:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
14746
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09300d7e450000c27ce78c2000000001
last-modified
Mon, 01 Feb 2021 13:09:28 GMT
server
cloudflare
etag
W/"6017fd88-16ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aUdqevHKTnCowhwUkEX5JHHZuUPzqwt77HyNf8MwMWWibvt6Xl%2BKNdl7gJXKjRE%2BSVNWiPHniROVHCLVF0IZoq6pefGgn%2BmNBFZaHKw76iJv7Jc%2BmcroeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
63937eaa0d47c27c-FRA
expires
Fri, 02 Apr 2021 01:15:50 GMT
hfgg1.js
yeyekan1.com/yyk/ Frame 9278
5 KB
1 KB
Script
General
Full URL
https://yeyekan1.com/yyk/hfgg1.js
Requested by
Host: yykan10.com
URL: https://yykan10.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.27.133.50 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
5067762947894a765a97e7680753bec668ce0a5178ee2dd757de93ba8ece7a13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://yykan10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:21:36 GMT
content-encoding
gzip
last-modified
Thu, 01 Apr 2021 14:31:18 GMT
server
nginx
etag
W/"6065d936-1433"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Fri, 02 Apr 2021 05:21:36 GMT
yjym.js
yeyekan1.com/yyk/ Frame 9278
222 B
435 B
Script
General
Full URL
https://yeyekan1.com/yyk/yjym.js
Requested by
Host: yykan10.com
URL: https://yykan10.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.27.133.50 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
45f3c82dffbf73d1ddf2d8fe6ae31cf3eb6a1adfa27574fbc9a39662d0e579d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://yykan10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:21:36 GMT
last-modified
Fri, 19 Mar 2021 07:08:27 GMT
server
nginx
etag
"60544deb-de"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
222
expires
Fri, 02 Apr 2021 05:21:36 GMT
wen.js
yeyekan1.com/yyk/ Frame 9278
7 KB
1 KB
Script
General
Full URL
https://yeyekan1.com/yyk/wen.js
Requested by
Host: yykan10.com
URL: https://yykan10.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.27.133.50 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
1566f6bcb371dece0f736395079ea095f847d84816671dd2e755cfd8c8a94917
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://yykan10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:21:36 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 06:33:21 GMT
server
nginx
etag
W/"606417b1-1ca3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Fri, 02 Apr 2021 05:21:36 GMT
hfgg2.js
yeyekan1.com/yyk/ Frame 9278
5 KB
1 KB
Script
General
Full URL
https://yeyekan1.com/yyk/hfgg2.js
Requested by
Host: yykan10.com
URL: https://yykan10.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.27.133.50 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
f63ab1f86e602fd07238cbbace20cb98ba0fdc9177043846bdbe6002c5a75b79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://yykan10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:21:36 GMT
content-encoding
gzip
last-modified
Mon, 29 Mar 2021 09:29:44 GMT
server
nginx
etag
W/"60619e08-1250"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Fri, 02 Apr 2021 05:21:36 GMT
tiezi.js
yeyekan1.com/yyk/ Frame 9278
1008 B
1 KB
Script
General
Full URL
https://yeyekan1.com/yyk/tiezi.js
Requested by
Host: yykan10.com
URL: https://yykan10.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.27.133.50 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
526c3441c347a7b16ed85342e394cf230b458bcc302e64c2fbf6d1eaa3402ded
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://yykan10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:21:36 GMT
last-modified
Fri, 19 Mar 2021 07:07:48 GMT
server
nginx
etag
"60544dc4-3f0"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
1008
expires
Fri, 02 Apr 2021 05:21:36 GMT
hfgg3.js
yeyekan1.com/yyk/ Frame 9278
2 KB
719 B
Script
General
Full URL
https://yeyekan1.com/yyk/hfgg3.js
Requested by
Host: yykan10.com
URL: https://yykan10.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.27.133.50 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
fe97ae562ce32c23898b0c1915f4010f316d7bfaf890abf2d75a82a2a4416bc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://yykan10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:21:36 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 06:32:20 GMT
server
nginx
etag
W/"60641774-6c8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Fri, 02 Apr 2021 05:21:36 GMT
hfgg4.js
yeyekan1.com/yyk/ Frame 9278
4 KB
881 B
Script
General
Full URL
https://yeyekan1.com/yyk/hfgg4.js
Requested by
Host: yykan10.com
URL: https://yykan10.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.27.133.50 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
983d7ab0152939a3e9c6e89e233cb7ab3454b053a3f5b064ba74987558fb8c58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://yykan10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:21:36 GMT
content-encoding
gzip
last-modified
Mon, 29 Mar 2021 09:29:48 GMT
server
nginx
etag
W/"60619e0c-f3d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Fri, 02 Apr 2021 05:21:36 GMT
gglxfx.js
yeyekan1.com/yyk/ Frame 9278
877 B
1 KB
Script
General
Full URL
https://yeyekan1.com/yyk/gglxfx.js
Requested by
Host: yykan10.com
URL: https://yykan10.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.27.133.50 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
4ea2e32023ccbcd8576f45fb3075d3f99a6f668f4cc449aeeb3092bb39742341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://yykan10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:21:36 GMT
last-modified
Fri, 19 Mar 2021 07:05:42 GMT
server
nginx
etag
"60544d46-36d"
strict-transport-security
max-age=31536000
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
877
expires
Fri, 02 Apr 2021 05:21:36 GMT
z_stat.php
s9.cnzz.com/ Frame 9278
12 KB
4 KB
Script
General
Full URL
https://s9.cnzz.com/z_stat.php?id=1279780985&web_id=1279780985
Requested by
Host: yykan10.com
URL: https://yykan10.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
218.94.207.228 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
35aef887dd847d88052d830f023fde05d5848422e57bd864207f0e4cce551f39

Request headers

Referer
https://yykan10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 16:06:35 GMT
content-encoding
gzip
age
4501
x-powered-by
PHP/5.5.25
x-cache
HIT TCP_MEM_HIT dirn:12:467825639
x-swift-cachetime
4309
x-swift-savetime
Thu, 01 Apr 2021 16:24:46 GMT
content-length
4082
last-modified
Thu, 01 Apr 2021 16:06:35 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1617293195
content-type
application/javascript
via
cache22.l2cn1807[0,200-0,H], cache31.l2cn1807[1,0], cache3.cn2568[0,0,200-0,H], cache3.cn2568[0,0]
cache-control
max-age=5400,s-maxage=5400
timing-allow-origin
*
eagleid
da5ecf8516172976968742987e
go1
ia.51.la/
0
255 B
Image
General
Full URL
http://ia.51.la/go1?id=21093075&rt=1617297696320&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E9%259D%2592%25E8%258D%2589%25E8%25A7%2586%25E9%25A2%2591%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B_%25E9%259D%2592%25E9%259D%2592%25E6%2588%2590%25E7%25BA%25BF%25E5%259C%25A8%25E4%25BA%25BA%25E7%25BA%25BF%25E5%2585%258D%25E8%25B4%25B9%25E5%2595%25AA_%25E4%25B8%2589%25E7%25BA%25A7%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595&ing=1&ekc=&sid=1617297696320&tt=%25E5%258F%258C%25E9%25B8%25AD%25E5%25B1%25B1%25E8%25BE%2588%25E8%2583%258C%25E7%2594%25B5%25E5%25AD%2590%25E6%2594%25AF%25E4%25BB%2598%25E8%25AE%25BE%25E5%25A4%2587%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E9%259D%2592%25E8%258D%2589%25E8%25A7%2586%25E9%25A2%2591%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B_%25E9%259D%2592%25E9%259D%2592%25E6%2588%2590%25E7%25BA%25BF%25E5%259C%25A8%25E4%25BA%25BA%25E7%25BA%25BF%25E5%2585%258D%25E8%25B4%25B9%25E5%2595%25AA_%25E4%25B8%2589%25E7%25BA%25A7%25E5%259C%25A8%25E7%25BA%25BF%25E8%25A7%2582%25E7%259C%258B%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E5%25AE%258C%25E6%2595%25B4%25E7%2589%2588&cu=http%253A%252F%252Fwww.byhilton.com%252F&pu=
Requested by
Host: www.byhilton.com
URL: http://www.byhilton.com/
Protocol
HTTP/1.1
Server
183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
CloudWAF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.byhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Apr 2021 17:21:36 GMT
Server
CloudWAF
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
x-4595-34.js
www.govshenzhen.cn/ty/ Frame 9278
0
0

31E07C45-7BDA-4C02-9FB2-816D12CF9180.ap
at.180cq.cn/d/ Frame 9278
12 KB
12 KB
Script
General
Full URL
https://at.180cq.cn/d/31E07C45-7BDA-4C02-9FB2-816D12CF9180.ap
Requested by
Host: yeyekan1.com
URL: https://yeyekan1.com/yyk/hfgg1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.246.43.168 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
22a17dc7dbe7d4d85eae13222498c5d83502ab9fa0b779df0bc4c3277e4ccde2

Request headers

Referer
https://yykan10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:12:11 GMT
via
cache2.l2ot7-1[0,200-0,H], cache29.l2ot7-1[0,0], cache29.l2ot7-1[1,0], cache6.de2[161,161,200-0,M], cache9.de2[162,0]
server
Tengine
age
566
access-control-allow-methods
*
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
x-swift-cachetime
600
x-cache
MISS TCP_REFRESH_MISS dirn:-2:-2
x-swift-savetime
Thu, 01 Apr 2021 17:21:37 GMT
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
12307
eagleid
2ff62b9d16172976969778281e
ali-swift-global-savetime
1617297149
25D77E3C-E5A6-4E4D-BEF8-2E879DDDA2BA.ap
at.180cq.cn/d/ Frame 9278
11 KB
11 KB
Script
General
Full URL
https://at.180cq.cn/d/25D77E3C-E5A6-4E4D-BEF8-2E879DDDA2BA.ap
Requested by
Host: yeyekan1.com
URL: https://yeyekan1.com/yyk/hfgg1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.246.43.168 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
70038a5615352fa54e0ad1d862ac917a35c77664b7b0d38bbda32ea80df54d2f

Request headers

Referer
https://yykan10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 17:20:31 GMT
via
cache25.l2ot7-1[0,200-0,H], cache13.l2ot7-1[1,0], cache13.l2ot7-1[1,0], cache13.de2[152,152,200-0,M], cache9.de2[154,0]
server
Tengine
age
66
access-control-allow-methods
*
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
x-swift-cachetime
600
x-cache
MISS TCP_REFRESH_MISS dirn:-2:-2
x-swift-savetime
Thu, 01 Apr 2021 17:21:37 GMT
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
10756
eagleid
2ff62b9d16172976969778282e
ali-swift-global-savetime
1617297649
0
p.qlogo.cn/qqmail_head/ibQttPRWzrFFTfrfamlIBZKlc1CfQlAnHFPcvzxA6fryhKRPVscvnCsn4PJVibt1FuhiaNfib6u6wz8/ Frame 9278
278 KB
279 KB
Image
General
Full URL
https://p.qlogo.cn/qqmail_head/ibQttPRWzrFFTfrfamlIBZKlc1CfQlAnHFPcvzxA6fryhKRPVscvnCsn4PJVibt1FuhiaNfib6u6wz8/0
Requested by
Host: yykan10.com
URL: https://yykan10.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:ff:f101:10::13f , China, ASN4816 (CHINANET-IDC-GD China Telecom (Group), CN),
Reverse DNS
Software
NWSs /
Resource Hash
76fcf9fa661a0215b87f8d3357c3d7eecf478826b9761f9c61622bd76802043a

Request headers

Referer
https://yykan10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-DataSrc
2
Date
Thu, 01 Apr 2021 17:21:38 GMT
Size
284932
Connection
keep-alive
Content-Length
284932
X-Info
real data
X-ReqGue
0
User-ReturnCode
0
fid
0
Last-Modified
Mon, 22 Feb 2021 19:51:17 GMT
Server
NWSs
X-Cpt
filename=0
Vary
Accept,Origin
chid
0
X-Delay
1597 us
Cache-Control
max-age=2592000
X-BCheck
0_1
X-NWS-LOG-UUID
1fbc24ec-8dfa-4cc9-be06-3163e8016093
Content-Type
image/gif
0
p.qlogo.cn/qqmail_head/ibQttPRWzrFFTfrfamlIBZKlc1CfQlAnHFPcvzxA6frwJ1lDFgBs6bOTyIpVImIopyibunNCTib9oA/ Frame 9278
275 KB
275 KB
Image
General
Full URL
https://p.qlogo.cn/qqmail_head/ibQttPRWzrFFTfrfamlIBZKlc1CfQlAnHFPcvzxA6frwJ1lDFgBs6bOTyIpVImIopyibunNCTib9oA/0
Requested by
Host: yykan10.com
URL: https://yykan10.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.254.152 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Qnginx/1.4.4 /
Resource Hash
7bcabac31b5ed1f9d3d0cfc81221b8db58268bd3f9d948a57d6d30c4bb5ab3fe

Request headers

Referer
https://yykan10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-datasrc
2
date
Thu, 01 Apr 2021 17:21:37 GMT
size
281180
content-length
281180
x-info
real data
x-reqgue
0
user-returncode
0
fid
0
last-modified
Mon, 22 Feb 2021 19:51:16 GMT
server
Qnginx/1.4.4
x-cpt
filename=0
vary
Accept,Origin
chid
0
x-delay
28662 us
cache-control
max-age=2592000
x-bcheck
0_1
x-nws-log-uuid
476f4161-23da-4a82-8b24-3cf5b49454ce
content-type
image/gif
8cae346873f04cce92f520f1cbc29198
p26-tt.byteimg.com/origin/pgc-image/ Frame 9278
Redirect Chain
  • https://img.downk.cc/item/6033a81583b6f643682677d4.gif
  • https://p26-tt.byteimg.com/origin/pgc-image/8cae346873f04cce92f520f1cbc29198
0
0

bdc92ced933b7166a542cae37193f00eb3ccbb042c3e536257efc747d8725658dcc0b0249a327624d28171e2fbd382cf4e0a7554774b9f511a9367c6fec3d7a2
sz.btfs.mail.ftn.qq.com/ftn_handler/ Frame 9278
Redirect Chain
  • https://wx.mail.qq.com/webnote/viewfile?fileid=ZF0014_nvbN2LyMFh8uI2oAXCmXVb2&notekey=QtziGXWPpMlGRc2cRnDWph8soN-wTpCVnNeTbiNo9z0&name=%E4%B8%8A.gif&size=115834&md5=c6b86074f8dc03982dd7c8aa243c4266...
  • https://sz.btfs.mail.ftn.qq.com/ftn_handler/bdc92ced933b7166a542cae37193f00eb3ccbb042c3e536257efc747d8725658dcc0b0249a327624d28171e2fbd382cf4e0a7554774b9f511a9367c6fec3d7a2?compressed=0&dtype=1&fna...
113 KB
113 KB
Image
General
Full URL
https://sz.btfs.mail.ftn.qq.com/ftn_handler/bdc92ced933b7166a542cae37193f00eb3ccbb042c3e536257efc747d8725658dcc0b0249a327624d28171e2fbd382cf4e0a7554774b9f511a9367c6fec3d7a2?compressed=0&dtype=1&fname=%E4%B8%8A.gif
Requested by
Host: yykan10.com
URL: https://yykan10.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
203.205.248.187 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWSs /
Resource Hash
9bb709fd9ed471feddb2c8ac46ff814c6aab3650cbaf1f0c4e38bc97243f232c

Request headers

Referer
https://yykan10.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

User-ReturnCode
0
Date
Thu, 01 Apr 2021 17:21:41 GMT
Server
NWSs
Content-Language
zh-CN
Access-Control-Allow-Origin
*
Content-Disposition
attachment; filename="%E4%B8%8A.gif"; filename*=utf-8''%E4%B8%8A.gif
X-NWS-LOG-UUID
ccccf0bf-7ee7-45a7-b34e-a11db8cb82ba
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
115834

Redirect headers

Location
https://sz.btfs.mail.ftn.qq.com/ftn_handler/bdc92ced933b7166a542cae37193f00eb3ccbb042c3e536257efc747d8725658dcc0b0249a327624d28171e2fbd382cf4e0a7554774b9f511a9367c6fec3d7a2?compressed=0&dtype=1&fname=%E4%B8%8A.gif
Strict-Transport-Security
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.govshenzhen.cn
URL
https://www.govshenzhen.cn:4443/ty/x-4595-34.js
Domain
p26-tt.byteimg.com
URL
https://p26-tt.byteimg.com/origin/pgc-image/8cae346873f04cce92f520f1cbc29198

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated string| titlestr function| setFrame

0 Cookies

4 Console Messages

Source Level URL
Text
console-api log URL: http://www.byhilton.com/common.js(Line 1)
Message:
3
console-api log URL: http://www.byhilton.com/common.js(Line 1)
Message:
0***DIV**showcloneshengxiaon
console-api log URL: http://www.byhilton.com/common.js(Line 1)
Message:
1***STYLE**
console-api log URL: http://www.byhilton.com/common.js(Line 1)
Message:
2***SCRIPT**

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at.180cq.cn
byhilton.com
ia.51.la
js.users.51.la
p.qlogo.cn
p26-tt.byteimg.com
s9.cnzz.com
sz.btfs.mail.ftn.qq.com
www.byhilton.com
www.govshenzhen.cn
wx.mail.qq.com
yeyekan1.com
yykan10.com
p26-tt.byteimg.com
www.govshenzhen.cn
122.228.91.87
183.131.207.66
203.205.248.187
203.205.254.152
218.94.207.228
23.230.173.140
23.27.133.50
240d:c040:1:40::13f
240e:ff:f101:10::13f
2606:4700:3033::6815:5c50
47.246.43.168
1566f6bcb371dece0f736395079ea095f847d84816671dd2e755cfd8c8a94917
1ef46c4182dc7e56dc39948b952f1e67e63b16bde833e68619b72246bf712dc3
20216bd5ff0071e20e2f3bdcdaef1de5eef32090a7a40360c65827e0c62575db
22a17dc7dbe7d4d85eae13222498c5d83502ab9fa0b779df0bc4c3277e4ccde2
35aef887dd847d88052d830f023fde05d5848422e57bd864207f0e4cce551f39
45f3c82dffbf73d1ddf2d8fe6ae31cf3eb6a1adfa27574fbc9a39662d0e579d0
47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812
4ea2e32023ccbcd8576f45fb3075d3f99a6f668f4cc449aeeb3092bb39742341
5067762947894a765a97e7680753bec668ce0a5178ee2dd757de93ba8ece7a13
526c3441c347a7b16ed85342e394cf230b458bcc302e64c2fbf6d1eaa3402ded
70038a5615352fa54e0ad1d862ac917a35c77664b7b0d38bbda32ea80df54d2f
76fcf9fa661a0215b87f8d3357c3d7eecf478826b9761f9c61622bd76802043a
77df0ce17bee199f8fd916d8ff6c35658f101c24ccb3ed547db8af83233375f2
7bcabac31b5ed1f9d3d0cfc81221b8db58268bd3f9d948a57d6d30c4bb5ab3fe
983d7ab0152939a3e9c6e89e233cb7ab3454b053a3f5b064ba74987558fb8c58
9bb709fd9ed471feddb2c8ac46ff814c6aab3650cbaf1f0c4e38bc97243f232c
a68e00f7d4c112fdc1bd0525061f74bc0180ad90a39b1a065720fc650818eb54
c31cba90c462ca0fca5583fee9393e631cc4bec7bbf5f38b42c8c90d10a4767c
c6e1d34c18249f876c53a91843159d70feff59ef549462b05a9b14e15485d3ba
c875d8961144b27beaa5bda6eb743c66c29c60498ce2b8c5dc7a62ecfa25e206
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44c68646be19064cfe9b4d179e8254fc635b0dca0235bee25f5b6538f0d8187
ee27d73e8a3e6caeaa09c79beab8c8216bce6f9f3d15fbcad195613edaae26e2
f63ab1f86e602fd07238cbbace20cb98ba0fdc9177043846bdbe6002c5a75b79
fe97ae562ce32c23898b0c1915f4010f316d7bfaf890abf2d75a82a2a4416bc2