qq.gc.kj12349.com Open in urlscan Pro
84.247.153.9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://qq.gc.kj12349.com/
Submission: On April 28 via api (April 28th 2024, 10:27:26 am UTC) from US — Scanned from JP

Summary HTTP 28 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 6 domains to perform 28 HTTP transactions. The main IP is 84.247.153.9, located in Tokyo, Japan and belongs to CAPL-AS-AP Contabo Asia Private Limited, SG. The main domain is qq.gc.kj12349.com.
TLS certificate: Issued by R3 on April 26th 2024. Valid for: 3 months.

This is the only time qq.gc.kj12349.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	84.247.153.9 84.247.153.9	141995 (CAPL-AS-A...) (CAPL-AS-AP Contabo Asia Private Limited)
1	65.75.210.83 65.75.210.83	50131 (SPARTANHOST) (SPARTANHOST)
2	14.215.183.79 14.215.183.79	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
3	172.67.187.192 172.67.187.192	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	4

22 84.247.153.9 (Tokyo, Japan)

ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG)
PTR: vmi1797893.contaboserver.net

qq.gc.kj12349.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.101046.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
101043.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
101046.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.75.210.83 (Dallas, United States)

ASN50131 (SPARTANHOST, GB)

kj.tyhyhgugj.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 14.215.183.79 (Guangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.187.192 (United States)

ASN13335 (CLOUDFLARENET, US)

img1.shanghaixiaochagu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	101046.com www.101046.com 101046.com	2 MB
4	kj12349.com qq.gc.kj12349.com	98 KB
3	shanghaixiaochagu.com img1.shanghaixiaochagu.com	34 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 10244	12 KB
2	101043.com 101043.com	187 KB
1	tyhyhgugj.xyz kj.tyhyhgugj.xyz
28	6

	Domain	Requested by
10	www.101046.com	qq.gc.kj12349.com
6	101046.com	qq.gc.kj12349.com
4	qq.gc.kj12349.com	qq.gc.kj12349.com
3	img1.shanghaixiaochagu.com	qq.gc.kj12349.com
2	hm.baidu.com	qq.gc.kj12349.com
2	101043.com	qq.gc.kj12349.com
1	kj.tyhyhgugj.xyz	qq.gc.kj12349.com
28	7

This site contains links to these domains. Also see Links.

Domain
vip.gc.xg12349.com
am.cp.lhc12349.com
jj.cp4.99cai4.cc
jj.cp.99cai0.cc
jj.cp3.99cai3.cc
jj.cp1.99cai1.cc
www.101046.com
jj.cp2.99cai2.cc
kj.tyhyhgugj.xyz

Subject Issuer	Validity	Valid
www.101046.com R3	`2024-04-26` - `2024-07-25`	3 months	crt.sh
www.101043.com R3	`2024-04-27` - `2024-07-26`	3 months	crt.sh
kj.tyhyhgugj.xyz R3	`2024-04-25` - `2024-07-24`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh
shanghaixiaochagu.com GTS CA 1P5	`2024-03-12` - `2024-06-10`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://qq.gc.kj12349.com/
Frame ID: 8AA0F6F32E691A7AED5AE892BA08C30F
Requests: 27 HTTP requests in this frame

Frame: https://kj.tyhyhgugj.xyz/
Frame ID: 0F28B4F169F53E857588705B212CAF73
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

澳门神算子

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Page Statistics

28
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

4
IPs

3
Countries

2233 kB
Transfer

3023 kB
Size

3
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://vip.gc.xg12349.com/#tz
Title: 香港六合彩点击查看

Search URL Search Domain Scan URL

URL: https://am.cp.lhc12349.com/#tz
Title: 澳门六合彩点击查看

Search URL Search Domain Scan URL

URL: https://jj.cp4.99cai4.cc/reg?code=382583

Search URL Search Domain Scan URL

URL: https://jj.cp.99cai0.cc/reg?code=382583
Title: 点击注册

Search URL Search Domain Scan URL

URL: https://jj.cp3.99cai3.cc/reg?code=382583

Search URL Search Domain Scan URL

URL: https://jj.cp1.99cai1.cc/reg?code=382583
Title: 99彩票会员

Search URL Search Domain Scan URL

URL: http://www.101046.com/tiezi/1.htm
Title: 精华帖 119期【平特一肖】已公开时闻折竹

Search URL Search Domain Scan URL

URL: http://www.101046.com/tiezi/2.htm
Title: 精华帖 119期【一肖一码】已公开仙气十足

Search URL Search Domain Scan URL

URL: http://www.101046.com/tiezi/3.htm
Title: 精华帖 119期【东南西北】已公开苦巷深桥

Search URL Search Domain Scan URL

URL: http://www.101046.com/tiezi/4.htm
Title: 精华帖 119期【赢钱16码】已公开花自飘零

Search URL Search Domain Scan URL

URL: http://www.101046.com/tiezi/5.htm
Title: 精华帖 119期【精选24码】已公开挥袖抚琴

Search URL Search Domain Scan URL

URL: http://www.101046.com/tiezi/6.htm
Title: 精华帖 119期【经典五肖】已公开与我何干

Search URL Search Domain Scan URL

URL: http://www.101046.com/tiezi/7.htm
Title: 精华帖 119期【好运七肖】已公开追梦抓梦

Search URL Search Domain Scan URL

URL: http://www.101046.com/tiezi/8.htm
Title: 精华帖 119期【文武将才】已公开抽象风格

Search URL Search Domain Scan URL

URL: http://www.101046.com/tiezi/9.htm
Title: 精华帖 119期【琴棋书画】已公开心安勿忘

Search URL Search Domain Scan URL

URL: http://www.101046.com/tiezi/10.htm
Title: 精华帖 119期【一点通解料】已公开红尘客栈

Search URL Search Domain Scan URL

URL: http://www.101046.com/tiezi/11.htm
Title: 精华帖 119期【单双大小】已公开异度空间

Search URL Search Domain Scan URL

URL: http://www.101046.com/tiezi/12.htm
Title: 精华帖 119期【平特二肖】已公开夜半诗人

Search URL Search Domain Scan URL

URL: http://www.101046.com/tiezi/13.htm
Title: 精华帖 119期【投资20码】已公开九纸情书

Search URL Search Domain Scan URL

URL: http://www.101046.com/tiezi/14.htm
Title: 精华帖 119期【强大五行】已公开蜡笔小猪

Search URL Search Domain Scan URL

URL: http://www.101046.com/tiezi/15.htm
Title: 精华帖 119期【中特一句话】已公开南港清风

Search URL Search Domain Scan URL

URL: http://www.101046.com/tiezi/16.htm
Title: 精华帖 119期【季节送肖】已公开骑驴找马

Search URL Search Domain Scan URL

URL: http://www.101046.com/tiezi/17.htm
Title: 精华帖 119期【绝杀一行】已公开春秋无味

Search URL Search Domain Scan URL

URL: https://jj.cp2.99cai2.cc/reg?code=382583
Title: 点击免费注册

Search URL Search Domain Scan URL

URL: https://kj.tyhyhgugj.xyz/history/2
Title: 开奖历史

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
qq.gc.kj12349.com/ 872 KB
95 KB 580ms
394ms Document
text/html 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to

Full URL: https://qq.gc.kj12349.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a40231caeb1b4cd23654b52c5749b0b5ed46b2b98b069be5e3dc9e29f24b6d46

Request headers

Accept-Language: jp-JP,jp;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html
date: Sun, 28 Apr 2024 10:27:21 GMT
etag: "57ad3e4d3799da1:0"
last-modified: Sun, 28 Apr 2024 06:42:55 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-powered-by: ASP.NET

GET
H2 200 gsb.js Show response
qq.gc.kj12349.com/ 2 KB
1 KB 4ms
2ms Script
application/javascript 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to

Full URL: https://qq.gc.kj12349.com/gsb.js
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a97a127f22ca003a3bbb73a47f27d3a34e11a4b7a26647abe92a9e73a6e29aeb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
content-encoding: gzip
last-modified: Sun, 28 Apr 2024 07:09:01 GMT
server: Microsoft-IIS/10.0
etag: "37678cf23a99da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1116

GET
H2 200 shouyetu.jpg
www.101046.com/tp/ 159 KB
160 KB 217ms
13ms Image
image/jpeg 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.101046.com/tp/shouyetu.jpg
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: befa6c611deabab28372bfca50f8d4ef1a9d4b64bb59f69990aaa67de671f749

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
last-modified: Fri, 12 Apr 2024 07:50:12 GMT
server: Microsoft-IIS/10.0
etag: "ab94a7cae8cda1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 163231

GET
H2 200 99cc1.gif
101043.com/tp/ 15 KB
15 KB 32ms
4ms Image
image/gif 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://101043.com/tp/99cc1.gif
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9ae81c57691fe67c2dcf2a69017543732565c54332607521e11f1f2619f355e1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
last-modified: Sun, 14 Apr 2024 11:06:02 GMT
server: Microsoft-IIS/10.0
etag: "2b53bd5b8eda1:0"
x-powered-by: ASP.NET
content-type: image/gif
accept-ranges: bytes
content-length: 15103

GET
H2 200 lll.gif
www.101046.com/tp/ 423 KB
423 KB 193ms
14ms Image
image/gif 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.101046.com/tp/lll.gif
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d79135debeb2726096199081b2284573c3727f498661d3945af62e17c9a55551

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
last-modified: Mon, 22 Apr 2024 13:25:38 GMT
server: Microsoft-IIS/10.0
etag: "7a8b1791b894da1:0"
x-powered-by: ASP.NET
content-type: image/gif
accept-ranges: bytes
content-length: 432996

GET
H2 200 ddjb.gif
101046.com/tp/ 2 KB
2 KB 362ms
3ms Image
image/gif 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://101046.com/tp/ddjb.gif
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9be846c18af51a3afe4ae5926237234faa293785eac585f4122eb8c8e1ddebac

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
last-modified: Sat, 20 Apr 2024 14:47:59 GMT
server: Microsoft-IIS/10.0
etag: "3b30c7bc3193da1:0"
x-powered-by: ASP.NET
content-type: image/gif
accept-ranges: bytes
content-length: 2109

GET
H2 200 aa1.gif
101046.com/tp/ 111 B
213 B 362ms
4ms Image
image/gif 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://101046.com/tp/aa1.gif
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7ab5c16868be470eb76e4f4adc804228847ca79423281bf0319e75cde6339003

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
last-modified: Thu, 18 Apr 2024 15:22:20 GMT
server: Microsoft-IIS/10.0
etag: "5762b734a491da1:0"
x-powered-by: ASP.NET
content-type: image/gif
accept-ranges: bytes
content-length: 111

GET
H2 200 jianbiao.gif
www.101046.com/tp/ 2 KB
2 KB 202ms
22ms Image
image/gif 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.101046.com/tp/jianbiao.gif
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4a0fb482ce6a8e58861c432e5fdd01190782f7a6ecc50351c5496363ff56adb5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
last-modified: Thu, 11 Apr 2024 14:37:47 GMT
server: Microsoft-IIS/10.0
etag: "b0845ad21d8cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
accept-ranges: bytes
content-length: 2051

GET
H2 200 gaoshoubang.jpg
101046.com/tp/ 153 KB
153 KB 363ms
4ms Image
image/jpeg 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://101046.com/tp/gaoshoubang.jpg
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c9ac7ffa2af8893120b4172b6332ac3fcff686f614afa5596f20da03388a7130

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
last-modified: Fri, 12 Apr 2024 13:26:55 GMT
server: Microsoft-IIS/10.0
etag: "20b86716dd8cda1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 156238

GET
H2 200 gangaobaodianxjt.jpg
www.101046.com/tp/ 157 KB
157 KB 204ms
25ms Image
image/jpeg 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.101046.com/tp/gangaobaodianxjt.jpg
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 540c0e819fedf56d0dc9d0a359415473dfcda3dce74f1166965ec77a1532d6ef

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
last-modified: Sat, 27 Apr 2024 05:52:49 GMT
server: Microsoft-IIS/10.0
etag: "683fb226798da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 160359

GET
H2 200 99cc.gif
101043.com/tp/ 172 KB
172 KB 9ms
5ms Image
image/gif 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://101043.com/tp/99cc.gif
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 25bb914491ffc6bdf1e1c11244fa5b94435481be769204ac162edec915024b99

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
last-modified: Sun, 14 Apr 2024 11:06:01 GMT
server: Microsoft-IIS/10.0
etag: "bae19ebc5b8eda1:0"
x-powered-by: ASP.NET
content-type: image/gif
accept-ranges: bytes
content-length: 175718

GET
H2 200 zdsc12.jpg
101046.com/tp/ 51 KB
51 KB 365ms
7ms Image
image/jpeg 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://101046.com/tp/zdsc12.jpg
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5b73bf61d8ed6d48bffcaa97148f3b36148d08720c6a184185f9c2058eba4367

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
last-modified: Sat, 27 Apr 2024 05:52:43 GMT
server: Microsoft-IIS/10.0
etag: "0464d1f6798da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 52142

GET
H2 200 jshz.jpg
www.101046.com/tp/ 326 KB
326 KB 197ms
26ms Image
image/jpeg 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.101046.com/tp/jshz.jpg
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b22bbcb9b90b3b75ae31e652328db1f0e1d7af2bb4bdcd85419834216e1e7179

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
last-modified: Sat, 27 Apr 2024 05:52:47 GMT
server: Microsoft-IIS/10.0
etag: "8b4dc0216798da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 333933

GET
H2 200 hlm.jpg
www.101046.com/tp/ 172 KB
173 KB 182ms
15ms Image
image/jpeg 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.101046.com/tp/hlm.jpg
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f2bcb11ec9f6aa266210bb41877682fb266440bc581dfa0cc4b82835e5702137

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
last-modified: Sat, 27 Apr 2024 05:52:48 GMT
server: Microsoft-IIS/10.0
etag: "876c62226798da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 176430

GET
H2 200 sgfy.jpg
www.101046.com/tp/ 163 KB
163 KB 11ms
10ms Image
image/jpeg 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.101046.com/tp/sgfy.jpg
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 93712556915c6ca133dc598ee7a32961a69c3eacea99fed076a8b046c47f4971

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
last-modified: Sat, 27 Apr 2024 05:52:45 GMT
server: Microsoft-IIS/10.0
etag: "7fe7c206798da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 166637

GET
H2 200 xingxing.gif
101046.com/tp/ 2 KB
2 KB 291ms
6ms Image
image/gif 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://101046.com/tp/xingxing.gif
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: baf87a4bb70e08223fcae73d4a4503b6e17322ec74d0b12c74eebbf048fb9098

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
last-modified: Fri, 19 Apr 2024 05:57:47 GMT
server: Microsoft-IIS/10.0
etag: "9e86eb801e92da1:0"
x-powered-by: ASP.NET
content-type: image/gif
accept-ranges: bytes
content-length: 1892

GET
H2 200 temashiju.jpg
www.101046.com/tp/ 92 KB
92 KB 11ms
11ms Image
image/jpeg 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.101046.com/tp/temashiju.jpg
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c7130dfd0fff89920f4f1358a2c96036dead8c7c5bfdc998b8ec90bb2b4b100e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
last-modified: Sat, 27 Apr 2024 05:52:44 GMT
server: Microsoft-IIS/10.0
etag: "3defd91f6798da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 93819

GET
H2 200 jtdt.jpg
101046.com//tp/ 53 KB
54 KB 290ms
5ms Image
image/jpeg 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://101046.com//tp/jtdt.jpg
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 39dd30ed80384639d69ecd9fdfcaaed0b72f23ab6a07c1826aad669ea0b10664

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
last-modified: Sat, 27 Apr 2024 05:52:46 GMT
server: Microsoft-IIS/10.0
etag: "531bb216798da1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 54701

GET
H2 200 /
kj.tyhyhgugj.xyz/ Frame 0F28 0
0 441ms
142ms Document
text/html 65.75.210.83
SPARTANHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://kj.tyhyhgugj.xyz/

Requested by

Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.75.210.83 Dallas, United States, ASN50131 (SPARTANHOST, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9;q=0.9
Referer: https://qq.gc.kj12349.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-length: 436
content-type: text/html
date: Sun, 28 Apr 2024 10:27:21 GMT
etag: "662a236a-1b4"
last-modified: Thu, 25 Apr 2024 09:33:30 GMT
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 beijingtu.jpg
www.101046.com/tp/ 66 KB
66 KB 114ms
9ms Image
image/jpeg 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.101046.com/tp/beijingtu.jpg
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1e113da532c340fc3be3f38c42380c7bfe2136d20efae46d25512a48f0466f1a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
last-modified: Fri, 12 Apr 2024 07:40:12 GMT
server: Microsoft-IIS/10.0
etag: "4acec9a6ac8cda1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 67256

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 722ms
266ms Script
application/javascript 14.215.183.79
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?f438defdabc42c6f6f8a5ac32072c508

Requested by

Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

apache /

Resource Hash

d25cf7f42addcd2eb7224021e4e0f74aff0366e3376dc946c65344c7ab0b0bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 28 Apr 2024 10:27:22 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 829f6a83db528244b6cfc34ef18d888a
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11254

GET
H2 404 linear-gradient(to%20top,
qq.gc.kj12349.com/ 1 KB
1 KB 4ms
4ms Image
text/html 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qq.gc.kj12349.com/linear-gradient(to%20top,
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 1245
content-type: text/html

GET
H3 200 list.png
img1.shanghaixiaochagu.com/assets/img/ 4 KB
4 KB 32ms
13ms Image
image/png 172.67.187.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.shanghaixiaochagu.com/assets/img/list.png
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a1aeef84acc4fd3314b3f6f5d33c3bf894a1a7e797003a7cebbe54a8b3f953a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 190506
alt-svc: h3=":443"; ma=86400
content-length: 3724
last-modified: Tue, 30 Jul 2019 08:02:43 GMT
server: cloudflare
etag: "5d3ff9a3-e8c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pi1woWmrMSVuWa9dlwygIdBuQ%2FZulOrOAAnB%2B%2F6BfSVaMTDSUH5X7tw6tk3RNCTZHfKN%2B7uul9Qtcsuyo3aeKrdzcAnJcvl%2BXO%2BeIVc3CRo8byWt54TfulyJ5GDca1QbaVUgT1vdHLx9YH832w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 87b65bfb29ecaf28-NRT
expires: Sun, 26 May 2024 05:32:15 GMT

GET
H3 200 cfl-more.png
img1.shanghaixiaochagu.com/assets/img/ 25 KB
26 KB 30ms
10ms Image
image/png 172.67.187.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.shanghaixiaochagu.com/assets/img/cfl-more.png
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b72dd2d1a81a30aeecdd921e283f3d919e1d5e50cd626024aea9d0bfc16988

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 190504
alt-svc: h3=":443"; ma=86400
content-length: 26075
last-modified: Tue, 30 Jul 2019 06:25:38 GMT
server: cloudflare
etag: "5d3fe2e2-65db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xZG1pjNmvMcsYtrzCtUCVRL5KZDdxPqYjFFBl9bL%2BwpQMquWe1Tw4zIsBdc5jPuioV2TMX%2BL2ssw3wBRqc%2FBQurCnwaj4jOfbZq2yqYcyQOzp%2BA72dGH0iDwskjIBflVg1n46wTQkifd0BDNgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 87b65bfb39f2af28-NRT
expires: Sun, 26 May 2024 05:32:17 GMT

GET
H3 200 cfl4.png
img1.shanghaixiaochagu.com/assets/img/ 3 KB
3 KB 32ms
13ms Image
image/png 172.67.187.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.shanghaixiaochagu.com/assets/img/cfl4.png
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.187.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 690525e35adf0a12e48716dd62cd5efe930485d8e5e876a11762b9658b667e00

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 190506
alt-svc: h3=":443"; ma=86400
content-length: 3044
last-modified: Tue, 30 Jul 2019 08:05:49 GMT
server: cloudflare
etag: "5d3ffa5d-be4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LNxGb3KrhlDFLieLwOLvBA6xuwjpPUxkECEVuy5PDTE53xTIEZuw0Xm8zLc8Fc5H9N%2Bght8or5ytgYg%2FjsqzSVXiDjZ7RBxCi9y2%2BLf3TExk4aNJeSSWEUzYbSHwtq03J37hbfZxnVhv3PhK5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
cf-ray: 87b65bfb29eeaf28-NRT
expires: Sun, 26 May 2024 05:32:15 GMT

GET
H2 200 goucailogo.png
www.101046.com//tp/ 79 KB
79 KB 7ms
7ms Image
image/png 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.101046.com//tp/goucailogo.png
Requested by: Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 52c813e4e4fadabc1b7d370f135cd026fefabdaa234cfbf344dc8b6fb2f581a8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:21 GMT
last-modified: Thu, 25 Apr 2024 13:00:41 GMT
server: Microsoft-IIS/10.0
etag: "31dba5931097da1:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 80997

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 252ms
252ms Image
image/gif 14.215.183.79
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=jp-jp&lo=0&rnd=1641671793&si=f438defdabc42c6f6f8a5ac32072c508&v=1.3.0&lv=1&sn=35512&r=0&ww=1600&u=https%3A%2F%2Fqq.gc.kj12349.com%2F&tt=%E6%BE%B3%E9%97%A8%E7%A5%9E%E7%AE%97%E5%AD%90

Requested by

Host: qq.gc.kj12349.com
URL: https://qq.gc.kj12349.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sun, 28 Apr 2024 10:27:22 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 404 favicon.ico
qq.gc.kj12349.com/ 1 KB
1 KB 2ms
2ms Other
text/html 84.247.153.9
CAPL-AS-AP Contab...

General

Check archive.org

Show headers Download Go to

Full URL: https://qq.gc.kj12349.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS: vmi1797893.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://qq.gc.kj12349.com/
Accept-Language: jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 28 Apr 2024 10:27:22 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 1245
content-type: text/html

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-21 05:47:40	Name: HMACCOUNT_BFESS Value: 820CFB6E7AE05424
.qq.gc.kj12349.com/	1970-01-21 04:57:16	Name: Hm_lvt_f438defdabc42c6f6f8a5ac32072c508 Value: 1714300042
.qq.gc.kj12349.com/	1969-12-31 23:59:59	Name: Hm_lpvt_f438defdabc42c6f6f8a5ac32072c508 Value: 1714300042

27 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://qq.gc.kj12349.com/ Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/shouyetu.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/ Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/ Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://101046.com/tp/gaoshoubang.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/ Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/ Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/ Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/ Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/ Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/ Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/ Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/ Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/(Line 1484) Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/shouyetu.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/(Line 1484) Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/(Line 1484) Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://101046.com/tp/gaoshoubang.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/(Line 2164) Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/(Line 2164) Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/beijingtu.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/(Line 4648) Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/(Line 4648) Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/(Line 4648) Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/(Line 4648) Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/(Line 4648) Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/(Line 4648) Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qq.gc.kj12349.com/(Line 4648) Message: Mixed Content: The page at 'https://qq.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://qq.gc.kj12349.com/linear-gradient(to%20top,#eee,#fff Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://qq.gc.kj12349.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://qq.gc.kj12349.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://qq.gc.kj12349.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

101043.com
101046.com
hm.baidu.com
img1.shanghaixiaochagu.com
kj.tyhyhgugj.xyz
qq.gc.kj12349.com
www.101046.com
14.215.183.79
172.67.187.192
65.75.210.83
84.247.153.9
1e113da532c340fc3be3f38c42380c7bfe2136d20efae46d25512a48f0466f1a
25bb914491ffc6bdf1e1c11244fa5b94435481be769204ac162edec915024b99
2a1aeef84acc4fd3314b3f6f5d33c3bf894a1a7e797003a7cebbe54a8b3f953a
39dd30ed80384639d69ecd9fdfcaaed0b72f23ab6a07c1826aad669ea0b10664
4a0fb482ce6a8e58861c432e5fdd01190782f7a6ecc50351c5496363ff56adb5
52c813e4e4fadabc1b7d370f135cd026fefabdaa234cfbf344dc8b6fb2f581a8
540c0e819fedf56d0dc9d0a359415473dfcda3dce74f1166965ec77a1532d6ef
5b73bf61d8ed6d48bffcaa97148f3b36148d08720c6a184185f9c2058eba4367
690525e35adf0a12e48716dd62cd5efe930485d8e5e876a11762b9658b667e00
7ab5c16868be470eb76e4f4adc804228847ca79423281bf0319e75cde6339003
93712556915c6ca133dc598ee7a32961a69c3eacea99fed076a8b046c47f4971
9ae81c57691fe67c2dcf2a69017543732565c54332607521e11f1f2619f355e1
9be846c18af51a3afe4ae5926237234faa293785eac585f4122eb8c8e1ddebac
a40231caeb1b4cd23654b52c5749b0b5ed46b2b98b069be5e3dc9e29f24b6d46
a97a127f22ca003a3bbb73a47f27d3a34e11a4b7a26647abe92a9e73a6e29aeb
b22bbcb9b90b3b75ae31e652328db1f0e1d7af2bb4bdcd85419834216e1e7179
b9b72dd2d1a81a30aeecdd921e283f3d919e1d5e50cd626024aea9d0bfc16988
baf87a4bb70e08223fcae73d4a4503b6e17322ec74d0b12c74eebbf048fb9098
befa6c611deabab28372bfca50f8d4ef1a9d4b64bb59f69990aaa67de671f749
c7130dfd0fff89920f4f1358a2c96036dead8c7c5bfdc998b8ec90bb2b4b100e
c9ac7ffa2af8893120b4172b6332ac3fcff686f614afa5596f20da03388a7130
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d25cf7f42addcd2eb7224021e4e0f74aff0366e3376dc946c65344c7ab0b0bfa
d79135debeb2726096199081b2284573c3727f498661d3945af62e17c9a55551
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
f2bcb11ec9f6aa266210bb41877682fb266440bc581dfa0cc4b82835e5702137

qq.gc.kj12349.com Open in urlscan Pro 84.247.153.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

4 IPs

3 Countries

2233 kBTransfer

3023 kBSize

3 Cookies

25 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

3 Cookies

qq.gc.kj12349.com Open in urlscan Pro
84.247.153.9 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

4
IPs

3
Countries

2233 kB
Transfer

3023 kB
Size

3
Cookies

28 HTTP transactions
0 data transactions