z.521epgy6.kesowd.com Open in urlscan Pro
2606:4700:3037::6815:30f Public Scan

Go To Rescan
Add Verdict Report

URL:
http://z.521epgy6.kesowd.com/
Submission: On May 04 via api (May 4th 2024, 12:15:59 am UTC) from US — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3037::6815:30f, located in United States and belongs to CLOUDFLARENET, US. The main domain is z.521epgy6.kesowd.com.

This is the only time z.521epgy6.kesowd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3037::6815:30f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	8.134.100.156 8.134.100.156	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
2	111.45.3.198 111.45.3.198	56040 (CMNET-GUA...) (CMNET-GUANGDONG-AP China Mobile communications corporation)
17	4

12 2606:4700:3037::6815:30f (United States)

ASN13335 (CLOUDFLARENET, US)

z.521epgy6.kesowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.134.100.156 (Guangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

www.86wind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 111.45.3.198 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	kesowd.com z.521epgy6.kesowd.com	247 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 10507	12 KB
2	86wind.com www.86wind.com	42 KB
0	klsvc.com Failed www.klsvc.com Failed
17	4

	Domain	Requested by
12	z.521epgy6.kesowd.com	z.521epgy6.kesowd.com
2	hm.baidu.com	z.521epgy6.kesowd.com
2	www.86wind.com	z.521epgy6.kesowd.com
0	www.klsvc.com Failed	z.521epgy6.kesowd.com
17	4

This site contains no links.

Subject Issuer	Validity	Valid
www.86wind.com Encryption Everywhere DV TLS CA - G1	`2023-05-19` - `2024-05-19`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://z.521epgy6.kesowd.com/
Frame ID: 7C83B63506A53FA4C887029A28709D57
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

口无择言网

Page URL History Show full URLs

http://z.521epgy6.kesowd.com/ HTTP 307
https://z.521epgy6.kesowd.com/ HTTP 307
http://z.521epgy6.kesowd.com/ Page URL

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

24 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

301 kB
Transfer

513 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://z.521epgy6.kesowd.com/ HTTP 307
https://z.521epgy6.kesowd.com/ HTTP 307
http://z.521epgy6.kesowd.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

http://www.klsvc.com/js/panduang/y.js HTTP 301
https://www.klsvc.com/js/panduang/y.js

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
z.521epgy6.kesowd.com/
Redirect Chain

http://z.521epgy6.kesowd.com/
https://z.521epgy6.kesowd.com/
http://z.521epgy6.kesowd.com/

24 KB
7 KB

1553ms
1553ms

Document
text/html

2606:4700:3037::6815:30f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://z.521epgy6.kesowd.com/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:30f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7eed3e33f5a8fb2df69c67a353be7430c297cf237adae6a60013a43cc1435f38

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 87e44c75ba865d42-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sat, 04 May 2024 00:15:52 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FXZ1XN5sGFRwucQPkiWALW8Dr5tzS8qi1pUV7h6jJJ6ueghWhjAuhDxwhmVk2mNTlSnwmH58CasptFblxfYSNMgOb9HbtHCNVfv3V611fA21vKnUmkJ25FuNtBzbvI5WK4wuqKT%2F7HK3EneiY8tTZvN73T0%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: http://z.521epgy6.kesowd.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK gong.css
z.521epgy6.kesowd.com/template/news/boke029/style/css/ 112 KB
26 KB 513ms
513ms Stylesheet
text/css 2606:4700:3037::6815:30f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://z.521epgy6.kesowd.com/template/news/boke029/style/css/gong.css
Requested by: Host: z.521epgy6.kesowd.com
URL: http://z.521epgy6.kesowd.com/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:30f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00e9e4965d7af420065081fab76aa6875566d898c328becc0516104356f32015

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://z.521epgy6.kesowd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Sat, 04 May 2024 00:15:52 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Tue, 29 Oct 2019 04:51:14 GMT
Server: cloudflare
ETag: W/"5db7c542-1c0de"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PCFFEcJW3cKGFJMhfU1QtGfv8j3vx91dGn9ExE8FA%2F3zbZ46vePe%2Bcb6%2FCpz%2FZl1YTpHOEHnN4GqpwgngRQEpmt1xDqWEoEz5I%2FMwNm5I352lT%2F86ij6J5gc0S45Ptg2OAAJShSYbAIoYzR7NvXTZWOtO9Q%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=43200
CF-RAY: 87e44c7f6ed75d42-FRA
Expires: Sat, 04 May 2024 12:15:52 GMT

GET
H/1.1 200
OK jquery.min.js Show response
z.521epgy6.kesowd.com/template/news/boke029/style/js/ 91 KB
37 KB 530ms
502ms Script
application/javascript 2606:4700:3037::6815:30f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://z.521epgy6.kesowd.com/template/news/boke029/style/js/jquery.min.js
Requested by: Host: z.521epgy6.kesowd.com
URL: http://z.521epgy6.kesowd.com/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:30f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed06994d14ad7e8ab3f579b8b0bebf3086bf39664263ba374efe1d1b1a86900a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://z.521epgy6.kesowd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Sat, 04 May 2024 00:15:52 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Thu, 30 May 2019 02:37:34 GMT
Server: cloudflare
ETag: W/"5cef41ee-16dc8"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sUs8%2Bo6H7PaeOyL9uBs06lXzKAAjy1iSYcJPzyWVWriwwEdcfv0%2B66ENnWMTBVKKLh600rI6hJmQPvVvxLGlODzbtlPmCHqdnh7RLz6yCcIjfAVLoWbeYnRQsKuFHK1eq83FL5HIzhXU01m1RBe4N6wxPwE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=43200
CF-RAY: 87e44c7f9d753616-FRA
Expires: Sat, 04 May 2024 12:15:52 GMT

GET
H/1.1 200
OK jquery.js Show response
z.521epgy6.kesowd.com/template/news/boke029/style/js/ 54 KB
21 KB 534ms
499ms Script
application/javascript 2606:4700:3037::6815:30f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://z.521epgy6.kesowd.com/template/news/boke029/style/js/jquery.js
Requested by: Host: z.521epgy6.kesowd.com
URL: http://z.521epgy6.kesowd.com/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:30f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b12d55e675843ca8a46cdf711b18fc900099f0300db2ad17a5cd6c4b8f45739

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://z.521epgy6.kesowd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Sat, 04 May 2024 00:15:52 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Thu, 30 May 2019 02:37:36 GMT
Server: cloudflare
ETag: W/"5cef41f0-d9fa"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AgaknWeC98wH5JrbQPsyP9ZbaIa48O7iBjxWl1e8bKlsLgkVzd35J9tXLVjMF75e7lutA0h%2BitOr4fqKpvq0te5yvQnCU58%2FngYvifmaQFk4TMqfA0q7Bm90R7EUv6dON1RSCZ30BvpwyJchlhYnikd7XI0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=43200
CF-RAY: 87e44c7f99eb9f15-FRA
Expires: Sat, 04 May 2024 12:15:52 GMT

GET
H/1.1 200
OK tj.js Show response
z.521epgy6.kesowd.com/template/news/boke029/style/js/ 381 B
1 KB 426ms
390ms Script
application/javascript 2606:4700:3037::6815:30f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://z.521epgy6.kesowd.com/template/news/boke029/style/js/tj.js
Requested by: Host: z.521epgy6.kesowd.com
URL: http://z.521epgy6.kesowd.com/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:30f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcd128bb5080a40faa3cd843a92de09517b7818bc6c5434ba58d2763ca2b3131

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://z.521epgy6.kesowd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Sat, 04 May 2024 00:15:52 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Thu, 30 May 2019 02:37:28 GMT
Server: cloudflare
ETag: W/"5cef41e8-17d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m6yyhqtrWs5YwPzMu14CHqOxiDTKCCr0mIIq%2BDWmEf1JoIPb282SxbXCua%2Fs1CVN%2BTAFLgX6tYsLJ0iTE8%2Fs54IooEh0pnOfVeGzhD0LhEJsRxEsnpiJ2BiSNqgiV6HePvD0%2FXFjU2ZXCupqIM1TkcOtfgc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=43200
CF-RAY: 87e44c7fac599211-FRA
Expires: Sat, 04 May 2024 12:15:52 GMT

GET
H2 200 3c44d1f19cf4dbe3303810e473d5c1b0793_t.jpg
www.86wind.com/uploadfile/2023/0324/ 17 KB
18 KB 1633ms
254ms Image
image/jpeg 8.134.100.156
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.86wind.com/uploadfile/2023/0324/3c44d1f19cf4dbe3303810e473d5c1b0793_t.jpg

Requested by

Host: z.521epgy6.kesowd.com
URL: http://z.521epgy6.kesowd.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.134.100.156 Guangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

33db792300ef9a1d88755d60d7bf73dc5f4db7b6f4cafe030d5a9f55a05452f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://z.521epgy6.kesowd.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 00:15:53 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 Mar 2023 20:26:00 GMT
server: nginx
etag: "641cb5d8-45d7"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17879
expires: Mon, 03 Jun 2024 00:15:53 GMT

GET
H/1.1 404
Not Found 4969010.jpg
z.521epgy6.kesowd.com/uploads/images/ 13 B
728 B 474ms
438ms Image
text/html 2606:4700:3037::6815:30f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://z.521epgy6.kesowd.com/uploads/images/4969010.jpg
Requested by: Host: z.521epgy6.kesowd.com
URL: http://z.521epgy6.kesowd.com/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:30f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://z.521epgy6.kesowd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Sat, 04 May 2024 00:15:52 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ihCUEyAfmi5bUYd7c%2BD5J%2B5hAs3CTScFo4VG2ovtkMyGtm5AgY%2BaMCYZC9Zj4AilADdtX6fxh9z4y0cj94KZW2OrWNLpXzP2G9hQMDeKMN9CQtyMQQI7OmrlNoXyimHZqqmLrrpfWNssI7bP8MT9yfDX10%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 87e44c7faf1835df-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 404
Not Found 1996220.jpg
z.521epgy6.kesowd.com/uploads/images/ 13 B
730 B 430ms
430ms Image
text/html 2606:4700:3037::6815:30f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://z.521epgy6.kesowd.com/uploads/images/1996220.jpg
Requested by: Host: z.521epgy6.kesowd.com
URL: http://z.521epgy6.kesowd.com/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:30f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://z.521epgy6.kesowd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Sat, 04 May 2024 00:15:53 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hvTPyoDJzIZ%2FvwKjl7THT%2Bl1UGQ1tBO9RWM0c9H66S3F9URGz9oAWQtA2TZt3Kdmvp7hv0cqAWcJDSe7FISkeMOVY1pqopOQyiwj7NvTa8PWzn%2B7JcLFDYvnyKRrO41bpuPcE%2FAAf4V0NDYVyydAsTTUCYg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 87e44c8268b635df-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 404
Not Found 4454520.jpg
z.521epgy6.kesowd.com/uploads/images/ 13 B
730 B 390ms
390ms Image
text/html 2606:4700:3037::6815:30f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://z.521epgy6.kesowd.com/uploads/images/4454520.jpg
Requested by: Host: z.521epgy6.kesowd.com
URL: http://z.521epgy6.kesowd.com/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:30f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://z.521epgy6.kesowd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Sat, 04 May 2024 00:15:53 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3IN30VLakZvDoXz0snoEZTttLLCHAKHgPk78QnXCKSxO8lmQpU26x%2FeGYStkuM4dH0LTk%2B7GE5PTpjkqUDEMH9%2Fx0aAqFLgQfYr1Y7uhkYiPT8zpMR72MR8kakjVB%2Fg7VyZeDrD4qOwunRXOhQasVoW4MEI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 87e44c851a4435df-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 17bd3ce0d4e2b3f24d7d7dde86d21498904_t.jpg
www.86wind.com/uploadfile/2023/0312/ 24 KB
25 KB 583ms
502ms Image
image/jpeg 8.134.100.156
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.86wind.com/uploadfile/2023/0312/17bd3ce0d4e2b3f24d7d7dde86d21498904_t.jpg

Requested by

Host: z.521epgy6.kesowd.com
URL: http://z.521epgy6.kesowd.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.134.100.156 Guangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

8dd7879abe20bad42ba6c8864c786d8f1a7996fd0b8934e7ccba4d2e2d44ee33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://z.521epgy6.kesowd.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 00:15:53 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 12 Mar 2023 09:30:56 GMT
server: nginx
etag: "640d9bd0-6175"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 24949
expires: Mon, 03 Jun 2024 00:15:53 GMT

GET

y.js
www.klsvc.com/js/panduang/
Redirect Chain

http://www.klsvc.com/js/panduang/y.js
https://www.klsvc.com/js/panduang/y.js

0
0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 939ms
371ms Script
application/javascript 111.45.3.198
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?9819d9ee98eee97a73b98c798481f95a

Requested by

Host: z.521epgy6.kesowd.com
URL: http://z.521epgy6.kesowd.com/template/news/boke029/style/js/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

a2e800d5a4fd71c94ffc788be35be196e67287d73b8e16c9dfdcbb6367b8c091

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://z.521epgy6.kesowd.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 04 May 2024 00:15:55 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: d7b94a4a70c2e5c13bf01a36e25b2b46
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11262

GET
H/1.1 404
Not Found 4969010.jpg
z.521epgy6.kesowd.com/uploads/images/ 13 B
0 0ms
0ms Image
text/html 2606:4700:3037::6815:30f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://z.521epgy6.kesowd.com/uploads/images/4969010.jpg
Requested by: Host: z.521epgy6.kesowd.com
URL: http://z.521epgy6.kesowd.com/
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:30f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://z.521epgy6.kesowd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Sat, 04 May 2024 00:15:52 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ihCUEyAfmi5bUYd7c%2BD5J%2B5hAs3CTScFo4VG2ovtkMyGtm5AgY%2BaMCYZC9Zj4AilADdtX6fxh9z4y0cj94KZW2OrWNLpXzP2G9hQMDeKMN9CQtyMQQI7OmrlNoXyimHZqqmLrrpfWNssI7bP8MT9yfDX10%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=14400
CF-RAY: 87e44c7faf1835df-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK fontawesome-webfont.woff
z.521epgy6.kesowd.com/template/news/boke029/style/font/ 17 KB
7 KB 464ms
464ms Font
text/html 2606:4700:3037::6815:30f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://z.521epgy6.kesowd.com/template/news/boke029/style/font/fontawesome-webfont.woff?v=4.1.0
Requested by: Host: z.521epgy6.kesowd.com
URL: http://z.521epgy6.kesowd.com/template/news/boke029/style/css/gong.css
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:30f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bea305acf6eb2e507df5cd4c0b982c53c5015a56de6febc171e237ad3c7cfc26

Request headers

Referer: http://z.521epgy6.kesowd.com/template/news/boke029/style/css/gong.css
Origin: http://z.521epgy6.kesowd.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Sat, 04 May 2024 00:15:55 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 04 May 2024 00:15:55 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cmmpm%2FwUkd%2BrGo2YrOokdlOGiQOPWRzRMe24xm%2BACC07s8Oc4u2Dg4Czpv5rjiGXclBztUx46BV0qUtz%2BCOqKBHZNxupdX0djQpKaBT245SiSSPvuw8gU3ZaABnJmoaNQVAUb9GYWKeIu%2B2VqD3ziSiWowE%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 87e44c8fb80b35df-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK fontawesome-webfont.ttf
z.521epgy6.kesowd.com/template/news/boke029/style/css/img/ 138 KB
139 KB 661ms
661ms Font
application/octet-stream 2606:4700:3037::6815:30f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://z.521epgy6.kesowd.com/template/news/boke029/style/css/img/fontawesome-webfont.ttf?v=4.1.0
Requested by: Host: z.521epgy6.kesowd.com
URL: http://z.521epgy6.kesowd.com/template/news/boke029/style/css/gong.css
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:30f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2a9333b008247abd42354df966498b4c2f1aa51a10b7e178a4f5df2edea4ce1

Request headers

Referer: http://z.521epgy6.kesowd.com/template/news/boke029/style/css/gong.css
Origin: http://z.521epgy6.kesowd.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Sat, 04 May 2024 00:15:55 GMT
CF-Cache-Status: MISS
Last-Modified: Thu, 30 May 2019 02:37:32 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "5cef41ec-228fc"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kSPMA%2ByS2HKZAdTKJuHE1F4uDMm%2FDhKTTdINNbesUSagh%2BIu%2Bs6NSrQ4RXr5O7p5TmQNv3uKjcfWLyxH2PEcZHT9NyqCPLzkAPDsmFPEYZ%2BIYPtK0Wb7EGoOBWu%2FI0rgYfVuX6TIoBIZTFe4sfk51sKqIuw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/octet-stream
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 87e44c92a9d635df-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 141564

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 338ms
337ms Image
image/gif 111.45.3.198
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=580956728&si=9819d9ee98eee97a73b98c798481f95a&v=1.3.0&lv=1&sn=58481&r=0&ww=1600&u=http%3A%2F%2Fz.521epgy6.kesowd.com%2F&tt=%E5%8F%A3%E6%97%A0%E6%8B%A9%E8%A8%80%E7%BD%91

Requested by

Host: z.521epgy6.kesowd.com
URL: http://z.521epgy6.kesowd.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://z.521epgy6.kesowd.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sat, 04 May 2024 00:15:55 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK favicon.ico
z.521epgy6.kesowd.com/ 5 KB
6 KB 371ms
371ms Other
image/x-icon 2606:4700:3037::6815:30f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://z.521epgy6.kesowd.com/favicon.ico
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:30f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2de73d44a795601eaf9e0929408a25c3f72694699c4a845c45ee0d12030b9112

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://z.521epgy6.kesowd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Sat, 04 May 2024 00:15:56 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 16 Feb 2024 02:59:06 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"65cecf7a-13a1"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2CzA5zEDlrd4bPeBsLNXiqRbmUQWahOAwfMlZaIWkDO9%2FxFuWsFnsJvHSUiUoUJ5V4XAitiJB4uBDN7yO74vtG7AKMQieuBqmy817irD7v%2BVOIlxh6S7mvCceOezbFlfcPq3M8QsOvH%2BzNxA14l6L8%2B0tfs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/x-icon
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 87e44c990d3a35df-FRA
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.klsvc.com
URL: https://www.klsvc.com/js/panduang/y.js

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-21 05:55:41	Name: HMACCOUNT_BFESS Value: 818D0F4E64A19F03
.z.521epgy6.kesowd.com/	1970-01-21 05:05:17	Name: Hm_lvt_9819d9ee98eee97a73b98c798481f95a Value: 1714781756
.z.521epgy6.kesowd.com/	1969-12-31 23:59:59	Name: Hm_lpvt_9819d9ee98eee97a73b98c798481f95a Value: 1714781756

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://z.521epgy6.kesowd.com/uploads/images/4969010.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: http://z.521epgy6.kesowd.com/template/news/boke029/style/js/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.klsvc.com/js/panduang/y.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://z.521epgy6.kesowd.com/template/news/boke029/style/js/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.klsvc.com/js/panduang/y.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://z.521epgy6.kesowd.com/uploads/images/1996220.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://z.521epgy6.kesowd.com/uploads/images/4454520.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.klsvc.com/js/panduang/y.js Message: Failed to load resource: net::ERR_EMPTY_RESPONSE
network	error	URL: http://z.521epgy6.kesowd.com/uploads/images/4969010.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: http://z.521epgy6.kesowd.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://z.521epgy6.kesowd.com/ Message: Failed to decode downloaded font: http://z.521epgy6.kesowd.com/template/news/boke029/style/font/fontawesome-webfont.woff?v=4.1.0
other	warning	URL: http://z.521epgy6.kesowd.com/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://z.521epgy6.kesowd.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hm.baidu.com
www.86wind.com
www.klsvc.com
z.521epgy6.kesowd.com
www.klsvc.com
111.45.3.198
2606:4700:3037::6815:30f
8.134.100.156
00e9e4965d7af420065081fab76aa6875566d898c328becc0516104356f32015
1b12d55e675843ca8a46cdf711b18fc900099f0300db2ad17a5cd6c4b8f45739
2de73d44a795601eaf9e0929408a25c3f72694699c4a845c45ee0d12030b9112
33db792300ef9a1d88755d60d7bf73dc5f4db7b6f4cafe030d5a9f55a05452f8
7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402
7eed3e33f5a8fb2df69c67a353be7430c297cf237adae6a60013a43cc1435f38
8dd7879abe20bad42ba6c8864c786d8f1a7996fd0b8934e7ccba4d2e2d44ee33
a2e800d5a4fd71c94ffc788be35be196e67287d73b8e16c9dfdcbb6367b8c091
bcd128bb5080a40faa3cd843a92de09517b7818bc6c5434ba58d2763ca2b3131
bea305acf6eb2e507df5cd4c0b982c53c5015a56de6febc171e237ad3c7cfc26
c2a9333b008247abd42354df966498b4c2f1aa51a10b7e178a4f5df2edea4ce1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
ed06994d14ad7e8ab3f579b8b0bebf3086bf39664263ba374efe1d1b1a86900a

z.521epgy6.kesowd.com Open in urlscan Pro 2606:4700:3037::6815:30f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

24 %HTTPS

33 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

301 kBTransfer

513 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

3 Cookies

11 Console Messages

Indicators

z.521epgy6.kesowd.com Open in urlscan Pro
2606:4700:3037::6815:30f Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

24 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

301 kB
Transfer

513 kB
Size

3
Cookies

17 HTTP transactions
0 data transactions