www.hpsbilling.com Open in urlscan Pro
2606:4700:3035::ac43:ca67 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hpsbilling.com/
Effective URL:
http://www.hpsbilling.com/
Submission: On September 01 via automatic, source certstream-suspicious (September 1st 2021, 11:26:21 am UTC)

Summary HTTP 61 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 12 domains to perform 61 HTTP transactions. The main IP is 2606:4700:3035::ac43:ca67, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hpsbilling.com.

This is the only time www.hpsbilling.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41 56	2606:4700:303... 2606:4700:3035::ac43:ca67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 24	185.10.104.110 185.10.104.110	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
3 3	2606:4700:303... 2606:4700:3031::6815:111f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	2606:4700:303... 2606:4700:3031::ac43:8815	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13 13	2606:4700:303... 2606:4700:3037::6815:474	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700:303... 2606:4700:3035::ac43:8558	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	103.235.46.39 103.235.46.39	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1 2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
61	11

56 2606:4700:3035::ac43:ca67 (United States) 41 redirects

ASN13335 (CLOUDFLARENET, US)

hpsbilling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.hpsbilling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 185.10.104.110 (Hong Kong) 1 redirects

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

ss0.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ss3.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ss1.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ss2.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3031::6815:111f (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

gamebainohu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3031::ac43:8815 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

gamebainohu.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3037::6815:474 (United States) 13 redirects

ASN13335 (CLOUDFLARENET, US)

doithuong247.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3035::ac43:8558 (United States)

ASN13335 (CLOUDFLARENET, US)

doithuong247.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.235.46.39 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

www.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	hpsbilling.com 41 redirects hpsbilling.com www.hpsbilling.com	595 KB
24	bdstatic.com 1 redirects ss0.bdstatic.com ss3.bdstatic.com ss1.bdstatic.com ss2.bdstatic.com	2 MB
13	doithuong247.net doithuong247.net	349 KB
13	doithuong247.com 13 redirects doithuong247.com	7 KB
6	gamebainohu.info 3 redirects gamebainohu.info	68 KB
3	gamebainohu.org 3 redirects gamebainohu.org	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	googletagmanager.com 1 redirects www.googletagmanager.com	41 KB
1	google.de www.google.de	107 B
1	google.com www.google.com	107 B
1	doubleclick.net stats.g.doubleclick.net	90 B
1	baidu.com www.baidu.com
61	12

	Domain	Requested by
55	www.hpsbilling.com	40 redirects www.hpsbilling.com
13	doithuong247.net	www.hpsbilling.com
13	doithuong247.com	13 redirects
8	ss0.bdstatic.com	www.hpsbilling.com
7	ss1.bdstatic.com	www.hpsbilling.com
6	gamebainohu.info	3 redirects www.hpsbilling.com
6	ss3.bdstatic.com	1 redirects www.hpsbilling.com
3	ss2.bdstatic.com	www.hpsbilling.com
3	gamebainohu.org	3 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	1 redirects www.hpsbilling.com
1	www.google.de	www.hpsbilling.com
1	www.google.com	www.hpsbilling.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.baidu.com	www.hpsbilling.com
1	hpsbilling.com	1 redirects
61	16

This site contains links to these domains. Also see Links.

Domain
en.wikipedia.org
certify.gpwa.org
www.dmca.com
http

Subject Issuer	Validity	Valid
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-07-01` - `2022-08-02`	a year	crt.sh
*.gamebainohu.info R3	`2021-08-16` - `2021-11-14`	3 months	crt.sh
*.doithuong247.net R3	`2021-08-16` - `2021-11-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://www.hpsbilling.com/
Frame ID: D58F0CA74CB38F9A5FAAAF515928D5D1
Requests: 62 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nhà cái AA88-link tai AA88 cho ios&apk

Page URL History Show full URLs

https://hpsbilling.com/ HTTP 301
http://www.hpsbilling.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

61
Requests

75 %
HTTPS

83 %
IPv6

12
Domains

16
Subdomains

11
IPs

4
Countries

2745 kB
Transfer

3541 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://en.wikipedia.org/wiki/Philippine_Amusement_and_Gaming_Corporation
Title: PAGCOR

Search URL Search Domain Scan URL

URL: https://certify.gpwa.org/verify/en/diachibet.com/
Title:

Search URL Search Domain Scan URL

URL: http://www.dmca.com/Protection/Status.aspx?ID=c75fcdea-3872-4bda-a482-00b0bbf80cef&refurl=http://www.hpsbilling.com/
Title:

Search URL Search Domain Scan URL

URL: http://http//www.hpsbilling.com//sitemap/google.xml
Title: sitemap/google

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hpsbilling.com/ HTTP 301
http://www.hpsbilling.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://www.hpsbilling.com/uploads/images/853055.jpg HTTP 301
https://ss0.bdstatic.com/70cFvHSh_Q1YnxGkpoWK1HF6hhy/it/u=2790061094,3658548662&fm=15&gp=0.jpg

Request Chain 6

http://www.hpsbilling.com/uploads/images/537263.jpg HTTP 301
https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=3328203696,3901173169&fm=26&gp=0.jpg

Request Chain 7

http://www.hpsbilling.com/uploads/images/489915.jpg HTTP 301
https://ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/u=2882350315,1809219319&fm=26&gp=0.jpg

Request Chain 8

http://www.hpsbilling.com/uploads/images/484267.jpg HTTP 301
https://ss1.bdstatic.com/70cFvXSh_Q1YnxGkpoWK1HF6hhy/it/u=384916086,3881876353&fm=15&gp=0.jpg

Request Chain 9

http://www.hpsbilling.com/uploads/images/204418.jpg HTTP 301
https://gamebainohu.org/wp-content/uploads/2019/12/56656067_558168558022170_5502405065308110848_n-390x220.jpg HTTP 301
http://gamebainohu.info/wp-content/uploads/2019/12/56656067_558168558022170_5502405065308110848_n-390x220.jpg HTTP 301
https://gamebainohu.info/wp-content/uploads/2019/12/56656067_558168558022170_5502405065308110848_n-390x220.jpg

Request Chain 10

http://www.hpsbilling.com/uploads/images/632219.jpg HTTP 301
https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=3870380940,1646600071&fm=15&gp=0.jpg

Request Chain 11

http://www.hpsbilling.com/uploads/images/450023.jpg HTTP 301
https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=902276044,3196900577&fm=15&gp=0.jpg

Request Chain 12

http://www.hpsbilling.com/uploads/images/242576.jpg HTTP 301
https://doithuong247.com/wp-content/uploads/2020/12/789-club-dang-nhap-450x254.jpg HTTP 301
https://doithuong247.net/wp-content/uploads/2020/12/789-club-dang-nhap-450x254.jpg

Request Chain 13

http://www.hpsbilling.com/uploads/images/489755.jpg HTTP 301
https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=3788529575,4045579118&fm=15&gp=0.jpg

Request Chain 14

http://www.hpsbilling.com/uploads/images/6269.jpg HTTP 301
https://ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/u=1410372622,3030745073&fm=15&gp=0.jpg

Request Chain 15

http://www.hpsbilling.com/uploads/images/20293.jpg HTTP 301
https://ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/u=3058212610,3759728962&fm=15&gp=0.jpg

Request Chain 16

http://www.hpsbilling.com/uploads/images/716061.jpg HTTP 301
https://ss1.bdstatic.com/70cFvXSh_Q1YnxGkpoWK1HF6hhy/it/u=1115293515,2248889554&fm=26&gp=0.jpg

Request Chain 17

http://www.hpsbilling.com/uploads/images/765750.jpg HTTP 301
https://doithuong247.com/wp-content/uploads/2021/04/11bet-1-450x254.jpg HTTP 301
https://doithuong247.net/wp-content/uploads/2021/04/11bet-1-450x254.jpg

Request Chain 18

http://www.hpsbilling.com/uploads/images/416326.jpg HTTP 301
https://doithuong247.com/wp-content/uploads/2020/08/gioi-thieu-lien-minh-ban-ca-450x254.jpg HTTP 301
https://doithuong247.net/wp-content/uploads/2020/08/gioi-thieu-lien-minh-ban-ca-450x254.jpg

Request Chain 19

http://www.hpsbilling.com/uploads/images/344615.jpg HTTP 301
https://ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/u=2585232130,3182746523&fm=26&gp=0.jpg

Request Chain 20

http://www.hpsbilling.com/uploads/images/398351.jpg HTTP 301
https://ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/u=3409621782,968728988&fm=15&gp=0.jpg

Request Chain 21

http://www.hpsbilling.com/uploads/images/536281.jpg HTTP 301
https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=551266242,2542152075&fm=11&gp=0.jpg HTTP 302
https://www.baidu.com/search/error.html

Request Chain 22

http://www.hpsbilling.com/uploads/images/912850.jpg HTTP 301
https://gamebainohu.org/wp-content/uploads/2019/12/1-1-390x220.jpg HTTP 301
http://gamebainohu.info/wp-content/uploads/2019/12/1-1-390x220.jpg HTTP 301
https://gamebainohu.info/wp-content/uploads/2019/12/1-1-390x220.jpg

Request Chain 23

http://www.hpsbilling.com/uploads/images/860421.jpg HTTP 301
https://ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/u=2174119,3390122242&fm=15&gp=0.jpg

Request Chain 24

http://www.hpsbilling.com/uploads/images/984273.jpg HTTP 301
https://ss2.bdstatic.com/70cFvnSh_Q1YnxGkpoWK1HF6hhy/it/u=3759815094,1756452042&fm=15&gp=0.jpg

Request Chain 25

http://www.hpsbilling.com/uploads/images/170633.jpg HTTP 301
https://ss0.bdstatic.com/70cFvHSh_Q1YnxGkpoWK1HF6hhy/it/u=1752458207,4109313179&fm=15&gp=0.jpg

Request Chain 26

http://www.hpsbilling.com/uploads/images/298706.jpg HTTP 301
https://doithuong247.com/wp-content/uploads/2021/03/sky88.com_-450x254.jpg HTTP 301
https://doithuong247.net/wp-content/uploads/2021/03/sky88.com_-450x254.jpg

Request Chain 27

http://www.hpsbilling.com/uploads/images/733686.jpg HTTP 301
https://doithuong247.com/wp-content/uploads/2021/04/doithuongvip-club-450x254.jpg HTTP 301
https://doithuong247.net/wp-content/uploads/2021/04/doithuongvip-club-450x254.jpg

Request Chain 28

http://www.hpsbilling.com/uploads/images/138962.jpg HTTP 301
https://doithuong247.com/wp-content/uploads/2020/08/san-hu-777-450x254.jpg HTTP 301
https://doithuong247.net/wp-content/uploads/2020/08/san-hu-777-450x254.jpg

Request Chain 29

http://www.hpsbilling.com/uploads/images/652386.jpg HTTP 301
https://doithuong247.com/wp-content/uploads/2020/06/danh-gia-cong-game-zindoclub-450x254.jpg HTTP 301
https://doithuong247.net/wp-content/uploads/2020/06/danh-gia-cong-game-zindoclub-450x254.jpg

Request Chain 30

http://www.hpsbilling.com/uploads/images/424587.jpg HTTP 301
https://ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/u=1823340983,2818204377&fm=26&gp=0.jpg

Request Chain 32

http://www.hpsbilling.com/uploads/images/718836.jpg HTTP 301
https://doithuong247.com/wp-content/uploads/2020/07/r88-vin-450x254.jpg HTTP 301
https://doithuong247.net/wp-content/uploads/2020/07/r88-vin-450x254.jpg

Request Chain 33

http://www.hpsbilling.com/uploads/images/177557.jpg HTTP 301
https://ss0.bdstatic.com/70cFvHSh_Q1YnxGkpoWK1HF6hhy/it/u=3972980027,2052775295&fm=15&gp=0.jpg

Request Chain 34

http://www.hpsbilling.com/uploads/images/832096.jpg HTTP 301
https://doithuong247.com/wp-content/uploads/2020/08/xanh9-club-450x254.jpg HTTP 301
https://doithuong247.net/wp-content/uploads/2020/08/xanh9-club-450x254.jpg

Request Chain 35

http://www.hpsbilling.com/uploads/images/71310.jpg HTTP 301
https://doithuong247.com/wp-content/uploads/2020/09/vuabai88-450x254.jpg HTTP 301
https://doithuong247.net/wp-content/uploads/2020/09/vuabai88-450x254.jpg

Request Chain 36

http://www.hpsbilling.com/uploads/images/477485.jpg HTTP 301
https://ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/u=528133264,2444508799&fm=15&gp=0.jpg

Request Chain 46

http://www.hpsbilling.com/uploads/images/726269.jpg HTTP 301
https://ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/u=3634549894,711542321&fm=15&gp=0.jpg

Request Chain 47

http://www.hpsbilling.com/uploads/images/334052.jpg HTTP 301
https://doithuong247.com/wp-content/uploads/2020/06/gioi-thieu-cong-game-bai-doi-thuong-hu-86-e1595316021106-450x254.jpg HTTP 301
https://doithuong247.net/wp-content/uploads/2020/06/gioi-thieu-cong-game-bai-doi-thuong-hu-86-e1595316021106-450x254.jpg

Request Chain 48

http://www.hpsbilling.com/uploads/images/514248.jpg HTTP 301
https://gamebainohu.org/wp-content/uploads/2019/10/Untitled-7-390x220.jpg HTTP 301
http://gamebainohu.info/wp-content/uploads/2019/10/Untitled-7-390x220.jpg HTTP 301
https://gamebainohu.info/wp-content/uploads/2019/10/Untitled-7-390x220.jpg

Request Chain 49

http://www.hpsbilling.com/uploads/images/33360.jpg HTTP 301
https://doithuong247.com/wp-content/uploads/2020/08/vn69-450x254.jpg HTTP 301
https://doithuong247.net/wp-content/uploads/2020/08/vn69-450x254.jpg

Request Chain 50

http://www.hpsbilling.com/uploads/images/927769.jpg HTTP 301
https://ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/u=286915269,2829237799&fm=15&gp=0.jpg

Request Chain 51

http://www.googletagmanager.com/gtag/js?id=UA-148814799-1&l=dataLayer&cx=c HTTP 302
https://www.googletagmanager.com/gtag/js?id=UA-148814799-1&l=dataLayer&cx=c

Request Chain 57

http://www.hpsbilling.com/uploads/images/783867.jpg HTTP 301
https://ss2.bdstatic.com/70cFvnSh_Q1YnxGkpoWK1HF6hhy/it/u=1348302927,358845761&fm=15&gp=0.jpg

Request Chain 58

http://www.hpsbilling.com/uploads/images/666535.jpg HTTP 301
https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=3260100056,3217963907&fm=26&gp=0.jpg

Request Chain 59

http://www.hpsbilling.com/uploads/images/812804.jpg HTTP 301
https://doithuong247.com/wp-content/uploads/2020/09/gioi-thieu-trieu-van-ban-ca-450x254.jpg HTTP 301
https://doithuong247.net/wp-content/uploads/2020/09/gioi-thieu-trieu-van-ban-ca-450x254.jpg

Request Chain 60

http://www.hpsbilling.com/uploads/images/219593.jpg HTTP 301
https://ss2.bdstatic.com/70cFvnSh_Q1YnxGkpoWK1HF6hhy/it/u=2803538549,80761131&fm=15&gp=0.jpg

61 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.hpsbilling.com/
Redirect Chain

https://hpsbilling.com/
http://www.hpsbilling.com/

179 KB
24 KB

511ms
494ms

Document
text/html

2606:4700:3035::ac43:ca67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hpsbilling.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:ca67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de59808b3b761e69fa4cd3e864bf51a24c30a6fc3f6f6830a54cb961c7b7f01f

Request headers

Host: www.hpsbilling.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 11:25:54 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXCGGMKdJ0NypwX73OUCzcFEkS0F%2Fyk8UvvhQtXPQK8Vu9s0tihnWwSJjqXlTfROHNHe5xtuixZI9z4BRquLJx%2BXw06pxB7gCvfGi8wFonnBXyQTkAbuybsfnyXU8dBjJG%2F%2BDIITsmEGtHtShWY4HVs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 687e23ff2fd605bf-FRA
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date: Wed, 01 Sep 2021 11:25:54 GMT
content-type: text/html; charset=utf-8
location: http://www.hpsbilling.com/
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWGdIUL2HNmN0nl6NEnB0q%2F%2Bn1acrL6J6qegDaYaslUUoWgitkphN21JAabEewp4f9ldsUgieW41e6D8VVhkBsmA%2BiNrKFHePfxODcT7hr5QnST%2BjbM3iPhPvGegyxzDG3USyRGguj6S92m17w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 687e23fcdc2a5b32-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK 743f9.css
www.hpsbilling.com/template/dailynhacai/link/static1/css/ 452 KB
107 KB 498ms
493ms Stylesheet
text/css 2606:4700:3035::ac43:ca67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hpsbilling.com/template/dailynhacai/link/static1/css/743f9.css
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:ca67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fb2d6ccdd43a137bf2479994b5b67f3ee1ab738b91c5238ef6634196c4216b6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.hpsbilling.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.hpsbilling.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 11:25:55 GMT
content-encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 21 May 2021 07:43:38 GMT
Server: cloudflare
etag: W/"60a764aa-70ebd"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IXPlG6skHqPvmnijMmJDZ1yPEirtpEf7qpsh2XmSV2EpPCt7pdNmxyI6rJ7Y9qDAnrH9R62siWFhM9Vo3%2FBGAkhsdzyqJ36L8%2FZn8PyeUYhWc%2BwQ0TKDs%2BQ96M%2BbneFDTM6LLGCEnVWotwtxtVb9lk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
cache-control: max-age=43200
CF-RAY: 687e24024b8a1f4d-FRA
expires: Wed, 01 Sep 2021 23:25:55 GMT

GET
H/1.1 200
OK jquery.min.js Show response
www.hpsbilling.com/template/dailynhacai/link/static1/js/ 87 KB
35 KB 466ms
460ms Script
application/javascript 2606:4700:3035::ac43:ca67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hpsbilling.com/template/dailynhacai/link/static1/js/jquery.min.js
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:ca67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.hpsbilling.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: */*
Referer: http://www.hpsbilling.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 11:25:55 GMT
content-encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 21 May 2021 07:43:40 GMT
Server: cloudflare
etag: W/"60a764ac-15d98"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kn9abogNeG9SLUoH%2BQ7rCR4YUK08eodBCmvFc8mnG5OaFHa8ykBtFltpMMgoys8%2F%2F9cyWHAf%2B7M9BJ%2F9MDu14dZB8P3jncytf5G4AWpyBDzuZktKqdpNa7FC1P7huhRTMtLgpxpRTZ%2F0t9oyKdTSdzM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
cache-control: max-age=43200
CF-RAY: 687e24024daa0621-FRA
expires: Wed, 01 Sep 2021 23:25:55 GMT

GET
H/1.1 200
OK 0b6c1d31689b4d88b6255cf510d050a3.js Show response
www.hpsbilling.com/template/dailynhacai/link/static1/js/ 88 KB
38 KB 469ms
469ms Script
application/javascript 2606:4700:3035::ac43:ca67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hpsbilling.com/template/dailynhacai/link/static1/js/0b6c1d31689b4d88b6255cf510d050a3.js
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:ca67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad1ffa5ec5223e7767dfc2d7c63c7eee02709a12c3da061d2358f4d509d3c3ab

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.hpsbilling.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: */*
Referer: http://www.hpsbilling.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 11:25:55 GMT
content-encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 21 May 2021 07:43:38 GMT
Server: cloudflare
etag: W/"60a764aa-1601e"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lg0Te13ihH3HwznBR62nhNPfsuEnrRGG7uFA0dg11af3qpX0ftlwGkRgoM9jp9%2FKiu1843c3mevXtXliYa6WoPGDMUUF4aBSfvIaS%2Fv1I0WhObbZ2O9dxr1ITkriuPE%2BZas6201wbvqunICAAUQp258%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
cache-control: max-age=43200
CF-RAY: 687e24053bd60621-FRA
expires: Wed, 01 Sep 2021 23:25:55 GMT

GET
H/1.1 200
OK e5a39443c2594e10b7d3c4e95a158e9c.js Show response
www.hpsbilling.com/template/dailynhacai/link/static1/js/ 88 KB
38 KB 470ms
470ms Script
application/javascript 2606:4700:3035::ac43:ca67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hpsbilling.com/template/dailynhacai/link/static1/js/e5a39443c2594e10b7d3c4e95a158e9c.js
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:ca67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79701566879b9d4b243b5e3f08b14b2faad436399b3058972e1c60786a09e158

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.hpsbilling.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: */*
Referer: http://www.hpsbilling.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 11:25:56 GMT
content-encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 21 May 2021 07:43:40 GMT
Server: cloudflare
etag: W/"60a764ac-1601e"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ukp240EumKB8q0pSvN4WWDBbftMfA5SBFf8R2xyr4uEnM3tZuUEmtQMJ%2B%2FuAiDZEdbyJAoCl04n4EqK3qCefHkbz0PiauI8OU0CA0jnJYxkRwcM2pzhs3tUliTmoRaXfXBxWYNchF%2Bqyz6zTnwy9UkM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
cache-control: max-age=43200
CF-RAY: 687e24073b7b1f4d-FRA
expires: Wed, 01 Sep 2021 23:25:56 GMT

GET
H/1.1 200
OK aliaingoa-logo.png
www.hpsbilling.com/template/dailynhacai/link/static1/picture/ 48 KB
49 KB 618ms
614ms Image
image/png 2606:4700:3035::ac43:ca67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hpsbilling.com/template/dailynhacai/link/static1/picture/aliaingoa-logo.png
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:ca67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fce10587cf2a03e04d8de295253cbba7265aa1420c08ba7ac792f31520fed00

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.hpsbilling.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.hpsbilling.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 11:25:56 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 49137
last-modified: Fri, 27 Aug 2021 02:37:26 GMT
Server: cloudflare
etag: "61284fe6-bff1"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2EtX54Qr3b5aHvRL2dMR1dEX5taAA7S%2BH%2FbbkPAnZiFzVwqmDQgEdSVjKuXtVY2hRhgT3RYfPvYI%2FixfREIR%2BJGXCd72LJsLjeuUZ9tPzRsBRTVK3b014NLbMH6e7qqg917VjUoUqrUOM4EzN6Xp1WU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 687e240768ea05bf-FRA
expires: Fri, 01 Oct 2021 11:25:56 GMT

GET
H2

200

u=2790061094,3658548662&fm=15&gp=0.jpg
ss0.bdstatic.com/70cFvHSh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/853055.jpg
https://ss0.bdstatic.com/70cFvHSh_Q1YnxGkpoWK1HF6hhy/it/u=2790061094,3658548662&fm=15&gp=0.jpg

70 KB
70 KB

1218ms
701ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss0.bdstatic.com/70cFvHSh_Q1YnxGkpoWK1HF6hhy/it/u=2790061094,3658548662&fm=15&gp=0.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: ffa95caa0e0ae5e656196b1cbb9eac344b3d38d64e88a0e84511af4bee4a8985

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:57 GMT
ohc-cache-hit: fra01-sys-jomo7.fra01.baidu.com [1]
ohc-response-time: 1 0 293 293 683 684
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
etag: e9b663fead158f53c49349a5baffa070
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 71198
expires: Fri, 01 Oct 2021 11:25:57 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:25:56 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAAAfUE9LI8HDfy8wCp9OYNJvEKSnM9AW6QAEgTejiBpn2R07FL9IgA7lp1H1p%2BdZW%2FvGXUASX3SAXsFnW524RP8tCDULObVEFeEro2TDdqsO4OrCzrTbr4N7SJu8j4sgXMmvRHWnTl%2FFdwP5YJ%2BpYI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss0.bdstatic.com/70cFvHSh_Q1YnxGkpoWK1HF6hhy/it/u=2790061094,3658548662&fm=15&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e240779770629-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

u=3328203696,3901173169&fm=26&gp=0.jpg
ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/537263.jpg
https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=3328203696,3901173169&fm=26&gp=0.jpg

34 KB
34 KB

1219ms
662ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=3328203696,3901173169&fm=26&gp=0.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: a0b9f5d44475da5ad49b2ba16d56ac40c3372d840da28ddc6299a762caee043f

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:57 GMT
ohc-cache-hit: fra01-sys-jomo0.fra01.baidu.com [1]
ohc-response-time: 1 0 294 294 645 645
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
etag: 4c25fea7ff1b34befd4f5609da719638
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 34846
expires: Fri, 01 Oct 2021 11:25:57 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:25:56 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KsqC7VwwtCEHv1hlZ8rLdd7mXkVOGwdNWXCKua8%2F1bxTShhkvbPfZZh08X2K%2F%2BKuFfnFyPmGTk2duuNkQY4XL5aG%2FEV8cK5j%2FewQ1boyRtx44Pknxcio8pLsaqFhbFs8WPYO%2BOFLcp3Rw4JGgFRRu04%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=3328203696,3901173169&fm=26&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e24077c71dfef-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

u=2882350315,1809219319&fm=26&gp=0.jpg
ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/489915.jpg
https://ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/u=2882350315,1809219319&fm=26&gp=0.jpg

52 KB
52 KB

537ms
22ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/u=2882350315,1809219319&fm=26&gp=0.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: c40ed0a48ca284ad7c9fa2db6a2062053de70155e6e2e8b7d88237a65b805cf1

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:56 GMT
ohc-cache-hit: fra01-sys-jomo3.fra01.baidu.com [4]
ohc-response-time: 1 0 0 0 0 0
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
age: 258360
etag: 176247407fd1727b2936850771195eaf
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 53024
expires: Tue, 28 Sep 2021 11:39:56 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:25:56 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqwE2qCb1s3LMArXOu5xtDa%2BwHcteHJ%2F3DCVlVSzxgC0pllUmTfF2qsYW0AHP4r9V%2B%2FnwZcy%2Bh4ldKo8cicA1Sfmxp5SlCxsZTIjxfwRQQwpkV49IR7GF9zp7%2F80rikCEv3HW3OyAb4maOmn2z%2F7xK0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/u=2882350315,1809219319&fm=26&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e24077b595c08-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

u=384916086,3881876353&fm=15&gp=0.jpg
ss1.bdstatic.com/70cFvXSh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/484267.jpg
https://ss1.bdstatic.com/70cFvXSh_Q1YnxGkpoWK1HF6hhy/it/u=384916086,3881876353&fm=15&gp=0.jpg

20 KB
20 KB

944ms
723ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss1.bdstatic.com/70cFvXSh_Q1YnxGkpoWK1HF6hhy/it/u=384916086,3881876353&fm=15&gp=0.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 9692242fa3aeebd0028977916c7492cad191e743b5648baddfc62f8f3738e64a

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:57 GMT
ohc-cache-hit: fra01-sys-jomo6.fra01.baidu.com [1]
ohc-response-time: 1 0 298 298 704 704
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
etag: a9e685a28ebaa53fe83c970657a6a112
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 20273
expires: Fri, 01 Oct 2021 21:25:57 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:25:57 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otI9gM1u1Xl%2FR%2FuXYG2pmBmfAUHJCVAxl%2BHrVBzJs8sM9HoaU8K%2FnieRrOD7xt%2B9%2F35GOwtk%2FdjC4vCcZ9ityI4QYpb%2BQhU9g7Edko17tgOphTuG39J3Z0rL0hqs3xUgrnVsKFiTx9%2BF22e0aHH3NAw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss1.bdstatic.com/70cFvXSh_Q1YnxGkpoWK1HF6hhy/it/u=384916086,3881876353&fm=15&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e240d5cd205bf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

56656067_558168558022170_5502405065308110848_n-390x220.jpg
gamebainohu.info/wp-content/uploads/2019/12/
Redirect Chain

http://www.hpsbilling.com/uploads/images/204418.jpg
https://gamebainohu.org/wp-content/uploads/2019/12/56656067_558168558022170_5502405065308110848_n-390x220.jpg
http://gamebainohu.info/wp-content/uploads/2019/12/56656067_558168558022170_5502405065308110848_n-390x220.jpg
https://gamebainohu.info/wp-content/uploads/2019/12/56656067_558168558022170_5502405065308110848_n-390x220.jpg

19 KB
20 KB

33ms
15ms

Image
image/jpeg

2606:4700:3031::ac43:8815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamebainohu.info/wp-content/uploads/2019/12/56656067_558168558022170_5502405065308110848_n-390x220.jpg

Requested by

Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8815 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7697fa5f9fb5c811aa9f9d1d0e3ffc786a3e86ea1dc4b65d02405774299508ea

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:58 GMT
x-content-type-options: "nosniff" always
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 373427
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 19080
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 29 Dec 2019 13:55:30 GMT
server: cloudflare
etag: "5e08b052-4a88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Box6ekrONG4zX1ldJAO7dVsV20hqx%2BZkHM1uSeHShKuib3n5CQ99gqJJ03xasxM2mmfjOGE67EaY6ZW4b6ScbmHzBnBWuWxEUFTU7F%2F4t18VRXIXdp4nGA%2BHfVuMjSR5qfMpUk%2BY0lf8bFOwwf8h"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
cf-ray: 687e24178a344de2-FRA
expires: Sun, 28 Aug 2022 03:42:11 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:25:58 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5B6xHfMN4pDOJU0PZ8X%2Bx1vfNkkoE32MHour8A5sepfvd9zNmFs88tvD0AlMYFN%2BMHfGwzINxUzNZK3bPFgcAphmMd7jA9FJGPaupAPODVGrXDRVOgc7YYq%2FDX6dFShbPyuWxSoGITc5pzVnMHN"}],"group":"cf-nel","max_age":604800}
Location: https://gamebainohu.info/wp-content/uploads/2019/12/56656067_558168558022170_5502405065308110848_n-390x220.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e2417587f5ca4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Expires: Wed, 01 Sep 2021 12:25:58 GMT

GET
H2

200

u=3870380940,1646600071&fm=15&gp=0.jpg
ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/632219.jpg
https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=3870380940,1646600071&fm=15&gp=0.jpg

45 KB
46 KB

20ms
20ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=3870380940,1646600071&fm=15&gp=0.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: cbce4058a1dcc80e58581fbe61d95eebbe7fa3ceaf87243175ea115351ac80bb

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:58 GMT
ohc-cache-hit: fra01-sys-jomo8.fra01.baidu.com [4]
ohc-response-time: 1 0 0 0 0 0
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
age: 166739
etag: 7232e7a8f8a11c3a35b5fd52e9d26c86
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 46345
expires: Wed, 29 Sep 2021 13:06:59 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:25:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lzRSqr5ei9oAyaKkmrdab5OkP9d7V%2B5h6CH3gu8PlkiUuxntLp0eGOJ%2BHv7tth2bVExSMEkcbuNLTFT4lJemSWapUr95bTiIkjHp2FZKLYTEJfux%2BAZUhnXnh%2Fu60LZ%2B57ry9Otbx2JN3YvX%2FlSEQM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=3870380940,1646600071&fm=15&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e2414ce4f0621-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

u=902276044,3196900577&fm=15&gp=0.jpg
ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/450023.jpg
https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=902276044,3196900577&fm=15&gp=0.jpg

41 KB
42 KB

19ms
19ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=902276044,3196900577&fm=15&gp=0.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 9a032947a49d5b1da65f3de37a9978d985ed7562386419d4efae0c7c21bc936f

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:58 GMT
ohc-cache-hit: fra01-sys-jomo8.fra01.baidu.com [4]
ohc-response-time: 1 0 0 0 0 0
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
age: 260050
etag: 30be1d077cba8cb3c674fddac12ad3a2
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 42213
expires: Tue, 28 Sep 2021 11:11:48 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:25:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Clw%2BP39z8WfbZ7LGQGFZJGs40KJgEjmskzQ3GtXSESYcA%2FXYAXc4EkP3IZJAogQK2k%2BdWMtcugErZLgrz%2Bb94zrvKmkCdJLRoSvAOe9%2BasfCTN6zYdOunJtz5zicOGDLjCF34r6UMoRzW0X8lQ2s4I%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=902276044,3196900577&fm=15&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e2416fb2e0621-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

789-club-dang-nhap-450x254.jpg
doithuong247.net/wp-content/uploads/2020/12/
Redirect Chain

http://www.hpsbilling.com/uploads/images/242576.jpg
https://doithuong247.com/wp-content/uploads/2020/12/789-club-dang-nhap-450x254.jpg
https://doithuong247.net/wp-content/uploads/2020/12/789-club-dang-nhap-450x254.jpg

32 KB
32 KB

14ms
14ms

Image
image/jpeg

2606:4700:3035::ac43:8558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doithuong247.net/wp-content/uploads/2020/12/789-club-dang-nhap-450x254.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37cdda2e4e798a3686b96ee10c470ca6cc293263a76ccaf6eea15b587c47f935

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 206122
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 32753
last-modified: Wed, 02 Dec 2020 04:40:39 GMT
server: cloudflare
etag: "5fc71ac7-7ff1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y64AILG6RjiC6TXzNkn6LRoqOLOgiiW1xFQOnFs4veYKV14Hc0wBn7BhgCGXtwtI1pHt%2FJ0B8WzcpkbWncGTuKz1MH%2FtbFi1JLCge33Hgu03wwL8%2BtCq6FJtIdK0hLHTn5WxGlCEIqAhSZh368Gj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 687e24194d330eaf-FRA
expires: Wed, 29 Sep 2021 02:07:20 GMT

Redirect headers

date: Wed, 01 Sep 2021 11:25:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0X6J0tmvs%2FR%2FdnaGmLGFqiO0Nw2oZKgSLGzXpg0Z%2BB0mIp1wdsopkmO13SW1SisOnacFL7wvbGaQ8uswWG2yonrl8bS1SY77wF%2BvK5Q6EJwWADTi4el88Lg%2BQLgTv5oBHlR3PDi8iO2OjPQzgOh"}],"group":"cf-nel","max_age":604800}
location: https://doithuong247.net/wp-content/uploads/2020/12/789-club-dang-nhap-450x254.jpg
cache-control: max-age=3600
cf-ray: 687e24193ebc5c56-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 01 Sep 2021 12:25:58 GMT

GET
H2

200

u=3788529575,4045579118&fm=15&gp=0.jpg
ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/489755.jpg
https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=3788529575,4045579118&fm=15&gp=0.jpg

64 KB
64 KB

665ms
664ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=3788529575,4045579118&fm=15&gp=0.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: dfa6a2b875d94feb19c152ba533a1681aeae2bbee2c25e0e5198048598646bf9

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:59 GMT
ohc-cache-hit: fra01-sys-jomo4.fra01.baidu.com [1]
ohc-response-time: 1 0 0 0 392 392
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
etag: cf946b732c8e7036d83ed47e0f3143c3
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 65528
expires: Fri, 01 Oct 2021 21:25:59 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:25:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECovRNgN78hj%2FPa%2FuPt554hlfKjYVh8zouN2ZugMO5NkQJ18%2BjaFar1hr%2FjwxNNstN9cSS7BizpnYitogVdNYWU35FrViI1WdLMN9oWRhYuRKh34AVhR7dfVpHGA%2Faw5Q1LP1ei6GCJIXG8E1Ve3VvU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=3788529575,4045579118&fm=15&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e2417ad10dfef-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

u=1410372622,3030745073&fm=15&gp=0.jpg
ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/6269.jpg
https://ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/u=1410372622,3030745073&fm=15&gp=0.jpg

35 KB
35 KB

722ms
721ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/u=1410372622,3030745073&fm=15&gp=0.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 1e5edf0e1fac603dd24bdbc127f8b9b62f1c21af4e9bae9c481544d0901a1a39

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:59 GMT
ohc-cache-hit: fra01-sys-jomo3.fra01.baidu.com [1]
ohc-response-time: 1 0 299 299 704 704
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
etag: dac88c67f6007c288f17ff96084cc57d
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 35953
expires: Fri, 01 Oct 2021 21:25:59 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:25:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KODtVTRCEIcXktdqx839lcosbw446ZHbANBsrF8thGuwKL2YO6PRoFVSEr6SovKHD1awNgXGwu6iAPkBu1qhiWmAHYkOKfRCiGqqMtEfMVg88EiJiaKlu6ihuwlQsk4CBGQxkpifrZyCGMi5Ni5IbZM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/u=1410372622,3030745073&fm=15&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e241958570621-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

u=3058212610,3759728962&fm=15&gp=0.jpg
ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/20293.jpg
https://ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/u=3058212610,3759728962&fm=15&gp=0.jpg

234 KB
234 KB

36ms
36ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/u=3058212610,3759728962&fm=15&gp=0.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: a265e3cfe2570404e2862e6c47ce150dcfdab02af21add6587a6138e27e7f4f0

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:59 GMT
ohc-cache-hit: fra01-sys-jomo4.fra01.baidu.com [3]
ohc-response-time: 1 0 0 0 0 19
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
age: 370722
etag: 5bfd57e800eff55c6e9abb7ecde94025
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 239119
expires: Mon, 27 Sep 2021 14:27:17 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:25:58 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I39sDK1T3vtfNg4%2BvpdIU5glEfyAF0DkWx9u29EsfL9KXqW8%2Fo0sji5rMI3jQO7F0fzdFgtdR%2FRiR9i9oXAG7IM7jtsK2WB8p2QftCuPc%2BD6thlX7el7pg6frekFeSGeyaaBGSu%2B0vT0Lhj1fzkdhWo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/u=3058212610,3759728962&fm=15&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e24195eff0629-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

u=1115293515,2248889554&fm=26&gp=0.jpg
ss1.bdstatic.com/70cFvXSh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/716061.jpg
https://ss1.bdstatic.com/70cFvXSh_Q1YnxGkpoWK1HF6hhy/it/u=1115293515,2248889554&fm=26&gp=0.jpg

54 KB
54 KB

692ms
692ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss1.bdstatic.com/70cFvXSh_Q1YnxGkpoWK1HF6hhy/it/u=1115293515,2248889554&fm=26&gp=0.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: c0d89d3e5e0775fbc82faf3a4e2f7c1ac799b2322d2e1656c4c0d7855d17b057

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:59 GMT
ohc-cache-hit: fra01-sys-jomo4.fra01.baidu.com [1]
ohc-response-time: 1 0 298 298 673 673
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
etag: dda40caa7f9c456ea0efb00ddb27e7ed
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 55014
expires: Fri, 01 Oct 2021 21:25:59 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:25:59 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDAcRoSpL5%2FqN653oW%2FmYmSaiH1KYo%2BLqag7LTlTP3DQPNG5J0%2FJGGILvxb%2BrKI1Mrbnaf5vlvzFX9%2F6pBjLzMkYhlBf0FuI%2Fo3GtKbXo6skmVVgQFv30j9ktZCEtvRSdMN%2Fhk7R02%2BFrWUgXX0znSI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss1.bdstatic.com/70cFvXSh_Q1YnxGkpoWK1HF6hhy/it/u=1115293515,2248889554&fm=26&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e241a593fdfef-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29

200

11bet-1-450x254.jpg
doithuong247.net/wp-content/uploads/2021/04/
Redirect Chain

http://www.hpsbilling.com/uploads/images/765750.jpg
https://doithuong247.com/wp-content/uploads/2021/04/11bet-1-450x254.jpg
https://doithuong247.net/wp-content/uploads/2021/04/11bet-1-450x254.jpg

28 KB
28 KB

16ms
16ms

Image
image/jpeg

2606:4700:3035::ac43:8558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doithuong247.net/wp-content/uploads/2021/04/11bet-1-450x254.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3d5d431ccd16d8a97066021b3134a310c8f9492086d039dc76b613dacdb6668

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 152085
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 28313
last-modified: Tue, 13 Apr 2021 03:27:40 GMT
server: cloudflare
etag: "60750fac-6e99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocvqn4JPe1bwsqVM60M7yzCgZH6jQPPlBGWGFBW%2BFJ7re%2Fd00UlqkvJUYxTV%2BWn6OcZKa5Ep2Ywf7z1HYPkaPy3egcmrGKRN1%2FGazMYoDwGfJq8xCGZpO58AWoxtk%2Fe5a8MwPnZ1cTUCbQKsKevK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 687e241e0a082bf6-FRA
expires: Wed, 29 Sep 2021 17:07:56 GMT

Redirect headers

date: Wed, 01 Sep 2021 11:25:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25Wr8rqWspMQepCWxaEtOgwPMGBu80xZ9rKT0V0qa7ZKohDauXV4bArq7b5S3b58RHqRVtbkpYcJSwyCiQl9cNKFZr0ii7EJ3V92%2BGBOA1ySdVr3qvGOszgWu76StQPn8gIoJdGUc0PH4YGPT9tu"}],"group":"cf-nel","max_age":604800}
location: https://doithuong247.net/wp-content/uploads/2021/04/11bet-1-450x254.jpg
cache-control: max-age=3600
cf-ray: 687e241dfbfc4e43-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 01 Sep 2021 12:25:59 GMT

GET
H3-29

200

gioi-thieu-lien-minh-ban-ca-450x254.jpg
doithuong247.net/wp-content/uploads/2020/08/
Redirect Chain

http://www.hpsbilling.com/uploads/images/416326.jpg
https://doithuong247.com/wp-content/uploads/2020/08/gioi-thieu-lien-minh-ban-ca-450x254.jpg
https://doithuong247.net/wp-content/uploads/2020/08/gioi-thieu-lien-minh-ban-ca-450x254.jpg

23 KB
24 KB

757ms
757ms

Image
image/jpeg

2606:4700:3035::ac43:8558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doithuong247.net/wp-content/uploads/2020/08/gioi-thieu-lien-minh-ban-ca-450x254.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d7ea4282a22486453f2a101f01bfd511136672c6aec7c1bf232355745a6a59a

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:26:00 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 23629
last-modified: Tue, 25 Aug 2020 06:57:38 GMT
server: cloudflare
etag: "5f44b662-5c4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iHLQ%2F9JZ2c%2Fv6Kc5H5nbVliNh0JQXxQf7p6HCnoh4l6WC8AqiSp0MLnmxgz%2FNuXM2Jnhtu1Ats8CLE7LCP%2FQ7cMcwUt9413VxZXEpXiWYp7TLZcEoQYmdF0V8bT%2BLFcb6Jqxk%2BHLOoEgeNJkj%2FkJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 687e24204dca2bf6-FRA
expires: Fri, 01 Oct 2021 11:22:38 GMT

Redirect headers

date: Wed, 01 Sep 2021 11:25:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzAs8ZZsWfbjoACS61DfMPfyKIbhYKocExGDecrfYAD2zMxem%2BzwUUpbHjnCnqNSiq0puRghMSuWYqlHaw6Fg5EjHwAu4THCF4jCPNzYh1eRVxkbiLrFfVamA3WsYQB5lmwTtoXjKrudNyerwVvB"}],"group":"cf-nel","max_age":604800}
location: https://doithuong247.net/wp-content/uploads/2020/08/gioi-thieu-lien-minh-ban-ca-450x254.jpg
cache-control: max-age=3600
cf-ray: 687e242038874e43-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 01 Sep 2021 12:25:59 GMT

GET
H2

200

u=2585232130,3182746523&fm=26&gp=0.jpg
ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/344615.jpg
https://ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/u=2585232130,3182746523&fm=26&gp=0.jpg

64 KB
64 KB

677ms
677ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/u=2585232130,3182746523&fm=26&gp=0.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 70c6c2434a772f159d1d9f92f791b716b98a1d53cec887eaf29e4b0c535e33ac

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:26:00 GMT
ohc-cache-hit: fra01-sys-jomo4.fra01.baidu.com [1]
ohc-response-time: 1 0 294 294 660 660
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
etag: f8021d865e9cd5b815366039d330e814
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 65056
expires: Fri, 01 Oct 2021 21:26:00 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:25:59 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9oeQvHJ31uup4sS3B%2BFds%2F97cZ6tQTI%2F%2B6PvkvjamGqVu3%2Fldag0Fedea7id4vsNoRPwjqmylWtZikfMcBDo%2BNHHSLH852FZM2M%2Fv7GRPD%2BX6kmq5aVouT2lNIlZehN3UlbPnUvhUXI0QOaKTQqOZs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/u=2585232130,3182746523&fm=26&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e241e3ff0dfef-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

u=3409621782,968728988&fm=15&gp=0.jpg
ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/398351.jpg
https://ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/u=3409621782,968728988&fm=15&gp=0.jpg

56 KB
56 KB

685ms
684ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/u=3409621782,968728988&fm=15&gp=0.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: c8218e9474b1e8001f48c7a7a44cac9a3c74d4ece3e4c22684668afa9040b0c7

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:26:00 GMT
ohc-cache-hit: fra01-sys-jomo2.fra01.baidu.com [1]
ohc-response-time: 1 0 298 298 664 665
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
etag: 1c077eac7c5d6ee96c1e86b956bebc06
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 57419
expires: Fri, 01 Oct 2021 11:26:00 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:26:00 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjd8TN4Xm9XoNUumr15eR87BK3EyfA2isWeq8y1%2FPw1X1nTfeM9w%2BxqoSJhUJHMPQ2tYXjmEmDNUzO0%2FHWBkFWBlHE%2F%2F8NaH%2B%2FfuiZs11LV7v9jX7E1nV%2BA8LgZbJWZx5C0xHxWKgkq44UziwyxekCo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/u=3409621782,968728988&fm=15&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e24206affdfef-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1

200
OK

error.html
www.baidu.com/search/
Redirect Chain

http://www.hpsbilling.com/uploads/images/536281.jpg
https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=551266242,2542152075&fm=11&gp=0.jpg
https://www.baidu.com/search/error.html

0
0

1344ms
792ms

Image
text/html

103.235.46.39
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.baidu.com/search/error.html
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.235.46.39 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date: Wed, 01 Sep 2021 11:26:01 GMT
ohc-response-time: 0 0 0 0 430 430
server: JSP3/2.0.14
location: https://www.baidu.com/search/error.html
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0

GET
H2

200

1-1-390x220.jpg
gamebainohu.info/wp-content/uploads/2019/12/
Redirect Chain

http://www.hpsbilling.com/uploads/images/912850.jpg
https://gamebainohu.org/wp-content/uploads/2019/12/1-1-390x220.jpg
http://gamebainohu.info/wp-content/uploads/2019/12/1-1-390x220.jpg
https://gamebainohu.info/wp-content/uploads/2019/12/1-1-390x220.jpg

23 KB
24 KB

26ms
26ms

Image
image/jpeg

2606:4700:3031::ac43:8815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamebainohu.info/wp-content/uploads/2019/12/1-1-390x220.jpg

Requested by

Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:8815 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

985409dec0061166dcd838c0ba15e08e9e6bbdd694f5976949438de310a108d4

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:26:01 GMT
x-content-type-options: "nosniff" always
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 370616
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 23859
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 27 Dec 2019 18:10:50 GMT
server: cloudflare
etag: "5e06492a-5d33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EdXZihGH4mhQ%2Fz1%2BZQDdoD9LJx2nsegpsRGfY8MomRdc3JrkSFlndAvPEL9nMq9zv1PoNoshpqZLinYhbu7Z6AeaVp9Qd71sgIDN1LBO%2FnDudAssEpFXsozH9%2BZioG2bKo0%2Ft8%2Fiw7I5tEL70lJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
cf-ray: 687e242d0f434de2-FRA
expires: Sun, 28 Aug 2022 04:29:05 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:26:01 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FLE5WLpLmZVRbdbCUsNSo70H9W5EJRG6OMAKItG8sbKHXpunNXweB0RHD4Bh1VXUH8pgSSeTh5Eu2i757CDSxKC4k%2Bo27Vbfg2w4oVkCaP6b45vu9QSv%2BVXuBgoHtpato1NflBOHpwcBQ3ubcaB"}],"group":"cf-nel","max_age":604800}
Location: https://gamebainohu.info/wp-content/uploads/2019/12/1-1-390x220.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e242ced145ca4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Expires: Wed, 01 Sep 2021 12:26:01 GMT

GET
H2

200

u=2174119,3390122242&fm=15&gp=0.jpg
ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/860421.jpg
https://ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/u=2174119,3390122242&fm=15&gp=0.jpg

50 KB
50 KB

713ms
713ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/u=2174119,3390122242&fm=15&gp=0.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 6820083a847fdc2d119421ab0ef8b02c41e516f3d8352ca3c83f6e48aff1d33e

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:26:02 GMT
ohc-cache-hit: fra01-sys-jomo5.fra01.baidu.com [1]
ohc-response-time: 1 0 304 304 696 696
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
etag: e4b5bdb24f1c84bb24e0067dca30d752
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 51163
expires: Fri, 01 Oct 2021 11:26:02 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:26:01 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nt2fAoLH8WpZ3ia1TgafHBLBFfm0Zu0HbLMHDXJYMXJ7YG%2Fl56JqnToMMOw9uJXbxG9sabMb04fY7%2Fm%2FKBBZO2BZ%2F0l2c%2F%2F1dOzFwBlCRxh9CFlFuPwlT9BMZvx0Fa1GX%2FfhgMGxFJMvNk6zTg%2BWew%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/u=2174119,3390122242&fm=15&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e242a1a16dfef-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

u=3759815094,1756452042&fm=15&gp=0.jpg
ss2.bdstatic.com/70cFvnSh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/984273.jpg
https://ss2.bdstatic.com/70cFvnSh_Q1YnxGkpoWK1HF6hhy/it/u=3759815094,1756452042&fm=15&gp=0.jpg

87 KB
87 KB

765ms
394ms

Image
image/png

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss2.bdstatic.com/70cFvnSh_Q1YnxGkpoWK1HF6hhy/it/u=3759815094,1756452042&fm=15&gp=0.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: c3f0469588fde10fdf1d8dddf9ed2bcb6abddac80347da5d6fd83b1db3679562

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:26:02 GMT
ohc-cache-hit: fra01-sys-jomo0.fra01.baidu.com [1]
ohc-response-time: 1 0 0 0 376 376
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
etag: 533d5a2ec1b93679ad65cea23acded0f
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 88723
expires: Fri, 01 Oct 2021 11:26:02 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:26:01 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDHS4RfmgPQTxetelSoUyQSAW7PbBzGje1nuTb7AyszeBTfXwBDTH0mw8zep9Et0pmmuKfT31XV6raJ0Kq0spbfp3upwvoVhx9bnobFvmMiiMLRPvPxOhBOOCxkRyujoUzeXMhX3zxKqVtuHFe%2B2Xh4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss2.bdstatic.com/70cFvnSh_Q1YnxGkpoWK1HF6hhy/it/u=3759815094,1756452042&fm=15&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e242a3ad20629-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

u=1752458207,4109313179&fm=15&gp=0.jpg
ss0.bdstatic.com/70cFvHSh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/170633.jpg
https://ss0.bdstatic.com/70cFvHSh_Q1YnxGkpoWK1HF6hhy/it/u=1752458207,4109313179&fm=15&gp=0.jpg

46 KB
46 KB

438ms
438ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss0.bdstatic.com/70cFvHSh_Q1YnxGkpoWK1HF6hhy/it/u=1752458207,4109313179&fm=15&gp=0.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 7036d3d76db318d76bbc71f1e34256ef291162aedd90df93b5a6244b08b11abe

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:26:02 GMT
ohc-cache-hit: fra01-sys-jomo3.fra01.baidu.com [1]
ohc-response-time: 1 0 197 197 421 421
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
etag: 7615e4391cbed1a540218bcfaa4ab097
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 46603
expires: Fri, 01 Oct 2021 21:26:02 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:26:01 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDUaIs2bdVaFIh%2F15OWmUQOC3SCuLNCQ4reG5CcHVKUunaK0p2b3TSMGTHW4BXFhofx4zXkJKEcyUYyo0Iv8g%2F7hRdFmirHoBuoSM9iz4%2F47mbKu%2FNolvscOX%2BB3dcRxbwlaOoq7yFkY%2Fu4u1QHStJM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss0.bdstatic.com/70cFvHSh_Q1YnxGkpoWK1HF6hhy/it/u=1752458207,4109313179&fm=15&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e242b6e390621-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29

200

sky88.com_-450x254.jpg
doithuong247.net/wp-content/uploads/2021/03/
Redirect Chain

http://www.hpsbilling.com/uploads/images/298706.jpg
https://doithuong247.com/wp-content/uploads/2021/03/sky88.com_-450x254.jpg
https://doithuong247.net/wp-content/uploads/2021/03/sky88.com_-450x254.jpg

39 KB
40 KB

13ms
13ms

Image
image/jpeg

2606:4700:3035::ac43:8558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doithuong247.net/wp-content/uploads/2021/03/sky88.com_-450x254.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a63789b3c3d8170ab04c45b638ef0b226ad11fe33cb569968064368b1c30948

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:26:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 115137
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39862
last-modified: Wed, 03 Mar 2021 07:53:28 GMT
server: cloudflare
etag: "603f4078-9bb6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvF7CVpCfXN4t9PyaevAAqNHDXYp%2Fuvh%2FfGMWg4Jszzm%2FeUpnQ4TMoU%2F5Wd3PHmtg4rPC7%2BWJ1IXzj4JZoYe%2FjgfZYaGKtEp5jB%2BxnOS7R%2F9li1jjZ2KCXdF6q%2B%2BK2PUCAHsd6mwDCvhYZM%2FiuDO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 687e242f5ab22bf6-FRA
expires: Thu, 30 Sep 2021 03:23:46 GMT

Redirect headers

date: Wed, 01 Sep 2021 11:26:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZahMHO%2BiTNxy%2BtNkbaWK0c0Tt12jAU%2BI6kLWillFhTcBqpl6735q2cAitW9wmDhohTt%2BOxW80H8SCGbtgadIaj7zHjiBab%2FZe4ABd2qr%2BC8dKxnIbMtY1QKpJtHCGEI2tqPtKpRpgdbuCVl7%2BbT"}],"group":"cf-nel","max_age":604800}
location: https://doithuong247.net/wp-content/uploads/2021/03/sky88.com_-450x254.jpg
cache-control: max-age=3600
cf-ray: 687e242f4f625c56-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 01 Sep 2021 12:26:02 GMT

GET
H3-29

200

doithuongvip-club-450x254.jpg
doithuong247.net/wp-content/uploads/2021/04/
Redirect Chain

http://www.hpsbilling.com/uploads/images/733686.jpg
https://doithuong247.com/wp-content/uploads/2021/04/doithuongvip-club-450x254.jpg
https://doithuong247.net/wp-content/uploads/2021/04/doithuongvip-club-450x254.jpg

30 KB
31 KB

759ms
759ms

Image
image/jpeg

2606:4700:3035::ac43:8558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doithuong247.net/wp-content/uploads/2021/04/doithuongvip-club-450x254.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab2ee2edb9a1285bd466bacd23429083b24bf424b6320bf5053d157c334408fd

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:26:03 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30859
last-modified: Tue, 27 Apr 2021 01:14:40 GMT
server: cloudflare
etag: "60876580-788b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvIcQV7xQUzdZW9FqEwTSUYVJzlHzCG5rrP%2FyIfvjzCZ3l7wLsEX99VeVn1WNmeP1%2F7g6CvE5V8Ho70%2BliqJHCQ%2FBqAY105rRhmRAKBfVfBBVJp6XNaADyGONZ%2FynkAXdOerBlRUA0eDkEhlaSwX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 687e2431b85d2bf6-FRA
expires: Fri, 01 Oct 2021 11:22:40 GMT

Redirect headers

date: Wed, 01 Sep 2021 11:26:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4Ieqjb0Ic7Tb13J%2BjtmjxylcoelSpEKJFzosSaqzRjnuRwoii%2FH4gmzHhl9xM3gmf8BcTqOMWyox4nGYaLXLev0FA4eDjOVgxAaqPSxcdkAW%2FobxH3HtVnKRAMWtYNcO7Ad%2B8B1L%2B9egCmF9oWw"}],"group":"cf-nel","max_age":604800}
location: https://doithuong247.net/wp-content/uploads/2021/04/doithuongvip-club-450x254.jpg
cache-control: max-age=3600
cf-ray: 687e2431981d4e43-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 01 Sep 2021 12:26:02 GMT

GET
H3-29

200

san-hu-777-450x254.jpg
doithuong247.net/wp-content/uploads/2020/08/
Redirect Chain

http://www.hpsbilling.com/uploads/images/138962.jpg
https://doithuong247.com/wp-content/uploads/2020/08/san-hu-777-450x254.jpg
https://doithuong247.net/wp-content/uploads/2020/08/san-hu-777-450x254.jpg

23 KB
23 KB

14ms
14ms

Image
image/jpeg

2606:4700:3035::ac43:8558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doithuong247.net/wp-content/uploads/2020/08/san-hu-777-450x254.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a7b8239ce0a0b920b11873bb426a8045a55d8484d34ef5dd96cb6c1240efaac

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:26:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 147036
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 23312
last-modified: Fri, 28 Aug 2020 07:23:27 GMT
server: cloudflare
etag: "5f48b0ef-5b10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYzOc48TaWw6GRfyR%2B%2BGX5jpaa6CMgHW436zxXZjjCntpzn2uJ8X2S8QBw8Scjz6RuEZ5yhRADlNH24RJ6qSUjiWk2%2BRVpgtq1tPHe3TQ%2FI4PYFnQHc0zRyWrpyMb%2BhHz2Mkgst%2BX9u%2F8NPHdHUu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 687e24348e292bf6-FRA
expires: Wed, 29 Sep 2021 18:32:08 GMT

Redirect headers

date: Wed, 01 Sep 2021 11:26:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YeK23Be3n2J%2BaLouc8t0%2FEEpOe46%2FPjd5gOr5tTdWv3SIhhumRil89FcjaAL02rMmoF3LmG8LBlFwndhXOGE0QMFwY4xzkuxS%2FvyGOxybkL%2FXuvJoegrYQ98lGuyP8N9oI2hk6jyLNCw3AhOVyrU"}],"group":"cf-nel","max_age":604800}
location: https://doithuong247.net/wp-content/uploads/2020/08/san-hu-777-450x254.jpg
cache-control: max-age=3600
cf-ray: 687e24347e174e43-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 01 Sep 2021 12:26:02 GMT

GET
H3-29

200

danh-gia-cong-game-zindoclub-450x254.jpg
doithuong247.net/wp-content/uploads/2020/06/
Redirect Chain

http://www.hpsbilling.com/uploads/images/652386.jpg
https://doithuong247.com/wp-content/uploads/2020/06/danh-gia-cong-game-zindoclub-450x254.jpg
https://doithuong247.net/wp-content/uploads/2020/06/danh-gia-cong-game-zindoclub-450x254.jpg

21 KB
21 KB

804ms
804ms

Image
image/jpeg

2606:4700:3035::ac43:8558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doithuong247.net/wp-content/uploads/2020/06/danh-gia-cong-game-zindoclub-450x254.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 147808b993d4ec86983523fb2cc73d22dcbb13237d6ca6b4218a6f25725cf751

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:26:03 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 21352
last-modified: Sat, 20 Jun 2020 02:08:47 GMT
server: cloudflare
etag: "5eed6faf-5368"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4WAwSGS6nyLbaeSSOLi4WlHGRhazwzoWjw9rN%2BO55IKfCqxz2KUgpFohvySbfkAMIw5Kx67W7m4vmMjLqJA3WziyZYadgYYIAW7lMSDeWWvrJnbLMTk%2Bm2e46FHEYC2e%2BfDfhTdCrYjyMJVenlE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 687e2434ae622bf6-FRA
expires: Fri, 01 Oct 2021 11:22:41 GMT

Redirect headers

date: Wed, 01 Sep 2021 11:26:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IjQz9VFXAsuQAocak2oVmJvx%2BW6Jsj%2B76uotRFgxIqSrBlYd5r%2BzYkj8ln%2FY1C2xDx46LyM71rrl5u%2F%2Bd8MCaqKdL0rcJsm%2BoB4jIwAOoA54beIIGT%2FTSPWcYsfaPGWrkOFc8W64H31%2BddbLjcea"}],"group":"cf-nel","max_age":604800}
location: https://doithuong247.net/wp-content/uploads/2020/06/danh-gia-cong-game-zindoclub-450x254.jpg
cache-control: max-age=3600
cf-ray: 687e24349e6b4e43-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 01 Sep 2021 12:26:02 GMT

GET
H2

200

u=1823340983,2818204377&fm=26&gp=0.jpg
ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/424587.jpg
https://ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/u=1823340983,2818204377&fm=26&gp=0.jpg

42 KB
42 KB

22ms
22ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/u=1823340983,2818204377&fm=26&gp=0.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: a7e534de68c516506b7ec7b22398ae0cd0d1648fff1ccbbcb5a1be49fea289e6

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:26:03 GMT
ohc-cache-hit: fra01-sys-jomo3.fra01.baidu.com [4]
ohc-response-time: 1 0 0 0 0 0
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
age: 319095
etag: f13e016df1e873597b54eba3d8e3d445
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 43143
expires: Mon, 27 Sep 2021 18:47:48 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:26:03 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DAYt%2Bcd1ITS3rKAUSekQhLqAcKflQcfx6J4ksU71Rxz90HxK7UAufyRcCdbxMmD6MNflBFlRrMvpL8y35wEXb07EdtVyGrcX1ohb9kpUEkaheQZe4iKk6ou1gJRbTS%2BCjyPatkPnTn6YdwunIDpRw8I%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/u=1823340983,2818204377&fm=26&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e24333940dfef-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK _dmca_premi_badge_3.png
www.hpsbilling.com/template/dailynhacai/link/static1/picture/ 3 KB
4 KB 332ms
331ms Image
image/png 2606:4700:3035::ac43:ca67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hpsbilling.com/template/dailynhacai/link/static1/picture/_dmca_premi_badge_3.png
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:ca67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 295b0baf13135d5629b98d263dd9b8bb4e9676e3adae21904cf37934c0d8295b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.hpsbilling.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.hpsbilling.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 11:26:03 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 3026
last-modified: Fri, 21 May 2021 07:43:40 GMT
Server: cloudflare
etag: "60a764ac-bd2"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqVJLcWZwjETsYOme02ZDAtwo3pqwBWN%2FssnvROcddv9IyNiHvCZbf1hv64EooAH5z21p4s4%2BdErQBpPSg%2FtrUfRizlisxYB35KB%2FpkxPQ9IsWuuLZwCqZjZq8bnaSmQLIOj9H7V4CcGxf8a%2FvFM26c%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 687e2434a98b0621-FRA
expires: Fri, 01 Oct 2021 11:26:03 GMT

GET
H2

200

r88-vin-450x254.jpg
doithuong247.net/wp-content/uploads/2020/07/
Redirect Chain

http://www.hpsbilling.com/uploads/images/718836.jpg
https://doithuong247.com/wp-content/uploads/2020/07/r88-vin-450x254.jpg
https://doithuong247.net/wp-content/uploads/2020/07/r88-vin-450x254.jpg

42 KB
43 KB

15ms
15ms

Image
image/jpeg

2606:4700:3035::ac43:8558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doithuong247.net/wp-content/uploads/2020/07/r88-vin-450x254.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af13eafde310925a092fc88b3f9e31e9ff41d4734ee89676d0655696339f8402

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 137960
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43048
last-modified: Mon, 20 Jul 2020 03:19:35 GMT
server: cloudflare
etag: "5f150d47-a828"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4yhB1Zgq%2BM9TJw4mYXTYkTbq5%2B9W147pyHbqxfwW%2F1%2BZX5uHUDY1WR2c9q%2B9%2B55vYRkXphFP57J5qfpdpJH0S6XD1YZwRV%2FeDvApgULF8eMLlzoZ5H2fNI%2BXN0o92Avix%2FvGJmzRB3OU1Z3%2FV0e1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 687e240f9f690eaf-FRA
expires: Wed, 29 Sep 2021 21:03:19 GMT

Redirect headers

date: Wed, 01 Sep 2021 11:25:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19pQ08mVxTu9vkGxJItTIUI3MJNRaS016IxokUn22CsaL0jwhmhIxog%2BFY0yQgbF9xFs8kQDbb3jyvEBE0462fbcX%2B%2FeQy1ZcewA3FAjqS2g6Iv0xwQRfi%2BTJJf9HEpYDgYLLzYZhJGE%2F4J6IgDw"}],"group":"cf-nel","max_age":604800}
location: https://doithuong247.net/wp-content/uploads/2020/07/r88-vin-450x254.jpg
cache-control: max-age=3600
cf-ray: 687e240f7b644e43-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 01 Sep 2021 12:25:57 GMT

GET
H2

200

u=3972980027,2052775295&fm=15&gp=0.jpg
ss0.bdstatic.com/70cFvHSh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/177557.jpg
https://ss0.bdstatic.com/70cFvHSh_Q1YnxGkpoWK1HF6hhy/it/u=3972980027,2052775295&fm=15&gp=0.jpg

499 KB
500 KB

37ms
37ms

Image
image/png

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss0.bdstatic.com/70cFvHSh_Q1YnxGkpoWK1HF6hhy/it/u=3972980027,2052775295&fm=15&gp=0.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 78fea1b849a96add9919e9969ea71462b5a5f4d78f353f9fec0dd620ecc7d759

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:56 GMT
ohc-cache-hit: fra01-sys-jomo1.fra01.baidu.com [3]
ohc-response-time: 1 0 0 0 0 17
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
age: 376658
etag: d7c323d0b040cbcde46e53ca51a4eac5
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 510724
expires: Mon, 27 Sep 2021 12:48:18 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:25:56 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFUHAzVYnBxU7Nw5Li5hqGDrUGc1lhAH%2BzmMrwarsaJKe80vA6ex390ZnFdUJ26bWp4JfG9YrisW1rdo%2BqIBIRGFwHxi4vO05BpW1jvdyv7LlwK0aOOe4Ct6FCPmPH5g7lC0EEt6HjmMbnPkAAyh%2F44%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss0.bdstatic.com/70cFvHSh_Q1YnxGkpoWK1HF6hhy/it/u=3972980027,2052775295&fm=15&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e240ced5a0621-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

xanh9-club-450x254.jpg
doithuong247.net/wp-content/uploads/2020/08/
Redirect Chain

http://www.hpsbilling.com/uploads/images/832096.jpg
https://doithuong247.com/wp-content/uploads/2020/08/xanh9-club-450x254.jpg
https://doithuong247.net/wp-content/uploads/2020/08/xanh9-club-450x254.jpg

22 KB
22 KB

813ms
786ms

Image
image/jpeg

2606:4700:3035::ac43:8558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doithuong247.net/wp-content/uploads/2020/08/xanh9-club-450x254.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:8558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c16395917568c0144d6ab94fd72796e4f4b35bdc3d075177a5fbb37ec53fe23a

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 22499
last-modified: Wed, 12 Aug 2020 06:39:11 GMT
server: cloudflare
etag: "5f338e8f-57e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abPMChimdR71NaXf6sxZ3jzdiCx4N75mMPLZFkIWgo5yqQBEkzCHF7lohCnOYWaOB4npzw%2BpuI6KnkDAlqDwcTs%2F2%2F53Ne1LbfRIN%2FZyqs%2BYCTcQSDnMY2uGWLMyrxFl79WatCRfSGDF%2BBvmX8do"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 687e240c9afe0eaf-FRA
expires: Fri, 01 Oct 2021 11:22:34 GMT

Redirect headers

date: Wed, 01 Sep 2021 11:25:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0TEM1zYeP7UFy7Ep%2BzlifkDdD4zec73VbLZ20QkbC5btsYuT3LCzlbX6pRaqTA1%2FrLvNv4okNZB%2BiMRAPI97W9%2FucM57tzI9noYX%2B50ymKVMybDNzEVMTRG9xLGB7xn5V5hOYQ3kii1aLRg1GBzb"}],"group":"cf-nel","max_age":604800}
location: https://doithuong247.net/wp-content/uploads/2020/08/xanh9-club-450x254.jpg
cache-control: max-age=3600
cf-ray: 687e240c5e355c56-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 01 Sep 2021 12:25:56 GMT

GET
H3-29

200

vuabai88-450x254.jpg
doithuong247.net/wp-content/uploads/2020/09/
Redirect Chain

http://www.hpsbilling.com/uploads/images/71310.jpg
https://doithuong247.com/wp-content/uploads/2020/09/vuabai88-450x254.jpg
https://doithuong247.net/wp-content/uploads/2020/09/vuabai88-450x254.jpg

21 KB
22 KB

39ms
27ms

Image
image/jpeg

2606:4700:3035::ac43:8558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doithuong247.net/wp-content/uploads/2020/09/vuabai88-450x254.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc7491e2634c12610fc47c0285fd66668e6f2055f7d98524e74fe4f16add38d8

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 114853
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 21880
last-modified: Tue, 01 Sep 2020 07:24:59 GMT
server: cloudflare
etag: "5f4df74b-5578"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbIrkSVeBfiVOBp3AQpvzCoi7JJjnxSS%2BQ5bnMcImsO54SOOvGM8A8yq9EIsCrr%2BrAknEqrbc%2Bq7q7G9KV1Rr9uIA%2Bqi%2FxiHx7aRVa%2Bu3bUVjjlHl3hylSqad6dR%2BBFRth6MgwUCtsp9IY6VbAL0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 687e241038122bf6-FRA
expires: Thu, 30 Sep 2021 03:28:25 GMT

Redirect headers

date: Wed, 01 Sep 2021 11:25:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aj6x%2BtDT4js62nCEpW7MkZMmjV8EgXDf%2F7wvONf2bY95AztXYjRhqoGmNRndzw7YI8H8ws%2FXEV47rhKd214cZTvplWltP%2F%2BZjs731HBo2qgh74LWbtclQ43gKtCb6X2rox7mdVDJKuBG%2FWTrluMa"}],"group":"cf-nel","max_age":604800}
location: https://doithuong247.net/wp-content/uploads/2020/09/vuabai88-450x254.jpg
cache-control: max-age=3600
cf-ray: 687e24101cb14e43-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 01 Sep 2021 12:25:57 GMT

GET
H2

200

u=528133264,2444508799&fm=15&gp=0.jpg
ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/477485.jpg
https://ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/u=528133264,2444508799&fm=15&gp=0.jpg

52 KB
52 KB

1548ms
764ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/u=528133264,2444508799&fm=15&gp=0.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 836224fd4d4053edf742eff2c55190e4aa449b929a804a01a319efac2518f376

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:58 GMT
ohc-cache-hit: fra01-sys-jomo3.fra01.baidu.com [1]
ohc-response-time: 1 0 304 304 744 744
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
etag: 9b944fb33132f29934fb303734dd6cb5
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 52798
expires: Fri, 01 Oct 2021 21:25:58 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:25:56 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZL91gNVqJpEShJP%2F17be1DW8C8yh75baYCK3sp5ZNC1YN33GgZfKvrNAbvImmlkq9jw5%2FR8N%2Fn01G7ngcjWKOAWwryUKC2fSkRoiLKjk04JL8xgzZTtXDJCeS5gvtZSYh7oK6H1fYQdUB3UWVxjQpY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/u=528133264,2444508799&fm=15&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e2409a8f95c08-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK aa289.js Show response
www.hpsbilling.com/template/dailynhacai/link/static1/js/ 116 KB
35 KB 480ms
479ms Script
application/javascript 2606:4700:3035::ac43:ca67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hpsbilling.com/template/dailynhacai/link/static1/js/aa289.js
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:ca67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f3877aa0282814f5393ad493097eaded65e18cdc6fbbc32fcb67489b90d142

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.hpsbilling.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: */*
Referer: http://www.hpsbilling.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 11:26:03 GMT
content-encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Fri, 21 May 2021 07:43:40 GMT
Server: cloudflare
etag: W/"60a764ac-1d06a"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYtbYExPzFyG5a2jCOLi4hBUT9TlKitcR5jqlWZOqRnaJK%2BjACy2VXCqhL2AsYPaKp830IXuhc1r6pYYGMqFviQin7A7YB3rVZNhD98TYOoL2jDG7g82Dn%2F%2B%2FhvlviKBHA%2BWYCx45NQcKz4i7ax82Zw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
cache-control: max-age=43200
CF-RAY: 687e24358cd7dfef-FRA
expires: Wed, 01 Sep 2021 23:26:03 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK star-gray.png
www.hpsbilling.com/template/dailynhacai/link/static1/images/ 286 B
1 KB 948ms
310ms Image
image/png 2606:4700:3035::ac43:ca67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hpsbilling.com/template/dailynhacai/link/static1/images/star-gray.png
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:ca67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38a45cc44b1ec9fb74fa0ac87e75eb0da8dd3c96e6ff208c6c23819a95d96302

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.hpsbilling.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.hpsbilling.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 11:25:56 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 286
last-modified: Fri, 21 May 2021 07:43:40 GMT
Server: cloudflare
etag: "60a764ac-11e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GFDhNrFF5ifMDXQXxP3xDdfzTNbQv6pPaCH8GVZfX%2BrESHP9B%2FO9a8y9QNNGv6AJC8bqNWE%2F39pkbyi7UW3JDy%2BTv1690aAB4iqbr7YzDjhBYXBuiC%2FKZM3Hv1ApstQZGFxqaSBSACAwfI3gms9bq4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 687e240beeb15c08-FRA
expires: Fri, 01 Oct 2021 11:25:56 GMT

GET
H/1.1 200
OK star.png
www.hpsbilling.com/template/dailynhacai/link/static1/images/ 452 B
1 KB 993ms
332ms Image
image/png 2606:4700:3035::ac43:ca67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hpsbilling.com/template/dailynhacai/link/static1/images/star.png
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:ca67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 821f9e3b86f9f1ca7a364e450fb896e6ca967081bf3c38feff4d918661f4df7f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.hpsbilling.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.hpsbilling.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 11:25:56 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 452
last-modified: Fri, 21 May 2021 07:43:40 GMT
Server: cloudflare
etag: "60a764ac-1c4"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SB54y9I7ZQfKZb%2FHHRctrUAvZHCS%2FmRTIHY%2FABMRZeJia%2F777Lks5%2FUDr5%2BBt%2BFq6ojkeUq79As%2F4rdrbMJH1d0SgEQp8e82oeqYuUWpUGfKiyCiNF0%2F%2BwpwAz%2FJezGUQReCyWBdjfLtd%2F7s%2BZuagiA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 687e240c2bd2dfef-FRA
expires: Fri, 01 Oct 2021 11:25:56 GMT

GET
H/1.1 200
OK star-gray-new.png
www.hpsbilling.com/template/dailynhacai/link/static1/images/ 219 B
1 KB 850ms
170ms Image
image/png 2606:4700:3035::ac43:ca67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hpsbilling.com/template/dailynhacai/link/static1/images/star-gray-new.png
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:ca67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60e7273f2df60734add987345f311b509a0f713040a2ad011432157756fab182

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.hpsbilling.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.hpsbilling.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 11:25:56 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 219
last-modified: Fri, 21 May 2021 07:43:38 GMT
Server: cloudflare
etag: "60a764aa-db"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFeeZ1WTga90yVhx5ft7YA9aD3PCMrrC1eOe3hAbdpQDtDkRnQT6nxS4QthjLRC7%2FdFCKzH5LdHca5W0g2ha4Y4mK%2B3y6GxeGfoZomfn3g4eOQPjlJrAl9JoKSa2n5BkPlX7W2PrDpUZazdwWMmx9Z8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 687e240c3b691f4d-FRA
expires: Fri, 01 Oct 2021 11:25:56 GMT

GET
H/1.1 200
OK star-new.png
www.hpsbilling.com/template/dailynhacai/link/static1/images/ 372 B
1 KB 865ms
333ms Image
image/png 2606:4700:3035::ac43:ca67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hpsbilling.com/template/dailynhacai/link/static1/images/star-new.png
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:ca67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f805c00627973c74a257e73ec14139bf60cc29d58fd1aae608dc6c4e5a0f4cf5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.hpsbilling.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.hpsbilling.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 11:25:56 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 372
last-modified: Fri, 21 May 2021 07:43:40 GMT
Server: cloudflare
etag: "60a764ac-174"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7EpVfGdQE3D%2BPe9RjbUYQDsYUkVSPpzYNdTbBSGI8QAVFo6CTpR06ZmCXs5sNDcGj%2FwcHqZ%2BfRUD5Y%2Bi9QPi1QJiWij1UeZfOEhB3ViiJcx0rmzZARgEGULcZWexmaESCgUiIqadYmLFJ1R3tH%2F8Fk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 687e240b48db05bf-FRA
expires: Fri, 01 Oct 2021 11:25:56 GMT

GET
H/1.1 200
OK list-style.png
www.hpsbilling.com/template/dailynhacai/link/static1/images/ 1 KB
2 KB 680ms
320ms Image
image/png 2606:4700:3035::ac43:ca67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hpsbilling.com/template/dailynhacai/link/static1/images/list-style.png
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/template/dailynhacai/link/static1/css/743f9.css
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:ca67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b32e34618ef6154de6e4c9cafa80225cf66831ea64f805878fc554f28d258be

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.hpsbilling.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.hpsbilling.com/template/dailynhacai/link/static1/css/743f9.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.hpsbilling.com/template/dailynhacai/link/static1/css/743f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 11:25:56 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 1247
last-modified: Fri, 21 May 2021 07:43:42 GMT
Server: cloudflare
etag: "60a764ae-4df"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GhMD9a6MFI%2FEqOYUkj%2F5TdkR1Cojn7Z0KoUmEBkF4i7lVywe7FvsmgZOvWB571cYJQw3Q54%2Fkwp0u2gu%2BTZYFTJN%2Bl3%2FX7kp7eIRlYtPSJXx9tibKcPPbCWr9Hd9pGWc1XMzVoDZWCWNeugCQq2Dkxg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 687e240a38051f4d-FRA
expires: Fri, 01 Oct 2021 11:25:56 GMT

GET
H/1.1 200
OK fa-regular-400.woff2
www.hpsbilling.com/template/dailynhacai/link/static1/fonts/ 107 KB
108 KB 703ms
607ms Font
font/woff2 2606:4700:3035::ac43:ca67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hpsbilling.com/template/dailynhacai/link/static1/fonts/fa-regular-400.woff2
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/template/dailynhacai/link/static1/css/743f9.css
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:ca67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cc49fc5ded58b415e3f3fd2f07cff4f18da9e1e09602b5085fcd3f0cc85a486

Request headers

Pragma: no-cache
Origin: http://www.hpsbilling.com
Accept-Encoding: gzip, deflate
Host: www.hpsbilling.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: */*
Referer: http://www.hpsbilling.com/template/dailynhacai/link/static1/css/743f9.css
Connection: keep-alive
Cache-Control: no-cache
Origin: http://www.hpsbilling.com
Referer: http://www.hpsbilling.com/template/dailynhacai/link/static1/css/743f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 11:25:56 GMT
CF-Cache-Status: MISS
last-modified: Fri, 21 May 2021 07:43:42 GMT
Server: cloudflare
etag: "60a764ae-1adc4"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rveJ6xfFEUTcmcIO9ieCgbzQypHORGVD7i93O0MAFxef4oJBEXaqDgE0Q0wADtIkBgAoxtG0ecr7iE4OgF2X96hCpd1wkUHdEtLNv0txG03NKuTPUQa24D732yQanbc9jz3BMCcElOl1GeG2oNPMg%2Bo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff2
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 687e24082a480621-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 110020

GET
H/1.1 200
OK fa-light-300.woff2
www.hpsbilling.com/template/dailynhacai/link/static1/fonts/ 115 KB
116 KB 950ms
617ms Font
font/woff2 2606:4700:3035::ac43:ca67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hpsbilling.com/template/dailynhacai/link/static1/fonts/fa-light-300.woff2
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/template/dailynhacai/link/static1/css/743f9.css
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:ca67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fc5ace475076f454c946a32e61011a7b8b0ab6fadfb98a73756906b94a5588d

Request headers

Pragma: no-cache
Origin: http://www.hpsbilling.com
Accept-Encoding: gzip, deflate
Host: www.hpsbilling.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: */*
Referer: http://www.hpsbilling.com/template/dailynhacai/link/static1/css/743f9.css
Connection: keep-alive
Cache-Control: no-cache
Origin: http://www.hpsbilling.com
Referer: http://www.hpsbilling.com/template/dailynhacai/link/static1/css/743f9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 11:25:56 GMT
CF-Cache-Status: MISS
last-modified: Fri, 21 May 2021 07:43:42 GMT
Server: cloudflare
etag: "60a764ae-1ccb0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJNNnLkwyH4dqHezkeLXlPANL2fkbNYJ8fUNy8MyXeWT9RZRkq5BwJNGcfk2uw57XZIKvjhUMaPpJE%2BI7FphGsRf09kb20yzHYdAN4EVEcEuoiOiy%2FKejtlBgLrFF3bEpTW%2FDPnKrnYgzElOfaLhib4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: font/woff2
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 687e2409ae0d0629-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 117936

GET
H2

200

u=3634549894,711542321&fm=15&gp=0.jpg
ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/726269.jpg
https://ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/u=3634549894,711542321&fm=15&gp=0.jpg

39 KB
39 KB

42ms
19ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/u=3634549894,711542321&fm=15&gp=0.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 4c22a21c8302e34a656e8a42e6708abff246e839195848b8c04a371f43a7b4d7

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:57 GMT
ohc-cache-hit: fra01-sys-jomo7.fra01.baidu.com [4]
ohc-response-time: 1 0 0 0 0 0
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
age: 236569
etag: 61c417d75ad853f10a2f1bd3fffbc786
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 39947
expires: Tue, 28 Sep 2021 17:43:08 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:25:57 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TS45DuZAax3KTzuurmqdFiOOYT0xLkH58wAsaeihACJmB8bXjjKGXRe3zN4P2rulDIbgUNiaOwbjShDBeGue0EOfgFTIhnURNat9H3aXvTbNvanfHIh8KbjnBIHmjejKe90EbExdJpPVX6aZoSeN2fA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss1.bdstatic.com/70cFuXSh_Q1YnxGkpoWK1HF6hhy/it/u=3634549894,711542321&fm=15&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e240e8f460629-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29

200

gioi-thieu-cong-game-bai-doi-thuong-hu-86-e1595316021106-450x254.jpg
doithuong247.net/wp-content/uploads/2020/06/
Redirect Chain

http://www.hpsbilling.com/uploads/images/334052.jpg
https://doithuong247.com/wp-content/uploads/2020/06/gioi-thieu-cong-game-bai-doi-thuong-hu-86-e1595316021106-450x254.jpg
https://doithuong247.net/wp-content/uploads/2020/06/gioi-thieu-cong-game-bai-doi-thuong-hu-86-e1595316021106-450x254.jpg

20 KB
21 KB

19ms
18ms

Image
image/jpeg

2606:4700:3035::ac43:8558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doithuong247.net/wp-content/uploads/2020/06/gioi-thieu-cong-game-bai-doi-thuong-hu-86-e1595316021106-450x254.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a3a7a0e5543a0639b9fba44677311fd76a9f4060002c0a6577a227c31aeed30

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 124968
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 20910
last-modified: Tue, 21 Jul 2020 07:20:22 GMT
server: cloudflare
etag: "5f169736-51ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpegwrDHMeut%2B8zT91KMLrKu9tj4fiYFL35XQDzqNClvTj%2BPdZFf6cRtfA5hyVolTRG%2FFxNo3e86u8wjeQLOYI5PNnJVRKFK1uWy%2FV5nko1pjoL6RuTaMl9RGFCf85ms6kG%2BUYpNx9W9AA4QtFFP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 687e24114a3e2bf6-FRA
expires: Thu, 30 Sep 2021 00:39:51 GMT

Redirect headers

date: Wed, 01 Sep 2021 11:25:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFL5j0NrRxFXITk1rNSPc5RPUXzuLkUE%2F%2BMxgbH9HlyBG%2FHeTyi6EjpG1YPBLLXWSl3%2Ba46vNDUsfueU9hx2D5NeS09f%2B0K9fp1e5v2RK8f8AdlnBiuTZ3lM4OOH9gG8LStnr1xnc4lpbkF1dl3N"}],"group":"cf-nel","max_age":604800}
location: https://doithuong247.net/wp-content/uploads/2020/06/gioi-thieu-cong-game-bai-doi-thuong-hu-86-e1595316021106-450x254.jpg
cache-control: max-age=3600
cf-ray: 687e24113f184e43-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 01 Sep 2021 12:25:57 GMT

GET
H3-29

200

Untitled-7-390x220.jpg
gamebainohu.info/wp-content/uploads/2019/10/
Redirect Chain

http://www.hpsbilling.com/uploads/images/514248.jpg
https://gamebainohu.org/wp-content/uploads/2019/10/Untitled-7-390x220.jpg
http://gamebainohu.info/wp-content/uploads/2019/10/Untitled-7-390x220.jpg
https://gamebainohu.info/wp-content/uploads/2019/10/Untitled-7-390x220.jpg

22 KB
23 KB

31ms
18ms

Image
image/jpeg

2606:4700:3031::ac43:8815
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamebainohu.info/wp-content/uploads/2019/10/Untitled-7-390x220.jpg

Requested by

Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:8815 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0eb317818062fdf512865426c64c4333b43a76c5b330d290743be89a1d6d5c56

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:26:04 GMT
x-content-type-options: "nosniff" always
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 374631
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 22255
x-xss-protection: "1; mode=block" always
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 28 Dec 2019 00:27:04 GMT
server: cloudflare
etag: "5e06a158-56ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAGk6579LjDbO41c259SuZOYn4WPEDQp2cbOOHef3PvipQJ2BXmzTRZPpuSBpmN08I5v4WZm4yBjjoVtSrpYijr9%2FSuFnMwV6GHlwkkq9bZlMVyzzExqs5HyxbLSxt0y2Hp3TIGeuxlOjnzSg%2Bkz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
cf-ray: 687e243c8f5f4dd0-FRA
expires: Sun, 28 Aug 2022 03:22:13 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:26:04 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cfHPI0Eg3VmHCZDKZ%2Bec2SIFvXG6cPM2YajB5zU2GMrnCi7%2FlBOtRPrBZn%2FPoVUTqNoeBxGgCVRkc%2FuRAaToGWA8B8ypxEFyq%2BYsE7p8Jgh5jJqtxCfrzpNUMpssbpUcH7hu%2FkqQpPURV4oXcSnu"}],"group":"cf-nel","max_age":604800}
Location: https://gamebainohu.info/wp-content/uploads/2019/10/Untitled-7-390x220.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e243c58a55ca4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Expires: Wed, 01 Sep 2021 12:26:04 GMT

GET
H3-29

200

vn69-450x254.jpg
doithuong247.net/wp-content/uploads/2020/08/
Redirect Chain

http://www.hpsbilling.com/uploads/images/33360.jpg
https://doithuong247.com/wp-content/uploads/2020/08/vn69-450x254.jpg
https://doithuong247.net/wp-content/uploads/2020/08/vn69-450x254.jpg

23 KB
23 KB

13ms
13ms

Image
image/jpeg

2606:4700:3035::ac43:8558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doithuong247.net/wp-content/uploads/2020/08/vn69-450x254.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6aefe4c6c646df8c3af0ccbfe355040dd125d1cca3567bb38817bf1f6dd558b

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:26:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136510
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 23250
last-modified: Wed, 12 Aug 2020 04:09:00 GMT
server: cloudflare
etag: "5f336b5c-5ad2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzPdPK7dPXQpoyOC7NLT6nHUZksRvbfESXj3GOiFO1HFTrBY%2FUGGnQlMEW5lDFtm2uPl82FhilEAHVE4XA68CJts2zMrpmcssulbAVZG%2B%2BAc6AfXOIPat62RFo2Mew5mXFW8qDKVDS0h2LDIv5e%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 687e2438fef02bf6-FRA
expires: Wed, 29 Sep 2021 21:27:35 GMT

Redirect headers

date: Wed, 01 Sep 2021 11:26:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xn9qyAe6m0rRt8e4%2B7K2WErJOX9SKF2KNpCTfsgembk8usQJZ6t3%2BnIq2%2B1d3ZG72cJvfnJxOzYnCdYxXwyR5AVv10BR%2Bep05vUstob3Y2bX40Tg1FN3WmKArxY0KFd6aBFiD5uBAh3JL9QnulkB"}],"group":"cf-nel","max_age":604800}
location: https://doithuong247.net/wp-content/uploads/2020/08/vn69-450x254.jpg
cache-control: max-age=3600
cf-ray: 687e2438ded64e43-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 01 Sep 2021 12:26:03 GMT

GET
H2

200

u=286915269,2829237799&fm=15&gp=0.jpg
ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/927769.jpg
https://ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/u=286915269,2829237799&fm=15&gp=0.jpg

9 KB
9 KB

704ms
704ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/u=286915269,2829237799&fm=15&gp=0.jpg
Requested by: Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 4f0432f85eb8e211c75fb8954e37c3a52e9cdd96113945b8c409025accfc90d3

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:57 GMT
ohc-cache-hit: fra01-sys-jomo4.fra01.baidu.com [1]
ohc-response-time: 1 0 298 298 685 685
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
etag: 7ed47cb21f42f76b1d5277838dff8b94
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8989
expires: Fri, 01 Oct 2021 21:25:57 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:25:57 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XsHaBEZ5rmb7dahWbAvVxaEO2PJdck1fclYpCtLm%2BFKioOfd21Lw25oP1rmnrLhsSABjlOPIfYPwvaMFgGWtOV9Tnu6ugxgouiJB3jMECEOCCtPqqHmKwPshVBiJfoSyFr2DokL7TVSMPnv34uBTmpU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss0.bdstatic.com/70cFuHSh_Q1YnxGkpoWK1HF6hhy/it/u=286915269,2829237799&fm=15&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e240e2e7bdfef-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=UA-148814799-1&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=UA-148814799-1&l=dataLayer&cx=c

101 KB
40 KB

29ms
29ms

Script
application/javascript

2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-148814799-1&l=dataLayer&cx=c

Requested by

Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3713c0dfe39321d3bc1a052163cc00087b95af1e33153a4abaf1101129fcf08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:25:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41284
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Sep 2021 11:25:55 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=UA-148814799-1&l=dataLayer&cx=c
Date: Wed, 01 Sep 2021 11:25:55 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 280
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=UA-148814799-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6816
date: Wed, 01 Sep 2021 09:32:19 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 01 Sep 2021 11:32:19 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1703356199&t=pageview&_s=1&dl=http%3A%2F%2Fwww.hpsbilling.com%2F&ul=en-us&de=UTF-8&dt=Nh%C3%A0%20c%C3%A1i%20AA88-link%20tai%20AA88%20cho%20ios%26apk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1981081362&gjid=139457336&cid=1673301226.1630495556&tid=UA-148814799-1&_gid=304686178.1630495556&_r=1&gtm=2ou8u0&z=1050543980

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 11:25:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.hpsbilling.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-148814799-1&cid=1673301226.1630495556&jid=1981081362&gjid=139457336&_gid=304686178.1630495556&_u=YEBAAUAAAAAAAC~&z=5736444

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 01 Sep 2021 11:25:55 GMT
content-type: text/plain
access-control-allow-origin: http://www.hpsbilling.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-148814799-1&cid=1673301226.1630495556&jid=1981081362&_u=YEBAAUAAAAAAAC~&z=1919395828

Requested by

Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 11:25:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
31ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-148814799-1&cid=1673301226.1630495556&jid=1981081362&_u=YEBAAUAAAAAAAC~&z=1919395828

Requested by

Host: www.hpsbilling.com
URL: http://www.hpsbilling.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 11:25:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

u=1348302927,358845761&fm=15&gp=0.jpg
ss2.bdstatic.com/70cFvnSh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/783867.jpg
https://ss2.bdstatic.com/70cFvnSh_Q1YnxGkpoWK1HF6hhy/it/u=1348302927,358845761&fm=15&gp=0.jpg

11 KB
11 KB

568ms
568ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss2.bdstatic.com/70cFvnSh_Q1YnxGkpoWK1HF6hhy/it/u=1348302927,358845761&fm=15&gp=0.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 050fe42ce802bdb436e4ed700afc0943f503a359d421cee52552e919dac9ea95

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:26:05 GMT
ohc-cache-hit: fra01-sys-jomo1.fra01.baidu.com [1]
ohc-response-time: 1 0 220 220 463 463
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
etag: a6cf5bdc364d326ed9ae1a832779a4a0
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 11013
expires: Fri, 01 Oct 2021 11:26:05 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:26:05 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXxX9ZoAPc7%2B8qbTLZzFNvEdOqeT%2FFLeCcpNhxL2%2FK4k0Pxm%2FAgT9U0U4PERiIgSU6NP6Gddl2FA%2FdH3DvMRZl1App6%2Ba2r2zJvIidEVi6YlC5YqLUEtqNR4E1kiNZ6%2BoO%2FpCA9JHEp928OFABYNiWI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss2.bdstatic.com/70cFvnSh_Q1YnxGkpoWK1HF6hhy/it/u=1348302927,358845761&fm=15&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e243ffb9e0621-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2

200

u=3260100056,3217963907&fm=26&gp=0.jpg
ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/666535.jpg
https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=3260100056,3217963907&fm=26&gp=0.jpg

39 KB
40 KB

21ms
21ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=3260100056,3217963907&fm=26&gp=0.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 08a248d6715e93fd7fea1f29d1d021f1f2fc1c7dbe0d369ad9510a45e94d0e20

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:26:05 GMT
ohc-cache-hit: fra01-sys-jomo4.fra01.baidu.com [4]
ohc-response-time: 1 0 0 0 0 0
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
age: 407069
etag: 8eab502db35a913b8c6dbcf04b06c89e
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 40295
expires: Sun, 26 Sep 2021 18:21:36 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:26:05 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPWjYwudE0A1mleHtFw9Y7lGCxNbXjCz7edm0z9LFEWYIudWVTrHc9jmGMKLFor%2B2u6g4n1UnAmF04XhT53jslujxDfquFC%2BwJs7kcCbAU3OUeNOLEk8xwSh%2BQoR6eg8%2FsiQXdwzdLoCLUQHDADOhMA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss3.bdstatic.com/70cFv8Sh_Q1YnxGkpoWK1HF6hhy/it/u=3260100056,3217963907&fm=26&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e243ffb6d0629-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29

200

gioi-thieu-trieu-van-ban-ca-450x254.jpg
doithuong247.net/wp-content/uploads/2020/09/
Redirect Chain

http://www.hpsbilling.com/uploads/images/812804.jpg
https://doithuong247.com/wp-content/uploads/2020/09/gioi-thieu-trieu-van-ban-ca-450x254.jpg
https://doithuong247.net/wp-content/uploads/2020/09/gioi-thieu-trieu-van-ban-ca-450x254.jpg

17 KB
18 KB

13ms
13ms

Image
image/jpeg

2606:4700:3035::ac43:8558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doithuong247.net/wp-content/uploads/2020/09/gioi-thieu-trieu-van-ban-ca-450x254.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:8558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49582475c53f10d5abb7226896c01567952a231aa295f806a0b6d6c16ee97698

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:26:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 114506
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 17413
last-modified: Wed, 09 Sep 2020 06:42:03 GMT
server: cloudflare
etag: "5f58793b-4405"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ni%2B80ZiDLZaGDiGIvAa20XGz4hFY8UNWF0%2Bn3swGCXogv30OtmzXhzSt8%2BiGqVEs6g06RKlCZRm48qo6xQaAnF29jv7WAknLM%2Bzdepg%2B%2Bpyhx3%2FZlSBLk%2BOxa9u8hx7w1OXuryF3%2FHQUbJufC0jX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 687e244239042bf6-FRA
expires: Thu, 30 Sep 2021 03:34:20 GMT

Redirect headers

date: Wed, 01 Sep 2021 11:26:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCQo4u0QQVs0JP9M3q4%2BKSytDhcsfitVUHXI4P7LxjO6y%2Fhi2oPVQCdAiYXxio9OKL2%2BeRtweLdzh5RC8leNi9qDGSGcX36pMMi%2FMct1NPcy7ROmMOkkJ9cDy6fwqutMkUd1TO5k9%2FD9fF3DP3S6"}],"group":"cf-nel","max_age":604800}
location: https://doithuong247.net/wp-content/uploads/2020/09/gioi-thieu-trieu-van-ban-ca-450x254.jpg
cache-control: max-age=3600
cf-ray: 687e24421af34e43-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 01 Sep 2021 12:26:05 GMT

GET
H2

200

u=2803538549,80761131&fm=15&gp=0.jpg
ss2.bdstatic.com/70cFvnSh_Q1YnxGkpoWK1HF6hhy/it/
Redirect Chain

http://www.hpsbilling.com/uploads/images/219593.jpg
https://ss2.bdstatic.com/70cFvnSh_Q1YnxGkpoWK1HF6hhy/it/u=2803538549,80761131&fm=15&gp=0.jpg

60 KB
61 KB

240ms
240ms

Image
image/jpeg

185.10.104.110
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ss2.bdstatic.com/70cFvnSh_Q1YnxGkpoWK1HF6hhy/it/u=2803538549,80761131&fm=15&gp=0.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.110 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 0f0854be18a8a69306ac8105c0b59c7cf7dc1d5d9f35aef142d7e25cd8d19855

Request headers

Referer: http://www.hpsbilling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 11:26:05 GMT
ohc-cache-hit: fra01-sys-jomo3.fra01.baidu.com [1]
ohc-response-time: 1 0 0 0 219 219
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: JSP3/2.0.14
etag: 96a0dd6b16b420e4a2a1c2e1754a82a1
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 61894
expires: Fri, 01 Oct 2021 11:26:05 GMT

Redirect headers

Date: Wed, 01 Sep 2021 11:26:05 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3ZTUIKkViEYVCA38kO8jxRir%2BRqLRUPnXdvzzaOOh0exl9HLPoJiJGG24gKQNZ1%2FgUwOEc7Wo08cCTBplICgwYiZrZDdgDKaZ3bu9%2FGbXTGtGKAP5vzbRU6jksapdEVUd%2FwWvOJOyVbRh%2FepRW6aqg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpg; charset=UTF-8
location: https://ss2.bdstatic.com/70cFvnSh_Q1YnxGkpoWK1HF6hhy/it/u=2803538549,80761131&fm=15&gp=0.jpg
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 687e243ffb755c08-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://www.hpsbilling.com/template/dailynhacai/link/static1/js/aa289.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

doithuong247.com
doithuong247.net
gamebainohu.info
gamebainohu.org
hpsbilling.com
ss0.bdstatic.com
ss1.bdstatic.com
ss2.bdstatic.com
ss3.bdstatic.com
stats.g.doubleclick.net
www.baidu.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.hpsbilling.com
103.235.46.39
185.10.104.110
2606:4700:3031::6815:111f
2606:4700:3031::ac43:8815
2606:4700:3035::ac43:8558
2606:4700:3035::ac43:ca67
2606:4700:3037::6815:474
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2008
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c09::9a
050fe42ce802bdb436e4ed700afc0943f503a359d421cee52552e919dac9ea95
08a248d6715e93fd7fea1f29d1d021f1f2fc1c7dbe0d369ad9510a45e94d0e20
0a63789b3c3d8170ab04c45b638ef0b226ad11fe33cb569968064368b1c30948
0eb317818062fdf512865426c64c4333b43a76c5b330d290743be89a1d6d5c56
0f0854be18a8a69306ac8105c0b59c7cf7dc1d5d9f35aef142d7e25cd8d19855
147808b993d4ec86983523fb2cc73d22dcbb13237d6ca6b4218a6f25725cf751
1e5edf0e1fac603dd24bdbc127f8b9b62f1c21af4e9bae9c481544d0901a1a39
295b0baf13135d5629b98d263dd9b8bb4e9676e3adae21904cf37934c0d8295b
2b32e34618ef6154de6e4c9cafa80225cf66831ea64f805878fc554f28d258be
2d7ea4282a22486453f2a101f01bfd511136672c6aec7c1bf232355745a6a59a
2fc5ace475076f454c946a32e61011a7b8b0ab6fadfb98a73756906b94a5588d
37cdda2e4e798a3686b96ee10c470ca6cc293263a76ccaf6eea15b587c47f935
38a45cc44b1ec9fb74fa0ac87e75eb0da8dd3c96e6ff208c6c23819a95d96302
3a7b8239ce0a0b920b11873bb426a8045a55d8484d34ef5dd96cb6c1240efaac
3cc49fc5ded58b415e3f3fd2f07cff4f18da9e1e09602b5085fcd3f0cc85a486
49582475c53f10d5abb7226896c01567952a231aa295f806a0b6d6c16ee97698
4a3a7a0e5543a0639b9fba44677311fd76a9f4060002c0a6577a227c31aeed30
4c22a21c8302e34a656e8a42e6708abff246e839195848b8c04a371f43a7b4d7
4f0432f85eb8e211c75fb8954e37c3a52e9cdd96113945b8c409025accfc90d3
5fce10587cf2a03e04d8de295253cbba7265aa1420c08ba7ac792f31520fed00
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60e7273f2df60734add987345f311b509a0f713040a2ad011432157756fab182
6820083a847fdc2d119421ab0ef8b02c41e516f3d8352ca3c83f6e48aff1d33e
7036d3d76db318d76bbc71f1e34256ef291162aedd90df93b5a6244b08b11abe
70c6c2434a772f159d1d9f92f791b716b98a1d53cec887eaf29e4b0c535e33ac
7697fa5f9fb5c811aa9f9d1d0e3ffc786a3e86ea1dc4b65d02405774299508ea
78fea1b849a96add9919e9969ea71462b5a5f4d78f353f9fec0dd620ecc7d759
79701566879b9d4b243b5e3f08b14b2faad436399b3058972e1c60786a09e158
821f9e3b86f9f1ca7a364e450fb896e6ca967081bf3c38feff4d918661f4df7f
836224fd4d4053edf742eff2c55190e4aa449b929a804a01a319efac2518f376
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8fb2d6ccdd43a137bf2479994b5b67f3ee1ab738b91c5238ef6634196c4216b6
9692242fa3aeebd0028977916c7492cad191e743b5648baddfc62f8f3738e64a
985409dec0061166dcd838c0ba15e08e9e6bbdd694f5976949438de310a108d4
9a032947a49d5b1da65f3de37a9978d985ed7562386419d4efae0c7c21bc936f
a0b9f5d44475da5ad49b2ba16d56ac40c3372d840da28ddc6299a762caee043f
a265e3cfe2570404e2862e6c47ce150dcfdab02af21add6587a6138e27e7f4f0
a3f3877aa0282814f5393ad493097eaded65e18cdc6fbbc32fcb67489b90d142
a6aefe4c6c646df8c3af0ccbfe355040dd125d1cca3567bb38817bf1f6dd558b
a7e534de68c516506b7ec7b22398ae0cd0d1648fff1ccbbcb5a1be49fea289e6
ab2ee2edb9a1285bd466bacd23429083b24bf424b6320bf5053d157c334408fd
ad1ffa5ec5223e7767dfc2d7c63c7eee02709a12c3da061d2358f4d509d3c3ab
af13eafde310925a092fc88b3f9e31e9ff41d4734ee89676d0655696339f8402
c0d89d3e5e0775fbc82faf3a4e2f7c1ac799b2322d2e1656c4c0d7855d17b057
c16395917568c0144d6ab94fd72796e4f4b35bdc3d075177a5fbb37ec53fe23a
c3f0469588fde10fdf1d8dddf9ed2bcb6abddac80347da5d6fd83b1db3679562
c40ed0a48ca284ad7c9fa2db6a2062053de70155e6e2e8b7d88237a65b805cf1
c8218e9474b1e8001f48c7a7a44cac9a3c74d4ece3e4c22684668afa9040b0c7
cbce4058a1dcc80e58581fbe61d95eebbe7fa3ceaf87243175ea115351ac80bb
d3713c0dfe39321d3bc1a052163cc00087b95af1e33153a4abaf1101129fcf08
d3d5d431ccd16d8a97066021b3134a310c8f9492086d039dc76b613dacdb6668
dc7491e2634c12610fc47c0285fd66668e6f2055f7d98524e74fe4f16add38d8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de59808b3b761e69fa4cd3e864bf51a24c30a6fc3f6f6830a54cb961c7b7f01f
dfa6a2b875d94feb19c152ba533a1681aeae2bbee2c25e0e5198048598646bf9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f805c00627973c74a257e73ec14139bf60cc29d58fd1aae608dc6c4e5a0f4cf5
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ffa95caa0e0ae5e656196b1cbb9eac344b3d38d64e88a0e84511af4bee4a8985

www.hpsbilling.com Open in urlscan Pro 2606:4700:3035::ac43:ca67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

75 %HTTPS

83 %IPv6

12 Domains

16 Subdomains

11 IPs

4 Countries

2745 kBTransfer

3541 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.hpsbilling.com Open in urlscan Pro
2606:4700:3035::ac43:ca67 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

75 %
HTTPS

83 %
IPv6

12
Domains

16
Subdomains

11
IPs

4
Countries

2745 kB
Transfer

3541 kB
Size

0
Cookies

61 HTTP transactions
1 data transactions