urlscan.io logo urlscan.io
SecurityTrails logo

lehu998234.com Open in urlscan Pro
2405:1c0:6712:768:a8a8:e247:f05c:208  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://oklehu.com/
Effective URL: https://lehu998234.com:6899/
Submission: On April 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 6 domains to perform 50 HTTP transactions. The main IP is 2405:1c0:6712:768:a8a8:e247:f05c:208, located in Malaysia and belongs to EAGLENET-AP 60 Market Square,P.O. Box 364, PH. The main domain is lehu998234.com.
TLS certificate: Issued by bb-in on October 28th 2014. Valid for: 10 years.
This is the only time lehu998234.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 103.142.147.235 135581 (ONL-HK-AS...)
1 116.162.204.155 4837 (CHINA169-...)
1 18.205.222.128 14618 (AMAZON-AES)
3 2405:1c0:6712... 55303 (EAGLENET-...)
2 2a00:1450:400... 15169 (GOOGLE)
14 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
50 8
2    103.142.147.235 (Hong Kong)

ASN135581 (ONL-HK-AS 19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong, HK)
oklehu.com
1    116.162.204.155 (Changsha, China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
lf26-cdn-tos.bytecdntp.com
1    18.205.222.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-222-128.compute-1.amazonaws.com
6436bae73e4d2b4a12da299b.mockapi.io
3    2405:1c0:6712:768:a8a8:e247:f05c:208 (Malaysia)

ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH)
lehu998234.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
14    2606:4700::6812:aa2 (United States)

ASN13335 (CLOUDFLARENET, US)
g1.cfvn66.com
3    2606:4700::6812:ba2 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cfvn66.com
Apex Domain
Subdomains		 Transfer
17 cfvn66.com
g1.cfvn66.com
cdn.cfvn66.com
64 KB
3 lehu998234.com
lehu998234.com
8 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
119 KB
2 oklehu.com
oklehu.com
27 KB
1 mockapi.io
6436bae73e4d2b4a12da299b.mockapi.io
2 KB
1 bytecdntp.com
lf26-cdn-tos.bytecdntp.com — Cisco Umbrella Rank: 208424
31 KB
50 6
Domain Requested by
14 g1.cfvn66.com lehu998234.com
g1.cfvn66.com
3 cdn.cfvn66.com lehu998234.com
3 lehu998234.com oklehu.com
lehu998234.com
2 www.googletagmanager.com lehu998234.com
2 oklehu.com
1 6436bae73e4d2b4a12da299b.mockapi.io lf26-cdn-tos.bytecdntp.com
1 lf26-cdn-tos.bytecdntp.com oklehu.com
50 7

This site contains no links.

Subject Issuer Validity Valid
oklehu.com
R3		 2024-04-12 -
2024-07-11		 3 months crt.sh
*.bytecdntp.com
RapidSSL TLS RSA CA G1		 2023-06-30 -
2024-06-28		 a year crt.sh
*.mockapi.io
R3		 2024-02-26 -
2024-05-26		 3 months crt.sh
bb-in
bb-in		 2014-10-28 -
2024-10-25		 10 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.cfvn66.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-27 -
2024-10-27		 a year crt.sh

This page contains 3 frames:

Primary Page: https://lehu998234.com:6899/
Frame ID: DFD4A2AC8EFC93A756F7D8529E85723C
Requests: 8 HTTP requests in this frame

Frame: https://lehu998234.com:6899/entrance/page/soya?ni=1
Frame ID: 9F821CF155E86BD25BA205A99EBD35A1
Requests: 39 HTTP requests in this frame

Frame: https://lehu998234.com:6899/app/member/upupFlash.php?uid=
Frame ID: 75B3A650BBCB646D67000A5226111DCD
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

δΉθ™Žι›†ε›’

Page URL History Show full URLs

  1. https://oklehu.com/ Page URL
  2. http://lehu998234.com:6899/ HTTP 307
    https://lehu998234.com:6899/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

46 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

8
IPs

5
Countries

256 kB
Transfer

748 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://oklehu.com/ Page URL
  2. http://lehu998234.com:6899/ HTTP 307
    https://lehu998234.com:6899/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
oklehu.com/ 		60 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oklehu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.142.147.235 , Hong Kong, ASN135581 (ONL-HK-AS 19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong, HK),
Reverse DNS
Software
Apache /
Resource Hash
1c9b395b87c3efdbf4da7db92212ba519941c095e6b5676279692bdd5bdd563c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
26975
content-type
text/html
date
Fri, 12 Apr 2024 13:26:28 GMT
etag
"f0c7-6156debef35b2-gzip"
last-modified
Sat, 06 Apr 2024 13:55:14 GMT
server
Apache
vary
Accept-Encoding
jquery.min.js
lf26-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf26-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/jquery.min.js
Requested by
Host: oklehu.com
URL: https://oklehu.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.162.204.155 Changsha, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
openresty /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oklehu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Fri, 12 Apr 2024 13:26:31 GMT
content-encoding
gzip
via
CHN-HNchangsha-CUCC11-CACHE9[10],CHN-HNchangsha-CUCC11-CACHE1[0,TCP_HIT,0],CHN-HNchangsha-GLOBAL1-CACHE31[4],CHN-HNchangsha-GLOBAL1-CACHE53[0,TCP_HIT,2],CHN-HEshijiazhuang-GLOBAL1-CACHE14[4],CHN-HEshijiazhuang-GLOBAL1-CACHE53[0,TCP_HIT,3]
x-ccdn-cachettl
2592000
x-tt-trace-tag
id=26;cdn-cache=hit;type=static
x-tt-trace-id
00-240322210359E66F5BC7E25484FEFC62-1E17DC9B5C7BCB87-00
age
125147
server-timing
inner; dur=14
content-length
30947
last-modified
Sun, 24 Apr 2022 19:10:58 GMT
server
openresty
x-tt-logid
20240322210359E66F5BC7E25484FEFC62
etag
W/"6265a0c2-15d9d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-expires
2466933
x-tt-trace-host
0132282f38d0d6a06593c83275c4424f6e3660b047b3583ff6dec1a8361084971d513193c9066fa0b9908ac770de6b651b2038ae2bd7d7196edec034111fc7919c479b4cf73971599e428f56242f953417584b68d6252b2609620f0135688fb9f9
x-response-cinfo
80.255.7.119
accept-ranges
bytes
timing-allow-origin
*
x-response-cache
edge_hit
x-hcs-proxy-type
1
expires
Sun, 21 Apr 2024 13:05:50 GMT
get
6436bae73e4d2b4a12da299b.mockapi.io/lehu4/ 		755 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://6436bae73e4d2b4a12da299b.mockapi.io/lehu4/get
Requested by
Host: lf26-cdn-tos.bytecdntp.com
URL: https://lf26-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.205.222.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-222-128.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
890e3f3ca7a72ec44a19785aa33511d46de5ec6ffebfa9b3ce4259ed039a5fb0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://oklehu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 12 Apr 2024 13:26:33 GMT
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server
Cowboy
X-Powered-By
Express
Etag
"-838593729"
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1712928393&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=2gPJXiSUfhivUvg8ISegSi3laXhwxYMgRwUzuSbMw0g%3D"}]}
Access-Control-Allow-Origin
*
Content-Type
application/json
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Cache-Control,access_token
Content-Length
755
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1712928393&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=2gPJXiSUfhivUvg8ISegSi3laXhwxYMgRwUzuSbMw0g%3D
truncated
/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3b812720c532be020fff8ed451ce81c5bdcad52993cf88b0e0385fbdae1b2bd

Request headers

Referer
Origin
https://oklehu.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
application/octet-stream
favicon.ico
oklehu.com/ 		257 B
330 B 		Other
General
Check archive.org
Download Go to
Full URL
https://oklehu.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.142.147.235 , Hong Kong, ASN135581 (ONL-HK-AS 19 Chun Wang Street, Tseung Kwan O Industrial Estate, N.T. Hong Kong, HK),
Reverse DNS
Software
Apache /
Resource Hash
fa96c16e1ab74d30b64f324b63e6d8d38cb17b9eb8ce1a05c126f2fa0b9c8cd3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://oklehu.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 13:26:33 GMT
server
Apache
content-length
257
content-type
text/html; charset=iso-8859-1
Primary Request /
lehu998234.com/
Redirect Chain
  • http://lehu998234.com:6899/
  • https://lehu998234.com:6899/
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lehu998234.com:6899/
Requested by
Host: oklehu.com
URL: https://oklehu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2405:1c0:6712:768:a8a8:e247:f05c:208 , Malaysia, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
nginx CK6u06Vu4 /
Resource Hash
6d15e215a71251f9fcde3cc6bf65994ad1df00a4739c8839eac6fa008bfa3075

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 12 Apr 2024 13:26:35 GMT
server
nginx CK6u06Vu4
vary
Accept-Encoding

Redirect headers

Location
https://lehu998234.com:6899/
Non-Authoritative-Reason
HttpsUpgrades
js
www.googletagmanager.com/gtag/ 		122 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: lehu998234.com
URL: https://lehu998234.com:6899/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
782b52a15ddcee5d103d910f351fb5e22623202ca9fd38c0e8c460112078a4a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lehu998234.com:6899/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 13:26:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47742
x-xss-protection
0
last-modified
Fri, 12 Apr 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Apr 2024 13:26:35 GMT
gtm.js
www.googletagmanager.com/ 		206 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5PQDSQV
Requested by
Host: lehu998234.com
URL: https://lehu998234.com:6899/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8ff9ec767503c194fb4ebe943c5f24d5aeae00b80d44119be0576e9020e688f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lehu998234.com:6899/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 13:26:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73393
x-xss-protection
0
last-modified
Fri, 12 Apr 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Apr 2024 13:26:35 GMT
soya
lehu998234.com/entrance/page/ Frame 9F82 		88 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://lehu998234.com:6899/entrance/page/soya?ni=1
Requested by
Host: lehu998234.com
URL: https://lehu998234.com:6899/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2405:1c0:6712:768:a8a8:e247:f05c:208 , Malaysia, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
nginx CK6u06Vu4 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://lehu998234.com:6899/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 12 Apr 2024 13:26:35 GMT
server
nginx CK6u06Vu4
vary
Accept-Encoding
upupFlash.php
lehu998234.com/app/member/ Frame 75B3 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lehu998234.com:6899/app/member/upupFlash.php?uid=
Requested by
Host: lehu998234.com
URL: https://lehu998234.com:6899/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2405:1c0:6712:768:a8a8:e247:f05c:208 , Malaysia, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
nginx CK6u06Vu4 /
Resource Hash
7ebe994a4c04af7352aea17058e6f05f371f4f918a93d3c28583b0323f99faa3

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://lehu998234.com:6899/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 12 Apr 2024 13:26:35 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx CK6u06Vu4
vary
Accept-Encoding
jquery-1.7.2.min.js
lehu998234.com/cl/js/ Frame 75B3 		0
0
plugins.min.js
lehu998234.com/cl/js/plugin/ Frame 75B3 		0
0
bootstrap-notify.js
lehu998234.com/cl/js/tools/ Frame 75B3 		0
0
common.min.css
g1.cfvn66.com/cl/tpl/template/style/ Frame 9F82 		2 KB
943 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g1.cfvn66.com/cl/tpl/template/style/common.min.css?v=ver28.237
Requested by
Host: lehu998234.com
URL: https://lehu998234.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c37ce466abeb200225cab59f6820623e3cd3136bdd086c45d9dd0add0a23cd48
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lehu998234.com:6899/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 13:26:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
958
last-modified
Tue, 14 Mar 2023 07:10:25 GMT
server
cloudflare
etag
W/"64101de1-83d"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
timing-allow-origin
*
cf-ray
87338c8ba9f63687-FRA
expires
Sat, 12 Apr 2025 13:26:36 GMT
sands999.css
g1.cfvn66.com/cl/tpl/sands999/ver2/css/ Frame 9F82 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g1.cfvn66.com/cl/tpl/sands999/ver2/css/sands999.css?v=ver28.237
Requested by
Host: lehu998234.com
URL: https://lehu998234.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44fb89757dbf1fc444aad59a7efb40269c871c5cf374faf1aee1afade18c0799
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lehu998234.com:6899/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 13:26:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
958
cf-polished
origSize=26697
cf-bgj
minify
last-modified
Tue, 14 Mar 2023 07:08:09 GMT
server
cloudflare
etag
W/"64101d59-6849"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
timing-allow-origin
*
cf-ray
87338c8ba9f83687-FRA
expires
Sat, 12 Apr 2025 13:26:36 GMT
jquery-1.7.2.min.js
g1.cfvn66.com/cl/js/ Frame 9F82 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g1.cfvn66.com/cl/js/jquery-1.7.2.min.js?v=ver28.237
Requested by
Host: lehu998234.com
URL: https://lehu998234.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lehu998234.com:6899/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 13:26:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
958
last-modified
Tue, 14 Mar 2023 07:04:19 GMT
server
cloudflare
etag
W/"64101c73-1727a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
timing-allow-origin
*
cf-ray
87338c8ba9fc3687-FRA
expires
Sat, 12 Apr 2025 13:26:36 GMT
plugins.min.js
g1.cfvn66.com/cl/js/plugin/ Frame 9F82 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g1.cfvn66.com/cl/js/plugin/plugins.min.js?v=ver28.237
Requested by
Host: lehu998234.com
URL: https://lehu998234.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8069c36602f383c1b202f85c6a080f5a4776687304d6ac5d1297574c38e78aea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lehu998234.com:6899/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 13:26:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
958
last-modified
Fri, 05 Jan 2024 11:17:56 GMT
server
cloudflare
etag
W/"6597e564-397f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
timing-allow-origin
*
cf-ray
87338c8ba9fd3687-FRA
expires
Sat, 12 Apr 2025 13:26:36 GMT
common.min.js
g1.cfvn66.com/cl/js/ Frame 9F82 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g1.cfvn66.com/cl/js/common.min.js?v=ver28.237
Requested by
Host: lehu998234.com
URL: https://lehu998234.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f71148aa2505321fb1dab563f1ce478eabb6ffae2a38204790626a5ce4b6f3c8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lehu998234.com:6899/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 13:26:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
957
last-modified
Tue, 14 Mar 2023 07:04:19 GMT
server
cloudflare
etag
W/"64101c73-443e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
timing-allow-origin
*
cf-ray
87338c8ba9fb3687-FRA
expires
Sat, 12 Apr 2025 13:26:36 GMT
upup.min.js
g1.cfvn66.com/cl/js/tools/ Frame 9F82 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g1.cfvn66.com/cl/js/tools/upup.min.js?v=ver28.237
Requested by
Host: lehu998234.com
URL: https://lehu998234.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c807b957eee70e526264456458aef0723834a063542897522ed483629409d57
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lehu998234.com:6899/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 13:26:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
958
last-modified
Tue, 14 Mar 2023 07:04:19 GMT
server
cloudflare
etag
W/"64101c73-d30"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
timing-allow-origin
*
cf-ray
87338c8ba9fa3687-FRA
expires
Sat, 12 Apr 2025 13:26:36 GMT
167273917445.gif
cdn.cfvn66.com/tpl/1684/1880374/images/ Frame 9F82 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1684/1880374/images/167273917445.gif
Requested by
Host: lehu998234.com
URL: https://lehu998234.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53080df2ed45378afde76cfb0f431d8176e954a2aebf8d712974657368278708
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lehu998234.com:6899/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 13:26:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
750908
content-length
1974
last-modified
Tue, 03 Jan 2023 09:46:14 GMT
server
cloudflare
etag
"63b3f966-7b6"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-ray
87338c8bba862bb8-FRA
expires
Sat, 12 Apr 2025 13:26:36 GMT
167386743589.gif
cdn.cfvn66.com/tpl/1684/1884913/images/ Frame 9F82 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1684/1884913/images/167386743589.gif
Requested by
Host: lehu998234.com
URL: https://lehu998234.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7b6d5d6615da33c7dc575bb78d40579870f543b66c7aa7db1272a7fa6d4c4dc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lehu998234.com:6899/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 13:26:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
45952
content-length
1918
last-modified
Mon, 16 Jan 2023 11:10:35 GMT
server
cloudflare
etag
"63c530ab-77e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-ray
87338c8bba882bb8-FRA
expires
Sat, 12 Apr 2025 13:26:36 GMT
167386744707.gif
cdn.cfvn66.com/tpl/1684/1884913/images/ Frame 9F82 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1684/1884913/images/167386744707.gif
Requested by
Host: lehu998234.com
URL: https://lehu998234.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7b6d5d6615da33c7dc575bb78d40579870f543b66c7aa7db1272a7fa6d4c4dc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lehu998234.com:6899/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 13:26:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
644499
content-length
1918
last-modified
Mon, 16 Jan 2023 11:10:47 GMT
server
cloudflare
etag
"63c530b7-77e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-ray
87338c8c0ae02bb8-FRA
expires
Sat, 12 Apr 2025 13:26:36 GMT
bg02_x.jpg
g1.cfvn66.com/cl/tpl/sands999/ver2/image/ Frame 9F82 		332 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.cfvn66.com/cl/tpl/sands999/ver2/image/bg02_x.jpg
Requested by
Host: g1.cfvn66.com
URL: https://g1.cfvn66.com/cl/tpl/sands999/ver2/css/sands999.css?v=ver28.237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13df12e64e31464604e85cc11c6d9a3082f10bd4e9e4107d2bebcfb031133ee0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://g1.cfvn66.com/cl/tpl/sands999/ver2/css/sands999.css?v=ver28.237
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 13:26:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
957
content-length
332
cf-bgj
h2pri
last-modified
Tue, 14 Mar 2023 07:08:09 GMT
server
cloudflare
etag
"64101d59-14c"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87338c8c2a783687-FRA
expires
Sat, 12 Apr 2025 13:26:36 GMT
lang_bg.png
g1.cfvn66.com/cl/tpl/sands999/ver2/image/ Frame 9F82 		252 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.cfvn66.com/cl/tpl/sands999/ver2/image/lang_bg.png
Requested by
Host: g1.cfvn66.com
URL: https://g1.cfvn66.com/cl/tpl/sands999/ver2/css/sands999.css?v=ver28.237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a0134c966cd4e85f3e11b55bf26685f6e237fac49cbedc6bcca44068ce6ad75
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://g1.cfvn66.com/cl/tpl/sands999/ver2/css/sands999.css?v=ver28.237
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 13:26:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
957
content-length
252
last-modified
Tue, 14 Mar 2023 07:08:09 GMT
server
cloudflare
etag
"64101d59-fc"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87338c8c2a793687-FRA
expires
Sat, 12 Apr 2025 13:26:36 GMT
lang_rect_c.png
g1.cfvn66.com/cl/tpl/template/images/element/ Frame 9F82 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.cfvn66.com/cl/tpl/template/images/element/lang_rect_c.png?v=ver28.237
Requested by
Host: lehu998234.com
URL: https://lehu998234.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dc3bcfaa1595b9cf913bc4ff3e20d8074fb0b1e3b0014cd8ecb7901ed1f924e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lehu998234.com:6899/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 13:26:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
957
content-length
2301
last-modified
Tue, 14 Mar 2023 07:09:49 GMT
server
cloudflare
etag
"64101dbd-8fd"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87338c8c2a7b3687-FRA
expires
Sat, 12 Apr 2025 13:26:36 GMT
input_bg01.png
g1.cfvn66.com/cl/tpl/sands999/ver2/image/ Frame 9F82 		355 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.cfvn66.com/cl/tpl/sands999/ver2/image/input_bg01.png
Requested by
Host: g1.cfvn66.com
URL: https://g1.cfvn66.com/cl/tpl/sands999/ver2/css/sands999.css?v=ver28.237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ffe9d985960e3cc76ac9736dd3986267cfd7a7e5b681d8f9d0159575f91a40d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://g1.cfvn66.com/cl/tpl/sands999/ver2/css/sands999.css?v=ver28.237
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 13:26:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
957
content-length
355
last-modified
Tue, 14 Mar 2023 07:08:09 GMT
server
cloudflare
etag
"64101d59-163"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87338c8c2a7c3687-FRA
expires
Sat, 12 Apr 2025 13:26:36 GMT
input_bg02.png
g1.cfvn66.com/cl/tpl/sands999/ver2/image/ Frame 9F82 		343 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.cfvn66.com/cl/tpl/sands999/ver2/image/input_bg02.png
Requested by
Host: g1.cfvn66.com
URL: https://g1.cfvn66.com/cl/tpl/sands999/ver2/css/sands999.css?v=ver28.237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a947b3f339811f86dd94b035cecabf884846555fdf25351607ed7897bbde800
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://g1.cfvn66.com/cl/tpl/sands999/ver2/css/sands999.css?v=ver28.237
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 13:26:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
957
content-length
343
last-modified
Tue, 14 Mar 2023 07:08:09 GMT
server
cloudflare
etag
"64101d59-157"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87338c8c2a7d3687-FRA
expires
Sat, 12 Apr 2025 13:26:36 GMT
white.png
g1.cfvn66.com/cl/tpl/template/images/element/password_icon/ Frame 9F82 		494 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.cfvn66.com/cl/tpl/template/images/element/password_icon/white.png?v=ver28.237
Requested by
Host: lehu998234.com
URL: https://lehu998234.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78ac98112d8d59aac10289321739e3dabc130d43ccc0249f35578d8ac995e61d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lehu998234.com:6899/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 13:26:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
957
content-length
494
last-modified
Tue, 14 Mar 2023 07:10:10 GMT
server
cloudflare
etag
"64101dd2-1ee"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87338c8c2a7e3687-FRA
expires
Sat, 12 Apr 2025 13:26:36 GMT
btn_login.png
g1.cfvn66.com/cl/tpl/sands999/ver2/image/lang/zh-cn/ Frame 9F82 		690 B
781 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.cfvn66.com/cl/tpl/sands999/ver2/image/lang/zh-cn/btn_login.png?v=ver28.237
Requested by
Host: lehu998234.com
URL: https://lehu998234.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7219d613dd785d2bce74a5113eb860d0b1b5a0c212e1213049dda4a05bc5cf6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lehu998234.com:6899/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 13:26:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
956
content-length
690
last-modified
Tue, 14 Mar 2023 07:08:09 GMT
server
cloudflare
etag
"64101d59-2b2"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87338c8c2a7f3687-FRA
expires
Sat, 12 Apr 2025 13:26:36 GMT
btn_joinus.png
g1.cfvn66.com/cl/tpl/sands999/ver2/image/lang/zh-cn/ Frame 9F82 		663 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g1.cfvn66.com/cl/tpl/sands999/ver2/image/lang/zh-cn/btn_joinus.png?v=ver28.237
Requested by
Host: lehu998234.com
URL: https://lehu998234.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:aa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bea60a31a140ddaf5fac49d926a85b4eb90ad0b1c8654e4e950f64587df6a9f0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lehu998234.com:6899/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 13:26:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
956
content-length
663
last-modified
Tue, 14 Mar 2023 07:08:09 GMT
server
cloudflare
etag
"64101d59-297"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
n-dc
wfdgmy6bbk39
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87338c8c2a803687-FRA
expires
Sat, 12 Apr 2025 13:26:36 GMT
167273899578.gif
cdn.cfvn66.com/tpl/1684/1880374/images/ Frame 9F82 		0
0
167273936580.gif
cdn.cfvn66.com/tpl/1684/1880377/images/ Frame 9F82 		0
0
163608894692.jpg
cdn.cfvn66.com/tpl/1684/1726169/images/ Frame 9F82 		0
0
170685185805.jpg
cdn.cfvn66.com/tpl/1684/2003554/images/ Frame 9F82 		0
0
168120754287.jpg
cdn.cfvn66.com/tpl/1684/1909956/images/ Frame 9F82 		0
0
167567549973.jpg
cdn.cfvn66.com/tpl/1684/1890288/images/ Frame 9F82 		0
0
165174971333.jpg
cdn.cfvn66.com/tpl/1684/1795328/images/ Frame 9F82 		0
0
165622009500.jpg
cdn.cfvn66.com/tpl/1684/1813411/images/ Frame 9F82 		0
0
165252819835.jpg
cdn.cfvn66.com/tpl/1684/1798894/images/ Frame 9F82 		0
0
163212368319.jpg
cdn.cfvn66.com/tpl/1684/1702145/images/ Frame 9F82 		0
0
161734127278.jpg
cdn.cfvn66.com/tpl/1684/1625058/images/ Frame 9F82 		0
0
161122361279.jpg
cdn.cfvn66.com/tpl/1684/1587929/images/ Frame 9F82 		0
0
160249119178.png
cdn.cfvn66.com/tpl/1684/1523181/images/ Frame 9F82 		0
0
160094298393.jpg
cdn.cfvn66.com/tpl/1684/1510322/images/ Frame 9F82 		0
0
168430858113.jpg
cdn.cfvn66.com/tpl/1684/1923000/images/ Frame 9F82 		0
0
TweenMax.min.js
g1.cfvn66.com/cl/js/slideshow/ Frame 9F82 		0
0
tween.slideshow.js
g1.cfvn66.com/cl/js/tools/ Frame 9F82 		0
0
qrcode_a.png
g1.cfvn66.com/web/static/image/element/info/aio-download/lang/zh-cn/ Frame 9F82 		0
0
completeness.png
lehu998234.com/cl/tpl/sands999/ver2/image/ Frame 9F82 		0
0
icon_down_light.png
g1.cfvn66.com/cl/tpl/template/images/element/ Frame 9F82 		0
0
logo.png
g1.cfvn66.com/cl/tpl/sands999/ver2/image/ Frame 9F82 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lehu998234.com
URL
https://lehu998234.com:6899/cl/js/jquery-1.7.2.min.js
Domain
lehu998234.com
URL
https://lehu998234.com:6899/cl/js/plugin/plugins.min.js
Domain
lehu998234.com
URL
https://lehu998234.com:6899/cl/js/tools/bootstrap-notify.js?v=1712928395
Domain
cdn.cfvn66.com
URL
https://cdn.cfvn66.com/tpl/1684/1880374/images/167273899578.gif
Domain
cdn.cfvn66.com
URL
https://cdn.cfvn66.com/tpl/1684/1880377/images/167273936580.gif
Domain
cdn.cfvn66.com
URL
https://cdn.cfvn66.com/tpl/1684/1726169/images/163608894692.jpg?1550886
Domain
cdn.cfvn66.com
URL
https://cdn.cfvn66.com/tpl/1684/2003554/images/170685185805.jpg?1550886
Domain
cdn.cfvn66.com
URL
https://cdn.cfvn66.com/tpl/1684/1909956/images/168120754287.jpg?1550886
Domain
cdn.cfvn66.com
URL
https://cdn.cfvn66.com/tpl/1684/1890288/images/167567549973.jpg?1550886
Domain
cdn.cfvn66.com
URL
https://cdn.cfvn66.com/tpl/1684/1795328/images/165174971333.jpg?1550886
Domain
cdn.cfvn66.com
URL
https://cdn.cfvn66.com/tpl/1684/1813411/images/165622009500.jpg?1550886
Domain
cdn.cfvn66.com
URL
https://cdn.cfvn66.com/tpl/1684/1798894/images/165252819835.jpg?1550886
Domain
cdn.cfvn66.com
URL
https://cdn.cfvn66.com/tpl/1684/1702145/images/163212368319.jpg?1550886
Domain
cdn.cfvn66.com
URL
https://cdn.cfvn66.com/tpl/1684/1625058/images/161734127278.jpg?1550886
Domain
cdn.cfvn66.com
URL
https://cdn.cfvn66.com/tpl/1684/1587929/images/161122361279.jpg?1550886
Domain
cdn.cfvn66.com
URL
https://cdn.cfvn66.com/tpl/1684/1523181/images/160249119178.png?1550886
Domain
cdn.cfvn66.com
URL
https://cdn.cfvn66.com/tpl/1684/1510322/images/160094298393.jpg?1550886
Domain
cdn.cfvn66.com
URL
https://cdn.cfvn66.com/tpl/1684/1923000/images/168430858113.jpg?1550886
Domain
g1.cfvn66.com
URL
https://g1.cfvn66.com/cl/js/slideshow/TweenMax.min.js?v=ver28.237
Domain
g1.cfvn66.com
URL
https://g1.cfvn66.com/cl/js/tools/tween.slideshow.js?v=ver28.237
Domain
g1.cfvn66.com
URL
https://g1.cfvn66.com/web/static/image/element/info/aio-download/lang/zh-cn/qrcode_a.png?v=ver28.237
Domain
lehu998234.com
URL
https://lehu998234.com:6899/cl/tpl/sands999/ver2/image/completeness.png
Domain
g1.cfvn66.com
URL
https://g1.cfvn66.com/cl/tpl/template/images/element/icon_down_light.png?v=ver28.237
Domain
g1.cfvn66.com
URL
https://g1.cfvn66.com/cl/tpl/sands999/ver2/image/logo.png?v=ver28.237

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer object| serverPushData object| google_tag_manager object| google_tag_data function| logEvent function| setUserProperty

7 Cookies

Domain/Path Name / Value
lehu998234.com/ Name: lang
Value: zh-cn
lehu998234.com/ Name: langx
Value: zh-cn
.lehu998234.com/ Name: IBCACHE
Value: PtQuHfp0IuzjJEA_8gyN4WtiMQT7k_YPM-VmIt9cc6cyHtZG3yQ03sBZb5KZ0rU_b2JocElSeHVHNUNFbU1mYW5MMHg1MnByRG96ZUVpMEtNSGVObzd4T3hydw
.lehu998234.com/ Name: SESSION_ID
Value: guest
.lehu998234.com/ Name: ICCACHE
Value: oy31BUBN9RPsA2eP60WWXfmslZM%2F912oPVwc%2FeIYMSJwNTVZMUI1anlRNjQwY2Fn
lehu998234.com/ Name: page_site
Value: first
lehu998234.com/ Name: PHPSESSID
Value: 4f5932c947b2aff20b4a3700faac2e5e

3 Console Messages

Source Level URL
Text
javascript warning URL: https://oklehu.com/(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://lf26-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://oklehu.com/(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://lf26-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/3.6.0/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://oklehu.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6436bae73e4d2b4a12da299b.mockapi.io
cdn.cfvn66.com
g1.cfvn66.com
lehu998234.com
lf26-cdn-tos.bytecdntp.com
oklehu.com
www.googletagmanager.com
cdn.cfvn66.com
g1.cfvn66.com
lehu998234.com
103.142.147.235
116.162.204.155
18.205.222.128
2405:1c0:6712:768:a8a8:e247:f05c:208
2606:4700::6812:aa2
2606:4700::6812:ba2
2a00:1450:4001:80b::2008
13df12e64e31464604e85cc11c6d9a3082f10bd4e9e4107d2bebcfb031133ee0
1c9b395b87c3efdbf4da7db92212ba519941c095e6b5676279692bdd5bdd563c
2ffe9d985960e3cc76ac9736dd3986267cfd7a7e5b681d8f9d0159575f91a40d
3a947b3f339811f86dd94b035cecabf884846555fdf25351607ed7897bbde800
4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889
44fb89757dbf1fc444aad59a7efb40269c871c5cf374faf1aee1afade18c0799
4c807b957eee70e526264456458aef0723834a063542897522ed483629409d57
53080df2ed45378afde76cfb0f431d8176e954a2aebf8d712974657368278708
6d15e215a71251f9fcde3cc6bf65994ad1df00a4739c8839eac6fa008bfa3075
782b52a15ddcee5d103d910f351fb5e22623202ca9fd38c0e8c460112078a4a4
78ac98112d8d59aac10289321739e3dabc130d43ccc0249f35578d8ac995e61d
7dc3bcfaa1595b9cf913bc4ff3e20d8074fb0b1e3b0014cd8ecb7901ed1f924e
7ebe994a4c04af7352aea17058e6f05f371f4f918a93d3c28583b0323f99faa3
8069c36602f383c1b202f85c6a080f5a4776687304d6ac5d1297574c38e78aea
890e3f3ca7a72ec44a19785aa33511d46de5ec6ffebfa9b3ce4259ed039a5fb0
8ff9ec767503c194fb4ebe943c5f24d5aeae00b80d44119be0576e9020e688f0
9a0134c966cd4e85f3e11b55bf26685f6e237fac49cbedc6bcca44068ce6ad75
b3b812720c532be020fff8ed451ce81c5bdcad52993cf88b0e0385fbdae1b2bd
b7219d613dd785d2bce74a5113eb860d0b1b5a0c212e1213049dda4a05bc5cf6
b7b6d5d6615da33c7dc575bb78d40579870f543b66c7aa7db1272a7fa6d4c4dc
bea60a31a140ddaf5fac49d926a85b4eb90ad0b1c8654e4e950f64587df6a9f0
c37ce466abeb200225cab59f6820623e3cd3136bdd086c45d9dd0add0a23cd48
f71148aa2505321fb1dab563f1ce478eabb6ffae2a38204790626a5ce4b6f3c8
fa96c16e1ab74d30b64f324b63e6d8d38cb17b9eb8ce1a05c126f2fa0b9c8cd3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e