ac45876f8439142304ce8.qu17.cc Open in urlscan Pro
2606:4700:3030::6815:4cee  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response ac45876f8439142304ce8.qu17.cc/	11 KB 4 KB	380ms 345ms	Document text/html	2606:4700:3030::6815:4cee CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ac45876f8439142304ce8.qu17.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4cee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash 0988f180039ca425eb343da4d208fd7ee3317f98a1593aa8d4d45086130c1d3e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=900 cf-cache-status MISS cf-ray 8a6029f2a9a7bb7d-FRA content-encoding br content-type text/html; charset=utf-8 date Sat, 20 Jul 2024 04:21:20 GMT last-modified Sat, 20 Jul 2024 04:21:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pN85BbSGyHa97Eru%2FbN8jxaxUWW7e2PfqhPQC0b2jUj7KGuSC4k9HxsGzJWNwSidBbxD58Rf8ohq18q57yTQJnN7tLXYFAJ6aijRUeCiNSog6B28YuDkus8kby8OkvL8n6z1bHUiFgXbdtezw%2BgfNxL1t%2B5gt%2Fb8aqWmAw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.4.33
GET H3	200	style.css ac45876f8439142304ce8.qu17.cc/css/	13 KB 4 KB	330ms 329ms	Stylesheet text/css	2606:4700:3030::6815:4cee CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ac45876f8439142304ce8.qu17.cc/css/style.css Requested by Host: ac45876f8439142304ce8.qu17.cc URL: https://ac45876f8439142304ce8.qu17.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4cee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4473e856d390fc6e2e297be77aaa564b898503eff973800f8714c58159f55e11 Request headers Referer https://ac45876f8439142304ce8.qu17.cc/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 04:21:21 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 31 Aug 2023 15:04:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"64f0abf1-3513" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JpMh7dlzYEiWTOC%2F2zgb%2B52aKDrJ3YpgpJpB8T5PR6Vo7StDwxxLMDR%2Fy5tqtk2hS0Ztzf4nvNzYiYgEmqa%2FH9FX5ST5RPS9j9epbwdAR%2F7dGo6qOYtT2pQ3nrUvWXRsKKalfRbN4A1EgfJL8s5MLuuRXmdEJfB0vcby%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=900 cf-ray 8a6029f4ebdabb7d-FRA alt-svc h3=":443"; ma=86400 expires Sat, 20 Jul 2024 04:36:21 GMT
GET H2	200	jquery.min.js Show response apps.bdimg.com/libs/jquery/1.8.3/	91 KB 34 KB	2023ms 237ms	Script application/x-javascript	219.151.25.49 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://apps.bdimg.com/libs/jquery/1.8.3/jquery.min.js Requested by Host: ac45876f8439142304ce8.qu17.cc URL: https://ac45876f8439142304ce8.qu17.cc/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 219.151.25.49 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software JSP3/2.0.14 / Resource Hash ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32 Request headers Referer https://ac45876f8439142304ce8.qu17.cc/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 04:21:22 GMT content-encoding br ohc-cache-hit gy2ct79 [2], xiangyctcache98 [2] ohc-response-time 1 0 0 0 0 0 last-modified Thu, 21 Mar 2013 03:13:28 GMT server JSP3/2.0.14 age 2063063 etag "514a7ad8-16dc5" vary Accept-Encoding content-type application/x-javascript cache-control max-age=2592000 accept-ranges bytes ohc-global-saved-time Fri, 21 Jun 2024 07:59:05 GMT expires Sun, 21 Jul 2024 07:59:05 GMT
GET H3	200	comibm.js Show response ac45876f8439142304ce8.qu17.cc/js/	12 KB 5 KB	340ms 339ms	Script application/javascript	2606:4700:3030::6815:4cee CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ac45876f8439142304ce8.qu17.cc/js/comibm.js?v=1.28 Requested by Host: ac45876f8439142304ce8.qu17.cc URL: https://ac45876f8439142304ce8.qu17.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4cee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash 315911cfdc4aab6bdda7e8787cf6456fda9232cbdca11cb910c6295efab77541 Request headers Referer https://ac45876f8439142304ce8.qu17.cc/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 04:21:21 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 13 Jun 2024 14:27:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=26snssbFy0%2F0aG0ffFGgSGgciN9S1xScv%2FKvXKN2jRqiEuELJUuabcSAvxEyuz7JthOgapILAOXfmd0pCO0UQISWGsgpl%2FxinyfaChLb2upVbxHVkFN0k%2FgNsN3Etq%2F878GKrW%2Bj%2B90JueNnp4KyhlbH5aYT%2FnAVjYybBQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=900 cf-ray 8a6029f4ebdebb7d-FRA alt-svc h3=":443"; ma=86400
GET H3	200	55729.jpg www.qu17.cc/bookimg/55/	12 KB 13 KB	358ms 334ms	Image image/jpeg	2606:4700:3030::6815:4cee CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.qu17.cc/bookimg/55/55729.jpg Requested by Host: ac45876f8439142304ce8.qu17.cc URL: https://ac45876f8439142304ce8.qu17.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4cee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a70d58f810cb3911f001ed83666640d9ff7b0f7094f1dd849c20bec24d6faf3f Request headers Referer https://ac45876f8439142304ce8.qu17.cc/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 04:21:21 GMT cf-cache-status MISS last-modified Sun, 19 Dec 2021 01:44:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "61be8e61-3112" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ExZRWOjlt8I8GgEE2Ee3zymm6Lc6u%2BxeQNVDfMqxZS47TCTilqKaSNz9lXqtPmK7YddoudTm8V0XLGEMwbKs%2BV6XKggQ93cUn3NYLNFLVYZD0dydOOJkj4%2FWkwbjqnmGQvmccibUZ6dIqA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes cf-ray 8a6029f50bf8bb7d-FRA alt-svc h3=":443"; ma=86400 content-length 12562 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	6664.jpg www.qu17.cc/bookimg/6/	48 KB 48 KB	675ms 651ms	Image image/jpeg	2606:4700:3030::6815:4cee CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.qu17.cc/bookimg/6/6664.jpg Requested by Host: ac45876f8439142304ce8.qu17.cc URL: https://ac45876f8439142304ce8.qu17.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4cee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec33f3cd141e8e92404a034d5ad42fd50453ce7d2bc96669d4981977b5698d6d Request headers Referer https://ac45876f8439142304ce8.qu17.cc/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 04:21:21 GMT cf-cache-status MISS last-modified Tue, 28 Sep 2021 04:56:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6152a088-be5b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mifw3gacXvQDV%2BjzKjgR9NODYnwvmtcl%2BVhuPtx4qxudey389WCQDAj00eH9OnNJM7QKlnXeJE4T%2FORy%2BurEBDsDquoimMnyCttxpK3fyuirmahKyJNW03eHCl3uKYF%2BsMP350tekFbXrg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes cf-ray 8a6029f50bf9bb7d-FRA alt-svc h3=":443"; ma=86400 content-length 48731 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	50909.jpg www.qu17.cc/bookimg/50/	9 KB 10 KB	329ms 328ms	Image image/jpeg	2606:4700:3030::6815:4cee CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.qu17.cc/bookimg/50/50909.jpg Requested by Host: ac45876f8439142304ce8.qu17.cc URL: https://ac45876f8439142304ce8.qu17.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4cee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea11fe6fe24fd887f071389d1b08a19384f17ff30f412fc4cc72acaac28dfb8b Request headers Referer https://ac45876f8439142304ce8.qu17.cc/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 04:21:21 GMT cf-cache-status MISS last-modified Thu, 09 Dec 2021 07:46:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "61b1b441-2422" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u4B1XFZ4%2F84O17L1AWn9e16SHw7QP4kLjOXvDIZPCLIPazjfEDFARbqGU5mxlD8SIxhzQ%2FK%2F0248pZ0Vx3ZvvAKhHpBGRb%2Bx1Q%2Bgg5U9IvHLr2Q52cl2uKZ31aFEe3%2FF9jkQty1Swgz14w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes cf-ray 8a6029f72e63bb7d-FRA alt-svc h3=":443"; ma=86400 content-length 9250 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	4595.jpg www.qu17.cc/bookimg/4/	21 KB 22 KB	483ms 483ms	Image image/jpeg	2606:4700:3030::6815:4cee CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.qu17.cc/bookimg/4/4595.jpg Requested by Host: ac45876f8439142304ce8.qu17.cc URL: https://ac45876f8439142304ce8.qu17.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4cee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash abc4a8ed50bb400040bde9580e9f4fd8d7d6d33b3b4f16a7f676696acd1eae93 Request headers Referer https://ac45876f8439142304ce8.qu17.cc/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 04:21:21 GMT cf-cache-status MISS last-modified Sat, 25 Sep 2021 09:27:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "614eeb83-549c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TNm1K6esRg77yv9pD9E5rhu7%2Fz2uXD1FsLf4k4YH3JhDv3n8Qjfkhkhx%2FOJAys4j7166VYPXRk9afsh0k0EOu9%2B2rm1ys3M%2FXSahHHvS3xwcM2uZ90p1xv3WfZCRwKPcdaF7l0VilUQIAw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes cf-ray 8a6029f92fe0bb7d-FRA alt-svc h3=":443"; ma=86400 content-length 21660 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	29 KB 12 KB	1157ms 303ms	Script application/javascript	111.45.3.198 CMNET-GUANGDONG-A...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?985c57aa6304c183e46daae6878b243b Requested by Host: ac45876f8439142304ce8.qu17.cc URL: https://ac45876f8439142304ce8.qu17.cc/js/comibm.js?v=1.28 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN), Reverse DNS Software apache / Resource Hash 3e346af9dda22363f2614359e3063a867473490991361050a429293f441d5e8c Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers Referer https://ac45876f8439142304ce8.qu17.cc/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sat, 20 Jul 2024 04:21:24 GMT Content-Encoding gzip Strict-Transport-Security max-age=172800 Server apache Etag 5eadc73aa8f4a0f473021839d671884b P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Content-Type application/javascript Cache-Control max-age=0, must-revalidate Content-Length 11286
GET H2	200	push.js Show response zz.bdstatic.com/linksubmit/	308 B 563 B	1108ms 354ms	Script application/x-javascript	58.254.150.48 UNICOM-GUANGZHOU-...
General Check archive.org Show headers Download Go to Full URL https://zz.bdstatic.com/linksubmit/push.js Requested by Host: ac45876f8439142304ce8.qu17.cc URL: https://ac45876f8439142304ce8.qu17.cc/js/comibm.js?v=1.28 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 58.254.150.48 Guangzhou, China, ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN), Reverse DNS Software JSP3/2.0.14 / Resource Hash c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212 Request headers Referer https://ac45876f8439142304ce8.qu17.cc/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 04:21:24 GMT content-encoding br tracecode 10133298210678663690071815 ohc-response-time 1 0 0 0 0 0 last-modified Fri, 12 Jul 2024 09:09:51 GMT server JSP3/2.0.14 age 75868 etag "6690f2df-134" ohc-cache-hit gz3un56 [2], zhuzuncache65 [2] content-type application/x-javascript cache-control max-age=86400 accept-ranges bytes ohc-global-saved-time Fri, 19 Jul 2024 07:16:53 GMT
GET H3	200	favicon.ico m.bi25.cc/	1 KB 1 KB	151ms 26ms	Image image/x-icon	2606:4700:3036::6815:241 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://m.bi25.cc/favicon.ico Requested by Host: ac45876f8439142304ce8.qu17.cc URL: https://ac45876f8439142304ce8.qu17.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:241 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 268e55db55b71ee28587c78725a783aa39aeab5b1aa9a7755aade1241f1fc757 Request headers Referer https://ac45876f8439142304ce8.qu17.cc/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 04:21:23 GMT content-encoding br cf-cache-status HIT last-modified Thu, 15 Sep 2022 09:46:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 275 etag W/"6322f47b-47e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gYdvJ5hzXwmYd6x9k5e6VkjQnJ0%2FVb9tXscSYlm%2FBstQnEfko3IxQxBjFKq%2B0IrUKVIEdwUMeZQczViVijtaUMZ4UiXalkMQ%2BilzpLbXfhmtm45ouJUhcrwucGEXvyEHSYLIpEZJPKc%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=900 cf-ray 8a602a03ec722c7a-FRA alt-svc h3=":443"; ma=86400
GET H3	200	favicon.ico m.bi27.cc/	1 KB 1 KB	148ms 19ms	Image image/x-icon	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://m.bi27.cc/favicon.ico Requested by Host: ac45876f8439142304ce8.qu17.cc URL: https://ac45876f8439142304ce8.qu17.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 268e55db55b71ee28587c78725a783aa39aeab5b1aa9a7755aade1241f1fc757 Request headers Referer https://ac45876f8439142304ce8.qu17.cc/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 04:21:23 GMT content-encoding br cf-cache-status HIT last-modified Thu, 15 Sep 2022 09:46:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1327 etag W/"6322f47b-47e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r3aRLA%2F%2B9UpZD9jcGETB8nPSOxKvFRrxLigHH4U88zgrQBuTohMe5cp89wIHMF8Z7V8z2bhDPn2ipe24E9c%2B5WB3zYrDKM4cKlOqZsrKRTXhIzlnk8BOd5YPjlavbpZLcDxqzMe4vgQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=900 cf-ray 8a602a03e9750497-FRA alt-svc h3=":443"; ma=86400
GET H3	200	favicon.ico m.bi29.cc/	1 KB 1 KB	462ms 336ms	Image image/x-icon	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://m.bi29.cc/favicon.ico Requested by Host: ac45876f8439142304ce8.qu17.cc URL: https://ac45876f8439142304ce8.qu17.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 268e55db55b71ee28587c78725a783aa39aeab5b1aa9a7755aade1241f1fc757 Request headers Referer https://ac45876f8439142304ce8.qu17.cc/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 04:21:23 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 15 Sep 2022 09:46:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6322f47b-47e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vqTTblxwccAdPsGQx1Z0ct6oP8OX%2BcFuy7QJrDVcbFkqXML1dame75PPl3rtXq1bZXAsIGqyqeuvWFlOX4LMrVvPdhBnRwzkeIQh5NpYWX5Ynu4SKzv2KCLlE2DwhS1gkJkvOTM8lWk%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=900 cf-ray 8a602a03ed316983-FRA alt-svc h3=":443"; ma=86400
GET H3	200	favicon.ico m.bi28.cc/	1 KB 1 KB	145ms 17ms	Image image/x-icon	2a06:98c1:3120::9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://m.bi28.cc/favicon.ico Requested by Host: ac45876f8439142304ce8.qu17.cc URL: https://ac45876f8439142304ce8.qu17.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 268e55db55b71ee28587c78725a783aa39aeab5b1aa9a7755aade1241f1fc757 Request headers Referer https://ac45876f8439142304ce8.qu17.cc/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 04:21:23 GMT content-encoding br cf-cache-status HIT last-modified Thu, 15 Sep 2022 09:46:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3377 etag W/"6322f47b-47e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bk1tK8bBePftAQfefp5qgkETxIf%2Bv9e2BW4WNSh2So1Q37OuyNgZlJfo9BVujJPsLJc1wThUERyUQIAV0KluDMfOUM9kqQ8qfv8Hv7G8IaSB4pj%2FYhAM%2BKUGQky8D7kXSiRTWG8jG3M%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=900 cf-ray 8a602a03edf51e55-FRA alt-svc h3=":443"; ma=86400
GET H3	200	favicon.ico m.bi26.cc/	1 KB 1 KB	144ms 17ms	Image image/x-icon	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://m.bi26.cc/favicon.ico Requested by Host: ac45876f8439142304ce8.qu17.cc URL: https://ac45876f8439142304ce8.qu17.cc/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 268e55db55b71ee28587c78725a783aa39aeab5b1aa9a7755aade1241f1fc757 Request headers Referer https://ac45876f8439142304ce8.qu17.cc/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 04:21:23 GMT content-encoding br cf-cache-status HIT last-modified Thu, 15 Sep 2022 09:46:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6602 etag W/"6322f47b-47e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BL%2B0Ej37XPbp0VSpA6zNChi84QiL2%2BBqj05chGNPy7ysqOy7TcS4hq0QnFkP8PZwbX9odurSaXsuLii6K33XFGoRvt%2B%2FpMhF91IZy51iGn7vTpirXxiNxgQQjNN70g%2Fi3VQOITxpEEc%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=900 cf-ray 8a602a03e8a818ff-FRA alt-svc h3=":443"; ma=86400
GET H3	200	so.png ac45876f8439142304ce8.qu17.cc/images/	2 KB 2 KB	329ms 329ms	Image image/png	2606:4700:3030::6815:4cee CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ac45876f8439142304ce8.qu17.cc/images/so.png Requested by Host: ac45876f8439142304ce8.qu17.cc URL: https://ac45876f8439142304ce8.qu17.cc/css/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4cee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ef07455b66119f28aebbdd8278db9eb1e8776ae9dfd6f90616ba55ce2f4d4a2 Request headers Referer https://ac45876f8439142304ce8.qu17.cc/css/style.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 04:21:23 GMT cf-cache-status MISS last-modified Wed, 06 Oct 2021 18:45:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "615deeb3-6d3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iC5w5CbAg28rRIz95fo%2BZh5ZNX3CXoaLtPMmbW7gRtakmX%2B8HKi7PtxY1eOXlXIQr3w5a%2FKBoFUKUL2u5CRXATfpa0T89TOhW6ubL4vUS1Bz9CqFSOlVfktYpKpx%2Bd51T%2BNF2bM9uUmpeyBSfKGCls9EQK5IuoAFvuwZ5g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 8a602a0329d8bb7d-FRA alt-svc h3=":443"; ma=86400 content-length 1747 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	s.gif sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/	0 116 B	989ms 367ms	Image text/plain	103.235.46.96 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://ac45876f8439142304ce8.qu17.cc/ Requested by Host: ac45876f8439142304ce8.qu17.cc URL: https://ac45876f8439142304ce8.qu17.cc/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.96 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ac45876f8439142304ce8.qu17.cc/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sat, 20 Jul 2024 04:21:24 GMT Content-Length 0 Content-Type text/plain; charset=utf-8
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	300ms 300ms	Image image/gif	111.45.3.198 CMNET-GUANGDONG-A...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?hca=251A7D4EF52304BF&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=1892899366&si=985c57aa6304c183e46daae6878b243b&v=1.3.2&lv=1&sn=41439&r=0&ww=1600&u=https%3A%2F%2Fac45876f8439142304ce8.qu17.cc%2F&tt=%E7%AC%94%E8%B6%A3%E9%98%81%20-%20%E5%85%8D%E8%B4%B9%E5%B0%8F%E8%AF%B4%20-%20%E6%B8%85%E7%88%BD%E5%9C%A8%E7%BA%BF%E9%98%85%E8%AF%BB Requested by Host: ac45876f8439142304ce8.qu17.cc URL: https://ac45876f8439142304ce8.qu17.cc/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers Referer https://ac45876f8439142304ce8.qu17.cc/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Pragma no-cache Date Sat, 20 Jul 2024 04:21:24 GMT Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Server apache Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43
GET H3	200	favicon.ico ac45876f8439142304ce8.qu17.cc/	1 KB 1 KB	330ms 330ms	Other image/x-icon	2606:4700:3030::6815:4cee CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ac45876f8439142304ce8.qu17.cc/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:4cee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 268e55db55b71ee28587c78725a783aa39aeab5b1aa9a7755aade1241f1fc757 Request headers Referer https://ac45876f8439142304ce8.qu17.cc/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 04:21:25 GMT content-encoding br cf-cache-status MISS last-modified Thu, 15 Sep 2022 09:46:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6322f47b-47e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aBNwTU%2BfZb%2FrvhHsUKeO36vR6NylIMVPdZO%2FwEZtnKfkYIJu62oCuf7dPpFdt%2Bxj0ymfylkqi5LL1pDGJeKVkQfbNct4EBHo3A51PcJPL%2FCO2vnIcVAn3zLyq2JlDHCff8jsmPvIKCOjDeudiM827Kh5w2zAwa%2B0CYfyxw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=900 cf-ray 8a602a110de5bb7d-FRA alt-svc h3=":443"; ma=86400

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| tj function| lists function| listtj function| read2 function| read3 function| reads function| closeonoff function| closead function| logout function| setCookie function| getCookie function| doParse function| user_href function| addBookCase function| addBookMark function| chapter_error function| readjs function| book_error boolean| _bdhm_loaded_985c57aa6304c183e46daae6878b243b object| _hmt

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ac45876f8439142304ce8.qu17.cc/	1970-01-20 22:11:07	Name: getsite Value: bi26.cc
			.hm.baidu.com/	1970-01-21 07:46:49	Name: HMACCOUNT_BFESS Value: 251A7D4EF52304BF
			.ac45876f8439142304ce8.qu17.cc/	1970-01-21 06:56:25	Name: Hm_lvt_985c57aa6304c183e46daae6878b243b Value: 1721449284
			.ac45876f8439142304ce8.qu17.cc/	1969-12-31 23:59:59	Name: Hm_lpvt_985c57aa6304c183e46daae6878b243b Value: 1721449284
			.ac45876f8439142304ce8.qu17.cc/	1969-12-31 23:59:59	Name: HMACCOUNT Value: 251A7D4EF52304BF

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ac45876f8439142304ce8.qu17.cc
apps.bdimg.com
hm.baidu.com
m.bi25.cc
m.bi26.cc
m.bi27.cc
m.bi28.cc
m.bi29.cc
sp0.baidu.com
www.qu17.cc
zz.bdstatic.com
103.235.46.96
111.45.3.198
219.151.25.49
2606:4700:3030::6815:4cee
2606:4700:3036::6815:241
2a06:98c1:3120::3
2a06:98c1:3120::9
2a06:98c1:3121::3
58.254.150.48
0988f180039ca425eb343da4d208fd7ee3317f98a1593aa8d4d45086130c1d3e
268e55db55b71ee28587c78725a783aa39aeab5b1aa9a7755aade1241f1fc757
315911cfdc4aab6bdda7e8787cf6456fda9232cbdca11cb910c6295efab77541
3e346af9dda22363f2614359e3063a867473490991361050a429293f441d5e8c
4473e856d390fc6e2e297be77aaa564b898503eff973800f8714c58159f55e11
6ef07455b66119f28aebbdd8278db9eb1e8776ae9dfd6f90616ba55ce2f4d4a2
a70d58f810cb3911f001ed83666640d9ff7b0f7094f1dd849c20bec24d6faf3f
abc4a8ed50bb400040bde9580e9f4fd8d7d6d33b3b4f16a7f676696acd1eae93
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea11fe6fe24fd887f071389d1b08a19384f17ff30f412fc4cc72acaac28dfb8b
ec33f3cd141e8e92404a034d5ad42fd50453ce7d2bc96669d4981977b5698d6d