URL: https://am2.gc.kj12349.com/
Submission: On May 14 via api from US — Scanned from JP

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 33 HTTP transactions. The main IP is 84.247.153.9, located in Tokyo, Japan and belongs to CAPL-AS-AP Contabo Asia Private Limited, SG. The main domain is am2.gc.kj12349.com.
TLS certificate: Issued by R3 on May 14th 2024. Valid for: 3 months.
This is the only time am2.gc.kj12349.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
26 84.247.153.9 141995 (CAPL-AS-A...)
2 46.149.192.25 59371 (DNC-AS Di...)
2 111.45.11.83 56040 (CMNET-GUA...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
33 5
Domain Requested by
7 www.101046.com am2.gc.kj12349.com
7 am.cp.lhc12349.com am2.gc.kj12349.com
5 101046.com am2.gc.kj12349.com
5 am2.gc.kj12349.com am2.gc.kj12349.com
3 img1.shanghaixiaochagu.com am2.gc.kj12349.com
2 hm.baidu.com am2.gc.kj12349.com
2 kj.lhcs-5.com am2.gc.kj12349.com
2 dd.gc.kj12349.com am2.gc.kj12349.com
33 8
Subject Issuer Validity Valid
am6.cp.lhc12349.com
R3
2024-05-14 -
2024-08-12
3 months crt.sh
www.101046.com
R3
2024-05-14 -
2024-08-12
3 months crt.sh
*.lhcs-1.com
R3
2024-05-10 -
2024-08-08
3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018
2023-07-06 -
2024-08-06
a year crt.sh
shanghaixiaochagu.com
GTS CA 1P5
2024-05-10 -
2024-08-08
3 months crt.sh

This page contains 1 frames:

Primary Page: https://am2.gc.kj12349.com/
Frame ID: 28BF551F31EA28FDC46A6911C236A137
Requests: 36 HTTP requests in this frame

Screenshot

Page Title

澳门神算子

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Page Statistics

33
Requests

100 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

5
IPs

4
Countries

1745 kB
Transfer

3073 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
am2.gc.kj12349.com/
1 MB
51 KB
Document
General
Full URL
https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ac284b3b5039a41d32e8d49e737790c42e1244b31c1c6b8bcf5b7cdd58fdf7c8

Request headers

Accept-Language
jp-JP,jp;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
51625
content-type
text/html
date
Tue, 14 May 2024 13:32:40 GMT
etag
"059e08cf3a5da1:0"
last-modified
Tue, 14 May 2024 11:40:42 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET
gsb.js
am2.gc.kj12349.com/
2 KB
1 KB
Script
General
Full URL
https://am2.gc.kj12349.com/gsb.js
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
eab7d5a85f96f45d0f435274c0e97373c222f66e0be6f37ee2e7823c3a6d71a1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
content-encoding
gzip
last-modified
Mon, 13 May 2024 16:04:26 GMT
server
Microsoft-IIS/10.0
etag
"a65d673a4fa5da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1218
shouyetu.jpg
dd.gc.kj12349.com/tp/
56 KB
56 KB
Image
General
Full URL
https://dd.gc.kj12349.com/tp/shouyetu.jpg
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c2591be412e01a5dfba8324d61b961412c16c93f95a570c2fedfe7f3a9eee8fa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
last-modified
Wed, 01 May 2024 05:47:51 GMT
server
Microsoft-IIS/10.0
etag
"73b101b8b9bda1:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
57340
daohag.gif
am.cp.lhc12349.com/tp/
48 KB
48 KB
Image
General
Full URL
https://am.cp.lhc12349.com/tp/daohag.gif
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5dda7e1ad1a771ab5ff34bdeb68c95e828ccdc8f9641511c9deecdb7a8be615f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
last-modified
Sun, 28 Apr 2024 13:36:36 GMT
server
Microsoft-IIS/10.0
etag
"2dc5ba177199da1:0"
x-powered-by
ASP.NET
content-type
image/gif
accept-ranges
bytes
content-length
49220
lottery.umd.js
am2.gc.kj12349.com/
255 KB
120 KB
Script
General
Full URL
https://am2.gc.kj12349.com/lottery.umd.js
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ef774d80368d4a07eae9f21d1428e37a9ca39f992de797ce87afff40b0ed3e63

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
content-encoding
gzip
last-modified
Tue, 07 May 2024 06:46:26 GMT
server
Microsoft-IIS/10.0
etag
"04d30484aa0da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
123175
99cc1.gif
am.cp.lhc12349.com/tp/
15 KB
15 KB
Image
General
Full URL
https://am.cp.lhc12349.com/tp/99cc1.gif
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9ae81c57691fe67c2dcf2a69017543732565c54332607521e11f1f2619f355e1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
last-modified
Sun, 14 Apr 2024 11:06:34 GMT
server
Microsoft-IIS/10.0
etag
"8f8cdccf5b8eda1:0"
x-powered-by
ASP.NET
content-type
image/gif
accept-ranges
bytes
content-length
15103
ddjb.gif
101046.com/tp/
2 KB
2 KB
Image
General
Full URL
https://101046.com/tp/ddjb.gif
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9be846c18af51a3afe4ae5926237234faa293785eac585f4122eb8c8e1ddebac

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
last-modified
Sat, 20 Apr 2024 14:47:59 GMT
server
Microsoft-IIS/10.0
etag
"3b30c7bc3193da1:0"
x-powered-by
ASP.NET
content-type
image/gif
accept-ranges
bytes
content-length
2109
aa1.gif
101046.com/tp/
111 B
213 B
Image
General
Full URL
https://101046.com/tp/aa1.gif
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7ab5c16868be470eb76e4f4adc804228847ca79423281bf0319e75cde6339003

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
last-modified
Thu, 18 Apr 2024 15:22:20 GMT
server
Microsoft-IIS/10.0
etag
"5762b734a491da1:0"
x-powered-by
ASP.NET
content-type
image/gif
accept-ranges
bytes
content-length
111
99cc.gif
am.cp.lhc12349.com/tp/
172 KB
172 KB
Image
General
Full URL
https://am.cp.lhc12349.com/tp/99cc.gif
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
25bb914491ffc6bdf1e1c11244fa5b94435481be769204ac162edec915024b99

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
last-modified
Sun, 14 Apr 2024 11:06:33 GMT
server
Microsoft-IIS/10.0
etag
"b8857cf5b8eda1:0"
x-powered-by
ASP.NET
content-type
image/gif
accept-ranges
bytes
content-length
175718
jianbiao.gif
www.101046.com/tp/
2 KB
2 KB
Image
General
Full URL
https://www.101046.com/tp/jianbiao.gif
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4a0fb482ce6a8e58861c432e5fdd01190782f7a6ecc50351c5496363ff56adb5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
last-modified
Thu, 11 Apr 2024 14:37:47 GMT
server
Microsoft-IIS/10.0
etag
"b0845ad21d8cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
accept-ranges
bytes
content-length
2051
gaoshoubang.jpg
101046.com/tp/
49 KB
50 KB
Image
General
Full URL
https://101046.com/tp/gaoshoubang.jpg
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b771dd68e1944873cedda61a2287d3f2fce4a6fe13c3c8b03b65dff54fea2b52

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
last-modified
Tue, 30 Apr 2024 09:38:57 GMT
server
Microsoft-IIS/10.0
etag
"6ec26e39e29ada1:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
50623
gangaobaodianxjt.jpg
www.101046.com/tp/
163 KB
163 KB
Image
General
Full URL
https://www.101046.com/tp/gangaobaodianxjt.jpg
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
31d7f41c5672aef38092fbdf2cbc1e9f04e9a2c5fadae42ee185c184e9b381d8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
last-modified
Tue, 14 May 2024 05:16:39 GMT
server
Microsoft-IIS/10.0
etag
"5dddaae6bda5da1:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
166524
zdsc12.jpg
101046.com/tp/
51 KB
51 KB
Image
General
Full URL
https://101046.com/tp/zdsc12.jpg
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7dc779705ff72550a189980551474df57382290270c9d8f5c52e6bf4022e7fe7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
last-modified
Tue, 14 May 2024 05:16:44 GMT
server
Microsoft-IIS/10.0
etag
"f36aa3e9bda5da1:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
52155
jshz.jpg
dd.gc.kj12349.com/tp/
334 KB
335 KB
Image
General
Full URL
https://dd.gc.kj12349.com/tp/jshz.jpg
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6b09a175a64e38df13de7d12e3ae31d5a44648d4ba145e6f28d5565517e03d79

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
last-modified
Tue, 14 May 2024 05:16:41 GMT
server
Microsoft-IIS/10.0
etag
"f358cbe7bda5da1:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
342257
hlm.jpg
www.101046.com/tp/
173 KB
174 KB
Image
General
Full URL
https://www.101046.com/tp/hlm.jpg
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b42863b18a9cff7a5f6c2d89846658788f8e1d1e7e4d67d4535858d00777109a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
last-modified
Tue, 14 May 2024 05:16:40 GMT
server
Microsoft-IIS/10.0
etag
"65fd2de7bda5da1:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
177518
sgfy.jpg
www.101046.com/tp/
162 KB
162 KB
Image
General
Full URL
https://www.101046.com/tp/sgfy.jpg
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
981aa093edb9a32f04f7531cbd82d7722aa72075822502288018ee3268651ded

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
last-modified
Tue, 14 May 2024 05:16:43 GMT
server
Microsoft-IIS/10.0
etag
"7f4dc3e8bda5da1:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
165887
xingxing.gif
101046.com/tp/
2 KB
2 KB
Image
General
Full URL
https://101046.com/tp/xingxing.gif
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
baf87a4bb70e08223fcae73d4a4503b6e17322ec74d0b12c74eebbf048fb9098

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
last-modified
Fri, 19 Apr 2024 05:57:47 GMT
server
Microsoft-IIS/10.0
etag
"9e86eb801e92da1:0"
x-powered-by
ASP.NET
content-type
image/gif
accept-ranges
bytes
content-length
1892
temashiju.jpg
www.101046.com/tp/
92 KB
92 KB
Image
General
Full URL
https://www.101046.com/tp/temashiju.jpg
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d888a14ff3c974b58c7875068d6e139fb0030cd7f735198d09ced3ba6c67e3d3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
last-modified
Tue, 14 May 2024 05:16:44 GMT
server
Microsoft-IIS/10.0
etag
"d7bd35e9bda5da1:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
93745
jtdt.jpg
am.cp.lhc12349.com/tp/
46 KB
46 KB
Image
General
Full URL
https://am.cp.lhc12349.com/tp/jtdt.jpg
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fc21b6ec6d45e877ced7bde84f8c3bd4220d2b9c9b5503e8b980e5f8e01eccd4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
last-modified
Tue, 14 May 2024 05:16:42 GMT
server
Microsoft-IIS/10.0
etag
"b42b40e8bda5da1:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
47168
beijingtu.jpg
am.cp.lhc12349.com/tp/
49 KB
49 KB
Image
General
Full URL
https://am.cp.lhc12349.com/tp/beijingtu.jpg
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d59806f7b02170b763c39f36c9a95a74fefe2fba991119a515c07be56baf79cc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
last-modified
Tue, 30 Apr 2024 12:48:43 GMT
server
Microsoft-IIS/10.0
etag
"aa6421bcfc9ada1:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
50410
V2
kj.lhcs-5.com/gallerynew/h5/index/lastLotteryRecord/
10 KB
2 KB
XHR
General
Full URL
https://kj.lhcs-5.com/gallerynew/h5/index/lastLotteryRecord/V2?lotteryType=1
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/lottery.umd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.149.192.25 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
805a21c0594dfd922c63754473a3071d1dfc59ebbb24f74ef17acd88655d7cc2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 13:36:56 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
getLotterySwitchButton
kj.lhcs-5.com/gallerynew/h5/index/
499 B
780 B
XHR
General
Full URL
https://kj.lhcs-5.com/gallerynew/h5/index/getLotterySwitchButton
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/lottery.umd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.149.192.25 , Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
1dd89483ae4fcd239390e0c2cc29ea0393b85e6fb923a1407a4b8dd82df172bb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 May 2024 13:36:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
499
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
jianbiao.gif
www.101046.com/tp/
2 KB
0
Image
General
Full URL
https://www.101046.com/tp/jianbiao.gif
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4a0fb482ce6a8e58861c432e5fdd01190782f7a6ecc50351c5496363ff56adb5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
last-modified
Thu, 11 Apr 2024 14:37:47 GMT
server
Microsoft-IIS/10.0
etag
"b0845ad21d8cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
accept-ranges
bytes
content-length
2051
99cc1.gif
am.cp.lhc12349.com/tp/
15 KB
0
Image
General
Full URL
https://am.cp.lhc12349.com/tp/99cc1.gif
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9ae81c57691fe67c2dcf2a69017543732565c54332607521e11f1f2619f355e1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
last-modified
Sun, 14 Apr 2024 11:06:34 GMT
server
Microsoft-IIS/10.0
etag
"8f8cdccf5b8eda1:0"
x-powered-by
ASP.NET
content-type
image/gif
accept-ranges
bytes
content-length
15103
99cc.gif
am.cp.lhc12349.com/tp/
172 KB
0
Image
General
Full URL
https://am.cp.lhc12349.com/tp/99cc.gif
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
25bb914491ffc6bdf1e1c11244fa5b94435481be769204ac162edec915024b99

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
last-modified
Sun, 14 Apr 2024 11:06:33 GMT
server
Microsoft-IIS/10.0
etag
"b8857cf5b8eda1:0"
x-powered-by
ASP.NET
content-type
image/gif
accept-ranges
bytes
content-length
175718
hm.js
hm.baidu.com/
29 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?1e532482a31d21a62867be5dac7380f8
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.11.83 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
57337af6beb670d67f0f16e5fff42268ce79245e692a1215415572315847d502
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 13:32:41 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
15e18cada0d0c7f7adec4424d10b254a
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11266
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12222f3f1f79dac7260b20305152449e9b444eaf1e66f539dc1f579cb660e0b6

Request headers

Accept-Language
jp-JP,jp;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
745 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cf8da554102da8b4bd23daa0389862a22a14c532cef1278b3eefaeb482c50b9

Request headers

Accept-Language
jp-JP,jp;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
linear-gradient(to%20top,
am2.gc.kj12349.com/
1 KB
1 KB
Image
General
Full URL
https://am2.gc.kj12349.com/linear-gradient(to%20top,
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
1245
content-type
text/html
list.png
img1.shanghaixiaochagu.com/assets/img/
4 KB
4 KB
Image
General
Full URL
https://img1.shanghaixiaochagu.com/assets/img/list.png
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:443a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a1aeef84acc4fd3314b3f6f5d33c3bf894a1a7e797003a7cebbe54a8b3f953a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
466682
alt-svc
h3=":443"; ma=86400
content-length
3724
last-modified
Tue, 30 Jul 2019 08:02:43 GMT
server
cloudflare
etag
"5d3ff9a3-e8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wjpJPPXHW6meNbqWcGHzZXwHwQRwNHyi6grRjH4WxpVY9s9HcPK9NCv%2BqY44mBFnpYTG2svHrZIze%2F0aqZtlk%2FFDpAiDWDHYa7ZUWEztQuFa%2FiAKAAnns7aZus%2BToocTwm9AiPwPUFq%2BH9J5ESr45rAzyOtEearxWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
883b4176ba22e039-NRT
expires
Sat, 08 Jun 2024 03:54:39 GMT
cfl-more.png
img1.shanghaixiaochagu.com/assets/img/
25 KB
26 KB
Image
General
Full URL
https://img1.shanghaixiaochagu.com/assets/img/cfl-more.png
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:443a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b72dd2d1a81a30aeecdd921e283f3d919e1d5e50cd626024aea9d0bfc16988

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
466682
alt-svc
h3=":443"; ma=86400
content-length
26075
last-modified
Tue, 30 Jul 2019 06:25:38 GMT
server
cloudflare
etag
"5d3fe2e2-65db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QKEjGJm7nFVq%2F%2B0Uk7PPqYbIGjM3hi3aIkAhxc7aWjBKxH00XAR%2BpEfE1Q1JvcDMich53zu7VqlykVHCULFOjT%2BOG3Z3s5Zub8ORdO%2FTvug8q0bGSgtJt%2Boh9lympkvp86jqOo2RBf9qE2x46YcpQjygs1VaT0mV5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
883b4176ba24e039-NRT
expires
Sat, 08 Jun 2024 03:54:39 GMT
cfl4.png
img1.shanghaixiaochagu.com/assets/img/
3 KB
4 KB
Image
General
Full URL
https://img1.shanghaixiaochagu.com/assets/img/cfl4.png
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:443a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
690525e35adf0a12e48716dd62cd5efe930485d8e5e876a11762b9658b667e00

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
466682
alt-svc
h3=":443"; ma=86400
content-length
3044
last-modified
Tue, 30 Jul 2019 08:05:49 GMT
server
cloudflare
etag
"5d3ffa5d-be4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BuOaq0fMYC%2FgtccuFH8XkoH%2FbszQqvxB9E6PywvtJyxmUm5Si1bySv%2BS0pHgyJ%2FSw5w%2BJ%2FNErOyAtH3%2F5GN7q3n93ieHX8xJ5%2BnPCD44F3chw3JA7NU98Ln1eTszcKB02beVYjPKHs4su5hOFvFGbWJOdQyIYJpRgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
883b4176ba1de039-NRT
expires
Sat, 08 Jun 2024 03:54:39 GMT
goucailogo.png
www.101046.com//tp/
79 KB
79 KB
Image
General
Full URL
https://www.101046.com//tp/goucailogo.png
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
52c813e4e4fadabc1b7d370f135cd026fefabdaa234cfbf344dc8b6fb2f581a8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:40 GMT
last-modified
Thu, 25 Apr 2024 13:00:41 GMT
server
Microsoft-IIS/10.0
etag
"31dba5931097da1:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
80997
truncated
/
25 KB
25 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4990826783677cfd08d0c19c14624bf9f363dd95bf3ba14edd6122de3c455b08

Request headers

Referer
Origin
https://am2.gc.kj12349.com
Accept-Language
jp-JP,jp;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=jp-jp&lo=0&rnd=1265969840&si=1e532482a31d21a62867be5dac7380f8&v=1.3.0&lv=1&sn=52797&r=0&ww=1600&u=https%3A%2F%2Fam2.gc.kj12349.com%2F&tt=%E6%BE%B3%E9%97%A8%E7%A5%9E%E7%AE%97%E5%AD%90
Requested by
Host: am2.gc.kj12349.com
URL: https://am2.gc.kj12349.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.11.83 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 14 May 2024 13:32:41 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
favicon.ico
am2.gc.kj12349.com/
1 KB
1 KB
Other
General
Full URL
https://am2.gc.kj12349.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.247.153.9 Tokyo, Japan, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1797893.contaboserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://am2.gc.kj12349.com/
Accept-Language
jp-JP,jp;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:32:41 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
1245
content-type
text/html

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| am_no string| am_noa string| am_nob object| am_tiezi object| obj undefined| ot object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __VUE__ function| _0x8ef2a0 function| _0x36bc29 function| _0x678ff0 function| _0x53d90f function| _0x3881a8 function| _0x3465 function| addTieziToUI function| _0x60e8 object| _hmt boolean| _bdhm_loaded_1e532482a31d21a62867be5dac7380f8 object| mini_tangram_log_ou44gh

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 411EAD05D347A2B3
.am2.gc.kj12349.com/ Name: Hm_lvt_1e532482a31d21a62867be5dac7380f8
Value: 1715693562
.am2.gc.kj12349.com/ Name: Hm_lpvt_1e532482a31d21a62867be5dac7380f8
Value: 1715693562

26 Console Messages

Source Level URL
Text
security warning URL: https://am2.gc.kj12349.com/
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://am2.gc.kj12349.com/
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://101046.com/tp/gaoshoubang.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://am2.gc.kj12349.com/
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://am2.gc.kj12349.com/
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://am2.gc.kj12349.com/
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://am2.gc.kj12349.com/
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://am2.gc.kj12349.com/
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://am2.gc.kj12349.com/
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://am2.gc.kj12349.com/
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://am2.gc.kj12349.com/
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://am2.gc.kj12349.com/
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://am2.gc.kj12349.com/(Line 1377)
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://am2.gc.kj12349.com/(Line 1377)
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://101046.com/tp/gaoshoubang.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://am2.gc.kj12349.com/(Line 1492)
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://am2.gc.kj12349.com/(Line 4167)
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://am2.gc.kj12349.com/(Line 4167)
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://am2.gc.kj12349.com/(Line 4167)
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://am2.gc.kj12349.com/(Line 4167)
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://am2.gc.kj12349.com/(Line 4167)
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://am2.gc.kj12349.com/(Line 6276)
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://am2.gc.kj12349.com/(Line 6276)
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://am2.gc.kj12349.com/(Line 6276)
Message:
Mixed Content: The page at 'https://am2.gc.kj12349.com/' was loaded over HTTPS, but requested an insecure element 'http://www.101046.com/tp/jianbiao.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://am2.gc.kj12349.com/linear-gradient(to%20top,#eee,#fff
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://am2.gc.kj12349.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://am2.gc.kj12349.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://am2.gc.kj12349.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

101046.com
am.cp.lhc12349.com
am2.gc.kj12349.com
dd.gc.kj12349.com
hm.baidu.com
img1.shanghaixiaochagu.com
kj.lhcs-5.com
www.101046.com
111.45.11.83
2606:4700:3033::6815:443a
46.149.192.25
84.247.153.9
12222f3f1f79dac7260b20305152449e9b444eaf1e66f539dc1f579cb660e0b6
1dd89483ae4fcd239390e0c2cc29ea0393b85e6fb923a1407a4b8dd82df172bb
25bb914491ffc6bdf1e1c11244fa5b94435481be769204ac162edec915024b99
2a1aeef84acc4fd3314b3f6f5d33c3bf894a1a7e797003a7cebbe54a8b3f953a
31d7f41c5672aef38092fbdf2cbc1e9f04e9a2c5fadae42ee185c184e9b381d8
3cf8da554102da8b4bd23daa0389862a22a14c532cef1278b3eefaeb482c50b9
4990826783677cfd08d0c19c14624bf9f363dd95bf3ba14edd6122de3c455b08
4a0fb482ce6a8e58861c432e5fdd01190782f7a6ecc50351c5496363ff56adb5
52c813e4e4fadabc1b7d370f135cd026fefabdaa234cfbf344dc8b6fb2f581a8
57337af6beb670d67f0f16e5fff42268ce79245e692a1215415572315847d502
5dda7e1ad1a771ab5ff34bdeb68c95e828ccdc8f9641511c9deecdb7a8be615f
690525e35adf0a12e48716dd62cd5efe930485d8e5e876a11762b9658b667e00
6b09a175a64e38df13de7d12e3ae31d5a44648d4ba145e6f28d5565517e03d79
7ab5c16868be470eb76e4f4adc804228847ca79423281bf0319e75cde6339003
7dc779705ff72550a189980551474df57382290270c9d8f5c52e6bf4022e7fe7
805a21c0594dfd922c63754473a3071d1dfc59ebbb24f74ef17acd88655d7cc2
981aa093edb9a32f04f7531cbd82d7722aa72075822502288018ee3268651ded
9ae81c57691fe67c2dcf2a69017543732565c54332607521e11f1f2619f355e1
9be846c18af51a3afe4ae5926237234faa293785eac585f4122eb8c8e1ddebac
ac284b3b5039a41d32e8d49e737790c42e1244b31c1c6b8bcf5b7cdd58fdf7c8
b42863b18a9cff7a5f6c2d89846658788f8e1d1e7e4d67d4535858d00777109a
b771dd68e1944873cedda61a2287d3f2fce4a6fe13c3c8b03b65dff54fea2b52
b9b72dd2d1a81a30aeecdd921e283f3d919e1d5e50cd626024aea9d0bfc16988
baf87a4bb70e08223fcae73d4a4503b6e17322ec74d0b12c74eebbf048fb9098
c2591be412e01a5dfba8324d61b961412c16c93f95a570c2fedfe7f3a9eee8fa
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d59806f7b02170b763c39f36c9a95a74fefe2fba991119a515c07be56baf79cc
d888a14ff3c974b58c7875068d6e139fb0030cd7f735198d09ced3ba6c67e3d3
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
eab7d5a85f96f45d0f435274c0e97373c222f66e0be6f37ee2e7823c3a6d71a1
ef774d80368d4a07eae9f21d1428e37a9ca39f992de797ce87afff40b0ed3e63
fc21b6ec6d45e877ced7bde84f8c3bd4220d2b9c9b5503e8b980e5f8e01eccd4