urlscan.io logo urlscan.io
SecurityTrails logo

penkuoer.com Open in urlscan Pro
38.6.246.47  Public Scan

Go To Rescan Add Verdict Report
URL: http://penkuoer.com/
Submission: On March 23 via api from BY — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 29 HTTP transactions. The main IP is 38.6.246.47, located in Los Angeles, United States and belongs to PEG-SV, US. The main domain is penkuoer.com.
This is the only time penkuoer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 38.6.246.47 54600 (PEG-SV)
16 156.248.52.71 136950 (HIITL-AS-...)
2 103.235.46.191 55967 (BAIDU Bei...)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
29 5
Apex Domain
Subdomains		 Transfer
16 kaiyunhml4.com
kaiyunhml4.com
2 MB
8 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 11979
va.tawk.to Failed
137 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8299
12 KB
1 penkuoer.com
penkuoer.com
2 KB
29 4
Domain Requested by
16 kaiyunhml4.com penkuoer.com
kaiyunhml4.com
7 embed.tawk.to kaiyunhml4.com
embed.tawk.to
2 hm.baidu.com penkuoer.com
1 va.tawk.to embed.tawk.to
1 penkuoer.com
29 5

This site contains no links.

Subject Issuer Validity Valid
kaiyunhml4.com
R3		 2024-03-12 -
2024-06-10		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-28 -
2024-04-27		 a year crt.sh

This page contains 2 frames:

Primary Page: http://penkuoer.com/
Frame ID: 1A91DCDCE23EDE196748BE1D6ADB1EC7
Requests: 3 HTTP requests in this frame

Frame: https://kaiyunhml4.com/sheng.php
Frame ID: 1C6426911F868F920BC04FF8070B5A77
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

恭喜发财

Detected technologies

Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

90 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

2165 kB
Transfer

2743 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
penkuoer.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://penkuoer.com/
Protocol
HTTP/1.1
Server
38.6.246.47 Los Angeles, United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
0740bb96b16b362ca1819b4f364cdc0a40578864a60a066230ca83d35739f73e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Sat, 23 Mar 2024 02:36:10 GMT
Server
nginx
Transfer-Encoding
chunked
sheng.php
kaiyunhml4.com/ Frame 1C64 		29 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kaiyunhml4.com/sheng.php
Requested by
Host: penkuoer.com
URL: http://penkuoer.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.248.52.71 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),
Reverse DNS
Software
nginx /
Resource Hash
faa03194b24a188cbc7aa7fd05ffcca5cd1b410639e82a2f7453f761d0e9f70d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://penkuoer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 23 Mar 2024 02:36:11 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?e22acf98d81c75c740af9ba0b12e6214
Requested by
Host: penkuoer.com
URL: http://penkuoer.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
f9a23e2dff5bf554123ca893e3b08c4901e18c97ec34677bfc5e94bfed2f1016
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://penkuoer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 23 Mar 2024 02:36:11 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
2e5721f9ef22fa68cda89bad999dde3c
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11259
jquery.min.js
kaiyunhml4.com/static/js/ Frame 1C64 		81 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kaiyunhml4.com/static/js/jquery.min.js
Requested by
Host: kaiyunhml4.com
URL: https://kaiyunhml4.com/sheng.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.248.52.71 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),
Reverse DNS
Software
nginx /
Resource Hash
26e5b24c380e35ef89749d4d5a6d8760403d9d0b0d80f898041ddd46ba888504
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kaiyunhml4.com/sheng.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 02:36:11 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 24 Oct 2023 08:58:13 GMT
server
nginx
etag
W/"65378725-144a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 23 Mar 2024 14:36:11 GMT
link.js
kaiyunhml4.com/ Frame 1C64 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kaiyunhml4.com/link.js
Requested by
Host: kaiyunhml4.com
URL: https://kaiyunhml4.com/sheng.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.248.52.71 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),
Reverse DNS
Software
nginx /
Resource Hash
978b5bcc47cd4d83d30cd7f1730e66b1c410970b925d9ef70a719747c5bed376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kaiyunhml4.com/sheng.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 02:36:11 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 12:24:53 GMT
server
nginx
etag
W/"65fd7895-6da"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 23 Mar 2024 14:36:11 GMT
main.css
kaiyunhml4.com/static/css/ Frame 1C64 		101 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kaiyunhml4.com/static/css/main.css
Requested by
Host: kaiyunhml4.com
URL: https://kaiyunhml4.com/sheng.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.248.52.71 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),
Reverse DNS
Software
nginx /
Resource Hash
8d6da16661ff539f2de793d8a0e1ea8446ecf44cd966492954367e03b37251e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kaiyunhml4.com/sheng.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 02:36:11 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 15 Mar 2024 06:10:35 GMT
server
nginx
etag
W/"65f3e65b-193d3"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sat, 23 Mar 2024 14:36:11 GMT
56092.png
kaiyunhml4.com/static/picture/ Frame 1C64 		634 KB
635 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kaiyunhml4.com/static/picture/56092.png
Requested by
Host: kaiyunhml4.com
URL: https://kaiyunhml4.com/sheng.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.248.52.71 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),
Reverse DNS
Software
nginx /
Resource Hash
ba54c681fffdc24fefcf7a082975b690a96a07c7840c8ffe075d553c33b90a03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kaiyunhml4.com/sheng.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 02:36:12 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 13 Mar 2024 04:49:52 GMT
server
nginx
etag
"65f13070-9e854"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
649300
expires
Mon, 22 Apr 2024 02:36:12 GMT
3537.png
kaiyunhml4.com/static/picture/ Frame 1C64 		266 KB
267 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kaiyunhml4.com/static/picture/3537.png
Requested by
Host: kaiyunhml4.com
URL: https://kaiyunhml4.com/sheng.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.248.52.71 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),
Reverse DNS
Software
nginx /
Resource Hash
985f0a533226a09943a587b0bbee75b7e28bd809424b39e3277c36dda55e437c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kaiyunhml4.com/sheng.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 02:36:12 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 13 Mar 2024 04:31:52 GMT
server
nginx
etag
"65f12c38-428cc"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
272588
expires
Mon, 22 Apr 2024 02:36:12 GMT
aabbcc.webp
kaiyunhml4.com/static/picture/ Frame 1C64 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kaiyunhml4.com/static/picture/aabbcc.webp
Requested by
Host: kaiyunhml4.com
URL: https://kaiyunhml4.com/sheng.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.248.52.71 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),
Reverse DNS
Software
nginx /
Resource Hash
1178e34c0e5f57c066c7033d23faf47e1618e135eb6095f96fc7d5ff01772983
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kaiyunhml4.com/sheng.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 02:36:12 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 22 Mar 2024 06:22:07 GMT
server
nginx
etag
"65fd238f-7578"
content-type
image/webp
accept-ranges
bytes
content-length
30072
554118.png
kaiyunhml4.com/static/picture/ Frame 1C64 		262 KB
262 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kaiyunhml4.com/static/picture/554118.png
Requested by
Host: kaiyunhml4.com
URL: https://kaiyunhml4.com/sheng.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.248.52.71 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),
Reverse DNS
Software
nginx /
Resource Hash
e07b90d680a5c7ed33a49d2b772a0b48078c73aa3bc3ad5dadb818a30ddc9423
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kaiyunhml4.com/sheng.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 02:36:12 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 13 Mar 2024 04:34:45 GMT
server
nginx
etag
"65f12ce5-41751"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
268113
expires
Mon, 22 Apr 2024 02:36:12 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=382339422&si=e22acf98d81c75c740af9ba0b12e6214&v=1.3.0&lv=1&sn=42522&r=0&ww=1600&u=http%3A%2F%2Fpenkuoer.com%2F&tt=%E6%81%AD%E5%96%9C%E5%8F%91%E8%B4%A2
Requested by
Host: penkuoer.com
URL: http://penkuoer.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://penkuoer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Mar 2024 02:36:11 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
link.js
kaiyunhml4.com/ Frame 1C64 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kaiyunhml4.com/link.js?v=0.06729566574526702
Requested by
Host: kaiyunhml4.com
URL: https://kaiyunhml4.com/sheng.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.248.52.71 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),
Reverse DNS
Software
nginx /
Resource Hash
978b5bcc47cd4d83d30cd7f1730e66b1c410970b925d9ef70a719747c5bed376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kaiyunhml4.com/sheng.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 02:36:12 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 12:24:53 GMT
server
nginx
etag
W/"65fd7895-6da"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sat, 23 Mar 2024 14:36:12 GMT
1gqe4vv87
embed.tawk.to/63ff0e5431ebfa0fe7effb74/ Frame 1C64 		2 KB
929 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/63ff0e5431ebfa0fe7effb74/1gqe4vv87
Requested by
Host: kaiyunhml4.com
URL: https://kaiyunhml4.com/sheng.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17597e059fce80cf1498c741114b2fd7dece9ce93cf7cbc0e9e9cb1ef27a60d7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kaiyunhml4.com/
Origin
https://kaiyunhml4.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 02:36:12 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
server
cloudflare
etag
W/"stable-v4-65fa40e2e4e"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=3600
cf-ray
868b0851dfb85c80-FRA
alt-svc
h3=":443"; ma=86400
Background.png
kaiyunhml4.com/static/image/ Frame 1C64 		211 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kaiyunhml4.com/static/image/Background.png
Requested by
Host: kaiyunhml4.com
URL: https://kaiyunhml4.com/static/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.248.52.71 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),
Reverse DNS
Software
nginx /
Resource Hash
d2a73e393a37d81da87a9c40a079aab28916dfc13b371038f4aec702448d7331
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kaiyunhml4.com/static/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 02:36:12 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 24 Oct 2023 08:58:10 GMT
server
nginx
etag
"65378722-34d7c"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
216444
expires
Mon, 22 Apr 2024 02:36:12 GMT
caishen.png
kaiyunhml4.com/static/image/ Frame 1C64 		374 KB
374 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kaiyunhml4.com/static/image/caishen.png
Requested by
Host: kaiyunhml4.com
URL: https://kaiyunhml4.com/static/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.248.52.71 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),
Reverse DNS
Software
nginx /
Resource Hash
c23ba67ec742e06a516ce1ac447a084d3bd97b91504c3d1d451c638e14a26dae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kaiyunhml4.com/static/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 02:36:12 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 15 Mar 2024 06:12:20 GMT
server
nginx
etag
"65f3e6c4-5d765"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
382821
expires
Mon, 22 Apr 2024 02:36:12 GMT
PC%20Live@2x.af6e703d.png
kaiyunhml4.com/static/images/ Frame 1C64 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kaiyunhml4.com/static/images/PC%20Live@2x.af6e703d.png
Requested by
Host: kaiyunhml4.com
URL: https://kaiyunhml4.com/static/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.248.52.71 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),
Reverse DNS
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kaiyunhml4.com/static/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 02:36:12 GMT
server
nginx
content-length
548
content-type
text/html
kaiyunlogo.png
kaiyunhml4.com/static/image/ Frame 1C64 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kaiyunhml4.com/static/image/kaiyunlogo.png
Requested by
Host: kaiyunhml4.com
URL: https://kaiyunhml4.com/static/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.248.52.71 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),
Reverse DNS
Software
nginx /
Resource Hash
f2e2c1005c6f05e44fc9b3975dce2c4c66e11588f97073f1d7cb97024e2b418a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kaiyunhml4.com/static/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 02:36:12 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 24 Oct 2023 08:58:11 GMT
server
nginx
etag
"65378723-1de6f"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
122479
expires
Mon, 22 Apr 2024 02:36:12 GMT
hthlogo.png
kaiyunhml4.com/static/image/ Frame 1C64 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kaiyunhml4.com/static/image/hthlogo.png
Requested by
Host: kaiyunhml4.com
URL: https://kaiyunhml4.com/static/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.248.52.71 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),
Reverse DNS
Software
nginx /
Resource Hash
ae29d2dc7bec655b2990ba7974c509aecb708ac68fab00108dd30094d395103d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kaiyunhml4.com/static/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 02:36:12 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 24 Oct 2023 11:20:21 GMT
server
nginx
etag
"6537a875-1e2b"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7723
expires
Mon, 22 Apr 2024 02:36:12 GMT
sport-item-bg.png
kaiyunhml4.com/static/image/ Frame 1C64 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kaiyunhml4.com/static/image/sport-item-bg.png
Requested by
Host: kaiyunhml4.com
URL: https://kaiyunhml4.com/static/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.248.52.71 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),
Reverse DNS
Software
nginx /
Resource Hash
4895bd6a111f770353a2530ac1b9092f8ee261abd8e36553e329e6c319961f42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kaiyunhml4.com/static/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 02:36:12 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 24 Oct 2023 08:58:11 GMT
server
nginx
etag
"65378723-30e7"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12519
expires
Mon, 22 Apr 2024 02:36:12 GMT
nhacnammoi.mp3
kaiyunhml4.com/static/music/ Frame 1C64 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://kaiyunhml4.com/static/music/nhacnammoi.mp3
Requested by
Host: kaiyunhml4.com
URL: https://kaiyunhml4.com/sheng.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.248.52.71 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://kaiyunhml4.com/sheng.php
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 23 Mar 2024 02:36:12 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 23 Jan 2024 09:04:49 GMT
server
nginx
etag
"65af8131-2b856d"
content-type
audio/mpeg
Content-Range
bytes 0-2852204/2852205
Content-Length
2852205
twk-main.js
embed.tawk.to/_s/v4/app/65fa40e2e4e/js/ Frame 1C64 		121 B
183 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/63ff0e5431ebfa0fe7effb74/1gqe4vv87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kaiyunhml4.com/
Origin
https://kaiyunhml4.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 02:36:16 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
249859
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Mar 2024 01:50:59 GMT
server
cloudflare
etag
W/"da5bb1dc647470204df0e49f5afac2de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
868b086abe3f5c80-FRA
twk-vendor.js
embed.tawk.to/_s/v4/app/65fa40e2e4e/js/ Frame 1C64 		81 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/63ff0e5431ebfa0fe7effb74/1gqe4vv87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kaiyunhml4.com/
Origin
https://kaiyunhml4.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 02:36:16 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
249859
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Mar 2024 01:50:59 GMT
server
cloudflare
etag
W/"3b341e35b39f6195793ecaf5db7c1d63"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
868b086abe405c80-FRA
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/65fa40e2e4e/js/ Frame 1C64 		212 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/63ff0e5431ebfa0fe7effb74/1gqe4vv87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
972de8c5257c5c31f0ae45016595089022e4f82e766cec78fb40c997bfbac75f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kaiyunhml4.com/
Origin
https://kaiyunhml4.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 02:36:16 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
249859
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Mar 2024 01:50:59 GMT
server
cloudflare
etag
W/"1c73b4eb89bbe24ecf154b671ddbcafc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
868b086abe415c80-FRA
twk-chunk-common.js
embed.tawk.to/_s/v4/app/65fa40e2e4e/js/ Frame 1C64 		220 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/63ff0e5431ebfa0fe7effb74/1gqe4vv87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d2b31126e5ee8f2848c200f6ad4ff31aba960570d81e1855abbbaa381db267f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kaiyunhml4.com/
Origin
https://kaiyunhml4.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 02:36:16 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
249859
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Mar 2024 01:50:59 GMT
server
cloudflare
etag
W/"dd05e16ccd67642bbf9f50e843fc7a9e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
868b086ace425c80-FRA
twk-runtime.js
embed.tawk.to/_s/v4/app/65fa40e2e4e/js/ Frame 1C64 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/63ff0e5431ebfa0fe7effb74/1gqe4vv87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07fda090fab71f38c18a9046d8211a532cea02a7ac3ee18749e95a9a179dd1ba
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kaiyunhml4.com/
Origin
https://kaiyunhml4.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 02:36:16 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
249859
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Mar 2024 01:50:59 GMT
server
cloudflare
etag
W/"dd7354a75e9750bb1a380c0ff54e43d9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
868b086ace435c80-FRA
twk-app.js
embed.tawk.to/_s/v4/app/65fa40e2e4e/js/ Frame 1C64 		151 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/65fa40e2e4e/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/63ff0e5431ebfa0fe7effb74/1gqe4vv87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kaiyunhml4.com/
Origin
https://kaiyunhml4.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 02:36:16 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
249859
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Mar 2024 01:50:59 GMT
server
cloudflare
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
868b086ace445c80-FRA
widget-settings
va.tawk.to/v1/ Frame 1C64 		0
0
start
va.tawk.to/v1/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://kaiyunhml4.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://kaiyunhml4.com
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
868b086baeb85c80-FRA
date
Sat, 23 Mar 2024 02:36:16 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-f8lg
start
va.tawk.to/v1/session/ Frame 1C64 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
va.tawk.to
URL
https://va.tawk.to/v1/widget-settings?propertyId=63ff0e5431ebfa0fe7effb74&widgetId=1gqe4vv87&sv=null
Domain
va.tawk.to
URL
https://va.tawk.to/v1/session/start

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| div1 object| div boolean| is_mobi object| _hmt boolean| _bdhm_loaded_e22acf98d81c75c740af9ba0b12e6214 object| mini_tangram_log_s2sfgq

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 9635F726B49F8263
.penkuoer.com/ Name: Hm_lvt_e22acf98d81c75c740af9ba0b12e6214
Value: 1711161372
.penkuoer.com/ Name: Hm_lpvt_e22acf98d81c75c740af9ba0b12e6214
Value: 1711161372

4 Console Messages

Source Level URL
Text
network error URL: http://penkuoer.com/
Message:
Failed to load resource: the server responded with a status of 502 (Bad Gateway)
other warning URL: http://penkuoer.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://penkuoer.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://kaiyunhml4.com/static/images/PC%20Live@2x.af6e703d.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

embed.tawk.to
hm.baidu.com
kaiyunhml4.com
penkuoer.com
va.tawk.to
va.tawk.to
103.235.46.191
156.248.52.71
2606:4700:10::6816:1883
38.6.246.47
0740bb96b16b362ca1819b4f364cdc0a40578864a60a066230ca83d35739f73e
07fda090fab71f38c18a9046d8211a532cea02a7ac3ee18749e95a9a179dd1ba
1178e34c0e5f57c066c7033d23faf47e1618e135eb6095f96fc7d5ff01772983
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
17597e059fce80cf1498c741114b2fd7dece9ce93cf7cbc0e9e9cb1ef27a60d7
26e5b24c380e35ef89749d4d5a6d8760403d9d0b0d80f898041ddd46ba888504
4895bd6a111f770353a2530ac1b9092f8ee261abd8e36553e329e6c319961f42
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
7d2b31126e5ee8f2848c200f6ad4ff31aba960570d81e1855abbbaa381db267f
8d6da16661ff539f2de793d8a0e1ea8446ecf44cd966492954367e03b37251e0
972de8c5257c5c31f0ae45016595089022e4f82e766cec78fb40c997bfbac75f
978b5bcc47cd4d83d30cd7f1730e66b1c410970b925d9ef70a719747c5bed376
985f0a533226a09943a587b0bbee75b7e28bd809424b39e3277c36dda55e437c
ae29d2dc7bec655b2990ba7974c509aecb708ac68fab00108dd30094d395103d
ba54c681fffdc24fefcf7a082975b690a96a07c7840c8ffe075d553c33b90a03
c23ba67ec742e06a516ce1ac447a084d3bd97b91504c3d1d451c638e14a26dae
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2a73e393a37d81da87a9c40a079aab28916dfc13b371038f4aec702448d7331
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e07b90d680a5c7ed33a49d2b772a0b48078c73aa3bc3ad5dadb818a30ddc9423
f2e2c1005c6f05e44fc9b3975dce2c4c66e11588f97073f1d7cb97024e2b418a
f9a23e2dff5bf554123ca893e3b08c4901e18c97ec34677bfc5e94bfed2f1016
faa03194b24a188cbc7aa7fd05ffcca5cd1b410639e82a2f7453f761d0e9f70d