urlscan.io logo urlscan.io
SecurityTrails logo

h5.haikouzsyd.com Open in urlscan Pro
180.163.146.85  Public Scan

Go To Rescan Add Verdict Report
URL: https://h5.haikouzsyd.com/
Submission: On December 09 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 20 HTTP transactions. The main IP is 180.163.146.85, located in China and belongs to CHINANET-SH-AP China Telecom Group, CN. The main domain is h5.haikouzsyd.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on December 9th 2024. Valid for: 3 months.
This is the only time h5.haikouzsyd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 180.163.146.85 4812 (CHINANET-...)
2 2607:f8b0:400... 15169 (GOOGLE)
4 180.163.146.100 4812 (CHINANET-...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 38.175.45.13 139057 (LDPL-AS-A...)
2 220.181.128.165 23724 (CHINANET-...)
1 182.40.45.94 136195 (CHINATELE...)
1 220.181.128.164 ()
20 9
1    180.163.146.85 (China)

ASN4812 (CHINANET-SH-AP China Telecom Group, CN)
h5.haikouzsyd.com
2    2607:f8b0:4006:81f::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    180.163.146.100 (China)

ASN4812 (CHINANET-SH-AP China Telecom Group, CN)
static.jianyue668.com
h5.jianyue668.com
2    2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    38.175.45.13 (Elk Grove Village, United States)

ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG)
h5.vivo.com.cn
2    220.181.128.165 (China)

ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN)
h5sdk.vivo.com.cn
1    182.40.45.94 (Qingdao, China)

ASN136195 (CHINATELECOM-QINGDAO-CLOUDBASE Qingdao, Shandong Province, P.R.China., CN)
jits5.heytapdownload.com
1    220.181.128.164 (None, )

ASN- ()
single-h5sdk.vivo.com.cn
Domain Requested by
3 h5.jianyue668.com h5.haikouzsyd.com
2 h5sdk.vivo.com.cn static.jianyue668.com
h5.vivo.com.cn
2 www.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com h5.haikouzsyd.com
www.googletagmanager.com
1 single-h5sdk.vivo.com.cn h5sdk.vivo.com.cn
1 jits5.heytapdownload.com static.jianyue668.com
1 h5.vivo.com.cn static.jianyue668.com
h5.vivo.com.cn
1 static.jianyue668.com h5.haikouzsyd.com
1 h5.haikouzsyd.com
0 v2.thefatherofsalmon.com Failed
0 thefatherofsalmon.com Failed
0 app Failed static.jianyue668.com
0 cfg-stsdk.vivo.com.cn Failed h5sdk.vivo.com.cn
20 13

This site contains links to these domains. Also see Links.

Domain
xieyi.jianyue668.com
Subject Issuer Validity Valid
h5.haikouzsyd.com
Encryption Everywhere DV TLS CA - G2		 2024-12-09 -
2025-03-08		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
static.jianyue668.com
Encryption Everywhere DV TLS CA - G2		 2024-11-23 -
2025-02-20		 3 months crt.sh
h5.jianyue668.com
Encryption Everywhere DV TLS CA - G2		 2024-11-23 -
2025-02-20		 3 months crt.sh
*.vivo.com.cn
Secure Site CA G2		 2024-05-28 -
2025-06-28		 a year crt.sh
nearme.com.cn
GeoTrust CN RSA CA G1		 2024-06-21 -
2025-07-22		 a year crt.sh

This page contains 3 frames:

Frame: hap://app/com.xmlx.muguang/spa?channel_id=&QUICK_APP_ST_CHANNEL=&event_type=&page_url=&bookid=&dp_type=h5&platform_back=&pull_type=openquick-hap
Frame ID: CB39D28464D172AD9C38111D8F182C69
Requests: 18 HTTP requests in this frame

Frame: hap://app/com.xmlx.muguang/spa?channel_id=&QUICK_APP_ST_CHANNEL=&event_type=&page_url=&bookid=&dp_type=h5&platform_back=&pull_type=openquick-hap
Frame ID: 5798205378201F25359CD552947321E5
Requests: 1 HTTP requests in this frame

Frame: https://h5.vivo.com.cn/qa/ifrstats/router.html?iframeIndex=0&fontSize=23.70370&startTime=1733761653100&pkg=com.xmlx.muguang&jsid=44253449-0585-4de7-b852-97f35254206a
Frame ID: 2734B8328A456935EE3ABF6035E4C465
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

眠境之声

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

20
Requests

70 %
HTTPS

25 %
IPv6

8
Domains

13
Subdomains

9
IPs

2
Countries

425 kB
Transfer

817 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
h5.haikouzsyd.com/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h5.haikouzsyd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
180.163.146.85 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
Tengine /
Resource Hash
360c95ccc2df71fbd4b07429faafd47b779f8d3bb2595a2025424979bfa35fb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Age
0
Ali-Swift-Global-Savetime
1733761645
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3847
Content-Type
text/html
Date
Mon, 09 Dec 2024 16:27:25 GMT
ETag
W/"6743e39e-2ebe"
EagleId
b4a3921717337616449525103e
Last-Modified
Mon, 25 Nov 2024 02:40:30 GMT
Server
Tengine
Strict-Transport-Security
max-age=31536000
Timing-Allow-Origin
*
Vary
Accept-Encoding
Via
cache6.l2cn7831[111,123,304-0,H], cache44.l2cn7831[124,0], kunlun3.cn7174[165,166,200-0,H], kunlun3.cn7174[170,0]
X-Cache
HIT TCP_REFRESH_HIT dirn:9:261334853
X-Swift-CacheTime
60
X-Swift-SaveTime
Mon, 09 Dec 2024 16:27:25 GMT
gtm.js
www.googletagmanager.com/ 		213 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P4W4MFD6
Requested by
Host: h5.haikouzsyd.com
URL: https://h5.haikouzsyd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f736f2d3e7158be77fc673ef1224d8ad52dae5cc7feebbcafa6d9584ceb4b954
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://h5.haikouzsyd.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 09 Dec 2024 16:27:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 09 Dec 2024 16:27:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 09 Dec 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
76928
x-xss-protection
0
server
Google Tag Manager
qudao4.js
static.jianyue668.com/static/pull/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.jianyue668.com/static/pull/qudao4.js
Requested by
Host: h5.haikouzsyd.com
URL: https://h5.haikouzsyd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
180.163.146.100 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2f51c1dae71aa441a6fadc2c7eaa219dd5e65b14e2bfb0eb6410fd32faf7efd9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://h5.haikouzsyd.com/

Response headers

Content-Encoding
zstd
ETag
"1733746496.804156-34776-536744894:zstd"
Expires
Mon, 09 Dec 2024 16:28:30 GMT
X-Cache
MISS TCP_REFRESH_MISS dirn:11:87249091
Date
Mon, 09 Dec 2024 16:27:30 GMT
Last-Modified
Mon, 09 Dec 2024 12:14:56 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
Content-Disposition
inline; filename=qudao4.js
Cache-Control
max-age=60
X-Swift-CacheTime
60
Timing-Allow-Origin
*
Connection
keep-alive
Via
cache2.l2cn8045[196,196,200-0,M], cache24.l2cn8045[198,0], kunlun3.cn7174[1988,1988,200-0,M], kunlun3.cn7174[1990,0]
Ali-Swift-Global-Savetime
1733761650
X-Swift-SaveTime
Mon, 09 Dec 2024 16:27:30 GMT
Access-Control-Allow-Origin
*
EagleId
b4a3921717337616484918684e
Content-Length
12380
Server
Tengine
info.png
h5.jianyue668.com/static/img/sleep/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h5.jianyue668.com/static/img/sleep/info.png
Requested by
Host: h5.haikouzsyd.com
URL: https://h5.haikouzsyd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
180.163.146.100 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
Tengine /
Resource Hash
ee3e326fd6d422728d8d8268a31e224ccbd9b988223f1fc92721bd9ed17a555e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://h5.haikouzsyd.com/

Response headers

ETag
"6732f84c-5729"
Age
0
Expires
Wed, 08 Jan 2025 16:27:28 GMT
X-Cache
MISS TCP_MISS dirn:10:355004987
Date
Mon, 09 Dec 2024 16:27:28 GMT
Content-Type
image/png
Last-Modified
Tue, 12 Nov 2024 06:40:12 GMT
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Cache-Control
max-age=2592000
X-Swift-CacheTime
30
Timing-Allow-Origin
*
Connection
keep-alive
Via
cache43.l2cn3059[33,32,200-0,H], cache38.l2cn3059[34,0], kunlun10.cn7174[404,410,200-0,M], kunlun1.cn7174[429,0]
Ali-Swift-Global-Savetime
1733761648
X-Swift-SaveTime
Mon, 09 Dec 2024 16:27:28 GMT
Accept-Ranges
bytes
EagleId
b4a3921517337616484907694e
Content-Length
22313
Server
Tengine
app.png
h5.jianyue668.com/static/img/sleep/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h5.jianyue668.com/static/img/sleep/app.png
Requested by
Host: h5.haikouzsyd.com
URL: https://h5.haikouzsyd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
180.163.146.100 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
Tengine /
Resource Hash
25ffe98eb0ca4f9a2c2d030f018ae6f45311496830d850817bd2f6351efef8de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://h5.haikouzsyd.com/

Response headers

ETag
"6732f84c-7879"
Age
0
Expires
Wed, 08 Jan 2025 16:27:28 GMT
X-Cache
MISS TCP_MISS dirn:9:281151535
Date
Mon, 09 Dec 2024 16:27:28 GMT
Content-Type
image/png
Last-Modified
Tue, 12 Nov 2024 06:40:12 GMT
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Cache-Control
max-age=2592000
X-Swift-CacheTime
30
Timing-Allow-Origin
*
Connection
keep-alive
Via
cache35.l2cn7492[7,6,200-0,H], cache11.l2cn7492[8,0], kunlun10.cn7174[31,33,200-0,M], kunlun6.cn7174[36,0]
Ali-Swift-Global-Savetime
1733761648
X-Swift-SaveTime
Mon, 09 Dec 2024 16:27:28 GMT
Accept-Ranges
bytes
EagleId
b4a3921a17337616487546583e
Content-Length
30841
Server
Tengine
bg.png
h5.jianyue668.com/static/img/sleep/ 		137 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h5.jianyue668.com/static/img/sleep/bg.png
Requested by
Host: h5.haikouzsyd.com
URL: https://h5.haikouzsyd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
180.163.146.100 , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
Tengine /
Resource Hash
6f8cd9df931d46696a9522f5e678f56bf1e05c1da3e40bf71c907386d7204cee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://h5.haikouzsyd.com/

Response headers

ETag
"6732f84c-2235a"
Age
0
Expires
Wed, 08 Jan 2025 16:27:28 GMT
X-Cache
HIT TCP_REFRESH_HIT dirn:10:61961045
Date
Mon, 09 Dec 2024 16:27:28 GMT
Content-Type
image/png
Last-Modified
Tue, 12 Nov 2024 06:40:12 GMT
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Cache-Control
max-age=2592000
X-Swift-CacheTime
30
Timing-Allow-Origin
*
Connection
keep-alive
Via
cache51.l2cn3130[33,33,304-0,H], cache67.l2cn3130[35,0], kunlun3.cn7174[434,435,200-0,H], kunlun8.cn7174[437,0]
Ali-Swift-Global-Savetime
1733761648
X-Swift-SaveTime
Mon, 09 Dec 2024 16:27:28 GMT
Accept-Ranges
bytes
EagleId
b4a3921c17337616484905312e
Content-Length
140122
Server
Tengine
js
www.googletagmanager.com/gtag/ 		323 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2CQFDGKGS5&l=dataLayer&cx=c&gtm=45He4c40v9199160666za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4W4MFD6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e706815f3ff7230c0620de9ce3f35faf92b53f1e77f1af95b0116359ae0b4c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://h5.haikouzsyd.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 09 Dec 2024 16:27:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 09 Dec 2024 16:27:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109742
x-xss-protection
0
server
Google Tag Manager
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2CQFDGKGS5&gtm=45je4c40v9199171287z89199160666za200zb9199160666&_p=1733761645348&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=615951105.1733761646&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733761645&sct=1&seg=0&dl=https%3A%2F%2Fh5.haikouzsyd.com%2F&dt=%E7%9C%A0%E5%A2%83%E4%B9%8B%E5%A3%B0&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3958
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2CQFDGKGS5&l=dataLayer&cx=c&gtm=45He4c40v9199160666za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://h5.haikouzsyd.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://h5.haikouzsyd.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 09 Dec 2024 16:27:26 GMT
content-type
text/plain
server
Golfe2
router.min.js
h5.vivo.com.cn/qa/ifrstats/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h5.vivo.com.cn/qa/ifrstats/router.min.js
Requested by
Host: static.jianyue668.com
URL: https://static.jianyue668.com/static/pull/qudao4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.175.45.13 Elk Grove Village, United States, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG),
Reverse DNS
Software
nginx /
Resource Hash
c4e915961602df915327e3eb9ad4f092cb215f2307d0a2c708bdb3edc5bcae08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://h5.haikouzsyd.com/

Response headers

x-ser
i63260_c21843, i2103125_c25795, i1984075_c24029
cache-control
public, max-age=2592000
content-encoding
br
etag
W/"66ea0806-24d5"
access-control-allow-origin
*
x-cache
HIT from i1984075_c24029(cloudsvr)
date
Mon, 09 Dec 2024 16:27:32 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
server
nginx
last-modified
Tue, 17 Sep 2024 22:51:50 GMT
vivo-h5-sdk.js
h5sdk.vivo.com.cn/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h5sdk.vivo.com.cn/vivo-h5-sdk.js
Requested by
Host: static.jianyue668.com
URL: https://static.jianyue668.com/static/pull/qudao4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.181.128.165 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
f090c3f56d6ab3dbda4aadccecec2133f4ecf9e08e5610bf410c9349b6902cca
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://h5.haikouzsyd.com/

Response headers

ETag
"5fb1e236-25e8"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9704
Date
Mon, 09 Dec 2024 16:27:32 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/javascript; charset=utf-8
Last-Modified
Mon, 16 Nov 2020 02:21:42 GMT
Server
nginx
qa_router.min.js
jits5.heytapdownload.com/cms-jits-heytapmobi-com/iframe/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jits5.heytapdownload.com/cms-jits-heytapmobi-com/iframe/qa_router.min.js
Requested by
Host: static.jianyue668.com
URL: https://static.jianyue668.com/static/pull/qudao4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
182.40.45.94 Qingdao, China, ASN136195 (CHINATELECOM-QINGDAO-CLOUDBASE Qingdao, Shandong Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
96f4f8e2965f39b5b4226ffad51661590f45160516816d138b94e96da1b24350

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://h5.haikouzsyd.com/

Response headers

content-md5
Je3Eb5dmlDeW70BJ9bDtGg==
X-Reqid
-_EEADS4SSgYmg0Y
ETag
"25edc46f9766943796ef4049f5b0ed1a"
Age
550793
Request-Id
2d3c67571a74b6282c3caa1ebf936ab7
Ctl-Cache-Status
HIT from zj-jinhua3-ca24, HIT from sd-qingdao13-ca44
X-Uid
10075
Date
Mon, 09 Dec 2024 16:27:32 GMT
X-Bill
Tbl:cms-jits-heytapmobi-com;FileType:0
Content-Type
application/x-javascript
Last-Modified
Tue, 03 Dec 2024 07:26:22 GMT
Vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Connection
keep-alive
Content-Transfer-Encoding
binary
x-amz-request-id
-_EEADS4SSgYmg0Y
X-IP-Source
4cb2b356b598ca96d5297afa558bd372
Accept-Ranges
bytes
X-Log
redis.g/404;rs1.sel:1;rwro.get:1;redis.s;1s.gh;PFDS;S3APIv2:3
Content-Length
19049
Server
openresty
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2CQFDGKGS5&gtm=45je4c40v9199171287z89199160666za200zb9199160666&_p=1733761645348&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=615951105.1733761646&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sid=1733761645&sct=1&seg=0&dl=https%3A%2F%2Fh5.haikouzsyd.com%2F&dt=%E7%9C%A0%E5%A2%83%E4%B9%8B%E5%A3%B0&_s=2&tfd=8968
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2CQFDGKGS5&l=dataLayer&cx=c&gtm=45He4c40v9199160666za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://h5.haikouzsyd.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://h5.haikouzsyd.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 09 Dec 2024 16:27:30 GMT
content-type
text/plain
server
Golfe2
vivo-h5-sdk.js
h5sdk.vivo.com.cn/ 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://h5sdk.vivo.com.cn/vivo-h5-sdk.js
Requested by
Host: h5.vivo.com.cn
URL: https://h5.vivo.com.cn/qa/ifrstats/router.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
220.181.128.165 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
f090c3f56d6ab3dbda4aadccecec2133f4ecf9e08e5610bf410c9349b6902cca
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://h5.haikouzsyd.com/

Response headers

ETag
"5fb1e236-25e8"
Accept-Ranges
bytes
Content-Length
9704
Date
Mon, 09 Dec 2024 16:27:32 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/javascript; charset=utf-8
Last-Modified
Mon, 16 Nov 2020 02:21:42 GMT
Server
nginx
144_1600.json
cfg-stsdk.vivo.com.cn/ 		0
0
spa
app/com.xmlx.muguang/ Frame 5798 		0
0
spa
app/com.xmlx.muguang/ 		0
0
router.html
h5.vivo.com.cn/qa/ifrstats/ Frame 2734 		0
0
/
thefatherofsalmon.com/ 		0
0
/
v2.thefatherofsalmon.com/ 		0
0
reportSingle
single-h5sdk.vivo.com.cn/h5/ 		1 B
189 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://single-h5sdk.vivo.com.cn/h5/reportSingle?idList=00009%7C144&sdkversion=1600&appId=144&len=928
Requested by
Host: h5sdk.vivo.com.cn
URL: https://h5sdk.vivo.com.cn/vivo-h5-sdk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
220.181.128.164 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://h5.haikouzsyd.com/

Response headers

Content-Length
1
Date
Mon, 09 Dec 2024 16:27:34 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/plain; charset=utf-8
Server
nginx
Connection
keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cfg-stsdk.vivo.com.cn
URL
https://cfg-stsdk.vivo.com.cn/144_1600.json
Domain
app
URL
hap://app/com.xmlx.muguang/spa?channel_id=&QUICK_APP_ST_CHANNEL=&event_type=&page_url=&bookid=&dp_type=h5&platform_back=&pull_type=openquick-hap
Domain
app
URL
hap://app/com.xmlx.muguang/spa?channel_id=&QUICK_APP_ST_CHANNEL=&event_type=&page_url=&bookid=&dp_type=h5&platform_back=&pull_type=openquick-hap
Domain
h5.vivo.com.cn
URL
https://h5.vivo.com.cn/qa/ifrstats/router.html?iframeIndex=0&fontSize=23.70370&startTime=1733761653100&pkg=com.xmlx.muguang&jsid=44253449-0585-4de7-b852-97f35254206a
Domain
thefatherofsalmon.com
URL
https://thefatherofsalmon.com/?i=com.xmlx.muguang&p=spa&random=0.6064423653851982&a=clickid%3D%26qz_gdt%3D%26tid%3D%26logExtra%3D%26platform_back%3D%26event_type%3D%26pkg%3Dcom.xmlx.muguang%26page_url%3D%26channel%3D%26bookid%3D%26brand%3D%26channel_id%3D%26pull_type%3DclickData
Domain
v2.thefatherofsalmon.com
URL
https://v2.thefatherofsalmon.com/?i=com.xmlx.muguang&p=spa&random=0.6321086765772745&a=clickid%3D%26qz_gdt%3D%26tid%3D%26logExtra%3D%26platform_back%3D%26event_type%3D%26pkg%3Dcom.xmlx.muguang%26page_url%3D%26channel%3D%26bookid%3D%26brand%3D%26channel_id%3D%26pull_type%3DclickData

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer function| handleExposeEvent function| handleClickEvent object| pkgs function| set_back object| pkg_info function| showNotification object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal string| channel_id object| q123 string| ua function| getBrand function| isHuaweiFun function| isOppoFun function| isXiaomiFun function| isVivoFun object| paramNameList object| params object| paramsRes string| brand string| page_url number| totalJumpNum number| backPullNum number| maxIntervalCount number| intervalTime string| jumpToken function| entryButtonClick function| openquick function| changePullPkgs function| handleParams function| isAndroidFifteen function| isTen function| getSrcParam function| getParams function| checkBlack function| hapJump function| imageJump function| openOppoQuick function| quickApp function| createNavigateButtonDom function| loadScript function| loadTwoScripts string| vivoScriptUrl string| vivoSDKScriptUrl string| oppoScriptUrl object| htmlObserver function| routeToQuickapp function| isEnvSupportRouter object| e function| t object| vTgSDK function| appRouter function| installShortcut function| channelReady

2 Cookies

Domain/Path Name / Value
.haikouzsyd.com/ Name: _ga
Value: GA1.1.615951105.1733761646
.haikouzsyd.com/ Name: _ga_2CQFDGKGS5
Value: GS1.1.1733761645.1.0.1733761645.0.0.0

4 Console Messages

Source Level URL
Text
security warning URL: https://h5.haikouzsyd.com/
Message:
Mixed Content: The page at 'https://h5.haikouzsyd.com/' was loaded over HTTPS, but requested an insecure element 'http://thefatherofsalmon.com/?i=com.xmlx.muguang&p=spa&random=0.6064423653851982&a=clickid%3D%26qz_gdt%3D%26tid%3D%26logExtra%3D%26platform_back%3D%26event_type%3D%26pkg%3Dcom.xmlx.muguang%26page_url%3D%26channel%3D%26bookid%3D%26brand%3D%26channel_id%3D%26pull_type%3DclickData'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://h5.haikouzsyd.com/
Message:
Mixed Content: The page at 'https://h5.haikouzsyd.com/' was loaded over HTTPS, but requested an insecure element 'http://v2.thefatherofsalmon.com/?i=com.xmlx.muguang&p=spa&random=0.6321086765772745&a=clickid%3D%26qz_gdt%3D%26tid%3D%26logExtra%3D%26platform_back%3D%26event_type%3D%26pkg%3Dcom.xmlx.muguang%26page_url%3D%26channel%3D%26bookid%3D%26brand%3D%26channel_id%3D%26pull_type%3DclickData'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other error URL: https://h5.haikouzsyd.com/
Message:
Not allowed to launch 'hap://app/com.xmlx.muguang/spa?channel_id=&QUICK_APP_ST_CHANNEL=&event_type=&page_url=&bookid=&dp_type=h5&platform_back=&pull_type=openquick-hap' because a user gesture is required.
other error URL: https://h5.haikouzsyd.com/
Message:
Not allowed to launch 'hap://app/com.xmlx.muguang/spa?channel_id=&QUICK_APP_ST_CHANNEL=&event_type=&page_url=&bookid=&dp_type=h5&platform_back=&pull_type=openquick-hap' because a user gesture is required.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000