auth.hzywl.top Open in urlscan Pro
193.243.164.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://auth.hzywl.top/
Submission: On August 18 via automatic, source certstream-suspicious (August 18th 2021, 9:49:13 am UTC)

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 25 HTTP transactions. The main IP is 193.243.164.168, located in China and belongs to PEGTECHINC, US. The main domain is auth.hzywl.top.
TLS certificate: Issued by TrustAsia TLS RSA CA on May 24th 2020. Valid for: a year.

This is the only time auth.hzywl.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	193.243.164.168 193.243.164.168	54600 (PEGTECHINC) (PEGTECHINC)
1	2600:9000:219... 2600:9000:2190:9000:1d:80d9:9400:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2408:873d:201... 2408:873d:2010:6:2c::	140716 (UNICOM-JS...) (UNICOM-JSWX-IDC UNICOM JiangSu WuXi IDC network)
1	79.133.177.229 79.133.177.229	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	42.63.21.217 42.63.21.217	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
2	2a05:d018:183... 2a05:d018:183:5c00:ac7b:4482:a4c3:4c44	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20e... 2600:9000:20eb:3200:1:149e:16c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	47.95.165.133 47.95.165.133	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
25	7

16 193.243.164.168 (China)

ASN54600 (PEGTECHINC, US)

auth.hzywl.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:9000:1d:80d9:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)

lib.baomitu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2408:873d:2010:6:2c:: (China) 1 redirects

ASN140716 (UNICOM-JSWX-IDC UNICOM JiangSu WuXi IDC network, CN)

api.ixiaowai.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.133.177.229 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

tva4.sinaimg.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 42.63.21.217 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

cdn.bootcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:183:5c00:ac7b:4482:a4c3:4c44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

api.geetest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:3200:1:149e:16c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.geetest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.95.165.133 (Beijing, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

monitor.geetest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	hzywl.top auth.hzywl.top	72 KB
5	geetest.com api.geetest.com static.geetest.com monitor.geetest.com	101 KB
2	bootcdn.net cdn.bootcdn.net	17 KB
1	sinaimg.cn tva4.sinaimg.cn	616 KB
1	ixiaowai.cn 1 redirects api.ixiaowai.cn	244 B
1	baomitu.com lib.baomitu.com	95 KB
25	6

	Domain	Requested by
16	auth.hzywl.top	auth.hzywl.top lib.baomitu.com
2	static.geetest.com	auth.hzywl.top static.geetest.com
2	api.geetest.com	auth.hzywl.top static.geetest.com
2	cdn.bootcdn.net	lib.baomitu.com
1	monitor.geetest.com	static.geetest.com
1	tva4.sinaimg.cn	auth.hzywl.top
1	api.ixiaowai.cn	1 redirects
1	lib.baomitu.com	auth.hzywl.top
25	8

This site contains no links.

Subject Issuer	Validity	Valid
fh.360v.club TrustAsia TLS RSA CA	`2020-05-24` - `2021-05-25`	a year	crt.sh
*.baomitu.com WoTrus OV SSL CA	`2020-02-12` - `2022-05-12`	2 years	crt.sh
sina.cn GeoTrust CN RSA CA G1	`2020-11-30` - `2021-12-31`	a year	crt.sh
*.bootcdn.net R3	`2021-07-30` - `2021-10-28`	3 months	crt.sh
*.geetest.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-01-28` - `2022-01-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://auth.hzywl.top/
Frame ID: C4530241FA121D65E777A58D9AAB7333
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

25
Requests

36 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

7
IPs

4
Countries

901 kB
Transfer

1470 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://api.ixiaowai.cn/api/api.php HTTP 302
https://tva4.sinaimg.cn/large/0072Vf1pgy1foxlnmr18gj31hc0u01ar.jpg

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
auth.hzywl.top/ 43 KB
7 KB 2710ms
608ms Document
text/html 193.243.164.168
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.hzywl.top/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.243.164.168 , China, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: c73ad2fdbc6fc570d0545d3e076be6d9ff09501a6228efa1eb901550e02d46b3

Request headers

Host: auth.hzywl.top
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: kangle/3.5
Date: Wed, 18 Aug 2021 09:48:51 GMT
Content-Encoding: br
Set-Cookie: PHPSESSID=33acea1eb061c6c87e7a39c37cb80ecf; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-type: text/html; charset=UTF-8
X-Cache: MISS from æžœæžœäº’è”
Transfer-Encoding: chunked

GET
H/1.1 200
OK layui.css
auth.hzywl.top/assets/libs/layui/css/ 73 KB
13 KB 355ms
354ms Stylesheet
text/css 193.243.164.168
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.hzywl.top/assets/libs/layui/css/layui.css
Requested by: Host: auth.hzywl.top
URL: https://auth.hzywl.top/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.243.164.168 , China, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 48e8896d9b89ae094dd86fbd19f6e929d5f1cee6efa658075bc75d2ed38772a6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.hzywl.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://auth.hzywl.top/
Cookie: PHPSESSID=33acea1eb061c6c87e7a39c37cb80ecf
Connection: keep-alive
Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 09:48:51 GMT
Content-Encoding: br
Last-Modified: Wed, 19 Aug 2020 04:57:56 GMT
Server: kangle/3.5
Content-Length: 13210
X-Cache: HIT from ææäºè
Content-Type: text/css

GET
H/1.1 200
OK admin.css
auth.hzywl.top/assets/module/ 96 KB
11 KB 618ms
254ms Stylesheet
text/css 193.243.164.168
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.hzywl.top/assets/module/admin.css?v=318
Requested by: Host: auth.hzywl.top
URL: https://auth.hzywl.top/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.243.164.168 , China, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 7a7f46163fa812585d8dbaa17f9b3493fc7d73a28af56d3ecb30efbe43bba16c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.hzywl.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://auth.hzywl.top/
Cookie: PHPSESSID=33acea1eb061c6c87e7a39c37cb80ecf
Connection: keep-alive
Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 09:48:52 GMT
Content-Encoding: br
Last-Modified: Thu, 27 Aug 2020 12:28:46 GMT
Server: kangle/3.5
Content-Length: 11451
X-Cache: HIT from ææäºè
Content-Type: text/css

GET
H/1.1 200
OK login.css
auth.hzywl.top/assets/layuiadmin/style/ 3 KB
1017 B 711ms
340ms Stylesheet
text/css 193.243.164.168
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.hzywl.top/assets/layuiadmin/style/login.css
Requested by: Host: auth.hzywl.top
URL: https://auth.hzywl.top/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.243.164.168 , China, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: dfd12d22cfbd7e47042db67b5e6915cc202ce05ac602a295bd7979c39771ee13

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.hzywl.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://auth.hzywl.top/
Cookie: PHPSESSID=33acea1eb061c6c87e7a39c37cb80ecf
Connection: keep-alive
Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 09:48:52 GMT
Content-Encoding: br
Last-Modified: Wed, 30 Oct 2019 13:23:48 GMT
Server: kangle/3.5
Content-Length: 796
X-Cache: HIT from ææäºè
Content-Type: text/css

GET
H2 200 jquery.min.js Show response
lib.baomitu.com/jquery/1.12.4/ 95 KB
95 KB 545ms
12ms Script
application/javascript 2600:9000:2190:9000:1d:80d9:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.baomitu.com/jquery/1.12.4/jquery.min.js
Requested by: Host: auth.hzywl.top
URL: https://auth.hzywl.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:9000:1d:80d9:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 05:24:31 GMT
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-qstatic-hit: 1
kcs-via: HIT from w-fc02.lato;MISS from w-sc02.hkht
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
age: 2089461
etag: W/"2956bd8c5b5c9fdf"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: cIYgg7dGtxoG_qzNdpaaNPPaHLVd1mTyDkimHWmvad6ijD8IRL6blw==
expires: Wed, 23 Jul 2031 05:24:31 GMT

GET
H/1.1 200
OK SF_music.js Show response
auth.hzywl.top/assets/js/ 1 KB
761 B 722ms
340ms Script
application/x-javascript 193.243.164.168
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.hzywl.top/assets/js/SF_music.js
Requested by: Host: auth.hzywl.top
URL: https://auth.hzywl.top/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.243.164.168 , China, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 15646c4b6f31f8ea94d1cbf7d8ac0d50a1f0ac75cc46c19ea0fa04c4928ec489

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.hzywl.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://auth.hzywl.top/
Cookie: PHPSESSID=33acea1eb061c6c87e7a39c37cb80ecf
Connection: keep-alive
Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 09:48:52 GMT
Content-Encoding: br
Last-Modified: Thu, 10 Dec 2020 23:44:18 GMT
Server: kangle/3.5
Transfer-Encoding: chunked
X-Cache: MISS from ææäºè
Content-Type: application/x-javascript

GET
H/1.1 200
OK gt.js Show response
auth.hzywl.top/assets/js/ 9 KB
2 KB 627ms
233ms Script
application/x-javascript 193.243.164.168
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.hzywl.top/assets/js/gt.js
Requested by: Host: auth.hzywl.top
URL: https://auth.hzywl.top/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.243.164.168 , China, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: add1840190041b98d2c3facdfc43ac873a2e7c759fe62034e5d984172acee5bb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.hzywl.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://auth.hzywl.top/
Cookie: PHPSESSID=33acea1eb061c6c87e7a39c37cb80ecf
Connection: keep-alive
Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 09:48:52 GMT
Content-Encoding: br
Last-Modified: Wed, 05 Jun 2019 14:04:00 GMT
Server: kangle/3.5
Content-Length: 2195
X-Cache: HIT from ææäºè
Content-Type: application/x-javascript

GET
H/1.1 200
OK layui.js Show response
auth.hzywl.top/assets/libs/layui/ 7 KB
3 KB 616ms
222ms Script
application/x-javascript 193.243.164.168
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.hzywl.top/assets/libs/layui/layui.js
Requested by: Host: auth.hzywl.top
URL: https://auth.hzywl.top/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.243.164.168 , China, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 91ffac1a9d64f3dae4e8091b4feea25981e750d279cb71491b25dc24b33ecaf2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.hzywl.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://auth.hzywl.top/
Cookie: PHPSESSID=33acea1eb061c6c87e7a39c37cb80ecf
Connection: keep-alive
Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 09:48:52 GMT
Content-Encoding: br
Last-Modified: Sat, 18 Jan 2020 07:53:18 GMT
Server: kangle/3.5
Content-Length: 2923
X-Cache: HIT from ææäºè
Content-Type: application/x-javascript

GET
H/1.1 200
OK common.js Show response
auth.hzywl.top/assets/js/ 1 KB
975 B 624ms
227ms Script
application/x-javascript 193.243.164.168
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.hzywl.top/assets/js/common.js?v=318
Requested by: Host: auth.hzywl.top
URL: https://auth.hzywl.top/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.243.164.168 , China, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: c38a32f8daeb2311aeabe3f07c338f7888d1344374b881223b72b6f5b750a71d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.hzywl.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://auth.hzywl.top/
Cookie: PHPSESSID=33acea1eb061c6c87e7a39c37cb80ecf
Connection: keep-alive
Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 09:48:52 GMT
Content-Encoding: br
Last-Modified: Tue, 16 Mar 2021 10:04:34 GMT
Server: kangle/3.5
Content-Length: 738
X-Cache: HIT from ææäºè
Content-Type: application/x-javascript

GET
H2

200

0072Vf1pgy1foxlnmr18gj31hc0u01ar.jpg
tva4.sinaimg.cn/large/
Redirect Chain

https://api.ixiaowai.cn/api/api.php
https://tva4.sinaimg.cn/large/0072Vf1pgy1foxlnmr18gj31hc0u01ar.jpg

615 KB
616 KB

507ms
404ms

Image
image/jpeg

79.133.177.229
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tva4.sinaimg.cn/large/0072Vf1pgy1foxlnmr18gj31hc0u01ar.jpg
Requested by: Host: auth.hzywl.top
URL: https://auth.hzywl.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.133.177.229 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: fdff42a4b829d3780a0ca46811a095aab20170d4ed4f30502818ea5a25b6c0fd

Request headers

Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 22:58:57 GMT
via: http/1.1 ctc.qingdao.union.63 (ApacheTrafficServer/6.2.1 [cMsSfW]), cache8.l2ot7-1[0,24,304-0,H], cache39.l2ot7-1[25,0], cache13.de3[323,345,200-0,H], cache13.de3[346,0]
age: 211797
x-via-edge: 16290683373471c71fe2ff406f98c1d22dab2
lb_header: ssl.34.wbg2.shx.lb.sinanode.com
x-cache: HIT TCP_REFRESH_HIT dirn:6:1887488887
x-swift-cachetime: 864000, 652203
x-swift-savetime: Sat, 05 Jun 2021 07:15:39 GMT, Wed, 18 Aug 2021 09:48:54 GMT
x-uidblock-version: 7397
x-via-cdn: f=alicdn,s=cache13.de3,c=185.236.42.83;f=alicdn,s=cache39.l2ot7-1,c=79.133.177.161;f=edge,s=ctc.qingdao.union.67.nb.sinaedge.com,c=47.254.113.28;f=Edge,s=ctc.qingdao.union.63,c=140.249.5.67
x-request-id: g2.189-1628203226.899000-3758407760
pragma: public
edge-copy-time: 1628203227243
last-modified: Mon, 08 Jul 2013 18:06:40 GMT
server: Tengine
ali-swift-global-savetime: 1629068337
content-type: image/jpeg
cache-control: max-age=864000
access-control-allow-credentials: true
x-debug-hit: sto(629300,0.120)
x-ban: miss,7397, MISS,7295
content-length: 629300
timing-allow-origin: *
eagleid: 4f85b1a116292801346038900e
expires: Wed, 25 Aug 2021 22:58:57 GMT

Redirect headers

date: Wed, 18 Aug 2021 09:48:53 GMT
x-cache-lookup: Cache Miss
x-nws-uuid-verify: 8faf7574d2fbf6aa2dd1bf99257a8960
server: nginx
content-type: text/html; charset=UTF-8
location: https://tva4.sinaimg.cn/large/0072Vf1pgy1foxlnmr18gj31hc0u01ar.jpg
cache-control: no-cache
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 17693305792728479818

GET
H2 200 APlayer.min.css
cdn.bootcdn.net/ajax/libs/aplayer/1.10.1/ 12 KB
3 KB 3021ms
219ms Stylesheet
text/css 42.63.21.217
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bootcdn.net/ajax/libs/aplayer/1.10.1/APlayer.min.css

Requested by

Host: lib.baomitu.com
URL: https://lib.baomitu.com/jquery/1.12.4/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

42.63.21.217 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),

Reverse DNS

Software

NWS_TCloud_static_msoc2 /

Resource Hash

baa4101a70dc9912af84ac1ce559b85d3d46436a15eadd54d0d47637db55f814

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 01:14:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158069
x-cache-lookup: Cache Hit
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2537
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:05:50 GMT
server: NWS_TCloud_static_msoc2
cf-cdnjs-via: cfworker/kv
etag: W/"5eb03d5e-30f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xK98iLRZIWUGT0117Hd3yo7NXCXgd88kHutWt4iLIvT0gjeDLY%2FPYDZBWhrAlCzerqZ9NY4DDTuJSNh9mjlQI%2BqTQv8f6Ur0UqxhbH183qwA0id%2FWPmd90jwFFp50sEsxuQIqtkH"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 15924333681228997899
accept-ranges: bytes
cf-ray: 67eec33a7f325377-LAX
expires: Mon, 08 Aug 2022 01:14:08 GMT

GET
H2 200 APlayer.min.js Show response
cdn.bootcdn.net/ajax/libs/aplayer/1.10.1/ 58 KB
14 KB 3020ms
219ms Script
application/javascript 42.63.21.217
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bootcdn.net/ajax/libs/aplayer/1.10.1/APlayer.min.js?_=1629280132468

Requested by

Host: lib.baomitu.com
URL: https://lib.baomitu.com/jquery/1.12.4/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

42.63.21.217 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),

Reverse DNS

Software

NWS_TCloud_static_msoc2 /

Resource Hash

e98ec22436a5b6878d824f997ed8020fd8cb8261afe31294a3c9d0d07800c15a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 02:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1374304
x-cache-lookup: Cache Hit
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13791
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:05:50 GMT
server: NWS_TCloud_static_msoc2
cf-cdnjs-via: cfworker/kv
etag: W/"5eb03d5e-e7bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BXqslM28Yf6M58FU%2B3%2FDXMLHr%2BgSG%2F3YSvQ0Uw0s2Wi8w9uZS1Q29nEF%2BpyLEpTfMJ51rSYiCXEgnXBCBJ6jspRxAXr4MhOZD423ymxafB2TTsyc%2BHIS9W9zMcVHH%2F%2B7lt3elJF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 18204176875884088744
accept-ranges: bytes
cf-ray: 67dcc0cd88e0051b-LAX
expires: Mon, 08 Aug 2022 02:43:25 GMT

GET
H/1.1 200
OK layer.js Show response
auth.hzywl.top/assets/libs/layui/lay/modules/ 22 KB
7 KB 231ms
231ms Script
application/x-javascript 193.243.164.168
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.hzywl.top/assets/libs/layui/lay/modules/layer.js?v=318
Requested by: Host: auth.hzywl.top
URL: https://auth.hzywl.top/assets/libs/layui/layui.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.243.164.168 , China, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 2aa83aee413f9b91a2dcc536cfd6acd6e44b3fcdb59c26586e32d083396a8db5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.hzywl.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://auth.hzywl.top/
Cookie: PHPSESSID=33acea1eb061c6c87e7a39c37cb80ecf
Connection: keep-alive
Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 09:48:52 GMT
Content-Encoding: br
Last-Modified: Sat, 18 Jan 2020 07:53:20 GMT
Server: kangle/3.5
Content-Length: 7217
X-Cache: HIT from ææäºè
Content-Type: application/x-javascript

GET
H/1.1 200
OK index.js Show response
auth.hzywl.top/assets/module/ 8 KB
3 KB 187ms
186ms Script
application/x-javascript 193.243.164.168
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.hzywl.top/assets/module/index.js?v=318
Requested by: Host: auth.hzywl.top
URL: https://auth.hzywl.top/assets/libs/layui/layui.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.243.164.168 , China, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: a9232726bb2de6df0e6b18cc93c4071e84e33ef172fa27972999a8c17cf37acc

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.hzywl.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://auth.hzywl.top/
Cookie: PHPSESSID=33acea1eb061c6c87e7a39c37cb80ecf
Connection: keep-alive
Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 09:48:52 GMT
Content-Encoding: br
Last-Modified: Mon, 04 May 2020 02:50:22 GMT
Server: kangle/3.5
Content-Length: 2680
X-Cache: HIT from ææäºè
Content-Type: application/x-javascript

GET
H/1.1 200
OK form.js Show response
auth.hzywl.top/assets/libs/layui/lay/modules/ 9 KB
4 KB 197ms
196ms Script
application/x-javascript 193.243.164.168
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.hzywl.top/assets/libs/layui/lay/modules/form.js?v=318
Requested by: Host: auth.hzywl.top
URL: https://auth.hzywl.top/assets/libs/layui/layui.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.243.164.168 , China, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 431ff3f49bdf257fba233f0ce45629eb247146487aabcd8d70e4109209b67fb8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.hzywl.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://auth.hzywl.top/
Cookie: PHPSESSID=33acea1eb061c6c87e7a39c37cb80ecf
Connection: keep-alive
Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 09:48:52 GMT
Content-Encoding: br
Last-Modified: Sat, 18 Jan 2020 07:53:20 GMT
Server: kangle/3.5
Content-Length: 3595
X-Cache: HIT from ææäºè
Content-Type: application/x-javascript

GET
H/1.1 200
OK Cookie set ajax.php Show response
auth.hzywl.top/user/ 116 B
536 B 1798ms
1797ms XHR
application/json 193.243.164.168
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.hzywl.top/user/ajax.php?act=captcha&t=1629280132523
Requested by: Host: lib.baomitu.com
URL: https://lib.baomitu.com/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.243.164.168 , China, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 1eda9fa8691406cdb54a0498ab989d305af08c6b41288fb0f35924ad88fdadc8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.hzywl.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: PHPSESSID=33acea1eb061c6c87e7a39c37cb80ecf
Connection: keep-alive
Referer: https://auth.hzywl.top/
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://auth.hzywl.top/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 09:48:54 GMT
Server: kangle/3.5
Transfer-Encoding: chunked
X-Cache: MISS from ææäºè
Content-Type: application/json; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Set-Cookie: mysid=69e32457178f6ab732b6f54446a62bd9; expires=Wed, 25-Aug-2021 09:48:53 GMT; Max-Age=604800; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK layer.css
auth.hzywl.top/assets/libs/layui/css/modules/layer/default/ 14 KB
3 KB 241ms
240ms Stylesheet
text/css 193.243.164.168
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.hzywl.top/assets/libs/layui/css/modules/layer/default/layer.css?v=3.1.1
Requested by: Host: auth.hzywl.top
URL: https://auth.hzywl.top/assets/libs/layui/layui.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.243.164.168 , China, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: ba2baf1bb08b0bff57cce75934bab7768c52567bf389479bed787004ae6e653b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.hzywl.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://auth.hzywl.top/
Cookie: PHPSESSID=33acea1eb061c6c87e7a39c37cb80ecf
Connection: keep-alive
Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 09:48:52 GMT
Content-Encoding: br
Last-Modified: Sat, 18 Jan 2020 07:53:18 GMT
Server: kangle/3.5
Content-Length: 2661
X-Cache: HIT from ææäºè
Content-Type: text/css

GET
H/1.1 200
OK admin.js Show response
auth.hzywl.top/assets/module/ 41 KB
12 KB 338ms
338ms Script
application/x-javascript 193.243.164.168
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.hzywl.top/assets/module/admin.js?v=318
Requested by: Host: auth.hzywl.top
URL: https://auth.hzywl.top/assets/libs/layui/layui.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.243.164.168 , China, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 55ccd1873149a6a0a7ec18c6cf4159ee0fe6e77fd6ad4971b423f4770d1a974a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.hzywl.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://auth.hzywl.top/
Cookie: PHPSESSID=33acea1eb061c6c87e7a39c37cb80ecf
Connection: keep-alive
Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 09:48:52 GMT
Content-Encoding: br
Last-Modified: Mon, 22 Mar 2021 04:03:30 GMT
Server: kangle/3.5
Content-Length: 11978
X-Cache: HIT from ææäºè
Content-Type: application/x-javascript

GET
H/1.1 200
OK element.js Show response
auth.hzywl.top/assets/libs/layui/lay/modules/ 7 KB
3 KB 285ms
285ms Script
application/x-javascript 193.243.164.168
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.hzywl.top/assets/libs/layui/lay/modules/element.js?v=318
Requested by: Host: auth.hzywl.top
URL: https://auth.hzywl.top/assets/libs/layui/layui.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.243.164.168 , China, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 763c30063a00b2698ab3aa17948b5008a33d477fd7dfd45f11f3d4a49e29b73c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.hzywl.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://auth.hzywl.top/
Cookie: PHPSESSID=33acea1eb061c6c87e7a39c37cb80ecf
Connection: keep-alive
Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 09:48:52 GMT
Content-Encoding: br
Last-Modified: Sat, 18 Jan 2020 07:53:18 GMT
Server: kangle/3.5
Content-Length: 2369
X-Cache: HIT from ææäºè
Content-Type: application/x-javascript

GET
H2 200 gettype.php Show response
api.geetest.com/ 515 B
785 B 355ms
293ms Script
text/javascript 2a05:d018:183:5c00:ac7b:4482:a4c3:4c44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.geetest.com/gettype.php?gt=203c9ad927d8c8677ea659d07bf107d8&callback=geetest_1629280143303
Requested by: Host: auth.hzywl.top
URL: https://auth.hzywl.top/assets/js/gt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:183:5c00:ac7b:4482:a4c3:4c44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 6f37e58c00bcefa708b6bf9bd43b7f2af480708c18dd38ce5c6d2fd6b09e65c9

Request headers

Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 09:48:54 GMT
server: openresty
etag: "4f023494b795d41cdeaf19688d6e85015066a8dc"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-length: 515
expires: 0

GET
H2 200 fullpage.9.0.7.js Show response
static.geetest.com/static/js/ 313 KB
93 KB 53ms
14ms Script
application/javascript 2600:9000:20eb:3200:1:149e:16c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.geetest.com/static/js/fullpage.9.0.7.js
Requested by: Host: auth.hzywl.top
URL: https://auth.hzywl.top/assets/js/gt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3200:1:149e:16c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: dc4c16d1855a221cee1dba0a0e13ca39177e61a4446a3ba4ebfb0965094f5830

Request headers

Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 20:25:41 GMT
content-encoding: gzip
x-oss-request-id: 611978301692FC3231150988
content-md5: W9Mz+PxuGlIZh8ynP/4W1A==
age: 48214
x-cache: Hit from cloudfront
x-oss-object-type: Normal
last-modified: Mon, 28 Jun 2021 01:47:13 GMT
server: AliyunOSS
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-oss-storage-class: Standard
x-amz-cf-pop: FRA2-C1
x-oss-hash-crc64ecma: 6988515106857491445
x-amz-cf-id: OPVU-VWkBP5BpaeWJurlqgJNehNRm1qx2nGKP7tei8pj2vzdwBFy5A==
x-oss-server-time: 1
expires: Thu, 24 Jun 2021 07:38:48 GMT

GET
H2 200 get.php Show response
api.geetest.com/ 1 KB
2 KB 304ms
298ms Script
text/javascript 2a05:d018:183:5c00:ac7b:4482:a4c3:4c44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.geetest.com/get.php?gt=203c9ad927d8c8677ea659d07bf107d8&challenge=2355d6d21581ce42a6d0edf4dca46640&lang=zh-cn&pt=0&client_type=web&w=J50U3TV8hgglHhVufWuzROh2mnxeAbCy2HQxkL6KFBhT2(XzQlF6G6QOyrqpnTh2bcptrIf0Olwydoa5jAvvnVWVms1xKiEQWWVUXeVRYVdNU9UIQPkULGl9KUrYBGHpZHqU(BCoztbf55d9pQY3eI1awqhK4ctE4KRjtZ0ndPa4hqpoL(1nBIbnUCveeh)YcZI0tWzR(TMd)O)gapoyKCHAwR)VyqD8)ozKRcxPz9cJOl1IempnLUUwIClUdJUwL1XwhAW48NIihrDE691OdPK4giAGXGKhKU9B1LazupZU0DpzW7ZbF3VwPXeRYR11XaOyuUGOR2kYYy6f4e9p)FhWb50XiqPza4L9pv)lzWjnpBH(esZNgFcTvGbt0z(CwzTuXoeT9g2Sw5YjmyaUCt3r0xmyUcIPwlepgTOG5PW9p4Iz)2Tsw0EMKTvqvp73XPFHh5mdhSNovOxv2Cq4rgMvYztc5CirEOg)pO3q37HQwr1l2lg0oq6rsvmN)p09BXMo5)Ktf)Br5jhuuNyyxDVIxLF99)KGYrpo4IMjHXnO38CimsavtWm(XFVxSQgF5ymi0muRPsXvenc)CfY3bOGocMGQjRN4k03tM1i3vimyGTEbQiufAfwBh8UeNEfECS)BtH2igCcxLlpOTV(ZMAm2usQ5QTCwIw3aYsoFZUH69CWWFptWWedemTb4odw3D9OeFVfQ4(YM2GIeocdS3j4rbD8X9Ru)6cPca41CO7j()(qaKCuIZW4MiU3nTMGCKn2mxN2gJAiGRlxpawsd02DFlaQ(NDvIK1GhNesfl9Bq2LOjk0T7H0EhBB5n57gS4cvxqYprnOl()0bcRsXVaMr(79FRTfU9kplIv0jnDmzJpZQAFayhgvrPg4RNsFaXA9Gy7v15AFcliwW11uuMADEgpwoklK7F6S8KbFsp7kNukR0iShrMuWaGrD2epDMZnvH038hurIKae1GlpIZxAU1OxRUzulKetzEmZxp9wPN9Y4I)XEqZbUnbKfJ7xZs30)69coxItOXaawITuEQnnBkZU8CnhTKlbyby5RpgEBMpqmrcIlBLwlmYO(06Z2DeG)zLh7BNbbaBu5XVGCigIoo8t(4qzNunHeMtUA9h3B)RHpvYCehRAXmJQLvJcqdJdJqms6uAj7FYZ4NRR9fN0vMZuYbWJZQaBsms3Aet8ZEB5v(XfjVYYyzOqCd9pGiVTbgKcMQvvnXDScVbgWBEmn0G1FKoW8aSqjs2977Ao8UWOFe7xoE2PTdrXhZWIxq3eiOLwakjgsgmvOB41cuBGjphlpcnLKDvZGybsM(XJ5lVFkjvjJWrrIkPAXSLeLKVX6Ko(TtR8F98KkyGHHIL5j1wi7W1taQGMxBNwNE9CClfzd3VYojWEQah(Gks7pgqvxtC6Nu10o91(RlttKpyolGvTUwsd5XDbTqW)BrxWTybkUQ95t4oG1)THPnigm8ygMaJn9IkivWUc0GBgVyrbDUY4WDDcM0S4ocP(dD1eGYUGQV3ZogKi8omnLXgIgXPe8r2Kws3ayyaGskAzqcy8qBft2EKED2lYrTLHLcI82ZBmmsVIugvg4pqZUftrGLPbBgHv3Vecd(UZ5qKqALGDHl))Ip0PQne8mZkZADL(0hU4mQmO3L9l9dk9vpabTNDChTHbzob0x2jCW4aaBMY)ZJA2GEJ(VGXXY4gCkX5sWo.145fc2da8518c258a0cbd8635a371158c8ec6a15b43019fbc7520ce8cc04255927e37cac71d288ecf8956f9ab8c792d2817dd0ab773f5228c0c5607f695d13d9eaa003d5505023ce5c37aeca39896c6ad49b6e4cf434aedd31a84e30066b5c85c2a514ceb4d9f9d4147c7cfd0db92d86b0458d11bdce0b12b7de38a9f7346c0c&callback=geetest_1629280141276
Requested by: Host: static.geetest.com
URL: https://static.geetest.com/static/js/fullpage.9.0.7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:183:5c00:ac7b:4482:a4c3:4c44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: dd2047228188b4fb557c2f44a0d6e3c6b357dfc4fa72d80620cce872cd7bd5cf

Request headers

Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 09:48:55 GMT
server: openresty
etag: "dbe15bcd34c000dff16d1c3c7143b02aa0f52c67"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-length: 1273
expires: 0

GET
H2 200 style_https.1.5.8.css
static.geetest.com/static/wind/ 40 KB
5 KB 13ms
12ms Stylesheet
text/css 2600:9000:20eb:3200:1:149e:16c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.geetest.com/static/wind/style_https.1.5.8.css
Requested by: Host: static.geetest.com
URL: https://static.geetest.com/static/js/fullpage.9.0.7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3200:1:149e:16c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 8ba195fffe0097e44a5dd29c35c092f10039e126cc9c4113330e8bf690c2461e

Request headers

Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 05:28:03 GMT
content-encoding: gzip
x-oss-request-id: 611B48DDCD803233323612DA
content-md5: P7aqz9WuLTiU8vALDV8yNg==
age: 15658
x-cache: Hit from cloudfront
x-oss-object-type: Normal
last-modified: Tue, 24 Mar 2020 07:16:39 GMT
server: AliyunOSS
etag: "3FB6AACFD5AE2D3894F2F00B0D5F3236"
vary: Accept-Encoding
content-type: text/css
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-oss-storage-class: Standard
x-amz-cf-pop: FRA2-C1
x-oss-hash-crc64ecma: 8727683345402674844
x-amz-cf-id: pi_FWlOKZWUynXRFnOAxO_oY7HaSmwhuKrCd97ljMhA_uwP5ekxx_w==
x-oss-server-time: 1
expires: Wed, 25 Mar 2020 07:16:37 GMT

GET
H/1.1 200
OK send Show response
monitor.geetest.com/monitor/ 2 B
331 B 752ms
286ms Script
text/html 47.95.165.133
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: https://monitor.geetest.com/monitor/send?time=2021-08-18%2011%3A48%3A55&captcha_id=203c9ad927d8c8677ea659d07bf107d8&challenge=2355d6d21581ce42a6d0edf4dca46640&pt=0&exception_url=.%2Fusercallback%2Finit&error_code=604&msg=%E7%94%A8%E6%88%B7%E5%9B%9E%E8%B0%83%E5%87%BD%E6%95%B0%E6%89%A7%E8%A1%8C%E5%BC%82%E5%B8%B8
Requested by: Host: static.geetest.com
URL: https://static.geetest.com/static/js/fullpage.9.0.7.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.95.165.133 Beijing, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: openresty /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://auth.hzywl.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 09:48:56 GMT
Server: openresty
Etag: "bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f"
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

GET
H/1.1 200
OK Cookie set SF_Music_Analysis.php Show response
auth.hzywl.top/SF_API/ 23 B
392 B 1774ms
1772ms XHR
application/json 193.243.164.168
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.hzywl.top/SF_API/SF_Music_Analysis.php
Requested by: Host: lib.baomitu.com
URL: https://lib.baomitu.com/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.243.164.168 , China, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: kangle/3.5 /
Resource Hash: 0f2ffdb5c66a386a1c790313532bda52e3ea63f6c50ceffa402145f10659b057

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: auth.hzywl.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://auth.hzywl.top/
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://auth.hzywl.top/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 09:48:57 GMT
Server: kangle/3.5
Transfer-Encoding: chunked
X-Cache: MISS from ææäºè
Content-Type: application/json; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Set-Cookie: PHPSESSID=e0cff0217f57521d75635b27d32e933d; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://auth.hzywl.top/(Line 993) Message: [object Object]
console-api	error	URL: https://static.geetest.com/static/js/fullpage.9.0.7.js(Line 1) Message: Error: UserCallBackError: 用户回调函数执行异常
console-api	error	URL: https://static.geetest.com/static/js/fullpage.9.0.7.js(Line 1) Message: Error: GeetestError: 传给appendTo接口的参数有误：只接受id选择器和DOM元素，并且需保证其存在于页面中
console-api	log	URL: https://cdn.bootcdn.net/ajax/libs/aplayer/1.10.1/APlayer.min.js?_=1629280132468(Line 1) Message: %c APlayer v1.10.1 af84efb %c http://aplayer.js.org color: #fadfa3; background: #030307; padding:5px 0; background: #fadfa3; padding:5px 0;
console-api	error	URL: https://auth.hzywl.top/assets/libs/layui/layui.js(Line 2) Message: Layui hint: index is not a valid module
console-api	error	URL: https://auth.hzywl.top/assets/libs/layui/layui.js(Line 2) Message: Layui hint: admin is not a valid module
console-api	error	URL: https://auth.hzywl.top/assets/libs/layui/layui.js(Line 2) Message: Layui hint: admin is not a valid module
console-api	error	URL: https://auth.hzywl.top/assets/libs/layui/layui.js(Line 2) Message: Layui hint: admin is not a valid module

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.geetest.com
api.ixiaowai.cn
auth.hzywl.top
cdn.bootcdn.net
lib.baomitu.com
monitor.geetest.com
static.geetest.com
tva4.sinaimg.cn
193.243.164.168
2408:873d:2010:6:2c::
2600:9000:20eb:3200:1:149e:16c0:93a1
2600:9000:2190:9000:1d:80d9:9400:93a1
2a05:d018:183:5c00:ac7b:4482:a4c3:4c44
42.63.21.217
47.95.165.133
79.133.177.229
0f2ffdb5c66a386a1c790313532bda52e3ea63f6c50ceffa402145f10659b057
15646c4b6f31f8ea94d1cbf7d8ac0d50a1f0ac75cc46c19ea0fa04c4928ec489
1eda9fa8691406cdb54a0498ab989d305af08c6b41288fb0f35924ad88fdadc8
2aa83aee413f9b91a2dcc536cfd6acd6e44b3fcdb59c26586e32d083396a8db5
431ff3f49bdf257fba233f0ce45629eb247146487aabcd8d70e4109209b67fb8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48e8896d9b89ae094dd86fbd19f6e929d5f1cee6efa658075bc75d2ed38772a6
55ccd1873149a6a0a7ec18c6cf4159ee0fe6e77fd6ad4971b423f4770d1a974a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6f37e58c00bcefa708b6bf9bd43b7f2af480708c18dd38ce5c6d2fd6b09e65c9
763c30063a00b2698ab3aa17948b5008a33d477fd7dfd45f11f3d4a49e29b73c
7a7f46163fa812585d8dbaa17f9b3493fc7d73a28af56d3ecb30efbe43bba16c
8ba195fffe0097e44a5dd29c35c092f10039e126cc9c4113330e8bf690c2461e
91ffac1a9d64f3dae4e8091b4feea25981e750d279cb71491b25dc24b33ecaf2
a9232726bb2de6df0e6b18cc93c4071e84e33ef172fa27972999a8c17cf37acc
add1840190041b98d2c3facdfc43ac873a2e7c759fe62034e5d984172acee5bb
ba2baf1bb08b0bff57cce75934bab7768c52567bf389479bed787004ae6e653b
baa4101a70dc9912af84ac1ce559b85d3d46436a15eadd54d0d47637db55f814
c38a32f8daeb2311aeabe3f07c338f7888d1344374b881223b72b6f5b750a71d
c73ad2fdbc6fc570d0545d3e076be6d9ff09501a6228efa1eb901550e02d46b3
dc4c16d1855a221cee1dba0a0e13ca39177e61a4446a3ba4ebfb0965094f5830
dd2047228188b4fb557c2f44a0d6e3c6b357dfc4fa72d80620cce872cd7bd5cf
dfd12d22cfbd7e47042db67b5e6915cc202ce05ac602a295bd7979c39771ee13
e98ec22436a5b6878d824f997ed8020fd8cb8261afe31294a3c9d0d07800c15a
fdff42a4b829d3780a0ca46811a095aab20170d4ed4f30502818ea5a25b6c0fd

auth.hzywl.top Open in urlscan Pro 193.243.164.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

25 Requests

36 %HTTPS

50 %IPv6

6 Domains

8 Subdomains

7 IPs

4 Countries

901 kBTransfer

1470 kBSize

0 Cookies

0 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

0 Cookies

8 Console Messages

Indicators

auth.hzywl.top Open in urlscan Pro
193.243.164.168 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

36 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

7
IPs

4
Countries

901 kB
Transfer

1470 kB
Size

0
Cookies

25 HTTP transactions
0 data transactions